last executing test programs: 4.543011579s ago: executing program 1 (id=4539): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000108500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) munlockall() 4.4322s ago: executing program 4 (id=4541): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890c, &(0x7f0000000000)) 4.266940185s ago: executing program 1 (id=4545): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x0) 3.884509318s ago: executing program 0 (id=4546): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x0, {}, 0xff}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 3.841660002s ago: executing program 4 (id=4547): r0 = socket$inet6(0xa, 0x6, 0x0) listen(r0, 0x0) r1 = socket$inet(0x10, 0x80803, 0x4000000000000004) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="4c0000001300ff09fffd956fa283b700008c001f0000000002007d3540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b07988100", 0x4c}], 0x1}, 0x0) 3.791764639s ago: executing program 1 (id=4548): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.state\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)) ioctl$SIOCSIFHWADDR(r0, 0x8b26, &(0x7f0000000200)={'wlan1\x00', @random}) 3.770682721s ago: executing program 0 (id=4549): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5543, 0x42, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x7, {[@local=@item_012={0x1, 0x2, 0x0, 'Z'}, @main=@item_012={0x0, 0x0, 0x9}, @local, @main=@item_012={0x2, 0x0, 0x8, "d1a8"}]}}, 0x0}, 0x0) 3.611941261s ago: executing program 1 (id=4550): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) 3.185251304s ago: executing program 4 (id=4554): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./bus\x00', 0x1000801, &(0x7f0000001680)=ANY=[@ANYRES32=0x0, @ANYRES8=0x0, @ANYBLOB="1cbb7569170ccaf80475b25edebf8d398c90a03f9e6821bb4b6ebb8b0d0221f80beacf5925a394d8899e18a7fdd770de2123327cfa21ddff73f2fc74bcbf6b14a07efd74b0eb8bcf21f27b611344e6830552f92eee6874fb62521d98b6adc448c58e9e213ecf7c9e046601d39c2ab438dec0e709571bfa28dd33f28758fbf5cc90b009621f140acdcca6254d0ba47c417b51ca06b8b4e1ed02884d42a32d8a58c7ec5da1fd4804732cee9cf6c498f0d1cc859b720daed8277884ffd0bb933c9a673a9c043b", @ANYBLOB="b0ed086982ae288c0ded88b546ef1c1e703d8f9c10354ca909cb45bfc2f978a7aedaae1ce91bb7cea3a037dd1cffbea6890ea96b05173bb55c37129d8a1763fb7c5ae6e47efff4f65eaa937effbb44a202528799b7421ce9c6a23ed76fce3919300aa25e9cd22ce700114242a870e3a1", @ANYRESOCT, @ANYRES8, @ANYBLOB="265c375a51dd6e4dfae03f35aa96c075b7a81828e19cae434d59872364b4945275141a1d8c3288bdba7de4f7565f8f9989ef21cc069e974d731b782bd3939f608f227226f10458476d5a0b704f77d9b09077243e32c3c64966b7f87048ae31ebf117f3c71f91ba7e9e231d44edc42dc038e93cdfec2ea21d2382804f40b80f00fc791879137b4c7b0000fec02e3fb106b665ce902a258aa357d3d0ee209e144676e71e53e2b3ce1841de48bd640e26b82cff5e6f09c5d163c3d74fc465d09f40982fd6c163c833e2a0d23b5ce93d4d7684d79d50ab63ac97ad2228d9245ea6cd2b2716a080a9834983a3f17fce25aabb68f12237c8308945ea7bdfb4b5498e94a92270170ba32bfddea991c7b1aa3db8bd4b0852a1ac8a973989c62720ac01de6b82d9e23d9ff6cba8314b34277bafe30e692417d6e41a3363a22e18c3e4b0373c491de5be29d858901c13eb0a8bf445933928392a0a78a08313c661fb4ae3b16322d136e9d51235", @ANYRES8, @ANYRES32, @ANYBLOB="61d2e34ea0bd69bb96aa8eb077e3b22c4ab0232b97157ab6bdaace3bbb0619276d8c893e839025f7422503f5880732c669e706057463a2071871d65a968d87c35d68900a8c4be49c34775eaa05aad7f236c77da675cf509ada69122e067bc62e6ce027b45ab461906ab2ddac2bbca99343ffba5f2f976692732c0efd035b939589aca64f7a99dc2438789a708862640c21fd60be6937e53ed824ee86cf3359fd1be57f4687c004ed9b8beed1e3077dad38559cc88f9b85cde0959001c6927a6bf731e4fe59e1bb3b3cd0f498eecc85fafc4e25b9cf1f930526d6c90f4ce246e4c1c1ad88302b1d06b713d9d4027303588304c5e1dc", @ANYBLOB="67f5da103353c8ef38b5b38e5b904e7c50624d0355647a0fb6fc8b71c4f25a5e0b98c9af789957e9299343aad54047ccdc965110151195a0e8a06c7a9c0ade0e1242e7cbe79f18945363747a0430f424df8627c34f11df7504aae464d007de8d880719f3772e12d4528bbe0815188ede3b25b6bf34869699bd226a11298f53ade3d97636d4b0112ea833d44628c612506ced2d2c226cdf90f647c2f988941081193ae81aa168a1028b", @ANYRES32=0x0], 0x2, 0x1d3, &(0x7f00000008c0)="$eJzsmb2vEkEUxc/M7oPnizGxsbDRxJeIEZbdRQ0NBSb2JuBXJ5GVoAsYWBMgsSA2NpYWJrb+AxYWVBZ2drZaqImJhZTWa2YYdsflQ4ghkrz7S5g9M3Nn5s4FTgEgCOLI8u3rry/PrxarWQDHcYi0Gv9hxDFci//88vHFF6Vrr958ev2+feLJOLkfAxCG659vAnhXNhCofhj+ufpQPavgkb4BjgtK3wKDpfRdcNxU2gPDHaUfaLpzTAnfs+51/Pr9pu/ZonFE44qmkMxvMmKoA9hX+TFtvjcYPqz5vtdNir1wds7c1KbiL/UzJ2WOklY/8X7dfvZ0JPqz2tha/RxwOEoXwFBRuog0LMuKS6Ld/7QZ72+sc/9dECdzq2KyO5Ahif8gWHJEfKGjkVOT8Yf5Vd+3mdjZ7V5ZGheAuamPB/+2c0qZwMKY2D+F5Z7X/MmEGflHPmg9yvcGw1yzVWt4Da/tuoUr9iXbvuzmpRFN2xX+ty/96UDbf29JbIql0K8FQdfpA0HXifrutNUct/K281Ou4dL/ODLnpnuIj4q8dnrxGUy9uHwKlTGWJk8QBEEQBEEQBEEQBEEQBLERZ8Dkr6Dqj6pwCe51Gf07AAD//8+DaM4=") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) stat(&(0x7f00000000c0)='./file0/file0/..\x00', 0x0) 2.808269741s ago: executing program 4 (id=4556): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x4000, &(0x7f0000001e40)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5ff2cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb69658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bed545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177df97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b808451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5060000001c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000810600000000000000c4000000"], 0xff, 0x5e0a, &(0x7f000000c740)="$eJzs3U9vHGcdB/Df/vH6T2kbVagKEQc3hdJSmv8JlH9NOXCAA0ioZxK5bhVIASUB0SoirnJAXICXAJdeOPQt8AL6GhAvgEg2px4og8Z+nmQ8XmcdEu/s+vl8JGfmN8+O95l8PZ5dz8w+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADED77/k7O9iLjym7TgWMTnYhDRj1iu69WoZy7nxw8j4nhsN8fzETFYjKjX3/7n2YgLEfHJMxGbW7fX6sXnDtiPi2du3fjsh9/7x+//dPf4z97+6Uft9h9//vzHf7gTcexHr3/82Z0ns+0AAABQiqqqql56m38ivb/vd90pAGAq8vG/SvJytVqtVj/R+o/92eqPutC6qRrvTrOIiI3mOvVrBqfjAWDObMSnXXeBDsm/aMOIeKrrTgAzrdd1BzgUm1u313op317zeLC6057/Trkr/43e/fs79ptO0r7GZFo/X3djEM/t05/lKfVhluT8++38r+y0j9LjDjv/adkv/9HOrU/FyfkP2vm37Mr/zxExt/n3x+Zfqpz/8FHy3xjM8f4vfwAAAAAAjr789/9jHZ//XXz8TTmQh53/XZ1SHwAAAAAAAADgSXvc8f/uM/4fAAAAzKz6vXrtL888WLbfZ7HVy9/qRTzdejxQmNXGhwMCAAAAAAAAAAAAANMxjFhJ1/UvRMTTKytVVdVfTe36UT3u+vOu9O2HknX9Sx4AAHZ88kzrXv5exFJEvJU+629hZWWlqpaWV6qVankxv54dLS5Vy433tXlaL1scHeAF8XBU1d9sqbFe06T3y5Pa29+vfq5RNThAx6ajw8ABICJ2jkabjkhHTFU9G12/ymE+2P+PHvs/B9H1zykAAABw+Kqqqnrp47xPpHP+/a47BQBMRT7+t88LqNVqtVqtPnp1UzXenWYRERvNderXDIbjB4A5sxGfdt0FOiT/og0j4njXnQBmWq/rDnAoNrdur/VSvr3m8WB1pz1fC7Ir/43e9np5/XHTSdrXmEzr5+tuDOK5ffrz/JT6MEty/v12/ld22vMQ/4ed/7Tsl3+9ncc66E/Xcv6Ddv4tRyf//tj8S5XzHz5S/gP5AwAAAADADMt//z/m/G/eZAAAAAAAAACYO5tbt9fyfa/5/P8Xxzyu15xz/+eRkfPvHTh/9/8eJTn/fjv/1gU5g8b8vTcf5P/vrdtrH9361xfydObzXxiM6ude6PUHw3TNT7XwTlyL67EeZ/Y8frir/eye9oVd7ecmtJ/f0z6q25dz+6lYi1/G9Xj7fvvihAujlia0VxPac/4D+3+Rcv7Dxled/0pq77WmtXsf9vfs983puOe5/Lf/vLR375q+uzG4v21N9fad7KA/2/8nT43i1zfXb5z67dVbt26cjTTZtfRcpMkTlvNfSF85/5df3GnPv/eb++u9D0ePnP+suBvDffN/sTFfb+8rU+5bF3L+o/SV889HoPH7/zznv//+/2oH/QEAAAAAAAAAAAAAAICHqapq+xbRyxFxKd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49e3VSN90aziIi/N9epXzP8btw3AwBm2X8j4p9dd4LOyL9g+fP+6umXuu4MMFU33//g51evX1+/cbPrngAAAAAAAAAA/688/udqY/zn7euAWuNG7xr/9c1YndvxP/ujwfZY52mDXoiHj/99Mh4+/vdwwvMtTGgfTWhfnNC+NKF97I0eDTn/F1LGOf8TacNKGv/15Q7607Wc/8k01nPO/yutxzXzr/46z/n3d+V/+tZ7vzp98/0PXrv23tV3199d/8XZM5cunL944fzFi6ffuXZ9/czOvx32+HDl/PPY164DLUvOP2cu/7Lk/L+cavmXJef/UqrlX5acf369J/+y5Pzzex/5lyXn/0qq5V+WnP9XUy3/suT8X021/MuS8/9aquVflpz/a6mWf1ly/qdSLf+y5PxPp1r+Zcn55zNc8i9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXnfzHV8i9Lzv9SquVflpz/11Mt/7Lk/L+RavmXJef/eqrlX5ac/zdTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5fzfV8i9Lzv+NVMu/LA8+/9+MGTNm8kzXv5kAAAAAAAAAAAAAgLZpXE7c9TYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkau+7wB+9mavDQE33IkDtrkZWNhd38AhBpOElJJeKAlp05Iax14bJ77Vu+YmVDaFtkRBKlL7QB+aJlEaRWorUBWpqUQjpEZq35qnRrxErZQHP0DloKRSqsBWZ+b//3tmdnZmfRl75vw/H2T/vDtnZv5z5szZ/S76zgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACN1n985s+GiqIo/9T+WlMUF5f/XlXsLD+c33ahVwgAAACcrfdqf//9pekTO5dxpYZt/u26//juwsLCQvGFd0+8/xcLC+mCdUUxsrIoapdF//6Lny80bhO8UIwPDTd8PNzl7ke6XD7a5fKxLpev6HL5yi6Xj3e5fNEOWGRV/ecxtRu7sfbPNfVdWlxejNUuu7HNtV4YWjk8HH+WUzNUu87C2L7iQHGwmCmmFl1nqPZfUbyxvryvB4t4X8MN97W2KIqTP31uT1zDUNjHNxZNd1bT+Ny9c3+x7t2fPrfn23NvX9Nudt0Ni1ZaFBs3lOt8sShO/biqGCpWpn0S1zncsM61bdY50rTOodr1yn+3rvPkMtcZH/d4WOcPO6xzbfjc0zcURTFfLLlNqxeK4WJ1y72m/T1ePyLK2yifyg8Wo6d1nKxfxnFSXucnNzQfJ63HZNz/68M+GV1iDY1PxztfXrFov5/pcVI+6n44Vsvbfri80/Hxxh+tNh2r5TbP3bT0MdD2uWtzDKRjueEY2NDtGBheMVI7BoZPrXlD0zEwveg6w8VQ7b5O3NT5GJicO3R0cvaZZ+84cGj3/pn9M4enp7Zt2bx1y+atWyf3HTg4M1X/+/R26QBZXQynY3BDONfEY/CWlm0bD8mFb5y718F4n7wOysf+mZvLBV08XCxxjJfbvLjx7F8H6et+w+tgtOF10Pac2uZ1MLqM10G5zcmNy/uaOdrwp90aenUuXNNwDFzIr4flfT5269LnwrVhXS/ddrpfD0cWHQPxYQ2F1175mfT93vjdYb8sPi6uLS+4aEVxfHbm2J1P756bOzZdhHFeXNbwXLUeL6sbHlOx6HgZPu3jZeff/fLma9t8fk3YV+O3d36uym22THR+rmpn9/b7s+mzm4owzrHzvT/bfTUr92fKEh32Z7nNi3ec/feCKZc0nP/Gup3/RsZG6+e/kbQ3xprOf4ufmpHayori5B3LO/+NhT/n+/x3eZ+c/8p99didnY+BcpuXJk/3GBjteP67IcyhsJ5bQ2IYb8j979cun68fpg3PZdfjZnR0LBw3o/Eem4+bzYuuU95aed8bp87suNl4Q/Nz1fR9SwWPm3Jf/eVU5+Om3ObN6bM/d6yK/2w4d6zodgyMjawo1zuWDoL6+W5hVTwG7iz2FEeKg8XedJ3yWS7va2LT8o6BFeHP+T53XN0nx0C5r17d1PkYKLf5weZz+73TxvCZtE3D906tP19YKvNfO3rq9lp327nO/OU6P7Gl88+Gym3e3nK6OaPzfro9fOaiNvup9fWz1DG9tzg/++nqsM6DWzv/bKrc5vJtyzyedhZF8db0W7Wfd4Wf7/7j8f/8btPPfdv9TPmt6bcemnzkR6ezfgAAztz7tb/nV9S/12z4P9bL+f//AAAAwECIuX84zET+BwAAgMqIuX8kzET+BwAAgMqIuX80zCST/P/E3dtfe+/5Ir0b4EIQL4+74eF769vFjvd8+Hjdwinl5z/2rbHXvvL88u57uCiKXz70obbbP3FvXFfd0bjOjzR/fpGrr1/W/T/+6KntGt8/4eT2+u3Hx7PcwyB2ld+Y3FS73XXPTNfmmw8VtfnI/Esv1G+//nHc/sTm+vZ/Hd60ZOe+oabrbwzruTHMdeE9ZR7eeWo/lDNe77W11/3rZZ89dX/xekMbLqk9zFf/qH678T2iXrmsvn183Eut/1+++p3Xyu2fvqn9+p8fbr/+E+F2fxLmL3bUt2/c519pWP+fhPXH+4vXu/Ob32+7/tevqm//ejguvh5m6/rv//MPv9fu+Yr3s/Oe+vXi/U/975ba9eLtxdtvXf/489NN+6P19t98t347O5782Ujj9vHz8X6ix+9pPr6HwvPb1CMviuI7f1o07efio/Xr/XPL+uPtHb2n/fpvb1nn0aHra9c/9XjWND2ur/3tpraPN65n5z+saXo8rzwQ9t+7kz8ob/fEI+F4DJf/3w/rt9f6XqavP9B8vonbf31N/XUbb2+yZf2vtKx//vpy33Vf/4Pv1tf/+n0rm9a/85PheHqwPrutf//fXNp0/W98u/58HHtq4vCR2eMH9jbs1cbX8crxVasvuvgDl1wazqWtH+86MvfEzLF1U+umimLdAL5lYK/X/80w/6c+5s/9PdT96Gf14+7lT9W/bt3y8/rHr4TPPx6ez/j18Wt/NdZ0vLY+7/P31efZrv+2sI7luuqr/339sjY88fk3jv/TH7/d+n1BfDxHrxivPb5X119Zu2zozfrlreerbv7riubX9Y9Hp2rze2G/LoR3Zt5wZf3+Wm8/vjfJy5+uv37jd3Lx+kXL+4msGWl+HGe7/h+H72O+f3Xz+S8eH997vuXdnNcUQ+US5sP5oZivXx63ivv75ZNXtr2/+D48xfw1p7PMJc0+Mzt58MDh409Pzs3Mzk3OPvPsrkNHjh+e21V779JdX+x2/VOv79W11/femW1bitqr/Uh99NiFXv/RR/fsvWvq5r0z+3Yf3zf36NGZY/v3zM7umdk7e/Pufftmnup2/QN7d0xv2r75rk0T+w/s3XH39u2bt08cOHykXEZ9UV1sm/rSxOFju2pXmd2xZfv01q1bpiYOHdk7s+OuqamJ492uX/vaNFFe+8mJYzMHd88dODQzMXvg2Zkd09u3bdvU9d0fDx3dN7tu8tjxw5PHZ2eOTdYfy7q52qfLr33drk8eZo+E812LofDd+edu35beH7f0rS8veVP1TZq/PS3eCe8FFb++dfs45v6xMJNM8j8AAADkIOb+8Mb/py6Q/wEAAKAyYu5fGWYi/wMAAEBlxNw/HmaSSf7X/9f/1//X/9f/1//vJf1//f9O9P/1/wd5/fr/+v9012/9/5j7VxVFlvkfAAAAchBz/+owE/kfAAAAKiPm/ovCTOR/AAAAqIyY+y8OM8kj/4+1/lP/X/9f/7+x/x+31f8v9P/1/8+Q/r/+fyf6//r/g7z+Puz/r9L/p9/0W/8/5v4PhJnkkf8BAAAgCzH3XxJmIv8DAABAZcTcf2mYifwPAAAAlRFz/5owk0zyv9//r/+v/+/3/+v/6//3kv6//n8n+v/6/4O8/j7s//v9//Sdfuv/x9z/K2EmmeR/AAAAyEHM/R8MM5H/AQAAoDJi7r8szET+BwAAgMqIuf/yMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9x/RZhJJvkfAAAAchBz/5VhJvI/AAAAVEbM/VeFmcj/AAAAUBkx918dZpJJ/tf/1//X/9f/1//X/+8l/X/9/070//X/B3n9+v/6/3TXb/3/mPuvCTPJJP8DAABADmLuvzbMRP4HAACAyoi5/0NhJvI/AAAAVEbM/WvDTDLJ//r/+v/6//r/+v/6/700WP3/4SUv0f+v0/9vpv+v/6//r/9PZ/3W/4+5/8NhJpnkfwAAAMhBzP3XhZnI/wAAAFAZMfdfH2Yi/wMAAEBlxNy/Lswkk/yv/6//r/+v/6//r//fS4PV/1+a/n+d/n8z/X/9f/1//X8667f+f8z968NMMsn/AAAAkIOY+zeEmcj/AAAAUBkx998QZiL/AwAAQGXE3H9jmEkm+V//X/9f/1//X/9f/7+X9P/1/zvR/9f/H+T16/8vr/+/otsNUWn91v+Puf+mMJNM8j8AAADkIOb+m8NM5H8AAACojJj7bwkzkf8BAACgMmLu3xhmkkn+1//X/9f/1//X/9f/7yX9f/3/TvT/9f8Hef36/37/P931W/8/5v5bw0wyyf8AAACQg5j7bwszkf8BAACgMmLuvz3MRP4HAACAyoi5fyLMJJP8r/+v/6//r/+v/6//30tV7f+n86j+v/6//r/+v/6//j9L6rf+f8z9d4SZZJL/AQAAIAcx998ZZiL/AwAAQGXE3D8ZZiL/AwAAQGXE3D8VZpJJ/tf/1//X/9f/1//X/++lqvb//f5//f9C/1//X/9f/5+u+q3/H3P/dJhJJvkfAAAAchBz/6YwE/kfAAAAKiPm/s1hJvI/AAAAVEbM/VvCTDLJ//r/+v/6//r/+v/6/72k/6//34n+v/7/IK9f/1//n2bDbT7Xb/3/mPu3hplkkv8BAAAgBzH3bwszkf8BAACgMmLuvyvMRP4HAACAyoi5/+4wk0zyv/6//r/+v/6//r/+fy/p/+v/d6L/r/8/yOvX/9f/p7t+6//H3L89zCST/A8AAAA5iLn/I2Em8j8AAABURsz994SZyP8AAAAwUNr9HsIo5v6Phplkkv/1/6ve/19Yqf+v/6//33n9+v+9pf+v/9+J/r/+/yCvX/9f/5/u+q3/H3P/jjCTTPI/AAAA5CDm/nvDTOR/AAAAqIyY++8LM5H/AQAAoDJi7t8ZZpJJ/tf/r3r/3+//1//X/++2fv3/3tL/1//vRP9/MPv/4dsW/f8+6v+Xx5D+P/2o3/r/MfffH2aSSf4HAACAHMTc/7EwE/kfAAAAKiPm/o+Hmcj/AAAAUBkx938izCST/K//r/+v/6//r/+v/99L+v/6/53o/w9m/z/S/++f/r/f/0+/6rf+f8z9D4SZZJL/AQAAIAcx938yzET+BwAAgMqIuf9Xw0zkfwAAAKiMmPsfDDPJJP/r/+v/6//r/+v/6//3kv6//n8n+v/6/4O8fv1//X+667f+f8z9vxZmkkn+BwAAgBzE3P9QmIn8DwAAAJURc/+nwkzkfwAAAKiMmPt/Pcwkk/yv/39++v/D6fb1//X/9f/1//X/zyX9f/3/Qv//jF3o/vygr1//X/+f7vqt/x9z/2+EmWSS/wEAACAHMff/ZpiJ/A8AAACVEXP/b4WZyP8AAABQGTH3Pxxmkkn+1//3+//1//X/9f/1/3tJ/1//vxP9f/3/QV6//r/+P931W/8/5v7fDjPJJP8DAABADmLufyTMRP4HAACAyoi5/9NhJvI/AAAAVEbM/Z8JM8kk/+v/6//r/+v/6//r//eS/r/+fyf6//r/g7x+/X/9f7rrt/5/zP2Phplkkv8BAAAgBzH3fzbMRP4HAACAyoi5/3fCTOR/AAAAqIyY+383zCST/K//r/+v/6//r/+v/99L+v+L+//lOexC9v9XLGdD/f9l0f/X/9f/1/+ns37r/8fc/7kwk0zyPwAAAOQg5v7fCzOR/wEAAKAyYu7//TAT+R8AAAAqI+b+x8JMMsn/+v/6//r/+v/6//r/vaT/7/f/d6L/r/8/yOvX/9f/p7t+6//H3P/5MJNM8j8AAADkIOb+Pwgzkf8BAACgMmLu3xVmIv8DAABAZcTc/3iYSSb5X/9f/1//X/9f/1//v5f0//X/O9H/1/8f5PXr/+v/012/9f9j7t8dZpJJ/gcAAIAcxNz/hTAT+R8AAAAqI+b+PWEm8j8AAABURsz9e8NMMsn/+v/6//r/+v/6//r/vaT/r//fif6//v8gr1//X/+f7vqt/x9z/0yYSSb5HwAAAHIQc/++MBP5HwAAACoj5v79YSbyPwAAAFRGzP1PhJlkkv/1//X/9f/1//X/9f97Sf9f/78T/X/9/0Fev/6//j/d9Vv/P+b+A2EmmeR/AAAAyEHM/V8MM5H/AQAAoDJi7v9SmIn8DwAAAJURc//BMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9x/KMwkk/wPAAAAOYi5/3CYifwPAAAAlRFz/5EwE/kfAAAAKiPm/qNhJpnkf/1//X/9f/1//X/9/17S/9f/70T/X/9/kNev/6//T3f91v+Puf8Pw0wyyf8AAACQg5j7j4WZyP8AAABQGTH3z4aZyP8AAABQGTH3z4WZZJL/9f/1//X/9f/1//X/e0n/X/+/E/1//f9BXr/+v/4/3fVb/z/m/uNhJpnkfwAAAMhBzP1PhpnI/wAAAFAZMfc/FWYi/wMAAEBlxNz/dJhJJvlf/1//X/+/b/r/9Z6f/r/+v/7/adH/1/8v9P/P2IXuzw/6+vX/9f//n7273BXtLOI4fAohkBDCtXAFXALXwGXgLsXd3d3d3d3dHQrFNSkJZ2ZKaLvWqSz2u2ae58uk7U765uxP/5z8sti3Wv+fu/9eccuQ/Q8AAAAT5O6/d9xi/wMAAEAbufvvE7fY/wAAANBG7v77xi1D9r/+X/+v/1+m//f9//y96v/1/zeD/l//f0n/f4tddD9/9vfr//X/7Fut/8/df7+4Zcj+BwAAgAly998/brH/AQAAoI3c/Q+IW+x/AAAAaCN3/wPjliH7X/+v/9f/6//1//r/I+n/9f9b9P/6/zO/X/+v/2ffav1/7v4HxS1D9j8AAABMkLv/wXGL/Q8AAABt5O5/SNxi/wMAAEAbufsfGrcM2f/6f/2//l//r//X/x9J/6//36L/1/+f+f36f/0/+1br/3P3PyxuGbL/AQAAYILc/Q+PW+x/AAAAaCN3/yPiFvsfAAAA2sjd/8i4Zcj+1//r//X/+n/9v/7/SPp//f8W/b/+/8zv1//r/9l3eP9/j6v/c6+0/8/df3XcMmT/AwAAwAS5+x8Vt9j/AAAA0Ebu/kfHLfY/AAAAtJG7/zFxy5D9r//X/1/f/193lf5f/6//v/7f6/9vG/p//f8W/f+q/f+V/Uno//X/+n/2HN7/7/T+//vPufsfG7cM2f8AAAAwQe7+x8Ut9j8AAAC0kbv/8XGL/Q8AAABt5O5/QtwyZP/r//X/vv+v/9f/6/+PpP/X/2/R/6/a//v+/63t/+9+Be/X/zPBav1/7v4nxi1D9j8AAABMkLv/SXGL/Q8AAABt5O5/ctxi/wMAAEAbufufErcM2f/6f/2//l//r//X/x9J/6//36L/1/+f+f2+/6//Z99q/X/u/qfGLUP2PwAAAEyQu/9pcYv9DwAAAG3k7n963GL/AwAAQBu5+58RtwzZ//p//b/+X/9/q/r/2+v/9f/b9P/6/y36f/3/md+v/9f/s2+1/j93/zPjliH7HwAAACbI3f+suMX+BwAAgDZy9z87brH/AQAAoI3c/c+JW4bsf/2//l//r//3/X/9/5H0/+36/6v0/9fT/+v/9f/6f7at1v/n7n9u3DJk/wMAAMAEufufF7fY/wAAANBG7v7nxy32PwAAALSRu/8FccuQ/a//1//r//X/+n/9/5H0/+36f9///y/6f/2//l//z7bV+v/c/S+MW4bsfwAAAJggd/+L4hb7HwAAANrI3f/iuMX+BwAAgDZy978kbhmy//X/+n/9v/5f/6//P5L+X/+/Rf9/4/3/nW7i/6f/X+v9+n/9P/tW6/9z9780bhmy/wEAAGCC3P0vi1vsfwAAAGgjd//L4xb7HwAAANrI3f+KuGXI/r+p/v/aO1/+7/r/K6P/v/H36//1//p//b/+X/+/Rf/v+/9nfr/+X//PvtX6/9z9r4xbhux/AAAAmCB3/6viFvsfAAAA2sjd/+q4xf4HAACANnL3vyZuGbL/ff9f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P2vjVuG7H8AAACYIHf/6+IW+x8AAADayN3/+rjF/gcAAIA2cve/IW4Zsv/1//r/C+//b6f/T/r/+L3q//X/N4P+X/9/Sf9/i110P3/29+v/9f/sW63/z93/xrhlyP4HAACACXL3vylusf8BAACgjdz9b45b7H8AAABoI3f/W+KWIftf/6//v/D+3/f/i/4/fq/6f/3/zaD/1/9f0v/fYhfdz5/9/fp//T/7Vuv/c/e/NW4Zsv8BAABggtz9b4tb7H8AAABoI3f/2+MW+x8AAADayN3/jrhlyP7X/+v/9f/6f/2//v9I+n/9/xb9v/7/zO/X/+v/2bda/5+7/51xy5D9DwAAABPk7n9X3GL/AwAAQBu5+98dt9j/AAAA0Ebu/vfELUP2v/7/7P3/Pa+JF+j/9f/6f/3/kvT/+v8t+n/9/5nfr//X/7Nvtf4/d/9745Yh+x8AAAAmyN3/vrjF/gcAAIA2cve/P26x/wEAAKCN3P0fiFuG7P8Z/f8dbvBjffp/3//X/+v/9f9r0//r/7fo//X/Z36//l//z77V+v/c/R+MW4bsfwAAAJggd/+H4hb7HwAAANrI3f/huMX+BwAAgDZy938kbhmy/2f0/zek/7/sNu//r7ur/l//X/T/+v9L+n/9/w79v/7/zO/X/+v/2bda/5+7/6Nxy5D9DwAAABPk7v9Y3GL/AwAAQBu5+z8et9j/AAAA0Ebu/k/EDXe7y8U96f9K/6//9/1//b/+X/9/JP2//n+L/l//f+b36//1/+xbrf/P3f/JuMXf/wMAAEAbufs/FbfY/wAAANBG7v5Pxy32PwAAALSRu/8zccuQ/a//1//r//X/+n/9/5H0//r/Lfp//f+Z36//1/+zb7X+P3f/Z+OWIfsfAAAAJsjd/7m4xf4HAACANnL3fz5usf8BAACgjdz9X4hbhux//b/+X/+v/9f/6/+PpP/X/2/R/+v/z/x+/b/+n32r9f+5+78YtwzZ/wAAADBB7v4vxS32PwAAALSRu//LcYv9DwAAAG3k7v9K3DJk/+v/9f/6f/2//l//fyT9v/5/i/5f/3/m9+v/9f/sW63/z93/1bhlyP4HAACACXL3fy1usf8BAACgjdz9X49b7H8AAABoI3f/N+KWIfu/c/+/9WP6/8v0//r/S/p//f/B9P/6/y36f/3/md+v/9f/s2+1/j93/zfjliH7HwAAACbI3f+tuMX+BwAAgDZy9387brH/AQAAoI3c/d+JW4bs/879/xb9/2X6f/3/Jf2//v9g+n/9/xb9v/7/zO/X/+v/2bda/5+7/7txy5D9DwAAABPk7v9e3GL/AwAAQBu5+78ft9j/AAAA0Ebu/h/ELUP2v/5f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P0/jFuG7H8AAACYIHf/j+IW+x8AAADayN3/47jF/gcAAIA2cvf/JG4Zsv/1//p//b/+X/+v/z+S/l//v0X/r/8/8/v1//p/9q3W/+fu/2ncMmT/AwAAwAS5+38Wt9j/AAAA0Ebu/p/HLfY/AAAAtJG7/xdxy5D9r//X/+v/9f/6f/3/kfT/+v8t+n/9/5nfr//X/7Nvtf4/d/8v45Yh+x8AAAAmyN3/q7jF/gcAAIA2cvf/Om6x/wEAAKCN3P2/iVuG7H/9v/5f/6//1//r/4+k/9f/b9H/6//P/H79v/6ffav1/7n7r4lbhux/AAAAmCB3/2/jFvsfAAAA2sjd/7u4xf4HAACANnL3Xxu3DNn/+n/9f8v+/476f/2//n8V+n/9/xb9v/7/zO/X/+v/2bda/5+7//dxy5D9DwAAABPk7v9D3GL/AwAAQBu5+/8Yt9j/AAAA0Ebu/j/FLUP2v/5f/9+y//f9f/2//n8Z+n/9/xb9v/7/zO/X/+v/2bda/5+7/89xy5D9DwAAABPk7v9L3GL/AwAAQBu5+/8at9j/AAAA0Ebu/r/FLUP2v/5f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P1/j1uG7H8AAACYIHf/P+IW+x8AAADayN3/z7jF/gcAAIA2cvf/K24Zsv/1//p//b/+X/+v/z+S/l//v0X/r/8/8/v1//p/9q3W/+fu/3cAAAD//1pJMZk=") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) open(&(0x7f00000000c0)='./bus\x00', 0x14927e, 0x0) 2.765366335s ago: executing program 3 (id=4557): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000780)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 2.552052476s ago: executing program 3 (id=4559): syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802) r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r0, 0x207a98, 0x0, 0x0, 0x0, 0x0) 2.281219448s ago: executing program 3 (id=4561): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x8}}, 0x5c}}, 0x0) 2.061796164s ago: executing program 1 (id=4563): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x3e, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x7, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x5, "ca8209"}]}}}}}}}, 0x0) 1.820427649s ago: executing program 3 (id=4565): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x10, &(0x7f0000000680), 0xfe, 0x252, &(0x7f00000003c0)="$eJzs3TFoJFUcBvBvZne9y90ipzaCqAciooFwdoLN2SgcyHGICCqciNgoiRAT7BIrGwutVVKJEMTOaClpgo0iWEVNERtBg4XBQouV3Ulk3USjbrJzZH4/mGRm5735v2Hne7PN7AZorAtJLidpJZlO0klSDDe4WC0X9jZXpjauJ73eEz8Xg3bVdmW/3/kky0keSrJeFnmpnSyuPbP96+Zj97250Ln3/bWnpyZ6knt2trce333v6hsfX3lw8cuvf7xa5HK6fzmv41cc8lq7SG49iWI3iKJd9wj4N6699tE3/dzfluSeQf47KVO9eW/N37TeyQPv/l3ft3/66o5JjhU4fr1ep38PXO4BjVMm6aYoZ5JU62U5M1N9hv+2da58eW7+1ekX5xZmX6h7pgKOSzfZevTTM5+cH8n/D60q/8Dp1c//k9dWv+uv77bqHg0wEXdW//r5n35u6f7IPzSO/ENzyT8013j5v3giYwImw/0fmkv+obnkH06xzj/vln9oLvmH5pJ/aK7h/AMAzdI7U/cTyEBd6p5/AAAAAAAAAAAAAAAAAACAg1amNq7vL5Oq+fk7yc4jSdqH1W8Nfo84OTv4e+6Xot/sT0XVbSzP3j3mAcb0Yc1PX9/8fb31v7ir3vpLs8ny60kutdsHr79i7/r7/245Yn/n+TEL/EfFyPbDT022/qjfV0++xgdD62dH9l3ZTD7rzz+XDpt/ytw+1Gt0/uke/RXLR3rltzEPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMT8EQAA///wCW4b") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x3) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 1.818661619s ago: executing program 1 (id=4566): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2d5a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)={0x0, 0x0, 0x5, {0x5, 0x0, "820027"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) gettid() 1.688201364s ago: executing program 2 (id=4567): r0 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 1.685056974s ago: executing program 4 (id=4568): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb8, 0xb8, 0x2, [@enum={0x0, 0xa, 0x0, 0x6, 0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}, @struct={0x0, 0x3, 0x0, 0x4, 0x0, 0x0, [{}, {}, {0x0, 0x1}]}]}}, 0x0, 0xd2, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r0 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, &(0x7f0000000180)) 1.592122257s ago: executing program 2 (id=4569): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000007d00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4) sendmsg$nl_netfilter(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x14, 0x0, 0x6, 0x401}, 0x14}}, 0x0) 1.518207292s ago: executing program 2 (id=4570): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x557, &(0x7f0000000280)="$eJzs3c9qG8cfAPDvynb+Ob9fHAih7aEYcmhKGjm2+yeFHtJjaUMDfYBU2BsTLEfBkkPsBpocmksvJRRKaaD0AXrvMfQF+hSBNhBKMO2hF5eVV7FiS5ZsK7FSfT6w9szuyrOj2e94RiOhAAbWePajEPFqRHyTRBxrOjYc+cHx9fNWn9yaybYk1tY++zOJJN/XOD/Jf4/mmVci4tevIs4UtpZbXV6ZL5XL6WKen6gtXJ+oLq+cvbpQmkvn0mtT09Pn35meev+9d3tW1zcv/f39pw8+Ov/1qdXvfn50/F4SF+Jofqy5HntwuzkzHuP5czISFzadONmDwvpJst8XwK4M5XE+ElkfcCyG8qgH/vu+jIg1YEAl4h8GVGMc0Jjb92ge/NJ4/OH6BGhr/ZP110biUH1udGQ1eWZmlM13x3pQflbGL3/cv5dt0bvXIQA6un0nIs4ND7fv/3bvXBfnbC5D/wcvzoNs/PNWq/FP4en4J1qMf0ZbxO5udI7/wqMeFNNWNv77oOX49+mi1dhQnvtffcw3kly5Wk6zvu3/EXE6Rg5m+e3Wc86vPlxrd6x5/JdtWfmNsWB+HY+GDz77mNlSrbSXOjd7fCfitQ7j36RF+2fPx6UuyziZ3n+93bHN9T+8p9rs3NpPEW+0bP+NFa1k+/XJifr9MNG4K7b66+7J39qV37n9n6+s/Y9sX/+xpHm9tpp3CDvw46F/0nbHxpN80XQH93/z3PVAvu9mqVZbnIw4kHwSW/ZPbTy2kW+cn9X/9Knt+79W9392n37eZf3vnrjb9tR+aP/ZHbX/zhMPP/7ih3bld9f/vV1Pnc73dNP/dXuBe3nuAAAAAAAAoN8UIuJoJIXi03ShUCyuv7/jRBwplCvV2pkrlaVrs1H/rOxYjBQaK92jTe+HmMzfD9vIT23KT0fE8Yj4duhwPV+cqZRn97vyAAAAAAAAAAAAAAAAAAAA0CdGNz7/PxRNn//P/D60zxcHPH++8hsGV8f478U3PQF9yf9/GFziHwaX+IfBJf5hcIl/GFziHwaX+IfBJf4BAAAAAAAAAAAAAAAAAAAAAAAAAACgpy5dvJhta6tPbs1k+dkby0vzlRtnZ9PqfHFhaaY4U1m8XpyrVObKaXGmstDp75UrleuTU7F0c6KWVmsT1eWVywuVpWu1y1cXSnPp5XTkhdQKAAAAAAAAAAAAAAAAAAAAXi7V5ZX5UrmcLkpI7Cox3B+XIdHjxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw4d8AAAD//0gqNi0=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000240)='./bus\x00', 0x0) renameat2(r0, &(0x7f00000001c0)='./file1\x00', r0, &(0x7f0000000200)='./bus/file0\x00', 0x1) 1.329032055s ago: executing program 3 (id=4572): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) 1.170085937s ago: executing program 0 (id=4573): set_mempolicy(0x0, &(0x7f0000000000)=0x10001fc, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x10}, 0x1c) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x20000000) 1.108258734s ago: executing program 5 (id=4574): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000180)=0x8, 0x4) syz_emit_ethernet(0xfdef, &(0x7f0000001b80)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa000801"], 0x0) 967.504694ms ago: executing program 2 (id=4575): r0 = socket$rxrpc(0x21, 0x2, 0xa) r1 = socket$rxrpc(0x21, 0x2, 0x2) sendto$rxrpc(r1, 0x0, 0x0, 0x0, 0x0, 0x0) bind$rxrpc(r0, &(0x7f0000000080)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e24, @broadcast}}, 0x24) 850.383626ms ago: executing program 0 (id=4576): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a3000"], 0x7c}}, 0x0) 761.25937ms ago: executing program 5 (id=4577): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus\x00', 0x0) 656.316299ms ago: executing program 3 (id=4578): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @dev, 0xd}, 0x1c) recvmmsg(r0, &(0x7f00000048c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 655.483002ms ago: executing program 4 (id=4579): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10) r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000080040b827ed010000000000010902240001000000000904000001030000000921000000012205000905810300"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000006c0)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="002208000000aa8cc8a9"], 0x0}, 0x0) 654.844594ms ago: executing program 5 (id=4580): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x14}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000f40)={r1, 0x609, 0xe, 0x0, &(0x7f0000000b40)="dd80000000000002000400000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 493.796095ms ago: executing program 2 (id=4581): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$l2tp(r0, &(0x7f00000000c0), 0x10) sendto$l2tp(r0, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10) recvfrom$l2tp(r0, 0x0, 0xfffffffffffffcce, 0x0, 0x0, 0x0) 418.499462ms ago: executing program 5 (id=4582): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) close(0x3) 387.735785ms ago: executing program 0 (id=4583): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='hugetlb.2MB.failcnt\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0xff) 279.302698ms ago: executing program 5 (id=4584): r0 = epoll_create1(0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/stat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x60000005}) 217.473488ms ago: executing program 2 (id=4585): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x10, &(0x7f0000000680), 0xfe, 0x252, &(0x7f00000003c0)="$eJzs3TFoJFUcBvBvZne9y90ipzaCqAciooFwdoLN2SgcyHGICCqciNgoiRAT7BIrGwutVVKJEMTOaClpgo0iWEVNERtBg4XBQouV3Ulk3USjbrJzZH4/mGRm5735v2Hne7PN7AZorAtJLidpJZlO0klSDDe4WC0X9jZXpjauJ73eEz8Xg3bVdmW/3/kky0keSrJeFnmpnSyuPbP96+Zj97250Ln3/bWnpyZ6knt2trce333v6hsfX3lw8cuvf7xa5HK6fzmv41cc8lq7SG49iWI3iKJd9wj4N6699tE3/dzfluSeQf47KVO9eW/N37TeyQPv/l3ft3/66o5JjhU4fr1ep38PXO4BjVMm6aYoZ5JU62U5M1N9hv+2da58eW7+1ekX5xZmX6h7pgKOSzfZevTTM5+cH8n/D60q/8Dp1c//k9dWv+uv77bqHg0wEXdW//r5n35u6f7IPzSO/ENzyT8013j5v3giYwImw/0fmkv+obnkH06xzj/vln9oLvmH5pJ/aK7h/AMAzdI7U/cTyEBd6p5/AAAAAAAAAAAAAAAAAACAg1amNq7vL5Oq+fk7yc4jSdqH1W8Nfo84OTv4e+6Xot/sT0XVbSzP3j3mAcb0Yc1PX9/8fb31v7ir3vpLs8ny60kutdsHr79i7/r7/245Yn/n+TEL/EfFyPbDT022/qjfV0++xgdD62dH9l3ZTD7rzz+XDpt/ytw+1Gt0/uke/RXLR3rltzEPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMT8EQAA///wCW4b") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x3) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 166.08755ms ago: executing program 5 (id=4586): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000010c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8}]}}}]}, 0x3c}}, 0x0) 0s ago: executing program 0 (id=4587): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1d}}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="5a6e41dea43e63a3f70cff11c72b", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): () failure [ 563.904884][ T5324] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 563.926668][ T5324] cdc_ncm 1-1:1.1: bind() failure [ 563.990979][ T5324] usb 1-1: USB disconnect, device number 36 [ 564.628178][T15220] loop3: detected capacity change from 0 to 64 [ 564.970198][ T5390] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 565.130177][ T5390] usb 3-1: Using ep0 maxpacket: 32 [ 565.144736][ T5390] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 565.153293][ T5390] usb 3-1: config 0 has no interface number 0 [ 565.159425][ T5390] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 565.240221][ T5390] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 565.290180][ T5390] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 565.299280][ T5390] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 565.382112][ T5390] usb 3-1: config 0 descriptor?? [ 565.790941][T12549] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 565.852300][ T29] audit: type=1326 audit(1729363903.688:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15239 comm="syz.1.3769" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8138b7dff9 code=0x0 [ 566.102276][ T5390] uclogic 0003:28BD:0094.0072: pen parameters not found [ 566.113119][ T5390] uclogic 0003:28BD:0094.0072: interface is invalid, ignoring [ 566.138428][ T5390] usb 3-1: USB disconnect, device number 46 [ 566.224573][T15232] loop3: detected capacity change from 0 to 40427 [ 566.233946][T15232] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x7 [ 566.245537][T12549] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 566.256727][T12549] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 566.266770][T12549] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 566.277231][T12549] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 566.286642][T15232] F2FS-fs (loop3): invalid crc value [ 566.299820][T12549] usb 5-1: config 0 descriptor?? [ 566.314277][T15232] F2FS-fs (loop3): Found nat_bits in checkpoint [ 566.564459][T15232] F2FS-fs (loop3): Start checkpoint disabled! [ 566.588533][T15232] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 566.644324][ T29] audit: type=1804 audit(1729363904.478:117): pid=15232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3765" name="/newroot/650/file1/file0" dev="loop3" ino=10 res=1 errno=0 [ 566.746964][T12549] arvo 0003:1E7D:30D4.0073: unknown main item tag 0x0 [ 566.758127][T12549] arvo 0003:1E7D:30D4.0073: unknown main item tag 0x0 [ 566.786302][T12549] arvo 0003:1E7D:30D4.0073: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.4-1/input0 [ 566.968641][ T2938] kworker/u8:7: attempt to access beyond end of device [ 566.968641][ T2938] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 567.057927][ T2938] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 567.104611][ T2938] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 567.109783][T15262] loop0: detected capacity change from 0 to 1024 [ 567.141912][T15262] hfsplus: unable to parse mount options [ 567.200067][T12549] usb 5-1: USB disconnect, device number 34 [ 567.573880][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 567.581340][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 567.690394][ T5295] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 567.850919][ T5295] usb 2-1: Using ep0 maxpacket: 16 [ 567.872946][ T5295] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 567.908578][ T5295] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 567.968754][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11 [ 568.008806][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024 [ 568.048086][ T5295] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 568.103729][ T5295] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 568.124684][ T5295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 568.155120][ T5295] usb 2-1: Product: syz [ 568.159325][ T5295] usb 2-1: Manufacturer: syz [ 568.195602][ T5295] usb 2-1: SerialNumber: syz [ 568.253023][ T5295] usb 2-1: config 0 descriptor?? [ 568.543018][ T5295] appledisplay 2-1:0.0: Error while getting initial brightness: -110 [ 568.611666][ T5295] appledisplay 2-1:0.0: probe with driver appledisplay failed with error -110 [ 568.640938][ T5331] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 568.686289][T15296] @: renamed from vlan0 (while UP) [ 568.800229][ T5331] usb 6-1: Using ep0 maxpacket: 32 [ 568.819810][T15294] loop2: detected capacity change from 0 to 4096 [ 568.837410][ T5295] usb 2-1: USB disconnect, device number 35 [ 568.917529][ T5331] usb 6-1: unable to get BOS descriptor or descriptor too short [ 568.939809][ T5331] usb 6-1: config 11 has an invalid interface number: 181 but max is 1 [ 568.948289][ T5331] usb 6-1: config 11 has an invalid interface number: 2 but max is 1 [ 568.956579][ T5331] usb 6-1: config 11 has no interface number 0 [ 568.962851][ T5331] usb 6-1: config 11 has no interface number 1 [ 568.969072][ T5331] usb 6-1: config 11 interface 181 altsetting 0 endpoint 0x82 has invalid maxpacket 1024, setting to 64 [ 568.980305][ T5331] usb 6-1: config 11 interface 181 altsetting 0 endpoint 0x5 has invalid maxpacket 512, setting to 64 [ 569.012375][T15303] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 569.046745][ T5331] usb 6-1: string descriptor 0 read error: -22 [ 569.053193][ T5331] usb 6-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=da.27 [ 569.072931][ T5331] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 569.131638][ T5331] snd-usb-audio 6-1:11.181: probe with driver snd-usb-audio failed with error -22 [ 569.210760][ T5324] usb 1-1: new full-speed USB device number 37 using dummy_hcd [ 569.279769][T15307] loop4: detected capacity change from 0 to 2048 [ 569.340952][T15307] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 569.369821][T15307] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 569.391138][ T5324] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 569.440990][ T5324] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 569.485046][ T5324] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 569.518573][ T5324] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 144, setting to 64 [ 569.535940][ T5324] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 569.553174][ T5324] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 569.563487][ T5324] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 569.576265][ T5324] usb 1-1: Product: syz [ 569.584400][ T5295] usb 6-1: USB disconnect, device number 35 [ 569.606774][ T5324] usb 1-1: Manufacturer: syz [ 569.630214][ T5324] usb 1-1: SerialNumber: syz [ 569.643043][ T5324] usb 1-1: config 0 descriptor?? [ 569.669011][T15302] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 569.767794][ T5331] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 569.973030][ T5324] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 569.993325][ T5324] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 570.020332][ T5331] usb 5-1: Using ep0 maxpacket: 16 [ 570.027653][ T5331] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 570.038382][ T5331] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 570.059536][ T5331] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 570.080052][ T5331] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 570.090070][ T5331] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 570.121651][ T5331] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 570.134527][ T5331] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 570.156065][ T5331] usb 5-1: Manufacturer: syz [ 570.171323][ T5331] usb 5-1: config 0 descriptor?? [ 570.178283][ T5324] radio-si470x 1-1:0.0: software version 0, hardware version 0 [ 570.206124][ T5324] radio-si470x 1-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 570.251043][ T5295] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 570.260024][ T5324] radio-si470x 1-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 570.385065][ T5324] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 570.418558][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.425451][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.432893][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.439554][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.446284][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.453050][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.459694][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.467492][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.474652][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.490932][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.497829][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.504858][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.511674][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.518325][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.525772][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.532454][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.539100][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.545752][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.550371][ T5331] rc_core: IR keymap rc-hauppauge not found [ 570.553034][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.564968][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.572020][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.578813][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.586169][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.592846][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.599429][ T5324] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 570.599466][ T5331] Registered IR keymap rc-empty [ 570.599506][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.620524][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.627169][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.633735][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.640409][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.646939][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.654289][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.660866][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.667405][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.667986][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.674589][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.675416][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.682771][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.689310][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.690377][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 570.696201][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.727032][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.733682][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.740436][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.747080][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.753662][ T5295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 570.754483][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.771906][ T5295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 570.772298][T15316] loop2: detected capacity change from 0 to 32768 [ 570.782981][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.796633][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.800372][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 570.803191][ T5295] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 570.803315][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.830403][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.836957][ T5295] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00 [ 570.837091][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.846301][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.853029][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.859540][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.866818][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.873452][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.873926][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.880461][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.881129][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.887635][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.894930][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.900904][ T5331] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 570.901531][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.939631][ T5331] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input56 [ 570.939745][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.958581][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.965877][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.972865][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.979888][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.986581][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 570.994085][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.000728][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.007374][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.015206][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.022550][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.029238][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.035954][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.037267][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.042637][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.042849][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.063729][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.070373][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.077271][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.084395][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.091800][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.098446][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.105086][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71) [ 571.110521][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.111885][ T5324] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -22 [ 571.157124][ T5324] usb 1-1: USB disconnect, device number 37 [ 571.163754][T15316] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 571.173571][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.186193][ T5295] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 571.215647][ T5295] usb 4-1: config 0 descriptor?? [ 571.230816][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.254935][ T29] audit: type=1800 audit(1729363909.088:118): pid=15316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3804" name="bus" dev="loop2" ino=17058 res=0 errno=0 [ 571.310263][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.332825][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.383680][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.446296][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.480331][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.550478][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.588240][ T5331] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 571.642501][ T5331] mceusb 5-1:0.0: Registered with mce emulator interface version 1 [ 571.693278][ T5331] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 571.718220][ T5331] usb 5-1: USB disconnect, device number 35 [ 571.732972][ T5295] corsair-cpro 0003:1B1C:1D00.0074: item fetching failed at offset 1/5 [ 571.765899][ T5295] corsair-cpro 0003:1B1C:1D00.0074: probe with driver corsair-cpro failed with error -22 [ 571.874190][ T5247] ocfs2: Unmounting device (7,2) on (node local) [ 572.011350][ T5330] usb 4-1: USB disconnect, device number 41 [ 572.370037][T15347] loop4: detected capacity change from 0 to 64 [ 572.483945][T15353] loop2: detected capacity change from 0 to 8 [ 572.694365][T15339] loop1: detected capacity change from 0 to 32768 [ 572.753312][T15353] SQUASHFS error: Failed to read block 0x8f: -5 [ 572.875875][T15339] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 572.925457][ T29] audit: type=1800 audit(1729363910.718:119): pid=15353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3814" name="/" dev="loop2" ino=5 res=0 errno=0 [ 573.223200][T15375] loop0: detected capacity change from 0 to 24 [ 573.242280][T15339] XFS (loop1): Ending clean mount [ 573.279535][T15375] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 573.335627][T15339] XFS (loop1): Quotacheck needed: Please wait. [ 573.360649][T15375] romfs: bad initial checksum on dev loop0. [ 573.485913][T15339] XFS (loop1): Quotacheck: Done. [ 573.793834][T10878] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 574.260748][T15400] netlink: 'syz.3.3838': attribute type 25 has an invalid length. [ 574.300436][T15400] netlink: 'syz.3.3838': attribute type 7 has an invalid length. [ 574.541224][T15410] loop0: detected capacity change from 0 to 128 [ 574.567527][T15411] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3842'. [ 574.611527][T15411] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3842'. [ 575.235584][T15423] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3847'. [ 575.763181][T15426] loop2: detected capacity change from 0 to 32768 [ 575.771224][T15426] XFS: ikeep mount option is deprecated. [ 575.810082][T15426] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 575.829030][T15438] sch_tbf: burst 0 is lower than device bridge_slave_1 mtu (1514) ! [ 576.038839][T15426] XFS (loop2): Ending clean mount [ 576.047791][T15426] XFS (loop2): Quotacheck needed: Please wait. [ 576.235341][T15426] XFS (loop2): Quotacheck: Done. [ 576.433555][ T5247] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 577.347620][T15461] loop3: detected capacity change from 0 to 40427 [ 577.355525][T15461] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 577.362560][T15461] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 577.375966][T15461] F2FS-fs (loop3): build fault injection attr: rate: 17008, type: 0x1fffff [ 577.384744][T15461] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x6 [ 577.401056][T15461] F2FS-fs (loop3): invalid crc value [ 577.500632][T15461] F2FS-fs (loop3): Found nat_bits in checkpoint [ 577.829562][T15461] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 577.840983][T15461] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 578.141283][ T5231] syz-executor: attempt to access beyond end of device [ 578.141283][ T5231] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 578.192781][ T5231] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 578.199978][ T5231] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 578.220563][ T5231] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 578.247887][ T5231] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 578.986968][T15503] loop3: detected capacity change from 0 to 128 [ 579.060271][ T5231] sysv_free_block: flc_count > flc_size [ 579.066492][ T5231] sysv_free_block: flc_count > flc_size [ 579.073238][ T5231] sysv_free_block: flc_count > flc_size [ 579.079445][ T5231] sysv_free_block: flc_count > flc_size [ 579.085393][ T5231] sysv_free_block: flc_count > flc_size [ 579.091074][ T5231] sysv_free_block: flc_count > flc_size [ 579.096644][ T5231] sysv_free_block: flc_count > flc_size [ 579.103104][ T5231] sysv_free_block: flc_count > flc_size [ 579.108672][ T5231] sysv_free_block: flc_count > flc_size [ 579.114302][ T5231] sysv_free_block: flc_count > flc_size [ 579.132241][ T5231] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 579.140234][ T1698] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 579.552880][ T1698] usb 1-1: config 0 has no interfaces? [ 579.558426][ T1698] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 579.581948][ T1698] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.627805][ T1698] usb 1-1: config 0 descriptor?? [ 579.850936][T15518] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 579.897209][ T5324] usb 1-1: USB disconnect, device number 38 [ 580.507280][T15513] loop3: detected capacity change from 0 to 32768 [ 580.519739][T15513] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3882 (15513) [ 580.544095][T15513] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 580.572521][T15513] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 580.581659][T15513] BTRFS info (device loop3): using free-space-tree [ 580.620389][ T5324] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 580.697251][T15513] BTRFS info (device loop3): rebuilding free space tree [ 580.770372][ T5324] usb 3-1: Using ep0 maxpacket: 16 [ 580.793772][ T5324] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 580.815887][ T29] audit: type=1800 audit(1729363918.648:120): pid=15513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3882" name="bus" dev="loop3" ino=263 res=0 errno=0 [ 580.859170][ T5324] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 580.890929][ T5324] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 580.931067][ T5324] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 580.939278][ T5324] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 580.986048][ T5324] usb 3-1: config 0 has no interface number 0 [ 581.012287][ T5324] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 581.060300][ T5324] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 581.109269][ T5324] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 581.129794][ T5324] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 581.163270][ T5231] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 581.188803][ T5324] usb 3-1: config 0 interface 125 has no altsetting 0 [ 581.211858][ T5324] usb 3-1: config 0 interface 125 has no altsetting 2 [ 581.266866][ T5324] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 581.292206][T15556] : renamed from bond0 (while UP) [ 581.299131][ T5324] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 581.308390][ T5324] usb 3-1: Product: syz [ 581.321254][ T5324] usb 3-1: Manufacturer: syz [ 581.325889][ T5324] usb 3-1: SerialNumber: syz [ 581.402361][ T5324] usb 3-1: config 0 descriptor?? [ 581.512499][ T5324] usb 3-1: selecting invalid altsetting 2 [ 581.664921][T15558] loop0: detected capacity change from 0 to 4096 [ 581.691702][T15558] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 581.744055][T15558] ntfs3(loop0): Failed to load $Extend (-22). [ 581.776868][T15558] ntfs3(loop0): Failed to initialize $Extend. [ 582.244461][T15568] mkiss: ax0: crc mode is auto. [ 582.317759][ C0] usb 3-1: async_complete: urb error -71 [ 582.323522][ C0] usb 3-1: async_complete: urb error -71 [ 582.331741][ T5324] get_1284_register: usb error -71 [ 582.336954][ T5324] uss720 3-1:0.125: probe with driver uss720 failed with error -71 [ 582.356911][ T5324] usb 3-1: USB disconnect, device number 47 [ 583.225379][T15570] loop0: detected capacity change from 0 to 32768 [ 583.250247][T15570] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3903 (15570) [ 583.303150][T15570] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 583.362520][T15570] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 583.419589][T15570] BTRFS info (device loop0): using free-space-tree [ 583.660759][ T5236] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 583.672704][ T5236] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 583.682926][ T5236] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 583.699212][ T5236] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 583.708319][ T5236] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 583.715778][ T5236] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 584.209707][T15626] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 584.485928][ T5230] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 584.684959][T15618] chnl_net:caif_netlink_parms(): no params data found [ 585.480330][T15618] bridge0: port 1(bridge_slave_0) entered blocking state [ 585.487514][T15618] bridge0: port 1(bridge_slave_0) entered disabled state [ 585.511187][T15618] bridge_slave_0: entered allmulticast mode [ 585.560369][T15618] bridge_slave_0: entered promiscuous mode [ 585.613616][T15618] bridge0: port 2(bridge_slave_1) entered blocking state [ 585.630844][T15614] loop3: detected capacity change from 0 to 32768 [ 585.632544][T15618] bridge0: port 2(bridge_slave_1) entered disabled state [ 585.670376][ T5330] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 585.680738][T15614] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3912 (15614) [ 585.689210][T15618] bridge_slave_1: entered allmulticast mode [ 585.736638][T15618] bridge_slave_1: entered promiscuous mode [ 585.768907][T15614] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 585.809456][T15614] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 585.818311][ T5236] Bluetooth: hci7: command tx timeout [ 585.870788][ T5330] usb 2-1: Using ep0 maxpacket: 16 [ 585.877765][ T5330] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 585.906821][ T5330] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 585.940142][ T5330] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 585.948190][ T5330] usb 2-1: Product: syz [ 585.953466][ T5330] usb 2-1: Manufacturer: syz [ 585.958106][ T5330] usb 2-1: SerialNumber: syz [ 585.971246][ T5330] usb 2-1: config 0 descriptor?? [ 586.095201][T15686] rtc_cmos 00:00: Alarms can be up to one day in the future [ 586.146301][T15614] BTRFS info (device loop3): rebuilding free space tree [ 586.159476][T15618] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 586.189664][T15614] BTRFS info (device loop3): disabling free space tree [ 586.223359][T15618] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 586.265034][T15614] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 586.317342][T15614] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 586.383219][ T1170] rtc_cmos 00:00: Alarms can be up to one day in the future [ 586.393675][ T1170] rtc_cmos 00:00: Alarms can be up to one day in the future [ 586.421102][ T1170] rtc_cmos 00:00: Alarms can be up to one day in the future [ 586.438184][ T1170] rtc_cmos 00:00: Alarms can be up to one day in the future [ 586.459142][ T1170] rtc rtc0: __rtc_set_alarm: err=-22 [ 586.535302][ T5330] usb 2-1: Not enough endpoints found in device, aborting! [ 586.687112][T15698] netlink: 'syz.0.3932': attribute type 1 has an invalid length. [ 586.700396][T15698] netlink: 209848 bytes leftover after parsing attributes in process `syz.0.3932'. [ 586.743835][T15618] team0: Port device team_slave_0 added [ 586.768534][ T5330] usb 2-1: USB disconnect, device number 36 [ 586.824780][ T5231] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 586.895698][T15700] loop2: detected capacity change from 0 to 2048 [ 586.938183][T15618] team0: Port device team_slave_1 added [ 586.959447][ T5854] sysv_free_block: flc_count > flc_size [ 586.972022][ T5854] sysv_free_block: flc_count > flc_size [ 586.977679][ T5854] sysv_free_block: flc_count > flc_size [ 586.994718][ T5854] sysv_free_block: flc_count > flc_size [ 587.000639][ T5854] sysv_free_block: flc_count > flc_size [ 587.000650][T15700] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 587.006265][ T5854] sysv_free_block: flc_count > flc_size [ 587.037584][T15700] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 587.161008][ T5854] sysv_free_block: flc_count > flc_size [ 587.166615][ T5854] sysv_free_block: flc_count > flc_size [ 587.223812][ T5854] sysv_free_block: flc_count > flc_size [ 587.250229][ T5854] sysv_free_block: flc_count > flc_size [ 587.283094][ T5854] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 587.370416][ T5330] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 587.486164][T15618] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 587.530425][ T5330] usb 3-1: Using ep0 maxpacket: 16 [ 587.533961][T15708] loop3: detected capacity change from 0 to 128 [ 587.540147][T15618] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 587.598340][ T5330] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 587.645831][ T5330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 587.690215][ T5330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 587.711309][T15618] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 587.730225][ T5330] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 587.789747][ T5330] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 587.813582][T15618] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 587.843438][T15618] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 587.891631][ T5236] Bluetooth: hci7: command tx timeout [ 587.897298][ T5330] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 587.929399][ T5330] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 587.937670][ T5330] usb 3-1: Manufacturer: syz [ 587.946000][ T5330] usb 3-1: config 0 descriptor?? [ 588.015181][T15618] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 588.350941][ T5330] rc_core: IR keymap rc-hauppauge not found [ 588.390914][ T5330] Registered IR keymap rc-empty [ 588.410227][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.450424][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.512859][ T5330] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 588.560817][ T5330] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input57 [ 588.581686][T15727] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3944'. [ 588.594274][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.623228][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.631418][ T5232] syz-executor (5232) used greatest stack depth: 17728 bytes left [ 588.671956][T15732] loop3: detected capacity change from 0 to 8 [ 588.686909][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.720501][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.750297][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.801207][ T29] audit: type=1326 audit(1729363926.638:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15733 comm="syz.0.3947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f622237dff9 code=0x7ffc0000 [ 588.850552][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.871138][ T29] audit: type=1326 audit(1729363926.638:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15733 comm="syz.0.3947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f622237dff9 code=0x7ffc0000 [ 588.890674][T15734] loop0: detected capacity change from 0 to 1024 [ 588.902418][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.923473][T15734] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 588.941686][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 588.983840][ T29] audit: type=1326 audit(1729363926.638:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15733 comm="syz.0.3947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f622237dff9 code=0x7ffc0000 [ 589.012105][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 589.051200][T15734] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:482: comm syz.0.3947: Invalid block bitmap block 0 in block_group 0 [ 589.072924][T15734] Quota error (device loop0): write_blk: dquota write failed [ 589.076021][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 589.080433][T15734] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 589.099860][T15734] EXT4-fs error (device loop0): ext4_acquire_dquot:6877: comm syz.0.3947: Failed to acquire dquot type 0 [ 589.112705][ T29] audit: type=1326 audit(1729363926.638:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15733 comm="syz.0.3947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f622237e033 code=0x7ffc0000 [ 589.152381][T15734] EXT4-fs error (device loop0): ext4_free_blocks:6588: comm syz.0.3947: Freeing blocks not in datazone - block = 0, count = 4096 [ 589.156199][T15618] hsr_slave_0: entered promiscuous mode [ 589.184772][ T29] audit: type=1326 audit(1729363926.678:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15733 comm="syz.0.3947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f622237cadf code=0x7ffc0000 [ 589.210513][ T5330] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 589.217238][T15734] EXT4-fs error (device loop0): ext4_read_inode_bitmap:138: comm syz.0.3947: Invalid inode bitmap blk 0 in block_group 0 [ 589.232680][T15618] hsr_slave_1: entered promiscuous mode [ 589.238910][ T11] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-8 [ 589.248357][ T11] EXT4-fs error (device loop0): ext4_release_dquot:6900: comm kworker/u8:0: Failed to release dquot type 0 [ 589.264551][ T29] audit: type=1326 audit(1729363926.678:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15733 comm="syz.0.3947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f622237e087 code=0x7ffc0000 [ 589.286981][T15618] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 589.291663][ T5330] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 589.295926][T15734] EXT4-fs error (device loop0) in ext4_free_inode:360: Corrupt filesystem [ 589.315196][T15618] Cannot create hsr debugfs directory [ 589.322443][ T35] bridge_slave_1: left allmulticast mode [ 589.328125][ T35] bridge_slave_1: left promiscuous mode [ 589.334928][T15734] EXT4-fs (loop0): 1 orphan inode deleted [ 589.341398][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 589.349928][T15734] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 589.363317][ T29] audit: type=1326 audit(1729363926.678:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15733 comm="syz.0.3947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f622237c990 code=0x7ffc0000 [ 589.370239][ T5330] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 589.423086][ T35] bridge_slave_0: left allmulticast mode [ 589.431170][ T35] bridge_slave_0: left promiscuous mode [ 589.449406][T15734] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 589.471601][T15746] vxcan1: tx address claim with dlc 1 [ 589.479477][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 589.488429][ T5330] usb 3-1: USB disconnect, device number 48 [ 589.716428][ T5230] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.761788][T15754] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3956'. [ 589.924624][T15758] loop3: detected capacity change from 0 to 128 [ 589.981277][ T5236] Bluetooth: hci7: command tx timeout [ 590.795267][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 590.818824][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 590.845385][ T35] bond0 (unregistering): Released all slaves [ 591.035061][T15770] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3964'. [ 591.067334][T15781] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3969'. [ 591.267037][T15788] netlink: 'syz.3.3972': attribute type 8 has an invalid length. [ 591.358100][T15791] loop2: detected capacity change from 0 to 2048 [ 591.401624][T15791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 591.415086][T15791] ext4 filesystem being mounted at /697/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 591.548610][T15799] loop3: detected capacity change from 0 to 512 [ 591.639589][T15801] loop5: detected capacity change from 0 to 256 [ 591.670389][T15801] exfat: Deprecated parameter 'namecase' [ 591.676210][T15801] exfat: Deprecated parameter 'utf8' [ 591.703739][T15796] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 591.705524][T15801] exfat: Deprecated parameter 'namecase' [ 591.740941][T15801] exfat: Deprecated parameter 'utf8' [ 591.803270][T15801] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 591.874404][ T5247] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 592.052083][T15789] loop0: detected capacity change from 0 to 40427 [ 592.077840][T15789] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 592.080212][ T5236] Bluetooth: hci7: command tx timeout [ 592.086149][T15789] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 592.102377][T15789] F2FS-fs (loop0): invalid crc value [ 592.112590][T15789] F2FS-fs (loop0): Found nat_bits in checkpoint [ 592.463625][T15789] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 592.478822][T15817] loop3: detected capacity change from 0 to 16 [ 592.500349][T15789] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 592.565270][T15817] erofs: (device loop3): mounted with root inode @ nid 36. [ 592.641796][T15817] erofs: (device loop3): z_erofs_readahead: readahead error at folio 22 @ nid 36 [ 592.708878][T15817] erofs: (device loop3): z_erofs_readahead: readahead error at folio 21 @ nid 36 [ 592.725978][T15618] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 592.737305][T15618] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 592.750450][T15817] erofs: (device loop3): z_erofs_readahead: readahead error at folio 20 @ nid 36 [ 592.770543][T15817] erofs: (device loop3): z_erofs_readahead: readahead error at folio 18 @ nid 36 [ 592.779998][T15817] erofs: (device loop3): z_erofs_readahead: readahead error at folio 12 @ nid 36 [ 592.800536][T15817] erofs: (device loop3): z_erofs_readahead: readahead error at folio 10 @ nid 36 [ 592.809883][T15817] erofs: (device loop3): z_erofs_readahead: readahead error at folio 6 @ nid 36 [ 592.819205][T15817] syz.3.3982: attempt to access beyond end of device [ 592.819205][T15817] loop3: rw=524288, sector=6520, nr_sectors = 16 limit=16 [ 592.852020][T15817] syz.3.3982: attempt to access beyond end of device [ 592.852020][T15817] loop3: rw=524288, sector=34359736328, nr_sectors = 16 limit=16 [ 592.921652][T15817] syz.3.3982: attempt to access beyond end of device [ 592.921652][T15817] loop3: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 592.937217][ T35] hsr_slave_0: left promiscuous mode [ 592.989522][T15817] syz.3.3982: attempt to access beyond end of device [ 592.989522][T15817] loop3: rw=524288, sector=536576856, nr_sectors = 16 limit=16 [ 593.015301][ T35] hsr_slave_1: left promiscuous mode [ 593.022397][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 593.029848][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 593.071973][T15817] syz.3.3982: attempt to access beyond end of device [ 593.071973][T15817] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 593.101196][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 593.130572][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 593.141144][T15817] syz.3.3982: attempt to access beyond end of device [ 593.141144][T15817] loop3: rw=524288, sector=13478624032, nr_sectors = 8 limit=16 [ 593.198528][ T35] veth1_macvtap: left promiscuous mode [ 593.205049][ T35] veth0_macvtap: left promiscuous mode [ 593.210856][ T35] veth1_vlan: left promiscuous mode [ 593.216197][ T35] veth0_vlan: left promiscuous mode [ 593.361577][T15828] input: syz0 as /devices/virtual/input/input58 [ 593.965010][ T5249] Bluetooth: hci2: sending frame failed (-49) [ 593.972637][ T5236] Bluetooth: hci2: Opcode 0x1003 failed: -49 [ 594.454368][T15849] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3996'. [ 594.945773][ T35] team0 (unregistering): Port device team_slave_1 removed [ 594.987690][T15845] loop1: detected capacity change from 0 to 32768 [ 595.005351][T15845] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3994 (15845) [ 595.035138][T15845] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 595.059030][T15845] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 595.078172][T15845] BTRFS info (device loop1): using free-space-tree [ 595.089870][ T35] team0 (unregistering): Port device team_slave_0 removed [ 595.191545][T15845] BTRFS info (device loop1): rebuilding free space tree [ 595.193381][T15868] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3997'. [ 595.394875][T10878] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 596.155605][T15870] loop5: detected capacity change from 0 to 32768 [ 596.184138][T15870] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3998 (15870) [ 596.227450][T15870] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 596.248211][T15870] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 596.260802][T15870] BTRFS info (device loop5): using free-space-tree [ 596.479314][T15870] BTRFS info (device loop5): rebuilding free space tree [ 596.593638][T15618] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 596.624948][T15618] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 596.713309][ T29] kauditd_printk_skb: 16 callbacks suppressed [ 596.713333][ T29] audit: type=1800 audit(1729363934.548:144): pid=15870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3998" name="bus" dev="loop5" ino=263 res=0 errno=0 [ 597.104248][T15618] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 597.108207][ T5966] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 597.160182][T15618] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 597.409796][T15891] loop2: detected capacity change from 0 to 40427 [ 597.443868][T15891] F2FS-fs (loop2): invalid crc value [ 597.594727][T15891] F2FS-fs (loop2): Found nat_bits in checkpoint [ 597.667326][T15618] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 597.678528][T15618] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 597.742790][T15891] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 598.048674][ T5247] syz-executor: attempt to access beyond end of device [ 598.048674][ T5247] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 598.098571][ T5247] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 598.183998][T15919] netlink: 'syz.5.4010': attribute type 8 has an invalid length. [ 598.241336][T15618] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 598.269008][T15618] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 598.313892][T15618] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 598.340456][ T1698] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 598.344127][T15618] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 598.446271][ T2938] bridge_slave_1: left allmulticast mode [ 598.460042][ T2938] bridge_slave_1: left promiscuous mode [ 598.473911][ T2938] bridge0: port 2(bridge_slave_1) entered disabled state [ 598.510443][ T1698] usb 1-1: Using ep0 maxpacket: 16 [ 598.531035][ T2938] bridge_slave_0: left allmulticast mode [ 598.536855][ T2938] bridge_slave_0: left promiscuous mode [ 598.553869][ T2938] bridge0: port 1(bridge_slave_0) entered disabled state [ 598.557629][ T1698] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 598.572081][ T1698] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 598.582097][ T1698] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 598.591332][ T1698] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 598.601727][ T1698] usb 1-1: config 0 descriptor?? [ 599.034816][ T1698] corsair 0003:1B1C:1B02.0075: unknown main item tag 0x0 [ 599.044806][ T1698] corsair 0003:1B1C:1B02.0075: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0 [ 599.247536][ T1698] corsair 0003:1B1C:1B02.0075: Read invalid backlight brightness: db. [ 599.488435][ T1698] usb 1-1: USB disconnect, device number 39 [ 599.681947][ T5390] kernel write not supported for file /snd/seq (pid: 5390 comm: kworker/1:9) [ 599.915098][T15948] loop3: detected capacity change from 0 to 256 [ 600.195756][T15952] loop3: detected capacity change from 0 to 128 [ 600.256311][T15952] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 600.295090][T15952] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 600.522330][ T2938] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 600.562263][ T2938] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 600.604662][ T2938] bond0 (unregistering): Released all slaves [ 600.660179][T15958] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4028'. [ 600.953148][T15618] 8021q: adding VLAN 0 to HW filter on device bond0 [ 600.977550][T15618] 8021q: adding VLAN 0 to HW filter on device team0 [ 600.991957][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 600.999075][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 601.268266][T15936] loop1: detected capacity change from 0 to 65536 [ 601.326692][T15936] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 601.392401][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 601.399544][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 601.428342][T15936] XFS (loop1): Ending clean mount [ 601.495202][T15936] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x136/0x1e0, xfs_agf block 0x8001 [ 601.506690][T15936] XFS (loop1): Unmount and run xfs_repair [ 601.519241][T15936] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 601.550921][T15936] 00000000: 58 41 47 46 00 00 00 01 00 00 00 01 00 00 40 00 XAGF..........@. [ 601.579175][T15936] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01 ................ [ 601.628641][T15936] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 601.680529][T15936] 00000030: 00 00 00 04 00 00 3b 5f 00 00 3b 5c 00 00 00 00 ......;_..;\.... [ 601.689436][T15936] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 601.750319][T15936] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 601.759431][T15936] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 601.768641][T15936] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 601.777822][T15936] XFS (loop1): metadata I/O error in "xfs_read_agf+0x2bd/0x590" at daddr 0x8001 len 1 error 74 [ 601.915408][T10878] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 601.936469][T10878] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair. [ 602.071519][T15618] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 602.082701][T15618] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 602.277944][T15994] loop2: detected capacity change from 0 to 512 [ 602.371319][T15994] EXT4-fs: Ignoring removed orlov option [ 602.527680][T15987] loop3: detected capacity change from 0 to 32768 [ 602.539156][T15987] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4036 (15987) [ 602.559490][T15987] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 602.568236][T15994] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 602.569769][T15987] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 602.587077][T15987] BTRFS info (device loop3): using free-space-tree [ 602.689330][T15994] EXT4-fs (loop2): 1 truncate cleaned up [ 602.711316][T15994] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 602.924360][T15994] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 603.010242][ T2938] hsr_slave_0: left promiscuous mode [ 603.045695][T15994] EXT4-fs error (device loop2): ext4_readdir:259: inode #2: block 4: comm syz.2.4039: path /706/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=131071, rec_len=65535, size=1024 fake=0 [ 603.125041][ T2938] hsr_slave_1: left promiscuous mode [ 603.181007][ T2938] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 603.188459][ T2938] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 603.249651][ T2938] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 603.258018][ T2938] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 603.278893][ T5247] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 603.334923][ T2938] veth1_macvtap: left promiscuous mode [ 603.362844][ T2938] veth0_macvtap: left promiscuous mode [ 603.411404][ T2938] veth1_vlan: left promiscuous mode [ 603.437999][ T2938] veth0_vlan: left promiscuous mode [ 603.450005][ T5231] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 603.572968][T15990] loop0: detected capacity change from 0 to 32768 [ 603.632652][T15990] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 603.688185][T16042] loop5: detected capacity change from 0 to 1024 [ 603.876982][T15990] XFS (loop0): Starting recovery (logdev: internal) [ 603.938302][T15990] XFS (loop0): Ending recovery (logdev: internal) [ 604.365362][ T5230] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 604.632444][T16056] loop3: detected capacity change from 0 to 128 [ 604.666069][T16056] VFS: Found a Xenix FS (block size = 512) on device loop3 [ 604.710990][T16056] syz.3.4055: attempt to access beyond end of device [ 604.710990][T16056] loop3: rw=2049, sector=2066843070, nr_sectors = 1 limit=128 [ 604.727610][T16056] buffer_io_error: 46 callbacks suppressed [ 604.727635][T16056] Buffer I/O error on dev loop3, logical block 2066843070, lost async page write [ 604.743343][T16056] syz.3.4055: attempt to access beyond end of device [ 604.743343][T16056] loop3: rw=2049, sector=8767744, nr_sectors = 1 limit=128 [ 604.758422][T16056] Buffer I/O error on dev loop3, logical block 8767744, lost async page write [ 604.767802][T16056] syz.3.4055: attempt to access beyond end of device [ 604.767802][T16056] loop3: rw=2049, sector=13269809, nr_sectors = 1 limit=128 [ 604.782109][T16056] Buffer I/O error on dev loop3, logical block 13269809, lost async page write [ 604.792737][T16056] syz.3.4055: attempt to access beyond end of device [ 604.792737][T16056] loop3: rw=2049, sector=1157, nr_sectors = 1 limit=128 [ 604.806783][T16056] Buffer I/O error on dev loop3, logical block 1157, lost async page write [ 604.815865][T16056] syz.3.4055: attempt to access beyond end of device [ 604.815865][T16056] loop3: rw=2049, sector=3211264, nr_sectors = 1 limit=128 [ 604.829947][T16056] Buffer I/O error on dev loop3, logical block 3211264, lost async page write [ 604.839844][T16056] syz.3.4055: attempt to access beyond end of device [ 604.839844][T16056] loop3: rw=2049, sector=8768635, nr_sectors = 1 limit=128 [ 604.853840][T16056] Buffer I/O error on dev loop3, logical block 8768635, lost async page write [ 604.863634][T16056] syz.3.4055: attempt to access beyond end of device [ 604.863634][T16056] loop3: rw=2049, sector=13466417, nr_sectors = 1 limit=128 [ 604.877994][T16056] Buffer I/O error on dev loop3, logical block 13466417, lost async page write [ 604.887547][T16056] syz.3.4055: attempt to access beyond end of device [ 604.887547][T16056] loop3: rw=2049, sector=209285, nr_sectors = 1 limit=128 [ 604.902140][T16056] Buffer I/O error on dev loop3, logical block 209285, lost async page write [ 604.992727][ T5231] sysv_free_block: trying to free block not in datazone [ 605.003137][ T5231] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 605.118731][T16061] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4056'. [ 605.212186][T16061] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4056'. [ 605.614152][ T2938] team0 (unregistering): Port device team_slave_1 removed [ 605.664941][ T2938] team0 (unregistering): Port device team_slave_0 removed [ 605.810398][T12549] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 605.964576][T12549] usb 1-1: Using ep0 maxpacket: 32 [ 605.974222][T12549] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 606.003067][T12549] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 606.013301][T12549] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 606.022935][T12549] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 606.036585][T12549] usb 1-1: config 0 descriptor?? [ 606.411936][T15618] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 606.501288][T12549] koneplus 0003:1E7D:2D51.0076: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.0-1/input0 [ 606.850760][ T5295] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 606.897394][T12549] usb 1-1: USB disconnect, device number 40 [ 607.021523][ T5295] usb 6-1: Using ep0 maxpacket: 16 [ 607.046989][ T5295] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 607.071646][ T5295] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 607.072472][ T1698] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 607.160764][ T5295] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 607.184983][T15618] veth0_vlan: entered promiscuous mode [ 607.193873][ T5295] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.210375][ T5295] usb 6-1: Product: syz [ 607.231097][T15618] veth1_vlan: entered promiscuous mode [ 607.234897][ T5295] usb 6-1: Manufacturer: syz [ 607.247903][ T5295] usb 6-1: SerialNumber: syz [ 607.273064][ T5295] usb 6-1: config 0 descriptor?? [ 607.297074][T15618] veth0_macvtap: entered promiscuous mode [ 607.299900][ T5295] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 607.323560][ T5295] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 607.348666][T15618] veth1_macvtap: entered promiscuous mode [ 607.379130][ T1698] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 607.390016][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 607.404197][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.414551][ T1698] usb 4-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.00 [ 607.430295][ T1698] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 607.470247][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 607.490284][ T1698] usb 4-1: config 0 descriptor?? [ 607.529892][ T1698] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 607.562435][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.600306][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 607.638496][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.668252][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 607.690207][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.713076][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 607.741719][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.782481][T15618] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 607.797928][ T5331] usb 4-1: USB disconnect, device number 42 [ 607.843512][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 607.870551][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.900174][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 607.911823][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.921890][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 607.932452][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.942700][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 607.953544][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.963722][T15618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 607.974367][T15618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 607.985763][T15618] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 607.996817][ T5295] em28xx 6-1:0.0: chip ID is em2870 [ 608.022407][T15618] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 608.105026][T15618] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 608.122386][T15618] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 608.132060][T15618] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 608.200995][T12549] usb 6-1: USB disconnect, device number 36 [ 608.207911][T12549] em28xx 6-1:0.0: Disconnecting em28xx [ 608.253576][T12549] em28xx 6-1:0.0: Freeing device [ 608.314675][T16117] loop0: detected capacity change from 0 to 128 [ 608.417462][ T2921] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 608.441072][ T2921] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 608.518534][ T2921] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 608.565706][ T2921] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 608.640612][T16123] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4083'. [ 608.692862][T16123] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4083'. [ 608.799999][T16127] loop0: detected capacity change from 0 to 1024 [ 608.850043][T16127] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 609.038470][ T11] Bluetooth: hci2: Frame reassembly failed (-84) [ 609.099635][T16135] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.107478][T16135] bridge0: port 1(bridge_slave_0) entered disabled state [ 609.791049][T16154] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge0 [ 610.201710][T16163] loop2: detected capacity change from 0 to 2048 [ 610.208874][T16163] EXT4-fs: Ignoring removed mblk_io_submit option [ 610.292338][T16163] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 610.359071][T16163] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.4100: bg 0: block 234: padding at end of block bitmap is not set [ 610.371148][T16171] loop4: detected capacity change from 0 to 512 [ 610.400495][T16171] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 610.408587][T16171] UDF-fs: Scanning with blocksize 512 failed [ 610.440356][T16163] EXT4-fs (loop2): Remounting filesystem read-only [ 610.440533][T16171] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 610.456600][T16171] UDF-fs: Scanning with blocksize 1024 failed [ 610.521716][T16171] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 610.568954][T16171] UDF-fs: Scanning with blocksize 2048 failed [ 610.606051][T16171] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 610.634463][T16171] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 610.645442][ T5247] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 611.130203][ T5236] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 611.524975][T16191] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 611.557178][T16195] loop0: detected capacity change from 0 to 512 [ 611.761368][T16177] loop5: detected capacity change from 0 to 40427 [ 611.818488][T16181] loop2: detected capacity change from 0 to 32768 [ 611.828959][T16177] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 611.837631][T16177] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 611.907719][T16177] F2FS-fs (loop5): Found nat_bits in checkpoint [ 611.991011][T16181] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 612.165826][T16177] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 612.173922][T16177] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 612.173973][T16181] XFS (loop2): Starting recovery (logdev: internal) [ 612.248552][T16181] XFS (loop2): Ending recovery (logdev: internal) [ 613.130614][ T5247] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 613.739214][T16255] loop3: detected capacity change from 0 to 4096 [ 613.768353][T16255] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 613.921449][ T5236] Bluetooth: hci4: ACL packet for unknown connection handle 200 [ 614.880717][T16278] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4144'. [ 615.120669][T16283] IPVS: sed: TCP 127.0.0.1:0 - no destination available [ 615.218358][T16287] netlink: 52 bytes leftover after parsing attributes in process `syz.0.4147'. [ 616.044440][T16272] loop1: detected capacity change from 0 to 32768 [ 616.146224][T16272] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 616.179565][T16307] loop3: detected capacity change from 0 to 2048 [ 616.218228][T16307] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 616.236440][T16307] UDF-fs: Scanning with blocksize 512 failed [ 616.312974][T16307] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 616.466049][T16272] XFS (loop1): Starting recovery (logdev: internal) [ 616.537854][T16272] XFS (loop1): Ending recovery (logdev: internal) [ 616.894859][T16289] loop5: detected capacity change from 0 to 40427 [ 616.959512][T10878] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 617.021125][T16289] F2FS-fs (loop5): Found nat_bits in checkpoint [ 617.030368][ T5295] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 617.163466][T16331] loop3: detected capacity change from 0 to 64 [ 617.270262][ T5295] usb 1-1: Using ep0 maxpacket: 16 [ 617.278831][ T5295] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA5, changing to 0x85 [ 617.320739][ T5295] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 104 [ 617.354888][T16289] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 617.376533][ T5295] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 617.389854][ T5295] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 617.407541][ T5295] usb 1-1: Product: syz [ 617.416711][ T5295] usb 1-1: Manufacturer: syz [ 617.427325][ T5295] usb 1-1: SerialNumber: syz [ 617.453950][ T5295] usb 1-1: config 0 descriptor?? [ 617.494006][T16322] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 617.506005][ T5295] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input59 [ 617.676158][ T5966] syz-executor: attempt to access beyond end of device [ 617.676158][ T5966] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 617.720343][ T5966] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 617.922987][ T1698] usb 1-1: USB disconnect, device number 41 [ 617.923092][ C0] usbtouchscreen 1-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 618.053637][T16346] loop3: detected capacity change from 0 to 4096 [ 618.060487][T16344] loop1: detected capacity change from 0 to 4096 [ 618.080283][T16344] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 618.112512][T16352] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 618.368521][T16356] loop4: detected capacity change from 0 to 128 [ 618.453119][T16356] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 618.502216][T16356] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 618.792041][T15618] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 619.173858][T16372] netlink: 136 bytes leftover after parsing attributes in process `syz.0.4176'. [ 619.468974][T16349] loop2: detected capacity change from 0 to 32768 [ 619.501184][T16349] XFS: ikeep mount option is deprecated. [ 619.527779][ T5324] usb 5-1: new full-speed USB device number 36 using dummy_hcd [ 619.568892][T16349] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 619.711988][T16349] XFS (loop2): Ending clean mount [ 619.718142][ T5324] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 619.758041][ T5324] usb 5-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00 [ 619.760217][T16349] XFS (loop2): Quotacheck needed: Please wait. [ 619.770311][ T5324] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 619.801468][ T5324] usb 5-1: config 0 descriptor?? [ 619.879809][T16349] XFS (loop2): Quotacheck: Done. [ 619.940422][T16349] XFS (loop2): User initiated shutdown received. [ 619.949958][T16349] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x160/0x190 (fs/xfs/xfs_fsops.c:456). Shutting down filesystem. [ 619.966133][T16349] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 620.086110][ T5247] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 620.260981][ T5324] hid (null): unknown global tag 0xe [ 620.269077][ T5324] elecom 0003:056E:00E6.0077: unknown main item tag 0x7 [ 620.276332][ T5324] elecom 0003:056E:00E6.0077: unknown global tag 0xe [ 620.290302][ T5324] elecom 0003:056E:00E6.0077: item 0 0 1 14 parsing failed [ 620.298089][ T5324] elecom 0003:056E:00E6.0077: probe with driver elecom failed with error -22 [ 620.474606][ T5390] usb 5-1: USB disconnect, device number 36 [ 620.632749][T16378] loop1: detected capacity change from 0 to 32768 [ 620.670277][T16378] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4180 (16378) [ 620.830264][T16378] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 620.833681][T16387] loop5: detected capacity change from 0 to 32768 [ 620.850685][T16378] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 620.859169][T16378] BTRFS info (device loop1): using free-space-tree [ 621.160938][T16387] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 621.240593][T16402] loop2: detected capacity change from 0 to 1024 [ 621.285335][T16402] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 621.577829][ T5966] ocfs2: Unmounting device (7,5) on (node local) [ 621.680242][ T5295] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 621.842393][ T5295] usb 1-1: config 0 has no interfaces? [ 621.863831][ T5295] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 621.905945][ T5295] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.950573][ T5295] usb 1-1: config 0 descriptor?? [ 622.670143][ T29] audit: type=1326 audit(1729363960.448:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 622.693104][ T29] audit: type=1326 audit(1729363960.448:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 622.715964][ T29] audit: type=1326 audit(1729363960.448:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 622.793227][ T29] audit: type=1326 audit(1729363960.448:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 622.920697][T16378] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 622.920994][T16378] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 622.946478][ T5324] usb 1-1: USB disconnect, device number 42 [ 622.989972][ T29] audit: type=1326 audit(1729363960.458:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 623.035935][T16378] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 623.036219][T16378] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 623.124051][T16378] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 623.190619][ T29] audit: type=1326 audit(1729363960.458:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 623.414322][T16446] loop4: detected capacity change from 0 to 1024 [ 623.443601][ T29] audit: type=1326 audit(1729363960.458:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 623.541463][T16446] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 623.694648][ T29] audit: type=1326 audit(1729363960.458:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 623.919892][ T29] audit: type=1326 audit(1729363960.458:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 624.039228][T16452] input: syz0 as /devices/virtual/input/input60 [ 624.071000][T16378] BTRFS error (device loop1): open_ctree failed [ 624.225238][T16458] ubi: mtd0 is already attached to ubi0 [ 624.291936][ T29] audit: type=1326 audit(1729363960.458:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16433 comm="syz.2.4193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6122d7dff9 code=0x7ffc0000 [ 625.154066][T16469] loop0: detected capacity change from 0 to 4096 [ 625.220707][T16469] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 626.153829][T16479] loop5: detected capacity change from 0 to 4096 [ 626.481810][T16456] loop4: detected capacity change from 0 to 40427 [ 626.500176][T16456] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 626.507867][T16456] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 626.601513][T16456] F2FS-fs (loop4): invalid crc value [ 626.869732][T16494] loop0: detected capacity change from 0 to 4096 [ 626.887140][T16494] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 626.967319][T16456] F2FS-fs (loop4): Found nat_bits in checkpoint [ 626.973759][ T1698] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 627.149123][T16456] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 627.158057][ T1698] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 627.169271][ T1698] usb 2-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00 [ 627.189686][T16456] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 627.204421][ T1698] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 627.231662][ T1698] usb 2-1: config 0 descriptor?? [ 627.468892][ T1698] usbhid 2-1:0.0: can't add hid device: -71 [ 627.475152][ T1698] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 627.485269][ T1698] usb 2-1: USB disconnect, device number 37 [ 627.919538][T16504] loop5: detected capacity change from 0 to 4096 [ 628.025209][T16504] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 628.181737][T16512] xt_CT: You must specify a L4 protocol and not use inversions on it [ 628.182292][T16510] netlink: 'syz.2.4227': attribute type 5 has an invalid length. [ 628.392263][T16518] loop1: detected capacity change from 0 to 128 [ 628.439286][T16504] ntfs3(loop5): Failed to load $Extend (-22). [ 628.469339][T16504] ntfs3(loop5): Failed to initialize $Extend. [ 628.541400][T16518] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 628.631576][T16518] ext4 filesystem being mounted at /342/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 629.015282][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.021837][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.071546][T16524] loop0: detected capacity change from 0 to 32768 [ 629.229824][ T5249] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 629.246935][ T5249] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 629.255156][ T5249] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 629.263903][ T5249] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 629.271852][ T5249] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 629.279164][ T5249] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 629.406400][T16524] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4231 (16524) [ 629.443894][T10878] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 629.536223][T16524] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 629.914456][T16527] chnl_net:caif_netlink_parms(): no params data found [ 630.320343][T16524] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 630.329110][T16524] BTRFS info (device loop0): using free-space-tree [ 630.834710][T16551] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4240'. [ 630.891194][T16551] bridge0: port 2(bridge_slave_1) entered disabled state [ 631.121957][T16527] bridge0: port 1(bridge_slave_0) entered blocking state [ 631.139353][T16527] bridge0: port 1(bridge_slave_0) entered disabled state [ 631.152129][T16527] bridge_slave_0: entered allmulticast mode [ 631.159300][T16527] bridge_slave_0: entered promiscuous mode [ 631.420987][T16527] bridge0: port 2(bridge_slave_1) entered blocking state [ 631.428289][T16527] bridge0: port 2(bridge_slave_1) entered disabled state [ 631.446583][T16527] bridge_slave_1: entered allmulticast mode [ 631.471358][T16527] bridge_slave_1: entered promiscuous mode [ 631.579117][ T5249] Bluetooth: hci2: command tx timeout [ 631.609754][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 631.610367][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 631.694237][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 631.711021][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 631.740696][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 631.818985][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 631.911158][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 631.944986][T16527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 631.999958][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 632.000344][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 632.059455][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 632.118632][T16527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 632.201083][T16524] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 632.219119][T16524] BTRFS error (device loop0): open_ctree failed [ 633.178177][T16527] team0: Port device team_slave_0 added [ 633.209599][T16527] team0: Port device team_slave_1 added [ 633.474335][T16527] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 633.513043][T16527] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 633.652053][ T5249] Bluetooth: hci2: command tx timeout [ 633.688911][T16527] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 633.796418][T16527] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 633.804527][T16605] loop1: detected capacity change from 0 to 64 [ 633.846949][T16527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 633.957727][T16605] hfs: request for non-existent node 1280 in B*Tree [ 634.002896][T16605] hfs: request for non-existent node 1280 in B*Tree [ 634.062443][T16605] hfs: request for non-existent node 1280 in B*Tree [ 634.069220][T16527] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 634.120999][T16605] hfs: request for non-existent node 1280 in B*Tree [ 634.437662][T16527] hsr_slave_0: entered promiscuous mode [ 634.517653][T16527] hsr_slave_1: entered promiscuous mode [ 635.732631][T16629] loop2: detected capacity change from 0 to 256 [ 635.742447][ T5249] Bluetooth: hci2: command tx timeout [ 635.839669][T16629] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 636.198179][T16632] loop4: detected capacity change from 0 to 4096 [ 636.244803][T16527] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 636.319334][T16638] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 636.607532][T16642] loop0: detected capacity change from 0 to 256 [ 636.899630][T16527] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.081539][ T5390] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 637.270278][ T5390] usb 6-1: Using ep0 maxpacket: 32 [ 637.276767][T16527] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.338821][ T5390] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 637.378463][ T5390] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 637.450199][ T5390] usb 6-1: Product: syz [ 637.454411][ T5390] usb 6-1: Manufacturer: syz [ 637.518609][ T5390] usb 6-1: SerialNumber: syz [ 637.551037][ T5390] usb 6-1: config 0 descriptor?? [ 637.622726][ T5390] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 637.804636][T16527] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.815634][ T5249] Bluetooth: hci2: command tx timeout [ 637.907240][T16654] netdevsim netdevsim4 netdevsim0: Caught tx_queue_len zero misconfig [ 638.409743][ T5390] gspca_ov534_9: reg_w failed -71 [ 638.482694][T16662] loop4: detected capacity change from 0 to 164 [ 638.517194][T16527] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 638.591722][T16662] isofs: isofs_export_get_parent(): child directory not normalized! [ 638.624976][T16527] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 638.719843][T16527] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 638.727560][ T5390] gspca_ov534_9: Unknown sensor 0000 [ 638.727642][ T5390] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22 [ 638.809715][T16527] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 638.821772][ T5390] usb 6-1: USB disconnect, device number 37 [ 639.908177][T16671] loop2: detected capacity change from 0 to 512 [ 639.991252][T16671] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 640.028945][T16671] EXT4-fs (loop2): orphan cleanup on readonly fs [ 640.056714][T16671] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.4290: bg 0: block 248: padding at end of block bitmap is not set [ 640.168091][T16527] 8021q: adding VLAN 0 to HW filter on device bond0 [ 640.277353][T16671] __quota_error: 1 callbacks suppressed [ 640.277378][T16671] Quota error (device loop2): write_blk: dquota write failed [ 640.330247][T16527] 8021q: adding VLAN 0 to HW filter on device team0 [ 640.340990][T16671] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 640.400788][T16671] EXT4-fs error (device loop2): ext4_acquire_dquot:6877: comm syz.2.4290: Failed to acquire dquot type 1 [ 640.474094][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 640.481294][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 640.511524][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 640.518632][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 640.593738][T16671] EXT4-fs (loop2): 1 truncate cleaned up [ 642.233959][T16527] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 642.792172][T16527] veth0_vlan: entered promiscuous mode [ 642.871162][T16527] veth1_vlan: entered promiscuous mode [ 642.989604][T16719] loop1: detected capacity change from 0 to 512 [ 642.997668][T16527] veth0_macvtap: entered promiscuous mode [ 643.037548][T16527] veth1_macvtap: entered promiscuous mode [ 643.102463][T16719] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 643.119114][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.496729][T16721] loop4: detected capacity change from 0 to 32768 [ 643.510123][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.527140][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.537648][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.547545][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.558750][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.568633][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.580761][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.591377][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.601893][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.611793][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.623005][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.634660][T16527] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 643.644442][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.655631][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.665538][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.676020][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.687255][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.698209][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.708075][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.719288][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.729146][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.739952][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.750596][T16527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.761094][T16527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.772422][T16527] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 643.784092][T16527] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.793957][T16527] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.802748][T16527] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.812332][T16527] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 644.233211][T16719] EXT4-fs (loop1): 1 truncate cleaned up [ 644.239971][T16719] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 644.381762][T16711] loop0: detected capacity change from 0 to 32768 [ 644.562980][T16719] fscrypt (loop1, inode 18): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS [ 644.634633][T16671] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 644.719547][ T2938] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 644.727672][ T2938] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 644.741651][ T5247] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 644.753646][T16721] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 644.767577][T10878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 644.840899][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 644.848771][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 644.878328][T16741] loop5: detected capacity change from 0 to 128 [ 644.991521][T16741] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 645.022222][T16741] ext4 filesystem being mounted at /566/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 645.165809][T16711] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 645.371317][T16750] IPVS: persistence engine module ip_vs_pe_@ not found [ 645.402440][T16760] loop2: detected capacity change from 0 to 512 [ 645.425104][ T5966] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 645.451998][T16711] XFS (loop0): Ending clean mount [ 645.475470][T16760] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 645.589342][ T5230] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 645.592750][T16760] EXT4-fs error (device loop2): ext4_orphan_get:1388: inode #17: comm syz.2.4320: iget: bad i_size value: -6917529027641081756 [ 645.623440][T16760] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.4320: couldn't read orphan inode 17 (err -117) [ 645.678233][T16721] XFS (loop4): Ending clean mount [ 645.704149][T16760] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 645.726530][T16721] XFS (loop4): Quotacheck needed: Please wait. [ 645.809730][T16721] XFS (loop4): Quotacheck: Done. [ 646.091627][T16774] ax25_connect(): syz.0.4323 uses autobind, please contact jreuter@yaina.de [ 646.158318][T15618] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 646.185646][ T5247] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 646.310635][ T5295] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 646.406625][T16780] loop4: detected capacity change from 0 to 512 [ 646.464570][T16780] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 646.473279][ T5295] usb 6-1: Using ep0 maxpacket: 32 [ 646.480419][ T2938] bridge_slave_1: left allmulticast mode [ 646.487202][ T5295] usb 6-1: config 0 has an invalid interface number: 126 but max is 0 [ 646.494300][T16780] EXT4-fs (loop4): orphan cleanup on readonly fs [ 646.508166][ T2938] bridge_slave_1: left promiscuous mode [ 646.514121][ T5295] usb 6-1: config 0 has no interface number 0 [ 646.529381][ T2938] bridge0: port 2(bridge_slave_1) entered disabled state [ 646.537331][ T5295] usb 6-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 646.541651][T16780] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.4328: bg 0: block 248: padding at end of block bitmap is not set [ 646.587407][ T2938] bridge_slave_0: left allmulticast mode [ 646.591894][T16780] Quota error (device loop4): write_blk: dquota write failed [ 646.610406][T16780] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 646.610489][ T2938] bridge_slave_0: left promiscuous mode [ 646.626810][ T2938] bridge0: port 1(bridge_slave_0) entered disabled state [ 646.628909][ T5295] usb 6-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 646.670196][ T5295] usb 6-1: config 0 interface 126 has no altsetting 0 [ 646.671418][T16785] loop0: detected capacity change from 0 to 512 [ 646.684759][T16780] EXT4-fs error (device loop4): ext4_acquire_dquot:6877: comm syz.4.4328: Failed to acquire dquot type 1 [ 646.727521][T16785] EXT4-fs (loop0): blocks per group (71) and clusters per group (20800) inconsistent [ 646.821501][T16780] EXT4-fs (loop4): 1 truncate cleaned up [ 646.848524][T16770] loop3: detected capacity change from 0 to 32768 [ 646.873494][T16780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 646.885131][T16770] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4324 (16770) [ 646.926136][T16780] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 646.973750][ T5295] usb 6-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 646.982999][ T5295] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.991194][ T5295] usb 6-1: Product: syz [ 646.995430][ T5295] usb 6-1: Manufacturer: syz [ 646.998173][T16770] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 647.000044][ T5295] usb 6-1: SerialNumber: syz [ 647.016448][T16770] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 647.017106][ T5295] usb 6-1: config 0 descriptor?? [ 647.027010][T16770] BTRFS info (device loop3): using free-space-tree [ 647.075232][T16775] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 647.083023][T16775] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 647.083525][T16780] EXT4-fs error (device loop4): __ext4_remount:6522: comm syz.4.4328: Abort forced by user [ 647.119315][T16780] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 647.258209][T16780] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 647.306923][T16780] ext4 filesystem being remounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 647.375606][T16780] Quota error (device loop4): write_blk: dquota write failed [ 647.403738][T16780] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 647.428406][ T29] audit: type=1800 audit(1729363985.248:156): pid=16770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4324" name="bus" dev="loop3" ino=263 res=0 errno=0 [ 647.449200][T16780] EXT4-fs error (device loop4): ext4_acquire_dquot:6877: comm syz.4.4328: Failed to acquire dquot type 1 [ 647.586318][T16780] Quota error (device loop4): write_blk: dquota write failed [ 647.592201][T16808] loop1: detected capacity change from 0 to 1024 [ 647.600258][T16780] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 647.611534][T16780] EXT4-fs error (device loop4): ext4_acquire_dquot:6877: comm syz.4.4328: Failed to acquire dquot type 1 [ 647.615755][ T5295] ir_usb 6-1:0.126: IR Dongle converter detected [ 647.633227][T16808] EXT4-fs: Ignoring removed nobh option [ 647.644191][T16808] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 647.659897][T16808] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.4333: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 647.705351][T16808] EXT4-fs error (device loop1): ext4_orphan_get:1391: comm syz.1.4333: couldn't read orphan inode 11 (err -117) [ 647.742331][T16527] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 647.752800][T15618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 647.772324][T16808] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 647.807762][ T2950] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 647.817358][ T2950] EXT4-fs error (device loop4): ext4_release_dquot:6900: comm kworker/u8:8: Failed to release dquot type 1 [ 647.837017][ T5295] usb 6-1: IR Dongle converter now attached to ttyUSB0 [ 648.128267][T16808] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm syz.1.4333: Invalid block bitmap block 0 in block_group 0 [ 648.288063][T16811] loop4: detected capacity change from 0 to 32768 [ 648.335583][ T1698] usb 6-1: USB disconnect, device number 38 [ 648.414661][ T1698] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0 [ 648.467635][ T1698] ir_usb 6-1:0.126: device disconnected [ 648.482075][T16811] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 648.496319][T16808] Quota error (device loop1): write_blk: dquota write failed [ 648.530453][T16808] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 648.555568][T16808] EXT4-fs error (device loop1): ext4_acquire_dquot:6877: comm syz.1.4333: Failed to acquire dquot type 0 [ 648.642453][T10878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 648.712227][ T2938] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 648.718272][T16811] XFS (loop4): Ending clean mount [ 648.722098][ T5309] EXT4-fs error (device loop1): ext4_release_dquot:6900: comm kworker/u8:9: Failed to release dquot type 0 [ 648.777569][ T2938] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 648.891879][ T2938] bond0 (unregistering): Released all slaves [ 648.920897][ T2938] bond1 (unregistering): Released all slaves [ 649.012871][T16828] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4338'. [ 649.080943][T15618] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 649.092435][T16783] netlink: 188 bytes leftover after parsing attributes in process `syz.2.4327'. [ 649.342544][ T2938] tipc: Disabling bearer [ 649.589805][ T2938] tipc: Left network mode [ 649.680528][T16845] loop4: detected capacity change from 0 to 64 [ 649.829613][T16845] Trying to free block not in datazone [ 650.437177][T16867] loop5: detected capacity change from 0 to 1024 [ 650.501186][T16868] loop0: detected capacity change from 0 to 256 [ 650.564177][T16868] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 650.587686][T16868] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 650.847103][T16872] loop4: detected capacity change from 0 to 4096 [ 650.863214][ T2921] hfsplus: b-tree write err: -5, ino 4 [ 650.897895][T16872] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 651.011134][ T2938] hsr_slave_0: left promiscuous mode [ 651.131276][ T2938] hsr_slave_1: left promiscuous mode [ 651.259177][T16853] loop1: detected capacity change from 0 to 32768 [ 651.271261][T16853] XFS: ikeep mount option is deprecated. [ 651.326358][ T2938] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 651.395736][T16853] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 651.420192][ T2938] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 651.434489][T16856] loop3: detected capacity change from 0 to 32768 [ 651.453399][ T2938] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 651.490234][ T2938] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 651.579776][T16853] XFS (loop1): Ending clean mount [ 651.595548][T16853] XFS (loop1): Quotacheck needed: Please wait. [ 651.672652][T16853] XFS (loop1): Quotacheck: Done. [ 651.693732][T16853] XFS (loop1): User initiated shutdown received. [ 651.701849][T16853] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x160/0x190 (fs/xfs/xfs_fsops.c:456). Shutting down filesystem. [ 651.717912][T16853] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 651.729127][ T2938] veth1_macvtap: left promiscuous mode [ 651.749517][T16856] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 651.773951][ T2938] veth0_macvtap: left promiscuous mode [ 651.779535][ T2938] veth1_vlan: left promiscuous mode [ 651.801102][ T2938] veth0_vlan: left promiscuous mode [ 651.998236][T16874] loop2: detected capacity change from 0 to 40427 [ 652.012343][ T1698] usb 5-1: new low-speed USB device number 37 using dummy_hcd [ 652.035208][T10878] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 652.063053][T16874] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff [ 652.079631][T16874] F2FS-fs (loop2): heap/no_heap options were deprecated [ 652.086791][T16874] F2FS-fs (loop2): Image doesn't support compression [ 652.109845][T16874] F2FS-fs (loop2): invalid crc value [ 652.172493][ T1698] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 652.183081][ T1698] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 652.214219][ T1698] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 652.243096][ T1698] usb 5-1: language id specifier not provided by device, defaulting to English [ 652.290330][T16874] F2FS-fs (loop2): Found nat_bits in checkpoint [ 652.383448][T16903] loop0: detected capacity change from 0 to 4096 [ 652.502585][T16874] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 652.528848][ T1698] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 652.540277][ T1698] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 652.564138][T16874] F2FS-fs (loop2): inject alloc nid in f2fs_alloc_nid of f2fs_get_dnode_of_data+0x425/0x2110 [ 652.606122][T16856] XFS (loop3): Ending clean mount [ 652.631884][T16856] XFS (loop3): Quotacheck needed: Please wait. [ 652.719254][ T5247] syz-executor: attempt to access beyond end of device [ 652.719254][ T5247] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 652.743296][ T5247] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 652.756283][T16856] XFS (loop3): Quotacheck: Done. [ 652.780255][ T5247] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 652.985948][T16527] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 653.309667][ T1698] usb 5-1: 0:2 : does not exist [ 653.605030][T12549] usb 5-1: USB disconnect, device number 37 [ 653.830488][T16928] loop3: detected capacity change from 0 to 1024 [ 654.116726][ T52] hfsplus: b-tree write err: -5, ino 4 [ 654.424706][ T2938] team0 (unregistering): Port device team_slave_1 removed [ 654.601039][ T1698] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 654.643341][ T2938] team0 (unregistering): Port device team_slave_0 removed [ 654.658043][T16920] loop5: detected capacity change from 0 to 32768 [ 654.696593][T16920] XFS: ikeep mount option is deprecated. [ 654.720331][T16920] XFS: noikeep mount option is deprecated. [ 654.723048][T16939] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 654.781165][ T1698] usb 4-1: Using ep0 maxpacket: 16 [ 654.792208][ T1698] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 654.804263][ T1698] usb 4-1: config 0 has no interface number 0 [ 654.817053][T16920] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 654.822582][ T1698] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 654.840147][ T1698] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 654.848720][ T1698] usb 4-1: Product: syz [ 654.854230][ T1698] usb 4-1: Manufacturer: syz [ 654.857424][T16922] loop0: detected capacity change from 0 to 32768 [ 654.858921][ T1698] usb 4-1: SerialNumber: syz [ 654.873997][ T1698] usb 4-1: config 0 descriptor?? [ 654.885579][ T1698] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 655.024654][T16950] loop4: detected capacity change from 0 to 256 [ 655.080692][T16920] XFS (loop5): Ending clean mount [ 655.103543][T16920] XFS (loop5): Quotacheck needed: Please wait. [ 655.223367][T16920] XFS (loop5): Quotacheck: Done. [ 655.423671][ T5966] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 655.749423][ T1698] gspca_spca1528: reg_w err -71 [ 655.781768][ T1698] spca1528 4-1:0.1: probe with driver spca1528 failed with error -71 [ 655.831013][ T1698] usb 4-1: USB disconnect, device number 43 [ 655.936161][T16957] loop4: detected capacity change from 0 to 1024 [ 656.012660][T16957] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c118, mo2=0002] [ 656.045284][T16957] System zones: 0-1, 3-12 [ 656.051793][T16957] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 656.247986][T15618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 656.763021][T16972] syzkaller0: tun_chr_ioctl cmd 2147767520 [ 656.929574][T16981] loop1: detected capacity change from 0 to 512 [ 657.001947][T16981] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 657.053641][T16968] loop5: detected capacity change from 0 to 32768 [ 657.061727][T16981] ext4 filesystem being mounted at /370/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 657.192811][T10878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 657.204775][T16968] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 657.522905][T17005] loop4: detected capacity change from 0 to 256 [ 657.644821][T17005] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 657.691202][T16968] XFS (loop5): Ending clean mount [ 657.850321][T12549] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 657.958774][ T2938] IPVS: stop unused estimator thread 0... [ 657.971065][ T5966] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 658.010326][T12549] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4 [ 658.036943][T12549] usb 4-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0 [ 658.090182][T12549] usb 4-1: Manufacturer: syz [ 658.154474][T12549] usb 4-1: config 0 descriptor?? [ 658.494411][T17025] loop0: detected capacity change from 0 to 256 [ 658.521385][T17025] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 658.651437][T12549] gs_usb 4-1:0.0: Configuring for 1 interfaces [ 658.882801][T17039] loop2: detected capacity change from 0 to 4096 [ 658.913188][T12549] gs_usb 4-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 658.964215][T12549] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -22 [ 659.114944][T12549] usb 4-1: USB disconnect, device number 44 [ 659.306656][T17047] loop5: detected capacity change from 0 to 64 [ 659.902119][T17067] loop3: detected capacity change from 0 to 128 [ 660.397981][T17079] loop2: detected capacity change from 0 to 1024 [ 660.537331][T17087] CUSE: unknown device info "" [ 660.542372][T17087] CUSE: unknown device info "" [ 660.547347][T17087] CUSE: zero length info key specified [ 660.783505][T17091] nbd: nbd0 already in use [ 660.819600][T17095] loop1: detected capacity change from 0 to 128 [ 660.829972][T17093] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4444'. [ 660.851128][T17093] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 661.054019][T17102] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 661.507794][T17109] loop3: detected capacity change from 0 to 4096 [ 661.549712][T17109] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 661.646613][T17125] loop1: detected capacity change from 0 to 2048 [ 661.681070][T17128] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 661.764445][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 661.764471][ T29] audit: type=1800 audit(1729363999.598:169): pid=17109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4451" name="file1" dev="loop3" ino=30 res=0 errno=0 [ 661.953811][T17128] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 661.963366][T17135] loop2: detected capacity change from 0 to 256 [ 662.002012][T17135] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 662.010156][T17128] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 662.087261][T17128] Remounting filesystem read-only [ 662.137989][T17134] loop5: detected capacity change from 0 to 4096 [ 662.198830][T17134] NILFS (loop5): invalid segment: Checksum error in segment payload [ 662.207745][T17134] NILFS (loop5): trying rollback from an earlier position [ 662.345118][T17134] NILFS (loop5): recovery complete [ 662.394409][ T2938] wlan0: Trigger new scan to find an IBSS to join [ 662.460310][T17146] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 662.548755][T17145] loop4: detected capacity change from 0 to 4096 [ 662.690566][T17145] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 662.914232][T17150] loop2: detected capacity change from 0 to 4096 [ 663.022109][T17145] ntfs3(loop4): failed to convert "c46c" to macturkish [ 663.176808][T17165] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 663.205275][T17164] binder: 17163:17164 ioctl 40046205 0 returned -22 [ 663.237284][T17150] ntfs3(loop2): ino=0, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record [ 663.261621][T17164] binder: 17163:17164 ioctl c0306201 20000040 returned -11 [ 663.478287][T12549] kernel write not supported for file /snd/seq (pid: 12549 comm: kworker/0:0) [ 663.891712][T17180] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 663.926456][T17180] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 663.933286][T17139] loop0: detected capacity change from 0 to 32768 [ 663.987898][T17139] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4464 (17139) [ 664.002419][T17186] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4486'. [ 664.014451][T17186] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4486'. [ 664.028087][T17180] Error parsing options; rc = [-22] [ 664.057704][T17139] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 664.081574][T17139] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 664.090445][T17139] BTRFS info (device loop0): using free-space-tree [ 664.480977][T17185] loop3: detected capacity change from 0 to 32768 [ 664.540676][T17208] binder: 17202:17208 ioctl c0046209 0 returned -22 [ 664.571100][ T29] audit: type=1800 audit(1729364002.378:170): pid=17185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4484" name="bus" dev="loop3" ino=7 res=0 errno=0 [ 664.710930][T17214] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(6) [ 664.717508][T17214] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 664.744120][T17220] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(9) [ 664.750682][T17220] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 664.795217][ T29] audit: type=1800 audit(1729364002.598:171): pid=17139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4464" name="bus" dev="loop0" ino=263 res=0 errno=0 [ 664.866249][T17215] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 664.872826][T17215] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 664.895953][T17214] vhci_hcd vhci_hcd.0: Device attached [ 664.929756][T17220] vhci_hcd vhci_hcd.0: Device attached [ 665.002779][T17224] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 665.009430][T17224] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 665.090363][ T5390] vhci_hcd: vhci_device speed not set [ 665.148829][T17233] loop4: detected capacity change from 0 to 1024 [ 665.154972][T17224] vhci_hcd vhci_hcd.0: Device attached [ 665.156679][ T5390] usb 11-2: new full-speed USB device number 2 using vhci_hcd [ 665.180306][T17215] vhci_hcd vhci_hcd.0: Device attached [ 665.197987][ T5230] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 665.253376][T17229] vhci_hcd: connection closed [ 665.253483][T17221] vhci_hcd: connection closed [ 665.261448][ T179] vhci_hcd: stop threads [ 665.279774][T17216] vhci_hcd: connection closed [ 665.290984][T17218] vhci_hcd: connection reset by peer [ 665.301148][ T179] vhci_hcd: release socket [ 665.312886][ T179] vhci_hcd: disconnect device [ 665.336710][ T179] vhci_hcd: stop threads [ 665.384960][ T179] vhci_hcd: release socket [ 665.407223][ T179] vhci_hcd: disconnect device [ 665.424638][ T179] vhci_hcd: stop threads [ 665.439289][ T179] vhci_hcd: release socket [ 665.450832][ T179] vhci_hcd: disconnect device [ 665.474108][ T179] vhci_hcd: stop threads [ 665.480139][ T179] vhci_hcd: release socket [ 665.485797][ T179] vhci_hcd: disconnect device [ 665.509094][T17235] loop2: detected capacity change from 0 to 4096 [ 665.517012][T17235] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 665.770269][ T29] audit: type=1800 audit(1729364003.568:172): pid=17235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4495" name="file1" dev="loop2" ino=30 res=0 errno=0 [ 665.785149][T17204] loop5: detected capacity change from 0 to 32768 [ 666.122660][T17248] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 666.443486][T17268] loop1: detected capacity change from 0 to 128 [ 666.454718][T17204] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 666.478781][T17268] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 666.510254][T17274] binder: 17272:17274 ioctl c0306201 20000480 returned -22 [ 666.611122][T17268] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 666.650301][ T29] audit: type=1800 audit(1729364004.478:173): pid=17268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4510" name="bus" dev="loop1" ino=105 res=0 errno=0 [ 666.781993][T17204] XFS (loop5): Ending clean mount [ 667.050709][ T5966] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 667.420667][ T64] wlan0: Trigger new scan to find an IBSS to join [ 667.576162][T17290] loop1: detected capacity change from 0 to 4096 [ 667.978940][T17306] loop4: detected capacity change from 0 to 2048 [ 668.110948][T17290] ntfs3(loop1): ino=0, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record [ 668.172067][T17306] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 668.295107][T17308] loop5: detected capacity change from 0 to 1024 [ 668.360591][T15618] UDF-fs: warning (device loop4): udf_evict_inode: Inode 1367 (mode 100000) has inode size 4 different from extent length 512. Filesystem need not be standards compliant. [ 668.416669][T17269] loop2: detected capacity change from 0 to 40427 [ 668.434305][T17255] loop0: detected capacity change from 0 to 32768 [ 668.479851][T17255] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4502 (17255) [ 668.501267][T17269] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 668.517921][ T11] wlan0: Creating new IBSS network, BSSID 72:1a:32:6d:69:63 [ 668.520130][T17269] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 668.535682][ T52] hfsplus: b-tree write err: -5, ino 4 [ 668.621657][T17269] F2FS-fs (loop2): build fault injection attr: rate: 18446, type: 0x1fffff [ 668.636612][T17312] netlink: 1036 bytes leftover after parsing attributes in process `syz.1.4529'. [ 668.648040][T17255] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 668.724002][T17312] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 668.874400][T17255] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 668.890167][T17255] BTRFS info (device loop0): using free-space-tree [ 668.897185][T17269] F2FS-fs (loop2): invalid crc value [ 668.912436][T17269] F2FS-fs (loop2): Found nat_bits in checkpoint [ 669.047642][T17330] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 669.154721][T17269] F2FS-fs (loop2): Start checkpoint disabled! [ 669.211222][T17269] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 669.250220][T17269] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 669.405214][ T5230] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 669.697827][T17355] loop3: detected capacity change from 0 to 512 [ 669.733632][ T5309] kworker/u8:9: attempt to access beyond end of device [ 669.733632][ T5309] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 669.761804][ T5309] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 669.833744][ T5309] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 669.870132][T17355] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.4542: corrupted in-inode xattr: invalid ea_ino [ 669.972368][T17355] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.4542: couldn't read orphan inode 15 (err -117) [ 670.084697][T17355] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 670.310309][ T5390] vhci_hcd: vhci_device speed not set [ 670.494218][ T4680] udevd[4680]: worker [5429] terminated by signal 33 (Unknown signal 33) [ 670.515110][ T4680] udevd[4680]: worker [5429] failed while handling '/devices/virtual/block/loop0' [ 670.548274][ T1698] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 670.557491][T17355] EXT4-fs: Can't set or change test_dummy_encryption on remount [ 670.722284][T16527] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 670.785640][ T1698] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 670.798154][ T1698] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 670.827081][T17383] loop4: detected capacity change from 0 to 16 [ 670.844483][T17383] erofs: (device loop4): mounted with root inode @ nid 36. [ 670.860623][ T1698] usb 1-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00 [ 670.892195][ T1698] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.051253][ T1698] usb 1-1: config 0 descriptor?? [ 671.583204][ T1698] uclogic 0003:5543:0042.0078: No inputs registered, leaving [ 671.620713][ T1698] uclogic 0003:5543:0042.0078: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.0-1/input0 [ 671.732233][T17400] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4561'. [ 671.750846][T17393] loop4: detected capacity change from 0 to 32768 [ 671.879240][ T29] audit: type=1800 audit(1729364009.708:174): pid=17393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4556" name="bus" dev="loop4" ino=7 res=0 errno=0 [ 671.943768][ T5324] usb 1-1: USB disconnect, device number 43 [ 672.011180][T17405] loop5: detected capacity change from 0 to 2048 [ 672.075392][ T5295] usb usb12-port1: attempt power cycle [ 672.087501][T17409] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 672.160710][T17412] loop3: detected capacity change from 0 to 128 [ 672.278513][T17412] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 672.363380][T17412] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 672.423135][T17409] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 672.451068][ T5390] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 672.470616][T17409] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4) [ 672.488911][T17422] loop2: detected capacity change from 0 to 1024 [ 672.542418][T17409] Remounting filesystem read-only [ 672.551743][ T5966] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer [ 672.615344][ T5390] usb 2-1: Using ep0 maxpacket: 16 [ 672.635704][T16527] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 672.654644][ T5390] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 672.669950][T17422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 672.683330][ T5295] usb usb12-port1: unable to enumerate USB device [ 672.700236][ T5390] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 672.760986][ T5390] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 672.774721][ T5390] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 672.830774][T17428] tun0: tun_chr_ioctl cmd 1074025675 [ 672.836113][T17428] tun0: persist disabled [ 672.845421][ T5390] usb 2-1: config 0 descriptor?? [ 672.869998][T17422] EXT4-fs error (device loop2): ext4_get_first_dir_block:3554: inode #11: comm syz.2.4570: directory missing '..' [ 672.969810][ T5247] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 673.327845][ T5390] savu 0003:1E7D:2D5A.0079: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 673.374819][T17445] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4576'. [ 673.574079][ T5390] usb 2-1: USB disconnect, device number 38 [ 673.740411][T17461] loop2: detected capacity change from 0 to 128 [ 673.762822][T17461] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 673.780699][ T5324] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 673.795538][T17461] ext4 filesystem being mounted at /810/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 673.942838][ T5324] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 673.965036][ T5324] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 673.977247][T17461] ------------[ cut here ]------------ [ 673.982731][T17461] Looking for class "&ei->i_data_sem" with key __key.0, but found a different class "&ei->i_data_sem" with the same key [ 673.989807][ T5324] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 673.995369][T17461] WARNING: CPU: 1 PID: 17461 at kernel/locking/lockdep.c:936 look_up_lock_class+0x140/0x150 [ 673.995453][T17461] Modules linked in: [ 673.995473][T17461] CPU: 1 UID: 0 PID: 17461 Comm: syz.2.4585 Not tainted 6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0 [ 673.995523][T17461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 673.995548][T17461] RIP: 0010:look_up_lock_class+0x140/0x150 [ 673.995614][T17461] Code: c7 c7 60 cf 6c 8b e8 0f 0d 2e f6 90 0f 0b 90 90 90 31 db eb be c6 05 06 c0 27 05 01 90 48 c7 c7 40 d2 6c 8b e8 f1 0c 2e f6 90 <0f> 0b 90 90 e9 58 ff ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90 [ 673.995655][T17461] RSP: 0018:ffffc90017cdf850 EFLAGS: 00010086 [ 673.995689][T17461] RAX: 0000000000000000 RBX: ffffffff96ef0f40 RCX: ffffc90009b5b000 [ 673.995719][T17461] RDX: 0000000000040000 RSI: ffffffff814e71b6 RDI: 0000000000000001 [ 673.995747][T17461] RBP: ffffffff9a8ef2c1 R08: 0000000000000001 R09: 0000000000000000 [ 673.995776][T17461] R10: 0000000000000000 R11: 20676e696b6f6f4c R12: ffff8880283cef80 [ 674.102800][T17461] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff9a820820 [ 674.110797][T17461] FS: 00007f6123b306c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 674.119753][T17461] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 674.126362][T17461] CR2: 0000001b32bf6ff8 CR3: 000000002ebc8000 CR4: 0000000000350ef0 [ 674.134366][T17461] Call Trace: [ 674.137654][T17461] [ 674.140599][T17461] ? __warn+0xea/0x3d0 [ 674.144717][T17461] ? look_up_lock_class+0x140/0x150 [ 674.149959][T17461] ? report_bug+0x3c0/0x580 [ 674.154511][T17461] ? handle_bug+0x54/0xa0 [ 674.158863][T17461] ? exc_invalid_op+0x17/0x50 [ 674.163559][T17461] ? asm_exc_invalid_op+0x1a/0x20 [ 674.168626][T17461] ? __warn_printk+0x1a6/0x350 [ 674.173429][T17461] ? look_up_lock_class+0x140/0x150 [ 674.178674][T17461] ? __pfx_mark_lock+0x10/0x10 [ 674.183464][T17461] register_lock_class+0xb1/0x1240 [ 674.188604][T17461] ? __pfx___might_resched+0x10/0x10 [ 674.193927][T17461] ? __pfx_register_lock_class+0x10/0x10 [ 674.199592][T17461] ? truncate_inode_pages_range+0x622/0xe80 [ 674.205534][T17461] __lock_acquire+0x135/0x3ce0 [ 674.210338][T17461] ? __pfx___lock_acquire+0x10/0x10 [ 674.215572][T17461] lock_acquire.part.0+0x11b/0x380 [ 674.220708][T17461] ? ext4_double_down_write_data_sem+0x67/0x80 [ 674.226928][T17461] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 674.232598][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.238259][T17461] ? rcu_is_watching+0x12/0xc0 [ 674.243063][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.248719][T17461] ? trace_lock_acquire+0x14a/0x1d0 [ 674.253957][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.259613][T17461] ? ext4_double_down_write_data_sem+0x67/0x80 [ 674.265801][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.271460][T17461] ? lock_acquire+0x2f/0xb0 [ 674.275987][T17461] ? ext4_double_down_write_data_sem+0x67/0x80 [ 674.282176][T17461] down_write_nested+0x97/0x210 [ 674.287062][T17461] ? ext4_double_down_write_data_sem+0x67/0x80 [ 674.293250][T17461] ? __pfx_down_write_nested+0x10/0x10 [ 674.298747][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.304408][T17461] ? ext4_journal_check_start+0x1b4/0x2b0 [ 674.310160][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.315820][T17461] ext4_double_down_write_data_sem+0x67/0x80 [ 674.321834][T17461] __ext4_ioctl+0x2a01/0x4630 [ 674.326550][T17461] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 674.332576][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.338236][T17461] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 674.344181][T17461] ? __pfx___ext4_ioctl+0x10/0x10 [ 674.349243][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.354898][T17461] ? do_vfs_ioctl+0x513/0x1990 [ 674.359695][T17461] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 674.364754][T17461] ? vfs_write+0x14d/0x1140 [ 674.369309][T17461] ? trace_lock_acquire+0x14a/0x1d0 [ 674.374559][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.380218][T17461] ? __fget_files+0x244/0x3f0 [ 674.384938][T17461] ? __pfx_ext4_ioctl+0x10/0x10 [ 674.389824][T17461] __x64_sys_ioctl+0x192/0x220 [ 674.394624][T17461] do_syscall_64+0xcd/0x250 [ 674.399188][T17461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.405128][T17461] RIP: 0033:0x7f6122d7dff9 [ 674.409563][T17461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 674.429217][T17461] RSP: 002b:00007f6123b30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 674.437666][T17461] RAX: ffffffffffffffda RBX: 00007f6122f35f80 RCX: 00007f6122d7dff9 [ 674.445659][T17461] RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004 [ 674.453652][T17461] RBP: 00007f6122df0296 R08: 0000000000000000 R09: 0000000000000000 [ 674.461645][T17461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 674.469635][T17461] R13: 0000000000000000 R14: 00007f6122f35f80 R15: 00007ffd22afe688 [ 674.477637][T17461] [ 674.480672][T17461] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 674.487968][T17461] CPU: 1 UID: 0 PID: 17461 Comm: syz.2.4585 Not tainted 6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0 [ 674.498759][T17461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 674.508837][T17461] Call Trace: [ 674.512129][T17461] [ 674.515086][T17461] dump_stack_lvl+0x3d/0x1f0 [ 674.519705][T17461] panic+0x71d/0x800 [ 674.523646][T17461] ? __pfx_panic+0x10/0x10 [ 674.528110][T17461] ? show_trace_log_lvl+0x29d/0x3d0 [ 674.533349][T17461] ? look_up_lock_class+0x140/0x150 [ 674.538590][T17461] check_panic_on_warn+0xab/0xb0 [ 674.543576][T17461] __warn+0xf6/0x3d0 [ 674.547518][T17461] ? look_up_lock_class+0x140/0x150 [ 674.552763][T17461] report_bug+0x3c0/0x580 [ 674.557142][T17461] handle_bug+0x54/0xa0 [ 674.561332][T17461] exc_invalid_op+0x17/0x50 [ 674.565862][T17461] asm_exc_invalid_op+0x1a/0x20 [ 674.570755][T17461] RIP: 0010:look_up_lock_class+0x140/0x150 [ 674.576610][T17461] Code: c7 c7 60 cf 6c 8b e8 0f 0d 2e f6 90 0f 0b 90 90 90 31 db eb be c6 05 06 c0 27 05 01 90 48 c7 c7 40 d2 6c 8b e8 f1 0c 2e f6 90 <0f> 0b 90 90 e9 58 ff ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90 [ 674.596249][T17461] RSP: 0018:ffffc90017cdf850 EFLAGS: 00010086 [ 674.602345][T17461] RAX: 0000000000000000 RBX: ffffffff96ef0f40 RCX: ffffc90009b5b000 [ 674.610340][T17461] RDX: 0000000000040000 RSI: ffffffff814e71b6 RDI: 0000000000000001 [ 674.618329][T17461] RBP: ffffffff9a8ef2c1 R08: 0000000000000001 R09: 0000000000000000 [ 674.626320][T17461] R10: 0000000000000000 R11: 20676e696b6f6f4c R12: ffff8880283cef80 [ 674.634312][T17461] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff9a820820 [ 674.642312][T17461] ? __warn_printk+0x1a6/0x350 [ 674.647124][T17461] ? __pfx_mark_lock+0x10/0x10 [ 674.651911][T17461] register_lock_class+0xb1/0x1240 [ 674.657050][T17461] ? __pfx___might_resched+0x10/0x10 [ 674.662377][T17461] ? __pfx_register_lock_class+0x10/0x10 [ 674.668033][T17461] ? truncate_inode_pages_range+0x622/0xe80 [ 674.673974][T17461] __lock_acquire+0x135/0x3ce0 [ 674.678771][T17461] ? __pfx___lock_acquire+0x10/0x10 [ 674.684001][T17461] lock_acquire.part.0+0x11b/0x380 [ 674.689154][T17461] ? ext4_double_down_write_data_sem+0x67/0x80 [ 674.695346][T17461] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 674.701007][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.706671][T17461] ? rcu_is_watching+0x12/0xc0 [ 674.711471][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.717127][T17461] ? trace_lock_acquire+0x14a/0x1d0 [ 674.722364][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.728022][T17461] ? ext4_double_down_write_data_sem+0x67/0x80 [ 674.734213][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.739871][T17461] ? lock_acquire+0x2f/0xb0 [ 674.744397][T17461] ? ext4_double_down_write_data_sem+0x67/0x80 [ 674.750585][T17461] down_write_nested+0x97/0x210 [ 674.755467][T17461] ? ext4_double_down_write_data_sem+0x67/0x80 [ 674.761652][T17461] ? __pfx_down_write_nested+0x10/0x10 [ 674.767143][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.772800][T17461] ? ext4_journal_check_start+0x1b4/0x2b0 [ 674.778546][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.784207][T17461] ext4_double_down_write_data_sem+0x67/0x80 [ 674.790224][T17461] __ext4_ioctl+0x2a01/0x4630 [ 674.794939][T17461] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 674.800961][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.806623][T17461] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 674.812570][T17461] ? __pfx___ext4_ioctl+0x10/0x10 [ 674.817628][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.823292][T17461] ? do_vfs_ioctl+0x513/0x1990 [ 674.828091][T17461] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 674.833148][T17461] ? vfs_write+0x14d/0x1140 [ 674.837699][T17461] ? trace_lock_acquire+0x14a/0x1d0 [ 674.842943][T17461] ? srso_alias_return_thunk+0x5/0xfbef5 [ 674.848601][T17461] ? __fget_files+0x244/0x3f0 [ 674.853320][T17461] ? __pfx_ext4_ioctl+0x10/0x10 [ 674.858210][T17461] __x64_sys_ioctl+0x192/0x220 [ 674.863006][T17461] do_syscall_64+0xcd/0x250 [ 674.867565][T17461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.873498][T17461] RIP: 0033:0x7f6122d7dff9 [ 674.877930][T17461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 674.897562][T17461] RSP: 002b:00007f6123b30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 674.906005][T17461] RAX: ffffffffffffffda RBX: 00007f6122f35f80 RCX: 00007f6122d7dff9 [ 674.914002][T17461] RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004 [ 674.921994][T17461] RBP: 00007f6122df0296 R08: 0000000000000000 R09: 0000000000000000 [ 674.929982][T17461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 674.937972][T17461] R13: 0000000000000000 R14: 00007f6122f35f80 R15: 00007ffd22afe688 [ 674.945974][T17461] [ 674.949380][T17461] Kernel Offset: disabled [ 674.953706][T17461] Rebooting in 86400 seconds..