last executing test programs: 13.872669241s ago: executing program 5 (id=428): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)={0x4}) epoll_wait(r1, &(0x7f0000000340)=[{}], 0x1, 0x80000000) 13.663596678s ago: executing program 5 (id=432): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x39, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38060cfe}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x5}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7fb}}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x3}]}, 0x0, 0x6, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94) r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0) 13.443166449s ago: executing program 5 (id=435): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="21010000d97aa440b72040155ab7010203010902120001000000000904000000ff"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000a80)={0x34, &(0x7f0000000840)={0x60, 0xa, 0x3, "b6a773"}, 0x0, 0x0, 0x0, 0x0, 0x0}) 11.507740556s ago: executing program 5 (id=453): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='-0'], 0x6) r1 = open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x157) syz_clone3(&(0x7f0000000340)={0x3a0000080, 0x0, 0x0, 0x0, {0xb}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) 10.831943188s ago: executing program 5 (id=461): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 9.943666917s ago: executing program 5 (id=468): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r1, @ANYBLOB="01012abd7000000008002b00000008000300", @ANYRES32=r2, @ANYBLOB="040046000500340076000000080026006c0900007c005180280000800800030001ac0f000500020003000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x80}, 0x2404c084) 4.71139209s ago: executing program 4 (id=496): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303001d0000000000000015000010"], 0x1c}}, 0x0) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="20000000030301"], 0x20}, 0x1, 0x0, 0x0, 0x200060c0}, 0x4) 4.563216622s ago: executing program 1 (id=497): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0x2) syz_emit_ethernet(0x4e, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@ack={0x1e, 0x4, 0x20}]}}}}}}}}, 0x0) 4.462108563s ago: executing program 4 (id=498): syz_open_dev$usbfs(&(0x7f0000000040), 0xfffffffffffffffb, 0x48b01) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]}) socket$netlink(0x10, 0x3, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 4.108037569s ago: executing program 1 (id=502): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000900), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000007c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)={0x30, r1, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan4\x00'}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x30}, 0x1, 0x0, 0x0, 0x8004}, 0x800) 3.531816064s ago: executing program 4 (id=505): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x39, 0x1a, r0, 0x0) fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0) 3.427073808s ago: executing program 4 (id=506): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@bridge_setlink={0x24, 0x13, 0xa29, 0x800000, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x4, 0xc, 0x0, 0x0}]}, 0x24}}, 0x0) 2.869356694s ago: executing program 1 (id=511): sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040), 0xc, 0x0}, 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, 0x0, 0x0) getsockopt$inet_mptcp_buf(r0, 0x11c, 0x3, &(0x7f0000000040)=""/185, &(0x7f0000000140)=0xb9) 2.778681689s ago: executing program 2 (id=512): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x4c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0xe9a8}, @NL80211_ATTR_FRAME={0x1c, 0x33, @data_frame={@msdu=@type10={{}, {}, @from_mac=@broadcast, @device_b}}}]}, 0x4c}}, 0x800) 2.767072887s ago: executing program 4 (id=514): syz_mount_image$ext4(&(0x7f0000000240)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xff, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85) lseek(r0, 0x101, 0x1) getdents64(r0, 0x0, 0x4f) 2.530570252s ago: executing program 3 (id=515): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f000001a240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESHEX=r0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) lstat(&(0x7f0000002840)='./file0\x00', 0x0) 2.520696796s ago: executing program 1 (id=516): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xf4e) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/233, 0xe9}], 0x1) writev(r0, &(0x7f0000000480)=[{&(0x7f0000000380)="ad", 0x1}], 0x1) 2.423876937s ago: executing program 2 (id=517): r0 = socket(0x11, 0x3, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x10000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f00000005c0)={0x2000a210}) 2.284088044s ago: executing program 0 (id=518): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000010000100f5fa1eac000000000000000a20000000000a01040000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000040028000480080002400000000008000140000000051400030076"], 0xe8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000100010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0) 2.190463707s ago: executing program 3 (id=519): sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0, 0x300}, {&(0x7f0000000300)="359cb6", 0x3}], 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c000400"/44, @ANYRES32=0x0], 0x30}], 0x1, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendmmsg$inet(r0, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014) bind$llc(r0, 0x0, 0x0) 2.022647918s ago: executing program 2 (id=520): syz_mount_image$exfat(&(0x7f00000019c0), &(0x7f0000001880)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0x1, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x40) unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0x9}}, 0x20) 1.948435561s ago: executing program 4 (id=521): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x801, 0x0) write$rfkill(r0, &(0x7f00000000c0)={0x0, 0x1, 0x3, 0x6}, 0x8) socket$kcm(0x10, 0x2, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0) 1.917534117s ago: executing program 0 (id=522): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000c00)=ANY=[], 0x5, 0x6e7, &(0x7f0000002a00)="$eJzs3c1vHGcdB/DvrNeON1TBaRMaoSBMIhVEROLESiFcMAihHCpUlUPPVuI0VjZJlbgorRC4gOCExKF/QEHyjQNC4h4ULlzKrVcfKyFxiThEvSya2Vl7d71+jWMn8PlE43meeV7mt888M+NdZzUB/m9dPZfmwxS5eu6NB2V+dWW2vboye6Qubicp042k2V2luJMUj5K5srzoW9K33uCjxStvffp49bNurlkvVf2xrdqNMKLucr1kuu5vemTL8Z3uYrkOLy8luVavB03stK+BiuWgna3XcOg6gxrpLO+m+W7OW+A507s7Fd375gZTydEkk/XvAamvDo2Di3Bffa2X2NVVDgAAAF5Qn9w97AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgxVM9/7+1lm10NyXTKXrP/5/obavTz6G5Hdd8+EzjAAAAAAAAAICD8dUneZIHOdbLd4rqb/5nqsyJfN5JvpD3cj8LuZfzeZD5LGUp93IxyVRfRxMP5peW7l1ca1ka3fLSyJaX9vwSvrnnlgAAAAAAAADwv+OXaa3//R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4HRTLWXVXLiXqdqTSaWS/LcvLPJBOHHe8uFKM2Pjz4OAAAAOCpTO6hzRef5Eke5Fgv3ymq9/xfqt4vT+a93MlSFrOUdhZyvX4PXb7rb6yuzLZXV2Zvl0uZH+z3+//eVRgTdQ9jVW7Unk9VNVq5kcVqy/lcq4K5nkZ332eTU714+uLq82EZU/G92g4ja9bDWu7s95t9irAvBj+KaGxRs7UeXLI2IjN1bGXL490RKKoPapLhkRg+Oht21hzITVVVxtf2dDGNtU9+TjyDMT9ar8vX85tnOuY70T8WayPRSDUSl3qzrzxnth6J5Ot//dPbN9t3bt28cf/c4b6kXRjbZPvwnJjtG4lXX+iRaO6y/kw1EifX8lfzo/wk5zKdN3Mvi/lp5rOUhXTq8vl6Ppc/p7YeqbmB3JvbRTJRH5fuMdtJTNP5YZWaz5mq7bEspsjdXM9CXq/+XcrFfDuXczlX+o7wyU3jrl5bddY3hs/63pH+28jgz36jTpRXt9+uX+XmtnrFm83O/dK99pfjerxvXLuz/vFareN958FM3yi93Bud8ZGd7+Xa2PxynSj38att7hMHa6oeifIE6t0letG90h2JZnUv2jjP/9Ap26V9p9O5Of/uJv0vD+Vfq9fltFr5yna1e0Yfiv1VzpeXM1lfSQZnR1n2ytpVpq+ssz6Xu2WDd9yy3cmqrCh6Z+qPc7eaABvP1In6d7iNPV2qyl4dKjtdX8PLslN9ZQO/b+Vu2rl+AOMHwF784+215FSOTrT+1fqk9XHr162brTcmf3DkO0dOT2T87+Pfbc6MvdY4XfwlH+fn6+//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvbv//ge35tvthXujE43NiwYSrQxv2a7noURRP9BnVJ1b9VMKdtXhIScmkwxsqZ5zdOBhtIbD2JDo/CI58PHpPURwdJ3flYnmjg733MCWP2/s8MPt4xnL0DzcwXnxDBONHOxOxzJ6AhzWFQk4KBeWbr974f77H3xr8fb8OwvvLNwZv3z5ysyVy6/PXrix2F6Y6f487CiBZ2H9pn/YkQAAAAAAAAAAAAA7NeqLAWde2u5LIxsSjSTD3/HwPwsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAfXH1XJoPU+TizPmZMr+6Mtsul156vWYzSaORFD9LikfJXLpLpvq6K/LHR+mM2M9Hi1fe+vTx6mfrfTW79ZNGvd7c1qVJlusl00nG6vVTGOjv2lP3V/yn9xrKAfu80+nMPV18sD/+GwAA//9kyu2N") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 1.669020463s ago: executing program 3 (id=523): getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00'], 0x44}}, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100)) 1.364539992s ago: executing program 1 (id=524): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x3) mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000009, 0x13, r0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x1) 1.337633828s ago: executing program 0 (id=525): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fchdir(0xffffffffffffffff) setsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000003040)=0x80000000, 0x4) 1.249849165s ago: executing program 3 (id=526): r0 = msgget$private(0x0, 0x7ac) msgrcv(r0, 0x0, 0x0, 0x3, 0x2000) msgrcv(r0, 0x0, 0x0, 0x0, 0x2000) msgsnd(r0, &(0x7f0000000240)={0x3}, 0x8, 0x8fa2496c381b7ad5) 1.224219093s ago: executing program 2 (id=527): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000340)='./file0\x00', 0x802, &(0x7f0000000480)=ANY=[], 0x1, 0x2bc, &(0x7f0000000c00)="$eJzs3U1rY2UUAOBz89XoLFJkNorgBV24KlO3bhplBLErJYJuNDgZkCQMdCBgF8ZZzS9w6c8Q/Ad+gBv/geBWcOcsKlfuV5NO06ZqTGH6PKuTnPe899z7lnSVk09fno7vPUji0Z+/RrebROMgDuJJErvRiNpX0QoA4NnxJMvij+zfVLYam+8GANiG8v9/6bp7AQC244OPPn6vf3h49/007caLvcezQRIR08ezQZnv34/PYxKjuBO9OInITpXxO+8e3o1WmtuN16bz2SCvnH7yc7V///eIon4/erG7un4/LZ3WP193l0b/frt+0Yvbq+vfWKpvl9efx6ATr7+61P9e9OKXz+JBTOJe5LWL+i/30/Tt7Ovb5ZXy+qQRg51i3ULW3M6JAAAAAAAAAAAAAAAAAAAAAABwE+ylaVKM71m8VczPmQ2aJ0V+L60tz/eZ1/OBkrqqnA+URTWiZ57FN/V8nTtpmmbVwkV9K15q+WEBAAAAAAAAAAAAAAAAAAAAyD384ng8nExGRxsJ6mkA9df661TzH+5zUATt4p1X4ng8bD614dLinYtTTwfL0wbyXi9dHK1WbOixrAuey/sZfX9r3eIfv13T85lgZ3G4H0YZ1Aez0bt44a1y0+PxMK1S9UMeD5N11+rWB/fdcqoT/7WxrPiTOMnOnmn3tNWzVZ0NPY3OrZWpv7Isu9o+b/5WnlH1TlKM2Lja1dtVsPIG86B7/ix+uHjDCz8ymhv54AEAAAAAAAAAAAAAAAAAAM5ZfOl3RfLRpaWN/60pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiy8vf/f6peTSajo25EDPOgTK0K5tXyy9ZUQSeOHl7j7QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBD/B0AAP//J7NHgQ==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6c0, 0x193) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x6, 0x12, r0, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) 1.040588764s ago: executing program 0 (id=528): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0xffe, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000400eab556a705251e618294fff051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 1.038468527s ago: executing program 1 (id=529): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x3, &(0x7f0000002480)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8) 852.635196ms ago: executing program 2 (id=530): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}) write$sndseq(r0, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x95ffffff]}}], 0xffc8) 671.596122ms ago: executing program 0 (id=531): prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8002, &(0x7f00000000c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9"], 0x1, 0x627b, &(0x7f0000000200)="$eJzs3U9vHGcdB/Df7D//KU2jHqoSIeS2AVpK87eEQIG2Bzj0wgHlihq5bhWRAkoCSquIuMqFAy8ChMQREEdOvIAeuHLjBRApQQJ66qCxn8cZL96s43R31n4+H8md+c0z432m3x3vbmZmnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4q3v//BsFRFv/yItOB7xuehH9CJWmnotIlbWjuf1BxHxbGw1xzMRMVyKqHLjUxGvRsTHxyLu3b+13iw6t89+fO9Pf//dj574wd/+MDz9nz/f6L82ab2bN3/977/cPvj+AgAAQInquq6r9DH/RPp83+u6UwDAXOTX/zrJy9ULV28uWH/UarVafQjrtnpvt9tFRGy2t2neMzgdDwCHzGZ80nUX6JD8izaIiCe67gSw0KquO8BM3Lt/a71K+Vbt14O17fZ8Lciu/Dernfs7Jk2nGb/GZF7PrzvRj6cn9GdlTn1YJDn/3lj+S6l9lKazzn9eJuU/2r71qTg5//748T/m6OTf2zP/UuX8B4+Uf1/+AAAAAACwwPK//x/v+Pzv0uPvyr487Pzv2pz6AAAAAAAAAACftccd/29HZfw/AAAAWFTNZ/XGb449WDbpu9ia5ZeqiCfH1gcKk26WWe26HwAAAAAAAAAAAABQksH2NbyXqohhRDy5ulrXdfPTNl4/qsfd/rArff+hZF3/kQcAgG0fHxu7l7+KWI6IS+m7/oarq6t1vbyyWq/WK0v5/exoableaX2uzdNm2dJoH2+IB6O6+WXLre3apn1entY+/vuaxxrV/X10bD46DBwAImL71eieV6Qjpq6fiq7f5XA4OP6PHsc/+9H18xQAAACYvbqu6yp9nfeJdM6/13WnAIC5yK//4+cF1Gq1Wq1WH726rd7b7XYREZvtbZr3DIbjB4BDZjM+6boLdEj+RRtExLNddwJYaFXXHWAm7t2/tV6lfKv260Ea3z1fC7Ir/81qa7u8/V7TacavMZnX8+tO9OPpCf15Zk59WCQ5/954/m9vt4/SerPOf14m5d/s5/EO+tO1nH9/PP8xRyf/3p75lyrnP3ik/PvyBwAAAACABZb//f/4Qp3/HR10d6Z62PnftZk9KgAAAAAAAADM1r37t9bzfa/5/P8X9ljP/Z9HU86/kn+Rcv7p/v+dC29eHFuv35q/++aD/P91/9b672/88/N5ut/8l/JMlZ5ZVXpGVOmRqkGaHnDHJrgz7I+aRxpWvf4gXfNTD9+NK3E1NuLMrnV76Xh40H52V3vT0+FWe93fbj+3q32w0563P7+rfZiudKpXcvupWI+fxtV4Z6u9aVuasv/LU9rrKe05/77jv0g5/0Hrp8l/NbVXY9PG3Y96/3fct6d7Pc4bV774qzOz352p7kR/Z9/amv17voP+bP0/eWIUP7++ce3Uzcs3blw7G2mya+m5SJPPWM5/mH5y/i++sN2e/+63j9e7H40eOf9FcScGE/N/oTXf7O9Lc+5bF3L+o/ST838nte99/B/m/Ccf/y930B8AAAAAAAAAAAAAAAB4mLqut24RfSMiLqT7f7q6NxMAmK/8+l8nefm86v5Bt//j7v3oqv9q9ZzrasH6M9f603rWj/fWQu2v+kD1fxesPwtXt9V7e71dRMRf29s07xl+udcvAwAW2acR8Y+uO0Fn5F+w/H1/zfRk150B5ur6Bx/++PLVqxvXrnfdEwAAAAAAAADgoPL4n2ut8Z9P1nV9e2y9XeO/vhlrjzv+5yDP7AwwOmGg6v6j79PD9CL6vdZw48/FpPG/hztzDxv/ezDl8YZT2kdT2pemtC9Pad/zRo+WnP9zrfHOT0bEibHh10sY/3V8zPsS5Pyfbz2fm/y/MrZeO//6t4c5/96u/E/feP9np69/8OErV96//N7Gexs/OX/27JnzFy5cvHjx9LtXrm6c2f5vhz2erZx/HvvadaBlyfnnzOVflpz/l1It/7Lk/L+cavmXJeef3+/Jvyw5//zZR/5lyfm/lGr5lyXn/9VUy78sOf+XUy3/suT8v5Zq+Zcl5/9KquVflpz/qVTLvyw5/9Op3mf+K7PuF/OR889nuBz/Zcn55ysb5F+WnP+5VMu/LDn/86mWf1ly/q+mWv5lyfl/PdXyL0vO/0Kq5V+WnP83Ui3/suT8L6Za/mXJ+X8z1fIvS87/W6mWf1ly/q+lWv5lyfl/O9XyL0vO/zupln9Zcv7fTbX8y5Lzfz3V8i/Lg+//N2PGjJk80/VfJgAAAAAAAAAAAABg3DwuJ+56HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7EDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzdW4xcd30H8DN789qBxEBIndQJG8ckIdlk13biC22KCdeGW0lICr1gu961WfANr10CjWpHgRIJo6KKtuGhLSDU5qUiqnigFaA8oFaVKkH7QF8QFSoPURVQQKpKK2CrOef//+/M7OzMrne8OXvO5yMlv+zMmTlnzvxndr92vjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtLr5DbOfbGRZ1mg0igu2ZtlLmnPzxNb8kte+uMcHAAAArN3P83+/cE264OAKbtSyzT/d9K2vLCwsLGTvHf7T0c8uLKQrJrJsdFOW5ddFz3z/fY3WbYInsvHGUMvXQ312P9zn+pE+14/2uX6sz/Wb+lw/3uf6JSdgic1ZI93Zzvw/txanNLs2G82v29nlVk80Ng01z126bdbIb7Mweiyby05ks9l02/bFto18+6/d3NzXW7O4r6GWfW1vrpAfP3Y0HkMjnOOdbftavM/oh6/PJn7y48eO/vW556/vNvuehrb7K47z9h3N4/x4uKQ41ka2KZ2TeJxDLce5vctzMtx2nI38ds3/7jzOF1Z4nMOLh7muOp/z8Wwo/+9v5+dppJF1OU/bw2U/vSXLsouLh925zZJ9ZUPZlrZLhhafn/FiRTbvo7mUXp6NrGqd3ryCddqcMzvb12nnayI+/zeH240scwytT9MPHx9red5/tnA56zRqPurlXiuda3DQr5WyrMG4Lr6dP+gnu67BneHxP3br8muw69rpsgbT425Zgzv6rcGhseH8mNOT0Mhvs7gGd7VtP5zvqZHP527tvQanzp08MzX/0Y/dNXfyyPHZ47On9uzaNb1n7979+/dPHZs7MTtd/Psyz3b5bcmG0mtgRzh38TVwW8e2rUt14QtjS95/L/d1ON7jdbi1Y9tBvw5HOh9cY31ekEvXdPHaeE/zpI9fGsqWeY3lz88da38dpsfd8jocaXkddv2e0uV1OLKC12FzmzN3rOxnlpGWf7odw/LfC9a2Bre2rMHOn0c61+Cgfx4pyxocD+viu3cs/71gezjeJydX+/PI8JI1mB5ueO9pXpJ+3h/fn49u6/KG5hVXjWXn52fP3v3okXPnzu7KwlgXr2hZK53rdUvLY8qWrNehVa/Xg3M3PXlDl8u3hnM1flfzX+PLPlfNbe65u/dzlX93634+2y7dnYUxYOt9Prt9N2+ez7Es+9w3H3/w64997g3Lns9m3vz41Np/Fk+5tOX9d3SZ99+Y+39R7C/d1RPDoyPF63c4nZ3Rtvfj9qdqJH/vauT7fmFqZe/Ho+Gf9X4/vrbH+/G2jm0H/X482vng4vtxo9+fdqxN5/M5HtbJiene78fNbbbtXu2aHOn5fnxLmI1w/l8TkkLKRS1rZ7l1m/Y1MjIaHtdI3EP7Ot3Ttv1oyGbNfT29+/LW6e23FPc1nB7dovVapxMd2w56naY/+1punTb6/enb5el8PsfDurh2T+912tzm2XvW/t65Of5ny3vnWL81ODo81jzm0bQI8/f7bGFzXIN3Z0ez09mJbCa/dixfT418X5P3rmwNjoV/1vu9cluPNXh7x7aDXoPp+9hya68xsvTBD0Dn8zke1sVT9/Zeg81t3rhvsD+73h4uSdu0/Oza+edry/2Z1w0dp+lKrZWRcJzf3Nf7z2ab25zYv9qc2fs83RkuuarLeep8/S73mprJ1uc8bQvH+fz+5c9T83ia23z2wArX08Esyy58+P78z3vD36/83fnvfKXt7126/Z3OhQ/f/6OXHvvH1Rw/ABvfL4qxpfhe1/I3Uyv5+38AAABgQ4i5fyjMRP4HAACAyoi5P/5f4Yn8DwAAAJURc/9ImElN8v+2Nz4/94sLWWrmLwTx+nQaHii2ix3X6fD1xMKi5uX3f2n2v//hwsr2PZRl2c8e+IOu2297IB5XYSIc5zNvar98ia/ctaJ9H374Qtpva3/98+H+4+NZ6TLoVsGdzrLsa9d8Ot/PxPsu5fPZBw7n88GLTz7R3OaFA8XX8fbPvaLY/i9C+ffgsSNtt38unIcfhDn9tu7nI97uy5des33fI4v7i7dr7Lg6f9hPvb+43/h7cj7zRLF9PM/LHf/XP/X0l5vbP/rq7sd/Yaj78T8d7vdLYf7vjcX2rc9B8+t4u0+E44/7i7e7+4vf6Hr8z3yy2P7Mm4vtDocZ9397+Hrnm5+faz1fjzaOtD2u7C3FdnH/09/54/z6eH/x/juPf/zQpbbz0bk+nv234n6mOraPl8f9RH/fsf/m/bSuz7j/p//ocNt57rf/Zx587sbm/Xbu/86O7c58+I58/4v31/4bm/7yE5/uur94PAf/9kzb4zn47vA6Dvt/6v1hPYbr/++Z4v46f7vC4Xe3v//E7T+/9ULb44ne+pNi/8+87ng+N41v3nLVS1569cVXNc9dln17U3F//fZ//K9Otx3/F64rzke8Pnb0O/e/nLj/sx+ZPHV6/vzcTDqrj12T/+6ctxfHE4/3mvDe2vn1odPnPjB7dmJ6YjrLJqr7K/Qu2xfD/FExLvbeemHJO+gdD4fn84Y//9qWW//1U/Hyf39PcfmltxXft257+Lkbxx7Jss+Ey7eG5291+1/qqZuvy1/fjWfDES4s/X3Ba7F953/tX9GG4fF3/lwQ1/uZV34gPw/N6/LvG/F1vcbj/95McT9fDed1Ifxm5h3XLe6vdfv4uxEuPVS83td8/sLbXHxe/yY83+/4QXH/8bji4/1e+DnmG9va3+9uC+voqxeGOu8//y0eF8P7SXaxuD5uFc/3pReu63p48feQZBevz7/+k3Q/16/qYS5n/qPzUyfmTp1/dOrc7Py5qfmPfuzQydPnT507lP8uz0Mf7Hf7xfenLfn708zs3nuy/N3qdDGuiJHSHP+Zh4/O7Ju+dWb22JHzx849fGb27PGj8/NHZ2fmbz1y7NjsR/rdfm7mvl27D+zZt3vy+NzMffsPHNhzYHLu1OnmYRQH1cfe6Q9Nnjp7KL/J/H33HNh17733TE+ePD0ze9++6enJ8/1un39vmmze+vcnz86eOHJu7uTs5Pzcx2bv23Vg797dfX8b4Mkzx+Ynps6ePzV1fn727FTxWCbO5Rc3v/f1uz3VNP8fxc+znRrFL+LL3nXn3vT7WZu+9Piyd1Vs0vELRJ8Pv4vmn192Zv9Kvo65fzTMpCb5HwAAAOog5v6xMBP5HwAAACoj5v5NYSbyPwAAAFRGzP3jYSY1yf+V6/9vu7Ci/ev/6/+3ni/9/5r1/x8qW/+/eL/Q/x+MtfbvV9P/36f/r/+v/9/mxen/l+f49f/1/1mqbP3/mPs3Z1kt8z8AAADUQcz9W8JM5H8AAACojJj7rwozkf8BAACgMmLuf0mYSU3yv/6//r/+v/6//n/3/ev/b0z6/73p//eh/z+V1av/f3GQx6//r//PUmXr/8fc/9Iwk5rkfwAAAKiDmPuvDjOR/wEAAKAyYu6/JsxE/gcAAIDKiLl/a5hJTfK//n+WDbWUl/X/9f/zC/T/9f/1/zcs/f/e9P/70P/3+f/6//r/DFTZ+v8x978szKQm+R8AAADqIOb+l4eZyP8AAABQPiOXd7OY+18RZrIk/1/mDgAAAIAXXcz912YdHwRfk7//1//3+f/l7/9vStfp/+v/Z6Xs/w9n+v/lof/fm/5/H/r/+v/6//r/DFTZ+v957s/Gs1eGmdQk/wMAAEAdxNx/XZiJ/A8AAACVEXP/L4WZyP8AAABQGTH3bwszqUn+1//X/y9//9/n/+v/l73/7/P/y0T/vzf9/z70//X/9f/1/xmosvX/Y+6/PsykJvkfAAAA6iDm/hvCTOR/AAAAqIyY+385zET+BwAAgMqIuX97mElN8r/+f8n7/7E5qv+v/6//r/+v/78i+v+96f/3of+v/6//r//PQJWt/x9z/41hJjXJ/wAAAFAHMfffFGYi/wMAAEBlxNz/qjAT+R8AAAAqI+b+iTCTmuR//f+S9/+LHvyYz//X/9f/1//X/18Z/f/e9P/70P/X/x9I/3/hgv6//j+FsvX/Y+6/OcykJvkfAAAA6iDm/h1hJvI/AAAAVEbM/beEmcj/AAAAUBkx9+8MM6lJ/tf/3xD9/0z/X/9f/1//X/9/ZfT/e9P/70P/X//f5//r/zNQZev/x9z/6jCTmuR/AAAAqIOY+28NM5H/AQAAoDJi7r8tzET+BwAAgMqIuf/2MJOa5H/9f/1//X/9f/3/7vvX/9+Y9P970//vQ/9f/1//X/+fgSpb/z/m/teEmdQk/wMAAEAdxNx/R5iJ/A8AAACVEXP/nWEm8j8AAABURsz9k2EmNcn/+v/6//r/+v/6/933r/+/Men/96b/34f+v/6//r/+PwNVtv5/zP13hZnUJP8DAABAHcTcf3eYifwPAAAAlRFz/1SYifwPAAAAlRFz/3SYSU3yv/6//r/+v/7/qvr/r1q8X/3/gv5/uej/96b/34f+v/7/i97/H9X/p1LK1v+PuX9XmElN8j8AAADUQcz9u8NM5H8AAACojJj794SZyP8AAABQGTH33xNmUpP8r/+v/6//r//v8/+771//f2PS/+9t8P3/+BD1//X/9f99/r/+P0uVrf8fc/+9YSY1yf8AAABQBzH37w0zkf8BAACgMmLu3xdmIv8DAABAZcTcvz/MpCb5X/9f/1//X/9f/7/7/vX/Nyb9/958/n8f+v/6//r/+v+s0UN/2PpV2fr/MfcfCDOpSf4HAACAOoi5/7VhJvI/AAAAVEbM/b8SZiL/AwAAQGXE3P+rYSY1yf/6/23d8+bD1f/X/9f/1//P6f9vTPr/ven/96H/r/+v/6//z0At2/8P0Xu9+/8x998XZlKT/A8AAAB1EHP/r4WZyP8AAABQGTH3vy7MRP4HAACAyoi5/2CYSU3yv/6/z//X/9f/1//vvv/17v+PxfvV/18T/f/e9P/70P/X/9f/1/9noMr2+f8x978+zKQm+R8AAADqIOb++8NM5H8AAACojJj73xBmIv8DAABAZcTc/8Ywk5rkf/1//f+N0v+/Sv9f/7/j8VSt/+/z/wdD/783/f8+9P/1//X/9f8ZqLL1/2Puf1OYSU3yPwAAANRBzP1vDjOR/wEAAKAyYu5/S5iJ/A8AAACVEXP/W8NMapL/9f/1/zdK/z/T/9f/73g8+v/6/93o//em/9+H/r/+v/6//j8DVbb+f8z9vx5mUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP1vCzOR/wEAAKAyYu5/e5hJTfK//r/+v/6//v+a+v+b9f/1/8tF/7+3Ddb///nV4XL9/4L+f7mPf7X9/5GOr69I///7y/X/FzZ13l7/nyuhbP3/mPvfEWZSk/wPAAAAdRBz/zvDTOR/AAAAqIyY+98VZiL/AwAAQGXE3P8bYSY1yf/6/83jWGwv6/9Xtf8/pP/v8//1/2tC/7+3Ddb/9/n/HfT/y338Pv9f/5+lytb/j7n/3WEmNcn/AAAAUAcx9z8YZiL/AwAAQGXE3P9QmIn8DwAAAJURc/97wkxqkv/1/33+fz36/z7/P9P/1/+vibX170f1/yP9f/1//f9y9P//U/+fja1s/f+Y+x8OM6lJ/gcAAIA6iLn/kTAT+R8AAAAqI+b+3wwzkf8BAACgMmLuf2+YSU3yv/7/Run/T2zQ/v/j+v9XsP9/09XFdvr/+v8s8vn/ven/96H/r/9ftv6/z/9ngytb/z/m/veFmaw8/4+veEsAAADgyuj8i6QOMff/VphJTf7+HwAAAOog5v7fDjOR/wEAAKAyYu7/nTCTmuR//f+N0v/3+f+Z/r/P/+94PPr/+v/drF//P77z6P/r/+v/R/r/+v/6/3QqW/8/5v7fDTOpSf4HAACAOoi5//1hJvI/AAAAbAjd/p/sTjH3Hwozkf8BAACgMmLuPxxmUpP8r/+v/6//X9L+/5/t+Jfvfuudh3fp/+v/6/+vyrp+/n/zxe/z//X/9f8T/X/9f/1/OpWt/x9z/5Ewk5rkfwAAAKiDmPt/L8xE/gcAAIDKiLn/aJiJ/A8AAACVEXP/TJhJTfK//r/+v/5/Sfv/G/jz/+P50P9vN7D+f3zT1f/vqujfp1V0Zfv/jyz2xPX/V9v/H+t6qf6//v9GPn79f/1/lipb/z/m/tkwk5rkfwAAAKiDkPuHjhVz8Qr5HwAAACoj5v7jYSbyPwAAAFRGzP0fCDOpSf7X/9f/1//X//f5/93336v/3xjx+f9llfr3P81fKPr/HcrT/+9O/1//fyMfv/6//j9Lla3/H3P/XJhJTfI/AAAA1EHM/R8MM5H/AQAAoDJi7v9QmIn8DwAAAJURc/+JMJOa5H/9f/1//X/9f/3/7vsv7ef/6//3tNb+vf5/oP9f7/7//+j/6//r/zMYZev/x9x/MsykJvkf+H/27qTJsjqt4/hJLaiswIULI1y4McKlL4GFrvUFuHDjxgjDBQ6oOFM4jygozorgPIAKgogKTj1Bd9N00zN0Nz3PAz3RdBPVUZnP82Rl5s1zc7h57zn//+ezqEfSSu5tojqLH8m3DwAA0IPc/TfFLfY/AAAANCN3/w/ELfY/AAAANCN3/w/GLZ3sf/3/Wfr/vUpZ/7///S/v//MVz7H//zb9/1Gvr//X/7dM/z9O/7/E4v7/+mEY+ur/Pf9f/6//Z0Wm1v/n7v+huKWT/Q8AAAA9yN3/w3GL/Q8AAADNyN1/c9xi/wMAAEAzcvf/SNzSyf4/0P9vDX32/5nxev6/5//r/4/q/3d+0P/r/6dvvf3/bVe/8un/j93/33/nspedaP/f4vP/r1/0wU3382e16fd/zP7/4lGfr/+nRVPr/3P3/2jc0sn+BwAAgB7k7v+xuMX+BwAAgGbk7r8lbrH/AQAAoBm5+388bulk/6/u+f+Xdj4+0/6/6P/1/zsf0P97/r/+f7Y8/39cT8//v/mZG2564eFveuQkr99R/7/Qpvv5ub9/z//X/3PY1Pr/3P0/Ebd0sv8BAACgB7n7fzJusf8BAACgGbn7fypusf8BAACgGbn7fzpu6WT/r67/n/Xz/4v+X/+/8wH9v/5f/z9b+v9xPfX/p3l9/b/+X/+v/2e1ptb/5+7/mbilk/0PAAAAPcjd/7Nxi/0PAAAAzcjdf2vcYv8DAABAM3L3X45bOtn/+v/z7/9f1v/r/+Pq//X/+v/zp/8fp/9fQv+v/9f/6/9Zqan1/7n7b4tbOtn/AAAA0IPc/T8Xt9j/AAAA0Izc/T8ft9j/AAAA0Izc/b8Qt3Sy//X/nv+v/9f/6/8Xv77+f570/+P0/0vo/8/az1+n/9f/6/+51gn7/5dGvmyvpP/P3f+LcUsn+x8AAAB6kLv/l+IW+x8AAACakbv/l+MW+x8AAACakbv/V+KWTva//l//r//X/5+6/z/8S2+H/n8x/f966P/HTab/37qw8MP6/9n3/57/r//X/7PP1J7/n7v/V+OWTvY/AAAA9CB3/6/FLSP7/8T/MB8AAADYqNz9vx63+P4/AAAAzF5WZ7n7fyNu6WT/6//1//p//b/n/y9+/bH+/5Fr3p/+f1r0/+Mm0/8fQf+v/5/z+9f/6/85bGr9f+7+34xbOtn/AAAA0IPc/bfHLfY/AAAANCN3/2/FLfY/AAAANCN3/2/HLZ3s/8X9/97/X/9/PPr//e9f/7/418eq+v/8M+r/R/v/b/f8/z7p/8etv/+/qP/f/+fX/5+jTb//xvv/S8s+X//PIlPr/3P33xG3dLL/AQAAoAe5+++MW+x/AAAAaEbu/t+JW+x/AAAAaEbu/t+NWzrZ/57/r//X/8+v//f8/12bfP7/sPb+/4L+/5j0/+M8/38J/b/+X//v+f+s1NT6/9z9d8Utnex/AAAA6MFdLw47u//3hsH+BwAAgDm69t8dOPgvlIbc/b8ft9j/AAAA0Izc/X8Qt3Sy//X/+n/9v/5f/7/49U/a/y97MLLn/6+H/n+c/n8J/f959PMXGuv/7z7q86fQ/9+q/2di9vX/j+19fFP9f+7+P4xbOtn/AAAA0IPc/X8Ut9j/AAAA0Izc/X8ct9j/AAAA0Izc/X8St3Sy/8+9/x8JYvX/+n/9v/6/pf5/Gf3/euj/x+n/l9D/e/6/5//r/1mpvf5//9fDTfX/ufv/NG7pZP8DAABAD3L3/1ncYv8DAABAM3L33x232P8AAADQjNz9fx63dLL/Pf9f/6//1//r/xe/vv5/nvT/4/T/S+j/9f/6f/0/K7Xv+f/X2FT/n7v/nrilk/0PAAAAPcjdf2/cYv8DAABAM3L3/0XcYv8DAABAM3L3/2Xc0sn+1/+fb/+fH9f/6/8H/b/+X/+/Ft32/1uLfic67Ij+/8nvu/yd+z+i/9f/6//1//p/VmAS/f+Vvb+7zN3/V3FLJ/sfAAAAepC7/6/jFvsfAAAAmpG7/2/iFvsfAAAAmpG7/2/jlhPu/69f6btaH/2/5//r//X/+v/Fr6//n6du+/9j8vz/JfT/+n/9v/6flZpE/3/NH+fu/7u4xff/AQAAoBm5+/8+brH/AQAAoBm5+/8hbrH/AQAAoBm5+/8xbulk/+v/9f/6f/2//n/x65+2/98eFtP/r4f+f5z+fwn9v/5f/6//Z6Wm1v/n7r8vbulk/wMAAEAPcvffH7fY/wAAANCM3P3/FLfY/wAAANCM3P3/HLd0sv/1//p//b/+X/+/+PU9/3+e9P/j9P/DMDww8gYW9f9XLur/9f/6f/0/pzS1/j93/7/ELZ3sfwAAAOhB7v4H4hb7HwAAAJqRu//BuMX+BwAAgGbk7v/XuKWT/a//1//r//X/+v/Fr6//nyf9/zj9/xKe/6//1//r/1mpqfX/ufsfils62f8AAADQg9z9D8ct9j8AAAA0I3f/v8Ut9j8AAAA0I3f/I3FLJ/tf/6//1//r/8+l/7+s/z9I/78e59f/D/p//b/+fwn9v/5f/89B6+r/X4qv98v6/9z9/x63dLL/AQAAoAe5+x+NW+x/AAAAaEbu/v+IW+x/AAAAaEbu/v+MWzrZ//p//b/+X//v+f+LX1//P0+e/z9O/7+E/l//f6L3/w37/kj/r//nsHX1/0f1/gf/OHf/f8Utnex/AAAA6EHu/sfiFvsfAAAAmpG7//G4xf4HAACAZuTu/++4pZP9r//X/+/v/4dB/6//1//vWkP/vz3o/1dO/z9O/7+E/r/N/v9rhoae/3/pyM/X/zNFU+v/c/f/T9zSyf4HAACAHuTu/9+4xf4HAACAZuTu/7+4xf4HAACAZuTu//+4paX9//LR6dv8+/+LBz5R/z8Mw7O3eP6//n/k9fX/k+n/66+q/n919P/j9P9L6P/b7P/X9P49/1//z2FT6/9z978ibmlp/wMAAEDncve/Mm6x/wEAAKAZuftfFbfY/wAAANCM3P2vjls62f/z7/8PfqL+fzjT8//1/zsf0P/r//X/s3XW/v6e7fg9Tf+v/z+y/7909Xe8bvv/rSP+vmfQ/+v/9f8sMLX+P3f/a+KWTvY/AAAA9CB3/xNxi/0PAAAAzcjd/2TcYv8DAABAM3L3vzZu6WT/6//1//r/efb/2/p//b/+f6GpPP//xhu/42n9f6v9v+f/H0X/r//X/3PQ1Pr/3P2vi1s62f8AAADQg9z9r49b7H8AAABoRu7+p+IW+x8AAACa8dROyLk9vGEYutz/h/v/64bdQnXXov4/GjX9/zX0//vfv/5/8a8Pz//X/+v/z99U+n/P/z/d+9f/6//n/P5P1P9/8+HP1//Toqn1/7n7n45bOtn/AAAA0IPc/W+MW+x/AAAAaEbu/jfFLfY/AAAANCN3/zNxSyf73/P/z7n/v07/r//X/9evS/2//n8N9P/j9P9L6P/P3s/nV1X9/3yf//+1+n9WZ2r9f+7+N8ctO8PvW77ulP8xAQAAgAnJ3f+WuKWT7/8DAABAD3L3vzVusf8BAACgGbn73xa3dLL/9f+e/6//1//r/xe/vv5/nvT/4/T/S/TT/28v+uCm+/mz2vT732D/v/PLwvP/maKp9f+5+98et3Sy/wEAAKBtL+78mLv/HXGL/Q8AAADNyN3/zrjF/gcAAIBm5O5/Nm7pZP/Psf+/pP/X/5+o//8e/f+B19f/6/9bpv/P39EX0/8v0U//v9Cm+/mVvf+r/yXoq//fof9niqbW/+fufy5u6WT/AwAAQA9y978rbrH/AQAAoBm5+98dt9j/AAAAMFMXD30kd/974pYm9v+FpT9jjv2/5/+fvv/fGnrs/z3/X/+v/+/JfPr/exf+Ju35//p//f9837/+X//PYVPr/3P3P791ocH9DwAAAO36rm/9/ueO+3Of3/lxe3hv3GL/AwAAQDNy978vbrH/AQAAoBm5+98ft3Sy//X/ffX/fT7/X/+v/9f/92Q+/f9i+n/9v/5/vu9f/6//57Cp9f+5+z8Qt1wz/Jb/r+gBAAAAa3X9yX567v4Pxi2dfP8fAAAAepC7/0Nxy6H9f+WY/1Y7AAAAMDW5+z8ct3Ty/X/9/8T7/+Gc+v/4efr/Xevu/7cO/Hz9/y79v/5/FfT/487Y/1/Z0v/r/0fo//X/+n8Omlr/n7v/0YeGLvc/AAAANGrfP1H4yM6P28NH45bj7v+D36gCAAAAJid3/8fiFt//BwAAgGbk7v943NLJ/tf/T7z/P9Xz/y/V/+X5/9Ps/9f2/P/btxe+vv5f/98y/f84z/9fQv+v/9f/6/9ZqRP0/zuD9Lz7/9z9n4hbOtn/AAAA0IPc/Z+MW+x/AAAAaEbu/k/FLfY/AAAANCN3/6fjlk72v/5/A/3/HReH4Vz7/2M8/1//30f/f8Trt9P/f+MNl5/47u998D79P3vW2f/nrwX9v/5f/79L/6//1/9z0NSe/5+7/zNxSyf7HwAAAHqQu/+FuMX+BwAAgGbk7v9s3HJ1/z++qXcFAAAArFLu/s/FLZ18/1//3+Lz/+fZ/+df6w30/5fn1/9nU9x7/+/5//r/wzz/f5z+fwn9v/5f/6//Z6Wm1v/n7v983NLJ/gcAAIAe5O7/QtyS+3/rxP/oHgAAAJiY3P1fjFt8/x8AAACakbv/xbilk/2v/9f/T6X/T57/v/d5nv+/S/+v/z8J/f84/f8S+n/9v/5f/89KTa3/z93/pbilk/0PAAAAPcjd/1LcYv8DAABAM3L3fzlusf8BAACgGbn7vxK3dLL/9f/6f/2//n/9/f/u11r9/95fVf3/6uj/x+n/l9D/6//1//p/Vmpq/X/u/q8GAAD//y+MZ1o=") open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0) 409.016759ms ago: executing program 2 (id=532): r0 = syz_io_uring_setup(0x45b4, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x200000, 0x46}, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x2}) io_uring_enter(r0, 0x2914, 0x58f2, 0x0, 0x0, 0x0) 253.319456ms ago: executing program 3 (id=533): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) listen(r0, 0x58) r1 = dup(r0) connect$vsock_stream(r1, &(0x7f0000000300)={0x28, 0x0, 0x2710}, 0x10) 68.051504ms ago: executing program 0 (id=534): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x3) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f00000001c0)) 0s ago: executing program 3 (id=535): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r1) sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x20, r0, 0x6a98047402e98331, 0x70bd21, 0xffa1, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x24004041}, 0x4008800) kernel console output (not intermixed with test programs): bridge0: port 2(bridge_slave_1) entered disabled state [ 80.913349][ T5822] bridge_slave_1: entered allmulticast mode [ 80.920843][ T5822] bridge_slave_1: entered promiscuous mode [ 80.957377][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.964738][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.972327][ T5820] bridge_slave_0: entered allmulticast mode [ 80.980918][ T5820] bridge_slave_0: entered promiscuous mode [ 81.081945][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.089805][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.097047][ T5820] bridge_slave_1: entered allmulticast mode [ 81.105559][ T5820] bridge_slave_1: entered promiscuous mode [ 81.234630][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.266697][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.274987][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.283147][ T5821] bridge_slave_0: entered allmulticast mode [ 81.291955][ T5821] bridge_slave_0: entered promiscuous mode [ 81.300139][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.307257][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.318590][ T5819] bridge_slave_0: entered allmulticast mode [ 81.326416][ T5819] bridge_slave_0: entered promiscuous mode [ 81.335779][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.344103][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.351727][ T5824] bridge_slave_0: entered allmulticast mode [ 81.359739][ T5824] bridge_slave_0: entered promiscuous mode [ 81.370723][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.385880][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.399114][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.415376][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.423466][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.430869][ T5821] bridge_slave_1: entered allmulticast mode [ 81.438523][ T5821] bridge_slave_1: entered promiscuous mode [ 81.457640][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.465179][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.472553][ T5819] bridge_slave_1: entered allmulticast mode [ 81.480146][ T5819] bridge_slave_1: entered promiscuous mode [ 81.487445][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.495151][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.502444][ T5824] bridge_slave_1: entered allmulticast mode [ 81.510388][ T5824] bridge_slave_1: entered promiscuous mode [ 81.539434][ T5841] Bluetooth: hci1: command tx timeout [ 81.545366][ T5841] Bluetooth: hci2: command tx timeout [ 81.545675][ T5827] Bluetooth: hci0: command tx timeout [ 81.551422][ T5831] Bluetooth: hci3: command tx timeout [ 81.557061][ T5840] Bluetooth: hci5: command tx timeout [ 81.618467][ T5827] Bluetooth: hci4: command tx timeout [ 81.657624][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.695055][ T5820] team0: Port device team_slave_0 added [ 81.703930][ T5822] team0: Port device team_slave_0 added [ 81.725131][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.737362][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.751269][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.763000][ T5820] team0: Port device team_slave_1 added [ 81.782073][ T5822] team0: Port device team_slave_1 added [ 81.799814][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.807114][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.814718][ T5823] bridge_slave_0: entered allmulticast mode [ 81.822196][ T5823] bridge_slave_0: entered promiscuous mode [ 81.844388][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.856263][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.890331][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.897305][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 81.923612][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.937128][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.944479][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 81.971798][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.983154][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.990928][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.998102][ T5823] bridge_slave_1: entered allmulticast mode [ 82.005780][ T5823] bridge_slave_1: entered promiscuous mode [ 82.085406][ T5821] team0: Port device team_slave_0 added [ 82.106215][ T5824] team0: Port device team_slave_0 added [ 82.112902][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.120137][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.146247][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.173528][ T5821] team0: Port device team_slave_1 added [ 82.181559][ T5819] team0: Port device team_slave_0 added [ 82.189690][ T5824] team0: Port device team_slave_1 added [ 82.197746][ T5819] team0: Port device team_slave_1 added [ 82.204242][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.211646][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.238047][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.252945][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.344178][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.382326][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.389479][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.415557][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.452320][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.459677][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.485708][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.498228][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.505268][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.531900][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.545097][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.553208][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.583516][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.605371][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.613072][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.639766][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.657814][ T5820] hsr_slave_0: entered promiscuous mode [ 82.664663][ T5820] hsr_slave_1: entered promiscuous mode [ 82.683879][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.711291][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 82.740618][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.806666][ T5823] team0: Port device team_slave_0 added [ 82.821828][ T5822] hsr_slave_0: entered promiscuous mode [ 82.829095][ T5822] hsr_slave_1: entered promiscuous mode [ 82.835471][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 82.842017][ T5822] Cannot create hsr debugfs directory [ 82.887804][ T5823] team0: Port device team_slave_1 added [ 82.931662][ T5819] hsr_slave_0: entered promiscuous mode [ 82.939261][ T5819] hsr_slave_1: entered promiscuous mode [ 82.945643][ T5819] debugfs: 'hsr0' already exists in 'hsr' [ 82.951534][ T5819] Cannot create hsr debugfs directory [ 83.043173][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.050417][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 83.077188][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.095369][ T5824] hsr_slave_0: entered promiscuous mode [ 83.101977][ T5824] hsr_slave_1: entered promiscuous mode [ 83.108893][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 83.114674][ T5824] Cannot create hsr debugfs directory [ 83.135181][ T5821] hsr_slave_0: entered promiscuous mode [ 83.141901][ T5821] hsr_slave_1: entered promiscuous mode [ 83.148165][ T5821] debugfs: 'hsr0' already exists in 'hsr' [ 83.154100][ T5821] Cannot create hsr debugfs directory [ 83.188038][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.195095][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 83.222368][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.480599][ T5823] hsr_slave_0: entered promiscuous mode [ 83.487719][ T5823] hsr_slave_1: entered promiscuous mode [ 83.494477][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 83.500428][ T5823] Cannot create hsr debugfs directory [ 83.618989][ T5840] Bluetooth: hci2: command tx timeout [ 83.619054][ T5827] Bluetooth: hci3: command tx timeout [ 83.624498][ T5841] Bluetooth: hci1: command tx timeout [ 83.635281][ T5840] Bluetooth: hci5: command tx timeout [ 83.636008][ T5827] Bluetooth: hci0: command tx timeout [ 83.699065][ T5827] Bluetooth: hci4: command tx timeout [ 84.041544][ T5822] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 84.055691][ T5822] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 84.069813][ T5822] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 84.091588][ T5822] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 84.151447][ T5820] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 84.190756][ T5820] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 84.205477][ T5820] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 84.237058][ T5820] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 84.303864][ T5824] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 84.316156][ T5824] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 84.345305][ T5824] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 84.380777][ T5824] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 84.437247][ T5821] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 84.474259][ T5821] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 84.493189][ T5821] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 84.522340][ T5821] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 84.603329][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.611345][ T5819] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 84.650848][ T5819] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 84.670876][ T5819] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 84.710252][ T5819] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 84.793027][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.809779][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 84.840657][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 84.852538][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 84.866409][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.874073][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.896059][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 84.932979][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.940162][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.992871][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.006846][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.079670][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.122850][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.164215][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.171457][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.181404][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.188622][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.198084][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.205247][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.245358][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.252584][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.322733][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.349443][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.453147][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.466754][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.480421][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.505534][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.512760][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.556977][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.564362][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.590660][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.597832][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.650973][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.686524][ T1156] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.693869][ T1156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.702000][ T5827] Bluetooth: hci5: command tx timeout [ 85.707464][ T5838] Bluetooth: hci1: command tx timeout [ 85.711181][ T5840] Bluetooth: hci3: command tx timeout [ 85.718541][ T5827] Bluetooth: hci2: command tx timeout [ 85.718582][ T5827] Bluetooth: hci0: command tx timeout [ 85.763269][ T1156] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.770552][ T1156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.780719][ T5840] Bluetooth: hci4: command tx timeout [ 85.848383][ T1156] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.855521][ T1156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.910696][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.043111][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.111577][ T24] cfg80211: failed to load regulatory.db [ 86.175233][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.337377][ T5820] veth0_vlan: entered promiscuous mode [ 86.397400][ T5820] veth1_vlan: entered promiscuous mode [ 86.435251][ T5824] veth0_vlan: entered promiscuous mode [ 86.492104][ T5824] veth1_vlan: entered promiscuous mode [ 86.557512][ T5820] veth0_macvtap: entered promiscuous mode [ 86.606738][ T5820] veth1_macvtap: entered promiscuous mode [ 86.695923][ T5824] veth0_macvtap: entered promiscuous mode [ 86.714927][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.732501][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.763767][ T5824] veth1_macvtap: entered promiscuous mode [ 86.786772][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.835356][ T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.848919][ T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.860891][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.872031][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.890448][ T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.901561][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.933617][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.013946][ T5822] veth0_vlan: entered promiscuous mode [ 87.027955][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.042074][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.104544][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.117690][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.133873][ T5822] veth1_vlan: entered promiscuous mode [ 87.155649][ T5823] veth0_vlan: entered promiscuous mode [ 87.181090][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.234690][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.243233][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.302234][ T846] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.311167][ T846] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.342296][ T5823] veth1_vlan: entered promiscuous mode [ 87.362357][ T5819] veth0_vlan: entered promiscuous mode [ 87.403771][ T5819] veth1_vlan: entered promiscuous mode [ 87.453896][ T5822] veth0_macvtap: entered promiscuous mode [ 87.461401][ T5820] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 87.504460][ T5823] veth0_macvtap: entered promiscuous mode [ 87.514585][ T5823] veth1_macvtap: entered promiscuous mode [ 87.582791][ T5822] veth1_macvtap: entered promiscuous mode [ 87.613681][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.625980][ T122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.638851][ T122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.657039][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.707057][ T846] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.726677][ T5821] veth0_vlan: entered promiscuous mode [ 87.757407][ T846] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.766700][ T846] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.778559][ T5840] Bluetooth: hci3: command tx timeout [ 87.779227][ T5841] Bluetooth: hci1: command tx timeout [ 87.783964][ T5840] Bluetooth: hci0: command tx timeout [ 87.789368][ T5838] Bluetooth: hci2: command tx timeout [ 87.789404][ T5838] Bluetooth: hci5: command tx timeout [ 87.826163][ T5821] veth1_vlan: entered promiscuous mode [ 87.836754][ T846] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.857034][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.865328][ T5838] Bluetooth: hci4: command tx timeout [ 87.896811][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.924178][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.966277][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.982216][ T5819] veth0_macvtap: entered promiscuous mode [ 88.027617][ T122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.041713][ T5819] veth1_macvtap: entered promiscuous mode [ 88.050478][ T122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.068413][ T58] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.122217][ T58] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.125699][ T5973] loop1: detected capacity change from 0 to 256 [ 88.154175][ T5973] ======================================================= [ 88.154175][ T5973] WARNING: The mand mount option has been deprecated and [ 88.154175][ T5973] and is ignored by this kernel. Remove the mand [ 88.154175][ T5973] option from the mount to silence this warning. [ 88.154175][ T5973] ======================================================= [ 88.195926][ T58] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.207563][ T58] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.236264][ T5973] FAT-fs (loop1): Directory bread(block 64) failed [ 88.245741][ T5821] veth0_macvtap: entered promiscuous mode [ 88.253291][ T5973] FAT-fs (loop1): Directory bread(block 65) failed [ 88.276738][ T5821] veth1_macvtap: entered promiscuous mode [ 88.283548][ T5973] FAT-fs (loop1): Directory bread(block 66) failed [ 88.300222][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.308861][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.318803][ T5973] FAT-fs (loop1): Directory bread(block 67) failed [ 88.327370][ T5973] FAT-fs (loop1): Directory bread(block 68) failed [ 88.344035][ T5973] FAT-fs (loop1): Directory bread(block 69) failed [ 88.355647][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.377257][ T5973] FAT-fs (loop1): Directory bread(block 70) failed [ 88.388562][ T5973] FAT-fs (loop1): Directory bread(block 71) failed [ 88.395215][ T5973] FAT-fs (loop1): Directory bread(block 72) failed [ 88.411797][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.431526][ T5973] FAT-fs (loop1): Directory bread(block 73) failed [ 88.472714][ T122] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.492138][ T122] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.524958][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.535615][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.549113][ T122] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.558241][ T122] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.573541][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.672576][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.706306][ T49] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.796868][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.825383][ T49] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.843610][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.859351][ T122] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.899754][ T122] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.932095][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.962323][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.086808][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.146518][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.291701][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.307352][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.317527][ T5987] Driver unsupported XDP return value 0 on prog (id 2) dev N/A, expect packet loss! [ 89.472488][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.520359][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.797393][ T5996] loop0: detected capacity change from 0 to 2048 [ 89.880385][ T5996] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 89.908963][ T5980] loop2: detected capacity change from 0 to 32768 [ 89.957731][ T5999] loop4: detected capacity change from 0 to 1024 [ 90.022158][ T5980] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 90.064911][ T5980] JBD2: Ignoring recovery information on journal [ 90.207916][ T5999] hfsplus: b-tree write err: -5, ino 2 [ 90.276292][ T5999] hfsplus: bad catalog entry type [ 90.361732][ T5980] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 90.526219][ T6007] loop0: detected capacity change from 0 to 1024 [ 90.545124][ T49] hfsplus: b-tree write err: -5, ino 25 [ 90.585208][ T49] hfsplus: b-tree write err: -5, ino 4 [ 90.608132][ T49] hfsplus: b-tree write err: -5, ino 2 [ 90.639906][ T49] hfsplus: b-tree write err: -5, ino 26 [ 90.693418][ T5980] (syz.2.10,5980,1):ocfs2_check_dir_entry:314 ERROR: directory entry (#65: offset=512) too close to end or out-of-bounds [ 90.693491][ T5980] (syz.2.10,5980,1):ocfs2_rename:1703 ERROR: status = -2 [ 90.770509][ T6007] hfsplus: request for non-existent node 3 in B*Tree [ 90.816903][ T6007] hfsplus: request for non-existent node 3 in B*Tree [ 90.945179][ T6007] hfsplus: request for non-existent node 4 in B*Tree [ 91.006911][ T6007] hfsplus: request for non-existent node 4 in B*Tree [ 91.097315][ T5820] ocfs2: Unmounting device (7,2) on (node local) [ 91.478075][ T6032] loop0: detected capacity change from 0 to 128 [ 91.548104][ T6032] EXT4-fs (loop0): Test dummy encryption mode enabled [ 91.581143][ T6036] netlink: 8 bytes leftover after parsing attributes in process `syz.4.31'. [ 91.642982][ T6032] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 91.705944][ T6032] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.798641][ T5832] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 91.865451][ T5823] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 91.970065][ T5832] usb 6-1: Using ep0 maxpacket: 8 [ 91.993058][ T6048] loop1: detected capacity change from 0 to 256 [ 91.999464][ T5832] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 92.007806][ T5832] usb 6-1: config 179 has no interface number 0 [ 92.068256][ T5832] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 92.099525][ T5832] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 92.145204][ T5832] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 92.258843][ T5832] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 92.288449][ T5928] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 92.358526][ T5832] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 92.470467][ T5832] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 92.471799][ T6054] loop3: detected capacity change from 0 to 32768 [ 92.518521][ T5928] usb 5-1: Using ep0 maxpacket: 16 [ 92.538118][ T5832] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.548796][ T6054] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 92.558907][ T6054] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 92.567747][ T6033] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 92.580926][ T5928] usb 5-1: config 0 has an invalid interface number: 4 but max is 0 [ 92.595309][ T5928] usb 5-1: config 0 has no interface number 0 [ 92.613047][ T5928] usb 5-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.630957][ T6054] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 92.640704][ T5928] usb 5-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 92.663194][ T979] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 92.693720][ T979] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 92.701118][ T5928] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 92.701244][ T5928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.707285][ T5928] usb 5-1: config 0 descriptor?? [ 92.869067][ T9] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input5 [ 93.164140][ T5928] hid (null): unknown global tag 0xd [ 93.189470][ T5928] hid (null): unknown global tag 0xd [ 93.205927][ T5928] hid (null): global environment stack underflow [ 93.247991][ C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 93.253341][ T979] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 559ms [ 93.256360][ C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 93.274088][ T5832] usb 6-1: USB disconnect, device number 2 [ 93.325225][ T979] gfs2: fsid=syz:syz.0: jid=0: Done [ 93.349150][ T6054] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 93.417277][ T5928] usb 5-1: USB disconnect, device number 2 [ 93.465265][ T6074] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 93.562079][ T6074] CPU: 0 UID: 0 PID: 6074 Comm: gfs2_quotad/syz Not tainted syzkaller #0 PREEMPT(full) [ 93.562120][ T6074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 93.562136][ T6074] Call Trace: [ 93.562146][ T6074] [ 93.562156][ T6074] dump_stack_lvl+0xe8/0x150 [ 93.562199][ T6074] gfs2_assert_warn_i+0x194/0x2c0 [ 93.562248][ T6074] gfs2_qd_dispose+0x466/0x570 [ 93.562290][ T6074] gfs2_quota_sync+0x3cf/0x470 [ 93.562335][ T6074] gfs2_quotad+0x2b9/0x6e0 [ 93.562382][ T6074] ? __pfx_gfs2_quotad+0x10/0x10 [ 93.562417][ T6074] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 93.562456][ T6074] ? srso_alias_return_thunk+0x5/0xfbef5 [ 93.562488][ T6074] ? __kthread_parkme+0x7a/0x1f0 [ 93.562524][ T6074] ? srso_alias_return_thunk+0x5/0xfbef5 [ 93.562567][ T6074] kthread+0x388/0x470 [ 93.562592][ T6074] ? __pfx_gfs2_quotad+0x10/0x10 [ 93.562625][ T6074] ? __pfx_kthread+0x10/0x10 [ 93.562651][ T6074] ret_from_fork+0x51e/0xb90 [ 93.562688][ T6074] ? __pfx_ret_from_fork+0x10/0x10 [ 93.562719][ T6074] ? srso_alias_return_thunk+0x5/0xfbef5 [ 93.562748][ T6074] ? __switch_to+0xc7d/0x1450 [ 93.562780][ T6074] ? __pfx_kthread+0x10/0x10 [ 93.562805][ T6074] ret_from_fork_asm+0x1a/0x30 [ 93.562861][ T6074] [ 93.775170][ T6054] gfs2: fsid=syz:syz.0: found 2 quota changes [ 94.480603][ T6091] loop1: detected capacity change from 0 to 8 [ 94.583538][ T6091] SQUASHFS error: Failed to read block 0x6e6: -5 [ 94.616765][ T6091] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 94.634230][ T6077] loop0: detected capacity change from 0 to 32768 [ 94.648224][ T6091] SQUASHFS error: Unable to read directory block [6e4:0] [ 94.800170][ T6077] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 94.803311][ T6104] netlink: 4 bytes leftover after parsing attributes in process `syz.3.49'. [ 94.866675][ T6103] loop2: detected capacity change from 0 to 512 [ 95.004181][ T6103] EXT4-fs (loop2): 1 truncate cleaned up [ 95.032716][ T6095] loop5: detected capacity change from 0 to 4096 [ 95.088483][ T6103] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.195964][ T6077] XFS (loop0): Ending clean mount [ 95.205657][ T30] audit: type=1800 audit(1772897470.132:2): pid=6103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.56" name="file0" dev="loop2" ino=13 res=0 errno=0 [ 95.279710][ T6095] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 95.375883][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.426213][ T5823] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 95.502413][ T6095] ntfs3(loop5): ino=0, "file1" failed to extend initialized size to 100003. [ 95.799249][ T6126] capability: warning: `syz.4.65' uses 32-bit capabilities (legacy support in use) [ 95.918757][ T6126] program syz.4.65 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 97.012452][ T6148] 8021q: adding VLAN 0 to HW filter on device bond1 [ 97.145087][ T6140] loop3: detected capacity change from 0 to 32768 [ 97.195443][ T6140] (syz.3.69,6140,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 97.238159][ T6140] (syz.3.69,6140,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 97.336581][ T6140] JBD2: Ignoring recovery information on journal [ 97.415903][ T6158] loop1: detected capacity change from 0 to 512 [ 97.506022][ T6158] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 97.543744][ T6140] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 97.546422][ T6167] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 97.584632][ T6158] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 97.661311][ T6158] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.77: bad orphan inode 131083 [ 97.718667][ T6158] loop1: lost filesystem error report for type 5 error -117 [ 97.728414][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 97.742702][ C1] EXT4-fs (loop1): initial error at time 1772897472: ext4_orphan_get:1417 [ 97.750681][ T6158] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.751301][ C1] EXT4-fs (loop1): last error at time 1772897472: ext4_orphan_get:1417 [ 97.851723][ T30] audit: type=1800 audit(1772897472.772:3): pid=6140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.69" name="file1" dev="loop3" ino=16979 res=0 errno=0 [ 97.922451][ T6177] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.84'. [ 98.039010][ T5819] ocfs2: Unmounting device (7,3) on (node local) [ 98.163925][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.424729][ T6186] loop2: detected capacity change from 0 to 4096 [ 98.500291][ T6186] EXT4-fs: inline encryption not supported [ 98.540603][ T6186] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.785933][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.910716][ T6200] loop5: detected capacity change from 0 to 64 [ 99.166070][ T6207] loop4: detected capacity change from 0 to 1024 [ 99.197073][ T6207] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 99.267197][ T6207] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 99.294928][ T6207] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e84ee118, mo2=0000] [ 99.303676][ T6207] System zones: 0-1, 3-12 [ 99.308546][ T6207] EXT4-fs (loop4): orphan cleanup on readonly fs [ 99.322218][ T6207] EXT4-fs error (device loop4): __ext4_get_inode_loc:4782: comm syz.4.96: Invalid inode table block 0 in block_group 0 [ 99.399058][ T6212] loop2: detected capacity change from 0 to 512 [ 99.418465][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 99.428404][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 99.442241][ C1] EXT4-fs (loop4): initial error at time 1772897474: __ext4_get_inode_loc:4782 [ 99.451254][ C1] EXT4-fs (loop4): last error at time 1772897474: __ext4_get_inode_loc:4782 [ 99.463876][ T6207] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 99.482317][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 99.493316][ T6207] EXT4-fs error (device loop4): ext4_quota_write:7390: inode #3: comm syz.4.96: mark_inode_dirty error [ 99.517964][ T6212] FAT-fs (loop2): error, corrupted file size (i_pos 51, 8960) [ 99.547256][ T30] audit: type=1800 audit(1772897474.442:4): pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.98" name="file2" dev="loop2" ino=1048611 res=0 errno=0 [ 99.570045][ T6212] FAT-fs (loop2): Filesystem has been set read-only [ 99.594402][ T6207] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 99.618482][ T6207] Quota error (device loop4): write_blk: dquota write failed [ 99.692767][ T6207] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 99.701731][ T6216] loop5: detected capacity change from 0 to 128 [ 99.746262][ T6207] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.96: Failed to acquire dquot type 0 [ 99.807890][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 99.810314][ T30] audit: type=1800 audit(1772897474.732:5): pid=6216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.100" name="file2" dev="loop5" ino=1048612 res=0 errno=0 [ 99.837349][ T6207] EXT4-fs error (device loop4): __ext4_get_inode_loc:4782: comm syz.4.96: Invalid inode table block 0 in block_group 0 [ 99.837438][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 99.862575][ T6207] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 99.869946][ T6216] FAT-fs (loop5): error, clusters badly computed (4 != 3) [ 99.887351][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 99.890055][ T6207] EXT4-fs error (device loop4): ext4_ext_truncate:4528: inode #15: comm syz.4.96: mark_inode_dirty error [ 99.912682][ T6207] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 99.913157][ T6207] EXT4-fs error (device loop4): __ext4_get_inode_loc:4782: comm syz.4.96: Invalid inode table block 0 in block_group 0 [ 99.919546][ T6216] FAT-fs (loop5): Filesystem has been set read-only [ 99.925937][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 99.983309][ T6216] FAT-fs (loop5): error, clusters badly computed (5 != 4) [ 100.001349][ T6207] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 100.027735][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 100.028218][ T6207] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 100.029186][ T6216] FAT-fs (loop5): error, clusters badly computed (6 != 5) [ 100.038436][ T5832] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 100.073865][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 100.074629][ T6198] loop3: detected capacity change from 0 to 32768 [ 100.103340][ T6207] EXT4-fs error (device loop4): __ext4_get_inode_loc:4782: comm syz.4.96: Invalid inode table block 0 in block_group 0 [ 100.122689][ T6207] loop4: lost filesystem error report for type 5 error -117 [ 100.160814][ T6207] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 100.207155][ T6207] EXT4-fs error (device loop4): ext4_truncate:4587: inode #15: comm syz.4.96: mark_inode_dirty error [ 100.217191][ T6198] JBD2: Ignoring recovery information on journal [ 100.238577][ T5913] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 100.267098][ T6207] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 100.271011][ T5832] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 100.288598][ T5832] usb 1-1: config 0 has no interface number 0 [ 100.300166][ T6207] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 100.300720][ T5832] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 100.319032][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.327195][ T5832] usb 1-1: Product: syz [ 100.332131][ T5832] usb 1-1: Manufacturer: syz [ 100.336744][ T5832] usb 1-1: SerialNumber: syz [ 100.347752][ T5832] usb 1-1: config 0 descriptor?? [ 100.367662][ T6198] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 100.387594][ T6207] EXT4-fs (loop4): 1 truncate cleaned up [ 100.400123][ T6207] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 100.443989][ T5913] usb 3-1: Using ep0 maxpacket: 16 [ 100.463712][ T5913] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 100.486328][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.511920][ T6214] loop1: detected capacity change from 0 to 32768 [ 100.528700][ T30] audit: type=1800 audit(1772897475.462:6): pid=6198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.85" name="file1" dev="loop3" ino=17059 res=0 errno=0 [ 100.550308][ T5913] usb 3-1: Product: syz [ 100.554476][ T5913] usb 3-1: Manufacturer: syz [ 100.567844][ T5913] usb 3-1: SerialNumber: syz [ 100.581620][ T5832] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 100.610930][ T5913] usb 3-1: config 0 descriptor?? [ 100.635860][ T5832] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 100.683806][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.703930][ T5832] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 100.733703][ T5832] usb 1-1: media controller created [ 100.856536][ T5832] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 100.886407][ T5819] ocfs2: Unmounting device (7,3) on (node local) [ 100.959585][ T5832] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 101.057573][ T5913] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 101.117292][ T5913] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 101.139551][ T5832] usb 1-1: USB disconnect, device number 2 [ 101.178886][ T5913] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 101.197293][ T5913] usb 3-1: media controller created [ 101.284450][ T5913] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 101.443187][ T5913] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 101.479426][ T5913] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 101.663333][ T5913] usb 3-1: USB disconnect, device number 2 [ 101.665534][ T6242] loop1: detected capacity change from 0 to 512 [ 101.715622][ T6242] EXT4-fs: Ignoring removed nobh option [ 101.753163][ T6242] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 101.786504][ T5913] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 101.826076][ T6242] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 101.851629][ T6242] EXT4-fs (loop1): 1 truncate cleaned up [ 101.878075][ T6256] netlink: 36 bytes leftover after parsing attributes in process `syz.3.115'. [ 101.891567][ T6242] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.036809][ T6259] warning: `syz.4.116' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 102.171415][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.348978][ T979] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 102.508419][ T979] usb 4-1: Using ep0 maxpacket: 16 [ 102.515932][ T6277] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 102.515932][ T6277] The task syz.4.123 (6277) triggered the difference, watch for misbehavior. [ 102.559263][ T979] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 102.596285][ T979] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 102.634916][ T979] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 102.678505][ T979] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 102.708092][ T979] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.756840][ T979] usb 4-1: config 0 descriptor?? [ 102.760931][ T6286] loop0: detected capacity change from 0 to 16 [ 102.832660][ T6286] erofs (device loop0): mounted with root inode @ nid 36. [ 103.041609][ T6291] loop1: detected capacity change from 0 to 2048 [ 103.108294][ T6291] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 103.222231][ T979] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 103.256416][ T979] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 103.298081][ T979] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 103.338536][ T979] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 103.356104][ T979] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 103.391370][ T6261] random: crng reseeded on system resumption [ 103.436515][ T979] input: HID 0955:7214 Haptics as /devices/virtual/input/input6 [ 103.537864][ T979] shield 0003:0955:7214.0002: Registered Thunderstrike controller [ 103.626738][ T979] shield 0003:0955:7214.0002: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0 [ 103.740788][ T5986] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 103.773164][ T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 103.781255][ T979] usb 4-1: USB disconnect, device number 2 [ 103.789384][ T5986] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 103.841433][ T5986] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 103.865741][ T6307] loop4: detected capacity change from 0 to 1764 [ 103.876992][ T5986] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 103.882953][ T6309] loop5: detected capacity change from 0 to 512 [ 103.908188][ T6309] EXT4-fs: Ignoring removed i_version option [ 103.963875][ T6309] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.138: iget: bad extra_isize 50264 (inode size 256) [ 103.978502][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 103.981168][ T6309] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 103.988879][ T9] usb 2-1: config 0 has no interfaces? [ 104.001135][ T6309] EXT4-fs (loop5): Remounting filesystem read-only [ 104.011241][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 104.011265][ C1] EXT4-fs (loop5): initial error at time 1772897478: ext4_orphan_get:1391: inode 15 [ 104.011305][ C1] EXT4-fs (loop5): last error at time 1772897478: ext4_orphan_get:1391: inode 15 [ 104.087692][ T9] usb 2-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e [ 104.100014][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.109220][ T9] usb 2-1: Product: syz [ 104.113429][ T9] usb 2-1: Manufacturer: syz [ 104.117037][ T6309] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.118710][ T9] usb 2-1: SerialNumber: syz [ 104.173243][ T9] usb 2-1: config 0 descriptor?? [ 104.382460][ T5821] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.542565][ T979] usb 2-1: USB disconnect, device number 2 [ 104.672452][ T6329] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 105.350419][ T5832] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 105.530650][ T5832] usb 6-1: Using ep0 maxpacket: 32 [ 105.553275][ T5832] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 105.574552][ T5832] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.595194][ T5832] usb 6-1: config 0 descriptor?? [ 105.812689][ T5832] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 105.845337][ T5832] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 105.888737][ T5832] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 105.909963][ T5832] usb 6-1: media controller created [ 105.931724][ T6369] loop0: detected capacity change from 0 to 4096 [ 105.958155][ T5832] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 105.973662][ T6369] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 106.091068][ T5832] az6027: usb out operation failed. (-71) [ 106.107183][ T30] audit: type=1800 audit(1772897481.032:7): pid=6369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.165" name="file1" dev="loop0" ino=30 res=0 errno=0 [ 106.139334][ T5832] az6027: usb out operation failed. (-71) [ 106.166256][ T5832] stb0899_attach: Driver disabled by Kconfig [ 106.200914][ T5832] az6027: no front-end attached [ 106.200914][ T5832] [ 106.230909][ T5832] az6027: usb out operation failed. (-71) [ 106.239067][ T5832] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 106.272891][ T5832] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input7 [ 106.329824][ T5832] dvb-usb: schedule remote query interval to 400 msecs. [ 106.347180][ T5832] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 106.401513][ T5832] usb 6-1: USB disconnect, device number 3 [ 106.479600][ T6385] loop1: detected capacity change from 0 to 64 [ 106.552190][ T6359] loop2: detected capacity change from 0 to 40427 [ 106.609178][ T5832] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 106.652469][ T6389] netlink: 48 bytes leftover after parsing attributes in process `syz.3.175'. [ 107.140058][ T6359] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 107.214185][ T6359] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 107.414437][ T6409] block nbd0: server does not support multiple connections per device. [ 107.455268][ T6409] block nbd0: shutting down sockets [ 107.503574][ T6415] mmap: syz.4.174 (6415) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 107.555734][ T6414] loop3: detected capacity change from 0 to 1024 [ 107.585323][ T5820] syz-executor: attempt to access beyond end of device [ 107.585323][ T5820] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 107.635913][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 107.635954][ T5820] Tainted: [L]=SOFTLOCKUP [ 107.635963][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 107.635978][ T5820] Call Trace: [ 107.635987][ T5820] [ 107.635998][ T5820] dump_stack_lvl+0xe8/0x150 [ 107.636041][ T5820] f2fs_handle_critical_error+0x37c/0x540 [ 107.636081][ T5820] f2fs_write_end_io+0xcdb/0xff0 [ 107.636144][ T5820] __submit_merged_bio+0x256/0x700 [ 107.636183][ T5820] __submit_merged_write_cond+0x3c9/0x4e0 [ 107.636226][ T5820] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 107.636276][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636319][ T5820] f2fs_write_data_pages+0x2975/0x35e0 [ 107.636404][ T5820] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 107.636456][ T5820] ? unwind_get_return_address+0x4d/0x90 [ 107.636497][ T5820] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 107.636524][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636592][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636623][ T5820] ? check_noncircular+0xda/0x150 [ 107.636635][ T6417] loop0: detected capacity change from 0 to 64 [ 107.636666][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636698][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636727][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636764][ T5820] ? __lock_acquire+0x146e/0x2cf0 [ 107.636830][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636859][ T5820] ? do_raw_spin_lock+0x12b/0x2f0 [ 107.636894][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636929][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.636959][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 107.636988][ T5820] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 107.637025][ T5820] do_writepages+0x32e/0x550 [ 107.637066][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637100][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637135][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637165][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 107.637199][ T5820] filemap_fdatawrite+0x1e9/0x2f0 [ 107.637239][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637272][ T5820] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 107.637364][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637398][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637434][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 107.637469][ T5820] f2fs_sync_dirty_inodes+0x30e/0x860 [ 107.637528][ T5820] f2fs_write_checkpoint+0x9df/0x26a0 [ 107.637612][ T5820] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 107.637647][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637761][ T5820] kill_f2fs_super+0x314/0x720 [ 107.637806][ T5820] ? __pfx_kill_f2fs_super+0x10/0x10 [ 107.637858][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637892][ T5820] ? lockdep_hardirqs_on+0x7a/0x110 [ 107.637932][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 107.637979][ T5820] deactivate_locked_super+0xbc/0x130 [ 107.638023][ T5820] cleanup_mnt+0x437/0x4d0 [ 107.638051][ T5820] ? _raw_spin_unlock_irq+0x23/0x50 [ 107.638094][ T5820] task_work_run+0x1d9/0x270 [ 107.638128][ T5820] ? __pfx_task_work_run+0x10/0x10 [ 107.638172][ T5820] exit_to_user_mode_loop+0xed/0x480 [ 107.638202][ T5820] ? rcu_is_watching+0x15/0xb0 [ 107.638246][ T5820] do_syscall_64+0x32d/0xf80 [ 107.638270][ T5820] ? trace_irq_disable+0x3b/0x150 [ 107.638307][ T5820] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.638346][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.638372][ T5820] RIP: 0033:0x7fb73319d9d7 [ 107.638396][ T5820] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 107.638416][ T5820] RSP: 002b:00007ffc55e88f68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 107.638441][ T5820] RAX: 0000000000000000 RBX: 00007fb733231f90 RCX: 00007fb73319d9d7 [ 107.638458][ T5820] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc55e89020 [ 107.638474][ T5820] RBP: 00007ffc55e89020 R08: 00007ffc55e8a020 R09: 00000000ffffffff [ 107.638491][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc55e8a0b0 [ 107.638507][ T5820] R13: 00007fb733231f90 R14: 000000000001a355 R15: 00007ffc55e8a0f0 [ 107.638551][ T5820] [ 107.653258][ T5820] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 107.947235][ T30] audit: type=1800 audit(1772897482.872:8): pid=6414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.184" name="file1" dev="loop3" ino=2 res=0 errno=0 [ 108.340488][ T6426] binder: 6425:6426 ioctl c018620c 200000000180 returned -1 [ 108.432430][ T6430] netem: change failed [ 108.693144][ T6438] loop5: detected capacity change from 0 to 736 [ 108.888622][ T979] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 109.078758][ T979] usb 2-1: Using ep0 maxpacket: 8 [ 109.093138][ T979] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 109.118431][ T979] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.156503][ T979] usb 2-1: Product: syz [ 109.171213][ T979] usb 2-1: Manufacturer: syz [ 109.222845][ T979] usb 2-1: SerialNumber: syz [ 109.250549][ T979] usb 2-1: config 0 descriptor?? [ 109.465542][ T979] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 109.500276][ T6429] loop3: detected capacity change from 0 to 32768 [ 109.577936][ T6429] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 109.598050][ T6452] netlink: 56 bytes leftover after parsing attributes in process `syz.2.201'. [ 109.675408][ T6429] XFS (loop3): Ending clean mount [ 109.720076][ T6429] XFS (loop3): Quotacheck needed: Please wait. [ 109.857660][ T6463] loop2: detected capacity change from 0 to 1024 [ 109.873321][ T6429] XFS (loop3): Quotacheck: Done. [ 109.936078][ T6440] loop0: detected capacity change from 0 to 32768 [ 109.944196][ T6463] hfsplus: xattr searching failed [ 110.049138][ T6440] JBD2: Ignoring recovery information on journal [ 110.076094][ T6466] loop4: detected capacity change from 0 to 512 [ 110.080085][ T979] usb write operation failed. (-71) [ 110.099492][ T979] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 110.113216][ T5819] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 110.116195][ T979] dvbdev: DVB: registering new adapter (Terratec H7) [ 110.129666][ T979] usb 2-1: media controller created [ 110.135490][ T979] usb read operation failed. (-71) [ 110.144352][ T979] usb write operation failed. (-71) [ 110.154411][ T979] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 110.199984][ T979] usb 2-1: USB disconnect, device number 3 [ 110.330721][ T6440] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 110.348281][ T6466] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.375294][ T6447] debugfs: 'B1DE653C5FFC4D88B33B244AAB9EB3E9' already exists in 'ocfs2' [ 110.391410][ T6466] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.464438][ T6447] JBD2: Ignoring recovery information on journal [ 110.557284][ T6447] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 110.745578][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.834821][ T5823] ocfs2: Unmounting device (7,0) on (node local) [ 111.096337][ T5821] ocfs2: Unmounting device (7,5) on (node local) [ 111.456305][ T6487] set_capacity_and_notify: 2 callbacks suppressed [ 111.456327][ T6487] loop4: detected capacity change from 0 to 512 [ 111.520237][ T6487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.612315][ T6487] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.646779][ T6487] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #2: comm syz.4.213: corrupted inode contents [ 111.688444][ T24] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 111.716305][ T6487] EXT4-fs error (device loop4): ext4_dirty_inode:6450: inode #2: comm syz.4.213: mark_inode_dirty error [ 111.749971][ T6487] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #2: comm syz.4.213: corrupted inode contents [ 111.783368][ T6487] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.213: mark_inode_dirty error [ 111.832754][ T6487] EXT4-fs warning (device loop4): ext4_es_cache_extent:1082: inode #2: comm syz.4.213: ES cache extent failed: add [0,1,21,0x1] conflict with existing [0,8,576460752303423487,0x18] [ 111.832754][ T6487] [ 111.853146][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 111.880354][ T24] usb 4-1: unable to get BOS descriptor or descriptor too short [ 111.897402][ T24] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7 [ 111.929538][ T24] usb 4-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40 [ 111.941010][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.968015][ T24] usb 4-1: Product: syz [ 111.981278][ T24] usb 4-1: Manufacturer: syz [ 111.996158][ T24] usb 4-1: SerialNumber: syz [ 112.037902][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.151771][ T6507] loop0: detected capacity change from 0 to 2048 [ 112.175391][ T6507] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=3932051, location=3932051 [ 112.218701][ T5832] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 112.252109][ T6507] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 112.286150][ T24] usb 4-1: Audio class v2/v3 interfaces need an interface association [ 112.310780][ T24] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 112.398767][ T5832] usb 2-1: Using ep0 maxpacket: 8 [ 112.440271][ T5832] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 112.447719][ T5832] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 112.510819][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 112.542026][ T6497] loop5: detected capacity change from 0 to 32768 [ 112.550578][ T5832] usb 2-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 112.583115][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 112.633346][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 112.646478][ T5832] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 112.690870][ T24] usb 4-1: 2:1 : can't get Cluster Descriptor [ 112.712858][ T5832] usb 2-1: config 168 interface 0 has no altsetting 0 [ 112.769515][ T5832] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 112.777535][ T5832] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 112.816441][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 112.866696][ T5832] usb 2-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 112.900424][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 112.935606][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 112.947713][ T5898] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 112.957756][ T24] usb 4-1: USB disconnect, device number 3 [ 112.998378][ T5832] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 113.020981][ T5832] usb 2-1: config 168 interface 0 has no altsetting 0 [ 113.064918][ T5832] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 113.080443][ T5832] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 113.108505][ T5913] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 113.112333][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 113.140486][ T5898] usb 5-1: Using ep0 maxpacket: 16 [ 113.160994][ T5898] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.186157][ T5832] usb 2-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 113.208797][ T5898] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 96 [ 113.229516][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 113.245033][ T5898] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8 [ 113.255284][ T5898] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 113.272292][ T5832] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 113.287985][ T5832] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 113.308034][ T5832] usb 2-1: config 168 interface 0 has no altsetting 0 [ 113.316352][ T5898] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 113.326369][ T5898] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 113.335101][ T5898] usb 5-1: SerialNumber: syz [ 113.346855][ T5913] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 113.352260][ T5832] usb 2-1: string descriptor 0 read error: -22 [ 113.362688][ T5832] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 113.375684][ T6517] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 113.395827][ T6517] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 113.398423][ T5913] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.403682][ T5832] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.429527][ T5898] hub 5-1:1.0: bad descriptor, ignoring hub [ 113.435681][ T5898] hub 5-1:1.0: probe with driver hub failed with error -5 [ 113.456797][ T5913] usb 3-1: config 0 descriptor?? [ 113.471049][ T5832] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 113.645414][ T6535] loop3: detected capacity change from 0 to 64 [ 113.654496][ T6517] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 113.674625][ T6536] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size. [ 113.683337][ T6517] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 113.741387][ T5913] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 113.750311][ T30] audit: type=1800 audit(1772897488.682:9): pid=6535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.233" name="file2" dev="loop3" ino=23 res=0 errno=0 [ 113.788996][ T5832] usb 2-1: USB disconnect, device number 4 [ 113.942228][ T5913] [drm:udl_init] *ERROR* Selecting channel failed [ 114.000572][ T5913] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 114.022533][ T5913] [drm] Initialized udl on minor 2 [ 114.054456][ T5913] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 114.107872][ T5913] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 114.131418][ T5986] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 114.150876][ T5913] usb 3-1: USB disconnect, device number 3 [ 114.165097][ T5986] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 114.210066][ T5898] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 114.219785][ T6544] loop3: detected capacity change from 0 to 4096 [ 114.285698][ T6544] ntfs3(loop3): ino=1a, mi_enum_attr [ 114.318931][ T6544] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 114.441518][ T5832] usb 5-1: USB disconnect, device number 3 [ 114.538666][ T5832] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device [ 114.755925][ T6556] loop3: detected capacity change from 0 to 64 [ 115.276037][ T6540] loop5: detected capacity change from 0 to 32768 [ 115.282716][ T6576] loop0: detected capacity change from 0 to 128 [ 115.346335][ T6576] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 115.421549][ T6576] hpfs: filesystem error: improperly stopped [ 115.437987][ T6577] loop4: detected capacity change from 0 to 2048 [ 115.445230][ T6540] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 115.478133][ T6576] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 115.532221][ T6576] hpfs: You really don't want any checks? You are crazy... [ 115.623399][ T6577] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.636590][ T6592] loop1: detected capacity change from 0 to 1024 [ 115.677103][ T6576] hpfs: hpfs_map_sector(): read error [ 115.718700][ T6540] XFS (loop5): Ending clean mount [ 115.726564][ T6576] hpfs: code page support is disabled [ 115.738646][ T6577] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.751016][ T6540] XFS (loop5): Quotacheck needed: Please wait. [ 115.751904][ T6576] hpfs: hpfs_map_4sectors(): unaligned read [ 115.817586][ T6592] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 115.825050][ T6576] hpfs: hpfs_map_4sectors(): unaligned read [ 115.836285][ T6576] hpfs: filesystem error: unable to find root dir [ 115.968909][ T6576] hpfs: hpfs_map_4sectors(): unaligned read [ 115.978613][ T6592] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.000344][ T6576] hpfs: hpfs_map_sector(): read error [ 116.001930][ T6540] XFS (loop5): Quotacheck: Done. [ 116.007850][ T6576] hpfs: hpfs_map_sector(): read error [ 116.079763][ T6592] EXT4-fs error (device loop1): ext4_map_blocks:818: inode #15: comm syz.1.251: lblock 0 mapped to illegal pblock 0 (length 1) [ 116.090011][ T6600] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.247: bg 0: block 345: padding at end of block bitmap is not set [ 116.093721][ T30] audit: type=1800 audit(1772897491.002:10): pid=6592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.251" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 116.248226][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 116.248622][ T6600] EXT4-fs (loop4): Remounting filesystem read-only [ 116.310408][ T1144] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:5037: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 116.386344][ T6584] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 116.388734][ T5821] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 116.467595][ T6584] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 116.490172][ T6584] F2FS-fs (loop2): invalid crc value [ 116.536495][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.718437][ T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 116.928806][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 116.942653][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.965794][ T6584] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 116.988380][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.039400][ T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 117.066328][ T6584] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 117.090653][ T24] usb 4-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 117.113874][ T6584] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 117.132688][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.184930][ T24] usb 4-1: config 0 descriptor?? [ 117.384395][ T5820] syz-executor: attempt to access beyond end of device [ 117.384395][ T5820] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 117.444713][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 117.444753][ T5820] Tainted: [L]=SOFTLOCKUP [ 117.444762][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 117.444777][ T5820] Call Trace: [ 117.444786][ T5820] [ 117.444797][ T5820] dump_stack_lvl+0xe8/0x150 [ 117.444841][ T5820] f2fs_handle_critical_error+0x37c/0x540 [ 117.444878][ T5820] f2fs_write_end_io+0xcdb/0xff0 [ 117.444934][ T5820] __submit_merged_bio+0x256/0x700 [ 117.444971][ T5820] __submit_merged_write_cond+0x3c9/0x4e0 [ 117.445010][ T5820] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 117.445061][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445103][ T5820] f2fs_write_data_pages+0x2975/0x35e0 [ 117.445180][ T5820] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 117.445231][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445260][ T5820] ? css_rstat_updated+0x23a/0x530 [ 117.445316][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445346][ T5820] ? rcu_is_watching+0x15/0xb0 [ 117.445384][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445413][ T5820] ? mod_memcg_lruvec_state+0x1a7/0x360 [ 117.445454][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445484][ T5820] ? lru_gen_update_size+0x7c9/0xd10 [ 117.445533][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445567][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445597][ T5820] ? __lock_acquire+0x6b5/0x2cf0 [ 117.445637][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445681][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445715][ T5820] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 117.445750][ T5820] do_writepages+0x32e/0x550 [ 117.445790][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445820][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445849][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.445878][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 117.445910][ T5820] filemap_fdatawrite+0x1e9/0x2f0 [ 117.445955][ T5820] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 117.446037][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.446078][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.446114][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 117.446147][ T5820] f2fs_sync_dirty_inodes+0x30e/0x860 [ 117.446202][ T5820] f2fs_write_checkpoint+0x9df/0x26a0 [ 117.446278][ T5820] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 117.446312][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.446404][ T5820] kill_f2fs_super+0x314/0x720 [ 117.446447][ T5820] ? __pfx_kill_f2fs_super+0x10/0x10 [ 117.446496][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.446526][ T5820] ? lockdep_hardirqs_on+0x7a/0x110 [ 117.446567][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.446612][ T5820] deactivate_locked_super+0xbc/0x130 [ 117.446656][ T5820] cleanup_mnt+0x437/0x4d0 [ 117.446684][ T5820] ? _raw_spin_unlock_irq+0x23/0x50 [ 117.446726][ T5820] task_work_run+0x1d9/0x270 [ 117.446759][ T5820] ? __pfx_task_work_run+0x10/0x10 [ 117.446799][ T5820] exit_to_user_mode_loop+0xed/0x480 [ 117.446830][ T5820] ? rcu_is_watching+0x15/0xb0 [ 117.446871][ T5820] do_syscall_64+0x32d/0xf80 [ 117.446894][ T5820] ? trace_irq_disable+0x3b/0x150 [ 117.446937][ T5820] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.446970][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.446996][ T5820] RIP: 0033:0x7fb73319d9d7 [ 117.447020][ T5820] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 117.447040][ T5820] RSP: 002b:00007ffc55e88f68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 117.447092][ T5820] RAX: 0000000000000000 RBX: 00007fb733231f90 RCX: 00007fb73319d9d7 [ 117.447109][ T5820] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc55e89020 [ 117.447125][ T5820] RBP: 00007ffc55e89020 R08: 00007ffc55e8a020 R09: 00000000ffffffff [ 117.447143][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc55e8a0b0 [ 117.447159][ T5820] R13: 00007fb733231f90 R14: 000000000001ca0f R15: 00007ffc55e8a0f0 [ 117.447198][ T5820] [ 117.464403][ T6636] set_capacity_and_notify: 1 callbacks suppressed [ 117.464443][ T6636] loop0: detected capacity change from 0 to 512 [ 117.479413][ T5820] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 117.578866][ T6636] EXT4-fs (loop0): 1 truncate cleaned up [ 117.813778][ T6641] loop4: detected capacity change from 0 to 256 [ 117.827222][ T24] waterforce 0003:1044:7A4D.0003: unknown main item tag 0x0 [ 117.900675][ T5820] CPU: 1 UID: 0 PID: 5820 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 117.900718][ T5820] Tainted: [L]=SOFTLOCKUP [ 117.900727][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 117.900742][ T5820] Call Trace: [ 117.900752][ T5820] [ 117.900762][ T5820] dump_stack_lvl+0xe8/0x150 [ 117.900803][ T5820] f2fs_handle_critical_error+0x37c/0x540 [ 117.900841][ T5820] f2fs_write_end_io+0xcdb/0xff0 [ 117.900899][ T5820] __submit_merged_bio+0x256/0x700 [ 117.900936][ T5820] __submit_merged_write_cond+0x3c9/0x4e0 [ 117.900973][ T5820] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 117.901020][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901059][ T5820] f2fs_write_data_pages+0x2975/0x35e0 [ 117.901133][ T5820] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 117.901181][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901210][ T5820] ? css_rstat_updated+0x23a/0x530 [ 117.901265][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901295][ T5820] ? rcu_is_watching+0x15/0xb0 [ 117.901331][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901361][ T5820] ? mod_memcg_lruvec_state+0x1a7/0x360 [ 117.901402][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901431][ T5820] ? lru_gen_update_size+0x7c9/0xd10 [ 117.901479][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901513][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901542][ T5820] ? __lock_acquire+0x6b5/0x2cf0 [ 117.901581][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901625][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901659][ T5820] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 117.901695][ T5820] do_writepages+0x32e/0x550 [ 117.901734][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901766][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901800][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.901830][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 117.901862][ T5820] filemap_fdatawrite+0x1e9/0x2f0 [ 117.901906][ T5820] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 117.901984][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.902022][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.902056][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 117.902088][ T5820] f2fs_sync_dirty_inodes+0x30e/0x860 [ 117.902142][ T5820] f2fs_write_checkpoint+0x9df/0x26a0 [ 117.902214][ T5820] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 117.902248][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.902338][ T5820] kill_f2fs_super+0x314/0x720 [ 117.902379][ T5820] ? __pfx_kill_f2fs_super+0x10/0x10 [ 117.902425][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.902454][ T5820] ? lockdep_hardirqs_on+0x7a/0x110 [ 117.902494][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 117.902537][ T5820] deactivate_locked_super+0xbc/0x130 [ 117.902581][ T5820] cleanup_mnt+0x437/0x4d0 [ 117.902608][ T5820] ? _raw_spin_unlock_irq+0x23/0x50 [ 117.902648][ T5820] task_work_run+0x1d9/0x270 [ 117.902679][ T5820] ? __pfx_task_work_run+0x10/0x10 [ 117.902719][ T5820] exit_to_user_mode_loop+0xed/0x480 [ 117.902748][ T5820] ? rcu_is_watching+0x15/0xb0 [ 117.902789][ T5820] do_syscall_64+0x32d/0xf80 [ 117.902812][ T5820] ? trace_irq_disable+0x3b/0x150 [ 117.902850][ T5820] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.902882][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.902907][ T5820] RIP: 0033:0x7fb73319d9d7 [ 117.902930][ T5820] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 117.902950][ T5820] RSP: 002b:00007ffc55e88f68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 117.902975][ T5820] RAX: 0000000000000000 RBX: 00007fb733231f90 RCX: 00007fb73319d9d7 [ 117.902992][ T5820] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc55e89020 [ 117.903015][ T5820] RBP: 00007ffc55e89020 R08: 00007ffc55e8a020 R09: 00000000ffffffff [ 117.903033][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc55e8a0b0 [ 117.903048][ T5820] R13: 00007fb733231f90 R14: 000000000001ca0f R15: 00007ffc55e8a0f0 [ 117.903085][ T5820] [ 117.903095][ T5820] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 118.074445][ T6636] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.087811][ T24] waterforce 0003:1044:7A4D.0003: unknown main item tag 0x0 [ 118.347454][ T30] audit: type=1800 audit(1772897493.202:11): pid=6636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.261" name="file1" dev="loop0" ino=13 res=0 errno=0 [ 118.365766][ T24] waterforce 0003:1044:7A4D.0003: unknown main item tag 0x0 [ 118.408397][ T24] waterforce 0003:1044:7A4D.0003: unknown main item tag 0x0 [ 118.415732][ T24] waterforce 0003:1044:7A4D.0003: unknown main item tag 0x0 [ 118.438381][ T24] waterforce 0003:1044:7A4D.0003: unknown main item tag 0x0 [ 118.445804][ T24] waterforce 0003:1044:7A4D.0003: unknown main item tag 0x7 [ 118.488474][ T24] waterforce 0003:1044:7A4D.0003: unexpected long global item [ 118.535770][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.563743][ T24] waterforce 0003:1044:7A4D.0003: hid parse failed with -22 [ 118.615584][ T24] waterforce 0003:1044:7A4D.0003: probe with driver waterforce failed with error -22 [ 118.695221][ T24] usb 4-1: USB disconnect, device number 4 [ 118.767807][ T6654] netlink: 12 bytes leftover after parsing attributes in process `syz.4.269'. [ 118.830398][ T6654] netem: invalid attributes len -15 [ 118.835641][ T6654] netem: change failed [ 118.958971][ T6634] loop5: detected capacity change from 0 to 32768 [ 119.060740][ T6634] (syz.5.256,6634,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 119.124883][ T6634] (syz.5.256,6634,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 119.345672][ T6634] JBD2: Ignoring recovery information on journal [ 119.515322][ T6634] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 119.788203][ T30] audit: type=1800 audit(1772897494.712:12): pid=6634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.256" name="file1" dev="loop5" ino=16979 res=0 errno=0 [ 120.190055][ T5821] ocfs2: Unmounting device (7,5) on (node local) [ 120.483797][ T6659] loop1: detected capacity change from 0 to 32768 [ 120.653578][ T6659] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 120.777645][ T6661] loop3: detected capacity change from 0 to 32768 [ 120.856393][ T6661] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 120.933210][ T5824] ocfs2: Unmounting device (7,1) on (node local) [ 121.102366][ T6661] XFS (loop3): Ending clean mount [ 121.178734][ T6661] XFS (loop3): Quotacheck needed: Please wait. [ 121.332927][ T6661] XFS (loop3): Quotacheck: Done. [ 121.601534][ T5819] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 122.084562][ T6706] netlink: 'syz.0.284': attribute type 8 has an invalid length. [ 122.140334][ T6706] netlink: 'syz.0.284': attribute type 4 has an invalid length. [ 122.198497][ T6706] netlink: 164 bytes leftover after parsing attributes in process `syz.0.284'. [ 122.410472][ T6711] netlink: 8 bytes leftover after parsing attributes in process `syz.1.286'. [ 122.585743][ T6713] loop3: detected capacity change from 0 to 4096 [ 122.633362][ T6693] mkiss: ax0: crc mode is auto. [ 122.918260][ T6713] ntfs3(loop3): ino=9, attr_set_size_ex [ 124.041173][ T6744] netlink: 16 bytes leftover after parsing attributes in process `syz.3.301'. [ 124.224189][ T6741] loop2: detected capacity change from 0 to 32768 [ 124.294910][ T6741] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 124.305403][ T6741] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 124.320820][ T6741] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 124.331198][ T979] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 124.338961][ T979] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 124.509215][ T6757] loop6: detected capacity change from 0 to 1 [ 124.563187][ T6757] Dev loop6: unable to read RDB block 1 [ 124.584461][ T979] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 245ms [ 124.595507][ T6757] loop6: unable to read partition table [ 124.628758][ T6757] loop6: partition table beyond EOD, truncated [ 124.634262][ T979] gfs2: fsid=syz:syz.0: jid=0: Done [ 124.639263][ T6757] loop_reread_partitions: partition scan of loop6 (‰u0v°Ï ) failed (rc=-5) [ 124.649307][ T5832] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 124.673372][ T6741] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 124.749369][ T5188] Dev loop6: unable to read RDB block 1 [ 124.755532][ T5188] loop6: unable to read partition table [ 124.766049][ T5188] loop6: partition table beyond EOD, truncated [ 124.843362][ T6741] gfs2: fsid=syz:syz.0: found 1 quota changes [ 124.855109][ T5832] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 124.899937][ T5832] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 124.945039][ T5832] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 125.027776][ T5832] usb 5-1: config 220 has no interface number 2 [ 125.060255][ T5832] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 125.089629][ T5832] usb 5-1: config 220 interface 0 has no altsetting 0 [ 125.096508][ T5820] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 402 [ 125.115718][ T5832] usb 5-1: config 220 interface 76 has no altsetting 0 [ 125.124692][ T5832] usb 5-1: config 220 interface 1 has no altsetting 0 [ 125.128940][ T5820] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 125.138064][ T5832] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 125.158438][ T5832] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.172913][ T5832] usb 5-1: Product: syz [ 125.197291][ T5820] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:5820 [syz-executor] gfs2_quota_sync+0x370/0x470 [ 125.197688][ T5832] usb 5-1: Manufacturer: syz [ 125.236082][ T5820] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 125.238623][ T5832] usb 5-1: SerialNumber: syz [ 125.268831][ T5820] CPU: 1 UID: 0 PID: 5820 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 125.268869][ T5820] Tainted: [L]=SOFTLOCKUP [ 125.268878][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 125.268893][ T5820] Call Trace: [ 125.268903][ T5820] [ 125.268913][ T5820] dump_stack_lvl+0xe8/0x150 [ 125.268956][ T5820] gfs2_withdraw+0xc3/0x1b0 [ 125.269009][ T5820] inode_go_instantiate+0xdd8/0x1220 [ 125.269053][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 125.269084][ T5820] ? preempt_schedule_common+0x82/0xd0 [ 125.269131][ T5820] ? __pfx_inode_go_instantiate+0x10/0x10 [ 125.269174][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 125.269215][ T5820] gfs2_instantiate+0x168/0x220 [ 125.269260][ T5820] gfs2_glock_wait+0x1d4/0x2a0 [ 125.269290][ T5820] do_sync+0x49a/0xcb0 [ 125.269321][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 125.269351][ T5820] ? _raw_spin_unlock+0x28/0x50 [ 125.269385][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 125.269414][ T5820] ? gfs2_quota_sync+0x370/0x470 [ 125.269458][ T5820] ? __pfx_do_sync+0x10/0x10 [ 125.269502][ T5820] ? gfs2_quota_sync+0x370/0x470 [ 125.269533][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 125.269567][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 125.269597][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 125.269631][ T5820] gfs2_quota_sync+0x370/0x470 [ 125.269676][ T5820] gfs2_sync_fs+0x4c/0xb0 [ 125.269709][ T5820] sync_filesystem+0xee/0x230 [ 125.269739][ T5820] generic_shutdown_super+0x77/0x2d0 [ 125.269785][ T5820] kill_block_super+0x44/0x90 [ 125.269815][ T5820] deactivate_locked_super+0xbc/0x130 [ 125.269858][ T5820] cleanup_mnt+0x437/0x4d0 [ 125.269885][ T5820] ? _raw_spin_unlock_irq+0x23/0x50 [ 125.269925][ T5820] task_work_run+0x1d9/0x270 [ 125.269957][ T5820] ? __pfx_task_work_run+0x10/0x10 [ 125.269997][ T5820] exit_to_user_mode_loop+0xed/0x480 [ 125.270034][ T5820] ? rcu_is_watching+0x15/0xb0 [ 125.270076][ T5820] do_syscall_64+0x32d/0xf80 [ 125.270099][ T5820] ? trace_irq_disable+0x3b/0x150 [ 125.270139][ T5820] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.270171][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.270197][ T5820] RIP: 0033:0x7fb73319d9d7 [ 125.270221][ T5820] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 125.270242][ T5820] RSP: 002b:00007ffc55e88f68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 125.270268][ T5820] RAX: 0000000000000000 RBX: 00007fb733231f90 RCX: 00007fb73319d9d7 [ 125.270284][ T5820] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc55e89020 [ 125.270300][ T5820] RBP: 00007ffc55e89020 R08: 00007ffc55e8a020 R09: 00000000ffffffff [ 125.270317][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc55e8a0b0 [ 125.270333][ T5820] R13: 00007fb733231f90 R14: 000000000001e7f5 R15: 00007ffc55e8a0f0 [ 125.270372][ T5820] [ 125.270382][ T5820] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 125.571991][ T5898] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 125.608013][ T5832] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 125.616122][ T5832] uvcvideo 5-1:220.0: No valid video chain found. [ 125.623707][ T5832] usb 5-1: selecting invalid altsetting 0 [ 125.658108][ T5832] usb 5-1: selecting invalid altsetting 0 [ 125.664613][ T5832] usbtest 5-1:220.1: probe with driver usbtest failed with error -22 [ 125.715008][ T5832] usb 5-1: USB disconnect, device number 4 [ 125.768532][ T5898] usb 2-1: Using ep0 maxpacket: 16 [ 125.777680][ T5898] usb 2-1: config index 0 descriptor too short (expected 65, got 36) [ 125.848526][ T5898] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 125.890679][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 125.915451][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 125.922665][ T6775] loop0: detected capacity change from 0 to 32768 [ 125.957494][ T5898] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 125.971046][ T5898] usb 2-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 125.980973][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.019054][ T6775] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 126.030609][ T5898] usb 2-1: config 0 descriptor?? [ 126.048882][ T6774] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 126.089262][ T5898] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input8 [ 126.187146][ T6775] XFS (loop0): Ending clean mount [ 126.316829][ T5823] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 126.412648][ T24] usb 2-1: USB disconnect, device number 5 [ 126.607742][ T6795] loop5: detected capacity change from 0 to 1024 [ 126.650183][ T6795] EXT4-fs: Ignoring removed orlov option [ 126.677994][ T6795] EXT4-fs: inline encryption not supported [ 126.720909][ T6795] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869) [ 126.770405][ T6795] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 126.800720][ T6795] EXT4-fs (loop5): invalid journal inode [ 126.813789][ T6795] EXT4-fs (loop5): can't get journal size [ 126.882207][ T6795] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 126.927318][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.323'. [ 127.047366][ T5821] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.372540][ T6813] loop5: detected capacity change from 0 to 2048 [ 127.426075][ T6813] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.464481][ T6813] ext4 filesystem being mounted at /54/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 127.507630][ T6818] loop1: detected capacity change from 0 to 2048 [ 127.672134][ T6826] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 127.745237][ T5821] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.887270][ T6825] loop4: detected capacity change from 0 to 4096 [ 127.909480][ T6825] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 128.041848][ T6825] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 128.603627][ T6851] xt_hashlimit: size too large, truncated to 1048576 [ 128.649514][ T6854] af_packet: tpacket_rcv: packet too big, clamped from 108 to 4294967272. macoff=96 [ 128.827916][ T6857] syz.5.345 (6857) used greatest stack depth: 15176 bytes left [ 129.217948][ T6836] loop0: detected capacity change from 0 to 32768 [ 129.268191][ T6836] (syz.0.337,6836,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 129.319487][ T6836] (syz.0.337,6836,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 129.404255][ T6836] JBD2: Ignoring recovery information on journal [ 129.500875][ T6836] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 129.851652][ T5823] ocfs2: Unmounting device (7,0) on (node local) [ 130.148993][ T6871] loop5: detected capacity change from 0 to 32768 [ 130.185716][ T6871] (syz.5.351,6871,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 130.220339][ T6871] (syz.5.351,6871,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 130.247136][ T6893] loop3: detected capacity change from 0 to 8192 [ 130.342902][ T6871] JBD2: Ignoring recovery information on journal [ 130.539725][ T6871] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 130.636474][ T6871] (syz.5.351,6871,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 130.741720][ T5820] gfs2: fsid=syz:syz.0: warning: assertion "gfs2_log_is_empty(sdp)" failed - function = gfs2_make_fs_ro, file = fs/gfs2/super.c, line = 566 [ 130.762557][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 130.762596][ T5820] Tainted: [L]=SOFTLOCKUP [ 130.762605][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 130.762619][ T5820] Call Trace: [ 130.762629][ T5820] [ 130.762639][ T5820] dump_stack_lvl+0xe8/0x150 [ 130.762681][ T5820] gfs2_assert_warn_i+0x194/0x2c0 [ 130.762737][ T5820] gfs2_make_fs_ro+0x30d/0x320 [ 130.762768][ T5820] ? __pfx_gfs2_make_fs_ro+0x10/0x10 [ 130.762790][ T5820] ? do_raw_spin_lock+0x12b/0x2f0 [ 130.762815][ T5820] ? __pfx_autoremove_wake_function+0x10/0x10 [ 130.762843][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 130.762876][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 130.762910][ T5820] ? srso_alias_return_thunk+0x5/0xfbef5 [ 130.762940][ T5820] ? do_raw_spin_unlock+0xf5/0x210 [ 130.762972][ T5820] gfs2_put_super+0x220/0x860 [ 130.763022][ T5820] ? __pfx_gfs2_put_super+0x10/0x10 [ 130.763052][ T5820] generic_shutdown_super+0x13d/0x2d0 [ 130.763098][ T5820] kill_block_super+0x44/0x90 [ 130.763128][ T5820] deactivate_locked_super+0xbc/0x130 [ 130.763171][ T5820] cleanup_mnt+0x437/0x4d0 [ 130.763198][ T5820] ? _raw_spin_unlock_irq+0x23/0x50 [ 130.763241][ T5820] task_work_run+0x1d9/0x270 [ 130.763274][ T5820] ? __pfx_task_work_run+0x10/0x10 [ 130.763314][ T5820] exit_to_user_mode_loop+0xed/0x480 [ 130.763344][ T5820] ? rcu_is_watching+0x15/0xb0 [ 130.763387][ T5820] do_syscall_64+0x32d/0xf80 [ 130.763410][ T5820] ? trace_irq_disable+0x3b/0x150 [ 130.763449][ T5820] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.763482][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.763508][ T5820] RIP: 0033:0x7fb73319d9d7 [ 130.763531][ T5820] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 130.763550][ T5820] RSP: 002b:00007ffc55e88f68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 130.763576][ T5820] RAX: 0000000000000000 RBX: 00007fb733231f90 RCX: 00007fb73319d9d7 [ 130.763594][ T5820] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc55e89020 [ 130.763609][ T5820] RBP: 00007ffc55e89020 R08: 00007ffc55e8a020 R09: 00000000ffffffff [ 130.763627][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc55e8a0b0 [ 130.763642][ T5820] R13: 00007fb733231f90 R14: 000000000001e7f5 R15: 00007ffc55e8a0f0 [ 130.763681][ T5820] [ 130.871152][ T6871] (syz.5.351,6871,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 131.071297][ T6871] (syz.5.351,6871,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC. [ 131.105467][ T6871] (syz.5.351,6871,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c [ 131.143299][ T6871] (syz.5.351,6871,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 131.170381][ T6871] (syz.5.351,6871,1):ocfs2_quota_read:201 ERROR: status = -5 [ 131.189181][ T6912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.365'. [ 131.248546][ T6871] Quota error (device loop5): find_block_dqentry: Can't read quota tree block 6 [ 131.257851][ T6871] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 131.318438][ T6871] (syz.5.351,6871,0):ocfs2_acquire_dquot:890 ERROR: status = -5 [ 131.329576][ T6871] (syz.5.351,6871,0):ocfs2_symlink:1895 ERROR: status = -5 [ 131.337420][ T6871] (syz.5.351,6871,0):ocfs2_symlink:2081 ERROR: status = -5 [ 131.572884][ T6916] Bluetooth: MGMT ver 1.23 [ 131.590042][ T5821] ocfs2: Unmounting device (7,5) on (node local) [ 131.887528][ T6922] loop4: detected capacity change from 0 to 4096 [ 131.990076][ T6922] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 132.007019][ T6922] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 132.053709][ T6922] ntfs3(loop4): ino=1e, "file1" attr_set_size_ex [ 132.163762][ T1144] ntfs3(loop4): ino=3, ntfs3_write_inode failed, -22. [ 132.190250][ T5822] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 132.199507][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.206034][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.227618][ T5822] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 132.253802][ T5822] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 132.285787][ T49] ntfs3(loop4): ino=3, ntfs3_write_inode failed, -22. [ 132.540523][ T6939] program syz.5.377 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 133.135326][ T6928] loop2: detected capacity change from 0 to 32768 [ 133.241006][ T6928] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 133.403504][ T6964] loop3: detected capacity change from 0 to 16 [ 133.423791][ T6928] XFS (loop2): Ending clean mount [ 133.432296][ T6964] erofs (device loop3): mounted with root inode @ nid 36. [ 133.472844][ T6928] XFS (loop2): Quotacheck needed: Please wait. [ 133.564853][ T6928] XFS (loop2): Quotacheck: Done. [ 133.598830][ T6951] loop1: detected capacity change from 0 to 4096 [ 133.607376][ T6938] loop4: detected capacity change from 0 to 32768 [ 133.691260][ T6938] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.375 (6938) [ 133.756513][ T5820] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 133.938799][ T6938] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 133.993920][ T6938] BTRFS info (device loop4): using sha256 checksum algorithm [ 134.064913][ T6971] loop0: detected capacity change from 0 to 256 [ 134.133689][ T6958] loop5: detected capacity change from 0 to 32768 [ 134.229204][ T6971] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d) [ 134.298486][ T6958] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 134.375371][ T6938] BTRFS info (device loop4): enabling ssd optimizations [ 134.444345][ T30] audit: type=1804 audit(1772897509.362:13): pid=6971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.388" name="/newroot/68/file2/file2" dev="loop0" ino=1048617 res=1 errno=0 [ 134.524159][ T6938] BTRFS info (device loop4): turning on async discard [ 134.562528][ T6958] XFS (loop5): Ending clean mount [ 134.570977][ T6938] BTRFS info (device loop4): enabling free space tree [ 134.586593][ T6958] XFS (loop5): Quotacheck needed: Please wait. [ 134.617046][ T6997] netlink: 'syz.1.390': attribute type 5 has an invalid length. [ 134.701053][ T6958] XFS (loop5): Quotacheck: Done. [ 134.838962][ T6999] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 134.878046][ T5822] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 134.978020][ T5821] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 135.091398][ T30] audit: type=1326 audit(1772897510.022:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f606799c799 code=0x7ffc0000 [ 135.198431][ T30] audit: type=1326 audit(1772897510.052:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f606799c799 code=0x7ffc0000 [ 135.321482][ T30] audit: type=1326 audit(1772897510.052:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f606799c799 code=0x7ffc0000 [ 135.443091][ T30] audit: type=1326 audit(1772897510.062:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f606799c799 code=0x7ffc0000 [ 135.506337][ T30] audit: type=1326 audit(1772897510.062:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f606799c799 code=0x7ffc0000 [ 135.558263][ T30] audit: type=1326 audit(1772897510.062:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f606799c799 code=0x7ffc0000 [ 135.622899][ T30] audit: type=1326 audit(1772897510.062:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f606799c799 code=0x7ffc0000 [ 136.524272][ T7026] sctp: [Deprecated]: syz.3.400 (pid 7026) Use of struct sctp_assoc_value in delayed_ack socket option. [ 136.524272][ T7026] Use struct sctp_sack_info instead [ 136.643555][ T7012] loop4: detected capacity change from 0 to 32768 [ 136.759738][ T7012] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 136.866630][ T7012] XFS (loop4): Ending clean mount [ 136.952545][ T7020] loop5: detected capacity change from 0 to 32768 [ 136.987208][ T7038] loop3: detected capacity change from 0 to 2048 [ 137.008717][ T7038] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 137.047276][ T7020] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 137.056693][ T7038] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 137.131064][ T5822] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 137.140094][ T7038] UDF-fs: Scanning with blocksize 512 failed [ 137.152740][ T7020] JBD2: Ignoring recovery information on journal [ 137.260320][ T7038] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 137.402235][ T7020] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 137.470571][ T7047] loop2: detected capacity change from 0 to 8 [ 137.838610][ T979] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 137.904458][ T5821] ocfs2: Unmounting device (7,5) on (node local) [ 138.048462][ T979] usb 5-1: Using ep0 maxpacket: 16 [ 138.070608][ T979] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 138.114604][ T979] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 138.202701][ T979] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 138.230575][ T979] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.263979][ T979] usb 5-1: Product: syz [ 138.268270][ T979] usb 5-1: Manufacturer: syz [ 138.294433][ T979] usb 5-1: SerialNumber: syz [ 138.332088][ T979] usb 5-1: config 0 descriptor?? [ 138.361864][ T979] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 138.419427][ T979] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 138.969367][ T979] em28xx 5-1:0.0: chip ID is em2874 [ 139.184539][ T5832] usb 5-1: USB disconnect, device number 5 [ 139.204337][ T5832] em28xx 5-1:0.0: Disconnecting em28xx [ 139.212906][ T7089] netlink: 40 bytes leftover after parsing attributes in process `syz.3.425'. [ 139.242726][ T5832] em28xx 5-1:0.0: Freeing device [ 139.373763][ T5898] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 139.485055][ T7097] mkiss: ax0: crc mode is auto. [ 139.548448][ T5898] usb 3-1: Using ep0 maxpacket: 32 [ 139.562293][ T5898] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 139.574899][ T7100] netlink: 20 bytes leftover after parsing attributes in process `syz.3.431'. [ 139.597903][ T5898] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 139.609983][ T7100] netlink: 24 bytes leftover after parsing attributes in process `syz.3.431'. [ 139.612860][ T7100] netlink: 20 bytes leftover after parsing attributes in process `syz.3.431'. [ 139.656110][ T5898] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 139.675941][ T7100] netlink: 24 bytes leftover after parsing attributes in process `syz.3.431'. [ 139.686285][ T5898] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 139.695629][ T5898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.719112][ T5898] usb 3-1: config 0 descriptor?? [ 139.727508][ T7085] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 139.771713][ T5898] hub 3-1:0.0: USB hub found [ 139.989815][ T5898] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 140.107649][ T7117] capability: warning: `syz.0.439' uses deprecated v2 capabilities in a way that may be insecure [ 140.112818][ T7111] loop4: detected capacity change from 0 to 4096 [ 140.125133][ T7117] netlink: 40 bytes leftover after parsing attributes in process `syz.0.439'. [ 140.125593][ T7115] netlink: 40 bytes leftover after parsing attributes in process `syz.1.438'. [ 140.154015][ T7111] EXT4-fs: Ignoring removed nomblk_io_submit option [ 140.159035][ T5928] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 140.208443][ T5898] usbhid 3-1:0.0: can't add hid device: -71 [ 140.215632][ T5898] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 140.217021][ T7111] EXT4-fs (loop4): stripe (97) is not aligned with cluster size (16), stripe is disabled [ 140.264266][ T5898] usb 3-1: USB disconnect, device number 4 [ 140.297126][ T7111] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842e018, mo2=0002] [ 140.337734][ T7111] System zones: 0-5 [ 140.372486][ T7111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.381808][ T5928] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 140.398661][ T5928] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.406928][ T5928] usb 6-1: Product: syz [ 140.425084][ T5928] usb 6-1: Manufacturer: syz [ 140.430144][ T5928] usb 6-1: SerialNumber: syz [ 140.441131][ T5928] usb 6-1: config 0 descriptor?? [ 140.678950][ T7125] loop1: detected capacity change from 0 to 8192 [ 140.864569][ T5928] usb 6-1: Firmware: major: 182, minor: 167, hardware type: UNKNOWN (115) [ 141.068065][ T5928] usb 6-1: failed to fetch extended address, random address set [ 141.095467][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.105556][ T5928] usb 6-1: atusb_probe: initialization failed, error = -524 [ 141.162190][ T5928] atusb 6-1:0.0: probe with driver atusb failed with error -524 [ 141.208815][ T5928] usb 6-1: USB disconnect, device number 4 [ 141.362081][ T7133] netlink: 340 bytes leftover after parsing attributes in process `syz.1.446'. [ 141.578861][ T7137] loop3: detected capacity change from 0 to 4096 [ 141.579797][ T7123] loop0: detected capacity change from 0 to 32768 [ 141.623844][ T7123] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 141.816914][ T7123] XFS (loop0): Ending clean mount [ 141.905942][ T7123] XFS (loop0): Quotacheck needed: Please wait. [ 141.989570][ T7153] cgroup: fork rejected by pids controller in /syz5 [ 142.043792][ T7155] team0: Device gtp0 is of different type [ 142.067685][ T7123] XFS (loop0): Quotacheck: Done. [ 142.316220][ T5823] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 142.649755][ T7168] loop2: detected capacity change from 0 to 2048 [ 142.800505][ T7168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.888567][ T7168] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.064662][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.717355][ T846] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.847901][ T846] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.985946][ T979] kernel read not supported for file /audio (pid: 979 comm: kworker/1:4) [ 144.141762][ T846] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.272970][ T5841] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 144.287508][ T5841] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 144.297463][ T5841] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 144.310616][ T5841] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 144.319194][ T5841] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 144.475426][ T846] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.553324][ T7214] loop3: detected capacity change from 0 to 1024 [ 144.587617][ T7214] EXT4-fs: inline encryption not supported [ 144.638873][ T7214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.660409][ T7213] loop4: detected capacity change from 0 to 4096 [ 144.841631][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 144.841653][ T30] audit: type=1800 audit(1772897519.752:35): pid=7214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.478" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 144.893184][ T7214] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4222: comm syz.3.478: Allocating blocks 497-513 which overlap fs metadata [ 145.020711][ T7214] EXT4-fs (loop3): Remounting filesystem read-only [ 145.121261][ T7199] loop1: detected capacity change from 0 to 32768 [ 145.155435][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.330798][ T7199] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 145.423591][ T846] bridge_slave_1: left allmulticast mode [ 145.431557][ T846] bridge_slave_1: left promiscuous mode [ 145.439422][ T846] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.463277][ T846] bridge_slave_0: left allmulticast mode [ 145.469893][ T846] bridge_slave_0: left promiscuous mode [ 145.475939][ T846] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.548442][ T5913] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 145.569157][ T7202] loop2: detected capacity change from 0 to 32768 [ 145.599906][ T7199] XFS (loop1): Ending clean mount [ 145.632972][ T7202] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.475 (7202) [ 145.650529][ T7199] XFS (loop1): Quotacheck needed: Please wait. [ 145.721241][ T7202] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 145.726069][ T7199] XFS (loop1): Quotacheck: Done. [ 145.755062][ T7202] BTRFS info (device loop2): using blake2b checksum algorithm [ 145.765407][ T5913] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 145.794453][ T5913] usb 4-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 145.858547][ T5913] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.866604][ T5913] usb 4-1: Product: syz [ 145.878790][ T5913] usb 4-1: Manufacturer: syz [ 145.884510][ T5913] usb 4-1: SerialNumber: syz [ 145.918929][ T5913] usb 4-1: config 0 descriptor?? [ 146.059597][ T7215] loop0: detected capacity change from 0 to 32768 [ 146.077508][ T7202] BTRFS info (device loop2): enabling ssd optimizations [ 146.098158][ T7202] BTRFS info (device loop2): turning on async discard [ 146.114078][ T7202] BTRFS info (device loop2): enabling free space tree [ 146.167847][ T7202] BTRFS info (device loop2): use zstd compression, level 3 [ 146.187666][ T7219] loop4: detected capacity change from 0 to 32768 [ 146.191223][ T5824] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 146.235300][ T7219] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.481 (7219) [ 146.302439][ T7215] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 146.384573][ T24] usb 4-1: USB disconnect, device number 5 [ 146.401610][ T7219] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 146.420198][ T5841] Bluetooth: hci5: command tx timeout [ 146.529463][ T7219] BTRFS info (device loop4): using sha256 checksum algorithm [ 146.577082][ T846] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 146.691822][ T5823] ocfs2: Unmounting device (7,0) on (node local) [ 146.699455][ T846] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 146.716286][ T5820] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 146.790480][ T846] bond0 (unregistering): Released all slaves [ 146.860354][ T7219] BTRFS info (device loop4): enabling ssd optimizations [ 146.867344][ T7219] BTRFS info (device loop4): turning on async discard [ 146.899807][ T7219] BTRFS info (device loop4): enabling free space tree [ 147.321949][ T5822] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 147.435539][ T7284] loop1: detected capacity change from 0 to 64 [ 147.670403][ T5898] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 147.894124][ T5898] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 147.934954][ T5898] usb 4-1: config 0 interface 0 has no altsetting 0 [ 147.977139][ T5898] usb 4-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce [ 148.028435][ T5898] usb 4-1: New USB device strings: Mfr=1, Product=122, SerialNumber=160 [ 148.070147][ T5898] usb 4-1: Product: syz [ 148.074461][ T5898] usb 4-1: Manufacturer: syz [ 148.103245][ T5898] usb 4-1: SerialNumber: syz [ 148.154592][ T5898] usb 4-1: config 0 descriptor?? [ 148.201510][ T5898] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state. [ 148.237513][ T7206] chnl_net:caif_netlink_parms(): no params data found [ 148.283772][ T5898] dvb-usb: will use the device's hardware PID filter (table count: 8). [ 148.332241][ T5898] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0) [ 148.388313][ T5898] usb 4-1: media controller created [ 148.441942][ T5898] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 148.499243][ T5841] Bluetooth: hci5: command tx timeout [ 148.617053][ T7316] netlink: 12 bytes leftover after parsing attributes in process `syz.4.496'. [ 148.707535][ T5898] DVB: Unable to find symbol tda10046_attach() [ 148.724653][ T5898] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0' [ 148.805108][ T5898] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected. [ 148.925022][ T30] audit: type=1326 audit(1772897523.852:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7322 comm="syz.4.498" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdcdcf9c799 code=0x0 [ 148.962493][ T7327] program syz.0.500 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 149.056953][ T7330] loop0: detected capacity change from 0 to 2048 [ 149.064043][ T846] hsr_slave_0: left promiscuous mode [ 149.098941][ T846] hsr_slave_1: left promiscuous mode [ 149.107156][ T7330] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 149.109679][ T846] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 149.143325][ T30] audit: type=1800 audit(1772897524.072:37): pid=7330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.501" name="file1" dev="loop0" ino=1367 res=0 errno=0 [ 149.198538][ T846] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 149.246138][ T846] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 149.258764][ T846] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 149.282358][ T5898] dvb_usb_m920x 4-1:0.0: probe with driver dvb_usb_m920x failed with error -71 [ 149.376842][ T5898] usb 4-1: USB disconnect, device number 6 [ 149.411836][ T846] veth1_macvtap: left promiscuous mode [ 149.422304][ T846] veth0_macvtap: left promiscuous mode [ 149.451785][ T846] veth1_vlan: left promiscuous mode [ 149.489177][ T846] veth0_vlan: left promiscuous mode [ 149.967761][ T846] team0 (unregistering): Port device team_slave_1 removed [ 149.999827][ T846] team0 (unregistering): Port device team_slave_0 removed [ 150.562930][ T7206] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.579378][ T5841] Bluetooth: hci5: command tx timeout [ 150.602203][ T7206] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.609745][ T7206] bridge_slave_0: entered allmulticast mode [ 150.636154][ T7206] bridge_slave_0: entered promiscuous mode [ 150.663395][ T7206] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.680234][ T7206] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.688145][ T7364] random: crng reseeded on system resumption [ 150.701889][ T7206] bridge_slave_1: entered allmulticast mode [ 150.741459][ T7206] bridge_slave_1: entered promiscuous mode [ 150.757417][ T7365] loop4: detected capacity change from 0 to 512 [ 150.815548][ T7365] EXT4-fs: Ignoring removed bh option [ 150.906722][ T7206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 150.920108][ T7365] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 150.975778][ T7365] EXT4-fs (loop4): 1 truncate cleaned up [ 150.979302][ T7206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 151.031980][ T7365] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.103494][ T7206] team0: Port device team_slave_0 added [ 151.124096][ T7206] team0: Port device team_slave_1 added [ 151.328552][ T7206] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 151.371346][ T7385] loop2: detected capacity change from 0 to 256 [ 151.376718][ T7206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 151.427994][ T7206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 151.457540][ T7206] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 151.467227][ T7206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 151.502601][ T7206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 151.527086][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.527784][ T7385] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 151.600367][ T7391] loop0: detected capacity change from 0 to 1024 [ 151.740485][ T7385] exFAT-fs (loop2): valid_size(150994954) is greater than size(10) [ 151.857154][ T7206] hsr_slave_0: entered promiscuous mode [ 151.901397][ T7206] hsr_slave_1: entered promiscuous mode [ 151.932386][ T7206] debugfs: 'hsr0' already exists in 'hsr' [ 151.941957][ T1156] hfsplus: bad catalog file entry [ 151.951642][ T7206] Cannot create hsr debugfs directory [ 151.974310][ T1156] hfsplus: b-tree write err: -5, ino 3 [ 152.242054][ T7410] loop2: detected capacity change from 0 to 256 [ 152.662329][ T5841] Bluetooth: hci5: command tx timeout [ 152.968176][ T7420] loop0: detected capacity change from 0 to 32768 [ 153.020881][ T7420] [ 153.020881][ T7420] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.020881][ T7420] [ 153.044841][ T7420] [ 153.044841][ T7420] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.044841][ T7420] [ 153.055586][ T7420] [ 153.055586][ T7420] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.055586][ T7420] [ 153.067133][ T7420] [ 153.067133][ T7420] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.067133][ T7420] [ 153.078220][ T7420] [ 153.078220][ T7420] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.078220][ T7420] [ 153.088766][ T7420] [ 153.088766][ T7420] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.088766][ T7420] [ 153.108159][ T108] [ 153.108159][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.108159][ T108] [ 153.176071][ T846] [ 153.176071][ T846] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.176071][ T846] [ 153.193850][ T846] [ 153.193850][ T846] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.193850][ T846] [ 153.206098][ T5823] [ 153.206098][ T5823] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.206098][ T5823] [ 153.221199][ T5823] [ 153.221199][ T5823] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 153.221199][ T5823] [ 153.239256][ T109] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN NOPTI [ 153.251455][ T109] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 153.259877][ T109] CPU: 1 UID: 0 PID: 109 Comm: jfsCommit Tainted: G L syzkaller #0 PREEMPT(full) [ 153.270556][ T109] Tainted: [L]=SOFTLOCKUP [ 153.274876][ T109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 153.284930][ T109] RIP: 0010:lmLogSync+0x14e/0x9f0 [ 153.290066][ T109] Code: 73 a2 fe 4d 8d 7e f0 4c 89 f8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ff e8 c0 3d d2 fe 4d 8b 3f 49 83 c7 30 4c 89 f8 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 ff e8 a4 3d d2 fe 49 8b 3f e8 ac 73 a2 fe [ 153.309848][ T109] RSP: 0018:ffffc90002db7b80 EFLAGS: 00010216 [ 153.315925][ T109] RAX: 0000000000000006 RBX: dffffc0000000000 RCX: ffff88801dfc5b80 [ 153.323912][ T109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 153.331893][ T109] RBP: ffffc90002db7c88 R08: ffffc90002db7acf R09: ffffc90002db7968 [ 153.339869][ T109] R10: dffffc0000000000 R11: fffff520005b6f5a R12: ffff8880513ec000 [ 153.347933][ T109] R13: ffffc90002db7be0 R14: ffff888076c67038 R15: 0000000000000030 [ 153.355910][ T109] FS: 0000000000000000(0000) GS:ffff888125561000(0000) knlGS:0000000000000000 [ 153.364841][ T109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.371425][ T109] CR2: 00007fe8f304a000 CR3: 000000000e54c000 CR4: 0000000000350ef0 [ 153.379487][ T109] Call Trace: [ 153.382852][ T109] [ 153.385863][ T109] ? __pfx___mutex_lock+0x10/0x10 [ 153.391106][ T109] ? __pfx_lmLogSync+0x10/0x10 [ 153.395885][ T109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 153.401608][ T109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 153.407249][ T109] jfs_syncpt+0x7b/0x90 [ 153.411410][ T109] txEnd+0x2e5/0x530 [ 153.415301][ T109] jfs_lazycommit+0x5b8/0xaa0 [ 153.420038][ T109] ? __pfx_jfs_lazycommit+0x10/0x10 [ 153.425245][ T109] ? __pfx_default_wake_function+0x10/0x10 [ 153.431061][ T109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 153.436784][ T109] ? __kthread_parkme+0x7a/0x1f0 [ 153.441729][ T109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 153.447382][ T109] kthread+0x388/0x470 [ 153.451458][ T109] ? __pfx_jfs_lazycommit+0x10/0x10 [ 153.456655][ T109] ? __pfx_kthread+0x10/0x10 [ 153.461240][ T109] ret_from_fork+0x51e/0xb90 [ 153.465876][ T109] ? __pfx_ret_from_fork+0x10/0x10 [ 153.471163][ T109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 153.476896][ T109] ? __switch_to+0xc7d/0x1450 [ 153.482047][ T109] ? __pfx_kthread+0x10/0x10 [ 153.486720][ T109] ret_from_fork_asm+0x1a/0x30 [ 153.491598][ T109] [ 153.494605][ T109] Modules linked in: [ 153.500054][ T109] ---[ end trace 0000000000000000 ]--- [ 153.599190][ T109] RIP: 0010:lmLogSync+0x14e/0x9f0 [ 153.604876][ T109] Code: 73 a2 fe 4d 8d 7e f0 4c 89 f8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ff e8 c0 3d d2 fe 4d 8b 3f 49 83 c7 30 4c 89 f8 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 ff e8 a4 3d d2 fe 49 8b 3f e8 ac 73 a2 fe [ 153.728187][ T109] RSP: 0018:ffffc90002db7b80 EFLAGS: 00010216 [ 153.753838][ T109] RAX: 0000000000000006 RBX: dffffc0000000000 RCX: ffff88801dfc5b80 [ 153.764586][ T109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 153.802160][ T109] RBP: ffffc90002db7c88 R08: ffffc90002db7acf R09: ffffc90002db7968 [ 153.810623][ T109] R10: dffffc0000000000 R11: fffff520005b6f5a R12: ffff8880513ec000 [ 153.819666][ T109] R13: ffffc90002db7be0 R14: ffff888076c67038 R15: 0000000000000030 [ 153.827788][ T109] FS: 0000000000000000(0000) GS:ffff888125561000(0000) knlGS:0000000000000000 [ 153.837869][ T109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.859534][ T109] CR2: 0000001b30b0cff8 CR3: 000000005c76c000 CR4: 0000000000350ef0 [ 153.880234][ T109] Kernel panic - not syncing: Fatal exception [ 153.886944][ T109] Kernel Offset: disabled [ 153.891277][ T109] Rebooting in 86400 seconds..