last executing test programs: 4.733807876s ago: executing program 1 (id=290): syz_mount_image$cramfs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x200409, &(0x7f0000000400)=ANY=[], 0xfe, 0x162, &(0x7f0000000640)="$eJzs0L+rUmEcx/H3c85zjkKKRQYSlEKLJUEqtUV4IknIDhQtTYIeK1AMhXJLibYGodWhH2sEjU2aDlHoUmt/QItbcMd7OY/e6x38D+73tX1/nM+X89y5ucwqtm532s+7Qa8XNDIP/Gr54b/JpBT2Xeh/3c4dGuv9aQmeoplqWA0x7Xkcms9agVXvtMJ6VYII4J0yfQdIHN7zkpqhhjx/TZ29BLNzZs8K6zDzWC8o4pi98xq8BDS730y9/8Fd551Z7+WB/4ANSrmbYxds3lRy6bMK+uPcl8+/7i9+Vq5euRW8LZRHl2MpO/cKPuKp6I/5kz/25qvlonrPr/rLYqFwo3gtb3H9twkcjNB3Yy/gsQId5lmYPJfURf0IXit4Z26tvqs4MHu/57cjR289eGlnQKXH9ZrrfKolT1vYWW3+hh3MhOiukRBCCCGEEEIIIYQQQgghhBBCiJPuIAAA///Hr1BY") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 4.231825689s ago: executing program 1 (id=293): syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x4028, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]}) 3.734319922s ago: executing program 2 (id=299): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e) readv(r0, &(0x7f0000000380)=[{0x0, 0x406}, {&(0x7f0000000940)=""/179, 0xac}], 0x1000000000000209) 3.714534817s ago: executing program 1 (id=301): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)={0x4c, r1, 0x1, 0x0, 0x0, {0x4e}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xab}}, {0x8}, {0x6}}]}, 0x4c}}, 0x0) 3.495587826s ago: executing program 1 (id=303): r0 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f00000003c0)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@nossd}, {}, {@space_cache_v1}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd") ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000080)=ANY=[@ANYRES32=r0, @ANYRESDEC, @ANYBLOB=':-000']) 2.739761574s ago: executing program 2 (id=307): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x40, 0x6, 0x8}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.610183124s ago: executing program 2 (id=309): r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000400)='.\x00', 0x4000423) inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x4000423) 2.453188241s ago: executing program 2 (id=311): syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000001080)='./bus\x00', 0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098fe0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4ece31c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) 1.890137428s ago: executing program 2 (id=315): syz_usb_connect(0x5, 0x27, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xb7, 0x5c, 0x7f, 0x40, 0x547, 0x201, 0x1164, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa2, 0xcd, 0xd2}}]}}]}}, 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) write(r0, 0x0, 0x0) 1.643448621s ago: executing program 0 (id=318): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_CT_DIRECTION={0x5, 0x3, 0xded035136f4c42fe}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) 1.399797682s ago: executing program 1 (id=320): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c1, &(0x7f00000005c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZzWSNMZHNyu1+Ps0++8zznfk9k4fsbJEnH748Obqfx8MnX/wSWZZEZxjDOEliEJ1ofBULht8EAPAsOymK+L2Y2SSXRES2vbIAgC1a7+9/d9786VLKAgC26N677729f3Bw550ssrg7+fp4VP5nX/6cHd9/GB/HOB7Ea9GP04jqQWE3qqeFsnm3KIppNy8N4uZkejwqk5MPntbn3/8tosrvRT8GVdfZ00aVf+vgzl4+08pPyzqer68/LPO3ox8vnoUX8reX5GOUxquvtOq/Ff34+aP4JMZxvypinv9yL8/fLL794/P3y/LKfDI9HvWqcXPFziW/NAAAAAAAAAAAAAAAAAAAAAAAXGG36r1zepHfiJuTsqvef2fnNNLy17wxWNyfZ5ZPmhO19wcqimJaxPetLQXzoh44z3fjpW57Y0EAAAAAAAAAAAAAAAAAAAC4vh5/+tnR4Xj84NGFNJrdALoR8ee9iP96nmGr50asHtyrr3k4Hnfq5sKYp2m7J3aaMUnEyjLKSVzQbfm3xnPna24aP/xYTnCTE2atnteXT3B3+/NqVtfRYbL8Wr1oerJ6kXyXRszHpLHmtdJ/OlTEJssvXXqov/Hc0xeqxnTFmEhWFfbGr7M7V/ck52eRVnd1aXy3brTi59bGWq97ZLP4398rkmq3jt723owAAAAAAAAAAAAAAAAAAOCam3/6d8nBJyujncJHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Iubf/79BY1qH1xicxqPH//MUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAb+CgAA//8HIVi7") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x275a, 0x0) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000040)) 1.379182918s ago: executing program 3 (id=321): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240) r1 = epoll_create(0x101) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x40000014}) 1.313570492s ago: executing program 0 (id=322): r0 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil) rseq(&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0) shmat(r0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) 1.123385127s ago: executing program 3 (id=323): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x8, 0x530, 0x8, 0x1, 0xb2}) ioctl$SG_BLKTRACESTART(r0, 0x1274, 0x0) 1.122499829s ago: executing program 0 (id=324): syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r0, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44) 1.012822182s ago: executing program 4 (id=325): r0 = socket$inet6(0xa, 0x80002, 0x88) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000100)={0x1, 0x7}, 0x8) close(0x3) 970.80375ms ago: executing program 3 (id=326): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@mpls_getroute={0x1c, 0x1a, 0x9e8a232eead7ae69, 0x70bd26, 0x0, {0x1c, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x8}}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x0) 878.182678ms ago: executing program 0 (id=327): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r0}, 0x18) openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x185780, 0x0) 812.326456ms ago: executing program 4 (id=328): write$evdev(0xffffffffffffffff, &(0x7f00000001c0)=[{{}, 0x11, 0x4, 0x401}], 0x18) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250) 772.155179ms ago: executing program 3 (id=329): syz_io_uring_setup(0xfb, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='smaps\x00') pread64(r0, &(0x7f0000000080)=""/86, 0x56, 0xbbf9) 705.24597ms ago: executing program 0 (id=330): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) 634.65901ms ago: executing program 4 (id=331): r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000080)={'c6xdigio\x00', [0x3c4, 0x10, 0x1, 0xa, 0x14000000, 0x0, 0xfffffffd, 0x2, 0xffd, 0x7ffe, 0x3, 0x723, 0x400, 0x2, 0x13, 0x100, 0xffffffa7, 0x9, 0x34d, 0x1, 0x3ff, 0x9, 0x200, 0xe2df, 0xaa14, 0x1, 0x4, 0x4, 0x80000, 0xf58, 0x6]}) ioctl$COMEDI_SETWSUBD(r0, 0x6411) 563.044836ms ago: executing program 0 (id=332): kexec_load(0x0, 0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x41000000}], 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/kexec_crash_size', 0x202, 0x0) write$sysctl(r0, &(0x7f0000002900)='4\x00', 0x2) 535.287496ms ago: executing program 1 (id=333): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='setgroups\x00') exit(0x1ff) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 502.970591ms ago: executing program 3 (id=334): syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000f00)='./file0\x00', 0x402, &(0x7f0000000080)={[{@norecovery}, {@order_relaxed}, {}, {@order_relaxed}, {@nobarrier}, {@errors_continue}, {@nobarrier}, {@order_relaxed}], [], 0x2c}, 0x0, 0xeec, &(0x7f0000000f40)="$eJzs3U9sHNX9APA3a6+dxE68Bn5g4EdIoRWBgh2SVE1vQaAeEZfeQSGhEYbShh6I+BN6QFRCFAlxqjhQcaFUSpFaCVSpQj21PbXqrSfUC62qVArqpUiJq9jvrXdfPN312J717n4+0tfPb97sfL/jtayZ8eybAIytxurX48cXihDe+eTtR156svj1tWV3ttc4tPq1iL1WCKHZ0S+y7X0WF1y5/OKpjdoiHF39mvrh0Uvt186EEC6EQ+HT0AofLi1/8cG7Dx/+6LU9N795/umXd2j32/L9AACAUXTxj8t/vffvf7h//suLB0+G6fbydHzeiv2ZeNx/JB4op+PlRujuFx3RaSpbbyJGI1tvIltvMsszWZKvmW2nWbLeVI98Ex3LNtpPAAAAGEbpvLYVisZiV7/RWFxcO++/5rO5qWLx2bPLZ84NqFAAAACgsn+/snrTrRBCCCGEEEIIIUY4VuYGfQUCAAAAGDed84Xt2WiFC9s7U1d7a63r82+0/qWHGhu/HrZBr9+/7f79l3+48r//qr84AABUN6pHk2m/0nF0mscgn0dwInvdZo//G9l2JjdZZ9m8gsMy32BZnfnPdbcqq3+z7+OglNWfz4e5W5XVn8/TuVuV1T9dcx1VldW/4bXXXais/r0111FVWf37aq6jqrL6Z2quo6qy+mdrrqOqsvr311xHVWX1H6i5jqrK6h+W22rL6m/VXEdVZfXP11xHVWX139Dfy/+xnbVUUVb/jTXXUVVZ/TfVXMeg3BHb9HM4mI13nj/n53TDco4HAAAA4+4/5v8TQgghhBBCCCFGPl4Z9AUIAAAAYODS5wLSp95XojQ+0WN8ssd4s8f4VI/x6R7jAAAAQAi/ef3MrW8V65/z3+p8eGneqDT/0mbnMcrnI9xs/q3Oe7bV/MMybxkAAADjpfj2p1fve+S95+e/vHjwZMfZ79V4vpvmAZ2M1wY+jv10X8Bs1i/SOfTJ7jyNkvXy6wP7y7b32BZ3FAAAAMZYOn9vhaKx2HHe3QqNxuLi+vn4QmgWZ84unz4S++n5LL+fa05fW/5gX9mG5alkAAAAMFrWz/c3Pv9Pz/FdCFPF4rNnl8+cW+vPtpc3G53XBebWlxed1wVa2fKjJcuPxX56fud35/auLl889b3lJ7d75wEAAGBMnHvh/NNPLC+f/oFvfDOe3+zbHWXstm8G/ZcJAADYbp9//nbzh8dmf7v2+f/1+e/S5/8PxX4rzu33p7hCuk8gfQ7gus/rP96dZ65svee612tl603EmM7q3tOxndAx32B63XxZvlb3dqZK8s1k+WazfPk8BZPZ+infgWx5/gmItN5ctjyfh3Eyy1Fk+e8KAAAAUG7p+WeeWzr3wvkHzj7zxFOnnzr97LGjJ7514sSRB7/54NLqff1LnXf3AwAAAMNo/abfQVcCAAAAAAAAAAAAAAAAAAAA46uOx4kNeh8BAABg3P3rlRDCBSFESaw9AnPwdQghhBCbi/Sw5EHXIeqNiV1Qg4jRWD/pGngtQqzFykr+pHkAAACAnXXl8ounOtvrXCi2NV97a6215mrMm9rZB/4yfy3Sapce6r5esm9bq2Hc1f37L/9w5X//1e3Nn/412P/fv0b3Bk5Wy3vP0s8XOvPfNtln/nz/H6uW/3CW/57QX/6V97L8j1fLf2+Wf1+f+a/b/+eq5b8v5l+I/cN395u/+/2fjm3aj7195v96tv9Phn7zZ/vf6jNh5v6YHwDGUWPQBeyQdJSQjqNnYj/tbzzcDPndD5s9/m9k25nccuXd203HQbfEfjpems3yJputfybb3v71oeZm6swNy10lZfVv1/u408rq7+vN2wXK6p+quY6qyuqfrrmOqsrq31NzHVWV1d/veeigldU/LNeVy+qfqbmOqsrqn625jqrK6t9fcx1VldV/oOY6qiqrf67mOqoqq7/iZbXaldU/X3MdVZXVf0PNdVRVVv+NNddRVVn9N9Vcx6DcHtuy8+F0/jkXx1K/lfWnN/hZjuq1BQAAABg2/zT/nxBCCCGEEEIIsRPx/W8MvoZ2rKwM+goEg7Szn2YGYLfy93+8ef/Hm/d/vHn/+V/SPfxF1k8meoxP9hhv9hifysbz39fpHuM3ZttdidL4TT3G/6/H+IEe47f0GF/oMX5rj/Hbeozf3mMcAACA8XBzbJ0fAgAAwOh66Rcfv/Grex6/PP/lxYMnw9R1884fif3p+L/112M/n/c+acb/+f8o9n8W29/F9m/Z+u4/AQAAgJ2XnhPj//8AAAAwutJzSp3/AwAAwOiaj63zfwAAABhdN8TW+T8AAACMsGLPxotjm64L3BXbfuf1AwB2v/+P7R2xPRjbO2P7ldim44C7Y/vVmuoDALbPT7/z4xNvFevz/R/Lxq/E5am9zoW1KwVFo3sm/72x3Rfbr/VZT/48gH7zJwf6zLNT+ee2mB8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGB2N1a/Hjy8UIbzzyduP/GTqjT9fW3Zne41Dq1+L2GuFEJrt16XR9f4v44pXLr94qrO9GtsiHA1FKNrLw6OX2plmQggXwqHwaWiFD5eWv/jg3YcPf/TanpvfPP/0yzv4I+jaPwAAABhF/w0AAP//8RcdlQ==") r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') pread64(r0, &(0x7f0000002280)=""/4096, 0x1000, 0xd33) 403.41699ms ago: executing program 4 (id=335): r0 = getpgrp(0x0) r1 = syz_pidfd_open(r0, 0x0) fsetxattr$trusted_overlay_nlink(r1, &(0x7f00000018c0), 0x0, 0x0, 0x3) 339.884908ms ago: executing program 2 (id=336): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000a80)=ANY=[@ANYBLOB="12010000000000406a05ba0000000000000109022400010000000009040001010300010009210010060122070009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, &(0x7f0000000080)={0x14, &(0x7f0000000000)={0x0, 0xb, 0x19, {0x19, 0xe, "15685d6d246970101bbd8c9e656c74f8263ce8257f7d57"}}, 0x0}, 0x0) 182.762354ms ago: executing program 4 (id=337): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newlink={0x70, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x2017, 0x2021}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x24, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x10, 0x5, 0x0, 0x1, [{0xa, 0x4, @local}]}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_IFNAME={0x14}]}, 0x70}, 0x1, 0x0, 0x0, 0x1}, 0x8000002) 40.129589ms ago: executing program 4 (id=338): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xad3, &(0x7f0000000400)="$eJzs3U2MG1cdAPBn73qTbVLilIQuaWgTCm356KbZXcJHBEmVCImoqRCXShGXKE1LRAgSRQKqSiQ5caNVFSROfIhTL1VBSPSCop64VKKRKqSKQ+HAgSiIShwgkBit9z2v/WJ37P3wrNe/nzR+fvNm/H8zHo/n+wVgbFWbrwsLM5UQrrz+8vG/P/S36cU+R1pD1Juvk225WgihEvOT2ee9O7GU3nrvhTPd0kqYa76mfHjyRmvcbSGEi2FfuBrqYc+Vay+9OffEyUsnLu9/65XD19dn6gEAYLx89erhhd1/+eN9O2++ev/RsCX1XnzT3D6vxx7b43b/0bjhn7b/q6EzX2nr2k1lw03GrjrdOdxEl+Ha49Sy4SZ7xJ/K4td6DLclvH/8ibZ+3aYbRllajuuhUp3tyFers7NL++ShuV8/VZm9cO78M8+VVFFgzf3rgRDCvrbu2OXO/Ebrjqx43Mp61am5bdHHcI2y592odkeHF+tmY0np0zykrrGj7DUQwJL8fOEdLuZHFlan9WmT/cW/8Xi1+/iwBoa9/A8Uf6rk+GHM4+cHK2GVNuv/V5qu9DvaHvP5eYT8+qXev7/8TEdn3/x8RK3PevY6jzAq5xd61XNiyPVYqV71z5eLzeqLMU3z4UtZefvvJ/9OR+U7Brr7d378X6fTrVtXW4vPCR352mo+q1Hy+gfYuPLr5hrp/GiUX9eXl28pKN9aUD5dUH5XQfm2gnIYZ7/57o/Di5Xl/fx8n37Q4+HpONvdMf3AgPXJj0cOGj+/7ndQq43vED2j5Hennzr7uadPXVu6/r/SWv5vx+U97W7U42/rahwgHS/Mj6u3rv2vd8ap9hjunqw+d3cZvvl+V+dwlV3LnxPa1jN31GOmc7wdvYbb2zlcPRtuOnZbs/rm2yd3ZeOl7Y+0Xk3zazKb3lo2HVNZPdJ6ZWdM83rASqTlsdf1/2n5nAm1yjPnzp99LObTcvqHidqWxf4Hh1xvYPX6vf9nJnTe/7O91b9WbV8v7FjuX1laL7wWP6+z/1wrTmf/+ZhP/3PfmJhu9p898+3zT6/95MNYe+4Hz3/z9PnzZ79T+pv56RA2QDVW8ObL1bARqjHIm7TbslHq482Ge1PyiglYdwd+uLQR8Oi5b51+9uyzZy/MHzo0Pzd36PPzCwea2/UH2rfu210sobbAWlr+0y+7JgAAAAAAAAAAAEC/vnfi+LW33/jsO0v3/y/f/5fu/09X/qb7/3+U3f+f3yef7oNP9wHu7FLeHCZ7wOpUNlwtdh/M6rsri7M7G+9DMW214xfv/0/h8ue6pvrcm/Wv9chmjxO443kpU9kzSPL2Aj8a08sx/WWAElWmu/eOadHzrdOynp5P0fZciobnA4+O9L2lpSE9xyTd/931uU5tX/bOIdSRtTeM2wnLnkagu3+M1fO//7k84aXXRde7m0zv60OJ99PxXSYaPbfS+23BBmBtlN3+ZzrumdILv//K1sUuDXbj8c71Zf78UhjEn97uzG/o9ieHED9vt2/Y8cue/qL4v7q0tvFb7d9l678/x953rv+yFvPqK4v7n59df6ctbNjT7/o3n/70HOhdg8W/GeOnqXk49Be/8Yssfn5CqE//zeLf1Wf8O6Z/78ri/y/GT7PtkQf7jd+s8ZZQ7axHftw4nf/Ljxsnt7LpT8/2fJ/4X3u+2/SvsKHG2zE+jLNRaWd2UNl2RGujfeXt/0YX17b931Zls9Vafh3GZ2I+rYjTdQ55eyeD1j9dX5H+B3Znn18p+H/T/u9o+0JMi34Pqf3ftDzW419+W745L1O+1mXebtZ1DYyqd8fq/N8adKfWPcbW0qdxw3dHN0AdWl1jYgXjtdqJK7n+jUZjfQ9oFSg1OKXP/7L3E8qOX/b8L5K3/5tvw+ft/+blefu/eXne/m9ePh2/oV7lefu/+fzM2//Ny+/NPjdvH3imoPzDBeV7upe3dtvvKxh/b0H5RwrK97fKj3QMkcrvLxj/gYLyewrKHywo/1hB+ccLyh8qKH+krby9DehU/omC8Te7dD/KuE4/jLP8/jy/fxgf6fxPr9//roJyYHT95NWDx079+uv1pfv/p1rHQ9J5vKMxX4v7T9+P+fy8d2jLL5a9EfN/zco3+vEOGCf58zPy//eHC8qB0ZWu8/L7hjFU2dq9d0yLnlvVazuf0fLJmH4qpp+O6aMxnY3pgZgejOnckOrH+jj22m8Pv1hZ3t/fkZX3ez15JbsfqOM5USGE+T7rkx8fGPR69vw5foNabfwV3g4GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQmmrzdWFhphLClddfPv7UyXMHFvscaQ1Rb75OtuVqrfFCeCymEzH9eXxz670XzrSnt2NaCXOhEiqt/uHJG61I20IIF8O+cDXUw54r1156c+6Jk5dOXN7/1iuHr6/fHAAAAIDN7/8BAAD//xUTB8I=") fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x408, 0x1) 0s ago: executing program 3 (id=339): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x15) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.183' (ED25519) to the list of known hosts. [ 64.308168][ T5816] cgroup: Unknown subsys name 'net' [ 64.416245][ T5816] cgroup: Unknown subsys name 'cpuset' [ 64.424880][ T5816] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 65.756742][ T5816] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 67.665126][ T5829] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.673384][ T5829] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.685153][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.692877][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.701237][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.714025][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.729025][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.736523][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.752034][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.758283][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.771120][ T5153] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.776611][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.785561][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.794270][ T5153] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.796027][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.809284][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.818301][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.829889][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.837730][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.845318][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.847066][ T5153] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.864710][ T5153] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.872612][ T5153] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.872926][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.887675][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.432725][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 68.630963][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 68.646157][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 68.682660][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 68.696336][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 68.758950][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.766352][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.773827][ T5826] bridge_slave_0: entered allmulticast mode [ 68.781548][ T5826] bridge_slave_0: entered promiscuous mode [ 68.854639][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.861842][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.869451][ T5826] bridge_slave_1: entered allmulticast mode [ 68.876749][ T5826] bridge_slave_1: entered promiscuous mode [ 68.956805][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.964404][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.971857][ T5837] bridge_slave_0: entered allmulticast mode [ 68.979184][ T5837] bridge_slave_0: entered promiscuous mode [ 69.011774][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.019016][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.026455][ T5837] bridge_slave_1: entered allmulticast mode [ 69.033568][ T5837] bridge_slave_1: entered promiscuous mode [ 69.043936][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.097464][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.176993][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.184350][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.191556][ T5835] bridge_slave_0: entered allmulticast mode [ 69.199141][ T5835] bridge_slave_0: entered promiscuous mode [ 69.217861][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.225142][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.232315][ T5836] bridge_slave_0: entered allmulticast mode [ 69.239826][ T5836] bridge_slave_0: entered promiscuous mode [ 69.249634][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.262508][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.274311][ T5826] team0: Port device team_slave_0 added [ 69.280336][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.287698][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.295232][ T5835] bridge_slave_1: entered allmulticast mode [ 69.302289][ T5835] bridge_slave_1: entered promiscuous mode [ 69.309143][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.316418][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.323769][ T5828] bridge_slave_0: entered allmulticast mode [ 69.331305][ T5828] bridge_slave_0: entered promiscuous mode [ 69.339404][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.346807][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.354082][ T5836] bridge_slave_1: entered allmulticast mode [ 69.361096][ T5836] bridge_slave_1: entered promiscuous mode [ 69.381162][ T5826] team0: Port device team_slave_1 added [ 69.413490][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.420677][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.427904][ T5828] bridge_slave_1: entered allmulticast mode [ 69.434989][ T5828] bridge_slave_1: entered promiscuous mode [ 69.472250][ T5837] team0: Port device team_slave_0 added [ 69.517996][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.530758][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.542553][ T5837] team0: Port device team_slave_1 added [ 69.549208][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.556594][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 69.582802][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.597373][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.641708][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.648788][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 69.675312][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.688251][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.714430][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.765740][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.789100][ T5836] team0: Port device team_slave_0 added [ 69.796266][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.803373][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 69.829535][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.842146][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.849577][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 69.873938][ T53] Bluetooth: hci0: command tx timeout [ 69.875648][ T5842] Bluetooth: hci4: command tx timeout [ 69.881097][ T53] Bluetooth: hci1: command tx timeout [ 69.886898][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.924989][ T5835] team0: Port device team_slave_0 added [ 69.953369][ T5834] Bluetooth: hci2: command tx timeout [ 69.954054][ T5836] team0: Port device team_slave_1 added [ 69.959208][ T53] Bluetooth: hci3: command tx timeout [ 69.992342][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.999345][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 70.025379][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.039058][ T5835] team0: Port device team_slave_1 added [ 70.050496][ T5826] hsr_slave_0: entered promiscuous mode [ 70.056963][ T5826] hsr_slave_1: entered promiscuous mode [ 70.065685][ T5828] team0: Port device team_slave_0 added [ 70.082077][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.089290][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 70.115297][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.156773][ T5828] team0: Port device team_slave_1 added [ 70.163528][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.170498][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 70.197049][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.239350][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.246755][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 70.272965][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.289360][ T5837] hsr_slave_0: entered promiscuous mode [ 70.295878][ T5837] hsr_slave_1: entered promiscuous mode [ 70.301979][ T5837] debugfs: 'hsr0' already exists in 'hsr' [ 70.307919][ T5837] Cannot create hsr debugfs directory [ 70.371781][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.378903][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 70.405391][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.418324][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.425314][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 70.451519][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.535082][ T5835] hsr_slave_0: entered promiscuous mode [ 70.541408][ T5835] hsr_slave_1: entered promiscuous mode [ 70.548049][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 70.553816][ T5835] Cannot create hsr debugfs directory [ 70.586151][ T5836] hsr_slave_0: entered promiscuous mode [ 70.592969][ T5836] hsr_slave_1: entered promiscuous mode [ 70.599246][ T5836] debugfs: 'hsr0' already exists in 'hsr' [ 70.605089][ T5836] Cannot create hsr debugfs directory [ 70.749770][ T5828] hsr_slave_0: entered promiscuous mode [ 70.756644][ T5828] hsr_slave_1: entered promiscuous mode [ 70.762750][ T5828] debugfs: 'hsr0' already exists in 'hsr' [ 70.768712][ T5828] Cannot create hsr debugfs directory [ 71.135490][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 71.147906][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 71.158022][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 71.175493][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 71.231980][ T5826] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.242893][ T5826] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.255654][ T5826] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.266463][ T5826] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.326533][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.332981][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.378408][ T5836] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 71.392154][ T5836] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 71.402470][ T5836] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 71.420358][ T5836] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 71.526614][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 71.541449][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.555552][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.567194][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 71.580135][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 71.609853][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 71.643823][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.696410][ T3459] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.703728][ T3459] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.717471][ T5828] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 71.742482][ T5828] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 71.759498][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.775392][ T5828] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 71.786305][ T5828] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 71.802654][ T3459] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.809863][ T3459] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.818852][ T3459] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.826014][ T3459] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.866417][ T3546] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.873626][ T3546] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.944675][ T5826] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.955217][ T53] Bluetooth: hci4: command tx timeout [ 71.955256][ T53] Bluetooth: hci0: command tx timeout [ 71.963295][ T5834] Bluetooth: hci1: command tx timeout [ 72.007826][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.033954][ T5834] Bluetooth: hci3: command tx timeout [ 72.039481][ T5834] Bluetooth: hci2: command tx timeout [ 72.119492][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.165113][ T66] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.172306][ T66] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.208732][ T66] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.216405][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.278172][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.350487][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.371611][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.385687][ T5836] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 72.422011][ T748] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.429213][ T748] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.470919][ T748] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.478228][ T748] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.498963][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.539023][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.571509][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.584722][ T748] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.591937][ T748] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.622946][ T748] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.630205][ T748] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.779777][ T5837] veth0_vlan: entered promiscuous mode [ 72.840236][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.866558][ T5837] veth1_vlan: entered promiscuous mode [ 72.887832][ T5826] veth0_vlan: entered promiscuous mode [ 72.965705][ T5826] veth1_vlan: entered promiscuous mode [ 73.069499][ T5837] veth0_macvtap: entered promiscuous mode [ 73.091342][ T5837] veth1_macvtap: entered promiscuous mode [ 73.157447][ T5826] veth0_macvtap: entered promiscuous mode [ 73.209534][ T5826] veth1_macvtap: entered promiscuous mode [ 73.239351][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.272943][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.292564][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.315019][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.325510][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.354925][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.367735][ T3546] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.377848][ T3546] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.404409][ T3546] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.413763][ T3546] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.438697][ T3546] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.469107][ T5836] veth0_vlan: entered promiscuous mode [ 73.477486][ T3546] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.487849][ T3546] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.508127][ T3546] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.574744][ T5836] veth1_vlan: entered promiscuous mode [ 73.609363][ T3483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.622121][ T3483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.632923][ T5835] veth0_vlan: entered promiscuous mode [ 73.680273][ T5828] veth0_vlan: entered promiscuous mode [ 73.698907][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.700383][ T5835] veth1_vlan: entered promiscuous mode [ 73.716879][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.765632][ T5828] veth1_vlan: entered promiscuous mode [ 73.798148][ T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.813316][ T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.837009][ T5826] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 73.877950][ T5828] veth0_macvtap: entered promiscuous mode [ 73.907898][ T5836] veth0_macvtap: entered promiscuous mode [ 73.918332][ T5836] veth1_macvtap: entered promiscuous mode [ 73.929655][ T5835] veth0_macvtap: entered promiscuous mode [ 73.945692][ T5835] veth1_macvtap: entered promiscuous mode [ 73.967837][ T3546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.976451][ T3546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.987306][ T5828] veth1_macvtap: entered promiscuous mode [ 74.034058][ T5834] Bluetooth: hci1: command tx timeout [ 74.039509][ T5834] Bluetooth: hci0: command tx timeout [ 74.047175][ T53] Bluetooth: hci4: command tx timeout [ 74.067031][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.082559][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.102568][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.114428][ T53] Bluetooth: hci3: command tx timeout [ 74.119977][ T5834] Bluetooth: hci2: command tx timeout [ 74.121277][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.153364][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.186085][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.227905][ T5942] loop2: detected capacity change from 0 to 512 [ 74.270271][ T66] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.292605][ T5942] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3: iget: bad i_size value: 38620345925642 [ 74.313302][ T66] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.344508][ T5942] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3: couldn't read orphan inode 15 (err -117) [ 74.376729][ T5942] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.391114][ T66] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.406524][ T5942] EXT4-fs error (device loop2): ext4_check_all_de:659: inode #12: block 7: comm syz.2.3: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=124 fake=0 [ 74.408930][ T66] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.468761][ T66] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.484445][ T66] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.517181][ T66] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.526847][ T66] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.557726][ T5837] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.586091][ T66] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.642464][ T66] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.669464][ T66] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.701918][ T66] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.776794][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.803577][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.946929][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.973174][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.028714][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.046306][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.099781][ T5957] loop2: detected capacity change from 0 to 2048 [ 75.148822][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.174051][ T748] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.184202][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.222487][ T5961] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 75.224715][ T748] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.298662][ T5947] loop0: detected capacity change from 0 to 32768 [ 75.328436][ T5957] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #12: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 75.392428][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.438209][ T5957] Remounting filesystem read-only [ 75.464327][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.505215][ T5947] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 3 [ 75.505215][ T5947] [ 75.524998][ T5963] Illegal XDP return value 4294967274 on prog (id 4) dev N/A, expect packet loss! [ 75.542400][ T5947] ERROR: (device loop0): remounting filesystem as read-only [ 75.591552][ T5965] loop3: detected capacity change from 0 to 512 [ 75.618607][ T5965] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 75.635304][ T5837] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 75.674276][ T5965] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 75.802198][ T5965] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 75.972720][ T5965] EXT4-fs (loop3): 1 truncate cleaned up [ 76.040168][ T5965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.114431][ T5834] Bluetooth: hci1: command tx timeout [ 76.119899][ T53] Bluetooth: hci0: command tx timeout [ 76.120230][ T5842] Bluetooth: hci4: command tx timeout [ 76.197152][ T5842] Bluetooth: hci2: command tx timeout [ 76.197163][ T5834] Bluetooth: hci3: command tx timeout [ 76.209227][ T5979] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 76.317519][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.464324][ T5971] loop2: detected capacity change from 0 to 32768 [ 76.601484][ T5987] loop4: detected capacity change from 0 to 22 [ 76.659448][ T5987] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 76.689956][ T5987] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 76.823742][ T5882] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 76.976709][ T5973] loop0: detected capacity change from 0 to 40427 [ 76.994832][ T5973] F2FS-fs: heap/no_heap options were deprecated [ 77.003912][ T5882] usb 2-1: Using ep0 maxpacket: 8 [ 77.018078][ T5882] usb 2-1: config index 0 descriptor too short (expected 5924, got 36) [ 77.034726][ T5882] usb 2-1: config 250 has an invalid interface number: 228 but max is -1 [ 77.044994][ T5973] F2FS-fs (loop0): invalid crc value [ 77.051850][ T5882] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 77.062233][ T5882] usb 2-1: config 250 has no interface number 0 [ 77.072479][ T5882] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 77.087101][ T5882] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 77.097960][ T5882] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 77.150304][ T5882] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 77.171201][ T5984] loop3: detected capacity change from 0 to 32768 [ 77.192218][ T5882] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 77.205334][ T5984] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.16 (5984) [ 77.284214][ T5882] usb 2-1: config 250 interface 228 has no altsetting 0 [ 77.305015][ T5882] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 77.326829][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 77.356463][ T5984] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 77.363148][ T5882] usb 2-1: Product: syz [ 77.381096][ T5882] usb 2-1: SerialNumber: syz [ 77.389650][ T5973] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 77.405063][ T5984] BTRFS info (device loop3): using blake2b (blake2b-256-lib) checksum algorithm [ 77.432936][ T5973] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 77.445483][ T5882] hub 2-1:250.228: bad descriptor, ignoring hub [ 77.463540][ T5882] hub 2-1:250.228: probe with driver hub failed with error -5 [ 77.465173][ T5996] loop4: detected capacity change from 0 to 256 [ 77.557372][ T5984] BTRFS info (device loop3): enabling ssd optimizations [ 77.585828][ T5984] BTRFS info (device loop3): turning on async discard [ 77.592722][ T5984] BTRFS info (device loop3): enabling free space tree [ 77.675604][ T5882] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 77.781737][ T6017] loop4: detected capacity change from 0 to 256 [ 77.810137][ T6017] exfat: Deprecated parameter 'namecase' [ 77.833241][ T6017] exfat: Deprecated parameter 'utf8' [ 77.843979][ T5889] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 77.869821][ T5828] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 77.899348][ T6017] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x3f800a9b, utbl_chksum : 0xe619d30d) [ 78.021399][ T5889] usb 3-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 78.058556][ T5889] usb 3-1: config 0 interface 0 has no altsetting 0 [ 78.077619][ T5902] usb 2-1: USB disconnect, device number 2 [ 78.086436][ T5889] usb 3-1: New USB device found, idVendor=17ef, idProduct=60a4, bcdDevice= 0.00 [ 78.113851][ T5889] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.154572][ T5889] usb 3-1: config 0 descriptor?? [ 78.155330][ T5902] usblp0: removed [ 78.167889][ T6019] netlink: 'syz.4.26': attribute type 16 has an invalid length. [ 78.185460][ T6014] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 78.207436][ T6019] netlink: 'syz.4.26': attribute type 1 has an invalid length. [ 78.245224][ T6019] netlink: 'syz.4.26': attribute type 2 has an invalid length. [ 78.490449][ T6024] loop4: detected capacity change from 0 to 1024 [ 78.520696][ T6024] ======================================================= [ 78.520696][ T6024] WARNING: The mand mount option has been deprecated and [ 78.520696][ T6024] and is ignored by this kernel. Remove the mand [ 78.520696][ T6024] option from the mount to silence this warning. [ 78.520696][ T6024] ======================================================= [ 78.655809][ T5889] lenovo 0003:17EF:60A4.0001: hidraw0: USB HID v1.01 Device [HID 17ef:60a4] on usb-dummy_hcd.2-1/input0 [ 78.762851][ T6027] loop0: detected capacity change from 0 to 64 [ 78.868417][ T5889] usb 3-1: USB disconnect, device number 2 [ 78.869202][ T6027] netlink: 'syz.0.23': attribute type 10 has an invalid length. [ 78.949006][ T6026] fido_id[6026]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 78.965162][ T6027] team0: Device veth1_macvtap failed to register rx_handler [ 79.194881][ T6021] syz.3.25 (6021): drop_caches: 2 [ 79.548849][ T6053] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 79.626580][ T6055] warning: `syz.1.40' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 79.855852][ T6057] loop0: detected capacity change from 0 to 4096 [ 79.898385][ T6057] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 80.378818][ T6052] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 80.399329][ T6052] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 80.436909][ T6052] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 80.450517][ T6061] loop2: detected capacity change from 0 to 32768 [ 80.453063][ T6052] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 80.463504][ T6052] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 80.490322][ T6052] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 80.506382][ T6052] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 80.513929][ T6052] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 80.540997][ T6049] loop4: detected capacity change from 0 to 40427 [ 80.541055][ T6052] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 80.573707][ T6052] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 80.584002][ T6049] F2FS-fs (loop4): Image doesn't support compression [ 80.598299][ T6052] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 80.608521][ T6049] F2FS-fs (loop4): build fault injection rate: 690 [ 80.649679][ T6049] F2FS-fs (loop4): invalid crc value [ 80.676926][ T6052] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 80.732716][ T6052] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 80.754532][ T6052] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 80.791998][ T6052] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 80.907141][ T6049] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 80.937350][ T6049] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 80.942638][ T6076] loop2: detected capacity change from 0 to 64 [ 80.967796][ T6069] loop1: detected capacity change from 0 to 32768 [ 81.047234][ T6069] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.107504][ T6069] ERROR: (device loop1): diAllocAG: error reading iag [ 81.107504][ T6069] [ 81.126380][ T50] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 81.140929][ T6069] ERROR: (device loop1): remounting filesystem as read-only [ 81.200673][ T6069] ialloc: diAlloc returned -5! [ 81.283074][ T50] usb 1-1: Using ep0 maxpacket: 16 [ 81.293600][ T50] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.320198][ T50] usb 1-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00 [ 81.342143][ T50] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.378256][ T50] usb 1-1: config 0 descriptor?? [ 81.567855][ T10] cfg80211: failed to load regulatory.db [ 81.713887][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 81.855725][ T50] sunplus 0003:04FC:05D8.0002: unknown main item tag 0x6 [ 81.862896][ T50] sunplus 0003:04FC:05D8.0002: unknown main item tag 0x5 [ 81.904666][ T50] sunplus 0003:04FC:05D8.0002: unknown main item tag 0x4 [ 81.911835][ T50] sunplus 0003:04FC:05D8.0002: item fetching failed at offset 31/160 [ 81.959937][ T50] sunplus 0003:04FC:05D8.0002: probe with driver sunplus failed with error -22 [ 82.002019][ T6097] loop3: detected capacity change from 0 to 1024 [ 82.030132][ T6097] EXT4-fs: Ignoring removed nomblk_io_submit option [ 82.063312][ T5882] usb 1-1: USB disconnect, device number 2 [ 82.087314][ T6097] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 82.147410][ T6097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.181815][ T6101] netlink: 8 bytes leftover after parsing attributes in process `syz.4.53'. [ 82.247365][ T6097] VFS: Lookup of 'file0' in ext4 loop3 would have caused loop [ 82.396088][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.519139][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 82.519150][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 82.593304][ T5842] Bluetooth: hci4: command 0x0c1a tx timeout [ 82.631428][ T6091] loop2: detected capacity change from 0 to 32768 [ 82.756377][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 82.767232][ T6091] ialloc: diAlloc returned -5! [ 82.967448][ T6117] loop0: detected capacity change from 0 to 128 [ 83.535285][ T6106] loop4: detected capacity change from 0 to 40427 [ 83.576393][ T6106] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 83.608611][ T6106] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 83.644132][ T6106] F2FS-fs (loop4): invalid crc value [ 83.793996][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 83.935239][ T6106] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 83.972161][ T6106] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 84.013103][ T6106] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 84.182063][ T6152] loop0: detected capacity change from 0 to 1024 [ 84.191367][ T6152] EXT4-fs: Ignoring removed bh option [ 84.233614][ T6152] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 84.249556][ T6120] loop2: detected capacity change from 0 to 40427 [ 84.286878][ T6120] F2FS-fs: heap/no_heap options were deprecated [ 84.318139][ T6152] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.367082][ T6157] loop1: detected capacity change from 0 to 256 [ 84.388010][ T6120] F2FS-fs (loop2): Invalid segment count (1) [ 84.425155][ T6120] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 84.445894][ T5826] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.496290][ T6120] F2FS-fs (loop2): invalid crc value [ 84.569568][ T6157] FAT-fs (loop1): Directory bread(block 64) failed [ 84.593247][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 84.599350][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 84.606420][ T6157] FAT-fs (loop1): Directory bread(block 65) failed [ 84.638174][ T6157] FAT-fs (loop1): Directory bread(block 66) failed [ 84.668895][ T6157] FAT-fs (loop1): Directory bread(block 67) failed [ 84.674725][ T5842] Bluetooth: hci4: command 0x0c1a tx timeout [ 84.691613][ T6157] FAT-fs (loop1): Directory bread(block 68) failed [ 84.699905][ T6157] FAT-fs (loop1): Directory bread(block 69) failed [ 84.709588][ T6157] FAT-fs (loop1): Directory bread(block 70) failed [ 84.716798][ T6157] FAT-fs (loop1): Directory bread(block 71) failed [ 84.723468][ T6157] FAT-fs (loop1): Directory bread(block 72) failed [ 84.730070][ T6157] FAT-fs (loop1): Directory bread(block 73) failed [ 84.810343][ T6120] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 84.836189][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 84.893664][ T6120] F2FS-fs (loop2): Try to recover 1th superblock, ret: -30 [ 84.900900][ T6120] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 84.934509][ T10] IPVS: starting estimator thread 0... [ 85.034490][ T6120] F2FS-fs (loop2): Corrupted max_depth of 3: 131073 [ 85.034999][ T6166] IPVS: using max 31 ests per chain, 74400 per kthread [ 85.468181][ T6186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.98'. [ 85.573305][ T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 85.622060][ T6188] loop0: detected capacity change from 0 to 1024 [ 85.639088][ T6188] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 85.695621][ T6188] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.753074][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 85.760553][ T24] usb 5-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30 [ 85.778161][ T24] usb 5-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 85.791229][ T6176] loop1: detected capacity change from 0 to 32768 [ 85.791405][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 85.805891][ T24] usb 5-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 85.808804][ T6188] EXT4-fs error (device loop0): ext4_generic_delete_entry:2668: inode #12: block 7: comm syz.0.99: bad entry in directory: inode out of bounds - offset=0, inode=150994957, rec_len=16, size=56 fake=0 [ 85.814983][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.847926][ T24] usb 5-1: config 0 descriptor?? [ 85.871437][ T6188] EXT4-fs error (device loop0) in ext4_delete_inline_entry:1687: Corrupt filesystem [ 85.881637][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 85.923653][ T6176] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 86.029358][ T6206] gtp0: entered promiscuous mode [ 86.048749][ T6206] gtp0: entered allmulticast mode [ 86.061502][ T5826] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.105482][ T6176] XFS (loop1): Ending clean mount [ 86.131093][ T6176] XFS (loop1): Quotacheck needed: Please wait. [ 86.212133][ T6208] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 86.217576][ T6176] XFS (loop1): Quotacheck: Done. [ 86.237253][ T6208] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 86.254650][ T6208] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 86.261219][ T6208] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 86.290655][ T24] gt683r_led 0003:1770:FF00.0003: unknown main item tag 0x2 [ 86.321670][ T6208] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 86.351515][ T24] gt683r_led 0003:1770:FF00.0003: hidraw0: USB HID vf4.f6 Device [HID 1770:ff00] on usb-dummy_hcd.4-1/input0 [ 86.363348][ T6208] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 86.363476][ T6208] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 86.363519][ T6208] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 86.363558][ T6208] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 86.363626][ T6208] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 86.363665][ T6208] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 86.363703][ T6208] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 86.515128][ T24] usb 5-1: USB disconnect, device number 2 [ 86.525731][ T5835] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 86.533805][ T5902] gt683r_led 0003:1770:FF00.0003: failed to send set report request: -19 [ 86.586806][ T5902] gt683r_led 0003:1770:FF00.0003: failed to send set report request: -19 [ 86.620276][ T5902] gt683r_led 0003:1770:FF00.0003: failed to send set report request: -19 [ 86.649588][ T6213] fido_id[6213]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory [ 86.676420][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 86.691276][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 86.756587][ T5842] Bluetooth: hci4: command 0x0c1a tx timeout [ 86.806031][ T6217] loop0: detected capacity change from 0 to 1024 [ 86.861407][ T6217] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945) [ 86.902911][ T6217] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 86.913207][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 86.947549][ T6217] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 86.963449][ T6217] EXT4-fs (loop0): orphan cleanup on readonly fs [ 86.964472][ T6194] loop3: detected capacity change from 0 to 32768 [ 86.990274][ T6194] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.101 (6194) [ 86.993563][ T6217] EXT4-fs error (device loop0): ext4_read_inode_bitmap:167: comm syz.0.108: Inode bitmap for bg 0 marked uninitialized [ 87.025514][ T6194] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 87.050104][ T6217] EXT4-fs (loop0): Remounting filesystem read-only [ 87.060744][ T6217] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 87.073407][ T6194] BTRFS info (device loop3): using blake2b (blake2b-256-lib) checksum algorithm [ 87.217010][ T6234] loop4: detected capacity change from 0 to 128 [ 87.231286][ T6215] loop2: detected capacity change from 0 to 32768 [ 87.259557][ T6194] BTRFS info (device loop3): enabling ssd optimizations [ 87.348083][ T6194] BTRFS info (device loop3): turning on async discard [ 87.372678][ T6194] BTRFS info (device loop3): enabling free space tree [ 87.410488][ T5826] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.424886][ T6215] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 87.424886][ T6215] [ 87.491321][ T6215] ERROR: (device loop2): remounting filesystem as read-only [ 87.548213][ T6215] ialloc: diAlloc returned -5! [ 87.724765][ T5828] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 87.767940][ T6220] loop1: detected capacity change from 0 to 40427 [ 87.784009][ T6220] F2FS-fs: heap/no_heap options were deprecated [ 87.829744][ T6220] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(0) root(3) [ 87.866342][ T6220] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 87.883769][ T6220] F2FS-fs (loop1): Image doesn't support compression [ 87.944403][ T6220] F2FS-fs (loop1): invalid crc value [ 88.279668][ T6220] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 88.297868][ T6249] Bluetooth: MGMT ver 1.23 [ 88.338181][ T6220] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 88.368037][ T6220] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 88.473897][ T6245] f2fs_ckpt-7:1: attempt to access beyond end of device [ 88.473897][ T6245] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 88.510172][ T6245] CPU: 0 UID: 0 PID: 6245 Comm: f2fs_ckpt-7:1 Not tainted syzkaller #0 PREEMPT(full) [ 88.510197][ T6245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 88.510214][ T6245] Call Trace: [ 88.510222][ T6245] [ 88.510230][ T6245] dump_stack_lvl+0x189/0x250 [ 88.510264][ T6245] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.510289][ T6245] ? __pfx_queue_work_on+0x10/0x10 [ 88.510309][ T6245] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 88.510331][ T6245] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 88.510366][ T6245] f2fs_handle_critical_error+0x37c/0x540 [ 88.510402][ T6245] f2fs_write_end_io+0x886/0xb60 [ 88.510443][ T6245] __submit_merged_bio+0x27a/0x6a0 [ 88.510478][ T6245] __submit_merged_write_cond+0x255/0x530 [ 88.510513][ T6245] f2fs_write_data_pages+0x261d/0x3000 [ 88.510574][ T6245] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 88.510678][ T6245] ? __lock_acquire+0xab9/0xd20 [ 88.510709][ T6245] ? do_raw_spin_lock+0x121/0x290 [ 88.510754][ T6245] ? do_raw_spin_unlock+0x122/0x240 [ 88.510780][ T6245] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 88.510800][ T6245] do_writepages+0x32e/0x550 [ 88.510840][ T6245] ? do_raw_spin_unlock+0x122/0x240 [ 88.510871][ T6245] filemap_fdatawrite+0x199/0x240 [ 88.510889][ T6245] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 88.510965][ T6245] ? do_raw_spin_unlock+0x122/0x240 [ 88.510995][ T6245] f2fs_sync_dirty_inodes+0x31f/0x830 [ 88.511034][ T6245] f2fs_write_checkpoint+0x93e/0x2440 [ 88.511092][ T6245] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 88.511160][ T6245] ? down_write+0x162/0x1f0 [ 88.511184][ T6245] ? __pfx_down_write+0x10/0x10 [ 88.511222][ T6245] __checkpoint_and_complete_reqs+0xdf/0x3d0 [ 88.511244][ T6245] ? __pfx___schedule+0x10/0x10 [ 88.511270][ T6245] ? __pfx___checkpoint_and_complete_reqs+0x10/0x10 [ 88.511306][ T6245] ? schedule+0x91/0x360 [ 88.511338][ T6245] issue_checkpoint_thread+0xd9/0x260 [ 88.511363][ T6245] ? __pfx_issue_checkpoint_thread+0x10/0x10 [ 88.511384][ T6245] ? __pfx_autoremove_wake_function+0x10/0x10 [ 88.511412][ T6245] ? __kthread_parkme+0x7b/0x200 [ 88.511435][ T6245] ? __kthread_parkme+0x1a1/0x200 [ 88.511466][ T6245] kthread+0x711/0x8a0 [ 88.511494][ T6245] ? __pfx_issue_checkpoint_thread+0x10/0x10 [ 88.511515][ T6245] ? __pfx_kthread+0x10/0x10 [ 88.511542][ T6245] ? _raw_spin_unlock_irq+0x23/0x50 [ 88.511561][ T6245] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.511581][ T6245] ? __pfx_kthread+0x10/0x10 [ 88.511607][ T6245] ret_from_fork+0x4bc/0x870 [ 88.511631][ T6245] ? __pfx_ret_from_fork+0x10/0x10 [ 88.511661][ T6245] ? __switch_to_asm+0x39/0x70 [ 88.511676][ T6245] ? __switch_to_asm+0x33/0x70 [ 88.511690][ T6245] ? __pfx_kthread+0x10/0x10 [ 88.511716][ T6245] ret_from_fork_asm+0x1a/0x30 [ 88.511761][ T6245] [ 88.511769][ T6245] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 88.590044][ T6241] loop0: detected capacity change from 0 to 32768 [ 88.886000][ T6241] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 88.909153][ T6241] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 89.520694][ T6241] XFS (loop0): Ending clean mount [ 89.557797][ T6241] XFS (loop0): Quotacheck needed: Please wait. [ 89.676184][ T6241] XFS (loop0): Quotacheck: Done. [ 89.866206][ T5826] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 89.958063][ T6265] syz.2.120 (6265): drop_caches: 2 [ 90.006851][ T6259] loop3: detected capacity change from 0 to 32768 [ 90.174261][ T6278] loop4: detected capacity change from 0 to 512 [ 90.286709][ T6278] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.329436][ T6278] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.445099][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.790608][ T6300] loop4: detected capacity change from 0 to 1024 [ 90.897037][ T3546] hfsplus: b-tree write err: -5, ino 4 [ 91.070443][ T6288] loop0: detected capacity change from 0 to 40427 [ 91.109447][ T6288] F2FS-fs (loop0): invalid crc value [ 91.308098][ T6288] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 91.321871][ T6288] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 91.460412][ T5826] syz-executor: attempt to access beyond end of device [ 91.460412][ T5826] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 91.514716][ T5826] CPU: 1 UID: 0 PID: 5826 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 91.514740][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 91.514749][ T5826] Call Trace: [ 91.514756][ T5826] [ 91.514763][ T5826] dump_stack_lvl+0x189/0x250 [ 91.514796][ T5826] ? __pfx_dump_stack_lvl+0x10/0x10 [ 91.514818][ T5826] ? __pfx_queue_work_on+0x10/0x10 [ 91.514837][ T5826] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 91.514858][ T5826] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 91.514889][ T5826] f2fs_handle_critical_error+0x37c/0x540 [ 91.514921][ T5826] f2fs_write_end_io+0x886/0xb60 [ 91.514957][ T5826] __submit_merged_bio+0x27a/0x6a0 [ 91.514988][ T5826] __submit_merged_write_cond+0x255/0x530 [ 91.515018][ T5826] f2fs_write_data_pages+0x261d/0x3000 [ 91.515066][ T5826] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 91.515152][ T5826] ? __lock_acquire+0xab9/0xd20 [ 91.515181][ T5826] ? do_raw_spin_lock+0x121/0x290 [ 91.515217][ T5826] ? do_raw_spin_unlock+0x122/0x240 [ 91.515241][ T5826] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 91.515260][ T5826] do_writepages+0x32e/0x550 [ 91.515297][ T5826] ? do_raw_spin_unlock+0x122/0x240 [ 91.515324][ T5826] filemap_fdatawrite+0x199/0x240 [ 91.515342][ T5826] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 91.515418][ T5826] ? do_raw_spin_unlock+0x122/0x240 [ 91.515447][ T5826] f2fs_sync_dirty_inodes+0x31f/0x830 [ 91.515481][ T5826] f2fs_write_checkpoint+0x93e/0x2440 [ 91.515500][ T5826] ? __lock_acquire+0xab9/0xd20 [ 91.515545][ T5826] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 91.515617][ T5826] kill_f2fs_super+0x2cc/0x6d0 [ 91.515643][ T5826] ? __pfx_kill_f2fs_super+0x10/0x10 [ 91.515676][ T5826] ? shrinker_free+0x2ce/0x3e0 [ 91.515700][ T5826] deactivate_locked_super+0xbc/0x130 [ 91.515724][ T5826] cleanup_mnt+0x425/0x4c0 [ 91.515745][ T5826] ? lockdep_hardirqs_on+0x9c/0x150 [ 91.515769][ T5826] task_work_run+0x1d4/0x260 [ 91.515790][ T5826] ? __pfx_task_work_run+0x10/0x10 [ 91.515804][ T5826] ? __x64_sys_umount+0x122/0x160 [ 91.515830][ T5826] ? exit_to_user_mode_loop+0x40/0x130 [ 91.515853][ T5826] exit_to_user_mode_loop+0xe9/0x130 [ 91.515872][ T5826] do_syscall_64+0x2bd/0xfa0 [ 91.515892][ T5826] ? lockdep_hardirqs_on+0x9c/0x150 [ 91.515913][ T5826] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.515930][ T5826] ? clear_bhb_loop+0x60/0xb0 [ 91.515951][ T5826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.515967][ T5826] RIP: 0033:0x7f7e5c1902f7 [ 91.515993][ T5826] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 91.516007][ T5826] RSP: 002b:00007ffd82834828 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 91.516026][ T5826] RAX: 0000000000000000 RBX: 00007f7e5c211d7d RCX: 00007f7e5c1902f7 [ 91.516038][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd828348e0 [ 91.516048][ T5826] RBP: 00007ffd828348e0 R08: 0000000000000000 R09: 0000000000000000 [ 91.516056][ T5826] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd82835970 [ 91.516066][ T5826] R13: 00007f7e5c211d7d R14: 00000000000164ff R15: 00007ffd828359b0 [ 91.516094][ T5826] [ 91.516599][ T5826] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 91.853805][ T6326] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 91.978925][ T6330] loop1: detected capacity change from 0 to 128 [ 91.982647][ T6317] loop4: detected capacity change from 0 to 40427 [ 91.994619][ T6330] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 92.009722][ T6317] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 92.027791][ T6317] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 92.054963][ T6317] F2FS-fs (loop4): build fault injection rate: 17008 [ 92.083443][ T6317] F2FS-fs (loop4): build fault injection type: 0x1f8 [ 92.143528][ T6317] F2FS-fs (loop4): invalid crc value [ 92.176317][ T6332] loop3: detected capacity change from 0 to 512 [ 92.406866][ T6317] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 92.425726][ T6317] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 92.443448][ T6317] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 92.528640][ T6291] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 92.775657][ T6348] netlink: 'syz.3.150': attribute type 13 has an invalid length. [ 92.890402][ T6348] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.898912][ T6348] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.934664][ T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 93.005761][ T6339] loop1: detected capacity change from 0 to 40427 [ 93.015642][ T6348] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 93.030807][ T6348] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 93.047162][ T6339] F2FS-fs (loop1): invalid crc value [ 93.093202][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 93.136805][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 93.192923][ T24] usb 1-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00 [ 93.222484][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.257371][ T24] usb 1-1: config 0 descriptor?? [ 93.324770][ T6339] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 93.339512][ T6339] F2FS-fs (loop1): Start checkpoint disabled! [ 93.355550][ T6339] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0 [ 93.365522][ T6339] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 93.402480][ T3483] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.412008][ T3483] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.440063][ T3483] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.467503][ T3483] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.582731][ T3483] kworker/u8:9: attempt to access beyond end of device [ 93.582731][ T3483] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 93.611880][ T3483] CPU: 1 UID: 0 PID: 3483 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) [ 93.611919][ T3483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 93.611937][ T3483] Workqueue: writeback wb_workfn (flush-7:1) [ 93.611978][ T3483] Call Trace: [ 93.611985][ T3483] [ 93.611991][ T3483] dump_stack_lvl+0x189/0x250 [ 93.612020][ T3483] ? __pfx_dump_stack_lvl+0x10/0x10 [ 93.612043][ T3483] ? __pfx_queue_work_on+0x10/0x10 [ 93.612063][ T3483] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 93.612084][ T3483] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 93.612116][ T3483] f2fs_handle_critical_error+0x37c/0x540 [ 93.612148][ T3483] f2fs_write_end_io+0x886/0xb60 [ 93.612181][ T3483] __submit_merged_bio+0x27a/0x6a0 [ 93.612210][ T3483] __submit_merged_write_cond+0x255/0x530 [ 93.612250][ T3483] f2fs_write_data_pages+0x261d/0x3000 [ 93.612289][ T6362] Bluetooth: MGMT ver 1.23 [ 93.612299][ T3483] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 93.612326][ T3483] ? __pfx_f2fs_available_free_memory+0x10/0x10 [ 93.612374][ T3483] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 93.612399][ T3483] ? look_up_lock_class+0x74/0x170 [ 93.612429][ T3483] ? trace_f2fs_writepages+0x7f/0x200 [ 93.612454][ T3483] ? f2fs_write_node_pages+0x478/0x6e0 [ 93.612481][ T3483] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 93.612508][ T3483] ? __lock_acquire+0xab9/0xd20 [ 93.612533][ T3483] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 93.612551][ T3483] do_writepages+0x32e/0x550 [ 93.612581][ T3483] ? reacquire_held_locks+0x127/0x1d0 [ 93.612601][ T3483] ? writeback_sb_inodes+0x384/0x1010 [ 93.612631][ T3483] __writeback_single_inode+0x145/0xff0 [ 93.612654][ T3483] ? do_raw_spin_unlock+0x122/0x240 [ 93.612682][ T3483] writeback_sb_inodes+0x6c7/0x1010 [ 93.612728][ T3483] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 93.612791][ T3483] ? rcu_is_watching+0x15/0xb0 [ 93.612820][ T3483] wb_writeback+0x43b/0xaf0 [ 93.612850][ T3483] ? queue_io+0x301/0x590 [ 93.612875][ T3483] ? __pfx_wb_writeback+0x10/0x10 [ 93.612905][ T3483] ? _raw_spin_unlock_irq+0x23/0x50 [ 93.612929][ T3483] wb_workfn+0x409/0xef0 [ 93.612963][ T3483] ? __pfx_wb_workfn+0x10/0x10 [ 93.612987][ T3483] ? __lock_acquire+0xab9/0xd20 [ 93.613015][ T3483] ? process_scheduled_works+0x9ef/0x17b0 [ 93.613040][ T3483] ? _raw_spin_unlock_irq+0x23/0x50 [ 93.613058][ T3483] ? process_scheduled_works+0x9ef/0x17b0 [ 93.613077][ T3483] ? process_scheduled_works+0x9ef/0x17b0 [ 93.613098][ T3483] process_scheduled_works+0xae1/0x17b0 [ 93.613145][ T3483] ? __pfx_process_scheduled_works+0x10/0x10 [ 93.613181][ T3483] worker_thread+0x8a0/0xda0 [ 93.613232][ T3483] kthread+0x711/0x8a0 [ 93.613259][ T3483] ? __pfx_worker_thread+0x10/0x10 [ 93.613278][ T3483] ? __pfx_kthread+0x10/0x10 [ 93.613302][ T3483] ? _raw_spin_unlock_irq+0x23/0x50 [ 93.613320][ T3483] ? lockdep_hardirqs_on+0x9c/0x150 [ 93.613338][ T3483] ? __pfx_kthread+0x10/0x10 [ 93.613362][ T3483] ret_from_fork+0x4bc/0x870 [ 93.613384][ T3483] ? __pfx_ret_from_fork+0x10/0x10 [ 93.613409][ T3483] ? __switch_to_asm+0x39/0x70 [ 93.613423][ T3483] ? __switch_to_asm+0x33/0x70 [ 93.613437][ T3483] ? __pfx_kthread+0x10/0x10 [ 93.613461][ T3483] ret_from_fork_asm+0x1a/0x30 [ 93.613494][ T3483] [ 93.614207][ T3483] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 93.947856][ T24] thrustmaster 0003:044F:B653.0004: item fetching failed at offset 0/2 [ 93.957588][ T24] thrustmaster 0003:044F:B653.0004: parse failed [ 93.964047][ T24] thrustmaster 0003:044F:B653.0004: probe with driver thrustmaster failed with error -22 [ 93.979182][ T24] usb 1-1: USB disconnect, device number 3 [ 94.431529][ T6382] netlink: 24 bytes leftover after parsing attributes in process `syz.1.155'. [ 94.875165][ T6385] loop1: detected capacity change from 0 to 32768 [ 94.887490][ T6385] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.166 (6385) [ 94.928033][ T6385] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 94.943855][ T6385] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 94.974031][ T6383] loop2: detected capacity change from 0 to 32768 [ 95.059859][ T6383] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 95.081134][ T6405] netlink: 156 bytes leftover after parsing attributes in process `syz.0.169'. [ 95.098104][ T6412] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.170'. [ 95.147779][ T6405] netlink: 4 bytes leftover after parsing attributes in process `syz.0.169'. [ 95.189040][ T6385] BTRFS info (device loop1): enabling ssd optimizations [ 95.189067][ T6385] BTRFS info (device loop1): turning on async discard [ 95.189082][ T6385] BTRFS info (device loop1): enabling free space tree [ 95.235061][ T6383] XFS (loop2): Ending clean mount [ 95.236462][ T6385] capability: warning: `syz.1.166' uses deprecated v2 capabilities in a way that may be insecure [ 95.255220][ T6383] XFS (loop2): Quotacheck needed: Please wait. [ 95.361860][ T6383] XFS (loop2): Quotacheck: Done. [ 95.446470][ T6426] macsec1: entered allmulticast mode [ 95.451796][ T6426] macsec0: entered allmulticast mode [ 95.477517][ T6426] veth1_macvtap: entered allmulticast mode [ 95.485986][ T6383] XFS (loop2): Metadata CRC error detected at xfs_refcountbt_read_verify+0x42/0xe0, xfs_refcountbt block 0x28 [ 95.519978][ T6383] XFS (loop2): Unmount and run xfs_repair [ 95.527197][ T6383] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 95.536743][ T6383] 00000000: 52 ff ff ff 7f 00 00 00 ff ff ff ff ff ff ff ff R............... [ 95.547359][ T6383] 00000010: 00 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 .......(........ [ 95.554168][ T5835] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 95.592625][ T6383] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 95.604641][ T6383] 00000030: 00 00 00 00 bd e7 de 5d 00 00 00 00 00 00 00 00 .......]........ [ 95.636306][ T5889] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 95.679303][ T6383] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 95.727313][ T6383] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 95.764051][ T6383] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 95.784379][ T6383] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 95.803369][ T6383] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x28 len 8 error 74 [ 95.834954][ T6383] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem. [ 95.843443][ T5889] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 95.887543][ T6383] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 95.897556][ T5889] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.950338][ T5889] usb 1-1: New USB device found, idVendor=06a3, idProduct=0cfa, bcdDevice= 0.00 [ 95.975015][ T5889] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.024092][ T5889] usb 1-1: config 0 descriptor?? [ 96.048784][ T5837] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 96.448433][ T5889] saitek 0003:06A3:0CFA.0005: unknown main item tag 0x0 [ 96.476546][ T5889] saitek 0003:06A3:0CFA.0005: unknown main item tag 0x0 [ 96.524320][ T5889] saitek 0003:06A3:0CFA.0005: hidraw0: USB HID v0.00 Device [HID 06a3:0cfa] on usb-dummy_hcd.0-1/input0 [ 96.730157][ T5889] usb 1-1: USB disconnect, device number 4 [ 97.386668][ T6473] loop2: detected capacity change from 0 to 256 [ 97.423289][ T6473] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 97.561120][ T6474] loop0: detected capacity change from 0 to 4096 [ 97.625858][ T6474] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 97.704587][ T6474] ntfs3(loop0): ino=1a, mi_enum_attr [ 97.723745][ T6474] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 97.778021][ T6474] ntfs3(loop0): ino=1a, mi_enum_attr [ 97.801471][ T6474] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 97.919352][ T30] audit: type=1800 audit(1761643208.313:2): pid=6474 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.194" name="file1" dev="loop0" ino=24 res=0 errno=0 [ 98.110751][ T6456] loop1: detected capacity change from 0 to 32768 [ 98.266027][ T6456] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 98.285024][ T6456] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 98.351933][ T6491] loop0: detected capacity change from 0 to 128 [ 98.405808][ T6456] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 98.428338][ T799] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 98.438615][ T799] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 98.595362][ T799] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 156ms [ 98.622642][ T799] gfs2: fsid=syz:syz.0: jid=0: Done [ 98.636088][ T6456] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 98.688650][ T6479] loop3: detected capacity change from 0 to 40427 [ 98.704104][ T6481] loop2: detected capacity change from 0 to 40427 [ 98.717084][ T6485] loop4: detected capacity change from 0 to 32768 [ 98.725040][ T6479] F2FS-fs: heap/no_heap options were deprecated [ 98.731836][ T6481] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 98.744605][ T6481] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 98.764257][ T6479] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 98.764292][ T6479] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 98.764639][ T6479] F2FS-fs (loop3): build fault injection type: 0x0 [ 98.766828][ T6479] F2FS-fs (loop3): invalid crc value [ 98.800253][ T6485] [ 98.800253][ T6485] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 98.800253][ T6485] [ 98.828848][ T6485] ERROR: (device loop4): diWrite: ixpxd invalid [ 98.828848][ T6485] [ 98.840310][ T6485] ERROR: (device loop4): txCommit: [ 98.840310][ T6485] [ 98.861452][ T6485] jfs_create: dtSearch returned -17 [ 98.977790][ T5836] [ 98.977790][ T5836] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 98.977790][ T5836] [ 99.033416][ T5836] [ 99.033416][ T5836] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 99.033416][ T5836] [ 99.193970][ T6479] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 99.213186][ T6481] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 99.260835][ T6479] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 99.263455][ T6456] gfs2: fsid=syz:syz.0: found 1 quota changes [ 99.283584][ T6481] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 99.305218][ T6479] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 99.322866][ T6481] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 99.574538][ T5837] syz-executor: attempt to access beyond end of device [ 99.574538][ T5837] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 99.604416][ T5837] CPU: 0 UID: 0 PID: 5837 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 99.604440][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 99.604450][ T5837] Call Trace: [ 99.604457][ T5837] [ 99.604465][ T5837] dump_stack_lvl+0x189/0x250 [ 99.604498][ T5837] ? __pfx_dump_stack_lvl+0x10/0x10 [ 99.604522][ T5837] ? __pfx_queue_work_on+0x10/0x10 [ 99.604542][ T5837] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 99.604564][ T5837] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 99.604606][ T5837] f2fs_handle_critical_error+0x37c/0x540 [ 99.604640][ T5837] f2fs_write_end_io+0x886/0xb60 [ 99.604678][ T5837] __submit_merged_bio+0x27a/0x6a0 [ 99.604711][ T5837] __submit_merged_write_cond+0x255/0x530 [ 99.604745][ T5837] f2fs_write_data_pages+0x261d/0x3000 [ 99.604761][ T5837] ? psi_group_change+0xab8/0x1050 [ 99.604821][ T5837] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 99.604894][ T5837] ? __pfx_sched_balance_rq+0x10/0x10 [ 99.604918][ T5837] ? __lock_acquire+0xab9/0xd20 [ 99.604963][ T5837] ? __lock_acquire+0xab9/0xd20 [ 99.605001][ T5837] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 99.605021][ T5837] do_writepages+0x32e/0x550 [ 99.605060][ T5837] ? do_raw_spin_unlock+0x122/0x240 [ 99.605090][ T5837] filemap_fdatawrite+0x199/0x240 [ 99.605108][ T5837] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 99.605179][ T5837] ? do_raw_spin_unlock+0x122/0x240 [ 99.605209][ T5837] f2fs_sync_dirty_inodes+0x31f/0x830 [ 99.605247][ T5837] f2fs_write_checkpoint+0x93e/0x2440 [ 99.605310][ T5837] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 99.605328][ T5837] ? kasan_record_aux_stack+0xbd/0xd0 [ 99.605416][ T5837] kill_f2fs_super+0x2cc/0x6d0 [ 99.605444][ T5837] ? __pfx_kill_f2fs_super+0x10/0x10 [ 99.605485][ T5837] ? shrinker_free+0x2ce/0x3e0 [ 99.605512][ T5837] deactivate_locked_super+0xbc/0x130 [ 99.605537][ T5837] cleanup_mnt+0x425/0x4c0 [ 99.605558][ T5837] ? lockdep_hardirqs_on+0x9c/0x150 [ 99.605583][ T5837] task_work_run+0x1d4/0x260 [ 99.605631][ T5837] ? __pfx_task_work_run+0x10/0x10 [ 99.605646][ T5837] ? __x64_sys_umount+0x122/0x160 [ 99.605674][ T5837] ? exit_to_user_mode_loop+0x40/0x130 [ 99.605699][ T5837] exit_to_user_mode_loop+0xe9/0x130 [ 99.605719][ T5837] do_syscall_64+0x2bd/0xfa0 [ 99.605739][ T5837] ? lockdep_hardirqs_on+0x9c/0x150 [ 99.605760][ T5837] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.605778][ T5837] ? clear_bhb_loop+0x60/0xb0 [ 99.605800][ T5837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.605817][ T5837] RIP: 0033:0x7f55ecd902f7 [ 99.605834][ T5837] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 99.605847][ T5837] RSP: 002b:00007ffffd9ce3e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 99.605866][ T5837] RAX: 0000000000000000 RBX: 00007f55ece11d7d RCX: 00007f55ecd902f7 [ 99.605878][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffffd9ce4a0 [ 99.605889][ T5837] RBP: 00007ffffd9ce4a0 R08: 0000000000000000 R09: 0000000000000000 [ 99.605899][ T5837] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffffd9cf530 [ 99.605910][ T5837] R13: 00007f55ece11d7d R14: 00000000000184b9 R15: 00007ffffd9cf570 [ 99.605946][ T5837] [ 99.605953][ T5837] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 100.003059][ T5882] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 100.155161][ T5882] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30 [ 100.166312][ T5882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.203032][ T5882] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196 [ 100.263093][ T5882] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 100.272172][ T5882] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.306319][ T5882] usb 5-1: config 0 descriptor?? [ 100.315870][ T6512] loop0: detected capacity change from 0 to 32768 [ 100.375323][ T6512] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 100.435808][ T6512] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 100.696705][ T5826] ocfs2: Unmounting device (7,0) on (node local) [ 100.734166][ T5882] holtek_kbd 0003:04D9:A055.0006: bogus close delimiter [ 100.764113][ T5882] holtek_kbd 0003:04D9:A055.0006: item 0 4 2 10 parsing failed [ 100.824015][ T5882] holtek_kbd 0003:04D9:A055.0006: probe with driver holtek_kbd failed with error -22 [ 100.938089][ T799] usb 5-1: USB disconnect, device number 3 [ 100.981909][ T6529] loop0: detected capacity change from 0 to 4096 [ 101.095164][ T6535] loop2: detected capacity change from 0 to 2048 [ 101.164409][ T6535] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 101.199939][ T6523] loop1: detected capacity change from 0 to 32768 [ 101.265785][ T6523] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 101.343937][ T6523] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 101.453662][ T6523] XFS (loop1): Starting recovery (logdev: internal) [ 101.539854][ T6523] XFS (loop1): Ending recovery (logdev: internal) [ 101.570079][ T6523] XFS (loop1): Quotacheck needed: Please wait. [ 101.610453][ T6523] XFS (loop1): Quotacheck: Done. [ 101.769132][ T6559] loop4: detected capacity change from 0 to 4096 [ 101.781250][ T6559] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 101.815214][ T5835] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 101.823404][ T6559] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 101.851076][ T30] audit: type=1800 audit(1761643212.243:3): pid=6559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.226" name="file1" dev="loop4" ino=30 res=0 errno=0 [ 101.903469][ T799] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 102.084292][ T799] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 102.117027][ T799] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.142016][ T799] usb 1-1: config 0 descriptor?? [ 102.166757][ T799] cp210x 1-1:0.0: cp210x converter detected [ 102.260555][ T6555] loop2: detected capacity change from 0 to 32768 [ 102.313314][ T6555] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.223 (6555) [ 102.346902][ T6555] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 102.380826][ T6555] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 102.467954][ T6555] BTRFS info (device loop2): enabling ssd optimizations [ 102.498238][ T6555] BTRFS info (device loop2): turning on async discard [ 102.515230][ T6555] BTRFS info (device loop2): enabling free space tree [ 102.533122][ T5903] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 102.646097][ T5837] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 102.722462][ T5903] usb 2-1: Using ep0 maxpacket: 32 [ 102.748709][ T5903] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 102.766104][ T5903] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.783520][ T799] cp210x 1-1:0.0: failed to get vendor val 0x370c size 73: -71 [ 102.798311][ T5903] usb 2-1: config 0 descriptor?? [ 102.819414][ T799] cp210x 1-1:0.0: GPIO initialisation failed: -71 [ 102.863322][ T799] usb 1-1: cp210x converter now attached to ttyUSB0 [ 102.903657][ T799] usb 1-1: USB disconnect, device number 5 [ 102.945279][ T799] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 102.972947][ T799] cp210x 1-1:0.0: device disconnected [ 102.982965][ T6565] loop4: detected capacity change from 0 to 32768 [ 103.024237][ T6565] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.230 (6565) [ 103.049062][ T6595] loop3: detected capacity change from 0 to 2048 [ 103.094596][ T6595] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 103.128387][ T6565] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 103.137112][ T6595] syz.3.236: attempt to access beyond end of device [ 103.137112][ T6595] loop3: rw=524288, sector=65534, nr_sectors = 2 limit=2048 [ 103.141079][ T6565] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm [ 103.153393][ T6596] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 103.224460][ T6031] udevd[6031]: incorrect nilfs2 checksum on /dev/loop3 [ 103.259667][ T5903] logitech 0003:046D:C29C.0007: unknown main item tag 0x0 [ 103.300510][ T5903] logitech 0003:046D:C29C.0007: hidraw0: USB HID vb4.34 Device [HID 046d:c29c] on usb-dummy_hcd.1-1/input0 [ 103.366838][ T6565] BTRFS info (device loop4): setting nodatasum [ 103.413103][ T6565] BTRFS info (device loop4): enabling ssd optimizations [ 103.442354][ T6565] BTRFS info (device loop4): disabling tree log [ 103.464852][ T6565] BTRFS info (device loop4): turning on sync discard [ 103.481808][ T6565] BTRFS info (device loop4): enabling free space tree [ 103.483168][ T5903] logitech 0003:046D:C29C.0007: no inputs found [ 103.529913][ T6565] BTRFS info (device loop4): max_inline set to 0 [ 103.565364][ T5903] usb 2-1: USB disconnect, device number 3 [ 103.607944][ T6618] loop3: detected capacity change from 0 to 256 [ 103.704931][ T30] audit: type=1800 audit(1761643214.103:4): pid=6565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.230" name="file1" dev="loop4" ino=260 res=0 errno=0 [ 103.821311][ T5836] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 103.978057][ T6593] loop2: detected capacity change from 0 to 32768 [ 104.007903][ T6593] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.234 (6593) [ 104.067276][ T6625] loop0: detected capacity change from 0 to 256 [ 104.093104][ T6593] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 104.138792][ T6593] BTRFS info (device loop2): using blake2b (blake2b-256-lib) checksum algorithm [ 104.211896][ T6625] FAT-fs (loop0): Directory bread(block 64) failed [ 104.233190][ T6625] FAT-fs (loop0): Directory bread(block 65) failed [ 104.283649][ T6625] FAT-fs (loop0): Directory bread(block 66) failed [ 104.335065][ T6625] FAT-fs (loop0): Directory bread(block 67) failed [ 104.386607][ T6625] FAT-fs (loop0): Directory bread(block 68) failed [ 104.401037][ T6625] FAT-fs (loop0): Directory bread(block 69) failed [ 104.408505][ T6625] FAT-fs (loop0): Directory bread(block 70) failed [ 104.415136][ T6625] FAT-fs (loop0): Directory bread(block 71) failed [ 104.421811][ T6625] FAT-fs (loop0): Directory bread(block 72) failed [ 104.428482][ T6625] FAT-fs (loop0): Directory bread(block 73) failed [ 104.434750][ T6593] BTRFS info (device loop2): enabling ssd optimizations [ 104.472802][ T6593] BTRFS info (device loop2): turning on async discard [ 104.479762][ T6593] BTRFS info (device loop2): enabling free space tree [ 104.563409][ T30] audit: type=1800 audit(1761643214.953:5): pid=6593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.234" name="file1" dev="loop2" ino=260 res=0 errno=0 [ 104.686237][ T5837] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 105.059835][ T5842] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 105.327665][ T6678] netlink: 'syz.0.258': attribute type 13 has an invalid length. [ 105.671408][ T6678] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.679164][ T6678] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.987095][ T6694] loop3: detected capacity change from 0 to 512 [ 106.025791][ T6694] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 106.174180][ T6694] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002] [ 106.217228][ T6694] EXT4-fs (loop3): orphan cleanup on readonly fs [ 106.259352][ T6694] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.265: bad orphan inode 267 [ 106.326601][ T6694] EXT4-fs (loop3): Remounting filesystem read-only [ 106.352547][ T6694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 106.440733][ T6678] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.469099][ T6694] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.265: dx entry: limit 0 != root limit 125 [ 106.526806][ T6694] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.265: Corrupt directory, running e2fsck is recommended [ 106.564124][ T6678] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.686873][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 107.159701][ T6690] loop2: detected capacity change from 0 to 32768 [ 107.288764][ T6690] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 107.302663][ T6711] loop3: detected capacity change from 0 to 64 [ 107.433920][ T6683] loop1: detected capacity change from 0 to 262144 [ 107.435408][ T6690] XFS (loop2): Ending clean mount [ 107.446529][ T6683] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.261 (6683) [ 107.476124][ T6683] BTRFS info (device loop1): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 107.486339][ T6683] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 107.558294][ T6699] loop4: detected capacity change from 0 to 32768 [ 107.614889][ T12] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.635821][ T12] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.673622][ T13] BTRFS warning (device loop1): checksum verify failed on logical 30654464 mirror 1 wanted 0x6191332ca3bfabbd found 0x1eb22ab8dd59a02d level 0 [ 107.713909][ T3483] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.773711][ T3483] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.788892][ T5837] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 107.801960][ T6683] BTRFS info (device loop1): read error corrected: ino 0 off 30654464 (dev /dev/loop1 sector 76256) [ 107.818897][ T6683] BTRFS info (device loop1): read error corrected: ino 0 off 30658560 (dev /dev/loop1 sector 76264) [ 107.833220][ T6683] BTRFS info (device loop1): read error corrected: ino 0 off 30662656 (dev /dev/loop1 sector 76272) [ 107.857543][ T6683] BTRFS info (device loop1): read error corrected: ino 0 off 30666752 (dev /dev/loop1 sector 76280) [ 107.902323][ T6683] BTRFS info (device loop1): enabling ssd optimizations [ 107.910405][ T6683] BTRFS info (device loop1): enabling free space tree [ 108.153229][ T5835] BTRFS info (device loop1): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 108.602178][ T6747] loop2: detected capacity change from 0 to 4096 [ 108.625266][ T6747] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 108.686771][ T6747] ntfs3(loop2): ino=1a, mi_enum_attr [ 108.712709][ T6747] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 108.730686][ T6747] ntfs3(loop2): ino=1a, mi_enum_attr [ 108.760832][ T6747] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 108.888703][ T6732] loop3: detected capacity change from 0 to 32768 [ 108.913169][ T30] audit: type=1800 audit(1761643219.293:6): pid=6747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.272" name="file1" dev="loop2" ino=24 res=0 errno=0 [ 109.025698][ T6732] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 109.316903][ T6761] loop1: detected capacity change from 0 to 4096 [ 109.321515][ T6732] XFS (loop3): Ending clean mount [ 109.381470][ T6761] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.587446][ T6778] loop0: detected capacity change from 0 to 256 [ 109.606880][ T5828] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 109.620684][ T6778] exfat: Deprecated parameter 'namecase' [ 109.653982][ T6778] exfat: Deprecated parameter 'utf8' [ 109.721115][ T6778] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 109.765234][ T5835] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.024781][ T6783] loop1: detected capacity change from 0 to 16 [ 110.062460][ T6783] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 110.616376][ T6799] loop4: detected capacity change from 0 to 8 [ 110.816263][ T6802] loop3: detected capacity change from 0 to 1024 [ 110.895934][ T6802] hfsplus: bad catalog entry type [ 110.994638][ T3546] hfsplus: b-tree write err: -5, ino 4 [ 111.526928][ T6805] loop0: detected capacity change from 0 to 32768 [ 111.545041][ T6805] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.298 (6805) [ 111.572887][ T6805] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 111.592522][ T6805] BTRFS info (device loop0): using blake2b (blake2b-256-lib) checksum algorithm [ 111.637275][ T6810] loop4: detected capacity change from 0 to 32768 [ 111.752526][ T6812] loop1: detected capacity change from 0 to 32768 [ 111.765752][ T6812] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.303 (6812) [ 111.825360][ T6805] BTRFS info (device loop0): enabling ssd optimizations [ 111.849052][ T6812] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 111.874053][ T6805] BTRFS info (device loop0): turning on async discard [ 111.880856][ T6805] BTRFS info (device loop0): enabling free space tree [ 111.888495][ T6812] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 111.926328][ T6812] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 112.045223][ T30] audit: type=1800 audit(1761643222.443:7): pid=6805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.298" name="file1" dev="loop0" ino=260 res=0 errno=0 [ 112.195221][ T6857] loop2: detected capacity change from 0 to 128 [ 112.196683][ T5826] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 112.313879][ T6812] BTRFS info (device loop1): rebuilding free space tree [ 112.360136][ T6812] BTRFS info (device loop1): disabling free space tree [ 112.368389][ T6812] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 112.382762][ T6812] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 112.436989][ T6812] BTRFS info (device loop1): setting nodatasum [ 112.475647][ T6812] BTRFS info (device loop1): allowing degraded mounts [ 112.496247][ T6812] BTRFS info (device loop1): turning on async discard [ 112.524046][ T6812] BTRFS info (device loop1): enabling disk space caching [ 112.557992][ T6812] BTRFS info (device loop1): force clearing of disk cache [ 112.587328][ T6812] BTRFS info (device loop1): force zlib compression, level 3 [ 112.805990][ T6812] BTRFS info (device loop1): resizing devid 6744073709551615 [ 112.841474][ T6812] BTRFS info (device loop1): resizer unable to find device 6744073709551615 [ 112.903256][ T5882] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 113.071317][ T5835] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 113.116355][ T5882] usb 3-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 113.132208][ T5882] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.188923][ T5882] usb 3-1: Product: syz [ 113.199178][ T5882] usb 3-1: Manufacturer: syz [ 113.208325][ T30] audit: type=1800 audit(1761643223.593:8): pid=6883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.322" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 113.224584][ T5882] usb 3-1: SerialNumber: syz [ 113.288083][ T5882] usb 3-1: config 0 descriptor?? [ 113.322306][ T5882] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 113.399404][ T5882] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 113.463676][ T5882] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 113.495725][ T5882] usb 3-1: media controller created [ 113.562567][ T5882] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 113.754723][ T6898] loop1: detected capacity change from 0 to 256 [ 113.768619][ T5882] DVB: Unable to find symbol mt352_attach() [ 113.884257][ T5882] DVB: Unable to find symbol nxt6000_attach() [ 113.907265][ T5882] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 113.971610][ T5882] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input5 [ 114.026880][ T5882] dvb-usb: schedule remote query interval to 1000 msecs. [ 114.065409][ T5882] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 114.091028][ T5882] dvb-usb: bulk message failed: -22 (7/0) [ 114.119186][ T5882] dvb-usb: bulk message failed: -22 (7/0) [ 114.139117][ T6909] loop3: detected capacity change from 0 to 4096 [ 114.147824][ T5882] usb 3-1: USB disconnect, device number 3 [ 114.231515][ T6918] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 114.254876][ T6909] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 114.286724][ T6909] NILFS (loop3): mounting fs with errors [ 114.397351][ T5882] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 114.513865][ T5165] ------------[ cut here ]------------ [ 114.519388][ T5165] WARNING: kernel/trace/blktrace.c:368 at __blk_add_trace+0x79c/0x8d0, CPU#1: jbd2/sda1-8/5165 [ 114.529819][ T5165] Modules linked in: [ 114.534408][ T5165] CPU: 1 UID: 0 PID: 5165 Comm: jbd2/sda1-8 Not tainted syzkaller #0 PREEMPT(full) [ 114.544224][ T5165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 114.554470][ T5165] RIP: 0010:__blk_add_trace+0x79c/0x8d0 [ 114.560037][ T5165] Code: ff 4d 85 e4 75 4f e8 d3 0d f8 ff e9 fb fd ff ff e8 c9 0d f8 ff e9 ec fd ff ff e8 bf 0d f8 ff e9 d8 fd ff ff e8 b5 0d f8 ff 90 <0f> 0b 90 e9 ca fd ff ff e8 a7 0d f8 ff 48 8b 7c 24 30 e8 cd 51 00 [ 114.564767][ T6922] loop4: detected capacity change from 0 to 2048 [ 114.580221][ T5165] RSP: 0018:ffffc9000ef8f460 EFLAGS: 00010293 [ 114.580247][ T5165] RAX: ffffffff81c873fb RBX: 0000000000000001 RCX: ffff888035448000 [ 114.580261][ T5165] RDX: 0000000000000000 RSI: 00000000901e000f RDI: 000000008000ffff [ 114.609399][ T5165] RBP: ffffc9000ef8f578 R08: ffff888035448000 R09: 0000000000000009 [ 114.617420][ T5165] R10: 0000000000000011 R11: 0000000000000000 R12: 000000008000ffff [ 114.625440][ T5165] R13: ffff8880322ee400 R14: 00000000901e000f R15: 0000000000000001 [ 114.633653][ T5165] FS: 0000000000000000(0000) GS:ffff888125feb000(0000) knlGS:0000000000000000 [ 114.642665][ T5165] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.649316][ T5165] CR2: 00007f1149cff000 CR3: 000000000dd38000 CR4: 00000000003526f0 [ 114.657338][ T5165] Call Trace: [ 114.660622][ T5165] [ 114.663598][ T5165] ? __lock_acquire+0xab9/0xd20 [ 114.668471][ T5165] ? __pfx___blk_add_trace+0x10/0x10 [ 114.673800][ T5165] ? blk_add_trace_bio_remap+0xed/0x560 [ 114.679376][ T5165] blk_add_trace_bio_remap+0x4b8/0x560 [ 114.685410][ T5165] ? __pfx___might_resched+0x10/0x10 [ 114.690718][ T5165] ? __pfx_blk_add_trace_bio_remap+0x10/0x10 [ 114.697971][ T5165] submit_bio_noacct+0x187b/0x1b80 [ 114.703236][ T5165] journal_submit_commit_record+0x665/0x8b0 [ 114.709155][ T5165] ? __pfx_journal_submit_commit_record+0x10/0x10 [ 114.715631][ T5165] jbd2_journal_commit_transaction+0x3455/0x5a00 [ 114.722013][ T5165] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 114.728781][ T5165] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 114.735189][ T5165] ? rcu_is_watching+0x15/0xb0 [ 114.739981][ T5165] ? __try_to_del_timer_sync+0x34a/0x3a0 [ 114.745774][ T5165] ? __pfx___timer_delete_sync+0x10/0x10 [ 114.751438][ T5165] kjournald2+0x3cf/0x750 [ 114.756125][ T5165] ? __pfx_kjournald2+0x10/0x10 [ 114.760998][ T5165] ? __pfx_autoremove_wake_function+0x10/0x10 [ 114.767135][ T5165] ? __kthread_parkme+0x7b/0x200 [ 114.772087][ T5165] ? __kthread_parkme+0x1a1/0x200 [ 114.777175][ T5165] kthread+0x711/0x8a0 [ 114.781262][ T5165] ? __pfx_kjournald2+0x10/0x10 [ 114.785317][ T5882] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 114.786664][ T5165] ? __pfx_kthread+0x10/0x10 [ 114.798557][ T5165] ? _raw_spin_unlock_irq+0x23/0x50 [ 114.803842][ T5165] ? lockdep_hardirqs_on+0x9c/0x150 [ 114.809050][ T5165] ? __pfx_kthread+0x10/0x10 [ 114.813706][ T5165] ret_from_fork+0x4bc/0x870 [ 114.818314][ T5165] ? __pfx_ret_from_fork+0x10/0x10 [ 114.823494][ T5165] ? __switch_to_asm+0x39/0x70 [ 114.828262][ T5165] ? __switch_to_asm+0x33/0x70 [ 114.833197][ T5165] ? __pfx_kthread+0x10/0x10 [ 114.837809][ T5165] ret_from_fork_asm+0x1a/0x30 [ 114.842600][ T5165] [ 114.845670][ T5165] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 114.852955][ T5165] CPU: 1 UID: 0 PID: 5165 Comm: jbd2/sda1-8 Not tainted syzkaller #0 PREEMPT(full) [ 114.862342][ T5165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 114.872402][ T5165] Call Trace: [ 114.875677][ T5165] [ 114.878599][ T5165] dump_stack_lvl+0x99/0x250 [ 114.883185][ T5165] ? __asan_memcpy+0x40/0x70 [ 114.887762][ T5165] ? __pfx_dump_stack_lvl+0x10/0x10 [ 114.892950][ T5165] ? __pfx__printk+0x10/0x10 [ 114.897541][ T5165] vpanic+0x237/0x6d0 [ 114.901524][ T5165] ? __pfx_vpanic+0x10/0x10 [ 114.906014][ T5165] ? is_bpf_text_address+0x292/0x2b0 [ 114.911290][ T5165] ? is_bpf_text_address+0x26/0x2b0 [ 114.916479][ T5165] panic+0xb9/0xc0 [ 114.920196][ T5165] ? __pfx_panic+0x10/0x10 [ 114.924608][ T5165] ? ret_from_fork_asm+0x1a/0x30 [ 114.929535][ T5165] __warn+0x334/0x4c0 [ 114.933504][ T5165] ? __blk_add_trace+0x79c/0x8d0 [ 114.938429][ T5165] ? __blk_add_trace+0x79c/0x8d0 [ 114.943349][ T5165] report_bug+0x2be/0x4f0 [ 114.947666][ T5165] ? __blk_add_trace+0x79c/0x8d0 [ 114.952584][ T5165] ? __blk_add_trace+0x79c/0x8d0 [ 114.957594][ T5165] ? __blk_add_trace+0x79e/0x8d0 [ 114.962523][ T5165] handle_bug+0x84/0x160 [ 114.966762][ T5165] exc_invalid_op+0x1a/0x50 [ 114.971261][ T5165] asm_exc_invalid_op+0x1a/0x20 [ 114.976093][ T5165] RIP: 0010:__blk_add_trace+0x79c/0x8d0 [ 114.981625][ T5165] Code: ff 4d 85 e4 75 4f e8 d3 0d f8 ff e9 fb fd ff ff e8 c9 0d f8 ff e9 ec fd ff ff e8 bf 0d f8 ff e9 d8 fd ff ff e8 b5 0d f8 ff 90 <0f> 0b 90 e9 ca fd ff ff e8 a7 0d f8 ff 48 8b 7c 24 30 e8 cd 51 00 [ 115.001218][ T5165] RSP: 0018:ffffc9000ef8f460 EFLAGS: 00010293 [ 115.007276][ T5165] RAX: ffffffff81c873fb RBX: 0000000000000001 RCX: ffff888035448000 [ 115.015230][ T5165] RDX: 0000000000000000 RSI: 00000000901e000f RDI: 000000008000ffff [ 115.023183][ T5165] RBP: ffffc9000ef8f578 R08: ffff888035448000 R09: 0000000000000009 [ 115.031145][ T5165] R10: 0000000000000011 R11: 0000000000000000 R12: 000000008000ffff [ 115.039098][ T5165] R13: ffff8880322ee400 R14: 00000000901e000f R15: 0000000000000001 [ 115.047070][ T5165] ? __blk_add_trace+0x79b/0x8d0 [ 115.052003][ T5165] ? __lock_acquire+0xab9/0xd20 [ 115.056843][ T5165] ? __pfx___blk_add_trace+0x10/0x10 [ 115.062113][ T5165] ? blk_add_trace_bio_remap+0xed/0x560 [ 115.067656][ T5165] blk_add_trace_bio_remap+0x4b8/0x560 [ 115.073104][ T5165] ? __pfx___might_resched+0x10/0x10 [ 115.078382][ T5165] ? __pfx_blk_add_trace_bio_remap+0x10/0x10 [ 115.084355][ T5165] submit_bio_noacct+0x187b/0x1b80 [ 115.089465][ T5165] journal_submit_commit_record+0x665/0x8b0 [ 115.095350][ T5165] ? __pfx_journal_submit_commit_record+0x10/0x10 [ 115.101762][ T5165] jbd2_journal_commit_transaction+0x3455/0x5a00 [ 115.108104][ T5165] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 115.114778][ T5165] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 115.121088][ T5165] ? rcu_is_watching+0x15/0xb0 [ 115.125847][ T5165] ? __try_to_del_timer_sync+0x34a/0x3a0 [ 115.131466][ T5165] ? __pfx___timer_delete_sync+0x10/0x10 [ 115.137101][ T5165] kjournald2+0x3cf/0x750 [ 115.141435][ T5165] ? __pfx_kjournald2+0x10/0x10 [ 115.146273][ T5165] ? __pfx_autoremove_wake_function+0x10/0x10 [ 115.152333][ T5165] ? __kthread_parkme+0x7b/0x200 [ 115.157258][ T5165] ? __kthread_parkme+0x1a1/0x200 [ 115.162272][ T5165] kthread+0x711/0x8a0 [ 115.166331][ T5165] ? __pfx_kjournald2+0x10/0x10 [ 115.171170][ T5165] ? __pfx_kthread+0x10/0x10 [ 115.175748][ T5165] ? _raw_spin_unlock_irq+0x23/0x50 [ 115.180930][ T5165] ? lockdep_hardirqs_on+0x9c/0x150 [ 115.186115][ T5165] ? __pfx_kthread+0x10/0x10 [ 115.190701][ T5165] ret_from_fork+0x4bc/0x870 [ 115.195278][ T5165] ? __pfx_ret_from_fork+0x10/0x10 [ 115.200377][ T5165] ? __switch_to_asm+0x39/0x70 [ 115.205127][ T5165] ? __switch_to_asm+0x33/0x70 [ 115.209878][ T5165] ? __pfx_kthread+0x10/0x10 [ 115.214462][ T5165] ret_from_fork_asm+0x1a/0x30 [ 115.219224][ T5165] [ 115.222479][ T5165] Kernel Offset: disabled [ 115.226785][ T5165] Rebooting in 86400 seconds..