last executing test programs: 1m58.776049767s ago: executing program 3 (id=414): r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='\x15\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000140)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4M\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0) close(r0) 1m58.118662264s ago: executing program 3 (id=417): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000240)={&(0x7f00007a3000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x2000, 0x2}) 1m57.516685623s ago: executing program 3 (id=420): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8) write(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x0, &(0x7f0000000f40)={[], [], 0x2c}, 0x1, 0xefc, &(0x7f0000001e80)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0T8CT0gKiGKhDhVHKi4UCqlSEUCVapQT21PrXrroUK9UKlKpaAeWqTEVez31rsvGXY9tme9u7+f9Pntmzc73zfeaDMznn0bgLHVWPt59OhiEcLbn7z18ItPFB9dWXZHe40Daz+L2GuFEJod/SLb3mdxwaWLL5y4VluEw2s/Uz88cqH93NkQwrlwIHwaWuGD5ZUv3n/noYMfvjpz0xtnn3pph3a/Ld8PAAAYRef/tPK3e/75x/sWvjy//3iYbi9Px+et2J+Nx/2H4oFyOl5uhO5+0RGdprL1JmI0svUmsvUmszyTJfma2XaaJetN9cg30bHsWvsJAAAAwyid17ZC0Vjq6jcaS0vr5/1XfDY/VSw9c3rl1JkBFQoAAABU9p+X1266FUIIIYQQQgghxAjH6vygr0AAAAAA4yafL+wq57Z3pq721lr95b/wYOPaz4dtUPe/f/mHK/97r3jHAQCgulE9mkz7lY6j0zwG+TyCE9nzNnn8374YMJFtt19l8woOy3yDZXXmv9fdqqz+zb6Og1JWfz4f5m5VVn8+T+duVVb/dM11VFVW/0zNdVRVVv+emuuoqqz+vTXXUVVZ/bM111FVWf1zNddRVVn919VcR1Vl9e+ruY6qyuoflttqy+pv1VxHVWX1L9RcR1Vl9V9fcx1VldV/Q811VFVW/4011zEot8c2/R72Z+Od58/5Od2wnOMBAADAuPuf+f+EEEIIIYQQYpCxcfvp4GsRIxwvb/6SwbDcGgoAAAD0KX0uIH3qfTVK4xM9xic7x2c2VkjjzR7Pn+oxPt1jHAAAAAjht6+duuXNYuNz/lucD699c8Ce8NHlUGEeo3w+ws3m3+q8Z1vNPyzzlgEAADBeiu99evneh999buHL8/uPd5z9Xo7nu2ke0Ml4beDj2E/3Bcxl/SKdQx/vztMoWS+/PnBd2fYe3eKOAgAAwBhL5++tUDSWOs67W6HRWFraOB9fDM3i1OmVk4diP30/yx/mm9NXlj9Qc90AAABA/zbO9699/p++x3cxTBVLz5xeOXVmvT/XXt5sdF4XmN9YXnReF2hlyw+XLD8S++n7O38wv2dt+dKJH648sd07DwAAAGPizPNnn3p8ZeXkjzzwwAMP2g8G/c4EAABst88/f6v54yNzv1v//P/G/Hfp8/8HYr8V5/b7c1wh3SeQPgdw1ef1H+vOM1+23rPd67Wy9SZiTGd1z3RsJ6zNN9j9vIV2f7I7X6t7O1Ml+WazfHNZvnyegsls/ZRvX7Y8n58wrTefLc/nYZzMchRZ/jsDAAAAlFt+7ulnl888f/b+008//uTJJ08+c+Twse8eO3boge88sLx2X/9y5939AAAAwDDauOm3/+f8fScLAgAAAAAAAAAAAAAAAAAAgDFUx9eJDXofAQAAYNz9++UQwjkhhKgcq9ODr0Hs1pjZBTUIIYQQQoi1WF3Nv2keAAAAYGdduvjCic72KueKbc3X3lprvbkc86Z27v6/LlyJtNqFB7uvl+zd1moYd3X/+5d/uPK/98r25p9JD/p+/2t0b+B4tbx3L/9ysTP/rZN95s/3/9Fq+Q9m+e8O/eVffTfL/1i1/Pdk+ff2mf+q/X+2Wv57Y/7F2D94V7/5u1//6dim/djTZ/5vZ/v/ROg3f7b/rT4TZu6L+QFgHDUGXcAOSUcJ6Th6NvbT/sbDzZDf/bDZ4/9Gtp3JLVfevd10HHRz7Kfjpbksb9Jv/ek4bTbb3nUV68wNy10lZfVv1+u408rqb9ZcR1Vl9U/VXEdVZfVP11xHVWX1z9RcR1Vl9fd7HjpoZfUPy3Xlsvpna66jqrL652quo6qy+jf7//iglNW/r+Y6qiqrf77mOqoqq7/iZbXaldW/UHMdVZXVf33NdVRVVv8NNddRVVn9N9Zcx6DcFtuy8+F0/jkfx1K/lfWnr/G7HNVrCwAAADBs/rXb5v97dBfUIIQQQox3rP9ZYPB1CCG+MlZX2wf1W9rO/Fr739V1g98vIbI4vgtqGJHoeNdgDO3sp5kB2K28/483r/948/qPN68/XyXdw19k/WSix/hkj/Fmj/GpbDz/9zrdY/yGbLur6bpmdGOP8a/1GN/XY/zmHuOLPcZv6TF+a4/x23qMAwAAMB5uiq3zQwAAABhdL/7q49d/c/djFxe+PL//eJi6at75Q7E/Hf+2/lrs5/PeJ834N/+fxP4vYvv72P4jW9/9JwAAALDz0vfE+Ps/AAAAjK70PaXO/wEAAGB0LcTW+T8AAACMrutj6/wfAAAARlgxc+3FsU3XBe6Mbb/z+gEAu9/XY3t7bPfH9o7YfiO26Tjgrth+s6b6AIDt8/Pv//TYm8XGfP9HsvFLcXlqr3Ju/UpB0eieyX9PbPfG9lt91pN/H0C/+ZN9febZqfzzW8wPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyOxtrPo0cXixDe/uSth3829fpfriy7o73GgbWfRey1QgjN9vPS6Eb/13HFSxdfONHZXo5tEQ6HIhTt5eGRC+1MsyGEc+FA+DS0wgfLK1+8/85DBz98deamN84+9dIO/gq69g8AAABG0f8DAAD//xRsJ3w=") 1m56.706339755s ago: executing program 3 (id=425): r0 = syz_open_dev$amidi(&(0x7f0000000480), 0x2, 0x8900) r1 = dup(r0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) 1m55.911543405s ago: executing program 3 (id=429): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x140070, 0x0) 1m50.508704117s ago: executing program 3 (id=450): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0) 1m34.959667319s ago: executing program 32 (id=450): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0) 5.735760104s ago: executing program 5 (id=784): r0 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x400, 0x0, 0x379}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x19, 0x1}) io_uring_enter(r0, 0x47ba, 0x3e82, 0x60, 0x0, 0x0) 5.592103057s ago: executing program 2 (id=787): set_mempolicy(0x6, &(0x7f0000000300)=0x8000000000000001, 0x2e0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) 5.12558631s ago: executing program 2 (id=789): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x20, r0, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY_SEQ={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x818}, 0x4000) 4.641765394s ago: executing program 2 (id=792): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r0, 0x30925) keyctl$restrict_keyring(0x5, 0xfffffffffffffffe, 0x0, 0x0) keyctl$get_security(0x11, r0, 0x0, 0x0) 4.258194185s ago: executing program 0 (id=795): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) r1 = epoll_create(0x50000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x80000000}) ioctl$TCXONC(r0, 0x540a, 0x2) 4.205490226s ago: executing program 2 (id=796): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) r0 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f00000008c0), 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd") ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000440)={0x2, 0x4, {0xffffffffffffffff, @struct={0x84, 0x3}, 0x0, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, @struct={0x1d, 0xce82}, 0x4000, 0x5, [0x0, 0x8, 0x20000000009c]}, {0xfffffffffffffffe, @usage=0x9, 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x8, 0x58a, @struct={0x2, 0xf136}, 0x3, 0xe, [0x4, 0x1, 0x2, 0xfffffffffffffffc, 0x0, 0x1]}, {0x6, @struct={0x4, 0x8}, 0x0, 0x7, 0x6b, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff, 0x4a, @usage=0xd02, 0xffffffff, 0x4, [0x80000000, 0x800004, 0x0, 0x3ff, 0x80]}, {0x0, 0x0, 0xfffffffffffffffd}}) 3.462577437s ago: executing program 4 (id=798): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001800010600000000000000001c140000fe00000100000000140013"], 0x30}, 0x1, 0x0, 0x0, 0x4009}, 0x0) 3.243031614s ago: executing program 0 (id=799): socket$netlink(0x10, 0x3, 0x4) set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c00028008000500010000001400070000"], 0x74}}, 0x0) 3.141804375s ago: executing program 1 (id=800): r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) add_key(&(0x7f0000000140)='ceph\x00', &(0x7f0000000180), &(0x7f0000000040), 0x1d4, r0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000580)=""/4096, 0x1000}], 0x1, 0x7fff, 0x0) 2.681795625s ago: executing program 4 (id=801): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8101, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x3) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r2, 0x4000009, 0x3}) 2.526031957s ago: executing program 5 (id=802): socket$inet_tcp(0x2, 0x1, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="0e000100020075"], 0x8) 2.518708236s ago: executing program 1 (id=803): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@updpolicy={0xc4, 0x19, 0x1, 0x400000, 0x0, {{@in=@empty, @in=@empty, 0x0, 0x2, 0x0, 0x0, 0xa}, {0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0xfffffffffffffffb}, {0x5, 0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, [@sec_ctx={0xc, 0x8, {0x6, 0x8, 0x0, 0x8}}]}, 0xc4}}, 0x4004) 2.419982777s ago: executing program 2 (id=804): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000) syz_io_uring_setup(0x580e, &(0x7f0000000fc0)={0x0, 0x2271, 0x1000, 0x3, 0x800287}, 0x0, 0x0) 2.301597286s ago: executing program 0 (id=805): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20082, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x3) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000e40)='\b', 0x1}], 0x1) 2.017058452s ago: executing program 5 (id=806): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16], 0x1, 0x2c2, &(0x7f00000006c0)="$eJzs3T+LI2UYAPBndpNJ7iySwkoEB7SwOm6vtckiOThMpaRQC128O5AkCHew4CkGK1sbSz+BINj5JWwEP4DgB7DzioNXJpkh2btJsoHLrX9+vyL77Lzv877POzPZPyzz7sevziZ3i7j/9Ze/R7ebxdEgBvE4i34cRS2llGJl8G0AAP9mj1OKP9PSJVMG5UsWEd3DlgYAHMje3/9/OnhJAMCBvff+B++cjkbDd4uiG7dn35yPy9/sy4/L9tP78WlM417cjF48Wf4toP5poXy9nVKat4pSP96Yzc/HZebso1+q8U/riU6iF/1FdDH/zmh4Uiyt5c/LOq5X8w/K+W9FL15umP/OaHirIT/Gebz5+lr9N6IXv34Sn8U07i6KWOV/dVIUb6fv/vriw7K8Mj+bn487i34r6fjFXRUAAAAAAAAAAAAAAAAAAAAAAP7rblR753RisX9Peajaf+f4SflJO4pa/+L+PMv8rB7oqf2B5im+T6nTihgNbxZFkaqOq/xWvNKK1tWsGgAAAAAAAAAAAAAAAAAAAP5ZHn7+aHI2nd570BD8dj1iQ9OGoN4NoH6sf0fW8aamwdqR1+LR5KyzecC1pqMq3DJpHNd9soity4lWux65v9dJ2D+4tqnmH37cd8Du7j7tbefn+QT13TU5y6KxTyfqI936mv683iePS86Vb2pKu2+/tSBvbOrtvfb8pUUw39Insm2FvfXH8sxVR7KnV5EvzmpjenttN47me6P5Wmx6pzwjW7yt8+f3xQcAAAAAAAAAAAAAAAAAALhg9dDvM03XdqQepc7BygIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAF2r1///3COZV8iU65/Hg4RUvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BvwMAAP//QSRWPA==") setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x4, &(0x7f0000000040)=0x3e, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x104) 1.910607986s ago: executing program 1 (id=807): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000340)={0x8, 0x816a, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0x8, 0x1, 0x7}) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x590e9000) 1.861716709s ago: executing program 4 (id=808): r0 = memfd_create(&(0x7f0000000080)=',\xea\x00', 0x4) ftruncate(r0, 0x7000000) r1 = dup(r0) preadv2(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/83, 0x53}], 0x1, 0x3700, 0xec, 0x0) 1.789800993s ago: executing program 0 (id=809): r0 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x400004, 0x13900}, &(0x7f0000000000), &(0x7f0000000200)) r1 = syz_open_dev$usbmon(&(0x7f0000000000), 0x81, 0x8304) read$usbmon(r1, 0x0, 0x0) poll(&(0x7f0000000080)=[{r0, 0x5}], 0x1, 0x7ff) 1.490152618s ago: executing program 4 (id=810): r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f0000000400)='_', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000006400), &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000680)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc77a9b3df93199c796fa597f452bed6b6fbcc812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1913f8b22a30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec9dd37503131f237397e5fe3ce372297ec48108dcaba5ae65e31f00e641832d29ed658b91fed83e6fd480be0e3100965f081190bbb39a5965ceaa76975b88885041ff4e66e618d6c37c787f014eadb6c9f659ae43f57608e09d620830a3a9189603da1d8f0b721343051ada4dcfdf8af5d0ae8f263d2b21061978317", 0x161, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r2}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}}) 1.382864163s ago: executing program 1 (id=811): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000005a0001"], 0x1c}}, 0x48880) 1.157585002s ago: executing program 0 (id=812): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) r1 = dup(r0) write$6lowpan_enable(r1, 0x0, 0x0) 1.101475618s ago: executing program 5 (id=813): setxattr$trusted_overlay_origin(0x0, &(0x7f0000000440), 0x0, 0x0, 0x2) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000440)=[{0x84, 0x77, 0x0, 0x0, @tick=0xffffffff, {0x8}, {0x7}, @raw32={[0x2, 0x0, 0x8000000]}}, {0x0, 0x0, 0x5, 0x83, @tick, {0xfd}, {}, @note={0x81}}, {0x6, 0x3, 0x9, 0x3, @tick=0x1, {0x10, 0x5}, {0xc, 0x2}, @control={0x3, 0x7, 0x7fff}}, {0x8, 0x3, 0x7, 0x4, @time={0x1, 0xd93}, {0xba, 0x5}, {0xdb}, @note={0xfc, 0x10, 0x7, 0x6, 0x73ec}}], 0x70) 846.276849ms ago: executing program 1 (id=814): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CQM={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x400}, 0x0) 733.468518ms ago: executing program 4 (id=815): sendmmsg(0xffffffffffffffff, &(0x7f0000000280)=[{{&(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x100, @remote}, 0x3, 0x1, 0x0, 0x4}}, 0x80, 0x0}}], 0x1, 0x20000080) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10) sendmsg$kcm(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="2e00000022008102e00f80ecdb4cb9020a", 0x4a}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0) 478.262055ms ago: executing program 0 (id=816): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000080)='>', 0x1) setsockopt$sock_int(r0, 0x1, 0x48, &(0x7f00000001c0)=0x7, 0x4) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) 477.93739ms ago: executing program 5 (id=817): capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0xffc, 0x10ffff, 0xffffff88}) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file7\x00', 0x1b4) renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x4) 286.094529ms ago: executing program 1 (id=818): r0 = socket(0x2, 0x3, 0xfc) setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000240)=0x13, 0x2) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10) recvfrom$inet(r0, 0x0, 0x0, 0x122, 0x0, 0x0) 115.556599ms ago: executing program 4 (id=819): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, r0, 0x0, 0x4003) ptrace(0x10, r0) ptrace$setregs(0xf, r0, 0xfffffffffffffffc, &(0x7f0000000400)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36c") 96.73645ms ago: executing program 2 (id=820): r0 = memfd_create(&(0x7f0000000140)='v\xa6\xf5l/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\x85\xb9\nR\xf5@\x99\xb9\x8a\x0fZ\t\x90\x8b\xab\xf8\x87\x10ti\xba\xc6\xfb\xd2)\x95\x88k\x82\x04s\xb3b\x01\xf4\xach\v\x91\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc]\x11\x95\xf8\xe6\xa7\xc3\xfc\x18+\x92\xa5N\a\xa7\x7fN\x9bM\n\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9dA\x00\x00\x00\x1bC\xd8\x1c\xc5u\x00S\x00'/126, 0x1) personality(0x500006) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 0s ago: executing program 5 (id=821): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) ioprio_set$pid(0x2, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) kernel console output (not intermixed with test programs): ll (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 208.584978][ T5799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 208.737342][ T5796] hsr_slave_0: entered promiscuous mode [ 208.748160][ T5796] hsr_slave_1: entered promiscuous mode [ 208.761030][ T5799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 208.768166][ T5799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 208.794476][ T5799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.815769][ T5794] team0: Port device team_slave_0 added [ 208.831856][ T5795] team0: Port device team_slave_0 added [ 208.853608][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 208.882208][ T5794] team0: Port device team_slave_1 added [ 208.976093][ T5795] team0: Port device team_slave_1 added [ 208.994066][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.133096][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 209.140457][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 209.166914][ T5794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.307407][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.314720][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 209.341196][ T5794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 209.392017][ T5804] team0: Port device team_slave_0 added [ 209.502352][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 209.509491][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 209.536450][ T5795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.559264][ T5804] team0: Port device team_slave_1 added [ 209.569185][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.578279][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 209.604813][ T5795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 209.645244][ T5799] hsr_slave_0: entered promiscuous mode [ 209.655532][ T5799] hsr_slave_1: entered promiscuous mode [ 209.664391][ T5799] debugfs: 'hsr0' already exists in 'hsr' [ 209.670346][ T5799] Cannot create hsr debugfs directory [ 209.806918][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 209.814345][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 209.840830][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.930676][ T5801] Bluetooth: hci0: command tx timeout [ 209.979340][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.987365][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 210.013912][ T5801] Bluetooth: hci2: command tx timeout [ 210.014018][ T5801] Bluetooth: hci3: command tx timeout [ 210.019393][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.093390][ T5812] Bluetooth: hci1: command tx timeout [ 210.170450][ T5812] Bluetooth: hci4: command tx timeout [ 210.176646][ T5794] hsr_slave_0: entered promiscuous mode [ 210.185653][ T5794] hsr_slave_1: entered promiscuous mode [ 210.193952][ T5794] debugfs: 'hsr0' already exists in 'hsr' [ 210.199790][ T5794] Cannot create hsr debugfs directory [ 210.375656][ T5795] hsr_slave_0: entered promiscuous mode [ 210.385713][ T5795] hsr_slave_1: entered promiscuous mode [ 210.394365][ T5795] debugfs: 'hsr0' already exists in 'hsr' [ 210.400362][ T5795] Cannot create hsr debugfs directory [ 210.607230][ T5804] hsr_slave_0: entered promiscuous mode [ 210.617691][ T5804] hsr_slave_1: entered promiscuous mode [ 210.626496][ T5804] debugfs: 'hsr0' already exists in 'hsr' [ 210.632549][ T5804] Cannot create hsr debugfs directory [ 211.247097][ T5796] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 211.286315][ T5796] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 211.417103][ T5796] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 211.451471][ T5796] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 211.886082][ T5799] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 211.940028][ T5799] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 211.961832][ T5799] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 211.986093][ T5799] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 212.023042][ T5812] Bluetooth: hci0: command tx timeout [ 212.090457][ T5812] Bluetooth: hci3: command tx timeout [ 212.096132][ T5812] Bluetooth: hci2: command tx timeout [ 212.175712][ T5801] Bluetooth: hci1: command tx timeout [ 212.189599][ T5795] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 212.215617][ T5795] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 212.242981][ T5795] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 212.251995][ T5801] Bluetooth: hci4: command tx timeout [ 212.295077][ T5795] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 212.353303][ T5794] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 212.403539][ T5794] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 212.496493][ T5794] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 212.538735][ T5794] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 212.716776][ T5804] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 212.782061][ T5804] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 212.849351][ T5804] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 212.886193][ T5804] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 213.138600][ T5796] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.384203][ T5796] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.498099][ T4235] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.505731][ T4235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.585757][ T4235] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.593427][ T4235] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.734314][ T5799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.843634][ T5795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.921972][ T5799] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.986043][ T5795] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.047463][ T1898] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.055062][ T1898] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.106011][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.179166][ T1898] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.186824][ T1898] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.204440][ T1898] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.211902][ T1898] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.262340][ T3593] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.269852][ T3593] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.488410][ T5794] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.547271][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.702219][ T3593] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.709904][ T3593] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.812566][ T5804] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.857161][ T5795] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 214.867991][ T5795] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 214.909980][ T3593] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.917608][ T3593] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.090721][ T3593] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.098279][ T3593] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.119566][ T3593] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.127149][ T3593] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.530022][ T5796] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 216.582797][ T5795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.083343][ T5799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.122272][ T5796] veth0_vlan: entered promiscuous mode [ 217.197329][ T5795] veth0_vlan: entered promiscuous mode [ 217.234276][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.280960][ T5796] veth1_vlan: entered promiscuous mode [ 217.329062][ T5795] veth1_vlan: entered promiscuous mode [ 217.606018][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.701820][ T5796] veth0_macvtap: entered promiscuous mode [ 217.757502][ T5795] veth0_macvtap: entered promiscuous mode [ 217.800739][ T5796] veth1_macvtap: entered promiscuous mode [ 217.857120][ T5795] veth1_macvtap: entered promiscuous mode [ 217.885138][ T5794] veth0_vlan: entered promiscuous mode [ 217.971848][ T5794] veth1_vlan: entered promiscuous mode [ 218.053775][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.154125][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.188683][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.221797][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.314686][ T1898] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.355959][ T5804] veth0_vlan: entered promiscuous mode [ 218.371504][ T1898] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.414184][ T1898] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.495671][ T1898] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.520848][ T5804] veth1_vlan: entered promiscuous mode [ 218.536179][ T5794] veth0_macvtap: entered promiscuous mode [ 218.551088][ T1898] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.561667][ T14] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.604869][ T14] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.653831][ T14] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.674991][ T5794] veth1_macvtap: entered promiscuous mode [ 218.912560][ T5804] veth0_macvtap: entered promiscuous mode [ 218.978899][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.049998][ T5804] veth1_macvtap: entered promiscuous mode [ 219.084941][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.196902][ T3617] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.270826][ T4515] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.279905][ T4515] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.324887][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.358613][ T4515] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.409608][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.515157][ T3617] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.572006][ T3617] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.608785][ T3617] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.697094][ T3617] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.932507][ T5799] veth0_vlan: entered promiscuous mode [ 220.019349][ T5799] veth1_vlan: entered promiscuous mode [ 220.369445][ T5799] veth0_macvtap: entered promiscuous mode [ 220.431862][ T5799] veth1_macvtap: entered promiscuous mode [ 220.658372][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.791378][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.857175][ T14] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.925264][ T14] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.991852][ T14] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.022297][ T14] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.912868][ T5075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.921856][ T5075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.171660][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.179711][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.378242][ T5075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.386482][ T5075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.632362][ T4934] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.640620][ T4934] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.657398][ T5796] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 226.053393][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.059640][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.061554][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.077032][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.577937][ T1898] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.585338][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.586308][ T1898] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.594067][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.801382][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 226.993518][ T9] usb 1-1: config 0 has no interfaces? [ 227.017738][ T9] usb 1-1: New USB device found, idVendor=054c, idProduct=042f, bcdDevice=3f.00 [ 227.027407][ T9] usb 1-1: New USB device strings: Mfr=110, Product=0, SerialNumber=0 [ 227.040630][ T9] usb 1-1: Manufacturer: syz [ 227.133904][ T9] usb 1-1: config 0 descriptor?? [ 227.638344][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.647005][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.804273][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.813098][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.823490][ T5994] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 227.944880][ T5994] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 228.144201][ T5991] loop2: detected capacity change from 0 to 4096 [ 228.212511][ T42] usb 1-1: USB disconnect, device number 2 [ 228.227000][ T5991] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 228.721458][ T6004] capability: warning: `syz.3.9' uses deprecated v2 capabilities in a way that may be insecure [ 229.599853][ T6010] loop0: detected capacity change from 0 to 1024 [ 229.746237][ T6010] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 232.749232][ T6050] netlink: 'syz.4.27': attribute type 2 has an invalid length. [ 232.757304][ T6050] netlink: 137592 bytes leftover after parsing attributes in process `syz.4.27'. [ 232.767056][ T6050] netlink: 5 bytes leftover after parsing attributes in process `syz.4.27'. [ 232.801650][ T6049] netlink: 4 bytes leftover after parsing attributes in process `syz.2.29'. [ 233.669183][ T42] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 233.789367][ T6059] Zero length message leads to an empty skb [ 233.902213][ T42] usb 3-1: Using ep0 maxpacket: 8 [ 233.925142][ T42] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 233.934338][ T42] usb 3-1: config 179 has no interface number 0 [ 233.941247][ T42] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 233.952726][ T42] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 233.964367][ T42] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 233.975894][ T42] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 233.987833][ T42] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 234.004482][ T42] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 234.015373][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.172604][ T6056] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 234.640638][ T42] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input5 [ 234.803799][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 234.811099][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 234.932758][ T5852] usb 3-1: USB disconnect, device number 2 [ 234.940450][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 234.949046][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 237.475283][ T6095] netlink: 16 bytes leftover after parsing attributes in process `syz.0.49'. [ 237.489006][ T6095] netlink: 16 bytes leftover after parsing attributes in process `syz.0.49'. [ 237.683946][ T6098] loop1: detected capacity change from 0 to 128 [ 237.876911][ T6098] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 237.979314][ T6098] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 238.306288][ T5795] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 239.175388][ T6116] netlink: 32 bytes leftover after parsing attributes in process `syz.4.57'. [ 239.766215][ T6119] loop0: detected capacity change from 0 to 2048 [ 239.826587][ T6119] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 239.998446][ T6119] syz.0.59: attempt to access beyond end of device [ 239.998446][ T6119] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 240.025834][ T6127] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 240.130730][ T5852] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 240.377109][ T5852] usb 5-1: Using ep0 maxpacket: 32 [ 240.401590][ T5852] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 240.411544][ T5852] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 240.419809][ T5852] usb 5-1: Product: syz [ 240.424474][ T5852] usb 5-1: Manufacturer: syz [ 240.429282][ T5852] usb 5-1: SerialNumber: syz [ 240.482072][ T5852] usb 5-1: config 0 descriptor?? [ 240.502132][ T6129] netlink: 'syz.1.63': attribute type 8 has an invalid length. [ 240.790714][ T5852] RobotFuzz Open Source InterFace, OSIF 5-1:0.0: version d4.15 found at bus 005 address 002 [ 240.984712][ T6134] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 241.028348][ T6125] i2c i2c-1: adapter quirk: no zero length (addr 0x0041, size 0, read) [ 241.094339][ T9] usb 5-1: USB disconnect, device number 2 [ 241.342183][ T6138] netlink: 12 bytes leftover after parsing attributes in process `syz.1.67'. [ 242.844370][ T6146] loop1: detected capacity change from 0 to 4096 [ 242.977927][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.033867][ T6146] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 243.056123][ T6156] loop4: detected capacity change from 0 to 512 [ 243.155304][ T6156] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.76: bad orphan inode 11 [ 243.271942][ T6156] ext4_test_bit(bit=10, block=4) = 1 [ 243.277498][ T6156] is_bad_inode(inode)=0 [ 243.282389][ T6156] NEXT_ORPHAN(inode)=2080374784 [ 243.287429][ T6156] max_ino=32 [ 243.291007][ T6156] i_nlink=0 [ 243.294608][ T6156] EXT4-fs (loop4): 1 truncate cleaned up [ 243.344488][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.352435][ T6156] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.608533][ T6146] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 243.634997][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.878970][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.956647][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.391729][ T12] bridge_slave_1: left allmulticast mode [ 244.397611][ T12] bridge_slave_1: left promiscuous mode [ 244.405183][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.431816][ T12] bridge_slave_0: left allmulticast mode [ 244.437695][ T12] bridge_slave_0: left promiscuous mode [ 244.449707][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.041038][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 245.076987][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 245.101770][ T12] bond0 (unregistering): Released all slaves [ 245.760387][ T12] hsr_slave_0: left promiscuous mode [ 245.805421][ T12] hsr_slave_1: left promiscuous mode [ 245.814057][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.822076][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 245.845940][ T6167] loop3: detected capacity change from 0 to 1024 [ 245.907097][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 245.915454][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 245.918139][ T6167] ======================================================= [ 245.918139][ T6167] WARNING: The mand mount option has been deprecated and [ 245.918139][ T6167] and is ignored by this kernel. Remove the mand [ 245.918139][ T6167] option from the mount to silence this warning. [ 245.918139][ T6167] ======================================================= [ 245.958853][ T6167] EXT4-fs: Ignoring removed mblk_io_submit option [ 245.965967][ T6167] EXT4-fs: inline encryption not supported [ 245.974967][ T6167] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 246.099751][ T12] veth1_macvtap: left promiscuous mode [ 246.108435][ T12] veth0_macvtap: left promiscuous mode [ 246.114629][ T12] veth1_vlan: left promiscuous mode [ 246.120440][ T12] veth0_vlan: left promiscuous mode [ 246.178732][ T6167] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.81: bad orphan inode 11 [ 246.347763][ T6167] EXT4-fs (loop3): Remounting filesystem read-only [ 246.355051][ T6167] ext4_test_bit(bit=10, block=4) = 1 [ 246.360894][ T6167] is_bad_inode(inode)=0 [ 246.365215][ T6167] NEXT_ORPHAN(inode)=3254779904 [ 246.370346][ T6167] max_ino=32 [ 246.373698][ T6167] i_nlink=0 [ 246.379374][ T6167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.830608][ T6167] EXT4-fs: Remounting fs w/o journal so ignoring data_err option [ 246.838650][ T6167] EXT4-fs: Cannot change journaled quota options when quota turned on [ 246.955090][ T6177] loop1: detected capacity change from 0 to 64 [ 247.408134][ T5804] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.578117][ T12] team0 (unregistering): Port device team_slave_1 removed [ 247.642331][ T5812] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 247.652579][ T5812] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 247.662845][ T5812] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 247.674178][ T12] team0 (unregistering): Port device team_slave_0 removed [ 247.807050][ T5812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 247.819154][ T5812] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 248.389770][ T6192] netlink: 632 bytes leftover after parsing attributes in process `syz.1.88'. [ 248.554498][ T6193] loop3: detected capacity change from 0 to 128 [ 248.691088][ T6193] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 248.741051][ T6193] hpfs: filesystem error: improperly stopped [ 248.751826][ T6193] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 248.759824][ T6193] hpfs: You really don't want any checks? You are crazy... [ 248.828345][ T6193] hpfs: hpfs_map_sector(): read error [ 248.834119][ T6193] hpfs: code page support is disabled [ 248.887568][ T6193] hpfs: hpfs_map_4sectors(): unaligned read [ 248.953843][ T6193] hpfs: hpfs_map_4sectors(): unaligned read [ 248.961373][ T6193] hpfs: filesystem error: unable to find root dir [ 249.931187][ T5812] Bluetooth: hci0: command tx timeout [ 250.301967][ T6184] chnl_net:caif_netlink_parms(): no params data found [ 251.554737][ T6223] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.013816][ T5812] Bluetooth: hci0: command tx timeout [ 252.607264][ T6184] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.617524][ T6184] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.625725][ T6184] bridge_slave_0: entered allmulticast mode [ 252.639629][ T6184] bridge_slave_0: entered promiscuous mode [ 252.750645][ T6184] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.758489][ T6184] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.766655][ T6184] bridge_slave_1: entered allmulticast mode [ 252.801109][ T6247] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 252.813928][ T6184] bridge_slave_1: entered promiscuous mode [ 253.362986][ T6184] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 253.474185][ T6184] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 253.975455][ T6184] team0: Port device team_slave_0 added [ 254.041281][ T6184] team0: Port device team_slave_1 added [ 254.096112][ T5812] Bluetooth: hci0: command tx timeout [ 254.486866][ T6184] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.498705][ T6184] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 254.525237][ T6184] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.576609][ T6254] loop4: detected capacity change from 0 to 8192 [ 254.683492][ T6184] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.696303][ T6184] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 254.722968][ T6184] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 255.183961][ T6277] netlink: 8 bytes leftover after parsing attributes in process `syz.1.114'. [ 255.193226][ T6277] netlink: 28 bytes leftover after parsing attributes in process `syz.1.114'. [ 255.460762][ T6184] hsr_slave_0: entered promiscuous mode [ 255.475720][ T6184] hsr_slave_1: entered promiscuous mode [ 255.484933][ T6184] debugfs: 'hsr0' already exists in 'hsr' [ 255.490979][ T6184] Cannot create hsr debugfs directory [ 255.804448][ T6281] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 256.171741][ T5812] Bluetooth: hci0: command tx timeout [ 257.938686][ T6184] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 258.055777][ T6184] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 258.095372][ T6315] netlink: 60 bytes leftover after parsing attributes in process `syz.1.130'. [ 258.202344][ T6184] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 258.341945][ T6184] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 258.534479][ T6320] loop0: detected capacity change from 0 to 64 [ 259.758218][ T6332] program syz.1.137 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 260.280440][ T6330] loop4: detected capacity change from 0 to 32768 [ 260.493710][ T6330] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 260.516368][ T6330] (syz.4.135,6330,0):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 260.529825][ T6330] (syz.4.135,6330,0):ocfs2_get_suballoc_slot_bit:2812 ERROR: read block 47244640256 failed -12 [ 260.540775][ T6330] (syz.4.135,6330,0):ocfs2_get_suballoc_slot_bit:2844 ERROR: status = -12 [ 260.549532][ T6330] (syz.4.135,6330,0):ocfs2_test_inode_bit:2926 ERROR: get alloc slot and bit failed -12 [ 260.559670][ T6330] (syz.4.135,6330,0):ocfs2_test_inode_bit:2967 ERROR: status = -12 [ 260.567968][ T6330] (syz.4.135,6330,0):ocfs2_get_dentry:78 ERROR: test inode bit failed -12 [ 260.574007][ T6184] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.716171][ T6184] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.750776][ T6335] loop0: detected capacity change from 0 to 4096 [ 260.781777][ T5799] ocfs2: Unmounting device (7,4) on (node local) [ 260.794721][ T5075] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.802411][ T5075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.942860][ T5075] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.950543][ T5075] bridge0: port 2(bridge_slave_1) entered forwarding state [ 261.538481][ T6343] loop3: detected capacity change from 0 to 2048 [ 261.735767][ T6343] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=66359, location=66359 [ 261.963476][ T6343] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 262.380689][ T5852] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 262.573920][ T5852] usb 2-1: Using ep0 maxpacket: 8 [ 262.630581][ T5852] usb 2-1: config 0 has no interfaces? [ 262.706470][ T5852] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 262.716026][ T5852] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.724733][ T5852] usb 2-1: Product: syz [ 262.729103][ T5852] usb 2-1: Manufacturer: syz [ 262.734042][ T5852] usb 2-1: SerialNumber: syz [ 262.884815][ T5852] usb 2-1: config 0 descriptor?? [ 263.147463][ T9] usb 2-1: USB disconnect, device number 2 [ 263.661396][ T6184] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 264.204093][ T6184] veth0_vlan: entered promiscuous mode [ 264.328292][ T6184] veth1_vlan: entered promiscuous mode [ 264.349510][ T6374] loop1: detected capacity change from 0 to 128 [ 264.479777][ T6374] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 264.653913][ T6374] ext4 filesystem being mounted at /34/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 264.737722][ T6184] veth0_macvtap: entered promiscuous mode [ 264.833106][ T6184] veth1_macvtap: entered promiscuous mode [ 264.891744][ T6374] netlink: 260 bytes leftover after parsing attributes in process `syz.1.148'. [ 264.902229][ T6374] netlink: 56 bytes leftover after parsing attributes in process `syz.1.148'. [ 265.071120][ T6184] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 265.157983][ T6184] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 265.297485][ T4515] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.370026][ T4515] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.458344][ T4515] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.487551][ T4515] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.622362][ T5795] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 266.237002][ T6392] loop0: detected capacity change from 0 to 2048 [ 266.327106][ T6392] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 266.350789][ T6395] block nbd0: server does not support multiple connections per device. [ 266.364895][ T6395] block nbd0: shutting down sockets [ 266.451944][ T6392] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 267.498149][ T6409] warning: `syz.4.158' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 267.704320][ T6411] loop0: detected capacity change from 0 to 512 [ 267.877409][ T6411] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 267.891746][ T6411] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 268.061102][ T6418] loop3: detected capacity change from 0 to 16 [ 268.142656][ T6418] erofs (device loop3): mounted with root inode @ nid 36. [ 268.281550][ T30] audit: type=1800 audit(1760138770.905:2): pid=6418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.159" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 268.559663][ T5796] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 269.273584][ T6435] loop3: detected capacity change from 0 to 1024 [ 269.343442][ T6435] EXT4-fs: Ignoring removed nomblk_io_submit option [ 269.505080][ T6435] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 269.536735][ T6435] System zones: 0-1, 3-36 [ 269.604595][ T6435] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.243229][ T5804] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.167018][ T14] Bluetooth: hci5: Frame reassembly failed (-84) [ 272.849611][ T6471] loop3: detected capacity change from 0 to 32768 [ 272.926482][ T6471] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 273.156875][ T6471] XFS (loop3): Ending clean mount [ 273.172407][ T6471] XFS (loop3): Quotacheck needed: Please wait. [ 273.212822][ T5812] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 273.215493][ T5801] Bluetooth: hci5: command 0x1003 tx timeout [ 273.275714][ T6471] XFS (loop3): Quotacheck: Done. [ 273.286792][ T6471] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 273.809723][ T6493] loop4: detected capacity change from 0 to 128 [ 273.904815][ T6493] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 274.084667][ T6493] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 274.252658][ T6493] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only [ 274.263165][ T6493] overlayfs: failed to get uuid (/file0, err=-95); falling back to uuid=null. [ 274.866407][ T4934] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.874780][ T4934] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.383181][ T3593] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.391440][ T3593] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.171617][ T1725] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 276.534484][ T1725] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 276.544400][ T1725] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.559078][ T1725] usb 4-1: Product: syz [ 276.563779][ T1725] usb 4-1: Manufacturer: syz [ 276.568569][ T1725] usb 4-1: SerialNumber: syz [ 276.650528][ T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 276.724088][ T1725] usb 4-1: config 0 descriptor?? [ 276.830723][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 276.879419][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 276.891168][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 276.901465][ T9] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 276.916289][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.038279][ T11] usb 4-1: USB disconnect, device number 2 [ 277.083766][ T9] usb 3-1: config 0 descriptor?? [ 277.161644][ T9] hub 3-1:0.0: USB hub found [ 277.362012][ T9] hub 3-1:0.0: 1 port detected [ 277.561483][ T9] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 277.568106][ T9] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 277.675893][ T9] usbhid 3-1:0.0: can't add hid device: -71 [ 277.682813][ T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 277.742282][ T9] usb 3-1: USB disconnect, device number 3 [ 277.976272][ T5986] udevd[5986]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 278.771452][ T30] audit: type=1326 audit(1760138781.395:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6545 comm="syz.3.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9e4d8eec9 code=0x7ffc0000 [ 278.853723][ T30] audit: type=1326 audit(1760138781.455:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6545 comm="syz.3.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7ff9e4d8eec9 code=0x7ffc0000 [ 278.877860][ T30] audit: type=1326 audit(1760138781.455:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6545 comm="syz.3.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9e4d8eec9 code=0x7ffc0000 [ 279.717929][ T6561] process 'syz.1.202' launched '/dev/fd/4' with NULL argv: empty string added [ 280.260931][ T6568] loop2: detected capacity change from 0 to 128 [ 280.438852][ T6568] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 280.469465][ T6568] ext4 filesystem being mounted at /3/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 280.751091][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 280.973853][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 281.020891][ T6184] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 281.032056][ T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 281.045446][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 281.149883][ T9] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 281.159441][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.168764][ T9] usb 2-1: Product: syz [ 281.173490][ T9] usb 2-1: Manufacturer: syz [ 281.178299][ T9] usb 2-1: SerialNumber: syz [ 281.294944][ T9] usb 2-1: config 0 descriptor?? [ 281.372113][ T9] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 281.381836][ T9] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 282.017105][ T9] em28xx 2-1:0.0: chip ID is em2874 [ 282.272709][ T9] usb 2-1: USB disconnect, device number 3 [ 282.337597][ T9] em28xx 2-1:0.0: Disconnecting em28xx [ 282.366176][ T9] em28xx 2-1:0.0: Freeing device [ 282.676074][ T6587] loop3: detected capacity change from 0 to 4096 [ 283.294061][ T6587] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 283.622975][ T6603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.221'. [ 285.156800][ T6623] loop4: detected capacity change from 0 to 64 [ 285.343396][ T6617] loop0: detected capacity change from 0 to 4096 [ 285.774699][ T6617] ntfs3(loop0): Failed to initialize $Extend/$ObjId. [ 285.961315][ T30] audit: type=1800 audit(1760138788.555:6): pid=6617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.227" name="file1" dev="loop0" ino=30 res=0 errno=0 [ 285.981862][ C1] vkms_vblank_simulate: vblank timer overrun [ 285.992970][ T6617] ntfs3(loop0): ino=1e, "file1" attr_set_size [ 286.016727][ T6615] ntfs3(loop0): ino=1e, "file1" attr_set_size [ 286.517941][ T6632] loop2: detected capacity change from 0 to 2048 [ 286.594624][ T6627] loop3: detected capacity change from 0 to 4096 [ 286.822547][ T6635] loop8: detected capacity change from 0 to 1 [ 286.886469][ T6635] Dev loop8: unable to read RDB block 1 [ 286.893153][ T6635] loop8: unable to read partition table [ 286.921836][ T6635] loop8: partition table beyond EOD, truncated [ 286.928406][ T6635] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 287.182664][ T6638] netlink: 52 bytes leftover after parsing attributes in process `syz.0.236'. [ 287.741967][ T4934] ntfs3(loop3): ino=5, mi_enum_attr [ 288.437789][ T6642] loop2: detected capacity change from 0 to 32768 [ 288.448198][ T6642] btrfs: Deprecated parameter 'usebackuproot' [ 288.454736][ T6642] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 288.498702][ T6642] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.238 (6642) [ 288.528088][ T6642] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 288.539270][ T6642] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm [ 288.548675][ T6642] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 289.054687][ T12] BTRFS warning (device loop2): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x32f839c6 level 0 [ 289.068811][ T6642] BTRFS warning (device loop2): couldn't read tree root [ 289.076139][ T6642] BTRFS warning (device loop2): try to load backup roots slot 1 [ 289.204803][ T3529] BTRFS warning (device loop2): checksum verify failed on logical 5316608 mirror 1 wanted 0x5387c9d6 found 0xc5289bf1 level 0 [ 289.219456][ T6642] BTRFS error (device loop2): failed to load root extent [ 289.227090][ T6642] BTRFS warning (device loop2): try to load backup roots slot 2 [ 289.328505][ T3529] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 289.339781][ T6642] BTRFS warning (device loop2): couldn't read tree root [ 289.347142][ T6642] BTRFS warning (device loop2): try to load backup roots slot 3 [ 289.452822][ T6642] BTRFS info (device loop2): rebuilding free space tree [ 289.535368][ T6642] BTRFS info (device loop2): disabling free space tree [ 289.542769][ T6642] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 289.556131][ T6642] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 289.582445][ T6642] BTRFS info (device loop2): allowing degraded mounts [ 289.586364][ T6668] loop3: detected capacity change from 0 to 512 [ 289.589443][ T6642] BTRFS info (device loop2): enabling ssd optimizations [ 289.589560][ T6642] BTRFS info (device loop2): turning off barriers [ 289.616410][ T6642] BTRFS info (device loop2): enabling disk space caching [ 289.623910][ T6642] BTRFS info (device loop2): force clearing of disk cache [ 289.631397][ T6642] BTRFS info (device loop2): trying to use backup root at mount time [ 289.639709][ T6642] BTRFS info (device loop2): use zlib compression, level 3 [ 289.666712][ T6668] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 289.694813][ T6668] EXT4-fs (loop3): invalid journal inode [ 289.701240][ T6668] EXT4-fs (loop3): can't get journal size [ 289.801269][ T6184] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 289.871882][ T6668] EXT4-fs (loop3): 1 truncate cleaned up [ 289.879912][ T6668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.029497][ T6674] loop4: detected capacity change from 0 to 512 [ 290.184022][ T6668] EXT4-fs warning (device loop3): ext4_group_add:1736: No reserved GDT blocks, can't resize [ 290.773041][ T5804] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.506453][ T6686] loop4: detected capacity change from 0 to 2048 [ 291.628723][ T6686] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 291.900870][ T6693] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 291.912719][ T5971] udevd[5971]: incorrect nilfs2 checksum on /dev/loop4 [ 292.406384][ T6686] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=15) [ 292.545481][ T6686] Remounting filesystem read-only [ 292.566851][ T6686] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 3044605952 [ 292.581744][ T6686] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=15) [ 292.593014][ T6686] NILFS (loop4): error -5 truncating bmap (ino=15) [ 293.105698][ T1725] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 293.190840][ T6698] loop3: detected capacity change from 0 to 32768 [ 293.342084][ T6705] loop0: detected capacity change from 0 to 256 [ 293.380931][ T1725] usb 3-1: Using ep0 maxpacket: 32 [ 293.446487][ T1725] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 293.456343][ T1725] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.587710][ T1725] usb 3-1: config 0 descriptor?? [ 293.625317][ T6705] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 293.832296][ T5799] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 293.943280][ T1725] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 293.994411][ T1725] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 294.115282][ T1725] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 294.124635][ T1725] usb 3-1: media controller created [ 294.278048][ T1725] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 294.471064][ T9] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 294.711324][ T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 294.728063][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 294.781860][ T1725] az6027: usb out operation failed. (-71) [ 294.841559][ T1725] az6027: usb out operation failed. (-71) [ 294.847773][ T1725] stb0899_attach: Driver disabled by Kconfig [ 294.854217][ T1725] az6027: no front-end attached [ 294.854217][ T1725] [ 294.859451][ T9] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 294.871271][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.879626][ T9] usb 4-1: Product: syz [ 294.884205][ T9] usb 4-1: Manufacturer: syz [ 294.888971][ T9] usb 4-1: SerialNumber: syz [ 295.038675][ T1725] az6027: usb out operation failed. (-71) [ 295.045095][ T1725] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 295.056828][ T1725] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input6 [ 295.282158][ T9] usb 4-1: 0:2 : does not exist [ 295.319388][ T1725] dvb-usb: schedule remote query interval to 400 msecs. [ 295.327112][ T1725] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 295.377363][ T9] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 295.505171][ T1725] usb 3-1: USB disconnect, device number 4 [ 295.842092][ T9] usb 4-1: USB disconnect, device number 3 [ 296.218494][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.225446][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 296.371334][ T1725] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 297.082914][ T5971] udevd[5971]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 297.462238][ T6735] vivid-003: disconnect [ 297.572510][ T6737] loop0: detected capacity change from 0 to 1024 [ 297.622976][ T6733] vivid-003: reconnect [ 297.903470][ T6737] hfsplus: b-tree write err: -5, ino 3 [ 298.473622][ T3593] hfsplus: b-tree write err: -5, ino 3 [ 298.638175][ T6746] netlink: 4 bytes leftover after parsing attributes in process `syz.3.276'. [ 299.900612][ T6752] loop0: detected capacity change from 0 to 32768 [ 299.972435][ T6752] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.278 (6752) [ 300.007217][ T6752] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 300.017788][ T6752] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 300.511581][ T6752] BTRFS info (device loop0): enabling ssd optimizations [ 300.519016][ T6752] BTRFS info (device loop0): enabling free space tree [ 300.875264][ T5796] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 300.955204][ T6784] random: crng reseeded on system resumption [ 301.185872][ T6784] Restarting kernel threads ... [ 301.230666][ T6784] Done restarting kernel threads. [ 304.001773][ T6823] netlink: 36 bytes leftover after parsing attributes in process `syz.3.301'. [ 304.241126][ T1725] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 304.442065][ T6827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.303'. [ 304.501992][ T1725] usb 3-1: Using ep0 maxpacket: 16 [ 304.548557][ T1725] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 304.565937][ T1725] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 304.600943][ T6827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.303'. [ 304.684584][ T1725] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 304.694437][ T1725] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 304.705363][ T1725] usb 3-1: Product: syz [ 304.709730][ T1725] usb 3-1: Manufacturer: syz [ 304.714662][ T1725] usb 3-1: SerialNumber: syz [ 304.793674][ T1725] usb 3-1: config 0 descriptor?? [ 304.874446][ T1725] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 304.884231][ T1725] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 305.407788][ T6837] loop4: detected capacity change from 0 to 256 [ 305.419027][ T6837] exfat: Deprecated parameter 'namecase' [ 305.436733][ T1725] em28xx 3-1:0.0: chip ID is em2870 [ 305.604206][ T6837] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf4419509, utbl_chksum : 0xe619d30d) [ 305.651316][ T9] usb 3-1: USB disconnect, device number 5 [ 305.659413][ T9] em28xx 3-1:0.0: Disconnecting em28xx [ 305.748811][ T9] em28xx 3-1:0.0: Freeing device [ 306.076279][ T6843] netlink: 'syz.3.311': attribute type 1 has an invalid length. [ 306.865014][ T6849] loop4: detected capacity change from 0 to 64 [ 307.252669][ T6848] nbd0: detected capacity change from 0 to 127 [ 307.315944][ T5801] block nbd0: Receive control failed (result -104) [ 307.329616][ T5812] block nbd0: Receive control failed (result -32) [ 308.964615][ T6876] netlink: 'syz.1.326': attribute type 3 has an invalid length. [ 309.884283][ T6890] netlink: 16 bytes leftover after parsing attributes in process `syz.2.332'. [ 309.893772][ T6890] openvswitch: netlink: Missing key (keys=40, expected=100) [ 310.361172][ T9] kernel write not supported for file /binder/transaction_log (pid: 9 comm: kworker/0:0) [ 311.303362][ T6908] loop4: detected capacity change from 0 to 1024 [ 311.759139][ T12] hfsplus: b-tree write err: -5, ino 4 [ 311.771824][ T5852] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 311.845499][ T6916] loop0: detected capacity change from 0 to 2048 [ 311.919220][ T6919] loop2: detected capacity change from 0 to 128 [ 312.027506][ T5852] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 312.039428][ T6916] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 312.043290][ T5852] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.063852][ T5852] usb 4-1: Product: syz [ 312.068226][ T5852] usb 4-1: Manufacturer: syz [ 312.073254][ T5852] usb 4-1: SerialNumber: syz [ 312.147541][ T6919] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 312.161817][ T6919] ext4 filesystem being mounted at /31/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 312.186380][ T5852] usb 4-1: config 0 descriptor?? [ 312.295776][ T6916] EXT4-fs error (device loop0): ext4_lookup:1787: inode #16: comm syz.0.345: iget: bad i_size value: 8796093031208 [ 312.319419][ T30] audit: type=1800 audit(1760138814.925:7): pid=6919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.346" name="file1" dev="loop2" ino=12 res=0 errno=0 [ 312.377922][ T6927] EXT4-fs warning (device loop0): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed [ 312.599210][ T9] usb 4-1: USB disconnect, device number 4 [ 312.692973][ T6184] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 312.845435][ T5796] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 314.649270][ T6946] loop3: detected capacity change from 0 to 4096 [ 314.857244][ T6951] udevd[6951]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 315.221393][ T6961] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 316.456787][ T6969] loop0: detected capacity change from 0 to 256 [ 316.545210][ T6969] exfat: Deprecated parameter 'namecase' [ 316.761527][ T6969] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 317.488507][ T6982] program syz.4.373 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 318.370572][ T1725] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 318.591412][ T1725] usb 5-1: Using ep0 maxpacket: 32 [ 318.619153][ T1725] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 318.673695][ T1725] usb 5-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39 [ 318.683721][ T1725] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.696336][ T1725] usb 5-1: Product: syz [ 318.702424][ T1725] usb 5-1: Manufacturer: syz [ 318.707249][ T1725] usb 5-1: SerialNumber: syz [ 318.783840][ T1725] usb 5-1: config 0 descriptor?? [ 318.841191][ T1725] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b [ 318.917406][ T5852] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 319.361337][ T5852] usb 4-1: Using ep0 maxpacket: 16 [ 319.482056][ T5852] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 319.491816][ T5852] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 319.500472][ T5852] usb 4-1: Product: syz [ 319.509264][ T5852] usb 4-1: Manufacturer: syz [ 319.515821][ T5852] usb 4-1: SerialNumber: syz [ 319.636401][ T5852] usb 4-1: config 0 descriptor?? [ 319.691597][ T1725] gspca_pac7302: reg_w() failed i: 78 v: 40 error -71 [ 319.698922][ T1725] gspca_pac7302 5-1:0.0: probe with driver gspca_pac7302 failed with error -71 [ 319.740071][ T1725] usb 5-1: USB disconnect, device number 3 [ 319.910298][ T5852] usb 4-1: USB disconnect, device number 5 [ 320.214666][ T5971] udevd[5971]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 320.317750][ T7012] loop0: detected capacity change from 0 to 1024 [ 320.340831][ T7014] loop2: detected capacity change from 0 to 512 [ 320.391894][ T7014] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 320.406060][ T7014] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 320.508427][ T7014] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.387: Invalid block bitmap block 0 in block_group 0 [ 320.650738][ T7014] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 320.726183][ T7014] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.387: attempt to clear invalid blocks 983261 len 1 [ 320.844220][ T7014] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.387: Invalid inode table block 0 in block_group 0 [ 320.955661][ T7014] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6305: Corrupt filesystem [ 320.996988][ T7014] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 321.019287][ T7014] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.387: Invalid inode table block 0 in block_group 0 [ 321.031825][ T7020] sch_fq: defrate 0 ignored. [ 321.052451][ T4934] hfsplus: b-tree write err: -5, ino 4 [ 321.069442][ T7014] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6305: Corrupt filesystem [ 321.111947][ T7014] EXT4-fs error (device loop2): ext4_truncate:4637: inode #11: comm syz.2.387: mark_inode_dirty error [ 321.172854][ T7014] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 321.216605][ T7014] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.387: Invalid inode table block 0 in block_group 0 [ 321.280848][ T7014] EXT4-fs (loop2): 1 truncate cleaned up [ 321.288852][ T7014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.496508][ T7014] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 321.561273][ T7024] loop0: detected capacity change from 0 to 1024 [ 321.774857][ T7024] hfsplus: invalid extended attribute record [ 322.093266][ T6184] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.210771][ T14] hfsplus: b-tree write err: -5, ino 4 [ 322.649364][ T7038] loop1: detected capacity change from 0 to 128 [ 322.708016][ T7038] EXT4-fs (loop1): Test dummy encryption mode enabled [ 322.863641][ T7038] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 322.922393][ T7038] ext4 filesystem being mounted at /89/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 322.991701][ T7044] loop3: detected capacity change from 0 to 128 [ 323.393147][ T5795] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 323.946209][ T7057] netlink: 108 bytes leftover after parsing attributes in process `syz.3.404'. [ 324.250718][ T5852] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 324.450767][ T5852] usb 5-1: Using ep0 maxpacket: 16 [ 324.469290][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0 [ 324.476745][ T5852] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 324.486356][ T5852] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.587339][ T5852] usb 5-1: config 0 descriptor?? [ 326.015029][ T5852] hid (null): global environment stack underflow [ 326.021764][ T5852] hid (null): report_id 0 is invalid [ 326.027371][ T5852] hid (null): report_id 0 is invalid [ 326.033281][ T5852] hid (null): unknown global tag 0xd [ 326.038880][ T5852] hid (null): invalid report_size 15511 [ 326.045266][ T5852] hid (null): invalid report_size 55705 [ 326.051221][ T5852] hid (null): unknown global tag 0xd [ 326.064036][ T5852] hid (null): unknown global tag 0xe [ 326.069656][ T5852] hid (null): invalid report_count 1354669020 [ 326.246318][ T7075] loop1: detected capacity change from 0 to 512 [ 326.362664][ T5852] usb 5-1: USB disconnect, device number 4 [ 326.385264][ T7075] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 326.586562][ T7077] loop2: detected capacity change from 0 to 512 [ 327.278261][ T7084] loop0: detected capacity change from 0 to 256 [ 328.058901][ T7091] loop3: detected capacity change from 0 to 4096 [ 328.113680][ T7091] NILFS (loop3): bad btree root (ino=6): level = 0, flags = 0x9, nchildren = 0 [ 328.123161][ T7091] NILFS (loop3): ifile inode (checkpoint number=2) corrupted [ 328.131248][ T7091] NILFS (loop3): error -5 while loading last checkpoint (checkpoint number=2) [ 328.419752][ T7093] loop1: detected capacity change from 0 to 512 [ 328.465335][ T7093] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 328.640977][ T7097] netlink: 12 bytes leftover after parsing attributes in process `syz.4.424'. [ 328.718217][ T7093] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 328.762592][ T5852] kernel write not supported for file /amidi2 (pid: 5852 comm: kworker/1:3) [ 328.973937][ T5803] Bluetooth: hci2: command 0x0406 tx timeout [ 328.974154][ T5806] Bluetooth: hci1: command 0x0406 tx timeout [ 328.981182][ T5803] Bluetooth: hci3: command 0x0406 tx timeout [ 328.981303][ T5803] Bluetooth: hci4: command 0x0406 tx timeout [ 329.115804][ T9] kernel write not supported for file /108/coredump_filter (pid: 9 comm: kworker/0:0) [ 330.289768][ T7115] netlink: 56 bytes leftover after parsing attributes in process `syz.1.431'. [ 331.515135][ T7130] netlink: 28 bytes leftover after parsing attributes in process `syz.2.437'. [ 331.524965][ T7130] netlink: 28 bytes leftover after parsing attributes in process `syz.2.437'. [ 333.097930][ T7142] loop4: detected capacity change from 0 to 8 [ 333.420546][ T7144] loop1: detected capacity change from 0 to 1024 [ 333.522529][ T7144] EXT4-fs: Ignoring removed i_version option [ 333.528767][ T7144] EXT4-fs: Ignoring removed oldalloc option [ 333.630888][ T7144] EXT4-fs (loop1): unsupported descriptor size 0 [ 333.820857][ T30] audit: type=1326 audit(1760138836.435:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7143 comm="syz.1.444" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55c018eec9 code=0x0 [ 334.588202][ T7156] loop2: detected capacity change from 0 to 64 [ 335.719504][ T7164] loop1: detected capacity change from 0 to 1024 [ 336.284224][ T4515] hfsplus: b-tree write err: -5, ino 4 [ 337.003992][ T7176] loop2: detected capacity change from 0 to 256 [ 337.052086][ T7176] exfat: Deprecated parameter 'utf8' [ 337.235972][ T7176] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 337.442810][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 337.635073][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 337.646444][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 337.657274][ T9] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 337.667246][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 337.763657][ T9] usb 5-1: config 0 descriptor?? [ 337.772733][ T97] block nbd0: Connection timed out, retrying (0/2 alive) [ 337.781459][ T97] block nbd0: Connection timed out, retrying (0/2 alive) [ 337.788756][ T97] block nbd0: Connection timed out, retrying (0/2 alive) [ 337.797196][ T97] block nbd0: Connection timed out, retrying (0/2 alive) [ 337.807474][ T6651] block nbd0: Dead connection, failed to find a fallback [ 337.815295][ T6651] block nbd0: shutting down sockets [ 337.820936][ T6651] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.830374][ T6651] Buffer I/O error on dev nbd0, logical block 3, async page read [ 337.843605][ T6651] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.854574][ T6651] Buffer I/O error on dev nbd0, logical block 2, async page read [ 337.862986][ T6651] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.872546][ T6651] Buffer I/O error on dev nbd0, logical block 1, async page read [ 337.880719][ T6651] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.889979][ T6651] Buffer I/O error on dev nbd0, logical block 0, async page read [ 337.899141][ T5998] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.908621][ T5998] Buffer I/O error on dev nbd0, logical block 0, async page read [ 337.916992][ T5998] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.926390][ T5998] Buffer I/O error on dev nbd0, logical block 1, async page read [ 337.940588][ T5998] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.949965][ T5998] Buffer I/O error on dev nbd0, logical block 2, async page read [ 337.960253][ T5998] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.969511][ T5998] Buffer I/O error on dev nbd0, logical block 3, async page read [ 337.977963][ T5998] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 337.987388][ T5998] Buffer I/O error on dev nbd0, logical block 0, async page read [ 337.995884][ T5998] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 338.005418][ T5998] Buffer I/O error on dev nbd0, logical block 1, async page read [ 338.017441][ T5998] ldm_validate_partition_table(): Disk read failed. [ 338.027188][ T5998] Dev nbd0: unable to read RDB block 0 [ 338.035995][ T5998] nbd0: unable to read partition table [ 338.085053][ T5998] ldm_validate_partition_table(): Disk read failed. [ 338.094897][ T5998] Dev nbd0: unable to read RDB block 0 [ 338.103540][ T5998] nbd0: unable to read partition table [ 338.305196][ T7065] ldm_validate_partition_table(): Disk read failed. [ 338.314940][ T7065] Dev nbd0: unable to read RDB block 0 [ 338.323832][ T7065] nbd0: unable to read partition table [ 338.387085][ T7187] loop0: detected capacity change from 0 to 64 [ 338.403777][ T7065] ldm_validate_partition_table(): Disk read failed. [ 338.413810][ T7065] Dev nbd0: unable to read RDB block 0 [ 338.422493][ T7065] nbd0: unable to read partition table [ 338.474242][ T9] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 338.481880][ T9] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 338.489210][ T9] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 338.496999][ T9] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 338.504393][ T9] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 338.511777][ T9] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 338.518997][ T9] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 338.645600][ T7187] hfs: bad catalog entry type 65535 [ 338.767759][ T9] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0 [ 338.852971][ T9] cp2112 0003:10C4:EA90.0002: Part Number: 0x76 Device Version: 0x64 [ 339.145619][ T9] cp2112 0003:10C4:EA90.0002: error requesting SMBus config [ 339.215469][ T9] cp2112 0003:10C4:EA90.0002: probe with driver cp2112 failed with error -71 [ 339.330740][ T9] usb 5-1: USB disconnect, device number 5 [ 339.439863][ T7192] loop2: detected capacity change from 0 to 512 [ 339.477402][ T7192] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 339.821923][ T7196] loop1: detected capacity change from 0 to 256 [ 339.866610][ T7188] fido_id[7188]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 340.139144][ T7196] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d) [ 340.387813][ T30] audit: type=1800 audit(1760138842.975:9): pid=7196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.468" name="bus" dev="loop1" ino=1048636 res=0 errno=0 [ 340.657526][ T7199] loop2: detected capacity change from 0 to 128 [ 340.964072][ T7199] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 341.046693][ T7195] loop0: detected capacity change from 0 to 32768 [ 341.076061][ T7199] ext4 filesystem being mounted at /61/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 341.084746][ T7195] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 341.094858][ T7195] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 341.175447][ T7195] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 1ms [ 341.205424][ T5852] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 341.216658][ T5852] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 341.722865][ T6184] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 342.092604][ T7215] loop1: detected capacity change from 0 to 128 [ 342.179720][ T7215] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 342.206466][ T7218] netlink: 56 bytes leftover after parsing attributes in process `syz.2.473'. [ 342.215914][ T7218] netlink: 56 bytes leftover after parsing attributes in process `syz.2.473'. [ 342.227042][ T7215] ext4 filesystem being mounted at /106/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 342.313067][ T5852] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 1096ms [ 342.321973][ T5852] gfs2: fsid=syz:syz.0: jid=0: Done [ 342.327507][ T7195] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 342.408492][ T7195] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 342.418668][ T7195] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 12 2341, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 590 [ 342.435247][ T7195] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:aqo t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 342.451154][ T7195] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:7195 [syz.0.467] __gfs2_lookup+0x57/0x430 [ 342.461308][ T7195] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 342.470250][ T7195] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 342.477660][ T7195] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 342.486806][ T7195] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 342.496570][ T7195] gfs2: fsid=syz:syz.0: File system withdrawn [ 342.503006][ T7195] CPU: 1 UID: 0 PID: 7195 Comm: syz.0.467 Not tainted syzkaller #0 PREEMPT(none) [ 342.503160][ T7195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 342.503266][ T7195] Call Trace: [ 342.503331][ T7195] [ 342.503399][ T7195] __dump_stack+0x26/0x30 [ 342.503584][ T7195] dump_stack_lvl+0x1df/0x270 [ 342.503791][ T7195] dump_stack+0x1e/0x25 [ 342.503956][ T7195] gfs2_withdraw+0x1ec1/0x2020 [ 342.504214][ T7195] gfs2_consist_inode_i+0x1a9/0x240 [ 342.504426][ T7195] gfs2_dirent_scan+0xbbc/0xd80 [ 342.504616][ T7195] ? __pfx_gfs2_dirent_find+0x10/0x10 [ 342.504854][ T7195] gfs2_dirent_search+0x336/0xc00 [ 342.505052][ T7195] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 342.505246][ T7195] ? __pfx_gfs2_dirent_find+0x10/0x10 [ 342.505463][ T7195] gfs2_dir_search+0x67/0x420 [ 342.505675][ T7195] gfs2_lookupi+0x67a/0x990 [ 342.505873][ T7195] ? __gfs2_lookup+0x57/0x430 [ 342.506134][ T7195] __gfs2_lookup+0x57/0x430 [ 342.506342][ T7195] ? _raw_spin_unlock+0x30/0x50 [ 342.506554][ T7195] ? kmsan_get_metadata+0xfb/0x160 [ 342.506757][ T7195] gfs2_lookup+0x38/0x50 [ 342.506950][ T7195] ? __pfx_gfs2_lookup+0x10/0x10 [ 342.507154][ T7195] lookup_one_qstr_excl+0x23c/0x7a0 [ 342.507368][ T7195] ? kmsan_get_metadata+0xfb/0x160 [ 342.507600][ T7195] filename_create+0x2cb/0x590 [ 342.507792][ T7195] do_mkdirat+0x66/0xf30 [ 342.507943][ T7195] ? getname_flags+0x5f4/0xac0 [ 342.508181][ T7195] __x64_sys_mkdirat+0xc1/0x140 [ 342.508362][ T7195] x64_sys_call+0x338/0x3e30 [ 342.508560][ T7195] do_syscall_64+0xd9/0x210 [ 342.508728][ T7195] ? irqentry_exit+0x16/0x60 [ 342.508866][ T7195] ? clear_bhb_loop+0x40/0x90 [ 342.509043][ T7195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.509222][ T7195] RIP: 0033:0x7f899fd8eec9 [ 342.509387][ T7195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.509515][ T7195] RSP: 002b:00007f89a0c28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 342.509661][ T7195] RAX: ffffffffffffffda RBX: 00007f899ffe5fa0 RCX: 00007f899fd8eec9 [ 342.509770][ T7195] RDX: 000000000000017d RSI: 0000200000000000 RDI: ffffffffffffff9c [ 342.509875][ T7195] RBP: 00007f899fe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 342.509970][ T7195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.510073][ T7195] R13: 00007f899ffe6038 R14: 00007f899ffe5fa0 R15: 00007ffff23566c8 [ 342.510215][ T7195] [ 342.912613][ T7222] loop4: detected capacity change from 0 to 2048 [ 343.224201][ T5795] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 343.240376][ T7222] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.475: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 343.312367][ T7222] EXT4-fs (loop4): get root inode failed [ 343.318266][ T7222] EXT4-fs (loop4): mount failed [ 344.345524][ T7233] loop2: detected capacity change from 0 to 128 [ 344.505888][ T7233] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 344.585767][ T7233] hpfs: filesystem error: improperly stopped [ 344.597299][ T7233] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 344.609881][ T7233] hpfs: You really don't want any checks? You are crazy... [ 344.660874][ T7233] hpfs: hpfs_map_sector(): read error [ 344.666459][ T7233] hpfs: code page support is disabled [ 344.674144][ T7233] hpfs: hpfs_map_4sectors(): unaligned read [ 344.684021][ T7233] hpfs: hpfs_map_4sectors(): unaligned read [ 344.690717][ T7233] hpfs: filesystem error: unable to find root dir [ 345.084222][ T7233] hpfs: hpfs_map_4sectors(): unaligned read [ 345.538584][ T7237] loop1: detected capacity change from 0 to 32768 [ 345.603385][ T7237] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 346.097055][ T7237] XFS (loop1): Ending clean mount [ 346.242223][ T7237] XFS (loop1): Quotacheck needed: Please wait. [ 346.259864][ T4934] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0xaf/0x2d0, xfs_bnobt block 0x8 [ 346.271811][ T4934] XFS (loop1): Unmount and run xfs_repair [ 346.277738][ T4934] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 346.285576][ T4934] 00000000: 41 42 33 42 00 00 00 03 ff ff ff ff ff ff ff ff AB3B............ [ 346.295511][ T4934] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10 ................ [ 346.304799][ T4934] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 346.314038][ T4934] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02 ......1....N.... [ 346.323382][ T4934] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00 ...`............ [ 346.339407][ T4934] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 346.350418][ T4934] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 346.359475][ T4934] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 346.368809][ T4934] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x33d/0x5f0" at daddr 0x8 len 8 error 74 [ 346.432810][ T7251] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 346.439607][ T7251] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 346.451753][ T7251] vhci_hcd vhci_hcd.0: Device attached [ 346.566342][ T7252] loop2: detected capacity change from 0 to 512 [ 346.674864][ T7252] EXT4-fs (loop2): orphan cleanup on readonly fs [ 346.702925][ T7252] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.483: EA inode hash validation failed [ 346.716573][ T7252] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 346.731429][ T7252] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #15: comm syz.2.483: corrupted inode contents [ 346.764797][ T7237] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 346.774946][ T7237] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 346.792033][ T7252] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #15: comm syz.2.483: mark_inode_dirty error [ 346.825415][ T7237] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair. [ 346.840468][ T9] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 346.884502][ T7252] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #15: comm syz.2.483: corrupted inode contents [ 346.941164][ T7252] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.483: mark_inode_dirty error [ 346.954308][ T5852] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 347.085249][ T7252] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.483: mark inode dirty (error -117) [ 347.105637][ T7258] loop4: detected capacity change from 0 to 22 [ 347.120047][ T7258] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 347.167269][ T7252] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117) [ 347.177122][ T7252] EXT4-fs (loop2): 1 orphan inode deleted [ 347.185661][ T5852] usb 1-1: Using ep0 maxpacket: 16 [ 347.242404][ T5852] usb 1-1: config 0 has no interfaces? [ 347.250465][ T5852] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 347.264287][ T5852] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.319786][ T7252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 347.323242][ T5852] usb 1-1: config 0 descriptor?? [ 347.585212][ T7253] usb 33-1: recv xbuf, 0 [ 347.592060][ T5852] usb 1-1: USB disconnect, device number 3 [ 347.602318][ T5075] vhci_hcd: stop threads [ 347.606757][ T5075] vhci_hcd: release socket [ 347.611758][ T5075] vhci_hcd: disconnect device [ 347.660961][ T9] vhci_hcd: vhci_device speed not set [ 347.859828][ T6184] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.724467][ T7266] loop2: detected capacity change from 0 to 1764 [ 349.024184][ T7270] loop1: detected capacity change from 0 to 128 [ 349.279989][ T7270] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 349.361617][ T7270] ext4 filesystem being mounted at /111/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 349.731041][ T7276] netlink: 8 bytes leftover after parsing attributes in process `syz.2.492'. [ 350.012660][ T5795] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 351.527016][ T50] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 351.537807][ T50] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 351.548421][ T50] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 351.576553][ T50] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 351.578160][ T7298] loop0: detected capacity change from 0 to 1024 [ 351.613156][ T50] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 351.689894][ T7298] hfsplus: Unknown parameter '0x00000000000000000xffffffffffffffff0xffffffffffffffffbDm!łe$KBMHc~ .<(+6aFtpH! {XV[@Όn' [ 352.090930][ T5852] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 352.353669][ T5852] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 352.362421][ T5852] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 352.371519][ T5852] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 352.385113][ T5852] usb 1-1: config 1 has no interface number 0 [ 352.392873][ T5852] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 352.404954][ T5852] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 352.418320][ T5852] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 352.427854][ T5852] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 352.621772][ T7305] loop2: detected capacity change from 0 to 256 [ 352.638583][ T5852] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 352.646997][ T7308] loop1: detected capacity change from 0 to 128 [ 352.661454][ T7308] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 352.692744][ T7308] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 352.952552][ T7305] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x76936814, utbl_chksum : 0xe619d30d) [ 353.219402][ T5852] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [ 353.305337][ T3593] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 353.617101][ T9] usb 1-1: USB disconnect, device number 4 [ 353.626008][ T9] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 353.690748][ T50] Bluetooth: hci5: command tx timeout [ 354.027874][ T7299] chnl_net:caif_netlink_parms(): no params data found [ 354.081525][ T11] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 354.329938][ T11] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 354.341476][ T11] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 354.351749][ T11] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 354.361309][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.531332][ T11] usb 5-1: config 0 descriptor?? [ 355.019138][ T11] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 355.027275][ T11] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 355.036157][ T11] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 355.051339][ T11] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 355.061386][ T11] playstation 0003:054C:0DF2.0003: unknown main item tag 0x0 [ 355.098970][ T11] playstation 0003:054C:0DF2.0003: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.4-1/input0 [ 355.216033][ T11] playstation 0003:054C:0DF2.0003: Invalid reportID received, expected 9 got 0 [ 355.225678][ T11] playstation 0003:054C:0DF2.0003: Failed to retrieve DualSense pairing info: -22 [ 355.235551][ T11] playstation 0003:054C:0DF2.0003: Failed to get MAC address from DualSense [ 355.252350][ T11] playstation 0003:054C:0DF2.0003: Failed to create dualsense. [ 355.421802][ T11] playstation 0003:054C:0DF2.0003: probe with driver playstation failed with error -22 [ 355.519799][ T7330] netlink: 200 bytes leftover after parsing attributes in process `syz.2.511'. [ 355.531055][ T11] usb 5-1: USB disconnect, device number 6 [ 355.701024][ T5852] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 355.770393][ T50] Bluetooth: hci5: command tx timeout [ 355.867250][ T7327] fido_id[7327]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 355.921879][ T5852] usb 2-1: Using ep0 maxpacket: 8 [ 355.970918][ T5852] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 355.982490][ T5852] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 355.994943][ T5852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 356.006205][ T5852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 356.022212][ T5852] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 356.124085][ T5852] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 356.134042][ T5852] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 356.142568][ T5852] usb 2-1: Product: syz [ 356.146942][ T5852] usb 2-1: Manufacturer: syz [ 356.152010][ T5852] usb 2-1: SerialNumber: syz [ 356.177078][ T5852] usb 2-1: config 0 descriptor?? [ 356.411036][ T5852] radio-si470x 2-1:0.0: DeviceID=0x6465 ChipID=0x7669 [ 356.608750][ T5852] radio-si470x 2-1:0.0: software version 100, hardware version 101 [ 356.648225][ T7299] bridge0: port 1(bridge_slave_0) entered blocking state [ 356.656493][ T7299] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.665794][ T7299] bridge_slave_0: entered allmulticast mode [ 356.683253][ T7299] bridge_slave_0: entered promiscuous mode [ 356.788963][ T7299] bridge0: port 2(bridge_slave_1) entered blocking state [ 356.796893][ T7299] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.805951][ T7299] bridge_slave_1: entered allmulticast mode [ 356.815313][ T5852] radio-si470x 2-1:0.0: submitting int urb failed (-90) [ 356.816233][ T7299] bridge_slave_1: entered promiscuous mode [ 357.050833][ T5852] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 357.061814][ T5852] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22 [ 357.170496][ T5852] usb 2-1: USB disconnect, device number 4 [ 357.336575][ T7299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 357.408820][ T7299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 357.646996][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 357.654014][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 357.822773][ T7299] team0: Port device team_slave_0 added [ 357.864284][ T50] Bluetooth: hci5: command tx timeout [ 357.937916][ T7299] team0: Port device team_slave_1 added [ 357.992429][ T7348] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 358.935503][ T7347] loop0: detected capacity change from 0 to 32768 [ 359.076160][ T7347] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 359.326116][ T7299] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 359.335707][ T7299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 359.367325][ T7299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 359.578313][ T7299] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 359.585605][ T7299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 359.612064][ T7299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 359.665165][ T7347] XFS (loop0): Ending clean mount [ 359.687013][ T7347] XFS (loop0): Quotacheck needed: Please wait. [ 359.789434][ T7347] XFS (loop0): Quotacheck: Done. [ 359.888057][ T7366] loop2: detected capacity change from 0 to 4096 [ 359.931086][ T50] Bluetooth: hci5: command tx timeout [ 359.994345][ T5796] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 360.231210][ T7373] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 360.510672][ T7366] NILFS (loop2): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 360.523995][ T7366] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=12) [ 360.540615][ T7299] hsr_slave_0: entered promiscuous mode [ 360.551457][ T7299] hsr_slave_1: entered promiscuous mode [ 360.561251][ T7299] debugfs: 'hsr0' already exists in 'hsr' [ 360.572378][ T7299] Cannot create hsr debugfs directory [ 360.693715][ T7366] Remounting filesystem read-only [ 360.698963][ T7366] NILFS (loop2): error -5 truncating bmap (ino=12) [ 360.887361][ T7376] loop1: detected capacity change from 0 to 128 [ 361.012894][ T7376] EXT4-fs: Ignoring removed nobh option [ 361.171446][ T6184] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 361.244870][ T7376] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 361.299628][ T7376] ext4 filesystem being mounted at /121/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 361.416314][ T7376] fscrypt (loop1, inode 12): Reserved bits set in encryption policy [ 361.588141][ T5795] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 362.670918][ T7391] loop0: detected capacity change from 0 to 512 [ 362.770611][ T5852] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 362.799871][ T7299] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 362.844513][ T7299] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 362.872696][ T7299] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 362.909462][ T7391] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 362.930488][ T7299] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 362.973229][ T5852] usb 5-1: Using ep0 maxpacket: 8 [ 363.087802][ T5852] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 363.097302][ T5852] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.106465][ T5852] usb 5-1: Product: syz [ 363.110964][ T5852] usb 5-1: Manufacturer: syz [ 363.115763][ T5852] usb 5-1: SerialNumber: syz [ 363.223435][ T5852] usb 5-1: config 0 descriptor?? [ 363.455892][ T5852] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 363.512737][ T5852] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 363.543508][ T1725] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 363.608177][ T5852] usb 5-1: USB disconnect, device number 7 [ 363.803281][ T1725] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 363.812919][ T1725] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.892602][ T1725] usb 2-1: config 0 descriptor?? [ 363.935915][ T1725] cp210x 2-1:0.0: cp210x converter detected [ 364.298389][ T5796] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.411338][ T1725] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 364.503215][ T1725] usb 2-1: cp210x converter now attached to ttyUSB0 [ 364.656813][ T42] usb 2-1: USB disconnect, device number 5 [ 364.758983][ T42] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 364.843993][ T7299] 8021q: adding VLAN 0 to HW filter on device bond0 [ 364.897340][ T42] cp210x 2-1:0.0: device disconnected [ 364.989531][ T7401] loop2: detected capacity change from 0 to 512 [ 365.097697][ T7401] EXT4-fs (loop2): Test dummy encryption mode enabled [ 365.105910][ T7401] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 365.116334][ T7401] EXT4-fs (loop2): ea_inode feature is not supported for Hurd [ 365.157755][ T7299] 8021q: adding VLAN 0 to HW filter on device team0 [ 365.313314][ T4934] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.321100][ T4934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 365.477839][ T4934] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.485463][ T4934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 366.077604][ T7407] loop4: detected capacity change from 0 to 1024 [ 366.144079][ T7411] sctp: [Deprecated]: syz.2.541 (pid 7411) Use of int in maxseg socket option. [ 366.144079][ T7411] Use struct sctp_assoc_value instead [ 366.201644][ T7405] loop0: detected capacity change from 0 to 1024 [ 366.336526][ T7407] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 366.556410][ T30] audit: type=1800 audit(1760138869.175:10): pid=7407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.540" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 366.982371][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.902768][ T7427] loop4: detected capacity change from 0 to 1024 [ 368.019181][ T7299] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 368.164367][ T7427] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.283010][ T7427] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2853: Unable to expand inode 2. Delete some EAs or run e2fsck. [ 368.526197][ T7436] netlink: 8 bytes leftover after parsing attributes in process `syz.2.549'. [ 368.873890][ T7440] tap0: tun_chr_ioctl cmd 1074025677 [ 368.880462][ T7440] tap0: linktype set to 825 [ 369.142806][ T5799] EXT4-fs error (device loop4): ext4_empty_dir:3109: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 369.192713][ T5799] EXT4-fs (loop4): Remounting filesystem read-only [ 369.407778][ T7444] loop2: detected capacity change from 0 to 1024 [ 369.688606][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.703833][ T7444] hfsplus: bad catalog entry type [ 370.118376][ T4515] hfsplus: b-tree write err: -5, ino 4 [ 370.249924][ T7452] netlink: 55 bytes leftover after parsing attributes in process `syz.4.551'. [ 371.140497][ T7460] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 371.241350][ T7299] veth0_vlan: entered promiscuous mode [ 371.352061][ T7299] veth1_vlan: entered promiscuous mode [ 371.699915][ T7299] veth0_macvtap: entered promiscuous mode [ 371.797358][ T7299] veth1_macvtap: entered promiscuous mode [ 372.079538][ T7299] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 372.190297][ T7470] loop4: detected capacity change from 0 to 512 [ 372.211108][ T7470] EXT4-fs (loop4): Test dummy encryption mode enabled [ 372.251372][ T7299] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 372.329776][ T7470] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 372.383022][ T4934] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.473516][ T4934] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.493774][ T7470] EXT4-fs (loop4): Errors on filesystem, clearing orphan list. [ 372.504052][ T7470] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 372.539076][ T4934] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.559146][ T7473] netlink: 4 bytes leftover after parsing attributes in process `syz.1.563'. [ 372.594040][ T4934] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.700538][ T42] IPVS: starting estimator thread 0... [ 372.792316][ T7479] IPVS: using max 240 ests per chain, 12000 per kthread [ 372.906439][ T7470] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 373.522208][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.591453][ T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 373.858777][ T9] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 373.869563][ T9] usb 2-1: config 0 interface 0 has no altsetting 0 [ 373.969629][ T9] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 373.979212][ T9] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 373.992345][ T9] usb 2-1: Product: syz [ 373.996764][ T9] usb 2-1: Manufacturer: syz [ 374.003251][ T9] usb 2-1: SerialNumber: syz [ 374.137105][ T9] usb 2-1: config 0 descriptor?? [ 374.205157][ T9] usb 2-1: selecting invalid altsetting 0 [ 374.538942][ T9] usb 2-1: USB disconnect, device number 6 [ 374.935951][ T5986] udevd[5986]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 375.060783][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 377.516900][ T7524] loop1: detected capacity change from 0 to 2048 [ 377.735301][ T7524] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #2: comm syz.1.578: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 377.850835][ T7524] EXT4-fs (loop1): get root inode failed [ 377.856817][ T7524] EXT4-fs (loop1): mount failed [ 378.066348][ T7537] loop2: detected capacity change from 0 to 1024 [ 378.121929][ T7538] loop0: detected capacity change from 0 to 256 [ 378.150827][ T7537] EXT4-fs: inline encryption not supported [ 378.303683][ T7537] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 378.516700][ T7538] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 378.864311][ T6184] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.280553][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 380.288616][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 380.616500][ T4515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 380.625532][ T4515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 381.423261][ T7574] loop2: detected capacity change from 0 to 512 [ 381.490503][ T7574] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 381.592106][ T7574] EXT4-fs (loop2): 1 truncate cleaned up [ 381.600597][ T7574] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 381.891486][ T7574] fscrypt (loop2, inode 18): Mutually exclusive encryption flags (0x18) [ 382.400043][ T6184] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 382.916741][ T50] Bluetooth: hci0: SCO packet too small [ 383.581215][ T7598] loop1: detected capacity change from 0 to 64 [ 384.442635][ T7610] netlink: 16 bytes leftover after parsing attributes in process `syz.2.607'. [ 384.452393][ T7610] netlink: 92 bytes leftover after parsing attributes in process `syz.2.607'. [ 385.878259][ T7624] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 385.885802][ T7624] IPv6: NLM_F_CREATE should be set when creating new route [ 385.893694][ T7624] IPv6: NLM_F_CREATE should be set when creating new route [ 385.901217][ T7624] IPv6: NLM_F_CREATE should be set when creating new route [ 386.182064][ T7628] netlink: 64 bytes leftover after parsing attributes in process `syz.2.617'. [ 386.392119][ T7632] loop4: detected capacity change from 0 to 512 [ 386.525159][ T7632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 386.727240][ T7632] EXT4-fs warning (device loop4): ext4_begin_enable_verity:135: inode #13: comm syz.4.618: verity is only allowed on extent-based files [ 387.350037][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.237390][ T7638] loop5: detected capacity change from 0 to 8192 [ 388.645121][ T7653] loop1: detected capacity change from 0 to 8 [ 389.158341][ T7656] loop4: detected capacity change from 0 to 512 [ 389.307196][ T7656] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 389.317313][ T7656] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 389.400030][ T6184] cgroup: fork rejected by pids controller in /syz2 [ 389.976425][ T7661] sp0: Synchronizing with TNC [ 390.233923][ T7663] input: syz1 as /devices/virtual/input/input7 [ 390.546383][ T4515] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.852157][ T4515] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.070417][ T4515] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.113402][ T7668] loop0: detected capacity change from 0 to 1024 [ 391.193255][ T7670] netlink: 'syz.1.636': attribute type 25 has an invalid length. [ 391.264607][ T7672] loop4: detected capacity change from 0 to 16 [ 391.342481][ T7672] erofs (device loop4): mounted with root inode @ nid 36. [ 391.377676][ T4515] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.964350][ T4515] bridge_slave_1: left allmulticast mode [ 391.970459][ T4515] bridge_slave_1: left promiscuous mode [ 391.977186][ T4515] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.053662][ T4515] bridge_slave_0: left allmulticast mode [ 392.059629][ T4515] bridge_slave_0: left promiscuous mode [ 392.066962][ T4515] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.073212][ T3593] hfsplus: b-tree write err: -5, ino 4 [ 392.830974][ T4515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 392.882196][ T4515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 392.916656][ T4515] bond0 (unregistering): Released all slaves [ 393.722834][ T7682] Cannot find del_set index 2 as target [ 393.935936][ T4515] hsr_slave_0: left promiscuous mode [ 394.000643][ T4515] hsr_slave_1: left promiscuous mode [ 394.009144][ T4515] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 394.017115][ T4515] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 394.111865][ T4515] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 394.119472][ T4515] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 394.323344][ T4515] veth1_macvtap: left promiscuous mode [ 394.329097][ T4515] veth0_macvtap: left promiscuous mode [ 394.335894][ T4515] veth1_vlan: left promiscuous mode [ 394.341640][ T4515] veth0_vlan: left promiscuous mode [ 394.512401][ T7681] loop1: detected capacity change from 0 to 4096 [ 394.726154][ T7681] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 395.199432][ T5798] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 395.212521][ T5798] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 395.236679][ T5798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 395.261370][ T5798] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 395.284976][ T5798] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 396.592925][ T4515] team0 (unregistering): Port device team_slave_1 removed [ 396.623494][ T7704] loop4: detected capacity change from 0 to 1024 [ 396.725049][ T4515] team0 (unregistering): Port device team_slave_0 removed [ 397.460833][ T5798] Bluetooth: hci0: command tx timeout [ 398.277291][ T11] IPVS: starting estimator thread 0... [ 398.410884][ T7723] IPVS: using max 192 ests per chain, 9600 per kthread [ 398.993661][ T7731] netlink: 'syz.1.654': attribute type 4 has an invalid length. [ 399.331564][ T7693] chnl_net:caif_netlink_parms(): no params data found [ 399.531847][ T5798] Bluetooth: hci0: command tx timeout [ 399.884546][ T7737] netlink: 64 bytes leftover after parsing attributes in process `syz.4.656'. [ 400.817177][ T42] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 401.061526][ T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 401.072811][ T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 401.083902][ T42] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 401.098206][ T42] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 401.108423][ T42] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.305318][ T7752] loop0: detected capacity change from 0 to 16 [ 401.329780][ T42] usb 5-1: config 0 descriptor?? [ 401.483700][ T7693] bridge0: port 1(bridge_slave_0) entered blocking state [ 401.497587][ T7693] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.505739][ T7693] bridge_slave_0: entered allmulticast mode [ 401.515788][ T7693] bridge_slave_0: entered promiscuous mode [ 401.611632][ T5798] Bluetooth: hci0: command tx timeout [ 401.707895][ T11] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 401.754555][ T7693] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.762795][ T7693] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.773696][ T7693] bridge_slave_1: entered allmulticast mode [ 401.784413][ T7693] bridge_slave_1: entered promiscuous mode [ 401.886396][ T42] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 401.895228][ T42] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 401.901852][ T11] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 401.903217][ T42] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x2 [ 401.912369][ T11] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.919541][ T42] plantronics 0003:047F:FFFF.0004: unbalanced collection at end of report description [ 402.024084][ T11] usb 2-1: config 0 descriptor?? [ 402.074581][ T11] cp210x 2-1:0.0: cp210x converter detected [ 402.124569][ T42] plantronics 0003:047F:FFFF.0004: parse failed [ 402.131701][ T42] plantronics 0003:047F:FFFF.0004: probe with driver plantronics failed with error -22 [ 402.312347][ T42] usb 5-1: USB disconnect, device number 8 [ 402.461288][ T7693] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 402.543019][ T7693] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 402.771160][ T11] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 402.779315][ T11] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 402.821931][ T11] usb 2-1: cp210x converter now attached to ttyUSB0 [ 402.889719][ T11] usb 2-1: USB disconnect, device number 7 [ 402.980751][ T11] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 402.991783][ T11] cp210x 2-1:0.0: device disconnected [ 403.019483][ T7693] team0: Port device team_slave_0 added [ 403.141632][ T7693] team0: Port device team_slave_1 added [ 403.645995][ T7693] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 403.653294][ T7693] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 403.685873][ T7693] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 403.736419][ T5798] Bluetooth: hci0: command tx timeout [ 403.829427][ T42] kernel read not supported for file /media4 (pid: 42 comm: kworker/1:1) [ 403.921566][ T7693] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 403.928732][ T7693] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 403.956675][ T7693] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 404.563632][ T7693] hsr_slave_0: entered promiscuous mode [ 404.574882][ T7693] hsr_slave_1: entered promiscuous mode [ 404.586393][ T7693] debugfs: 'hsr0' already exists in 'hsr' [ 404.592829][ T7693] Cannot create hsr debugfs directory [ 404.887823][ T7784] netlink: 16 bytes leftover after parsing attributes in process `syz.1.672'. [ 404.911181][ T7785] loop6: detected capacity change from 0 to 524287999 [ 404.949528][ T7784] netlink: 20 bytes leftover after parsing attributes in process `syz.1.672'. [ 405.517033][ T7788] loop4: detected capacity change from 0 to 128 [ 405.759252][ T7788] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 405.775038][ T7790] netlink: 12 bytes leftover after parsing attributes in process `syz.1.675'. [ 405.786414][ T7790] netlink: 12 bytes leftover after parsing attributes in process `syz.1.675'. [ 405.795142][ T7788] ext4 filesystem being mounted at /153/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 406.112507][ T7795] loop5: detected capacity change from 0 to 1024 [ 406.581027][ T4515] hfsplus: b-tree write err: -5, ino 4 [ 406.947792][ T5799] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 407.492406][ T7808] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 407.626004][ T7693] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 407.770557][ T7693] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 407.913466][ T7693] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 408.061432][ T7693] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 408.439330][ T7817] loop5: detected capacity change from 0 to 256 [ 408.670466][ T7817] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 408.864988][ T30] audit: type=1800 audit(1760138911.485:11): pid=7817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.682" name="file1" dev="loop5" ino=1048646 res=0 errno=0 [ 409.071840][ T7819] loop4: detected capacity change from 0 to 4096 [ 409.407921][ T7826] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 409.668673][ T7693] 8021q: adding VLAN 0 to HW filter on device bond0 [ 409.980670][ T7693] 8021q: adding VLAN 0 to HW filter on device team0 [ 410.094212][ T5075] bridge0: port 1(bridge_slave_0) entered blocking state [ 410.101909][ T5075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 410.225338][ T4515] bridge0: port 2(bridge_slave_1) entered blocking state [ 410.233046][ T4515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 410.811794][ T7837] program syz.1.690 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 411.777244][ T7849] input: syz0 as /devices/virtual/input/input8 [ 411.861170][ T11] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 412.111078][ T11] usb 6-1: Using ep0 maxpacket: 32 [ 412.161755][ T11] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 412.170020][ T11] usb 6-1: config 0 has no interface number 0 [ 412.308273][ T11] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=2c.d8 [ 412.317917][ T11] usb 6-1: New USB device strings: Mfr=193, Product=2, SerialNumber=3 [ 412.326738][ T11] usb 6-1: Product: syz [ 412.331278][ T11] usb 6-1: Manufacturer: syz [ 412.336105][ T11] usb 6-1: SerialNumber: syz [ 412.494655][ T11] usb 6-1: config 0 descriptor?? [ 412.566606][ T11] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 412.575983][ T11] usb 6-1: selecting invalid altsetting 1 [ 412.582299][ T11] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 412.772679][ T9] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 412.796328][ T11] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 412.810503][ T11] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 412.819137][ T11] usb 6-1: media controller created [ 412.963501][ T11] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 413.192864][ T9] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 413.207023][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.217650][ T9] usb 1-1: Product: syz [ 413.222230][ T9] usb 1-1: Manufacturer: syz [ 413.227052][ T9] usb 1-1: SerialNumber: syz [ 413.390908][ T9] usb 1-1: config 0 descriptor?? [ 413.671520][ T11] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 413.679059][ T11] zl10353_read_register: readreg error (reg=127, ret==-71) [ 413.760450][ T7693] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 413.781700][ T11] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 413.984611][ T9] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 415.128616][ T7871] loop1: detected capacity change from 0 to 32768 [ 415.185037][ T7871] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.697 (7871) [ 415.692015][ T7871] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 415.701341][ T9] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 415.702859][ T7871] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 415.825879][ T7876] loop5: detected capacity change from 0 to 256 [ 415.871125][ T7873] loop4: detected capacity change from 0 to 32768 [ 415.896858][ T9] usb 1-1: USB disconnect, device number 5 [ 415.907253][ T7873] BTRFS info: device /dev/loop4 (7:4) using temp-fsid 5b7ee0cf-b7e5-488a-a5e4-3713142d2af4 [ 415.918939][ T7873] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.698 (7873) [ 415.985287][ T7873] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 415.996063][ T7873] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 416.038324][ T7693] veth0_vlan: entered promiscuous mode [ 416.150016][ T11] usb 6-1: USB disconnect, device number 2 [ 416.364377][ T7871] BTRFS info (device loop1): enabling ssd optimizations [ 416.371993][ T7871] BTRFS info (device loop1): enabling free space tree [ 416.411362][ T7693] veth1_vlan: entered promiscuous mode [ 416.512007][ T7876] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011d93, chksum : 0x4501cc6b, utbl_chksum : 0xe619d30d) [ 416.550985][ T7871] BTRFS info (device loop1): balance: start -susage=21474836480,drange=6..107,limit=2047..4294967295 [ 416.562834][ T7871] BTRFS info (device loop1): balance: ended with status: 0 [ 416.667687][ T7873] BTRFS info (device loop4): enabling ssd optimizations [ 416.675273][ T7873] BTRFS info (device loop4): enabling free space tree [ 416.815273][ T5795] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 416.907491][ T5799] BTRFS info (device loop4): last unmount of filesystem 5b7ee0cf-b7e5-488a-a5e4-3713142d2af4 [ 417.117851][ T7693] veth0_macvtap: entered promiscuous mode [ 417.205658][ T7693] veth1_macvtap: entered promiscuous mode [ 417.369703][ T7693] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 417.521113][ T7693] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 417.676793][ T143] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.736280][ T143] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.840949][ T1898] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.851632][ T3593] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.103369][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 419.110252][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.462402][ T7947] mmap: syz.4.709 (7947) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 422.695602][ T7967] loop4: detected capacity change from 0 to 512 [ 422.779936][ T7967] EXT4-fs: Ignoring removed oldalloc option [ 422.980375][ T7967] EXT4-fs (loop4): 1 truncate cleaned up [ 422.988686][ T7967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 423.268397][ T7976] netlink: 4 bytes leftover after parsing attributes in process `syz.0.716'. [ 423.919453][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 426.746797][ T8015] netlink: 28 bytes leftover after parsing attributes in process `syz.1.725'. [ 427.680502][ T8022] loop1: detected capacity change from 0 to 512 [ 427.767476][ T8022] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 427.822306][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.830540][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 428.170372][ T4515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 428.178461][ T4515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 428.241215][ T8022] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 428.262834][ T8022] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 428.290838][ T5852] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 428.393518][ T8031] bridge0: port 1(bridge_slave_0) entered blocking state [ 428.401173][ T8031] bridge0: port 1(bridge_slave_0) entered forwarding state [ 428.502571][ T5852] usb 6-1: Using ep0 maxpacket: 32 [ 428.581516][ T5852] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 428.591055][ T5852] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.636411][ T5852] usb 6-1: config 0 descriptor?? [ 428.893025][ T5852] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 428.919061][ T5852] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 428.955233][ T5852] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 428.963200][ T5852] usb 6-1: media controller created [ 429.137257][ T5852] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 429.400882][ T5852] az6027: usb out operation failed. (-71) [ 429.408152][ T5852] az6027: usb out operation failed. (-71) [ 429.414445][ T5852] stb0899_attach: Driver disabled by Kconfig [ 429.422625][ T5852] az6027: no front-end attached [ 429.422625][ T5852] [ 429.433416][ T5852] az6027: usb out operation failed. (-71) [ 429.458728][ T5852] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 429.471002][ T5852] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input9 [ 429.506495][ T5795] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.648255][ T5852] dvb-usb: schedule remote query interval to 400 msecs. [ 429.655849][ T5852] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 429.712011][ T5852] usb 6-1: USB disconnect, device number 3 [ 429.727513][ T8037] loop0: detected capacity change from 0 to 2048 [ 429.945198][ T8037] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 430.015590][ T8037] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 430.169330][ T5852] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 431.880680][ T8063] IPVS: fo: SCTP 172.20.20.187:0 - no destination available [ 433.303392][ T8080] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.313454][ T8080] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.335555][ T8103] loop2: detected capacity change from 0 to 256 [ 435.437210][ T8103] exfat: Deprecated parameter 'utf8' [ 435.615602][ T8103] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 435.871388][ T8107] team0: No ports can be present during mode change [ 437.107935][ T8121] loop5: detected capacity change from 0 to 128 [ 437.206502][ T8117] loop2: detected capacity change from 0 to 32768 [ 437.227087][ T8121] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2 [ 437.227176][ T8117] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.767 (8117) [ 437.286992][ T8117] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 437.297879][ T8117] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 437.437562][ T8117] BTRFS info (device loop2): enabling ssd optimizations [ 437.445056][ T8117] BTRFS info (device loop2): enabling free space tree [ 437.488258][ T8117] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 437.499003][ T8117] overlayfs: missing 'lowerdir' [ 437.605929][ T7693] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 437.942232][ T8146] loop0: detected capacity change from 0 to 128 [ 437.985902][ T8146] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 438.246217][ T8146] FAT-fs (loop0): FAT read failed (blocknr 128) [ 438.464792][ T8149] FAT-fs (loop0): FAT read failed (blocknr 128) [ 438.482157][ T30] audit: type=1326 audit(1760139197.106:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8150 comm="syz.4.778" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7ffa9f785d67 code=0x0 [ 439.896729][ T8177] netlink: 8 bytes leftover after parsing attributes in process `syz.1.788'. [ 440.331980][ T8181] loop0: detected capacity change from 0 to 512 [ 440.368084][ T8181] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 440.450980][ T8181] EXT4-fs (loop0): 1 truncate cleaned up [ 440.459297][ T8181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 440.513830][ T30] audit: type=1800 audit(1760139199.147:13): pid=8181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.790" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 440.861517][ T5796] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.848789][ T8193] loop2: detected capacity change from 0 to 32768 [ 441.899694][ T8193] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.796 (8193) [ 441.921668][ T8193] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 441.936965][ T8193] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 442.107016][ T8217] netlink: 8 bytes leftover after parsing attributes in process `syz.0.799'. [ 442.116393][ T8217] netlink: 'syz.0.799': attribute type 5 has an invalid length. [ 442.124486][ T8217] netlink: 28 bytes leftover after parsing attributes in process `syz.0.799'. [ 442.152537][ T8217] geneve2: entered promiscuous mode [ 442.158304][ T8217] geneve2: entered allmulticast mode [ 442.204949][ T143] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 442.240244][ T143] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 442.258333][ T8193] BTRFS info (device loop2): enabling ssd optimizations [ 442.265545][ T8193] BTRFS info (device loop2): enabling free space tree [ 442.274903][ T143] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 442.347945][ T143] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 442.422733][ T8193] BTRFS info (device loop2): balance: start -susage=34359738372,drange=7..107,limit=3330..0 [ 442.434431][ T8193] BTRFS info (device loop2): balance: ended with status: 0 [ 442.607379][ T7693] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 442.830476][ T8224] Bluetooth: MGMT ver 1.23 [ 443.461390][ T8230] loop5: detected capacity change from 0 to 256 [ 443.525269][ T8230] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 443.623699][ T8230] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 443.929809][ T8240] netlink: 8 bytes leftover after parsing attributes in process `syz.1.811'. [ 444.748020][ T8252] capability: warning: `syz.5.817' uses 32-bit capabilities (legacy support in use) [ 445.370050][ T4235] ===================================================== [ 445.377481][ T4235] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xafd/0x98a0 [ 445.386205][ T4235] n_tty_receive_buf_standard+0xafd/0x98a0 [ 445.392384][ T4235] n_tty_receive_buf_common+0x1a68/0x2540 [ 445.398842][ T4235] n_tty_receive_buf2+0x4c/0x60 [ 445.403915][ T4235] tty_ldisc_receive_buf+0xc3/0x2c0 [ 445.411730][ T4235] tty_port_default_receive_buf+0xd7/0x1a0 [ 445.417881][ T4235] flush_to_ldisc+0x43b/0xe30 [ 445.423609][ T4235] process_scheduled_works+0xb91/0x1d80 [ 445.429491][ T4235] worker_thread+0xedf/0x1590 [ 445.434394][ T4235] kthread+0xd59/0xf00 [ 445.438791][ T4235] ret_from_fork+0x233/0x380 [ 445.443596][ T4235] ret_from_fork_asm+0x1a/0x30 [ 445.448887][ T4235] [ 445.460160][ T4235] Uninit was stored to memory at: [ 445.470389][ T4235] n_tty_receive_buf_standard+0xaf6/0x98a0 [ 445.476770][ T4235] n_tty_receive_buf_common+0x1a68/0x2540 [ 445.484909][ T4235] n_tty_receive_buf2+0x4c/0x60 [ 445.489992][ T4235] tty_ldisc_receive_buf+0xc3/0x2c0 [ 445.495724][ T4235] tty_port_default_receive_buf+0xd7/0x1a0 [ 445.501823][ T4235] flush_to_ldisc+0x43b/0xe30 [ 445.506846][ T4235] process_scheduled_works+0xb91/0x1d80 [ 445.512634][ T4235] worker_thread+0xedf/0x1590 [ 445.517742][ T4235] kthread+0xd59/0xf00 [ 445.522079][ T4235] ret_from_fork+0x233/0x380 [ 445.527007][ T4235] ret_from_fork_asm+0x1a/0x30 [ 445.532007][ T4235] [ 445.534425][ T4235] Uninit was created at: [ 445.539076][ T4235] __kmalloc_noprof+0xabb/0x1b40 [ 445.544249][ T4235] __tty_buffer_request_room+0x3d4/0x7a0 [ 445.550280][ T4235] __tty_insert_flip_string_flags+0x157/0x6f0 [ 445.567608][ T4235] uart_insert_char+0x368/0x930 [ 445.572743][ T4235] serial8250_read_char+0x1ba/0x670 [ 445.580714][ T4235] serial8250_handle_irq+0x930/0x1110 [ 445.586894][ T4235] serial8250_default_handle_irq+0x116/0x370 [ 445.593158][ T4235] serial8250_interrupt+0xc8/0x430 [ 445.598636][ T4235] __handle_irq_event_percpu+0x11b/0xf80 [ 445.604531][ T4235] handle_irq_event+0xe0/0x2a0 [ 445.609655][ T4235] handle_edge_irq+0x2a9/0xb50 [ 445.614653][ T4235] __common_interrupt+0x9a/0x180 [ 445.619940][ T4235] common_interrupt+0x94/0xb0 [ 445.625123][ T4235] asm_common_interrupt+0x2b/0x40 [ 445.630334][ T4235] [ 445.632788][ T4235] CPU: 1 UID: 0 PID: 4235 Comm: kworker/u8:22 Not tainted syzkaller #0 PREEMPT(none) [ 445.642655][ T4235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 445.653053][ T4235] Workqueue: events_unbound flush_to_ldisc [ 445.667523][ T4235] ===================================================== [ 445.674690][ T4235] Disabling lock debugging due to kernel taint [ 445.683412][ T4235] Kernel panic - not syncing: kmsan.panic set ... [ 445.690020][ T4235] CPU: 1 UID: 0 PID: 4235 Comm: kworker/u8:22 Tainted: G B syzkaller #0 PREEMPT(none) [ 445.701394][ T4235] Tainted: [B]=BAD_PAGE [ 445.705697][ T4235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 445.715939][ T4235] Workqueue: events_unbound flush_to_ldisc [ 445.722061][ T4235] Call Trace: [ 445.725562][ T4235] [ 445.728632][ T4235] __dump_stack+0x26/0x30 [ 445.733737][ T4235] dump_stack_lvl+0x53/0x270 [ 445.738580][ T4235] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 445.744683][ T4235] dump_stack+0x1e/0x25 [ 445.749068][ T4235] vpanic+0x435/0xd30 [ 445.753301][ T4235] panic+0x15d/0x160 [ 445.757483][ T4235] kmsan_report+0x31c/0x320 [ 445.762286][ T4235] ? __msan_warning+0x1b/0x30 [ 445.767203][ T4235] ? n_tty_receive_buf_standard+0xafd/0x98a0 [ 445.773411][ T4235] ? n_tty_receive_buf_common+0x1a68/0x2540 [ 445.779590][ T4235] ? n_tty_receive_buf2+0x4c/0x60 [ 445.784831][ T4235] ? tty_ldisc_receive_buf+0xc3/0x2c0 [ 445.790465][ T4235] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 445.796731][ T4235] ? flush_to_ldisc+0x43b/0xe30 [ 445.801838][ T4235] ? process_scheduled_works+0xb91/0x1d80 [ 445.807804][ T4235] ? worker_thread+0xedf/0x1590 [ 445.812873][ T4235] ? kthread+0xd59/0xf00 [ 445.817338][ T4235] ? ret_from_fork+0x233/0x380 [ 445.822313][ T4235] ? ret_from_fork_asm+0x1a/0x30 [ 445.827499][ T4235] ? ret_from_fork_asm+0x1a/0x30 [ 445.832791][ T4235] ? stack_depot_save_flags+0x35/0x7b0 [ 445.838517][ T4235] ? kmsan_get_metadata+0xfb/0x160 [ 445.843906][ T4235] ? kmsan_get_metadata+0x150/0x160 [ 445.849358][ T4235] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 445.855947][ T4235] ? kmsan_get_metadata+0x150/0x160 [ 445.861402][ T4235] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 445.867464][ T4235] ? n_tty_receive_char+0xfae/0x1440 [ 445.872997][ T4235] ? kmsan_get_metadata+0xfb/0x160 [ 445.878378][ T4235] __msan_warning+0x1b/0x30 [ 445.883113][ T4235] n_tty_receive_buf_standard+0xafd/0x98a0 [ 445.889198][ T4235] ? __rb_insert_augmented+0x80/0x11b0 [ 445.894885][ T4235] ? kmsan_get_metadata+0xfb/0x160 [ 445.900259][ T4235] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 445.906342][ T4235] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 445.912957][ T4235] n_tty_receive_buf_common+0x1a68/0x2540 [ 445.918934][ T4235] ? kmsan_get_metadata+0xfb/0x160 [ 445.924270][ T4235] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 445.930925][ T4235] n_tty_receive_buf2+0x4c/0x60 [ 445.936016][ T4235] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 445.941769][ T4235] tty_ldisc_receive_buf+0xc3/0x2c0 [ 445.947231][ T4235] tty_port_default_receive_buf+0xd7/0x1a0 [ 445.953294][ T4235] flush_to_ldisc+0x43b/0xe30 [ 445.958217][ T4235] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 445.964901][ T4235] ? __pfx_flush_to_ldisc+0x10/0x10 [ 445.970355][ T4235] process_scheduled_works+0xb91/0x1d80 [ 445.976202][ T4235] worker_thread+0xedf/0x1590 [ 445.981148][ T4235] kthread+0xd59/0xf00 [ 445.985404][ T4235] ? __pfx_worker_thread+0x10/0x10 [ 445.990771][ T4235] ? __pfx_kthread+0x10/0x10 [ 445.995549][ T4235] ret_from_fork+0x233/0x380 [ 446.000328][ T4235] ? __pfx_kthread+0x10/0x10 [ 446.005132][ T4235] ret_from_fork_asm+0x1a/0x30 [ 446.010186][ T4235] [ 446.013771][ T4235] Kernel Offset: disabled [ 446.018177][ T4235] Rebooting in 86400 seconds..