last executing test programs: 3m12.975811678s ago: executing program 2 (id=361): r0 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x20000) openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_stall_count', 0x800, 0x188) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, &(0x7f0000000040)) 3m12.412475458s ago: executing program 2 (id=369): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x237a, 0x4) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000700)=0xebb4, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x400, 0x4) 3m12.173497066s ago: executing program 2 (id=371): r0 = syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000300)='./file3\x00', 0x0, &(0x7f0000001040)=ANY=[], 0x1, 0xadc, &(0x7f0000001900)="$eJzs3V2IXFcBAOBzd3c2u2lrpjW1axrbpNW2/nTTbNb4EzQpCYKhKeJLofgS0rQGYwQrqKXQJE++2VJS8MkffOpLqSJYEAl98qVgA0XoUxX0oSFiwYcaTUayc87MnZOZzMxmd+7O7vfB3TPnnnPnnDt75879O+cEYMOaWPq7uDhXhHDujZcPvf/AP2avzdnfylFf+jtVitVCCEWMT2Xv995kM7zywfPHuoVFWFj6m+Lh8UutZW8JIZwOO8L5UA/bzl146a2Fx46cOXx259uv7ru4OmsPAAAbyzfO71u8869/vvv2y6/dcyBsas1Px+f1NGOmedx/IB74p+P/idAZL0pT2XSWbypOE7Od+Sa75CuXU8vyTfUofzorv9Yj36Zw4/InS/O6rTeMs7Qd10MxMR9C2NyKT0zMzzfPycPSef10MX/qxMmnn62oosCK+/e9IYQdpeng2c74Wpv2r4E6LHNqrIE6jOV0YHRlXW40Vb7OI5oaW6reAwE05fcLr3M6v7Jwc1rvNjVY+Zcenei+PKyAUW//Q5U/XXH5Qfm/PmOPw8pZr1tTWq/0Pbo1xvP7CPnzS6/8oXO5tvxOR+fc/H5EbcB69rqPMC73F3rVc3LE9ViuXvXPt4v16isxTJ/DVztS7+34/uT/03H5HwPdfZhf/zeZTGt7Ch3x2s28V6Pi/Q+wduXPzTXS/dEof64vT9/UJ32mT/psn/TNfdJv6ZMOG9lvf/DT8GLRvt6Vn9MPez08XWe7LYYfGbI++fXIYcvPn/sd1s2Wnz9PDGvZ748+cfyLTz15ofn8f9Ha/q/G7T2dbtTjd+t8zJCuF+bX1VvP/tc7y5noke+OrD63dcm/9HprZ75ia/t9Qmk/c1095jqX29Ir3/bOfPUs32ycZrL65scnm7Pl0vFH2q+mz2sqW99ath7TWT3SfuX2GOb1gOVI22N6/r/dHqD5/H/aPudCrXj6xMnjj8R42k7/NFnbdG3+7hHXG1g5vb7/6fdrLnS2/7m1Nb82Ud4vbGnPL5r7hdfj+3XOX2iVU5pf+lFLv3Pfnpxdyj9/7Hsnn1qF9YaN7NkfP/edoydPHv++F8t+8bW1UY1hXqTTlrVSHy+GfbFjtYuoeMcErLpdLzQPAh4+8d2jzxx/5vipPXv37llY2PulPYu7lo7rd5WP7stOV1BbYCW1f/SrrgkAAAAAAAAAAAAwqB8ePnThnTe/8G6z/X+7/V9q/5+e/E3t/3+Stf/P28mndvCpHeDtXdKX8mQdrE5n+Wpx+mhW39QNQPFCM7wzW+5jMWyN4xfb/6fi8n5dU33uyubXekSz7gSu6y9lOuuDJB8v8L4Yno3hrwJUqJjtPjuGN+jfuviwtK2n/ilKTXgb+gceH+n/lvdflNp/d+3XqUt7bcbLKFosVr2OQHf/3FD9f/+rveKV18XUe5oabXk/27jbRKPnUfqgI9gArIyqx//8e2iWm65/nvrj12euTSnbpUc795d5/6UwjL+80xlf6+NPrnb5+bh9oy6/6vUf9fifrfHv4v4v7fd67/+yEfPqyyv3Pz+/+G6p2LBt0PLz9U/9QG8drvzLsfy0Ng+Gwcpv/DIrP78hNKD/ZuVvHrD869Z/+/LK/18sP31sD90/aPnNGhcTnfWYzdYj3f/LrxsnV7L1T3173qD8bz7Xbf2XOVDj1Vg+bGTjMs7ssLLjiNZBe7/xf4f9/b/Z8X9blc12a/lzGJ+P8bQjTs855OOdDFv/9HxF+h24M3v/os/vm/F/x9uXY9jv+5DG/03bYz3+5JfiS59lite6fLbrdV8D4+q9DXX/b1TTxeZp0PKWn6m+/qYhpsbkMpZrPWdVcf0bjcbqXtDqo9LCqfzzr/ruc9XnKfdVXH4/+fi/+TF8Pv5vnp6P/5un5+P/5umz8T/0fo/0fPzffHvOx//N0+/K3jcfH3iuT/rHu6QXoZ2+rfvyrdP2u/u8//Y+6Z/ok76zlb6/I0dKv+eGy7fz9Xr/O/qk398n/ZN90j/VJ/2BPukPldLLY0Cn9E9nyxdZ+nqX9j+9Pj9g/crb5/n+w8aR7v/0+v5vbadPl7OMtpbAanjltd0Hn/zNt+rN9v/Tresh6T7egRivxXOjH8V4ft87lOLX0t6M8b9l6VVfbwLa8v4z8t//B/ukA+MrPefl+w0bUDHTfXYM+/Vb1es4n/HymRh+Noafi+HDMZyP4a4Y7o7hwojqx+o4+Prv9r1YtM/3t2Tpgz5PnrcH6ugnKoSwZ8D65NcHhn2ePe/Hb1g3W/4ym4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABUZmLp7+LiXBHCuTdePvTEkRO7rs3Z38pRX/o7VYrVWsuF8EgMJ2P4i/jiygfPHyuHV2NYhIVQhKI1Pzx+qVXSLSGE02FHOB/qYdu5Cy+9tfDYkTOHz+58+9V9F1fvEwAAAID17/8BAAD//092Bzk=") syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000040)='./file1\x00', 0x2862451, &(0x7f0000000080)=ANY=[@ANYRES16=r0, @ANYRESOCT=r0, @ANYRES16=r0], 0xa, 0x0, &(0x7f0000000080)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020660b, &(0x7f0000000000)={0x3, 0x10100001ffffff, 0x1, 0x6}) 3m10.984611037s ago: executing program 2 (id=384): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c646973636172642c757466383d312c757466383d312c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c757466383d312c00ef5c3556"], 0xfd, 0x2a8, &(0x7f0000000280)="$eJzs3E9rE08YwPGnaZOmKW1y+PEDBfFBL3pZ2vgKgrQgBpTaiHoQpnajIWtSsjESEdubV19H8ehNsL6BXrx5Fy9FELz0IF3pbrfZ1qW2te3W5vuBstOdeTKzfxKeXZhZu/fmab3qWlXTllRWJSXZJVkXKUhKQgNb25RfzkjUklwd/fH5wp37D26WyuWpGdXp0uy1oqqOX/zw/OXbSx/bo3ffjb8fltXCw7XvxS+r/6+eW9uYDT+92Vajc81m28w5ts7X3LqletuxjWtrreHarR31Vae5sNBV05gfyy20bNdV0+hq3e5qu6ntVlfNY1NrqGVZOpaTOJnYvWfD4IEjKsszM6Z0LINBEkbidrZaJTMYW1lZPolBAQCA0+X3/F9OJP9/UnO15mrjT/l/So42/0eUn/9vxCaNOBvSmw8AJZPb+v7uRP4PAAAAAAAAAAAAAAAAAAAAAMC/YN3z8p7n5cNt+DcsIlkRCf9Pepw4Hoe4/gMJDhdHLDJxLyvivO5UOpVgG9SXqlITR2yZSPtzibxtQXn6RnlqQn0FWXEWt+L9SYLDYXyoEB8/GcRrJH6xU0lLLtp/UfLyX3x8cVd8WkQ6lYxcuRyJtyQvnx5JUxyZ9+/rXvyrSdXrt8q7+h/x2wEAAAAAcBZYuq2w8/k3WE3SsjRcNmRXfbCz935A8vJzz/cDKisZ6cUPyfmh5I4bAAAAAIB+4nZf1I3j2K1+LozIwaP68dRZ2eCm2bOx53mLm43+vtOUiCR0pN9E5BSc8KMufH0WXMD9NE7yVwkAAADAcegl/UmPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/rXfxcPC9odZeyzS3WAyRwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcDr8CAAD//4DOGY4=") openat(0xffffffffffffff9c, 0x0, 0x42, 0x10) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) 3m9.894119774s ago: executing program 2 (id=392): r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x20000, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000580), 0x28000, 0x0) ioctl$TIOCMIWAIT(r1, 0x545c, 0x20) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0x8001) 3m6.85535038s ago: executing program 2 (id=416): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x3422, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0xa) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000001f) 3m6.500809378s ago: executing program 32 (id=416): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x3422, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0xa) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000001f) 2m47.951527147s ago: executing program 0 (id=508): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000100)=[{{&(0x7f0000000300)={0xa, 0x4e21, 0x0, @remote, 0x6}, 0x1c, &(0x7f0000000cc0)=[{&(0x7f00000000c0)='O', 0x1}], 0x1}}], 0x1, 0x4008814) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000140)={0x0, 0x5}, &(0x7f0000000180)=0x8) 2m47.276733201s ago: executing program 0 (id=511): r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@rand_addr=0x64010101, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20, 0x84}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x4000000000, 0x4, 0x2}, {}, 0x5, 0x6e6bb9, 0x1, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x3c}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 2m43.792828809s ago: executing program 0 (id=528): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x54, &(0x7f0000000080)=0x1, 0x4) close(0x3) recvmsg$unix(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)}, 0x2000) 2m43.554211302s ago: executing program 0 (id=531): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x40010a1, 0x0) 2m43.315195383s ago: executing program 0 (id=534): mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0xf) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0) mknod$loop(&(0x7f0000000340)='./file1\x00', 0x2000, 0x1) 2m40.295331497s ago: executing program 0 (id=551): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) recvmmsg(r0, &(0x7f0000001880)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x0, 0x0) 7.896516555s ago: executing program 4 (id=1150): sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)={0x1f8, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_NAT={0xac, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x88, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_ZONE={0x0, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @private=0xa010102}}}, @CTA_TUPLE_IP={0x5f, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x18, 0x1, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_NAT={0x130, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x40, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @private=0xa010100}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_EXPECT_NAT_TUPLE={0x50, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010102}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @mcast1}}}]}, @CTA_EXPECT_NAT_TUPLE={0x94, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x0, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @broadcast}}}]}]}, @CTA_EXPECT_MASTER]}, 0x1f8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400}) 7.547919494s ago: executing program 4 (id=1153): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0xf22) r1 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x3) 7.01212266s ago: executing program 4 (id=1155): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3) mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, &(0x7f0000000200)='gid=1\x00nk]e\xb2}\x9c6\b\xc1\x04\xbb\xbe \x9f\xe7\x8c\xc6\x06y\x89sd\xeb\xf4\x94\x1f\xdf\x91A!\xf9}\xee\xe7\x89\xcf\x99\n[\'\xca\xb3\x84\xb6j\xb9\x8c#\xf4\xf0\x96\x8e\xaa\x04\x82\x99f7\xf3\xd8\x17\xfc\x00\x00\x00\x00\x9c$Nn\x13\x8f\xf7\b\x00\x00\x00/\xf5|H\xe1\xbd0\x0fz\xbat\x0e-\x95c.j\xdd\xbe\x1dc3\xca\xd5\x91\xc8\x12f\x90\xac\x97\xdb\x06\x10?]\")\xb4\xe7tD6G\"<') r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020) 6.709066165s ago: executing program 4 (id=1158): mkdir(&(0x7f00000020c0)='./file0\x00', 0x1c8) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00') 6.396153234s ago: executing program 4 (id=1161): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000003c0)='./file0\x00', 0x880, &(0x7f0000000040)={[{@time_offset}, {@sys_tz}, {@umask={'umask', 0x3d, 0x1}}, {@fmask={'fmask', 0x3d, 0x4}}, {@errors_continue}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@discard}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x1548, &(0x7f0000003300)="$eJzs3AuYTlXbOPD7XmvtMSSeJjkMa6178ySHRZLkkCSHJEmSJKfklCZ5JSExhCQNSUgOQxJDSA4Tk8b5fD4kJEmTJCE5Jet/Tbi8vdW/vq++1/e9c/+ua1+z7mfve+21n3s/z7P2npnnm65DazauVa0hEcFfghd+JAJALAAMBIDcABAAQLm4cnGZ67NLTPxrO2F/rwdTrvQI2JXE9c/auP5ZG9c/a+P6Z21c/6yN65+1cf2zNq4/Y1nZpmkFruEl6y58////uNi/ksyf//9BMkqN/WJNqeu6AcT8ia2zA9c/y+P6/8cK/sxGXP+sjeufVf2laSP7P+DpP7ENv/6zgmy/u4brn7Vx/RnLyq70/ec/vyAA/P39QuR/2XNwJPuFwvyb9nelzz/GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY1nDaX+ZAoBL7Ss9LsYYY4wxxhhjjP19fLYrPQLGGGOMMcYYY4z9z0MQIEFBADGQDWIhO+QAAQBXQy7IDRG4BuLgWsgD10FeyAf5oQDEQ0EoBBoMWCAIoTAUgShcD0XhBigGxaEElAQHpaA03Ahl4CYoCzdDObgFysOtUAEqQiWoDLdBFbgdqsIdUA3uhOpQA2pCLbgLasPdUAfugbpwL9SD+6A+3A8N4AFoCA9CI3gIGsPD0AQegabQDJpDC2j5+/ntEOB38p+DnvA89ILekAh9oC+8AP2gPwyAF2EgvASD4GUYDK9AEgyBofAqDIPXYDi8DiNgJIyCN2A0vAljYCyMg/GQDBNgIrwFk+BtmAzvwBSYCikwDabDuzADZsIseA9mw/swB+bCPJgPqfABLICFkAYfwiL4CNJhMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22ww74GHbCJ7ALdsMe+BT2wmf/xfxT/5LfDQEBBQpUqDAGYzAWYzEH5sCcmBNzYS6MYATjMA7zYB7Mi3kxP+bHeIzHQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOiyNpbEM3oRlsSyWw3JYHstjBayIFbEyVsYqWAWrYlWshtWwOlbHmlgT78K7sA/WwTpYF+tiPax36fYUNsSG2AgbYWNsjE2wCTbFptgcm2NLbImtsBW2xtbYFttie2yPHbADJmACdsSO2Ak7YWfsjF2wC3bFrtgNu2P3jOeyAT6Pz2NvrC76YF/si/0wKdsAfBFfxJdwEL6ML+MrmIRDcCi+iq/iazgcT+IIHImjcBRWEW/iGByLJMZjMibjRJyIk3BS5ukG7+BUTMFpOB2n4wyciTPxPZyN7+P7OBfn4nxMxVRcgAsxDdNwEZ7CdFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9GBYCf4G7cjUm4F/fiPtyH+3E/HsADmIEZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/CZ+K8afVx8dRKITEooESNiRKyIFTlEDpFT5BS5RC4RERERJ+JEHpFH5BV5RX6RX8SLeFFIFBJGGEEijAEAERVRUVQUFcVEMVFClBBOOFFalBZlRBlRVpQV5cQtory4VVQQFUUbV1lUFlVEW1dV3CGqiWqiuqghaopaopaoLWqLOqKOqCvqinqinqgv7hcNRB8cgA+KzMo0FkOwiRiKTUUzIS++g7USw7G1aCPainZiJI7ADqKVSxBPio5iDHYS/xBj8WnRRYzHruJZ0U10Fz3Ec6KnaO16id5iMvYRfcVU7Cf6iwHiRTEDa4j3cHb2muIVkSSGiKHiVTEfXxPDxetihBgpRok3so8Wb4oxYqwYJ8aLZDFBTBRviUnibTFZvCOmiKkiRUwT08W7YoaYKWaJ98Rs8b6YI+aKeWK+SBUfiAVioUgTH4pF4iORLhaLJWKpWCaWixVipVglVos1Yq1YJ9aLDWKj2CQ2iy1iq9gmtosd4mOxU3widondYo/4VOwVn4l94nOxX3whDogvRYb4ShwUX4tD4htxWHwrjojvxFFxTBwX34sT4gdxUpwSp8UZcVb8KM6Jn8R54QVIlEJKqWQgY2Q2GSuzyxzyKplTBhef3WtknLxW5pHXybwyn8wvC8h4WVAWkloaaSXJUBaWRWRUXi+LyhtkMVlclpAlpZOlZGl5oywjb5Jl5c2ynLxFlpe3ygqyoqwkK8vbZBV5u4TIhX1UlzVkTVlL3iUT4W5ZR94j68p7ZT15n6wv75cN5AOyoXxQNpIPycbyYdlEPiKbymayuWwhW8pHZSv5mGwt28i2sp1sLx+XHeQTMkE+KTtKf/EUeVp2kc/IrvJZ2U12lz3kT/K89LKX7C2hD8i+8gXZT/aXA2IBQL4kB8mX5WD5ikySQ+RQ+aocJl+Tw+XrcoQcKUfJN+Ro+aYcI8fKcXK8TJYT5ET5lpwk35aT5TtyipwqU+Q0OUAO/LmnWVL+Yf5bv5E/+Oe9b5Sb5Ga5RW6V2+R2uUN+LHfKnXKX3CX3yD1yr9wr98l9cr/cLw/IAzJDZsiD8qA8JA/Jw/KwPCKPyKPymDwjv5cn5A/ypDwlT8kz8qw8K89dfA5AoRJKKqUCFaOyqViVXeVQV6mc6mqVS+VWEXWNist8F1bXqbwqn8qvCqh4VVAVUloZZRWpUBVWRVRUXY8XTxhVQpVUTpVSpdWNF/LVtSrPH+erouoGVUwV/0X+pfEl/s74WqqWqpVqpVqr1qqtaqvaq/aqg+qgElSC6qg6qk6qk+qsOqsuqovqqrqqbqqb6qF6qJ6qp+qleqlElaj6qhdUP9VfDVAvqoHqJTVIDVKD1WCVpJLUUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVLJKVhPVRDVJTVKT1WQ1RU1RKSpFTVfT1Qw1Q81Ss9RsNVvNUXPUPDVPpapUtUAtUGkqTS1Si1S6WqwWq6VqqVqulquVaqVarVartWqtWq/Wq3S1SW1SW9QWtU1tUzvUDrVT7VS71C61R+1Re9VetU/tU/vVfnVAHVAZKkMdVAfVIXVIHVaH1RF1RB1VR9VxdVydUCfUSXVSnVan1Vl1Vp1T59R5dT5z2heIQAQqUEFMEBPEBrFBjiBHkDPIGeQKcgWRIBLEBXFBnuC6IG+QL8gfFAjig4JBoUAHJrCBuFj0aHB9UDS4ISgWFA9KBCUDF5QKSgc3BmWCm4Kywc1BueCWoHxwa1AhqBhUCioHtwVVgtuDqsEdQbXgzqB6UCOoGdQK7gpqB3cHdYJ7grrBvUG94L6gfnB/0CB4IGgYPBg0Ch4KGgcPB02CR4KmQbOgedAiaPm39u/9yXyPuV66t07UfXRf/YLup/vrAfpFPVC/pAfpl/Vg/YpO0kP0UP2qHqZf08P163qEHqlH6Tf0aP2mHqPH6nF6vE7WE/RE/ZaepN/Wk/U7eoqeqlP0ND1dv6tn6Jl6ln5Pz9bv6zl6rp6n5+tU/YFeoBfqNP2hXqQ/0ul6sV6il+plerleoVfqVXq1XqPX6nV6vQK9UW/Sm/UWvVVv09v1Dv2x3qk/0bv0br1Hf6r36s/0Pv253q+/0Af0lzpDf6UP6q/1If2NPqy/1Uf0d/qoPqaP6+/1Cf2DPqlP6dP6jD6rf9Tn9E/6vPaZk/vMj3ejjDIxJsbEmliTw+QwOU1Ok8vkMhETMXEmzuQxeUxek9fkN/lNvIk3hUwhk4kMmcKmsImaqClqippippgpYUoYZ5wpbUqbMqaMKWvKmnKmnClvypsKpoKpZCqZ28xt5nZzu7nD3GHuNHeaGqaGqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYpqapaW6am5ampWllWpnWprVpa9qa9qa96WA6mASTYDqajqaT6WQ6m86mi+liupquppvpZnqYHqan6Wl6mV4m0SSavqav6Wf6mQFmgBloBppBZpAZbAabJJNkhpqhZpgZZoab4WaEGWlGZU5UzZtmjBlrxpnxJtkkm4lmoplkJpnJZrKZYqaYFJNippvpZoaZYWaZWWa2mW3mmDlmnplnUk2qWWAWmDSTZhaZRSbdpJslZolZZpaZFWaFWWVWmTVmjVkH68wGs8FsMpvMFrPFbDPbzA6zw+w0O80us8vsMXvMXrPXI4DZb/abA+aAyTAZ5qA5aA6ZQ+awOWyOmCPmqDlqjpvj5oQ5YU6ak+a0OW3OmnwXPy+9ibXZbQ57lc1pr7a5bG77r3F+W8DG24K2kNU2r833i9hYa4vZ4raELWmdLWVL2xt/FVewFW0lW9neZqvY223VX8W17d22jr3H1rX32lr2rl/E9ex9tr592DZABLDNbCPbwja2D9sm9hHb1DazzW0L294+bjvYJ2yCfdJ2tE/9Kl5gF9pVdrVdY9faXXa3PW3P2EP2G3vW/mh72d52oH3JDrIv28H2FZtkh/wqHmXfsKPtm3aMHWvH2fG/iqfYqTbFTrPT7bt2hp35qzjVfmBn2zQ7x8618+z8n+PMMaXZD+0i+5FNtwEssUvtMrvcrrArL43V57br7Qa70e60n9gtdqvdZrfbHZcmwna33WM/tXvtZ/ag/drut1/YA/awzbBf/RxnHt9h+609Yr+zR+0xe9x+b0/YH9Sl7Mxj/97+ZM9bb4GQgCQpCiiGslEsZaccdBXlpKspF+WmCF1DcXQt5aHrKC/lo/xUgOKpIBUiTYYsEYVUmIpQlK6nS8MrQSXJUSkqTTdSGbqJytLNVI5uofJ0K1WgilSJKtNtVIVup6p0B1WjO6k61aCaVIvuotp0N9Whe6gu3Uv16D6qT/dTA3qAGtKD1Igeosb0MDWhR6gpNaPm1IJa0qPUih6j1tSG2lI7ak+PUwd6ghLoSepIT1En+gd1pqepCz1DXelZ6kbdqQc9Rz3peepFvSmR+lBfeoH6UX8aQC/SQHqJBtHLNJheoSQaQkPpVRpGr9Fwep1G0EgaRW/QaHqTxtBYGkfjKZkm0ER6iybR2zSZ3qEpNJVSaBpNp3dpBs2kWfQezab3aQ7NpXk0n1LpA1pACymNPqRF9BGl02JaQktpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbacd9DHtpE9oF+2mPfQp7aXPaB99TvvpCzpAX1IGfUUH6Ws6RN/QYfrW96bv6Cgdo+P0PZ2gH+gknaLTdIbO0o90jn6i8+QJQgxFKEMVBmFMmC2MDbOHOcKrwpzh1WGuMHcYCa8J48JrwzzhdWHeMF+YPywQxocFw0KhDk1oQwrDsHBYJIyG14dFwxvCYmHxsERYMnRhqbB0eGNYJrwpLBveHJYLbwnLh7eGFcKK4cP3Vg5vC6uEt4dVwzvCauGdYfWwRlgzrBXeFdYO7w7rhPeEdcN7w7LhfWH98P6wQfhA2DB8MGwUPhQ2Dh8Om4SPhE3DZmHzsEXYMnw0bBU+FrYO24Rtw3Zh+/DxsEP4RJgQPhl2DJ/6ef19C39/fWLYJ+wbvhC+EHp/j5wXnR9NjX4QXRBdGE2LfhhdFP0omh5dHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH90Q3Rj1vlY2cOiEk065wMW4bC7WZXc53FUup7va5XK5XcRd4+LctS6Pu87ldflcflfAxbuCrpDTzjjryIWusCviou56V9Td4Iq54q6EK+mcK+VKuxaupWvpWrnHXGvXxrV17Vw797h73D3hnnBPuo7uKdfJ/cN1dk+7Lu4Z94x71nVz3V0P95zr6SbkuvCaTHR9XV/Xz/VzA9wAN9ANdIPcIDfYDXZJLskNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOJbtkN9FNdJPcJDfZTXZT3BSX4lLcdDfdzXAzXJWZF/Yyx81x89w8l+pS3QKXOWdMc4vcIpfu0t0St8Qtc8vcCrfCrXKr3Bq3xq1z69wGt8FtcpvcFrfFbXPb3A63w+10O90un/tCp26v2+f2uf1uvzvgvnQZ7it30H3tDrlv3GH3rTvivnNH3TF33H3vTrgf3El3yp12Z9xZ96M7535y5513yZEJkYmRtyKTIm9HJkfeiUyJTI2kRKZFpkfejcyIzIzMirwXmR15PzInMjcyLzI/khr5ILIgsjCSFvkwsijyUSQ9sjiyJLI0siyyPOJ9wS2hL+yL+Ki/3hf1N/hivrgv4Ut650v50v5GX8bf5Mv6m305f4sv72/1FXxFX8k/4pv6Zr65b+Fb+kd9K/+Yb+3b+La+nW/vH/cd/BM+wT/pO/qnfCf/D9/ZP+27+Gd8V/+s7+a7+x7+Od/TP+97+d4+0ffxff0Lvp/v7wf4F/1A/5If5F/2g/0rPskP8UP9q36Yf80P96/7EX6kHxXzhh996RIZxvtkP8FP9G/5Sf5tP9m/46f4qT7FT/PT/bt+hp/pZ/n3/Gz/vp/j5/p5fr5P9R/4BX6hT/Mf+kX+I5/uF1+6qexX+JV+lV/t1/i1fp1f7zf4jX6T3+y3+K1+m9/ud/iP/U7/id/ld/s9/lO/13/m9/nP/X7/hT/gv/QZ/it/0H/tD/lv/GH/rT/iv/NH/TF/3H/vT/gf/El/yp/2Z/xZ/6M/53/y5/l/1hhjjDHG/pQJl5vil2su3M7v8xs54p827gsAV28tkPHP6zNnlOvyXmj3F/HtIwDwZO+uD15aqldPTEy8uG26hKDIXIBLvwnKFAOX48XQFh6HBGgDZX5z/P1F97P0B/1HbwHI8U85sXA5vtz/5wCY+Bv9P9pu1ILy4em4/0//cwGKFbmckx0ux4uh7c/3V9pA2d8Zf75WfzD+7F8kA7T+p5yccCk+ePHbGjLHXxoeg6cg4RdbMsYYY4wxxhhjF/QXlTpfuv689Befv3V9Hq8u52SDy/EfXZ8zxhhjjDHGGGPsynu6e48nHk1IaNP5v96o+t/K+tONJvA/1TM3frPhPcClRxQA/MUOATIb8t95FJv/LftKuvjS+ddVy874AP53lPLvaFzhNybGGGOMMcbY3+7ypP+Xj6srNSDGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYywL+nd8ndiVPkbGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsSvt/AQAA///BeAKt") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, 0xfffffffffffffffe, 0xff80) syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x300f401, 0x0, 0x2, 0x0, 0x0) 6.162512142s ago: executing program 1 (id=1162): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000000)=0x259, 0x4) 6.029037438s ago: executing program 1 (id=1163): r0 = getegid() syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x2000802, &(0x7f0000000200)=ANY=[@ANYBLOB='iocharset=macceltic,time_offset=0x0000000000000003,gid=', @ANYRESHEX=r0, @ANYBLOB="2c666d61736b3d30303030303000303030263030303030303030303030362c696f636861727365743d63703836332c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030322c6e616d65636173653d312c6572726f72733d72656d6f756e742d726f2c757466382c646d61736b3d3030303030303030303030303030303030303030a930312c00"], 0x1, 0x1537, &(0x7f0000004a00)="$eJzs3AuYTlX7MPD7XmvtMSSeJjkMa6178ySHRZLkkCSHJKkkSU4JSZO8kpAYQpKGJCSHIYkhJIeJSeN8Ph8SkqRJkpxyStZ3Tczn7V/v13voy3v95/5d176se/a+1773c8+zn733mPmu69DaTerUaERE8B/Bi/8kAkAsAAwEgLwAEABAhbgKcZnrc0pM/M92wv5cD6Vc6QrYlcT9z964/9kb9z974/5nb9z/7I37n71x/7M37j9j2dmmaYWu4SX7Lvz8Pzvjz///RTLKjP1qTZnrugHE/LMp3P/sjfv/v1bwz2zE/c/euP/ZVeyVLoD9F+D3f3aQ4x+u4f5nb9x/xrKzK/38+UovEPkvew2O5LzYmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AGX+ZAoCs8ZWuizHGGGOMMcYYY38en+NKV8AYY4wxxhhjjLH//xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGSgLN0I5uAnKw81QAW6BinArVILKUAWqwm1QDW6H6nAH1IA7oSbUgtpQB+6CunA31IN7oD7cCw3gPrgfHoCG8CA0goegMTwMTeARaAqPQjNoDi2gJbT6t/JfgJ7wIvSC3pAIfaAvvAT9oD8MgJdhILwCg+BVGAyvQRIMgaHwOgyDN2A4vAkjYCSMgrdgNLwNY2AsjIPxkAwTYCK8A5PgXZgM78EUmAopMA2mw/swA2bCLPgAZsOHMAfmwjyYD6nwESyAhZAGH8Mi+ATSYTEsgaWwDJbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANtsMO+BR2wmewC3bDHvgc9sIX/2L+6f+R3w0BAQUKVKgwBmMwFmMxF+bC3Jgb82AejGAE4zAO82E+zI/5sSAWxHiMxyJYBA0aJCQsikUxilEsjsWxBJbAUlgKHTosi2WxHN6E5bE8VsAKWBErYiWsjJWxKlbFalgNq2N1rIE1sCbWxNpYG+/Cu7AP1sN6WB/rYwNskPV4ChthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YARMwATtiR+yEnbAzdsYu2AW7Ylfsht2xe8YLOQBfxBexN9YUfbAv9sV+mJRjAL6ML+MrOAhfxVfxNUzCITgUX8fX8Q0cjqdwBI7EUTgKq4m3cQyORRLjMRmTcSJOxEk4CTMLfQ+nYgpOw+k4HWfgTJyJH+Bs/BA/xLk4F+djKqbiAlyIaZiGi/A0puNiXIJLcRkux2W4ElfhSlyDa3ENrsf1uBE34mbcjFtxK27H7fgpKgD8DHfjbkzCvbgX9+E+3I/78QAewAzMwIN4EA/hITyMh/EIHsGjeAyP4zE8iSfxFJ7GM3gGz+E5PI/PxX/T+NOSq5NAZFJCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8ol8Ir/ILwqKgiJexIsioogwwggSYQwAiKiIiuKiuCghSohSopRwwomyoqwoJ8qJ8qK8qCBuERXFraKSqCzauqqiqqgm2rnq4g5RQ9QQNUUtUVvUEXVEXVFX1BP1RH1RXzQQDcT94gHRUPTBAfiQyOxMEzEEm4qh2Ew0F/LSGay1GI5tRFvRTjwhRuII7CBauwTxtOgoxmAn8TcxFp8VXcR47CqeF91Ed9FDvCB6ijaul+gtJmMf0VdMxX6ivxggXhYzsJb4AGfnrC1eE0liiBgqXhfz8Q0xXLwpRoiRYpR4S4wWb4sxYqwYJ8aLZDFBTBTviEniXSHEe2KKmCpSxDQxXbwvZoiZYpb4QMwWH4o5Yq6YJ+aLVPGRWCAWijTxsVgkPhHpYrFYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CJiYZvYLnaIT8VO8ZnYJXaLPeJzsVd8IfaJL8V+8ZU4IL4WGeIbcVB8Kw6J78Rh8b04In4QR8UxcVycECfFj+KUOC3OiLPinPhJnBc/iwvCC5AohZRSyUDGyBwyVuaUueRVMrcMLr2618g4ea3MJ6+T+WUBWVAWkvGysCwitTTSSpKhLCqLyai8XhaXN8gSsqQsJUtLJ8vIsvJGWU7eJMvLm2UFeYusKG+VlWRlWUVWlbfJavJ2CZGL+6gpa8naso68SybC3bKevEfWl/fKBvI+eb98QDaUD8pG8iHZWD4sm8hHZFP5qGwmm8sWsqVsJR+TreXjso1sK9vJJ2R7+aTsIJ+SCfJp2VH6S98iz8ou8jnZVT4vu8nusof8WV6QXvaSvSX0AdlXviT7yf5yQCwAyFfkIPmqHCxfk0lyiBwqX5fD5BtyuHxTjpAj5Sj5lhwt35Zj5Fg5To6XyXKCnCjfkZPku3KyfE9OkVNlipwmB8iBv8w0S8o/zH/nd/IH/7L3jXKT3Cy3yK1ym9wud8hP5U65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbIDHlQHpSH5CF5WB6WR+QReVQek2flCXlS/ihPydPytDwrz8lz8vyl1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vfcOoUqq0cqqMKqtu/CU/60cMf5CviqsbVAlV8lf5WfUl/oP6WqlWqrVqrdqoNqqdaqfaq/aqg+qgElSC6qg6qk6qk+qsOqsuqovqqrqqbqqb6qF6qJ6qp+qleqlElaj6qpdUP9VfDVAvq4HqFTVIDVKD1WCVpJLUUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVLJKVhPVRDVJTVKT1WQ1RU1RKSpFTVfT1Qw1Q81Ss9RsNVvNUXPUPDVPpapUtUAtUGkqTS1Si1S6WqwWq6VqqVqulquVaqVarVartWqtWq/Wq3S1SW1SW9QWtU1tUzvUDrVT7VS7xC61R+1Re9VetU/tU/vVfnVAHVAZKkMdVAfVIXVIHVaH1RF1RB1VR9VxdVydVCfVKXVKnVFn1Dl1Tp1X59UFdSHzsi8QgQhUoIKYICaIDWKDXEGuIHeQO8gT5AkiQSSIC+KCfMF1Qf6gQFAwKBTEB4WDIoEOTGADcam30eD6oHhwQ1AiKBmUCkoHLigTlA1uDMoFNwXlg5uDCsEtQcXg1qBSUDmoElQNbguqBbcH1YM7ghrBnUHNoFZQO6gT3BXUDe4O6gX3BPWDe4MGwX3B/cEDQcPgwaBR8FDQOHg4aBI8EjQNHg2aBc2DFkHLoNWfOr/3pwo87nrp3jpR99F99Uu6n+6vB+iX9UD9ih6kX9WD9Ws6SQ/RQ/Xreph+Qw/Xb+oReqQepd/So/Xbeoweq8fp8TpZT9AT9Tt6kn5XT9bv6Sl6qk7R0/R0/b6eoWfqWfoDPVt/qOfouXqenq9T9Ud6gV6o0/THepH+RKfrxXqJXqqX6eV6hV6pV+nVeo1eq9fp9XqD3qg36c16i96qt+nteof+VO/Un+lderfeoz/Xe/UXep/+Uu/XX+kD+mudob/RB/W3+pD+Th/W3+sj+gd9VB/Tx/UJfVL/qE/p0/qMPqvP6Z/0ef2zvqB95sV95se7UUaZGBNjYk2syWVymdwmt8lj8piIiZg4E2fymXwmv8lvCpqCJt7EmyKmiMlEhkxRU9RETdQUN8VNCVPClDKljDPOlDVlTTlTzpQ35U0FU8FUNBVNJVPJVDFVzG3mNnO7ud3cYe4wd5o7TS1Ty9QxdUxdU9fUM/VMfVPfNDANzP3mftPQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDAJJsF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TKJJNH1NX9PP9DMDzAAz0Aw0g8wgM9gMNkkmyQw1Q80wM8wMN8PNCDPSjMo8yZm3zRgz1owz402ySTYTzUQzyUwyk81kM8VMMSkmxUw3080MM8PMMrPMbDPbzDFzzDwzz6SaVLPALDBpJs0sMotMukk3S8wSs8wsMyvMCrPKrDJrzBqzDtaZDWaD2WQ2mS1mi9lmtpkdZofZaXaaXWaX2WP2mL1mr9ln9pn9Zr85YA6YDJNhDpqD5pA5ZA6bw+aIOWKOmqPmuDluTpqT5pQ5Zc6YM+acKXDp89KbrJN5bnu1zWPz2lib0+ayV9msuKAtZONtYVvEapvfFvhVbKy1JWxJW8qWts6WsWXtjb+JK9nKtoqtam+z1ezttvpv4rr2blvP3mPr23ttHXvXr+IG9j6beXXSEBHANreNbUvbxD5im9pHbTPb3LawLW17+6TtYJ+yCfZp29E+85t4gV1oV9nVdo1da3fZ3faMPWsP2e/sOfuT7WV724H2FTvIvmoH29dskh3ym3iUfcuOtm/bMXasHWfH/yaeYqfaFDvNTrfv2xl25m/iVPuRnW3T7Bw7186z83+JM2tKsx/bRfYTm24DWGKX2mV2uV1hV2bV6vPa9XaD3Wh32s/sFrvVbrPb7Y6sC2G72+6xn9u99gt70H5r99uv7AF72GbYb36JM4/vsP3eHrE/2KP2mD1uT9iT9keVlZ157Cfsz/aC9RYICUiSooBiKAfFUk7KRVdRbrqa8lBeitA1FEfXUj66jvJTASpIhSieClMR0mTIElFIRakYRel6yiqvFJUmR2WoLN1I5egmKk83UwW6hSrSrVSJKlMVqkq3UTW6narTHVSD7qSaVItqUx26i+rS3VSP7qH6dC81oPvofnqAGtKD1Igeosb0MDWhR6gpPUrNqDm1oJbUih6j1vQ4taG21I6eoPb0JHWgpyiBnqaO9Ax1or9RZ3qWutBz1JWep27UnXrQC9STXqRe1JsSqQ/1pZeoH/WnAfQyDaRXaBC9SoPpNUqiITSUXqdh9AYNpzdpBI2kUfQWjaa3aQyNpXE0npJpAk2kd2gSvUuT6T2aQlMphabRdHqfZtBMmkUf0Gz6kObQXJpH8ymVPqIFtJDS6GNaRJ9QOi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gpC+pP30FR2grymDvqGD9C0dou/oMH3ve9MPdJSO0XE6QSfpRzpFp+kMnaVz9BOdp5/pAnmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnzBtGwmvCuPDaMF94XZg/LBAWDAuF8WHhsEioQxPakMIwLBoWC6Ph9WHx8IawRFgyLBWWDl1YJiwb3hiWC28Ky4c3hxXCW8KK4a1hpbBy+Mi9VcPbwmrh7WH18I6wRnhnWDOsFdYO64R3hXXDu8N64T1h/fDesHx4X3h/+EDYMHwwbBQ+FDYOHw6bhI+ETcNHw2Zh87BF2DJsFT4Wtg4fD9uEbcN24RNh+/DJsEP4VJgQPh12DJ/5Zf19C//x+sSwT9g3fCl8KfT+HjkvOj+aGv0ouiC6MJoW/Ti6KPpJND26OLokujS6LLo8uiK6Mroqujq6Jro2ui66ProhujHqfZ0c4NAJJ51ygYtxOVysy+lyuatcbne1y+Pyuoi7xsW5a10+d53L7wq4gq6Qi3eFXRGnnXHWkQtdUVfMRd31rri7wZVwJV0pV9o5V8aVdS1dK9fKtXaPuzaurWvnnnBPuCfdk+4p95R72nV0z7hO7m+us3vWdXHPuefc866b6+56uBdcTzchz8X3ZKLr63yOfq6fG+AGuIFuoBvkBrnBbrBLckluqBvqhrlhbrgb7ka4EW6UG+VGu9FujBvjxrlxLtklu4luopvkJrnJbrKb4qa4FJfiprvpboab4arNvLiXOW6Om+fmuVSX6ha4zGvGNLfILXLpLt0tcUvcMrfMrXAr3Cq3yq1xa9w6t85tcBvcJrfJbXFb3Da3ze1wO9xOt9Pt8nkvTur2un1un9vv9rsD7muX4b5xB9237pD7zh1237sj7gd31B1zx90Jd9L96E650+6MO+vOuZ/cefezu+C8S45MiEyMvBOZFHk3MjnyXmRKZGokJTItMj3yfmRGZGZkVuSDyOzIh5E5kbmReZH5kdTIR5EFkYWRtMjHkUWRTyLpkcWRJZGlkWWR5RHvC28JfVFfzEf99b64v8GX8CV9KV/aO1/Gl/U3+nL+Jl/e3+wr+Ft8RX+rr+Qr+yr+Ud/MN/ctfEvfyj/mW/vHfRvf1rfzT/j2/knfwT/lE/zTvqN/xnfyf/Od/bO+i3/Od/XP+26+u+/hX/A9/Yu+l+/tE30f39e/5Pv5/n6Af9kP9K/4Qf5VP9i/5pP8ED/Uv+6H+Tf8cP+mH+FH+lExb/nRWbfIMN4n+wl+on/HT/Lv+sn+PT/FT/Upfpqf7t/3M/xMP8t/4Gf7D/0cP9fP8/N9qv/IL/ALfZr/2C/yn/h0vzjrobJf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+E/9Tv9Z36X3+33+M/9Xv+F3+e/9Pv9V/6A/9pn+G/8Qf+tP+S/84f99/6I/8Ef9cf8cX/Cn/Q/+lP+tD/jz/pz/id/3v/sL/DvrDHGGGOM/VMmXB6KX6+5+ASoz+/kiL/buC8AXL21UMbfr8+8olyX/+K4v4hvHwGAp3t3fShrqVkzMTHx0rbpEoJicwGyfhKUKQYux4uhHTwJCdAWyv1u/f1F93P0B/NHbwHI9Xc5sXA5vjz/lwCY+DvzP/bEqAUVwzNx/4/55wKUKHY5JydcjhdDu1+er7SF8v+g/gKt/6D+nF8lA7T5u5zccDm+XH9ZeByegYRfbckYY4wxxhhjjF3UX1TpnHX/mfU/Pn/v/jxeXc7JAZfjP7o/Z4wxxhhjjDHG2JX3bPceTz2WkNC2878+qP7H26jLX8n9r+6iKfy7hfHg3xp4D/B/GwcA/+GEAJkD+Vcexea/ZF9Jl946/3PVsrM+gP+OVv4Zgyt8YmKMMcYYY4z96S5f9P/66+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/+nfeIN/4q/0XeljZIwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxq60/xMAAP//U5H4Pg==") r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x20000, 0x0) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) 5.338558884s ago: executing program 1 (id=1166): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000740)={{0x80, 0x80}, 'port1\x00', 0x4, 0x10800, 0x0, 0x8000008, 0x3, 0xa, 0x7, 0x0, 0x2, 0xfa}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40505330, &(0x7f00000001c0)={0x80, 0xd, 0x6, 0x6, 0xa, 0x1}) 4.896148397s ago: executing program 1 (id=1168): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4445, &(0x7f000000cd00)="$eJzs3c9PXFsdAPDvveB7gO9V+t5bPBMTJ/ElGjUEulJpYktpKbRYU21j3EwHmLbowDQwGBdd4K6JKxMXjYtGE3esGhZu65/gxmVdN9GFGxOTRszMXOjcy4xMGwZs3+ez4DDnN3zvPZy7uJw007i/ulla3SxV1kv15bub50q/qNe21qqRDt5wROTHj+2THJ/XMIjr5BSvvc+9G5eu/Oj2uYg/r/z1xd7e3l40DUdXUx3f/+ufD5c7031poU2z3+69HZefRsQnh+bVNBQRP/lTRBIRF7O8mSwdjYgz0S67/fDXd0rHNJunz6vnyy8XH+1Of7aw82S398+eRPyu9uVv31v7+9eGpv/2zWMaHgAAAAAAAAAAAAAAAACAt9zczRu3fjg5Fc+SGN5JDr+vO5elvd6P3Ts2Xx38DwsAAAAAAAAAAAAAAAAAAAD/p169/19KPury/v9sll7o0X7v+4OfI4Mz/4Mbs5cnp7Lz35ND5d/Jsv5xcSjOdjn3vXj++8VC++7nvx8e503tz29/3PFI0pGO8vFI04mJiD9kB79/moyltfpm41t361vrK8c2jbdWPv7t0/tz0ckO9O83/jOF/gd//v/Hh66m5uc7x3eJvdPy8R/qWe+Pv0r6iv+lfLPHA5p2h48HP8Q7LB//4VbeaGeF99tJM/6/GT46/rOF/gd1/5+JiFLSnGsptwI09zDN/F77FfLy8f9CKy+3dGa/yF73/78L8b9c6P+01v/t4h8iusrH/71W3kiuRnsD0Ip/evT9f6XQ/2nEvzn/bX//+5KPf7bYD+eqtH6T/a7/c4X+u8S/9ybjNdxKs3meSXJXwE7Szu/1/+rIy8d/5FD5q+e/tK/939VC+5N6/tsft/n8N9HxHPKNpP38R3f5+I/2rNfv/T9faDfo9f9Ca//Hm8rHf6yVl987j7e+9hv/hUL/g4p/a1cysh//V+vJf95v5//e/q8v+fh/sZ2ZdtbYbn1t7f+So/f/1wr9n8b+rzn/7XSwo74r8vH/oGe9Zvz/ksV97H/c/9cL7QYf/4hJe/03lo//hz3rte7/kaPX/8VCu0HH/+uD7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLTCTpeORpBO5z2k6MRFxKfv8aYwlS5WV8lKtvvzzzYjZLL8UHyX3avWlSq28ul5fqZYrtVp9OeJyVv5JjCSbtXqjvFZ5cOWgr9HkfrWy0ViqVhoRMZflfyU+3O9rabWxVnkQEVcPyr6U1jce3K+sl1dWN743OTk5GfMHczibVH/ZqK432qO3SyMWDtqOJx2TaxVfO5jLB8nP6lsb65VaK/96R5tafblS62izmJX9Ns4mjY2t9eVKo1qu1e/tj3eaLmTp7PzNH9+8PnWo/E7STmdOdloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvKZn0999HBHD7U9pRJSS5jfv9aj/9Hn1fPnl4qPd6c8Wdp7svoiI5CTnCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLt2jRBAEYQCtbgUNPYbRMJOZjiiigSOCJ9BjeBg9ipfwDgYGpgbLwm4PLPMDy8Amy3tJQX9UV0MXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBs7p67l6e6iUhxvjqL+Hr7/tnNH0r9uJ7uP1kw83RBD4dx/9jd3NZN+fc0yq/K0W+bN+n/3/trTNTe52BPhvu0NZ4zNLdvc+/r515EylVEtCW/TDlX1X53AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0yJHBw=") r0 = open(&(0x7f0000000040)='.\x00', 0x20000, 0x0) getdents64(r0, 0x0, 0x0) getdents64(r0, 0x0, 0x0) 4.255308902s ago: executing program 4 (id=1170): r0 = syz_io_uring_setup(0x42e3, &(0x7f0000000240)={0x0, 0xf9ed, 0x3000, 0x0, 0x100028f}, &(0x7f0000000140), &(0x7f0000001440), &(0x7f0000000000)) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f00000003c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}], 0x10) poll(&(0x7f0000000400)=[{r0}], 0x1, 0x6) 3.576795001s ago: executing program 33 (id=1170): r0 = syz_io_uring_setup(0x42e3, &(0x7f0000000240)={0x0, 0xf9ed, 0x3000, 0x0, 0x100028f}, &(0x7f0000000140), &(0x7f0000001440), &(0x7f0000000000)) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f00000003c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}], 0x10) poll(&(0x7f0000000400)=[{r0}], 0x1, 0x6) 1.888786881s ago: executing program 1 (id=1177): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB="0c00990000000000000000000800a000ea15000008009f0006000000080026000816"], 0x40}}, 0x0) 1.273552007s ago: executing program 3 (id=1180): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x3}) 917.661451ms ago: executing program 3 (id=1181): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) msgsnd(0x0, &(0x7f00000000c0)={0x1}, 0x8, 0x800) sysinfo(&(0x7f0000000580)=""/213) 843.24826ms ago: executing program 3 (id=1182): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, 0x0) 545.473127ms ago: executing program 1 (id=1183): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x48, r1, 0x1, 0xffffbffe, 0x0, {}, [@NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xfb2e77a8993c1937}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x10001}]}, 0x48}}, 0x20000000) 384.081591ms ago: executing program 3 (id=1184): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x800001, 0x25dfdc00, {0x2, 0x18, 0x51, 0xff, r2}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}, 0x1, 0x0, 0x0, 0xc090}, 0x0) 137.295371ms ago: executing program 3 (id=1185): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) mmap(&(0x7f00009c5000/0x4000)=nil, 0x4000, 0x3, 0x28012, r0, 0x0) syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f00009c5000/0x1000)=nil, 0x1000, 0x3, 0x28012, r0, 0x0) 0s ago: executing program 3 (id=1186): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xc5}]}, 0x2c}}, 0x0) kernel console output (not intermixed with test programs): 141.036487][ T6662] loop4: detected capacity change from 0 to 4096 [ 141.050820][ T6662] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 141.213153][ T6670] netlink: 'syz.1.322': attribute type 4 has an invalid length. [ 141.302770][ T6662] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 141.504397][ T6681] program syz.1.325 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 141.559380][ T6662] ntfs3(loop4): Failed to load $Extend (-22). [ 141.559405][ T6662] ntfs3(loop4): Failed to initialize $Extend. [ 141.629040][ T6662] ntfs3(loop4): ino=0, attr_set_size_ex [ 142.133137][ T6697] loop2: detected capacity change from 0 to 64 [ 142.141836][ T6697] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 142.995741][ T6719] vcan0: tx drop: invalid da for name 0x0000000000000033 [ 144.563801][ T6759] netlink: 12 bytes leftover after parsing attributes in process `syz.4.360'. [ 144.741682][ T6766] program syz.0.362 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 145.462054][ T6785] 9p: Bad value for 'rfdno' [ 145.609437][ T6788] loop2: detected capacity change from 0 to 2048 [ 145.969018][ T6801] netlink: 20 bytes leftover after parsing attributes in process `syz.1.375'. [ 145.978665][ T6804] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 146.189582][ T6809] loop0: detected capacity change from 0 to 512 [ 146.235583][ T6809] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.379: inode has both inline data and extents flags [ 146.235977][ T6809] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 146.243559][ C1] EXT4-fs (loop0): initial error at time 1778004718: ext4_orphan_get:1397: inode 15 [ 146.243591][ C1] EXT4-fs (loop0): last error at time 1778004718: ext4_orphan_get:1397: inode 15 [ 146.305171][ T6809] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.379: couldn't read orphan inode 15 (err -117) [ 146.305385][ T6809] loop0: lost filesystem error report for type 5 error -117 [ 146.339351][ T6809] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.499442][ T5612] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.859530][ T6827] loop2: detected capacity change from 0 to 128 [ 147.019217][ T6827] FAT-fs (loop2): Directory bread(block 162) failed [ 147.019248][ T6827] FAT-fs (loop2): Directory bread(block 163) failed [ 147.019270][ T6827] FAT-fs (loop2): Directory bread(block 164) failed [ 147.019291][ T6827] FAT-fs (loop2): Directory bread(block 165) failed [ 147.019312][ T6827] FAT-fs (loop2): Directory bread(block 166) failed [ 147.019332][ T6827] FAT-fs (loop2): Directory bread(block 167) failed [ 147.019351][ T6827] FAT-fs (loop2): Directory bread(block 168) failed [ 147.019370][ T6827] FAT-fs (loop2): Directory bread(block 169) failed [ 147.159816][ T6834] FAT-fs (loop2): Directory bread(block 162) failed [ 147.159846][ T6834] FAT-fs (loop2): Directory bread(block 163) failed [ 147.325496][ T6835] syz.2.384: attempt to access beyond end of device [ 147.325496][ T6835] loop2: rw=3, sector=226, nr_sectors = 6 limit=128 [ 147.325616][ T6835] syz.2.384: attempt to access beyond end of device [ 147.325616][ T6835] loop2: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 147.474498][ T6834] syz.2.384: attempt to access beyond end of device [ 147.474498][ T6834] loop2: rw=3, sector=234, nr_sectors = 6 limit=128 [ 147.474680][ T6834] syz.2.384: attempt to access beyond end of device [ 147.474680][ T6834] loop2: rw=2051, sector=240, nr_sectors = 2 limit=128 [ 148.498121][ T6853] netlink: 'syz.4.397': attribute type 83 has an invalid length. [ 148.736387][ T6860] loop4: detected capacity change from 0 to 512 [ 148.987166][ T6860] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 149.017933][ T6871] loop1: detected capacity change from 0 to 256 [ 149.028227][ T6871] vfat: Bad value for 'nfs' [ 149.049647][ T6860] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 149.049695][ T6860] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz.4.399: Failed to acquire dquot type 1 [ 149.049717][ T6860] loop4: lost filesystem error report for type 5 error -117 [ 149.052840][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 149.052859][ C0] EXT4-fs (loop4): last error at time 1778004721: ext4_acquire_dquot:7034 [ 149.089729][ T6860] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 149.089864][ T6860] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 149.089899][ T6860] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz.4.399: Failed to acquire dquot type 1 [ 149.089919][ T6860] loop4: lost filesystem error report for type 5 error -117 [ 149.163087][ T6874] loop3: detected capacity change from 0 to 256 [ 149.195953][ T6860] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.399: bg 0: block 248: padding at end of block bitmap is not set [ 149.195991][ T6860] loop4: lost filesystem error report for type 5 error -117 [ 149.295019][ T6874] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00007372) [ 149.500403][ T6860] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 149.500429][ T6860] loop4: lost filesystem error report for type 5 error -117 [ 149.525176][ T6860] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 149.525373][ T6860] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 149.525412][ T6860] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz.4.399: Failed to acquire dquot type 1 [ 149.525434][ T6860] loop4: lost filesystem error report for type 5 error -117 [ 149.692193][ T6880] loop1: detected capacity change from 0 to 256 [ 149.840020][ T6860] EXT4-fs (loop4): 1 orphan inode deleted [ 149.864071][ T6860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 149.864226][ T6860] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 150.039681][ T6860] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 150.298545][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.792392][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 151.012841][ T6894] loop4: detected capacity change from 0 to 256 [ 151.140439][ T5747] kernel read not supported for file /adsp1 (pid: 5747 comm: kworker/0:6) [ 151.397694][ T6894] FAT-fs (loop4): Directory bread(block 64) failed [ 151.397725][ T6894] FAT-fs (loop4): Directory bread(block 65) failed [ 151.397838][ T6894] FAT-fs (loop4): Directory bread(block 66) failed [ 151.397858][ T6894] FAT-fs (loop4): Directory bread(block 67) failed [ 151.397941][ T6894] FAT-fs (loop4): Directory bread(block 68) failed [ 151.397960][ T6894] FAT-fs (loop4): Directory bread(block 69) failed [ 151.398043][ T6894] FAT-fs (loop4): Directory bread(block 70) failed [ 151.398061][ T6894] FAT-fs (loop4): Directory bread(block 71) failed [ 151.398135][ T6894] FAT-fs (loop4): Directory bread(block 72) failed [ 151.398154][ T6894] FAT-fs (loop4): Directory bread(block 73) failed [ 152.051627][ T9] usb 5-1: unable to get BOS descriptor or descriptor too short [ 152.052553][ T9] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 152.052584][ T9] usb 5-1: can't read configurations, error -71 [ 152.132740][ T60] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 152.335689][ T6911] program syz.0.421 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 152.381834][ T60] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 152.395871][ T60] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 152.516801][ T60] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 152.528271][ T60] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 152.648325][ T1008] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 152.739755][ T4191] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.011961][ T1008] usb 4-1: Using ep0 maxpacket: 16 [ 153.026869][ T1008] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 153.026922][ T1008] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 153.026949][ T1008] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 153.026968][ T1008] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 153.026988][ T1008] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 153.090022][ T1008] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 153.090052][ T1008] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 153.090072][ T1008] usb 4-1: Manufacturer: syz [ 153.121957][ T1008] usb 4-1: config 0 descriptor?? [ 153.357080][ T6908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 153.443722][ T6908] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 153.718556][ T6919] batman_adv: batadv0: Adding interface: ipvlan2 [ 153.718574][ T6919] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 153.718602][ T6919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.718617][ T6919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.718627][ T6919] batman_adv: batadv0: Not using interface ipvlan2 (retrying later): interface not active [ 153.836319][ T1008] rc_core: IR keymap rc-hauppauge not found [ 153.836340][ T1008] Registered IR keymap rc-empty [ 153.837414][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 153.858406][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 153.887483][ T1008] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 153.924020][ T1008] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input8 [ 153.996781][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.026448][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.041289][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.071308][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.094256][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.111627][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.130573][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.150567][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.170405][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.191470][ T1008] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 154.285029][ T1008] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 154.285053][ T1008] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 154.387139][ T1008] usb 4-1: USB disconnect, device number 2 [ 154.715471][ T5626] Bluetooth: hci3: command tx timeout [ 154.871152][ T6935] loop1: detected capacity change from 0 to 4096 [ 155.002545][ T6935] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 155.042256][ T4191] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.699694][ T6935] ntfs3(loop1): ino=1a, mi_enum_attr [ 155.699725][ T6935] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 155.868088][ T4191] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.338992][ T6963] loop3: detected capacity change from 0 to 512 [ 156.341273][ T6963] EXT4-fs: Ignoring removed nomblk_io_submit option [ 156.355635][ T6963] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 156.355655][ T6963] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8840c01d, mo2=0102] [ 156.355946][ T6963] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80) [ 156.355964][ T6963] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features [ 156.438421][ T6966] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 156.453278][ T6963] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 156.584476][ T5932] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 156.715878][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.770366][ T5932] usb 5-1: Using ep0 maxpacket: 8 [ 156.781267][ T5932] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 156.781295][ T5932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.781313][ T5932] usb 5-1: Product: syz [ 156.781326][ T5932] usb 5-1: Manufacturer: syz [ 156.781339][ T5932] usb 5-1: SerialNumber: syz [ 156.790370][ T5626] Bluetooth: hci3: command tx timeout [ 156.875144][ T5932] usb 5-1: config 0 descriptor?? [ 156.913321][ T6971] loop0: detected capacity change from 0 to 4096 [ 156.928166][ T38] audit: type=1326 audit(1778004729.246:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6972 comm="syz.3.444" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd16490cdd9 code=0x0 [ 156.988912][ T5932] gspca_main: se401-2.14.0 probing 047d:5003 [ 157.366192][ T4191] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.428577][ T5932] gspca_se401: Too many frame sizes [ 157.782968][ T5622] usb 5-1: USB disconnect, device number 4 [ 157.954891][ T6975] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 158.219230][ T6977] ip6gre1: entered promiscuous mode [ 158.219268][ T6977] ip6gre1: entered allmulticast mode [ 158.396605][ T3678] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 158.397008][ T3678] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 158.441584][ T5622] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 158.441913][ T5622] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 158.443587][ T6979] loop1: detected capacity change from 0 to 2048 [ 158.575525][ T6979] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.872126][ T5626] Bluetooth: hci3: command tx timeout [ 159.229881][ T6979] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 159.438825][ T6979] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 3 with error 28 [ 159.438857][ T6979] EXT4-fs (loop1): This should not happen!! Data will be lost [ 159.438857][ T6979] [ 159.438872][ T6979] EXT4-fs (loop1): Total free blocks count 0 [ 159.438885][ T6979] EXT4-fs (loop1): Free/Dirty block details [ 159.439195][ T6979] EXT4-fs (loop1): free_blocks=2415919504 [ 159.479619][ T6990] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 159.479649][ T6990] EXT4-fs (loop1): This should not happen!! Data will be lost [ 159.479649][ T6990] [ 159.479663][ T6990] EXT4-fs (loop1): Total free blocks count 0 [ 159.479675][ T6990] EXT4-fs (loop1): Free/Dirty block details [ 159.518142][ T5622] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 159.619573][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.4.456'. [ 159.903309][ T6994] loop3: detected capacity change from 0 to 32768 [ 160.182915][ T5608] EXT4-fs warning (device loop1): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 160.665103][ T7010] overlayfs: workdir and upperdir must reside under the same mount [ 160.953377][ T5626] Bluetooth: hci3: command tx timeout [ 161.006959][ T4191] bridge_slave_1: left allmulticast mode [ 161.007145][ T4191] bridge_slave_1: left promiscuous mode [ 161.050376][ T4191] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.086396][ T7017] loop3: detected capacity change from 0 to 4096 [ 161.158413][ T7018] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 161.196255][ T4191] bridge_slave_0: left allmulticast mode [ 161.196288][ T4191] bridge_slave_0: left promiscuous mode [ 161.214686][ T4191] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.487704][ T7022] loop3: detected capacity change from 0 to 128 [ 161.489116][ T7022] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 161.490139][ T7022] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 161.498386][ T7022] capability: warning: `syz.3.464' uses deprecated v2 capabilities in a way that may be insecure [ 162.390852][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 162.544705][ T7024] loop1: detected capacity change from 0 to 131072 [ 162.575510][ T7024] F2FS-fs (loop1): invalid crc value [ 162.740197][ T7024] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 162.763144][ T7024] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 163.381367][ T4191] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 163.461561][ T4191] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.490187][ T4191] bond0 (unregistering): Released all slaves [ 164.471220][ T7052] sctp: [Deprecated]: syz.3.472 (pid 7052) Use of int in maxseg socket option. [ 164.471220][ T7052] Use struct sctp_assoc_value instead [ 165.000890][ T7066] loop4: detected capacity change from 0 to 2048 [ 165.045680][ T7066] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 165.045712][ T7066] NILFS (loop4): mounting unchecked fs [ 165.175496][ T5980] udevd[5980]: incorrect nilfs2 checksum on /dev/loop4 [ 165.247118][ T7066] NILFS (loop4): recovery complete [ 165.390789][ T7075] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 165.988158][ T7089] netlink: 104 bytes leftover after parsing attributes in process `syz.1.483'. [ 166.386738][ T7065] macvtap1: entered allmulticast mode [ 166.386759][ T7065] dummy0: entered allmulticast mode [ 166.386844][ T7065] dummy0: entered promiscuous mode [ 166.494960][ T7065] dummy0: left allmulticast mode [ 166.855067][ T5269] 8021q: adding VLAN 0 to HW filter on device eth1 [ 166.857709][ T5622] dummy0: left promiscuous mode [ 167.265868][ T7118] loop1: detected capacity change from 0 to 512 [ 167.285823][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.496'. [ 167.396721][ T7118] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.396855][ T7118] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 167.461918][ T7120] geneve2: entered promiscuous mode [ 167.461944][ T7120] geneve2: entered allmulticast mode [ 167.896428][ T5608] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.192350][ T7128] input: syz0 as /devices/virtual/input/input9 [ 168.670433][ T5622] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 168.703701][ T173] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 168.783575][ T173] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 168.805013][ T56] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 168.805063][ T56] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 168.856215][ T5622] usb 5-1: Using ep0 maxpacket: 16 [ 168.866705][ T5622] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 168.866765][ T5622] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 168.866793][ T5622] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 168.866812][ T5622] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 168.866832][ T5622] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 168.867957][ T5622] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 168.867983][ T5622] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 168.868002][ T5622] usb 5-1: Manufacturer: syz [ 168.903835][ T5622] usb 5-1: config 0 descriptor?? [ 169.273179][ T7146] syz.3.504 (7146) used greatest stack depth: 17776 bytes left [ 169.287605][ T5622] rc_core: IR keymap rc-hauppauge not found [ 169.287623][ T5622] Registered IR keymap rc-empty [ 169.287763][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.346434][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.380580][ T5622] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 169.403498][ T5622] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input10 [ 169.476405][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.492012][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.522345][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.540494][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.570633][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.590405][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.610436][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.611674][ T38] audit: type=1326 audit(1778070277.942:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.612633][ T38] audit: type=1326 audit(1778070277.942:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.633449][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.634818][ T38] audit: type=1326 audit(1778070277.942:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.634861][ T38] audit: type=1326 audit(1778070277.962:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.634898][ T38] audit: type=1326 audit(1778070277.962:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.634979][ T38] audit: type=1326 audit(1778070277.962:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd1648cd60e code=0x7ffc0000 [ 169.637536][ T38] audit: type=1326 audit(1778070277.962:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.637580][ T38] audit: type=1326 audit(1778070277.962:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.656170][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.666278][ T38] audit: type=1326 audit(1778070277.982:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.666382][ T38] audit: type=1326 audit(1778070277.992:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.3.507" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd16490cdd9 code=0x7ffc0000 [ 169.678677][ T5622] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 169.776250][ T5622] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 169.776273][ T5622] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 170.050456][ T5622] usb 5-1: USB disconnect, device number 5 [ 170.150845][ T7164] loop3: detected capacity change from 0 to 1024 [ 170.194403][ T7164] EXT4-fs: Ignoring removed orlov option [ 170.555796][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 170.566925][ T7164] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 170.812152][ T7176] loop5: detected capacity change from 0 to 7 [ 170.867429][ T7176] Dev loop5: unable to read RDB block 7 [ 170.867461][ T7176] loop5: AHDI p1 [ 170.867494][ T7176] loop5: partition table partially beyond EOD, truncated [ 171.690588][ T6907] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.690887][ T6907] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.691179][ T6907] bridge_slave_0: entered allmulticast mode [ 171.706289][ T6907] bridge_slave_0: entered promiscuous mode [ 171.915404][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.960841][ T4191] hsr_slave_0: left promiscuous mode [ 172.060889][ T4191] hsr_slave_1: left promiscuous mode [ 172.062312][ T4191] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 172.062410][ T4191] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 172.118938][ T4191] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 172.118965][ T4191] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 172.569135][ T7205] loop1: detected capacity change from 0 to 128 [ 173.346742][ T7211] loop3: detected capacity change from 0 to 1024 [ 173.347605][ T7211] EXT4-fs: Ignoring removed orlov option [ 173.549018][ T7219] netlink: 12 bytes leftover after parsing attributes in process `syz.4.527'. [ 173.549054][ T7219] IPv6: NLM_F_CREATE should be specified when creating new route [ 173.619520][ T7168] syz.0.511 (7168) used greatest stack depth: 17752 bytes left [ 173.636437][ T7211] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.696770][ T7211] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.860796][ T4191] veth1_macvtap: left promiscuous mode [ 173.861181][ T4191] veth0_macvtap: left promiscuous mode [ 173.861488][ T4191] veth1_vlan: left promiscuous mode [ 173.861843][ T4191] veth0_vlan: left promiscuous mode [ 175.159276][ T7237] loop1: detected capacity change from 0 to 32768 [ 175.691169][ T4191] team0 (unregistering): Port device team_slave_1 removed [ 175.831218][ T4191] team0 (unregistering): Port device team_slave_0 removed [ 176.004693][ T7244] program syz.1.539 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 176.297524][ T6907] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.297753][ T6907] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.298008][ T6907] bridge_slave_1: entered allmulticast mode [ 176.305346][ T6907] bridge_slave_1: entered promiscuous mode [ 176.362654][ T5269] 8021q: adding VLAN 0 to HW filter on device eth2 [ 176.834312][ T7262] netlink: 8 bytes leftover after parsing attributes in process `syz.1.547'. [ 176.960870][ T7266] netlink: 36 bytes leftover after parsing attributes in process `syz.1.549'. [ 177.328109][ T6907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 177.382868][ T6907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 177.620120][ T6907] team0: Port device team_slave_0 added [ 177.632090][ T6907] team0: Port device team_slave_1 added [ 177.908867][ T6907] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 177.908882][ T6907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 177.908905][ T6907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 177.929826][ T6907] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.929842][ T6907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 177.929867][ T6907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.008545][ T7280] loop3: detected capacity change from 0 to 256 [ 178.238141][ T7280] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 178.885691][ T6907] hsr_slave_0: entered promiscuous mode [ 178.901799][ T6907] hsr_slave_1: entered promiscuous mode [ 178.906474][ T6907] debugfs: 'hsr0' already exists in 'hsr' [ 178.906498][ T6907] Cannot create hsr debugfs directory [ 178.945012][ T60] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 178.978057][ T60] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 179.003755][ T60] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 179.070796][ T60] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 179.072359][ T60] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 180.489135][ T5269] 8021q: adding VLAN 0 to HW filter on device eth3 [ 180.611546][ T37] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 180.774894][ T37] usb 5-1: config 246 has an invalid interface number: 166 but max is 0 [ 180.774921][ T37] usb 5-1: config 246 has no interface number 0 [ 180.774966][ T37] usb 5-1: config 246 interface 166 altsetting 118 has an endpoint descriptor with address 0xAA, changing to 0x8A [ 180.774992][ T37] usb 5-1: config 246 interface 166 altsetting 118 endpoint 0x8A has invalid wMaxPacketSize 0 [ 180.775014][ T37] usb 5-1: config 246 interface 166 has no altsetting 0 [ 180.876555][ T37] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 9.63 [ 180.876585][ T37] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.876604][ T37] usb 5-1: Product: syz [ 180.876621][ T37] usb 5-1: Manufacturer: syz [ 180.876635][ T37] usb 5-1: SerialNumber: syz [ 181.284297][ T60] Bluetooth: hci4: command tx timeout [ 181.657505][ T7298] loop3: detected capacity change from 0 to 32768 [ 181.931584][ T37] usb 5-1: Limiting number of CPorts to U8_MAX [ 182.535042][ T37] usb 5-1: Unknown endpoint type found, address 0x0b [ 182.535065][ T37] usb 5-1: Unknown endpoint type found, address 0x8a [ 182.535080][ T37] usb 5-1: Not enough endpoints found in device, aborting! [ 182.729873][ T7298] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/loop3": -EINTR [ 183.350656][ T60] Bluetooth: hci4: command tx timeout [ 183.684163][ T37] usb 5-1: USB disconnect, device number 6 [ 184.709771][ T7334] loop3: detected capacity change from 0 to 16 [ 184.730913][ T7334] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 185.432962][ T60] Bluetooth: hci4: command tx timeout [ 185.706975][ T38] kauditd_printk_skb: 20 callbacks suppressed [ 185.706989][ T38] audit: type=1326 audit(1778070294.032:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.708768][ T38] audit: type=1326 audit(1778070294.032:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.709506][ T38] audit: type=1326 audit(1778070294.032:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.709900][ T38] audit: type=1326 audit(1778070294.032:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.730099][ T38] audit: type=1326 audit(1778070294.052:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.730150][ T38] audit: type=1326 audit(1778070294.052:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.730190][ T38] audit: type=1326 audit(1778070294.052:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.734705][ T38] audit: type=1326 audit(1778070294.052:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.734752][ T38] audit: type=1326 audit(1778070294.062:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.734788][ T38] audit: type=1326 audit(1778070294.062:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.4.570" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22a4acdd9 code=0x7ffc0000 [ 185.930512][ T7359] loop3: detected capacity change from 0 to 512 [ 185.955137][ T7359] EXT4-fs: Ignoring removed nomblk_io_submit option [ 186.053931][ T7359] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.054056][ T7359] ext4 filesystem being mounted at /141/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 186.256096][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.329516][ T4191] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.555329][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 186.686682][ T7376] loop4: detected capacity change from 0 to 128 [ 186.930382][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 187.079885][ T7381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.580'. [ 187.108602][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 187.108651][ T9] usb 2-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00 [ 187.108673][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.117790][ T9] usb 2-1: config 0 descriptor?? [ 187.123223][ T7377] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 187.403638][ T7381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.580'. [ 187.510493][ T60] Bluetooth: hci4: command tx timeout [ 187.545231][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545268][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545294][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545319][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545344][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545369][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545394][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545419][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545444][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.545474][ T9] asus 0003:0B05:1ABE.0003: unknown main item tag 0x0 [ 187.619401][ T9] asus 0003:0B05:1ABE.0003: unbalanced collection at end of report description [ 187.629932][ T9] asus 0003:0B05:1ABE.0003: Asus hid parse failed: -22 [ 187.630054][ T9] asus 0003:0B05:1ABE.0003: probe with driver asus failed with error -22 [ 187.803067][ T1008] usb 2-1: USB disconnect, device number 4 [ 188.145449][ T4191] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.743426][ T5269] 8021q: adding VLAN 0 to HW filter on device eth4 [ 188.782484][ T5734] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 188.970695][ T5734] usb 2-1: Using ep0 maxpacket: 32 [ 188.973278][ T5734] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.973307][ T5734] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.973343][ T5734] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 188.973365][ T5734] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.978247][ T5734] usb 2-1: config 0 descriptor?? [ 189.166315][ T5734] hub 2-1:0.0: USB hub found [ 189.222230][ T7426] loop5: detected capacity change from 0 to 1 [ 189.226197][ T5734] hub 2-1:0.0: 1 port detected [ 189.308412][ T4191] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.359823][ T7426] Dev loop5: unable to read RDB block 1 [ 189.359865][ T7426] loop5: unable to read partition table [ 189.360053][ T7426] loop5: partition table beyond EOD, truncated [ 189.360071][ T7426] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 189.764614][ T5734] usb 2-1: USB disconnect, device number 5 [ 189.800807][ T1008] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 189.938154][ T4191] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.980673][ T1008] usb 4-1: Using ep0 maxpacket: 16 [ 190.008993][ T1008] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 190.009022][ T1008] usb 4-1: config 0 interface 0 has no altsetting 0 [ 190.009041][ T1008] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 190.009053][ T1008] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.046653][ T1008] usb 4-1: config 0 descriptor?? [ 190.384852][ T7435] ip6gre1: entered promiscuous mode [ 190.384868][ T7435] ip6gre1: entered allmulticast mode [ 190.593056][ T6907] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 190.738452][ T6907] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 190.785028][ T1008] nzxt-smart2 0003:1E71:2009.0004: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0 [ 190.870011][ C1] usb 4-1: input irq status -75 received [ 190.916307][ T6907] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 190.984320][ T7445] program syz.1.601 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.172779][ T1008] usb 4-1: USB disconnect, device number 3 [ 191.241133][ T6907] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 191.600432][ T6907] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 191.860790][ T6907] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 192.269743][ T6907] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 192.382597][ T6907] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 193.138751][ T7482] loop3: detected capacity change from 0 to 4096 [ 193.185296][ T7487] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 193.230094][ T7482] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 193.369755][ T7482] ntfs3(loop3): ino=19, mi_enum_attr [ 193.779436][ T7482] ntfs3(loop3): failed to convert "c46c" to maciceland [ 194.079389][ T7482] ntfs3(loop3): ino=20, mi_enum_attr [ 194.251208][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.251304][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.369911][ T7508] loop3: detected capacity change from 0 to 8 [ 194.378321][ T7508] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 194.441121][ T5980] udevd[5980]: incorrect cramfs checksum on /dev/loop3 [ 194.499832][ T7508] cramfs: bad data blocksize 4294934200 [ 194.499859][ T7508] cramfs: bad data blocksize 4294934200 [ 194.503294][ T38] kauditd_printk_skb: 9 callbacks suppressed [ 194.503310][ T38] audit: type=1800 audit(1778070302.822:67): pid=7508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.623" name="file1" dev="loop3" ino=33092 res=0 errno=0 [ 194.783762][ T4191] bridge_slave_1: left allmulticast mode [ 194.783794][ T4191] bridge_slave_1: left promiscuous mode [ 194.784050][ T4191] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.992110][ T4191] bridge_slave_0: left allmulticast mode [ 194.992133][ T4191] bridge_slave_0: left promiscuous mode [ 194.992292][ T4191] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.197659][ T7518] netlink: 164 bytes leftover after parsing attributes in process `syz.1.628'. [ 195.197900][ T7518] netlink: 36 bytes leftover after parsing attributes in process `syz.1.628'. [ 195.285822][ T7516] loop4: detected capacity change from 0 to 32768 [ 195.326336][ T7516] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 195.467083][ T7516] XFS (loop4): Ending clean mount [ 195.494606][ T7528] loop1: detected capacity change from 0 to 4096 [ 196.120010][ T7528] ntfs3(loop1): failed to convert "0080" to koi8-ru [ 196.146554][ T7528] ntfs3(loop1): failed to convert name for inode 1e. [ 196.158716][ T7528] ntfs3(loop1): ino=1f, mi_enum_attr [ 196.158765][ T7528] ntfs3(loop1): failed to convert "256c" to koi8-ru [ 196.362570][ T5610] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 196.500995][ T7530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.631'. [ 197.242140][ T4191] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.300914][ T4191] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.342509][ T4191] bond0 (unregistering): Released all slaves [ 197.449440][ T7542] syzkaller1: tun_chr_ioctl cmd 2148553947 [ 197.649310][ T7547] netlink: 72 bytes leftover after parsing attributes in process `syz.1.636'. [ 198.672121][ T7287] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.672804][ T7287] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.673196][ T7287] bridge_slave_0: entered allmulticast mode [ 198.694695][ T7287] bridge_slave_0: entered promiscuous mode [ 198.842256][ T7287] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.842631][ T7287] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.842948][ T7287] bridge_slave_1: entered allmulticast mode [ 198.857488][ T7287] bridge_slave_1: entered promiscuous mode [ 199.280851][ T7572] macvtap1: entered promiscuous mode [ 199.286992][ T7572] macvtap1: entered allmulticast mode [ 199.287013][ T7572] veth1_vlan: entered allmulticast mode [ 200.122955][ T5269] 8021q: adding VLAN 0 to HW filter on device eth5 [ 200.217240][ T7287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.379337][ T7287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.406046][ T7594] loop1: detected capacity change from 0 to 4096 [ 200.675154][ T7287] team0: Port device team_slave_0 added [ 200.684299][ T7599] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 200.860168][ T7601] loop4: detected capacity change from 0 to 1764 [ 200.901562][ T7594] NILFS (loop1): cannot delete checkpoints: invalid range [1, 0) [ 200.901589][ T7594] NILFS (loop1): error -22 preparing GC: cannot delete checkpoints [ 200.980389][ T4191] hsr_slave_0: left promiscuous mode [ 201.062679][ T4191] hsr_slave_1: left promiscuous mode [ 201.065759][ T4191] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 201.065776][ T4191] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 201.144742][ T4191] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 201.144768][ T4191] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 201.410916][ T7601] netlink: 'syz.4.648': attribute type 3 has an invalid length. [ 201.430605][ T5626] Bluetooth: hci2: command 0x0406 tx timeout [ 201.432091][ T5618] Bluetooth: hci1: command 0x0406 tx timeout [ 201.432321][ T5618] Bluetooth: hci0: command 0x0406 tx timeout [ 201.684558][ T4191] veth1_macvtap: left promiscuous mode [ 201.684660][ T4191] veth0_macvtap: left promiscuous mode [ 201.684916][ T4191] veth1_vlan: left promiscuous mode [ 201.685102][ T4191] veth0_vlan: left promiscuous mode [ 201.973612][ T7613] loop4: detected capacity change from 0 to 256 [ 202.070140][ T7613] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 202.120402][ T5932] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 202.293346][ T5932] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 202.293382][ T5932] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 202.293403][ T5932] usb 2-1: config 220 contains an unexpected descriptor of type 0x1, skipping [ 202.293420][ T5932] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 202.293437][ T5932] usb 2-1: config 220 has no interface number 2 [ 202.293504][ T5932] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 202.293530][ T5932] usb 2-1: config 220 interface 0 has no altsetting 0 [ 202.293548][ T5932] usb 2-1: config 220 interface 76 has no altsetting 0 [ 202.293564][ T5932] usb 2-1: config 220 interface 1 has no altsetting 0 [ 202.295607][ T5932] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 202.295637][ T5932] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.295656][ T5932] usb 2-1: Product: syz [ 202.295670][ T5932] usb 2-1: Manufacturer: syz [ 202.295684][ T5932] usb 2-1: SerialNumber: syz [ 202.564505][ T5932] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 202.564545][ T5932] uvcvideo 2-1:220.0: No valid video chain found. [ 202.564679][ T5932] usb 2-1: selecting invalid altsetting 0 [ 202.675220][ T5932] usb 2-1: selecting invalid altsetting 0 [ 202.675254][ T5932] usbtest 2-1:220.1: probe with driver usbtest failed with error -22 [ 202.730643][ T5932] usb 2-1: USB disconnect, device number 6 [ 203.325114][ T7620] loop1: detected capacity change from 0 to 256 [ 203.362811][ T7620] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 203.957869][ T4191] team0 (unregistering): Port device team_slave_1 removed [ 204.094706][ T4191] team0 (unregistering): Port device team_slave_0 removed [ 204.353804][ T7634] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold [ 204.400969][ T5747] IPVS: starting estimator thread 0... [ 204.492908][ T7635] IPVS: using max 9 ests per chain, 21600 per kthread [ 205.190025][ T7641] loop1: detected capacity change from 0 to 32768 [ 205.224092][ T7641] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 205.309563][ T7641] XFS (loop1): Ending clean mount [ 205.317457][ T7287] team0: Port device team_slave_1 added [ 205.455703][ T5608] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 205.872034][ T7657] loop3: detected capacity change from 0 to 8192 [ 205.934797][ T7287] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.934813][ T7287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 205.934834][ T7287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.045360][ T7287] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.045376][ T7287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 206.045400][ T7287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.183523][ T7657] loop3: p1 < > p2 p4 < p5 > [ 206.183560][ T7657] loop3: partition table partially beyond EOD, truncated [ 206.184292][ T7657] loop3: p1 start 134217728 is beyond EOD, truncated [ 206.184315][ T7657] loop3: p2 size 591360 extends beyond EOD, truncated [ 206.224223][ T7660] block nbd4: NBD_DISCONNECT [ 206.244616][ T7660] block nbd4: Send disconnect failed -32 [ 206.248193][ T7658] block nbd4: Disconnected due to user request. [ 206.248215][ T7658] block nbd4: shutting down sockets [ 206.336375][ T7657] loop3: p5 size 591360 extends beyond EOD, truncated [ 207.064529][ T7287] hsr_slave_0: entered promiscuous mode [ 207.077303][ T7287] hsr_slave_1: entered promiscuous mode [ 207.078991][ T7287] debugfs: 'hsr0' already exists in 'hsr' [ 207.079014][ T7287] Cannot create hsr debugfs directory [ 207.326125][ T6907] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.373895][ T5948] udevd[5948]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 207.375305][ T5980] udevd[5980]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 207.452228][ T5983] udevd[5983]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 207.618963][ T7686] netlink: 28 bytes leftover after parsing attributes in process `syz.4.678'. [ 207.619027][ T7686] netem: change failed [ 207.795004][ T4191] IPVS: stop unused estimator thread 0... [ 208.191584][ T6907] 8021q: adding VLAN 0 to HW filter on device team0 [ 208.485558][ T5269] 8021q: adding VLAN 0 to HW filter on device eth6 [ 208.522443][ T4191] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.539472][ T4191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.876175][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.876270][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.793844][ T7726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.692'. [ 210.004866][ T7726] geneve2: entered promiscuous mode [ 210.004893][ T7726] geneve2: entered allmulticast mode [ 210.015647][ T5932] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 210.069771][ T4191] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 210.070064][ T4191] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 210.129468][ T4191] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 210.150407][ T4191] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 210.274225][ T5932] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 210.274258][ T5932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.359700][ T7736] loop3: detected capacity change from 0 to 164 [ 210.403420][ T5932] usb 5-1: config 0 descriptor?? [ 210.554890][ T5932] cp210x 5-1:0.0: cp210x converter detected [ 210.849682][ T7736] ISOFS: unable to read i-node block [ 210.849821][ T7736] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 210.892475][ T5932] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 210.957096][ T5932] usb 5-1: cp210x converter now attached to ttyUSB0 [ 211.139157][ T9] usb 5-1: USB disconnect, device number 7 [ 211.335185][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 211.580676][ T9] cp210x 5-1:0.0: device disconnected [ 211.614038][ T5630] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 211.687329][ T5630] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 211.706947][ T5630] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 211.717363][ T5630] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 211.719447][ T5630] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 211.852761][ T7755] netlink: 12 bytes leftover after parsing attributes in process `syz.4.698'. [ 212.024095][ T5269] 8021q: adding VLAN 0 to HW filter on device eth7 [ 212.914789][ T7774] netlink: 12 bytes leftover after parsing attributes in process `syz.4.704'. [ 212.914817][ T7774] netlink: 12 bytes leftover after parsing attributes in process `syz.4.704'. [ 213.910481][ T60] Bluetooth: hci5: command tx timeout [ 214.228895][ T7812] loop3: detected capacity change from 0 to 512 [ 214.674220][ T7812] EXT4-fs (loop3): 1 orphan inode deleted [ 214.677353][ T7812] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.904424][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.619990][ T7829] hpfs: Bad magic ... probably not HPFS [ 215.990485][ T60] Bluetooth: hci5: command tx timeout [ 216.166700][ T7832] loop1: detected capacity change from 0 to 131072 [ 216.313915][ T7832] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 216.332203][ T7832] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 216.373614][ T7832] F2FS-fs (loop1): recover xattr in inode (7), error(0) [ 216.373673][ T7832] F2FS-fs (loop1): set inode (7) has corrupted xattr [ 216.633412][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 218.070406][ T60] Bluetooth: hci5: command tx timeout [ 219.032919][ T7875] loop4: detected capacity change from 0 to 16 [ 219.339534][ T7875] erofs (device loop4): mounted with root inode @ nid 36. [ 219.419814][ T7875] syz.4.731: attempt to access beyond end of device [ 219.419814][ T7875] loop4: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 219.571761][ T7875] erofs (device loop4): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 4096 [ 219.571806][ T7875] erofs (device loop4): read error -117 @ 0 of nid 89 [ 219.572116][ T38] audit: type=1800 audit(1778070327.902:68): pid=7875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.731" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 219.588693][ T7880] netlink: 16 bytes leftover after parsing attributes in process `syz.1.722'. [ 219.877433][ T7883] loop4: detected capacity change from 0 to 1024 [ 220.154639][ T60] Bluetooth: hci5: command tx timeout [ 221.602991][ T7910] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 221.680901][ T7910] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.797167][ T7910] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.954794][ T32] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 224.141716][ T32] usb 5-1: Using ep0 maxpacket: 16 [ 224.151818][ T32] usb 5-1: too many configurations: 112, using maximum allowed: 8 [ 224.159373][ T7947] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 224.159390][ T7947] IPv6: NLM_F_CREATE should be set when creating new route [ 224.159550][ T7947] IPv6: NLM_F_CREATE should be set when creating new route [ 224.178311][ T7947] IPv6: NLM_F_CREATE should be set when creating new route [ 224.198539][ T7947] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 224.210894][ T32] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 224.210927][ T32] usb 5-1: New USB device strings: Mfr=144, Product=246, SerialNumber=0 [ 224.210947][ T32] usb 5-1: Product: syz [ 224.210960][ T32] usb 5-1: Manufacturer: syz [ 224.228745][ T7948] vivid-000: disconnect [ 224.337699][ T32] r8152-cfgselector 5-1: Unknown version 0x0000 [ 224.337729][ T32] r8152-cfgselector 5-1: config 0 descriptor?? [ 224.732376][ T32] rndis_host 5-1:0.0: rndis: master #0/ffff88805e76c000 slave #1/0000000000000000 [ 224.738174][ T7943] vivid-000: reconnect [ 224.806206][ T32] r8152-cfgselector 5-1: USB disconnect, device number 8 [ 224.928467][ T7287] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 225.008102][ T7287] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 225.039506][ T7955] vxlan0: entered promiscuous mode [ 225.039522][ T7955] vxlan0: entered allmulticast mode [ 225.185820][ T7287] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 225.218349][ T7961] loop3: detected capacity change from 0 to 4096 [ 225.273591][ T7961] NILFS (loop3): invalid segment: Checksum error in segment payload [ 225.273620][ T7961] NILFS (loop3): trying rollback from an earlier position [ 225.408383][ T7287] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 225.427436][ T7961] NILFS (loop3): recovery complete [ 225.432192][ T13] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 225.451093][ T7963] syz.1.751 uses obsolete (PF_INET,SOCK_PACKET) [ 225.587762][ T7967] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 226.208137][ T13] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 226.208339][ T7287] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 226.467349][ T7287] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 226.574935][ T13] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 226.575039][ T7287] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 226.684384][ T7988] loop3: detected capacity change from 0 to 64 [ 226.937814][ T7287] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 227.207006][ T13] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 228.709315][ T38] audit: type=1800 audit(1778070337.032:69): pid=7988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.756" name="bus" dev="loop3" ino=23 res=0 errno=0 [ 228.798143][ T8014] loop1: detected capacity change from 0 to 131072 [ 228.832040][ T8014] F2FS-fs (loop1): invalid crc value [ 228.990026][ T8014] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 229.018137][ T8014] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 229.055252][ T3678] bridge_slave_1: left allmulticast mode [ 229.055286][ T3678] bridge_slave_1: left promiscuous mode [ 229.055549][ T3678] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.440404][ T3678] bridge_slave_0: left allmulticast mode [ 229.440442][ T3678] bridge_slave_0: left promiscuous mode [ 229.440746][ T3678] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.895361][ T5609] hfs: node 4:3 still has 2 user(s)! [ 230.194355][ T8049] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 231.254456][ T3678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 231.391047][ T3678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 231.432346][ T3678] bond0 (unregistering): Released all slaves [ 231.441254][ T5734] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 231.568168][ T8048] @0Ù: renamed from bond_slave_1 (while UP) [ 231.683027][ T5734] usb 2-1: Using ep0 maxpacket: 16 [ 231.703000][ T5734] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 231.703030][ T5734] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 231.703050][ T5734] usb 2-1: Product: syz [ 231.703064][ T5734] usb 2-1: Manufacturer: syz [ 231.703078][ T5734] usb 2-1: SerialNumber: syz [ 231.711411][ T5734] usb 2-1: config 0 descriptor?? [ 232.024852][ T8058] loop1: detected capacity change from 0 to 1024 [ 232.308906][ T8060] 8021q: adding VLAN 0 to HW filter on device bond1 [ 232.317892][ T8060] bond0: (slave bond1): Enslaving as an active interface with an up link [ 232.741947][ T5734] usb 2-1: USB disconnect, device number 7 [ 232.887670][ T8080] loop4: detected capacity change from 0 to 128 [ 233.139178][ T8080] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 233.185284][ T8080] ext4 filesystem being mounted at /198/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 233.518401][ T5610] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 233.586934][ T5983] udevd[5983]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 233.798221][ T3678] hsr_slave_0: left promiscuous mode [ 233.837907][ T3678] hsr_slave_1: left promiscuous mode [ 233.885532][ T3678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 234.016286][ T3678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 234.417560][ T8107] loop3: detected capacity change from 0 to 256 [ 235.711401][ T3678] team0 (unregistering): Port device team_slave_1 removed [ 235.887631][ T3678] team0 (unregistering): Port device team_slave_0 removed [ 236.411712][ T8129] loop3: detected capacity change from 0 to 512 [ 236.475178][ T8129] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.475319][ T8129] ext4 filesystem being mounted at /203/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 236.818464][ T8097] erspan0: entered promiscuous mode [ 236.901190][ T7752] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.901544][ T7752] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.901975][ T7752] bridge_slave_0: entered allmulticast mode [ 236.905078][ T7752] bridge_slave_0: entered promiscuous mode [ 236.926963][ T8127] loop4: detected capacity change from 0 to 32768 [ 237.001141][ T7752] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.001635][ T7752] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.001944][ T7752] bridge_slave_1: entered allmulticast mode [ 237.012828][ T7752] bridge_slave_1: entered promiscuous mode [ 237.308873][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.324626][ T7752] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 237.417004][ T7752] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 237.664678][ T8127] JBD2: Ignoring recovery information on journal [ 237.791748][ T8140] netlink: 8 bytes leftover after parsing attributes in process `syz.3.788'. [ 237.820148][ T7752] team0: Port device team_slave_0 added [ 237.882774][ T7752] team0: Port device team_slave_1 added [ 238.441157][ T5630] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 238.456474][ T8127] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 238.529700][ T5630] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 238.554319][ T5630] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 238.562290][ T7752] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.562305][ T7752] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 238.562328][ T7752] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.594701][ T5630] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 238.600576][ T5630] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 238.700799][ T7752] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.700816][ T7752] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 238.700842][ T7752] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.954439][ T7752] hsr_slave_0: entered promiscuous mode [ 240.051053][ T7752] hsr_slave_1: entered promiscuous mode [ 240.055210][ T8165] loop1: detected capacity change from 0 to 4096 [ 240.082643][ T7752] debugfs: 'hsr0' already exists in 'hsr' [ 240.082673][ T7752] Cannot create hsr debugfs directory [ 240.164842][ T8173] netlink: 40 bytes leftover after parsing attributes in process `syz.3.797'. [ 241.031278][ T5630] Bluetooth: hci3: command tx timeout [ 241.314850][ T5610] ocfs2: Unmounting device (7,4) on (node local) [ 242.290457][ T5616] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 242.364816][ T8199] program syz.1.804 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 242.426737][ T8201] program syz.1.806 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 242.440418][ T5616] usb 4-1: Using ep0 maxpacket: 8 [ 242.444357][ T5616] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 242.444388][ T5616] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.469563][ T5269] 8021q: adding VLAN 0 to HW filter on device eth5 [ 242.672734][ T5616] pvrusb2: Hardware description: Terratec Grabster AV400 [ 242.672757][ T5616] pvrusb2: ********** [ 242.672764][ T5616] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 242.672775][ T5616] pvrusb2: Important functionality might not be entirely working. [ 242.672783][ T5616] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 242.672794][ T5616] pvrusb2: ********** [ 243.114077][ T5630] Bluetooth: hci3: command tx timeout [ 243.147136][ T2364] pvrusb2: Invalid write control endpoint [ 243.297563][ T8211] loop4: detected capacity change from 0 to 64 [ 243.497648][ T5616] usb 4-1: USB disconnect, device number 4 [ 244.650149][ T2364] pvrusb2: Invalid write control endpoint [ 244.711677][ T2364] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 244.711691][ T2364] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 244.711697][ T2364] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 244.711704][ T2364] pvrusb2: Device being rendered inoperable [ 244.895994][ T2364] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 244.896076][ T2364] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 245.197269][ T5630] Bluetooth: hci3: command tx timeout [ 245.428227][ T2364] pvrusb2: Attached sub-driver cx25840 [ 245.428252][ T2364] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 245.428261][ T2364] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 246.672453][ T5269] 8021q: adding VLAN 0 to HW filter on device eth6 [ 247.281521][ T5630] Bluetooth: hci3: command tx timeout [ 247.333788][ T5616] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 247.562281][ T5616] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 247.562327][ T5616] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 247.562344][ T5616] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 247.562385][ T5616] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 247.562409][ T5616] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 247.564180][ T5616] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 247.564207][ T5616] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 247.564227][ T5616] usb 4-1: Product: syz [ 247.564248][ T5616] usb 4-1: Manufacturer: syz [ 247.579620][ T5616] cdc_wdm 4-1:1.0: skipping garbage [ 247.579643][ T5616] cdc_wdm 4-1:1.0: skipping garbage [ 248.007676][ T5616] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 248.007716][ T5616] cdc_wdm 4-1:1.0: Unknown control protocol [ 248.497859][ C0] cdc_wdm 4-1:1.0: nonzero urb status received: -EPIPE [ 248.993368][ T5734] usb 4-1: USB disconnect, device number 5 [ 249.445857][ T5747] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 249.628100][ T5747] usb 2-1: Using ep0 maxpacket: 16 [ 249.639372][ T5747] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 249.639431][ T5747] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 249.639459][ T5747] usb 2-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 25 [ 249.639487][ T5747] usb 2-1: config 0 interface 0 has no altsetting 0 [ 249.639523][ T5747] usb 2-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00 [ 249.639546][ T5747] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.648283][ T5747] usb 2-1: config 0 descriptor?? [ 250.060881][ T5616] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 250.113177][ T5747] zeroplus 0003:0C12:0030.0005: ignoring exceeding usage max [ 250.114427][ T5747] zeroplus 0003:0C12:0030.0005: reserved main item tag 0xd [ 250.114459][ T5747] hid_parser_main: 451 callbacks suppressed [ 250.114473][ T5747] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x5 [ 250.114555][ T5747] zeroplus 0003:0C12:0030.0005: reserved main item tag 0xd [ 250.114627][ T5747] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x5 [ 250.116461][ T5747] zeroplus 0003:0C12:0030.0005: global environment stack underflow [ 250.116474][ T5747] zeroplus 0003:0C12:0030.0005: item 0 2 1 11 parsing failed [ 250.117337][ T5747] zeroplus 0003:0C12:0030.0005: parse failed [ 250.117381][ T5747] zeroplus 0003:0C12:0030.0005: probe with driver zeroplus failed with error -22 [ 250.313060][ T5616] usb 4-1: Using ep0 maxpacket: 32 [ 250.328201][ T5616] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 250.328225][ T5616] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.389884][ T5616] usb 4-1: config 0 descriptor?? [ 250.423144][ T5747] usb 2-1: USB disconnect, device number 8 [ 250.626912][ T5616] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 250.782539][ T5616] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 250.785020][ T5616] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 250.785075][ T5616] usb 4-1: media controller created [ 251.225701][ T5616] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 251.561268][ T8322] loop4: detected capacity change from 0 to 256 [ 251.780057][ T8322] exfat: Deprecated parameter 'utf8' [ 251.780114][ T8322] exfat: Deprecated parameter 'namecase' [ 251.782886][ T8322] exfat: Deprecated parameter 'namecase' [ 251.783233][ T8322] exfat: Deprecated parameter 'utf8' [ 252.089655][ T8322] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d) [ 252.089975][ T8322] exFAT-fs (loop4): failed to test first cluster bit of root dir(5) [ 252.179053][ T5616] az6027: usb out operation failed. (-71) [ 252.191191][ T8333] loop3: detected capacity change from 0 to 1024 [ 252.197398][ T5616] az6027: usb out operation failed. (-71) [ 252.197413][ T5616] stb0899_attach: Driver disabled by Kconfig [ 252.197418][ T5616] az6027: no front-end attached [ 252.197418][ T5616] [ 252.201479][ T5616] az6027: usb out operation failed. (-71) [ 252.201499][ T5616] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 252.244681][ T8333] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 252.250520][ T8333] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 252.250969][ T8333] EXT4-fs (loop3): orphan cleanup on readonly fs [ 252.252750][ T8333] EXT4-fs error (device loop3): ext4_free_blocks:6718: comm syz.3.848: Freeing blocks not in datazone - block = 0, count = 4096 [ 252.252784][ T8333] loop3: lost filesystem error report for type 5 error -117 [ 252.268175][ C0] EXT4-fs (loop3): initial error at time 1778070360: ext4_free_blocks:6718 [ 252.268208][ C0] EXT4-fs (loop3): last error at time 1778070360: ext4_free_blocks:6718 [ 252.421784][ T5616] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input11 [ 252.423455][ T8333] EXT4-fs (loop3): Remounting filesystem read-only [ 252.428480][ T5616] dvb-usb: schedule remote query interval to 400 msecs. [ 252.428511][ T5616] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 252.471332][ T5616] usb 4-1: USB disconnect, device number 6 [ 252.565144][ T8333] EXT4-fs (loop3): 1 orphan inode deleted [ 252.665800][ T8322] exfat: Deprecated parameter 'utf8' [ 252.665826][ T8322] exfat: Deprecated parameter 'utf8' [ 252.665952][ T8322] exfat: Deprecated parameter 'utf8' [ 252.800632][ T8333] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 253.417441][ T8354] loop1: detected capacity change from 0 to 512 [ 253.471175][ T8354] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 253.471197][ T8354] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 253.722973][ T5616] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 253.881806][ T8354] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 254.036811][ T8354] EXT4-fs (loop1): 1 truncate cleaned up [ 254.153144][ T8354] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.191713][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.838730][ T5608] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.979237][ T8374] netlink: 4 bytes leftover after parsing attributes in process `syz.4.857'. [ 255.116907][ T8374] netlink: 80 bytes leftover after parsing attributes in process `syz.4.857'. [ 255.676418][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.676523][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.218788][ T8148] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.219071][ T8148] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.219374][ T8148] bridge_slave_0: entered allmulticast mode [ 256.223791][ T8148] bridge_slave_0: entered promiscuous mode [ 256.310836][ T8148] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.311207][ T8148] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.311524][ T8148] bridge_slave_1: entered allmulticast mode [ 256.314287][ T8148] bridge_slave_1: entered promiscuous mode [ 256.939256][ T8148] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.007313][ T8416] loop3: detected capacity change from 0 to 1024 [ 257.104102][ T8148] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.332366][ T3678] bridge_slave_1: left allmulticast mode [ 257.332391][ T3678] bridge_slave_1: left promiscuous mode [ 257.343110][ T3678] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.411294][ T3678] bridge_slave_0: left allmulticast mode [ 257.411333][ T3678] bridge_slave_0: left promiscuous mode [ 257.411530][ T3678] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.570485][ T5748] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 257.764660][ T5748] usb 4-1: Using ep0 maxpacket: 32 [ 257.769008][ T5748] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 257.769037][ T5748] usb 4-1: config 0 has no interface number 0 [ 257.839313][ T5748] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 257.839344][ T5748] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 257.839361][ T5748] usb 4-1: Product: syz [ 257.839375][ T5748] usb 4-1: Manufacturer: syz [ 257.839388][ T5748] usb 4-1: SerialNumber: syz [ 257.893107][ T5748] usb 4-1: config 0 descriptor?? [ 257.913031][ T5748] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 258.134973][ T3678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 258.136341][ T5748] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 258.201689][ T5748] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 258.335121][ T3678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 258.516571][ T3678] bond0 (unregistering): Released all slaves [ 258.521316][ C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 258.522039][ T5932] usb 4-1: USB disconnect, device number 7 [ 258.578700][ T5932] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 258.649971][ T5932] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 258.654483][ T5932] quatech2 4-1:0.51: device disconnected [ 258.981223][ T8148] team0: Port device team_slave_0 added [ 259.103949][ T8148] team0: Port device team_slave_1 added [ 259.187993][ T7752] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 259.285180][ T7752] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 259.661598][ T7752] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 259.794412][ T7752] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 259.796650][ T8148] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 259.796665][ T8148] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 259.796689][ T8148] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 259.800512][ T8448] netem: change failed [ 260.046529][ T8452] loop1: detected capacity change from 0 to 128 [ 260.047524][ T8452] vfat: Unknown parameter '‡0ÉÚSö­ÿÊ÷¾œÒxÊ>ÇߌÅß‘h$ûŽ+ÇfÎt/YÞÁ'Œÿeë‘üç ïè¶Û ÿ:7-¯¦÷ñŒ•‡†»ÐšFvN†aWÖµ‰×±y uk\’/í4‰}Œ‚dj3²üÙA•¯¥Z # ¬¹;Tx®úþžSEµ“@ŸšïÉ&iö1#†nùóuǦ2cíÍþÂQ' [ 260.214555][ T3678] hsr_slave_0: left promiscuous mode [ 260.256327][ T3678] hsr_slave_1: left promiscuous mode [ 260.257125][ T3678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 260.292518][ T3678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 260.667474][ T8464] loop1: detected capacity change from 0 to 256 [ 261.022307][ T3678] team0 (unregistering): Port device team_slave_1 removed [ 261.121959][ T3678] team0 (unregistering): Port device team_slave_0 removed [ 261.463423][ T5630] Bluetooth: hci2: unexpected event for opcode 0x204e [ 261.571376][ T7752] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 261.634828][ T7752] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 261.653120][ T8148] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 261.653136][ T8148] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 261.653163][ T8148] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 261.758582][ T7752] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 261.795492][ T7752] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 261.834398][ T8482] loop3: detected capacity change from 0 to 512 [ 262.145398][ T8482] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.257308][ T8148] hsr_slave_0: entered promiscuous mode [ 262.259762][ T8148] hsr_slave_1: entered promiscuous mode [ 262.286147][ T8148] debugfs: 'hsr0' already exists in 'hsr' [ 262.286175][ T8148] Cannot create hsr debugfs directory [ 262.343058][ T8482] EXT4-fs warning (device loop3): ext4_group_add:1735: No reserved GDT blocks, can't resize [ 262.541409][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.104114][ T8508] trusted_key: encrypted_key: keyword 'epdate' not recognized [ 263.455484][ T8517] loop4: detected capacity change from 0 to 64 [ 263.716574][ T8522] loop1: detected capacity change from 0 to 512 [ 263.860863][ T8522] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 263.861018][ T8522] ext4 filesystem being mounted at /245/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 263.971825][ T8527] netlink: 4 bytes leftover after parsing attributes in process `syz.3.904'. [ 263.971893][ T8527] netlink: 4 bytes leftover after parsing attributes in process `syz.3.904'. [ 264.732575][ T5269] 8021q: adding VLAN 0 to HW filter on device eth5 [ 265.132901][ T5608] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.751168][ T7752] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.950251][ T5748] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 266.123171][ T5748] usb 4-1: Using ep0 maxpacket: 32 [ 266.125562][ T5748] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 266.125598][ T5748] usb 4-1: config 0 interface 0 altsetting 129 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 266.125625][ T5748] usb 4-1: config 0 interface 0 has no altsetting 0 [ 266.125658][ T5748] usb 4-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00 [ 266.125681][ T5748] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.127871][ T7752] 8021q: adding VLAN 0 to HW filter on device team0 [ 266.307751][ T5748] usb 4-1: config 0 descriptor?? [ 266.834394][ T5748] uclogic 0003:5543:0042.0006: unknown main item tag 0x0 [ 266.834452][ T5748] uclogic 0003:5543:0042.0006: unknown main item tag 0x0 [ 266.834485][ T5748] uclogic 0003:5543:0042.0006: unknown main item tag 0x0 [ 266.834511][ T5748] uclogic 0003:5543:0042.0006: unknown main item tag 0x0 [ 266.834539][ T5748] uclogic 0003:5543:0042.0006: unknown main item tag 0x0 [ 266.834563][ T5748] uclogic 0003:5543:0042.0006: unknown main item tag 0x0 [ 266.834587][ T5748] uclogic 0003:5543:0042.0006: unknown main item tag 0x0 [ 266.834610][ T5748] uclogic 0003:5543:0042.0006: unknown main item tag 0x0 [ 266.834634][ T5748] uclogic 0003:5543:0042.0006: collection stack underflow [ 266.834656][ T5748] uclogic 0003:5543:0042.0006: item 0 0 0 12 parsing failed [ 266.835533][ T5748] uclogic 0003:5543:0042.0006: parse failed [ 266.835638][ T5748] uclogic 0003:5543:0042.0006: probe with driver uclogic failed with error -22 [ 267.022398][ T5748] usb 4-1: USB disconnect, device number 8 [ 267.068748][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.068990][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 267.165218][ T1787] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.165335][ T1787] bridge0: port 2(bridge_slave_1) entered forwarding state [ 267.397933][ T8564] loop1: detected capacity change from 0 to 1024 [ 267.439088][ T8564] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 267.439124][ T8564] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (12687!=20869) [ 267.456865][ T8564] EXT4-fs (loop1): invalid journal inode [ 267.457017][ T8564] EXT4-fs (loop1): can't get journal size [ 267.475832][ T8564] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #2: comm syz.1.917: blocks 3-3 from inode overlap system zone [ 267.475871][ T8564] loop1: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 267.476534][ T8564] EXT4-fs (loop1): failed to initialize system zone (-117) [ 267.481913][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 267.481936][ C1] EXT4-fs (loop1): initial error at time 1778070375: ext4_protect_reserved_inode:182: inode 2 [ 267.481959][ C1] EXT4-fs (loop1): last error at time 1778070375: ext4_protect_reserved_inode:182: inode 2 [ 267.591783][ T8564] EXT4-fs (loop1): mount failed [ 267.626783][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.918'. [ 269.291605][ T8600] loop1: detected capacity change from 0 to 256 [ 269.818979][ T8600] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xb963610a, utbl_chksum : 0xe619d30d) [ 269.968720][ T8612] netlink: 8 bytes leftover after parsing attributes in process `syz.4.926'. [ 269.968746][ T8612] netlink: 4 bytes leftover after parsing attributes in process `syz.4.926'. [ 270.052069][ T80] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.063586][ T80] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.067877][ T80] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.105699][ T80] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.998744][ T8625] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 271.949490][ T8650] loop1: detected capacity change from 0 to 512 [ 272.005227][ T8650] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 272.130797][ T8650] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=42c028, mo2=0002] [ 272.131009][ T8650] EXT4-fs (loop1): orphan cleanup on readonly fs [ 272.301830][ T60] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 272.379907][ T60] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 272.389048][ T60] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 272.397065][ T60] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 272.449345][ T60] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 272.916966][ T8650] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4222: comm syz.1.932: Allocating blocks 41-42 which overlap fs metadata [ 272.917005][ T8650] loop1: lost filesystem error report for type 5 error -117 [ 272.930291][ C0] EXT4-fs (loop1): initial error at time 1778070381: ext4_mb_mark_diskspace_used:4222 [ 272.930321][ C0] EXT4-fs (loop1): last error at time 1778070381: ext4_mb_mark_diskspace_used:4222 [ 273.200480][ T8650] EXT4-fs (loop1): Remounting filesystem read-only [ 273.200830][ T8650] Quota error (device loop1): write_blk: dquota write failed [ 273.200923][ T8650] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 273.201604][ T8650] EXT4-fs (loop1): 1 truncate cleaned up [ 273.300508][ T8650] EXT4-fs (loop1): pa ffff888041083250: logic 1, phys. 41, len 23 [ 273.308294][ T8650] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 273.601187][ T5608] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.073977][ T8673] loop1: detected capacity change from 0 to 2048 [ 274.491803][ T8673] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 274.966570][ T5630] Bluetooth: hci4: command tx timeout [ 275.441383][ T8696] netlink: 'syz.1.946': attribute type 6 has an invalid length. [ 275.636895][ T8148] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 275.813855][ T8148] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 275.822062][ T8696] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 275.825172][ T8696] bridge0: port 1(bridge_slave_0) entered disabled state [ 276.054058][ T8148] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 276.091656][ T8705] loop4: detected capacity change from 0 to 736 [ 276.279026][ T8148] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 276.304840][ T8707] block nbd1: NBD_DISCONNECT [ 276.375118][ T8148] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 276.564651][ T8707] XFS (nbd1): SB validate failed with error -5. [ 276.688440][ T8148] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 277.068012][ T5630] Bluetooth: hci4: command tx timeout [ 277.332840][ T8724] loop1: detected capacity change from 0 to 512 [ 277.479204][ T8724] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.958: iget: bad i_size value: 38620345925642 [ 277.479230][ T8724] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 277.481077][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 277.481093][ C0] EXT4-fs (loop1): initial error at time 1778070385: ext4_orphan_get:1397: inode 15 [ 277.481112][ C0] EXT4-fs (loop1): last error at time 1778070385: ext4_orphan_get:1397: inode 15 [ 277.481280][ T8724] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.958: couldn't read orphan inode 15 (err -117) [ 277.481308][ T8724] loop1: lost filesystem error report for type 5 error -117 [ 277.505921][ T8724] EXT4-fs (loop1): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.596179][ T38] audit: type=1800 audit(1778070385.922:70): pid=8724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.958" name="file1" dev="loop1" ino=18 res=0 errno=0 [ 277.784563][ T5608] EXT4-fs (loop1): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 278.136561][ T8148] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 278.224902][ T8148] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 278.436851][ T8746] netlink: 20 bytes leftover after parsing attributes in process `syz.3.966'. [ 278.860292][ T5616] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 278.964081][ T8758] loop4: detected capacity change from 0 to 1024 [ 279.074835][ T5616] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 279.074869][ T5616] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 279.074907][ T5616] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 279.074930][ T5616] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.110517][ T5630] Bluetooth: hci4: command tx timeout [ 279.136583][ T5616] usb 4-1: config 0 descriptor?? [ 279.333632][ T5748] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 279.599264][ T5748] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 279.599296][ T5748] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.599317][ T5748] usb 2-1: Product: syz [ 279.599330][ T5748] usb 2-1: Manufacturer: syz [ 279.599345][ T5748] usb 2-1: SerialNumber: syz [ 279.749452][ T5616] keytouch 0003:0926:3333.0007: fixing up Keytouch IEC report descriptor [ 280.166254][ T5616] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0007/input/input12 [ 280.204302][ T5748] rtl8150 2-1:1.0: couldn't reset the device [ 280.204971][ T5748] rtl8150 2-1:1.0: probe with driver rtl8150 failed with error -5 [ 280.342405][ T5748] usb 2-1: USB disconnect, device number 9 [ 281.190407][ T5630] Bluetooth: hci4: command tx timeout [ 281.286567][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 281.528943][ T8782] netlink: 8 bytes leftover after parsing attributes in process `syz.3.978'. [ 281.979117][ T5616] keytouch 0003:0926:3333.0007: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 282.124289][ T5616] usb 4-1: USB disconnect, device number 9 [ 282.412746][ T8792] fido_id[8792]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 282.965160][ T8789] loop3: detected capacity change from 0 to 32768 [ 283.616400][ T38] audit: type=1800 audit(1778070391.922:71): pid=8789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.982" name="file1" dev="loop3" ino=7 res=0 errno=0 [ 284.208424][ T8809] loop4: detected capacity change from 0 to 164 [ 284.285300][ T8809] ISOFS: unable to read i-node block [ 284.305098][ T8809] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 284.795287][ T8814] netlink: 12 bytes leftover after parsing attributes in process `syz.4.992'. [ 285.123943][ T5734] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 285.210508][ T8819] dvmrp1: tun_chr_ioctl cmd 1074025681 [ 285.285980][ T5734] usb 5-1: Using ep0 maxpacket: 32 [ 285.289025][ T5734] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 285.289043][ T5734] usb 5-1: config 0 has no interface number 0 [ 285.291826][ T5734] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 285.291857][ T5734] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.291876][ T5734] usb 5-1: Product: syz [ 285.291890][ T5734] usb 5-1: Manufacturer: syz [ 285.291903][ T5734] usb 5-1: SerialNumber: syz [ 285.316801][ T5734] usb 5-1: config 0 descriptor?? [ 285.328044][ T5734] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 285.759228][ T5734] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 285.791127][ T5734] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 285.948176][ T8826] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 285.950242][ C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 285.966347][ T5734] usb 5-1: USB disconnect, device number 9 [ 286.028670][ T8654] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.038938][ T8654] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.039222][ T8654] bridge_slave_0: entered allmulticast mode [ 286.104398][ T8654] bridge_slave_0: entered promiscuous mode [ 286.129270][ T8654] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.129543][ T8654] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.129821][ T8654] bridge_slave_1: entered allmulticast mode [ 286.243272][ T8654] bridge_slave_1: entered promiscuous mode [ 286.269766][ T5734] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 286.393544][ T5734] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 286.396436][ T5734] quatech2 5-1:0.51: device disconnected [ 286.428433][ T80] bridge_slave_1: left allmulticast mode [ 286.428465][ T80] bridge_slave_1: left promiscuous mode [ 286.428729][ T80] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.610844][ T80] bridge_slave_0: left allmulticast mode [ 286.610881][ T80] bridge_slave_0: left promiscuous mode [ 286.611137][ T80] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.755185][ T8839] loop4: detected capacity change from 0 to 2048 [ 286.883814][ T8839] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.037106][ T5630] Bluetooth: hci2: adv larger than maximum supported [ 287.037129][ T5630] Bluetooth: hci2: Malformed LE Event: 0x0d [ 287.330328][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.979267][ T8849] loop4: detected capacity change from 0 to 32768 [ 287.997601][ T8849] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1002 (8849) [ 288.193906][ T8849] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 288.193945][ T8849] BTRFS info (device loop4): using crc32c checksum algorithm [ 288.431394][ T8849] BTRFS info (device loop4): enabling ssd optimizations [ 288.431424][ T8849] BTRFS info (device loop4): turning on flush-on-commit [ 288.431441][ T8849] BTRFS info (device loop4): enabling free space tree [ 288.431456][ T8849] BTRFS info (device loop4): enabling auto defrag [ 288.431488][ T8849] BTRFS info (device loop4): use lzo compression, level 1 [ 288.431508][ T8849] BTRFS info (device loop4): max_inline set to 4096 [ 288.494578][ T80] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 288.603108][ T80] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 288.653972][ T80] bond0 (unregistering): Released all slaves [ 288.931277][ T8148] 8021q: adding VLAN 0 to HW filter on device bond0 [ 289.096553][ T8654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 289.166657][ T8654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 289.793303][ T80] hsr_slave_0: left promiscuous mode [ 289.811032][ T5610] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 289.837195][ T80] hsr_slave_1: left promiscuous mode [ 289.842561][ T80] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 289.873483][ T80] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 290.760457][ T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 290.990617][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 291.004701][ T10] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 291.004728][ T10] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 291.004747][ T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 291.004776][ T10] usb 5-1: config 1 has no interface number 0 [ 291.004818][ T10] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 291.004843][ T10] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 291.004881][ T10] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 291.004902][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.071395][ T10] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 291.211476][ T80] team0 (unregistering): Port device team_slave_1 removed [ 291.308728][ T10] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached [ 291.323969][ T80] team0 (unregistering): Port device team_slave_0 removed [ 291.714842][ T8654] team0: Port device team_slave_0 added [ 291.894861][ T5734] usb 5-1: USB disconnect, device number 10 [ 291.899544][ T5734] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 291.959138][ T8654] team0: Port device team_slave_1 added [ 292.033755][ T8893] program syz.1.1014 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 292.382874][ T8148] 8021q: adding VLAN 0 to HW filter on device team0 [ 292.393324][ T8654] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.393368][ T8654] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 292.393393][ T8654] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.507795][ T8654] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.507813][ T8654] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 292.507839][ T8654] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 292.529462][ T8903] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1019'. [ 292.529493][ T8903] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1019'. [ 292.627961][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 292.628169][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 293.039405][ T7325] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.039548][ T7325] bridge0: port 2(bridge_slave_1) entered forwarding state [ 293.082657][ T8654] hsr_slave_0: entered promiscuous mode [ 293.086233][ T8654] hsr_slave_1: entered promiscuous mode [ 293.087996][ T8654] debugfs: 'hsr0' already exists in 'hsr' [ 293.088020][ T8654] Cannot create hsr debugfs directory [ 293.591275][ T8925] : renamed from bond_slave_0 (while UP) [ 294.182618][ T8938] loop3: detected capacity change from 0 to 4096 [ 294.187064][ T8938] EXT4-fs: inline encryption not supported [ 294.881688][ T8938] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 294.917444][ T8938] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=8856c019, mo2=0003] [ 295.140896][ T8938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.349662][ T8953] netlink: 'syz.4.1032': attribute type 12 has an invalid length. [ 295.349687][ T8953] netlink: 'syz.4.1032': attribute type 29 has an invalid length. [ 295.349714][ T8953] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1032'. [ 295.349753][ T8953] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1032'. [ 295.352290][ T5269] 8021q: adding VLAN 0 to HW filter on device eth5 [ 295.705135][ T38] audit: type=1800 audit(1778070404.032:72): pid=8938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1029" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 296.274398][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.857717][ T8983] loop6: detected capacity change from 0 to 524288000 [ 297.216617][ T8990] loop3: detected capacity change from 0 to 4096 [ 297.247437][ T8990] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 297.355790][ T8977] netlink: 508 bytes leftover after parsing attributes in process `syz.4.1040'. [ 297.506351][ T8990] ntfs3(loop3): ino=19, mi_enum_attr [ 297.506388][ T8990] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 297.885412][ T8986] Invalid logical block size (255) [ 297.978137][ T5269] 8021q: adding VLAN 0 to HW filter on device eth6 [ 298.615855][ T9007] loop4: detected capacity change from 0 to 1024 [ 299.118621][ T5616] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 299.687926][ T60] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 299.792537][ T60] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 299.832059][ T60] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 299.857099][ T60] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 299.873732][ T60] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 300.149101][ T5616] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz0 [ 300.468471][ T9019] fido_id[9019]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 301.527335][ T9041] loop3: detected capacity change from 0 to 64 [ 301.736438][ T9039] 8021q: adding VLAN 0 to HW filter on device bond2 [ 302.126679][ T5630] Bluetooth: hci5: command tx timeout [ 302.341341][ T9056] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1055'. [ 302.432163][ T9056] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1055'. [ 304.171411][ T5630] Bluetooth: hci5: command tx timeout [ 304.860684][ T5932] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 304.879752][ T9098] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1069'. [ 305.042446][ T5932] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 305.042486][ T5932] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 305.044503][ T5932] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 305.044531][ T5932] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.044548][ T5932] usb 2-1: Product: syz [ 305.044560][ T5932] usb 2-1: Manufacturer: syz [ 305.044574][ T5932] usb 2-1: SerialNumber: syz [ 305.380924][ T9096] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 305.384932][ T9096] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 305.423250][ T5932] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 305.510129][ T5932] usb 2-1: USB disconnect, device number 10 [ 306.110640][ T32] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 306.247415][ T5630] Bluetooth: hci5: command tx timeout [ 306.260258][ T32] usb 2-1: Using ep0 maxpacket: 8 [ 306.264090][ T32] usb 2-1: config index 0 descriptor too short (expected 301, got 72) [ 306.264118][ T32] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 306.264165][ T32] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 306.264187][ T32] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 306.264211][ T32] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 306.264234][ T32] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 306.264276][ T32] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 306.264299][ T32] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.315393][ T9109] loop4: detected capacity change from 0 to 40427 [ 306.594089][ T32] usb 2-1: usb_control_msg returned -71 [ 306.594141][ T32] usbtmc 2-1:16.0: can't read capabilities [ 306.801495][ T9109] F2FS-fs (loop4): invalid crc value [ 307.079032][ T32] usb 2-1: USB disconnect, device number 11 [ 307.494982][ T9109] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 307.558746][ T9109] F2FS-fs (loop4): Start checkpoint disabled! [ 307.883327][ T9109] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0 [ 307.885989][ T9109] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 308.049038][ T9147] pim6reg1: tun_chr_ioctl cmd 1074025678 [ 308.049061][ T9147] pim6reg1: group set to 0 [ 308.202306][ T13] kworker/u8:1: attempt to access beyond end of device [ 308.202306][ T13] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 308.205499][ T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 308.205527][ T13] Tainted: [L]=SOFTLOCKUP [ 308.205531][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 308.205542][ T13] Workqueue: writeback wb_workfn (flush-7:4) [ 308.205573][ T13] Call Trace: [ 308.205578][ T13] [ 308.205584][ T13] dump_stack_lvl+0xe8/0x150 [ 308.205602][ T13] f2fs_stop_checkpoint+0x383/0x540 [ 308.205617][ T13] f2fs_write_end_io+0x1274/0x1740 [ 308.205644][ T13] __submit_merged_bio+0x256/0x6a0 [ 308.205659][ T13] __submit_merged_write_cond+0x3c9/0x4e0 [ 308.205675][ T13] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 308.205698][ T13] f2fs_write_data_pages+0x287e/0x34f0 [ 308.205729][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 308.205749][ T13] ? __pfx_f2fs_available_free_memory+0x10/0x10 [ 308.205787][ T13] ? __lock_acquire+0x6b5/0x2d10 [ 308.205822][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 308.205836][ T13] do_writepages+0x32e/0x550 [ 308.205849][ T13] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 308.205864][ T13] ? reacquire_held_locks+0x104/0x190 [ 308.205875][ T13] ? rt_spin_lock+0x1e0/0x400 [ 308.205894][ T13] __writeback_single_inode+0x133/0x10e0 [ 308.205907][ T13] ? rt_spin_unlock+0x160/0x200 [ 308.205923][ T13] writeback_sb_inodes+0x97f/0x1980 [ 308.205943][ T13] ? lockdep_hardirqs_on+0x7a/0x110 [ 308.205959][ T13] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 308.205990][ T13] ? rcu_is_watching+0x15/0xb0 [ 308.206006][ T13] wb_writeback+0x445/0xb00 [ 308.206019][ T13] ? queue_io+0x2b1/0x440 [ 308.206033][ T13] ? __pfx_wb_writeback+0x10/0x10 [ 308.206051][ T13] wb_workfn+0x3fd/0xf20 [ 308.206064][ T13] ? look_up_lock_class+0x57/0x110 [ 308.206075][ T13] ? lapic_next_event+0x11/0x20 [ 308.206096][ T13] ? __pfx_wb_workfn+0x10/0x10 [ 308.206111][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 308.206126][ T13] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 308.206140][ T13] ? process_one_work+0x8b7/0x1710 [ 308.206153][ T13] ? process_one_work+0x8b7/0x1710 [ 308.206171][ T13] ? process_one_work+0x8b7/0x1710 [ 308.206181][ T13] process_one_work+0x9a3/0x1710 [ 308.206206][ T13] ? __pfx_process_one_work+0x10/0x10 [ 308.206216][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 308.206238][ T13] worker_thread+0xba8/0x11e0 [ 308.206264][ T13] kthread+0x388/0x470 [ 308.206280][ T13] ? __pfx_worker_thread+0x10/0x10 [ 308.206291][ T13] ? __pfx_kthread+0x10/0x10 [ 308.206306][ T13] ret_from_fork+0x514/0xb70 [ 308.206321][ T13] ? __pfx_ret_from_fork+0x10/0x10 [ 308.206334][ T13] ? __switch_to+0xc79/0x1410 [ 308.206356][ T13] ? __pfx_kthread+0x10/0x10 [ 308.206376][ T13] ret_from_fork_asm+0x1a/0x30 [ 308.206400][ T13] [ 308.206436][ T13] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 308.313550][ T5630] Bluetooth: hci5: command tx timeout [ 309.323019][ T9174] loop4: detected capacity change from 0 to 512 [ 309.331120][ T9174] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 310.044901][ T8654] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 310.231446][ T9174] EXT4-fs (loop4): 1 orphan inode deleted [ 310.231473][ T9174] EXT4-fs (loop4): 1 truncate cleaned up [ 310.315200][ T9174] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.475240][ T8654] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 310.528277][ T8654] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 310.835602][ T8654] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 310.916688][ T8654] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 311.024630][ T8654] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 311.038725][ T5610] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.125043][ T8654] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 311.205389][ T9202] Bluetooth: MGMT ver 1.23 [ 311.332824][ T8654] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 311.412601][ T9205] loop3: detected capacity change from 0 to 256 [ 311.453384][ T9205] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 312.885905][ T9237] input: syz0 as /devices/virtual/input/input14 [ 313.279385][ T9010] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.279769][ T9010] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.280094][ T9010] bridge_slave_0: entered allmulticast mode [ 313.352979][ T9010] bridge_slave_0: entered promiscuous mode [ 313.520545][ T41] bridge_slave_1: left allmulticast mode [ 313.520580][ T41] bridge_slave_1: left promiscuous mode [ 313.561899][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.626094][ T41] bridge_slave_0: left allmulticast mode [ 313.626129][ T41] bridge_slave_0: left promiscuous mode [ 313.626464][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.720694][ T5932] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 313.920407][ T5932] usb 5-1: Using ep0 maxpacket: 32 [ 313.944062][ T5932] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 313.944100][ T5932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.944120][ T5932] usb 5-1: Product: syz [ 313.944134][ T5932] usb 5-1: Manufacturer: syz [ 313.944148][ T5932] usb 5-1: SerialNumber: syz [ 313.994241][ T5932] usb 5-1: config 0 descriptor?? [ 314.034092][ T5932] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 314.657878][ T5932] gspca_ov534_9: reg_w failed -71 [ 314.961130][ T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 314.970303][ T5932] gspca_ov534_9: Unknown sensor 0000 [ 314.970408][ T5932] ov534_9 5-1:0.0: probe with driver ov534_9 failed with error -22 [ 315.022885][ T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 315.026084][ T5932] usb 5-1: USB disconnect, device number 11 [ 315.088553][ T41] bond0 (unregistering): Released all slaves [ 315.130954][ T9010] bridge0: port 2(bridge_slave_1) entered blocking state [ 315.131159][ T9010] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.131388][ T9010] bridge_slave_1: entered allmulticast mode [ 315.150594][ T9010] bridge_slave_1: entered promiscuous mode [ 315.792545][ T9010] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 315.807126][ T9010] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 315.983566][ T41] hsr_slave_0: left promiscuous mode [ 316.022881][ T41] hsr_slave_1: left promiscuous mode [ 316.024091][ T41] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 316.087795][ T5622] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 316.132332][ T41] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 316.272894][ T5622] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 316.272927][ T5622] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 316.272946][ T5622] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 316.272996][ T5622] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 316.273022][ T5622] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 316.276684][ T5622] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 316.276714][ T5622] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 316.276735][ T5622] usb 5-1: Product: syz [ 316.276749][ T5622] usb 5-1: Manufacturer: syz [ 316.375374][ T5622] cdc_wdm 5-1:1.0: skipping garbage [ 316.375396][ T5622] cdc_wdm 5-1:1.0: skipping garbage [ 316.379151][ T5622] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 316.379173][ T5622] cdc_wdm 5-1:1.0: Unknown control protocol [ 316.422477][ T9286] loop3: detected capacity change from 0 to 256 [ 317.019398][ T5616] usb 5-1: USB disconnect, device number 12 [ 317.141107][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.141211][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.531153][ T41] team0 (unregistering): Port device team_slave_1 removed [ 317.612954][ T41] team0 (unregistering): Port device team_slave_0 removed [ 318.140407][ T9296] loop3: detected capacity change from 0 to 32768 [ 318.156411][ T9296] (syz.3.1122,9296,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 318.162223][ T9296] (syz.3.1122,9296,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 318.248112][ T9296] JBD2: Ignoring recovery information on journal [ 318.281045][ T5622] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 318.393495][ T9296] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 318.470897][ T5622] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 318.470929][ T5622] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.470949][ T5622] usb 5-1: Product: syz [ 318.470962][ T5622] usb 5-1: Manufacturer: syz [ 318.470977][ T5622] usb 5-1: SerialNumber: syz [ 318.486532][ T5622] usb 5-1: config 0 descriptor?? [ 318.673512][ T5622] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 013 [ 318.895104][ T9010] team0: Port device team_slave_0 added [ 318.992553][ T5622] (null): failure reading functionality [ 319.016341][ T9010] team0: Port device team_slave_1 added [ 319.079787][ T5622] i2c i2c-1: connected i2c-tiny-usb device [ 319.168244][ T9010] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 319.168261][ T9010] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 319.168909][ T9010] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 319.238427][ T9010] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 319.238444][ T9010] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 319.238469][ T9010] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 319.328635][ T9] usb 5-1: USB disconnect, device number 13 [ 319.781064][ T9010] hsr_slave_0: entered promiscuous mode [ 319.785122][ T9010] hsr_slave_1: entered promiscuous mode [ 319.786901][ T9010] debugfs: 'hsr0' already exists in 'hsr' [ 319.786925][ T9010] Cannot create hsr debugfs directory [ 319.972282][ T5609] ocfs2: Unmounting device (7,3) on (node local) [ 320.555759][ T8654] 8021q: adding VLAN 0 to HW filter on device bond0 [ 320.829965][ T5269] 8021q: adding VLAN 0 to HW filter on device eth5 [ 322.037585][ T9319] loop4: detected capacity change from 0 to 262144 [ 322.151603][ T9319] F2FS-fs (loop4): invalid crc value [ 322.328235][ T8654] 8021q: adding VLAN 0 to HW filter on device team0 [ 322.565865][ T9319] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 322.597896][ T9319] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 322.661328][ T1179] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.661570][ T1179] bridge0: port 1(bridge_slave_0) entered forwarding state [ 324.634277][ T1179] bridge0: port 2(bridge_slave_1) entered blocking state [ 324.634442][ T1179] bridge0: port 2(bridge_slave_1) entered forwarding state [ 324.830926][ T5269] 8021q: adding VLAN 0 to HW filter on device eth6 [ 325.230535][ T5748] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 325.466694][ T5748] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 325.466722][ T5748] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 325.466752][ T5748] usb 2-1: config 1 has no interface number 0 [ 325.466796][ T5748] usb 2-1: config 1 interface 2 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 325.466823][ T5748] usb 2-1: Duplicate descriptor for config 1 interface 2 altsetting 0, skipping [ 325.466843][ T5748] usb 2-1: config 1 interface 2 has no altsetting 1 [ 325.530254][ T5748] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 325.530284][ T5748] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.530303][ T5748] usb 2-1: Product: syz [ 325.530318][ T5748] usb 2-1: Manufacturer: syz [ 325.530330][ T5748] usb 2-1: SerialNumber: syz [ 325.785395][ T5932] usb 2-1: USB disconnect, device number 12 [ 326.150261][ T5622] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 326.302779][ T5622] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 326.302810][ T5622] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.430933][ T5622] usb 4-1: config 0 descriptor?? [ 326.459571][ T5622] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 327.323509][ T5622] usb 4-1: USB disconnect, device number 10 [ 327.373587][ T9373] loop1: detected capacity change from 0 to 2048 [ 327.600944][ T9373] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 328.933328][ T8654] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 329.679928][ T9416] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 329.769233][ T9418] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 330.875632][ T9010] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 330.944539][ T9010] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 330.957649][ T9010] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 331.013828][ T9010] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 331.067738][ T9010] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 331.219891][ T9010] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 331.254037][ T9010] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 331.369845][ T9010] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 331.568988][ T9478] loop1: detected capacity change from 0 to 256 [ 331.612010][ T9478] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x23633d53, utbl_chksum : 0xe619d30d) [ 332.847345][ T60] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 332.896300][ T60] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 332.925242][ T60] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 332.928978][ T60] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 332.979208][ T60] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 334.313809][ T60] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 334.377426][ T60] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 334.384765][ T60] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 334.391308][ T60] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 334.396121][ T60] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 334.461343][ T9502] loop1: detected capacity change from 0 to 32768 [ 335.219554][ T60] Bluetooth: hci0: command tx timeout [ 335.464941][ T9502] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 335.493752][ T9010] 8021q: adding VLAN 0 to HW filter on device bond0 [ 335.864798][ T9540] loop3: detected capacity change from 0 to 512 [ 335.902889][ T9540] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 335.903213][ T9540] EXT4-fs (loop3): orphan cleanup on readonly fs [ 335.903281][ T9540] EXT4-fs error (device loop3): ext4_ext_check_inode:521: inode #4: comm syz.3.1179: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 2052(4), depth 0(0) [ 335.903305][ T9540] loop3: lost file I/O error report for ino 4 type 5 pos 0x0 len 0x0 error -117 [ 335.912080][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 335.913628][ C1] EXT4-fs (loop3): last error at time 1778070444: ext4_ext_check_inode:521: inode 4 [ 335.915730][ T9540] EXT4-fs error (device loop3): ext4_quota_enable:7228: comm syz.3.1179: Bad quota inode: 4, type: 1 [ 335.915761][ T9540] loop3: lost filesystem error report for type 5 error -117 [ 336.010518][ T9540] EXT4-fs warning (device loop3): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 336.104375][ T9540] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 336.108318][ T9540] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 336.184257][ T5608] ocfs2: Unmounting device (7,1) on (node local) [ 336.265380][ T5609] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.712778][ T60] Bluetooth: hci3: command tx timeout [ 336.776314][ T9010] 8021q: adding VLAN 0 to HW filter on device team0 [ 336.803455][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.803691][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 337.207839][ T1787] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.208014][ T1787] bridge0: port 2(bridge_slave_1) entered forwarding state [ 337.270317][ T60] Bluetooth: hci0: command tx timeout [ 338.304989][ T60] block nbd0: Receive control failed (result -32) [ 338.315956][ T5630] block nbd0: Receive control failed (result -32) [ 338.370407][ T9555] nbd0: detected capacity change from 0 to 128 [ 338.383405][ T5980] [ 338.383417][ T5980] ====================================================== [ 338.383424][ T5980] WARNING: possible circular locking dependency detected [ 338.383439][ T5980] syzkaller #0 Tainted: G L [ 338.383449][ T5980] ------------------------------------------------------ [ 338.383456][ T5980] udevd/5980 is trying to acquire lock: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 338.383465][ T5980] ffff88805c53f060 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x37b/0x1100 [ 338.383516][ T5980] [ 338.383516][ T5980] but task is already holding lock: [ 338.383522][ T5980] ffff8880351f7170 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc6/0x1100 [ 338.383558][ T5980] [ 338.383558][ T5980] which lock already depends on the new lock. [ 338.383558][ T5980] [ 338.383564][ T5980] [ 338.383564][ T5980] the existing dependency chain (in reverse order) is: [ 338.383571][ T5980] [ 338.383571][ T5980] -> #6 (&cmd->lock){+.+.}-{4:4}: [ 338.383594][ T5980] mutex_lock_nested+0x5a/0x1d0 [ 338.383618][ T5980] nbd_queue_rq+0xc6/0x1100 [ 338.383635][ T5980] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 338.383660][ T5980] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 338.383677][ T5980] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 338.383692][ T5980] blk_mq_run_hw_queue+0x368/0x520 [ 338.383714][ T5980] blk_mq_dispatch_list+0xd1f/0xe20 [ 338.383727][ T5980] blk_mq_flush_plug_list+0x48d/0x570 [ 338.383750][ T5980] __blk_flush_plug+0x3ed/0x4d0 [ 338.383774][ T5980] __submit_bio+0x28d/0x580 [ 338.383797][ T5980] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 338.383820][ T5980] block_read_full_folio+0x7b7/0x830 [ 338.383844][ T5980] filemap_read_folio+0x137/0x3b0 [ 338.383867][ T5980] do_read_cache_folio+0x2bf/0x560 [ 338.383889][ T5980] read_part_sector+0xb8/0x2b0 [ 338.383912][ T5980] adfspart_check_ICS+0xb1/0x960 [ 338.383925][ T5980] bdev_disk_changed+0x817/0x1770 [ 338.383947][ T5980] blkdev_get_whole+0x2e5/0x480 [ 338.383960][ T5980] bdev_open+0x31e/0xcc0 [ 338.383973][ T5980] blkdev_open+0x485/0x620 [ 338.383988][ T5980] do_dentry_open+0x83d/0x13e0 [ 338.384003][ T5980] vfs_open+0x3b/0x350 [ 338.384017][ T5980] path_openat+0x2e43/0x38a0 [ 338.384037][ T5980] do_file_open+0x23e/0x4a0 [ 338.384055][ T5980] do_sys_openat2+0x113/0x200 [ 338.384069][ T5980] __x64_sys_openat+0x138/0x170 [ 338.384085][ T5980] do_syscall_64+0x15f/0xf80 [ 338.384101][ T5980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.384118][ T5980] [ 338.384118][ T5980] -> #5 (set->srcu){.+.+}-{0:0}: [ 338.384140][ T5980] __synchronize_srcu+0xca/0x300 [ 338.384162][ T5980] elevator_switch+0x1e8/0x7a0 [ 338.384182][ T5980] elevator_change+0x2cc/0x450 [ 338.384204][ T5980] elevator_set_default+0x36c/0x430 [ 338.384226][ T5980] blk_register_queue+0x3e9/0x4e0 [ 338.384240][ T5980] __add_disk+0x677/0xd50 [ 338.384257][ T5980] add_disk_fwnode+0xfb/0x480 [ 338.384273][ T5980] nbd_dev_add+0x72c/0xb50 [ 338.384289][ T5980] nbd_init+0x168/0x1f0 [ 338.384312][ T5980] do_one_initcall+0x250/0x870 [ 338.384333][ T5980] do_initcall_level+0x104/0x190 [ 338.384354][ T5980] do_initcalls+0x59/0xa0 [ 338.384373][ T5980] kernel_init_freeable+0x2a6/0x3e0 [ 338.384394][ T5980] kernel_init+0x1d/0x1d0 [ 338.384414][ T5980] ret_from_fork+0x514/0xb70 [ 338.384433][ T5980] ret_from_fork_asm+0x1a/0x30 [ 338.384453][ T5980] [ 338.384453][ T5980] -> #4 (&q->elevator_lock){+.+.}-{4:4}: [ 338.384476][ T5980] mutex_lock_nested+0x5a/0x1d0 [ 338.384495][ T5980] elevator_change+0x1b3/0x450 [ 338.384515][ T5980] elevator_set_none+0xb5/0x140 [ 338.384536][ T5980] blk_mq_update_nr_hw_queues+0x607/0x1a80 [ 338.384554][ T5980] nbd_start_device+0x17f/0xb20 [ 338.384571][ T5980] nbd_genl_connect+0x1651/0x1c80 [ 338.384588][ T5980] genl_family_rcv_msg_doit+0x22a/0x330 [ 338.384608][ T5980] genl_rcv_msg+0x61c/0x7a0 [ 338.384624][ T5980] netlink_rcv_skb+0x232/0x4b0 [ 338.384646][ T5980] genl_rcv+0x28/0x40 [ 338.384662][ T5980] netlink_unicast+0x780/0x920 [ 338.384682][ T5980] netlink_sendmsg+0x813/0xb40 [ 338.384695][ T5980] sock_sendmsg_nosec+0x112/0x150 [ 338.384714][ T5980] ____sys_sendmsg+0x55c/0x870 [ 338.384728][ T5980] ___sys_sendmsg+0x2a5/0x360 [ 338.384746][ T5980] __x64_sys_sendmsg+0x1c3/0x2a0 [ 338.384760][ T5980] do_syscall_64+0x15f/0xf80 [ 338.384776][ T5980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.384798][ T5980] [ 338.384798][ T5980] -> #3 (&q->q_usage_counter(io)#49){++++}-{0:0}: [ 338.384825][ T5980] blk_alloc_queue+0x54e/0x690 [ 338.384846][ T5980] __blk_mq_alloc_disk+0x197/0x390 [ 338.384861][ T5980] nbd_dev_add+0x499/0xb50 [ 338.384878][ T5980] nbd_init+0x168/0x1f0 [ 338.384898][ T5980] do_one_initcall+0x250/0x870 [ 338.384917][ T5980] do_initcall_level+0x104/0x190 [ 338.384938][ T5980] do_initcalls+0x59/0xa0 [ 338.384957][ T5980] kernel_init_freeable+0x2a6/0x3e0 [ 338.384979][ T5980] kernel_init+0x1d/0x1d0 [ 338.384998][ T5980] ret_from_fork+0x514/0xb70 [ 338.385015][ T5980] ret_from_fork_asm+0x1a/0x30 [ 338.385035][ T5980] [ 338.385035][ T5980] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 338.385059][ T5980] fs_reclaim_acquire+0x71/0x100 [ 338.385079][ T5980] kmem_cache_alloc_node_noprof+0x4b/0x6e0 [ 338.385098][ T5980] __alloc_skb+0x1d0/0x7d0 [ 338.385120][ T5980] tcp_stream_alloc_skb+0x3f/0x5c0 [ 338.385139][ T5980] tcp_sendmsg_locked+0x134b/0x5370 [ 338.385158][ T5980] tcp_sendmsg+0x2f/0x50 [ 338.385176][ T5980] sock_sendmsg_nosec+0xf9/0x150 [ 338.385193][ T5980] sock_write_iter+0x308/0x410 [ 338.385210][ T5980] vfs_write+0x629/0xba0 [ 338.385230][ T5980] ksys_write+0x156/0x270 [ 338.385248][ T5980] do_syscall_64+0x15f/0xf80 [ 338.385263][ T5980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.385279][ T5980] [ 338.385279][ T5980] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 338.385301][ T5980] lock_sock_nested+0x41/0x130 [ 338.385320][ T5980] tcp_sendmsg+0x21/0x50 [ 338.385338][ T5980] sock_sendmsg_nosec+0xf9/0x150 [ 338.385355][ T5980] sock_sendmsg+0x1ca/0x2d0 [ 338.385373][ T5980] __sock_xmit+0x251/0x510 [ 338.385391][ T5980] nbd_disconnect+0x3b9/0x560 [ 338.385412][ T5980] nbd_ioctl+0xc80/0xe40 [ 338.385429][ T5980] blkdev_ioctl+0x5e6/0x750 [ 338.385445][ T5980] __se_sys_ioctl+0xff/0x170 [ 338.385464][ T5980] do_syscall_64+0x15f/0xf80 [ 338.385479][ T5980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.385495][ T5980] [ 338.385495][ T5980] -> #0 (&nsock->tx_lock){+.+.}-{4:4}: [ 338.385517][ T5980] __lock_acquire+0x15a5/0x2d10 [ 338.385538][ T5980] lock_acquire+0x106/0x350 [ 338.385559][ T5980] mutex_lock_nested+0x5a/0x1d0 [ 338.385578][ T5980] nbd_queue_rq+0x37b/0x1100 [ 338.385596][ T5980] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 338.385619][ T5980] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 338.385634][ T5980] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 338.385650][ T5980] blk_mq_run_hw_queue+0x368/0x520 [ 338.385670][ T5980] blk_mq_dispatch_list+0xd1f/0xe20 [ 338.385683][ T5980] blk_mq_flush_plug_list+0x48d/0x570 [ 338.385707][ T5980] __blk_flush_plug+0x3ed/0x4d0 [ 338.385729][ T5980] __submit_bio+0x28d/0x580 [ 338.385743][ T5980] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 338.385765][ T5980] block_read_full_folio+0x7b7/0x830 [ 338.385794][ T5980] filemap_read_folio+0x137/0x3b0 [ 338.385815][ T5980] do_read_cache_folio+0x2bf/0x560 [ 338.385837][ T5980] read_part_sector+0xb8/0x2b0 [ 338.385859][ T5980] adfspart_check_ICS+0xb1/0x960 [ 338.385872][ T5980] bdev_disk_changed+0x817/0x1770 [ 338.385893][ T5980] blkdev_get_whole+0x2e5/0x480 [ 338.385907][ T5980] bdev_open+0x31e/0xcc0 [ 338.385919][ T5980] blkdev_open+0x485/0x620 [ 338.385934][ T5980] do_dentry_open+0x83d/0x13e0 [ 338.385949][ T5980] vfs_open+0x3b/0x350 [ 338.385963][ T5980] path_openat+0x2e43/0x38a0 [ 338.385981][ T5980] do_file_open+0x23e/0x4a0 [ 338.385999][ T5980] do_sys_openat2+0x113/0x200 [ 338.386014][ T5980] __x64_sys_openat+0x138/0x170 [ 338.386030][ T5980] do_syscall_64+0x15f/0xf80 [ 338.386045][ T5980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.386061][ T5980] [ 338.386061][ T5980] other info that might help us debug this: [ 338.386061][ T5980] [ 338.386067][ T5980] Chain exists of: [ 338.386067][ T5980] &nsock->tx_lock --> set->srcu --> &cmd->lock [ 338.386067][ T5980] [ 338.386093][ T5980] Possible unsafe locking scenario: [ 338.386093][ T5980] [ 338.386098][ T5980] CPU0 CPU1 [ 338.386103][ T5980] ---- ---- [ 338.386109][ T5980] lock(&cmd->lock); [ 338.386120][ T5980] lock(set->srcu); [ 338.386132][ T5980] lock(&cmd->lock); [ 338.386145][ T5980] lock(&nsock->tx_lock); [ 338.386155][ T5980] [ 338.386155][ T5980] *** DEADLOCK *** [ 338.386155][ T5980] [ 338.386160][ T5980] 3 locks held by udevd/5980: [ 338.386170][ T5980] #0: ffff8880263ba4c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xcc0 [ 338.386207][ T5980] #1: ffff8880271d0b98 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x33e/0x520 [ 338.386252][ T5980] #2: ffff8880351f7170 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc6/0x1100 [ 338.386293][ T5980] [ 338.386293][ T5980] stack backtrace: [ 338.386306][ T5980] CPU: 1 UID: 0 PID: 5980 Comm: udevd Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 338.386330][ T5980] Tainted: [L]=SOFTLOCKUP [ 338.386337][ T5980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 338.386349][ T5980] Call Trace: [ 338.386356][ T5980] [ 338.386363][ T5980] dump_stack_lvl+0xe8/0x150 [ 338.386385][ T5980] print_circular_bug+0x2e1/0x300 [ 338.386404][ T5980] check_noncircular+0x12e/0x150 [ 338.386425][ T5980] __lock_acquire+0x15a5/0x2d10 [ 338.386456][ T5980] ? nbd_queue_rq+0x37b/0x1100 [ 338.386475][ T5980] lock_acquire+0x106/0x350 [ 338.386497][ T5980] ? nbd_queue_rq+0x37b/0x1100 [ 338.386517][ T5980] ? nbd_queue_rq+0x37b/0x1100 [ 338.386537][ T5980] ? nbd_queue_rq+0x37b/0x1100 [ 338.386555][ T5980] mutex_lock_nested+0x5a/0x1d0 [ 338.386576][ T5980] ? nbd_queue_rq+0x37b/0x1100 [ 338.386597][ T5980] nbd_queue_rq+0x37b/0x1100 [ 338.386620][ T5980] ? __pfx_nbd_queue_rq+0x10/0x10 [ 338.386641][ T5980] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 338.386663][ T5980] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 338.386694][ T5980] ? sbitmap_get+0x229/0x390 [ 338.386718][ T5980] ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10 [ 338.386742][ T5980] ? __blk_mq_alloc_driver_tag+0x2e7/0x6e0 [ 338.386768][ T5980] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 338.386799][ T5980] ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10 [ 338.386816][ T5980] ? blk_mq_hw_queue_need_run+0x13c/0x690 [ 338.386841][ T5980] ? blk_mq_run_hw_queue+0x33e/0x520 [ 338.386864][ T5980] ? blk_mq_run_hw_queue+0x33e/0x520 [ 338.386889][ T5980] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 338.386906][ T5980] ? blk_mq_run_hw_queue+0x33e/0x520 [ 338.386929][ T5980] blk_mq_run_hw_queue+0x368/0x520 [ 338.386952][ T5980] blk_mq_dispatch_list+0xd1f/0xe20 [ 338.386968][ T5980] ? bdev_count_inflight+0x1cf/0x210 [ 338.386986][ T5980] ? blk_mq_dispatch_list+0x1a0/0xe20 [ 338.387004][ T5980] ? __pfx_blk_mq_dispatch_list+0x10/0x10 [ 338.387022][ T5980] ? rcu_is_watching+0x15/0xb0 [ 338.387040][ T5980] blk_mq_flush_plug_list+0x48d/0x570 [ 338.387064][ T5980] ? blk_add_rq_to_plug+0x300/0x450 [ 338.387087][ T5980] ? blk_mq_submit_bio+0x1b66/0x29d0 [ 338.387103][ T5980] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 338.387132][ T5980] __blk_flush_plug+0x3ed/0x4d0 [ 338.387158][ T5980] ? __pfx___blk_flush_plug+0x10/0x10 [ 338.387182][ T5980] ? blkg_get+0x20/0x1d0 [ 338.387200][ T5980] __submit_bio+0x28d/0x580 [ 338.387217][ T5980] ? __pfx___submit_bio+0x10/0x10 [ 338.387235][ T5980] ? bio_associate_blkg+0x6d/0x230 [ 338.387254][ T5980] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 338.387279][ T5980] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 338.387311][ T5980] block_read_full_folio+0x7b7/0x830 [ 338.387338][ T5980] ? __pfx_blkdev_get_block+0x10/0x10 [ 338.387357][ T5980] filemap_read_folio+0x137/0x3b0 [ 338.387379][ T5980] ? __pfx_blkdev_read_folio+0x10/0x10 [ 338.387396][ T5980] ? __pfx_filemap_read_folio+0x10/0x10 [ 338.387419][ T5980] ? filemap_add_folio+0x3d9/0x610 [ 338.387441][ T5980] do_read_cache_folio+0x2bf/0x560 [ 338.387464][ T5980] ? __pfx_blkdev_read_folio+0x10/0x10 [ 338.387481][ T5980] read_part_sector+0xb8/0x2b0 [ 338.387506][ T5980] adfspart_check_ICS+0xb1/0x960 [ 338.387522][ T5980] ? seq_buf_printf+0x212/0x2d0 [ 338.387540][ T5980] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 338.387566][ T5980] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 338.387587][ T5980] bdev_disk_changed+0x817/0x1770 [ 338.387619][ T5980] ? __pfx_bdev_disk_changed+0x10/0x10 [ 338.387644][ T5980] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 338.387664][ T5980] blkdev_get_whole+0x2e5/0x480 [ 338.387682][ T5980] bdev_open+0x31e/0xcc0 [ 338.387700][ T5980] blkdev_open+0x485/0x620 [ 338.387719][ T5980] ? __pfx_blkdev_open+0x10/0x10 [ 338.387735][ T5980] do_dentry_open+0x83d/0x13e0 [ 338.387756][ T5980] vfs_open+0x3b/0x350 [ 338.387771][ T5980] ? path_openat+0x2e2b/0x38a0 [ 338.387801][ T5980] path_openat+0x2e43/0x38a0 [ 338.387829][ T5980] ? __pfx_path_openat+0x10/0x10 [ 338.387850][ T5980] ? kasan_save_track+0x4f/0x80 [ 338.387868][ T5980] ? kasan_save_track+0x3e/0x80 [ 338.387886][ T5980] ? __kasan_slab_alloc+0x6c/0x80 [ 338.387905][ T5980] ? kmem_cache_alloc_noprof+0x33b/0x680 [ 338.387928][ T5980] ? do_raw_spin_lock+0x12b/0x2f0 [ 338.387952][ T5980] do_file_open+0x23e/0x4a0 [ 338.387971][ T5980] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 338.387991][ T5980] ? __pfx_do_file_open+0x10/0x10 [ 338.388010][ T5980] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 338.388041][ T5980] ? alloc_fd+0x64e/0x6c0 [ 338.388062][ T5980] do_sys_openat2+0x113/0x200 [ 338.388078][ T5980] ? __pfx___x64_sys_recvmsg+0x10/0x10 [ 338.388096][ T5980] ? __pfx_do_sys_openat2+0x10/0x10 [ 338.388116][ T5980] ? rcu_is_watching+0x15/0xb0 [ 338.388134][ T5980] __x64_sys_openat+0x138/0x170 [ 338.388151][ T5980] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.388168][ T5980] do_syscall_64+0x15f/0xf80 [ 338.388187][ T5980] ? clear_bhb_loop+0x40/0x90 [ 338.388205][ T5980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.388223][ T5980] RIP: 0033:0x7efe9b663407 [ 338.388253][ T5980] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 338.388267][ T5980] RSP: 002b:00007ffdacd66010 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 338.388286][ T5980] RAX: ffffffffffffffda RBX: 00007efe9b575880 RCX: 00007efe9b663407 [ 338.388300][ T5980] RDX: 00000000000a0800 RSI: 000055ce5a7c8410 RDI: ffffffffffffff9c [ 338.388312][ T5980] RBP: 000055ce5a7af910 R08: 0000000000000000 R09: 0000000000000000 [ 338.388323][ T5980] R10: 0000000000000000 R11: 0000000000000202 R12: 000055ce5a7d1f30 [ 338.388334][ T5980] R13: 000055ce5a7bd190 R14: 0000000000000000 R15: 000055ce5a7d1f30 [ 338.388353][ T5980] [ 338.388392][ T5980] block nbd0: Dead connection, failed to find a fallback [ 338.388410][ T5980] block nbd0: shutting down sockets [ 338.388423][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.388449][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.388603][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.388625][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.388715][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.388735][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.388829][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.388849][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.388940][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.388960][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.389062][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.389082][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.389351][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.389373][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.389463][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.389483][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.389538][ T5980] ldm_validate_partition_table(): Disk read failed. [ 338.389582][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.389603][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.389691][ T5980] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.389711][ T5980] Buffer I/O error on dev nbd0, logical block 0, async page read [ 338.390001][ T5980] Dev nbd0: unable to read RDB block 0 [ 338.407452][ T5980] nbd0: unable to read partition table [ 338.421627][ T5980] ldm_validate_partition_table(): Disk read failed. [ 338.421955][ T5980] Dev nbd0: unable to read RDB block 0 [ 338.428732][ T5980] nbd0: unable to read partition table [ 338.790534][ T5630] Bluetooth: hci3: command tx timeout [ 339.351511][ T5630] Bluetooth: hci0: command tx timeout [ 340.680332][ T13] bridge_slave_1: left allmulticast mode [ 340.680368][ T13] bridge_slave_1: left promiscuous mode [ 340.680881][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.760822][ T13] bridge_slave_0: left allmulticast mode [ 340.760848][ T13] bridge_slave_0: left promiscuous mode [ 340.761020][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.870740][ T5630] Bluetooth: hci3: command tx timeout [ 341.272580][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 341.330894][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 341.351558][ T13] bond0 (unregistering): Released all slaves [ 341.392503][ T5269] 8021q: adding VLAN 0 to HW filter on device eth5 [ 341.710290][ T13] hsr_slave_0: left promiscuous mode [ 341.750566][ T13] hsr_slave_1: left promiscuous mode [ 341.751161][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 341.790804][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 342.230952][ T13] team0 (unregistering): Port device team_slave_1 removed [ 342.270721][ T13] team0 (unregistering): Port device team_slave_0 removed [ 342.362890][ T5269] 8021q: adding VLAN 0 to HW filter on device eth6 [ 342.595755][ T5269] 8021q: adding VLAN 0 to HW filter on device eth7 [ 342.834129][ T5269] 8021q: adding VLAN 0 to HW filter on device eth8 [ 344.301950][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 344.301980][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.301993][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 344.532476][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 344.532512][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.532558][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 344.592600][ T5269] 8021q: adding VLAN 0 to HW filter on device eth9 [ 344.772509][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 344.772541][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.772564][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 344.837496][ T5269] 8021q: adding VLAN 0 to HW filter on device eth10 [ 345.011515][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 345.011546][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.011560][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 345.093089][ T5269] 8021q: adding VLAN 0 to HW filter on device eth11 [ 345.370538][ T13] bridge_slave_1: left allmulticast mode [ 345.370568][ T13] bridge_slave_1: left promiscuous mode [ 345.370759][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.451713][ T13] bridge_slave_0: left allmulticast mode [ 345.451744][ T13] bridge_slave_0: left promiscuous mode [ 345.451924][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.790678][ T13] bridge_slave_1: left promiscuous mode [ 345.790852][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.851051][ T13] bridge_slave_0: left allmulticast mode [ 345.851082][ T13] bridge_slave_0: left promiscuous mode [ 345.851216][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.630748][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 346.711506][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 346.751295][ T13] bond0 (unregistering): Released all slaves [ 347.280854][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.341082][ T13] bond0 (unregistering): (slave c@0Ù): Releasing backup interface [ 347.381442][ T13] bond0 (unregistering): Released all slaves [ 347.401880][ T5269] 8021q: adding VLAN 0 to HW filter on device eth12 [ 347.673624][ T5269] 8021q: adding VLAN 0 to HW filter on device eth13 [ 347.911863][ T5269] 8021q: adding VLAN 0 to HW filter on device eth14 [ 348.282556][ T5269] 8021q: adding VLAN 0 to HW filter on device eth15