last executing test programs: 1m15.027355537s ago: executing program 0 (id=96): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f00000028c0)='./file1\x00', 0x2a08800, &(0x7f0000000040)=ANY=[], 0x1, 0x6af, &(0x7f0000003180)="$eJzs3ctrHPcdAPDvjFYrrQuOktiJWwIVMaSlorYeyK16idtD0SGU4B5CSy+LvY6F10qQlCKb0qrvaw/5A9KDDoWcCr0b0tJTm1uuOpVAoZecdFOZ2ZndlVa71trSru18PjA7v5nfc77z2J0RYgL40lqdi8rDSGJ17q3tbHlvd6m5t7s0VWQ3IyJLpxGV1iyS9Yjkk4jr0Zriq9nKonzSr58P11ZufPbF3uetpUox5eXTQfVOZqeYYjYiJop5r8nHau9m3/YGq7dTSXsLs4BdLgMH43bQY2eY6k943gJPg6T1vdljJuJcREwXvwOiuDqkox3d6RvqKgcAAADPqBf2Yz+24/y4xwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPkuL9/0kxpWV6NpLy/f+VYl2mGhE30jGPeXhJO/VwrOMAAAAAAAAAgNPx9f3Yj+04Xy4ftP40Xsk/L+SfX4kPYjMasRFXYjvqsRVbsRELETHT1VB1u761tbEQrz+y5uKxNRdHsbUAAAAAAAAA8Nz6Tax2/v4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPgyRiojXLpwtleibSSkRMR0Q1K7cT8WmZfkYkZaLWtfLheMYCAAAAj236uJWf/mNgnRf2Yz+243y5fJDk9/yv5PfL0/FBrMdWrMVWNKMRt4p76OyuP93bXWru7S7d29tdyjv+2UFLq53v/2+ooectRuvZw/E9X8pL1OJ2rOVrrsTNfDC3Is1rZi4V42lPhzv5dTam2puFE47sVjHPOvtT91OE05YOW2EmrzTZjsh8MbasoRcHR+KRe6cysKeFSNtPfi4M6KncpGTImJ8r60XEH47E/M3//OUnJ2zmDLQjkUYeicWuo++VdhSmjq/8jb99/M6d5vrdO7c3587sMBqVo8fEUlckXh189D3lkagMWX6+faS3NmU1fhg/jrmYjbdjI9bi55EdD40oroxRL8plnzNdUYroidT1Q0tvP2ok1WK/tK6iaVxs5/SOqR5b0YjZmMpT9Xg9r3s+1iKJ9+JWNOJaXGufesuxHCtde/hi3z2cV8ivtOlwZ/3lb3ZCGH888ph2oH+etODwWl+pWVxf7Ipr9zV3Js/rXtOJ0ksn+D4a8tpY+VqRyPr4bT7/6VPyEP5oJBa6IvHy4Ej8OT83Npvrdzfu1N/v0/7OkeU3Jjvp35/lN/PQsh3yUkwXV5LDR0eW93L7KnM4XtXiLy6tvLQn72KelyTlmfqjrjP1WizGQnynOFOrxW+43pYW87xXe/MmypFf6so79Hsr3vvXeOIJwJDOfetctfbf2r9rH9V+V7tTe2v6B1PfnXqtGpN/n/xeZX7ijfS15K/xUfyyc/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vs37D+7Wm83GxvGJtH/W6SaS4kU+/cpUohan1VfxwsJfdWVNxllv4P0H1d5N3jn1vmJE++vJEuWbq560nXeuj2DMExGjjGrMHHcWTJ1SxHoT2eaVayaik1V0eOzLRYHnwdWte+9f3bz/4Ntr9+rvNt5trE8uL6/MryxfW7p6e63ZmG99jnuUwFno/B7oV+Lj0Q4IAAAAAAAAAAAAeKRR/FdDV3ezY9xUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bm1OheVyUhiYf7KfLa8t7vUzKYy3SlZiYg0jUh+EZF8EnE9WlPMdDWX9Ovnw7WVG599sfd5p61KWT4dVK9UHZi7U0wxGxETxXxgGwcHJ27vZr/2Tixpb2EWsMtl4GDc/h8AAP//ZlAA0Q==") mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000146000/0x4000)=nil) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x115) getdents(r0, &(0x7f0000000040)=""/61, 0x3d) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 1m14.684836254s ago: executing program 0 (id=100): openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0x3, 0x9, 0x4, 0xb, 0xa0, "3f3c5e0000ff775cfffffffff903e7ffffff00", 0xb, 0x8000}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xff) 1m14.464304706s ago: executing program 0 (id=103): rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8) r0 = gettid() timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r0}, &(0x7f00000000c0)=0x0) timer_settime(r1, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x3938700}}, 0x0) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7971]}, 0x0, 0x0, 0x8) 1m14.294283315s ago: executing program 0 (id=107): syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000300)) syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000)) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) rename(&(0x7f0000000100)='./bus/file0\x00', &(0x7f0000000180)='./mnt\x00') 1m14.164501691s ago: executing program 0 (id=108): socket$nl_generic(0x10, 0x3, 0x10) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x0, 0x374}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r1, r2, r3, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd_index=0x4, 0x718a, 0x0, 0x0, 0x12, 0x1, {0x2}}) io_uring_enter(r0, 0x742f, 0x77ae, 0x1, 0x0, 0x0) 1m13.750774983s ago: executing program 0 (id=112): sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x20000000) r0 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679d, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0xf, &(0x7f00000003c0)={0x1003, 0x0, 0x0, 0x0}, 0x20) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x8, 0x0, 0x0, 0x0}, 0x20) 1m13.421132461s ago: executing program 32 (id=112): sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x20000000) r0 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679d, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0xf, &(0x7f00000003c0)={0x1003, 0x0, 0x0, 0x0}, 0x20) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x8, 0x0, 0x0, 0x0}, 0x20) 6.041928435s ago: executing program 4 (id=515): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x200, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f00000000c0)=""/181, 0xb5) getdents64(r0, 0x0, 0x22) 6.024917636s ago: executing program 1 (id=516): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x32cc0000) mremap(&(0x7f0000097000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000bff000/0x400000)=nil) mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil) mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) 5.921885882s ago: executing program 4 (id=517): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x2, 0x4, 0x64, 0x8, 0x0, 0xb, 0x1, 0x34, 0x7, 0x8, 0x87, 0x4, 0x0, 0x8}, 0xe) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e1f, @loopback}]}, &(0x7f0000000000)=0x10) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000100)={r1, 0x3, 0xffffffff, 0x0, 0xb, 0xa, 0xb4, 0x5, {r1, @in={{0x2, 0x4e24, @private=0xa010101}}, 0x0, 0x84f, 0x0, 0xda, 0xcdd4}}, &(0x7f0000000240)=0xb0) 5.821706137s ago: executing program 4 (id=518): syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000180), 0xfea7) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r1, 0x40786e88, &(0x7f0000000640)={{0x0, 0x0, 0x40, 0xd, 0xe2}, {0x0, 0x0, 0x10, 0x20c, 0x7fffffffffffffff}, {&(0x7f0000000040)=[0x20, 0xbf], 0x2, 0x8, 0x1, 0x100002}, {0x0, 0x0, 0x28, 0x0, 0xfffffffffffffff7}, {&(0x7f00000003c0)=[0x9], 0x1, 0x8, 0x98f, 0xffff}}) 5.331441903s ago: executing program 4 (id=519): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x9006}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000240)={0x2, &(0x7f0000000080)=[{0x28, 0xa9, 0x0, 0xfffff034}, {0x6, 0x37, 0x2, 0x9}]}, 0x10) sendto$inet6(r0, &(0x7f0000000040)="e4", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c) 4.577583062s ago: executing program 1 (id=528): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodiscard,background_gc=sync,acl,alloc_mode=reuse,inline_xattr,disable_roll_forward,background_gc=on,nouser_xattr\x00\x00\x00\x00\x00\x00\x00\x00int=disable,user_xattr,fsync_mode=strict,mode=adaptive,jqfmt=vfsold,noinline_dentry,\x00'], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f0000000480)=ANY=[], 0x700, 0x0) sendfile(r1, r0, 0x0, 0x80000004) 4.03583071s ago: executing program 4 (id=530): setresgid(0x0, 0xee01, 0x0) setuid(0xee01) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) r0 = msgget$private(0x0, 0x480) msgrcv(r0, 0x0, 0x0, 0x1, 0x3000) 3.433234471s ago: executing program 1 (id=527): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @local}, @in6={0xa, 0x0, 0xfffffffc, @loopback, 0xc7f}], 0x2c) sendto$inet6(r0, &(0x7f0000000040)="e4", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000005c0)=0x8, 0x4) recvmmsg(r0, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/15, 0xf}, 0x8}], 0x1, 0x0, 0x0) 3.365895435s ago: executing program 3 (id=529): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000280)={[{@dax}, {@data_err_abort}, {@noinit_itable}, {@noauto_da_alloc}, {@data_err_ignore}, {@norecovery}, {@user_xattr}, {@grpquota}, {@discard}, {@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@errors_remount}, {@lazytime}]}, 0x11, 0x556, &(0x7f0000000b40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8H7nZO7k3O/ebe7+m5OTckgKE1kf1TiHg5Ir5JIg5GRJKvG4185cTadqv3r85mSxKNxqd/Jc3tsnrrtVrP259XXoqI376KOF7Y2G5teWWhVC6ni3l9sl65NFlbXjlxoVKaT+fTi9MzM6fenpl+7913+hbrG2f/+f6T2x+e+vro6ne/3D10M4nTcSBf1x7HE7jWXpmIifw9GYvTj2w41YfGdoJd+f/JgPeD7RnJ83wssj7gYIzkWQ/8/30ZEQ1gSCXyH4ZUaxzQurbv03Xwc+PeB2sXQBvjH137bCT2NK+N9q0mD10ZZde7431oP2vj1z9v3cyW6N/nEABbunY9Ik6Ojm7s/5K8/9u+kz1s82gb+j94dm5n4583O41/Cuvjn+gw/tnfIXe3Y+v8L9ztQzNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq59/JctWfutsWC+H3dHdz/8nLlSvfQkMbe7dz3ilY7j32T9+Ccdjn/2fpztsY0j6a3Xuq3bOv6nq/FTxOsdj/+DGa1k8/nJyeb5MNk6Kzb6+8aR37u1P+j4s+O/b/P4x5P2+dra47fx455/027rHoo/ej//dyWfNcut+ccrpXp9cSpiV/LxxsenHzy3VW9tn8V/7Ojm/V+n839vRHzeY/w3Dv/8ak/xD+j4zz3W8X/8wp2PvvihW/u99X9vNUvH8kd66f963cEnee8AAAAAAABgpylExIFICsX1cqFQLK7d33E49hXK1Vr9+Pnq0sW5aH5XdjzGCq2Z7oNt90NM5ffDturTj9RnIuJQRHw7srdZL85Wy3ODDh4AAAAAAAAAAAAAAAAAAAB2iP1dvv+f+WNk0HsHPHV+8huG15b5349fegJ2JH//YXjJfxhe8h+Gl/yH4SX/YXjJfxhe8h+Gl/wHAAAAAAAAAAAAAAAAAAAAAAAAAACAvjp75ky2NFbvX53N6nOXl5cWqpdPzKW1hWJlabY4W128VJyvVufLaXG2Wtnq9crV6qWp6Vi6MllPa/XJ2vLKuUp16WL93IVKaT49l449k6gAAAAAAAAAAAAAAAAAAADg+VJbXlkolcvpooLCtgqjO2M3FPpcGHTPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/BcAAP//xVY3tw==") sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x1c, 0x0, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="bc00000012"], 0xbc}}, 0x0) 3.155725825s ago: executing program 3 (id=531): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa00004, &(0x7f0000000180)={[{@adinicb}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@uid}, {}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@mode={'mode', 0x3d, 0x8}}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@adinicb}, {@gid_forget}, {@lastblock={'lastblock', 0x3d, 0x3}}, {@gid}, {@uid}], [{@subj_user={'subj_user', 0x3d, '^['}}, {@smackfshat={'smackfshat', 0x3d, 'utf8'}}, {@dont_measure}, {@smackfsdef={'smackfsdef', 0x3d, ']/'}}, {@uid_eq}, {@smackfsfloor={'smackfsfloor', 0x3d, '%*'}}]}, 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000700)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000010140)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964dee674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d110aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61b33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a7986cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03cfcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25afd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e5706000", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) 2.900251679s ago: executing program 3 (id=532): r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000100)={r0}) syz_genetlink_get_family_id$devlink(&(0x7f0000004640), r1) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000004dc0)={0x0, 0x0, &(0x7f0000004d80)={0x0}}, 0x44040) sendmsg$xdp(r1, &(0x7f0000007240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4005000}, 0x50) 2.553450027s ago: executing program 4 (id=541): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f00000000c0)='./file1\x00', 0x1000802, &(0x7f0000000a80)=ANY=[@ANYBLOB="71756965742c636f6465706167653d63703836302c696f636861727365743d63703836312c00808fead042bd35dc78f7f06333a5e7165b8271e41aee85e59cbb6c2df3d4e4c16b06c73f2e3b348a7fba46e286378a15ee516bac8d4813c9c3d9cee1ddb95d1bbcf504e065b3749a1cbd841e685a558518cf0db10b55885946e678d0a71877037a090000000700848879ef1604cadc1faca3aa010076750d559c4e124d4cb7293e7393b77286fa8c6dc4923fbe25e134f29e28d1c421320a3bffaa17fcd6b5178e322cc47133b3811e3d3bc34998dc7ed029834ad591d9d56c41063d8d913a9fe8e954a4e4ca99ceb5737e57193c5f47fd63b16c8b34f276dbac0e5ebd0094dbf65c78824a8ee2c96eff86c6309078df2cb1ca1051ad091adbfee5126d8a59fa5438734bc3e8cc7b7edc10716a0a9b711952cdf96586e06fbace21dc04bdb4a1a2072ce5f7", @ANYRESOCT, @ANYRES32, @ANYRES32, @ANYRESHEX=0x0, @ANYRES8], 0x1, 0x305, &(0x7f0000000340)="$eJzs3U1rE1scx/HfmaRNepvbmz5cLtxltaAb0boRNxHJWxDEhWjbCMVQUSuoG1NxJaJ7974FX4QbxTegKxfiC2g3jpwzD8kkk5k0JB2D3w+Ik8n85/zPPP5PoBwB+GNdbX55d/Gb/WekkkrSy8uSJ6kqlSX9q/+qj/b2d/fbrZ2sHZVchI58GQWRZmCb7b2W+/8gudrGuYhQ3X4qq9a7DtPh+/6Vr33rvnsFJYPCuLs/hSdVwrvTfV898cyyHYwZ15lwHrPGHOpQj7VUdB4AgGLZ9/9BUPjb93wtrN89T9oIX/u/5ft/XIdFJzB1fua3Pe9/N8ryjT2//7ivuuM9N4Sz33vRKHGUluf6Ps8rKCQTBaZJH1V2h3wuF2/hzm67dW77XnvH03M1Qj0Ba3ELIXuF5mS7njI2zTBC301qRRmk5c3ZPmwOyX91zBYzDAzfEifEfDCfzE1T11vtxPVf2Tc2W5dwve9MBfmfH97eoouyWyl8bDQaDc/tKLLsGvk/eaZyellNH5EoOrDLSv5AUM/L00Wt9EUFvbuQGlCJo1ZTozajT0PaWktE2d7EV/PwLKfNvDbXzbp+6L2aPfW/Z/Pb0PA7M/GLjtkIbjR3xIP+zKc3V3b7rA+8OTq6UUuuiY9iZVjqR9nPNIwgOoevtKVLWnr45OndUrvdemAXbqcs3K/Fa+ZeSKnbFLygTndNRb4zsHH0DEyEL4Qrp5TY2Ynu0D4/cje2d9mJHPneKyG6YSfWhLziL62sa6P5se9CmtiCX5nwDn/6Y0T9fcIPJRSle9KLzgQFsXWXCcZ/rpIP631Xr9lq4VpleJ0eFWRpJZur3sM9+rbGjkdA1UT8ilv6K1lG54wNFsM6JmUc19FoY65TZ6TTo7dYD/OcDf6znA1MU591i9//AQAAAAAAAAAAAAAAAAAAZs3x/65g4dhRRfcRAAAAAAAAAAAAAAAAAAAAAIBZF8//q2j+X402/2//VCzh/L9V5cz/uzWYw8D8v2/2ZDoS8/8C0/UrAAD///8sd7M=") openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1837c3, 0x43) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x42, 0x60) truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd) syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000240)) 1.91840682s ago: executing program 3 (id=537): r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x41) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x14, 0x4, 0xfffa}, 0x3d, [0x7, 0xc95a, 0xfffffff3, 0x8, 0x80, 0xaef29593, 0x5bf, 0x7f, 0x6, 0x46, 0xfffffff2, 0x5f, 0x2, 0x0, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x4, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x4b, 0xfffffffc, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x4, 0xe661, 0x8, 0x1000007, 0x3, 0x8001, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3d, 0x8f, 0x6, 0x1, 0x4, 0x5, 0x4, 0x15, 0x0, 0x80, 0xfffffffc, 0x5, 0x5, 0x8, 0x0, 0x1, 0x3e], [0x10000007, 0x10002, 0x12b, 0x4734646, 0x9, 0xfffffff3, 0x129432e6, 0x3, 0xf9, 0x5117, 0x0, 0x6c9, 0x1ff, 0xfffffffe, 0x3, 0x1, 0x7, 0x10000005, 0x2f, 0xe, 0x313, 0x1, 0xea0, 0xfffffff9, 0x4, 0x4, 0x80, 0x5, 0x400, 0xffffffff, 0x6, 0x400001, 0xff, 0x1005, 0x8007fe, 0x5f31, 0x4, 0xffffffff, 0x238, 0x1000004, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x10000003, 0x8000, 0xffff, 0x2, 0x7f, 0x1, 0x8, 0x3, 0x7, 0x0, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xff], [0x9, 0x1, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x40002, 0xf, 0x8, 0x84, 0x6d01, 0x5, 0x3d, 0x3, 0x200, 0x80, 0x3, 0x4, 0x0, 0x543, 0xa2, 0x7, 0x53cf697b, 0x5, 0x4, 0x54fe12da, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x4fa, 0xfffff1d1, 0x4, 0x5], [0x9, 0xbb31, 0x3, 0xfffffffc, 0x5, 0x1, 0x7, 0x1, 0x51bf, 0x9, 0xce7, 0x1ff, 0x6, 0x80000000, 0x5, 0x3, 0x104, 0x80000000, 0x3, 0x7fff, 0x8ffff, 0xa61d, 0x2, 0x5, 0x1, 0x2, 0x7, 0x60a7, 0x6, 0x2, 0x1, 0x80000003, 0x5, 0x8, 0xff, 0x1000003, 0x3, 0xffff, 0x3, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x2, 0x6, 0x1, 0x10000, 0x3, 0x2, 0x2b91, 0xa20, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x1, 0x2, 0xb1c, 0x1, 0x200, 0x40fff, 0xfff]}, 0x45c) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x918) write$tun(r0, &(0x7f0000000880)=ANY=[@ANYBLOB="000088e2e803eb"], 0x13) 1.788428897s ago: executing program 1 (id=538): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x2, 0x0, 0xf}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c4b5}, 0x802) writev(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 1.764544048s ago: executing program 3 (id=539): r0 = syz_open_dev$loop(&(0x7f0000000280), 0xffff, 0x14f600) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20010840) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.stat\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00000000170000000400", "f4bd000000801900", [0x100000000, 0x8000000000000000]}}) 1.644056604s ago: executing program 1 (id=540): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syzkaller0\x00'}) syz_usb_disconnect(r0) syz_usb_connect(0x4, 0x24, &(0x7f0000000400)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0xc0085504, &(0x7f0000000000)=0x10) 1.395887257s ago: executing program 3 (id=544): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000600)=ANY=[@ANYBLOB="0201000000000010ac05418200000000000109022400010000000009040000110300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000140)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000000040)={0x6f, 0x20, 0x4, 0x3, "d80004000000000000957f00003d4a100a000000000020020661e6e66b8b37ff"}) 1.124995751s ago: executing program 2 (id=545): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x800092, &(0x7f0000000bc0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d302c757466383d312c696f636861727365743d69736f383835392d31332c636865636b3d7374726963742c726f6469722c757466383d302c756e695f786c6174653d312c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b3d30303030303030303030303030303030303030303030362c756e695f786c6174653d302c696f636861727365743d63703835352c73686f72746e616d653d77696e39352c726f6469722c6e6e6f6e756d7461696c3d312c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c757466383d312c757466383d302c756e695f786c6174653d302c0500695f786c6174653d312c696f636861727365743d6370313235352c757466383d302c646566636f6e7465010000006e636f6e66696e65645f752c00", @ANYRESDEC], 0x46, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_time\x00', 0x275a, 0x0) write$FUSE_OPEN(r0, &(0x7f0000000100)={0xfffffffffffffe3f, 0x8cf2826c8227b098, 0x0, {0x0, 0x11}}, 0x20) r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x10000, 0x0) syncfs(r1) 832.133857ms ago: executing program 2 (id=546): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3, 0x8e, 0x2, 0x85, 0xff, 0xfe, 0x7f, 0x6, 0x9, 0x6, 0x2, 0x6, 0x8}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000300)={r1, @in={{0x2, 0x4e22, @empty}}, 0x2}, 0x90) 778.015639ms ago: executing program 1 (id=547): r0 = syz_open_dev$loop(&(0x7f00000005c0), 0xffff, 0x109041) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x1000, {0x2a00, 0x80010000, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d09000000000000008dd4992861ac1000", "90be6c09306003d8006000", [0x0, 0x2]}}) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 636.577007ms ago: executing program 2 (id=548): r0 = socket$inet(0x2, 0x3, 0x4) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) read$rfkill(r1, &(0x7f0000000040), 0x8) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, 0x0, &(0x7f0000000040)) 505.743854ms ago: executing program 2 (id=549): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x2, 0x0, 0xf}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c4b5}, 0x802) writev(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 215.565089ms ago: executing program 2 (id=550): socket$inet6_sctp(0xa, 0x1, 0x84) socket(0x2, 0x80805, 0x0) r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x0, 0x370}, &(0x7f0000000100)=0x0, &(0x7f00000001c0)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r1, r2, r3, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd_index=0x4, 0x718a, 0x0, 0x0, 0x1b, 0x0, {0x2}}) io_uring_enter(r0, 0x742f, 0x77ae, 0x1, 0x0, 0x0) 0s ago: executing program 2 (id=551): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts. [ 61.900516][ T5753] cgroup: Unknown subsys name 'net' [ 62.032886][ T5753] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 63.392123][ T5753] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 64.852460][ T5774] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 64.876968][ T5774] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 64.883142][ T5776] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 64.884821][ T5774] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 64.898013][ T5777] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 64.900051][ T5774] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 64.905834][ T5777] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 64.914323][ T5774] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 64.922366][ T5777] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 64.927830][ T5778] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 64.936421][ T5774] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 64.943386][ T5778] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 64.948026][ T5779] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 64.956694][ T5778] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 64.966772][ T5779] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 64.976052][ T5778] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 64.985705][ T5779] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 64.993205][ T5777] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 64.996402][ T5086] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 65.008424][ T5779] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 65.017188][ T5086] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 65.024427][ T5086] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 65.032128][ T5086] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 65.041203][ T5086] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 65.392285][ T5767] chnl_net:caif_netlink_parms(): no params data found [ 65.501423][ T5768] chnl_net:caif_netlink_parms(): no params data found [ 65.520007][ T5765] chnl_net:caif_netlink_parms(): no params data found [ 65.628052][ T5795] modprobe (5795) used greatest stack depth: 20784 bytes left [ 65.639421][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.649897][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.657662][ T5767] bridge_slave_0: entered allmulticast mode [ 65.664519][ T5767] bridge_slave_0: entered promiscuous mode [ 65.674076][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.681414][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.688762][ T5767] bridge_slave_1: entered allmulticast mode [ 65.695622][ T5767] bridge_slave_1: entered promiscuous mode [ 65.753682][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.764129][ T5765] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.771852][ T5765] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.779353][ T5765] bridge_slave_0: entered allmulticast mode [ 65.786087][ T5765] bridge_slave_0: entered promiscuous mode [ 65.799432][ T5766] chnl_net:caif_netlink_parms(): no params data found [ 65.810779][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.838633][ T5765] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.845962][ T5765] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.853348][ T5765] bridge_slave_1: entered allmulticast mode [ 65.860990][ T5765] bridge_slave_1: entered promiscuous mode [ 65.892350][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.899542][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.906979][ T5768] bridge_slave_0: entered allmulticast mode [ 65.914490][ T5768] bridge_slave_0: entered promiscuous mode [ 65.927208][ T5767] team0: Port device team_slave_0 added [ 65.948920][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.956054][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.965870][ T5768] bridge_slave_1: entered allmulticast mode [ 65.973280][ T5768] bridge_slave_1: entered promiscuous mode [ 65.981197][ T5767] team0: Port device team_slave_1 added [ 66.001243][ T5765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.041949][ T5765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.097129][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.109642][ T5765] team0: Port device team_slave_0 added [ 66.119694][ T5765] team0: Port device team_slave_1 added [ 66.126568][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.133602][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.162372][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.180286][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.212161][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.219432][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.245765][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.273235][ T5768] team0: Port device team_slave_0 added [ 66.289511][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.296521][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.322947][ T5765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.335127][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.342311][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.369297][ T5765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.398579][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.405812][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.413281][ T5766] bridge_slave_0: entered allmulticast mode [ 66.420566][ T5766] bridge_slave_0: entered promiscuous mode [ 66.430423][ T5768] team0: Port device team_slave_1 added [ 66.464925][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.472610][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.480082][ T5766] bridge_slave_1: entered allmulticast mode [ 66.487065][ T5766] bridge_slave_1: entered promiscuous mode [ 66.542378][ T5765] hsr_slave_0: entered promiscuous mode [ 66.549144][ T5765] hsr_slave_1: entered promiscuous mode [ 66.566964][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.574204][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.600992][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.619449][ T5767] hsr_slave_0: entered promiscuous mode [ 66.626423][ T5767] hsr_slave_1: entered promiscuous mode [ 66.632560][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.641134][ T5767] Cannot create hsr debugfs directory [ 66.669304][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.676959][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.703644][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.730893][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.773212][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.863189][ T5768] hsr_slave_0: entered promiscuous mode [ 66.869563][ T5768] hsr_slave_1: entered promiscuous mode [ 66.875631][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.883342][ T5768] Cannot create hsr debugfs directory [ 66.891908][ T5766] team0: Port device team_slave_0 added [ 66.901601][ T5766] team0: Port device team_slave_1 added [ 66.982247][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.989501][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.016007][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.029008][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.036177][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.062282][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.073148][ T5086] Bluetooth: hci2: command tx timeout [ 67.073161][ T5773] Bluetooth: hci3: command tx timeout [ 67.079080][ T5769] Bluetooth: hci0: command tx timeout [ 67.084870][ T5773] Bluetooth: hci1: command tx timeout [ 67.203391][ T5766] hsr_slave_0: entered promiscuous mode [ 67.210159][ T5766] hsr_slave_1: entered promiscuous mode [ 67.216653][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 67.224825][ T5766] Cannot create hsr debugfs directory [ 67.350012][ T5765] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 67.379276][ T5765] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 67.398476][ T5765] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 67.419442][ T5765] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 67.513048][ T5768] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 67.527010][ T5768] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 67.538200][ T5768] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 67.558868][ T5768] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 67.647365][ T5767] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 67.658833][ T5767] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 67.677676][ T5767] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 67.687739][ T5767] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 67.783054][ T5766] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 67.795344][ T5766] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 67.809674][ T5766] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 67.823520][ T5766] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 67.843960][ T5765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.899754][ T5765] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.926867][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.934268][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.967162][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.980873][ T1122] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.988020][ T1122] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.071282][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.084555][ T5768] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.104400][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.111767][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.133685][ T2921] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.140990][ T2921] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.212232][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.239635][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.295819][ T5766] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.308337][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.315571][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.326386][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.333561][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.385278][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.392557][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.421831][ T2921] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.429101][ T2921] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.487912][ T5765] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.621350][ T5766] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.719712][ T5765] veth0_vlan: entered promiscuous mode [ 68.754478][ T5765] veth1_vlan: entered promiscuous mode [ 68.871007][ T5765] veth0_macvtap: entered promiscuous mode [ 68.895614][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.952113][ T5765] veth1_macvtap: entered promiscuous mode [ 68.964715][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.000780][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.015798][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.037056][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.061118][ T5765] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.071842][ T5765] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.080846][ T5765] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.089794][ T5765] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.111528][ T5767] veth0_vlan: entered promiscuous mode [ 69.144822][ T5768] veth0_vlan: entered promiscuous mode [ 69.151275][ T5773] Bluetooth: hci1: command tx timeout [ 69.158111][ T5769] Bluetooth: hci0: command tx timeout [ 69.163817][ T51] Bluetooth: hci2: command tx timeout [ 69.167158][ T5086] Bluetooth: hci3: command tx timeout [ 69.192956][ T5767] veth1_vlan: entered promiscuous mode [ 69.234694][ T5768] veth1_vlan: entered promiscuous mode [ 69.298788][ T5767] veth0_macvtap: entered promiscuous mode [ 69.321796][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.333997][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.352228][ T5767] veth1_macvtap: entered promiscuous mode [ 69.404800][ T5766] veth0_vlan: entered promiscuous mode [ 69.415643][ T2930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.419690][ T5768] veth0_macvtap: entered promiscuous mode [ 69.429658][ T2930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.435208][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.449307][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.461676][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.482077][ T5768] veth1_macvtap: entered promiscuous mode [ 69.495585][ T5766] veth1_vlan: entered promiscuous mode [ 69.510509][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.521788][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.533916][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.570790][ T5767] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.580545][ T5767] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.590422][ T5767] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.599879][ T5767] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.659525][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.673505][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.687086][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.707079][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.719139][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.745152][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.763853][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.780545][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.792075][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.815918][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.832720][ T5768] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.849010][ T5768] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.860313][ T5768] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.871899][ T5768] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.903836][ T5766] veth0_macvtap: entered promiscuous mode [ 69.934191][ T5766] veth1_macvtap: entered promiscuous mode [ 69.972779][ T1122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.982084][ T1122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.040855][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.053688][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.064031][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.075084][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.085848][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.097357][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.109635][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.118699][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.129288][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.149958][ T2930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.160884][ T2930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.162501][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.181613][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.193596][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.204227][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.214379][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.224957][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.237106][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.260654][ T5766] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.272094][ T5766] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.281446][ T5766] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.291128][ T5766] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.398807][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.419726][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.447773][ T5832] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'. [ 70.471824][ T5832] Zero length message leads to an empty skb [ 70.490308][ T1122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.529242][ T1122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.639372][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.639410][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.961895][ T5842] netlink: 104 bytes leftover after parsing attributes in process `syz.2.8'. [ 71.164508][ T5848] syz.2.9[5848]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 71.227829][ T5086] Bluetooth: hci3: command tx timeout [ 71.227870][ T5086] Bluetooth: hci2: command tx timeout [ 71.227915][ T5086] Bluetooth: hci0: command tx timeout [ 71.228065][ T5773] Bluetooth: hci1: command tx timeout [ 71.622671][ T5856] syz.0.13 uses obsolete (PF_INET,SOCK_PACKET) [ 71.810248][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.810403][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.993750][ T5866] input: syz0 as /devices/virtual/input/input5 [ 72.041876][ T5869] netlink: 8 bytes leftover after parsing attributes in process `syz.1.19'. [ 72.054467][ T5756] udevd[5756]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 72.537300][ T5804] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 72.613485][ T5886] capability: warning: `syz.1.27' uses deprecated v2 capabilities in a way that may be insecure [ 72.643998][ T5886] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 72.660300][ T5886] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 72.750955][ T5804] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 72.775214][ T5804] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 72.800406][ T5804] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 72.814978][ T5888] Bluetooth: MGMT ver 1.22 [ 72.821507][ T5804] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.842626][ T5888] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 72.848057][ T5804] usb 1-1: config 0 descriptor?? [ 73.000321][ T5893] netlink: 'syz.3.30': attribute type 4 has an invalid length. [ 73.070648][ T5893] netlink: 'syz.3.30': attribute type 17 has an invalid length. [ 73.306405][ T51] Bluetooth: hci1: command tx timeout [ 73.307120][ T5086] Bluetooth: hci2: command tx timeout [ 73.311928][ T5769] Bluetooth: hci3: command tx timeout [ 73.318391][ T5773] Bluetooth: hci0: command tx timeout [ 73.329768][ T5804] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x2 [ 73.343316][ T5804] pyra 0003:1E7D:2CF6.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0 [ 73.387411][ T5824] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 73.586424][ T5824] usb 3-1: Using ep0 maxpacket: 32 [ 73.593650][ T5824] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 73.603060][ T5824] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 73.612243][ T5824] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 73.622395][ T5824] usb 3-1: config 1 has no interface number 0 [ 73.631900][ T5824] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 73.666228][ T5824] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 73.702508][ T5824] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 73.718421][ T5824] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.773607][ T5824] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 73.919910][ T5804] pyra 0003:1E7D:2CF6.0001: couldn't init struct pyra_device [ 73.934956][ T5804] pyra 0003:1E7D:2CF6.0001: couldn't install mouse [ 73.952975][ T5804] pyra: probe of 0003:1E7D:2CF6.0001 failed with error -71 [ 73.975938][ T5804] usb 1-1: USB disconnect, device number 2 [ 74.008233][ T5824] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached [ 74.665414][ T965] usb 3-1: USB disconnect, device number 2 [ 74.694214][ T965] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 74.915932][ T5929] netlink: 4 bytes leftover after parsing attributes in process `syz.3.44'. [ 74.931774][ T5931] loop1: detected capacity change from 0 to 1024 [ 74.981278][ T5931] ======================================================= [ 74.981278][ T5931] WARNING: The mand mount option has been deprecated and [ 74.981278][ T5931] and is ignored by this kernel. Remove the mand [ 74.981278][ T5931] option from the mount to silence this warning. [ 74.981278][ T5931] ======================================================= [ 75.093785][ T5931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 75.131937][ T5931] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.183908][ T5924] loop0: detected capacity change from 0 to 32768 [ 75.313040][ T5924] [ 75.313040][ T5924] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 75.313040][ T5924] [ 75.330361][ T5931] EXT4-fs error (device loop1): ext4_map_blocks:720: inode #15: comm syz.1.45: lblock 0 mapped to illegal pblock 0 (length 6) [ 75.411703][ T5931] EXT4-fs error (device loop1): ext4_ext_remove_space:2940: inode #15: comm syz.1.45: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 75.442989][ T5939] EXT4-fs error (device loop1): ext4_map_blocks:720: inode #15: block 3: comm syz.1.45: lblock 3 mapped to illegal pblock 3 (length 3) [ 75.464964][ T5924] read_mapping_page failed! [ 75.473548][ T5924] ERROR: (device loop0): txCommit: [ 75.473548][ T5924] [ 75.491265][ T5939] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 75.511217][ T5941] read_mapping_page failed! [ 75.511684][ T5939] EXT4-fs (loop1): This should not happen!! Data will be lost [ 75.511684][ T5939] [ 75.528506][ T5941] ERROR: (device loop0): txCommit: [ 75.528506][ T5941] [ 75.621215][ T2930] EXT4-fs error (device loop1): ext4_map_blocks:720: inode #15: block 8: comm kworker/u4:9: lblock 8 mapped to illegal pblock 8 (length 8) [ 75.646257][ T5924] read_mapping_page failed! [ 75.656702][ T5806] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 75.664439][ T5924] ERROR: (device loop0): txCommit: [ 75.664439][ T5924] [ 75.683719][ T5933] loop3: detected capacity change from 0 to 40427 [ 75.684842][ T2930] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 75.724446][ T2930] EXT4-fs (loop1): This should not happen!! Data will be lost [ 75.724446][ T2930] [ 75.747855][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 75.751374][ T5933] F2FS-fs (loop3): Found nat_bits in checkpoint [ 75.824709][ T5766] [ 75.824709][ T5766] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 75.824709][ T5766] [ 75.884059][ T5766] [ 75.884059][ T5766] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 75.884059][ T5766] [ 75.898241][ T5806] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.922708][ T5806] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 75.954294][ T5933] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 75.954976][ T5806] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 75.993250][ T5806] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.006189][ T5806] usb 3-1: Product: syz [ 76.014792][ T5806] usb 3-1: Manufacturer: syz [ 76.037536][ T5806] usb 3-1: SerialNumber: syz [ 76.077650][ T5806] cdc_mbim 3-1:1.0: skipping garbage [ 76.295536][ T5938] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 76.660261][ T5959] netlink: 4 bytes leftover after parsing attributes in process `syz.0.52'. [ 76.722481][ T5958] loop3: detected capacity change from 0 to 8192 [ 76.745704][ T5958] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 76.935356][ T5938] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 76.964728][ T5806] cdc_mbim 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 76.986434][ T5806] cdc_mbim 3-1:1.0: setting rx_max = 2048 [ 77.077365][ T5966] loop0: detected capacity change from 0 to 2048 [ 77.138747][ T5966] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.191908][ T5806] cdc_mbim 3-1:1.0: setting tx_max = 184 [ 77.197803][ T5966] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 77.218844][ T5966] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 30 with max blocks 1 with error 28 [ 77.232681][ T5966] EXT4-fs (loop0): This should not happen!! Data will be lost [ 77.232681][ T5966] [ 77.242870][ T5806] cdc_mbim 3-1:1.0: cdc-wdm0: USB WDM device [ 77.243361][ T5966] EXT4-fs (loop0): Total free blocks count 0 [ 77.256344][ T5966] EXT4-fs (loop0): Free/Dirty block details [ 77.262275][ T5966] EXT4-fs (loop0): free_blocks=66060288 [ 77.268316][ T5966] EXT4-fs (loop0): dirty_blocks=32 [ 77.273537][ T5966] EXT4-fs (loop0): Block reservation details [ 77.279731][ T5966] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 77.307208][ T5966] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 77.318758][ T5806] wwan wwan0: port wwan0mbim0 attached [ 77.365027][ T5806] cdc_mbim 3-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, 4e:27:4b:a2:52:c8 [ 77.409216][ T5806] usb 3-1: USB disconnect, device number 3 [ 77.428682][ T5806] cdc_mbim 3-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM [ 77.647768][ T5806] wwan wwan0: port wwan0mbim0 disconnected [ 78.087175][ T5983] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 78.152232][ T5983] netlink: 'syz.2.60': attribute type 12 has an invalid length. [ 78.190583][ T5983] netlink: 'syz.2.60': attribute type 29 has an invalid length. [ 78.216596][ T5983] netlink: 148 bytes leftover after parsing attributes in process `syz.2.60'. [ 78.259312][ T5983] netlink: 'syz.2.60': attribute type 1 has an invalid length. [ 78.530577][ T5995] pim6reg: entered allmulticast mode [ 78.597446][ T5995] pim6reg: left allmulticast mode [ 78.679108][ T5973] loop1: detected capacity change from 0 to 40427 [ 78.713893][ T5973] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 78.736320][ T5973] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 78.757010][ T5973] F2FS-fs (loop1): invalid crc value [ 78.974339][ T5973] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 79.007031][ T5973] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 79.134816][ T5765] syz-executor: attempt to access beyond end of device [ 79.134816][ T5765] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 79.178306][ T5765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 79.524688][ T5824] IPVS: starting estimator thread 0... [ 79.605248][ T6031] loop0: detected capacity change from 0 to 512 [ 79.656597][ T6028] IPVS: using max 25 ests per chain, 60000 per kthread [ 79.730612][ T6031] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2803: inode #11: comm syz.0.74: corrupted xattr block 95: invalid header [ 79.868263][ T6031] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 79.936812][ T6031] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.74: bg 0: block 7: invalid block bitmap [ 80.007301][ T6031] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 80.066673][ T6031] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2969: inode #11: comm syz.0.74: corrupted xattr block 95: invalid header [ 80.121934][ T6031] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 80.161407][ T6031] EXT4-fs (loop0): 1 orphan inode deleted [ 80.187650][ T6031] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.388947][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.763143][ T6051] loop3: detected capacity change from 0 to 32768 [ 80.815868][ T6051] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 80.835416][ T6051] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 80.913075][ T6051] XFS (loop3): Ending clean mount [ 80.948749][ T6051] XFS (loop3): Quotacheck needed: Please wait. [ 80.976997][ T27] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 81.001860][ T6080] loop2: detected capacity change from 0 to 64 [ 81.039991][ T6051] XFS (loop3): Quotacheck: Done. [ 81.177813][ T27] usb 2-1: config 0 interface 0 has no altsetting 0 [ 81.184710][ T27] usb 2-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 81.185153][ T5768] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 81.207182][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.221102][ T27] usb 2-1: config 0 descriptor?? [ 81.321394][ T6082] loop2: detected capacity change from 0 to 64 [ 82.015090][ T6099] loop0: detected capacity change from 0 to 1024 [ 82.063137][ T9] cfg80211: failed to load regulatory.db [ 82.180968][ T6103] loop7: detected capacity change from 0 to 7 [ 82.216838][ T6103] Dev loop7: unable to read RDB block 7 [ 82.222878][ T6103] loop7: unable to read partition table [ 82.244901][ T6103] loop7: partition table beyond EOD, truncated [ 82.272663][ T27] video4linux radio48: keene_cmd_set failed (-71) [ 82.288690][ T27] radio-keene 2-1:0.0: V4L2 device registered as radio48 [ 82.314645][ T6103] loop_reread_partitions: partition scan of loop7 (þ被xü—ŸÑà0–š<¨â·û) failed (rc=-5) [ 82.316734][ T27] usb 2-1: USB disconnect, device number 2 [ 82.372557][ C0] operation not supported error, dev loop7, sector 0 op 0x9:(WRITE_ZEROES) flags 0x8000800 phys_seg 0 prio class 2 [ 83.089928][ T6126] netlink: 20 bytes leftover after parsing attributes in process `syz.1.110'. [ 83.349940][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.474633][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.654166][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.785644][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.056282][ T27] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 84.192526][ T5769] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.202088][ T5769] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.222421][ T5769] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.236032][ T5769] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.253916][ T5769] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.261061][ T27] usb 4-1: Using ep0 maxpacket: 8 [ 84.266870][ T5769] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.292004][ T27] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 84.304838][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.313970][ T27] usb 4-1: Product: syz [ 84.318333][ T27] usb 4-1: Manufacturer: syz [ 84.323003][ T27] usb 4-1: SerialNumber: syz [ 84.336781][ T27] usb 4-1: config 0 descriptor?? [ 84.395792][ T27] gspca_main: se401-2.14.0 probing 047d:5003 [ 84.851032][ T27] gspca_se401: ExtraFeatures: 48 [ 84.876403][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.882558][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.905383][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.915464][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.933112][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.944074][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.956160][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.975953][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.986078][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 84.992437][ T27] gspca_se401: Frame size: 0x0 1/16th janggu [ 85.062966][ T27] input: se401 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input6 [ 85.355407][ T5806] usb 4-1: USB disconnect, device number 2 [ 85.475857][ T6149] chnl_net:caif_netlink_parms(): no params data found [ 85.515221][ T6185] netlink: 64 bytes leftover after parsing attributes in process `syz.1.127'. [ 85.751976][ T6190] netlink: 48 bytes leftover after parsing attributes in process `syz.2.128'. [ 85.792866][ T6190] netlink: 48 bytes leftover after parsing attributes in process `syz.2.128'. [ 85.925801][ T6149] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.968469][ T6149] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.007845][ T6149] bridge_slave_0: entered allmulticast mode [ 86.058603][ T6149] bridge_slave_0: entered promiscuous mode [ 86.201715][ T6149] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.224429][ T6149] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.242006][ T6149] bridge_slave_1: entered allmulticast mode [ 86.260625][ T6149] bridge_slave_1: entered promiscuous mode [ 86.347036][ T5769] Bluetooth: hci2: command tx timeout [ 86.587905][ T6149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.661990][ T6149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.965438][ T6149] team0: Port device team_slave_0 added [ 87.012024][ T6149] team0: Port device team_slave_1 added [ 87.144111][ T12] hsr_slave_0: left promiscuous mode [ 87.194363][ T12] hsr_slave_1: left promiscuous mode [ 87.217102][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 87.232260][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 87.241389][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 87.249215][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 87.262283][ T12] bridge_slave_1: left allmulticast mode [ 87.271252][ T12] bridge_slave_1: left promiscuous mode [ 87.279031][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.294183][ T12] bridge_slave_0: left allmulticast mode [ 87.307099][ T12] bridge_slave_0: left promiscuous mode [ 87.314089][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.355675][ T12] veth1_macvtap: left promiscuous mode [ 87.361989][ T12] veth0_macvtap: left promiscuous mode [ 87.368185][ T12] veth1_vlan: left promiscuous mode [ 87.374908][ T12] veth0_vlan: left promiscuous mode [ 87.786444][ T5769] Bluetooth: hci0: command tx timeout [ 88.129336][ T12] team0 (unregistering): Port device team_slave_1 removed [ 88.173419][ T12] team0 (unregistering): Port device team_slave_0 removed [ 88.220923][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 88.265691][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 88.428361][ T5769] Bluetooth: hci2: command tx timeout [ 88.485546][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805e11f400: rx timeout, send abort [ 88.495671][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805e11f400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 88.692664][ T12] bond0 (unregistering): Released all slaves [ 88.723877][ T6251] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 88.857250][ T6149] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.864596][ T6149] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.958403][ T6149] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.980727][ T6149] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.998200][ T6149] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.056231][ T6149] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.204926][ T6149] hsr_slave_0: entered promiscuous mode [ 89.275518][ T6149] hsr_slave_1: entered promiscuous mode [ 89.316404][ T6149] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.324507][ T6149] Cannot create hsr debugfs directory [ 89.452451][ T6271] loop3: detected capacity change from 0 to 512 [ 89.493964][ T6271] EXT4-fs: Ignoring removed i_version option [ 89.524391][ T6271] EXT4-fs: Ignoring removed bh option [ 89.595770][ T6271] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.624836][ T6271] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 89.687257][ T6271] EXT4-fs (loop3): shut down requested (1) [ 89.749300][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.085906][ T6288] overlayfs: failed to decode file handle (len=0, type=0, flags=0, err=-22) [ 90.236193][ T6149] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 90.269190][ T6149] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 90.280996][ T6149] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 90.295763][ T6149] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 90.367951][ T5806] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 90.506474][ T5769] Bluetooth: hci2: command tx timeout [ 90.530878][ T6149] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.579218][ T5806] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 90.601353][ T5806] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 90.620643][ T5806] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 90.631522][ T6149] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.636172][ T5806] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.663674][ T5806] usb 4-1: config 0 descriptor?? [ 90.678823][ T1122] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.685993][ T1122] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.686637][ T5806] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 90.698223][ T1122] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.707536][ T1122] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.741247][ T5806] dvb-usb: bulk message failed: -22 (3/0) [ 90.790031][ T5806] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 90.819472][ T5806] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 90.840700][ T5806] usb 4-1: media controller created [ 90.854774][ T5806] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 90.897769][ T6289] dvb-usb: bulk message failed: -22 (4/0) [ 90.931269][ T5806] dvb-usb: bulk message failed: -22 (6/0) [ 90.978470][ T5806] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 91.027023][ T5806] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input7 [ 91.078737][ T5806] dvb-usb: schedule remote query interval to 150 msecs. [ 91.085766][ T5806] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 91.171199][ T5806] usb 4-1: USB disconnect, device number 3 [ 91.187698][ T6314] loop1: detected capacity change from 0 to 136 [ 91.287004][ T6314] Attempt to read inode for relocated directory [ 91.355931][ T5806] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 91.550685][ T6149] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.662099][ T6325] netlink: 'syz.2.167': attribute type 12 has an invalid length. [ 91.704248][ T6325] netlink: 'syz.2.167': attribute type 29 has an invalid length. [ 91.745332][ T6325] netlink: 148 bytes leftover after parsing attributes in process `syz.2.167'. [ 92.308915][ T6149] veth0_vlan: entered promiscuous mode [ 92.347136][ T6149] veth1_vlan: entered promiscuous mode [ 92.436941][ T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 92.455410][ T6149] veth0_macvtap: entered promiscuous mode [ 92.482900][ T6149] veth1_macvtap: entered promiscuous mode [ 92.529377][ T6149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.556173][ T6149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.590615][ T5769] Bluetooth: hci2: command tx timeout [ 92.596558][ T6149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.616067][ T6327] loop1: detected capacity change from 0 to 32768 [ 92.622758][ T6149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.676887][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 92.684812][ T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 92.699711][ T6149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.706169][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 92.733345][ T9] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 92.745270][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.748169][ T6149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.768716][ T9] usb 4-1: Product: syz [ 92.775304][ T9] usb 4-1: Manufacturer: syz [ 92.785528][ T9] usb 4-1: SerialNumber: syz [ 92.805409][ T6336] loop2: detected capacity change from 0 to 40427 [ 92.808646][ T6149] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.869842][ T6149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.876807][ T6336] F2FS-fs (loop2): heap/no_heap options were deprecated [ 92.914954][ T6149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.929006][ T6336] F2FS-fs (loop2): invalid crc value [ 92.947824][ T6149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.971128][ T6336] F2FS-fs (loop2): Found nat_bits in checkpoint [ 92.981226][ T6149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.016163][ T6149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.065735][ T6149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.077799][ T9] usb 4-1: 0:2 : does not exist [ 93.094789][ T6149] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.108381][ T112] blkno = 8ed2c, nblocks = 1 [ 93.117220][ T112] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map [ 93.117220][ T112] [ 93.136516][ T9] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 93.144954][ T112] ERROR: (device loop1): remounting filesystem as read-only [ 93.157890][ T6149] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.167358][ T6149] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.177621][ T6149] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.188914][ T6149] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.206785][ T6336] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 93.295634][ T9] usb 4-1: USB disconnect, device number 4 [ 93.389022][ T5940] udevd[5940]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 93.405873][ T2930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.413736][ T5765] JFS: metapage_get_blocks failed [ 93.464914][ T2930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.518464][ T5767] syz-executor: attempt to access beyond end of device [ 93.518464][ T5767] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 93.535352][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.545189][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.556471][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 94.015602][ T6370] loop3: detected capacity change from 0 to 2048 [ 94.034154][ T6369] loop4: detected capacity change from 0 to 256 [ 94.098736][ T6370] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 94.218107][ T6374] trusted_key: syz.1.172 sent an empty control message without MSG_MORE. [ 94.479577][ T6378] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 94.746529][ T6391] Illegal XDP return value 205751045 on prog (id 11) dev syz_tun, expect packet loss! [ 94.804420][ T6385] loop3: detected capacity change from 0 to 4096 [ 95.775036][ T6390] loop4: detected capacity change from 0 to 32768 [ 95.833118][ T6390] [ 95.833118][ T6390] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 95.833118][ T6390] [ 95.896991][ T6419] capability: warning: `syz.3.189' uses 32-bit capabilities (legacy support in use) [ 95.904850][ T6390] ERROR: (device loop4): dbReAlloc: the block is outside the filesystem [ 95.904850][ T6390] [ 95.934300][ T6390] ERROR: (device loop4): remounting filesystem as read-only [ 95.958333][ T6390] jfs_mkdir: dtInsert returned -EIO [ 95.973857][ T6390] ERROR: (device loop4): jfs_mkdir: [ 95.973857][ T6390] [ 96.545120][ T6436] loop4: detected capacity change from 0 to 2048 [ 96.629322][ T6436] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.727272][ T6436] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.121699][ T6149] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.926117][ C1] sched: RT throttling activated [ 98.004130][ T6453] loop1: detected capacity change from 0 to 131072 [ 98.015624][ T6453] F2FS-fs (loop1): invalid crc value [ 98.058579][ T6453] F2FS-fs (loop1): Found nat_bits in checkpoint [ 98.107809][ T6453] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 98.204382][ T6453] F2FS-fs (loop1): lookup inode (7) has corrupted xattr [ 98.634749][ T6487] loop4: detected capacity change from 0 to 4096 [ 98.697918][ T6487] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 99.640805][ T6493] loop3: detected capacity change from 0 to 131072 [ 99.726904][ T6493] XFS (loop3): Mounting V5 Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846 [ 100.057093][ T6520] process 'syz.2.212' launched './file0' with NULL argv: empty string added [ 100.070479][ T6493] XFS (loop3): Starting recovery (logdev: internal) [ 100.082626][ T6516] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 100.180518][ T6493] XFS (loop3): Ending recovery (logdev: internal) [ 100.380767][ T6505] loop1: detected capacity change from 0 to 32768 [ 100.527985][ T6505] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 100.533533][ T5768] XFS (loop3): Unmounting Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846 [ 100.632451][ T6505] XFS (loop1): Ending clean mount [ 100.754362][ T6537] loop5: detected capacity change from 0 to 2751 [ 100.825043][ T6541] loop5: detected capacity change from 2751 to 3927 [ 101.043815][ T5765] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 101.542761][ T6550] netlink: 'syz.1.219': attribute type 1 has an invalid length. [ 101.585855][ T6550] netlink: 'syz.1.219': attribute type 2 has an invalid length. [ 101.607747][ T6550] netlink: 'syz.1.219': attribute type 2 has an invalid length. [ 101.615537][ T6550] netlink: 'syz.1.219': attribute type 3 has an invalid length. [ 101.666763][ T6550] netlink: 'syz.1.219': attribute type 4 has an invalid length. [ 101.703773][ T6550] netlink: 'syz.1.219': attribute type 5 has an invalid length. [ 101.732416][ T6550] netlink: 'syz.1.219': attribute type 6 has an invalid length. [ 101.770597][ T6550] netlink: 'syz.1.219': attribute type 7 has an invalid length. [ 101.798422][ T6550] netlink: 'syz.1.219': attribute type 9 has an invalid length. [ 101.819456][ T6550] netlink: 'syz.1.219': attribute type 10 has an invalid length. [ 101.836903][ T6550] netlink: 126304 bytes leftover after parsing attributes in process `syz.1.219'. [ 102.035665][ T6545] loop4: detected capacity change from 0 to 32768 [ 102.087090][ T28] audit: type=1800 audit(1776800415.480:2): pid=6545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.218" name="file1" dev="loop4" ino=7 res=0 errno=0 [ 103.101733][ T6559] loop1: detected capacity change from 0 to 40427 [ 103.132220][ T6559] F2FS-fs (loop1): invalid crc value [ 103.163719][ T6559] F2FS-fs (loop1): Found nat_bits in checkpoint [ 103.280384][ T6559] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 103.366740][ T5805] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 103.385859][ T6561] loop3: detected capacity change from 0 to 40427 [ 103.442237][ T6561] F2FS-fs (loop3): Found nat_bits in checkpoint [ 103.468188][ T5765] syz-executor: attempt to access beyond end of device [ 103.468188][ T5765] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 103.496316][ T5765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 103.542739][ T6561] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 103.559999][ T5805] usb 5-1: unable to get BOS descriptor or descriptor too short [ 103.582097][ T5805] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7 [ 103.619910][ T5805] usb 5-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40 [ 103.636679][ T5805] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.656040][ T5805] usb 5-1: Product: syz [ 103.665647][ T5805] usb 5-1: Manufacturer: syz [ 103.675827][ T5805] usb 5-1: SerialNumber: syz [ 103.733163][ T5768] syz-executor: attempt to access beyond end of device [ 103.733163][ T5768] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 103.762027][ T5768] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 103.954733][ T5805] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 104.155840][ T5805] usb 5-1: 2:1 : unknown format tag 0x4 is detected. processed as MPEG. [ 104.196401][ T5805] usb 5-1: found format II with max.bitrate = 4, frame size=7372 [ 104.306506][ T6587] loop2: detected capacity change from 0 to 8192 [ 104.343670][ T6587] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.446960][ T6587] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 104.487721][ T6587] REISERFS (device loop2): using ordered data mode [ 104.518711][ T6587] reiserfs: using flush barriers [ 104.549414][ T6587] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.581473][ T5805] usb 5-1: 2:1 : unknown format tag 0x4 is detected. processed as MPEG. [ 104.593863][ T5805] usb 5-1: found format II with max.bitrate = 4, frame size=7372 [ 104.603845][ T6587] REISERFS (device loop2): checking transaction log (loop2) [ 104.771915][ T5805] usb 5-1: parse_audio_format_rates_v2v3(): unable to retrieve number of sample rates (clock 0) [ 104.802535][ T6587] REISERFS (device loop2): Using tea hash to sort names [ 104.820549][ T6587] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 104.892745][ T5805] usb 5-1: USB disconnect, device number 2 [ 105.009820][ T5756] udevd[5756]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 105.126085][ T6608] loop3: detected capacity change from 0 to 256 [ 105.181692][ T6608] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 105.895533][ T6627] macvlan1: entered promiscuous mode [ 105.911579][ T6627] ipvlan0: entered promiscuous mode [ 105.933532][ T6627] ipvlan0: left promiscuous mode [ 105.957152][ T6627] macvlan1: left promiscuous mode [ 106.028857][ T6632] pim6reg: entered allmulticast mode [ 106.057415][ T6612] loop1: detected capacity change from 0 to 40427 [ 106.075258][ T6632] pim6reg: left allmulticast mode [ 106.084084][ T6634] loop2: detected capacity change from 0 to 512 [ 106.099969][ T6634] EXT4-fs: Ignoring removed i_version option [ 106.110592][ T6612] F2FS-fs (loop1): Unrecognized mount option "whint_mode=user-based" or missing value [ 106.136239][ T6634] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.274970][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.582746][ T6648] loop4: detected capacity change from 0 to 256 [ 106.693373][ T6650] loop2: detected capacity change from 0 to 128 [ 106.733594][ T6648] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d) [ 106.861787][ T6648] syz.4.251: attempt to access beyond end of device [ 106.861787][ T6648] loop4: rw=524288, sector=280, nr_sectors = 128 limit=256 [ 106.887344][ T6648] syz.4.251: attempt to access beyond end of device [ 106.887344][ T6648] loop4: rw=524288, sector=408, nr_sectors = 256 limit=256 [ 106.907231][ T6648] syz.4.251: attempt to access beyond end of device [ 106.907231][ T6648] loop4: rw=0, sector=280, nr_sectors = 8 limit=256 [ 106.933769][ T28] audit: type=1800 audit(1776800420.330:3): pid=6648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.251" name="file1" dev="loop4" ino=1048599 res=0 errno=0 [ 107.026275][ T5805] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 107.132371][ T6659] syzkaller1: entered promiscuous mode [ 107.149480][ T6659] syzkaller1: entered allmulticast mode [ 107.223347][ T5805] usb 2-1: Using ep0 maxpacket: 8 [ 107.233299][ T5805] usb 2-1: config index 0 descriptor too short (expected 5924, got 36) [ 107.245264][ T5805] usb 2-1: config 250 has an invalid interface number: 228 but max is -1 [ 107.264101][ T5805] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 107.280735][ T5805] usb 2-1: config 250 has no interface number 0 [ 107.287832][ T5805] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 107.326195][ T5805] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 107.348818][ T5805] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 107.362465][ T5805] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 107.374404][ T5805] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 107.387947][ T6665] loop2: detected capacity change from 0 to 2048 [ 107.416227][ T5805] usb 2-1: config 250 interface 228 has no altsetting 0 [ 107.436041][ T5805] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 107.439489][ T6665] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 107.466208][ T8] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 107.467340][ T5805] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 107.513511][ T5805] usb 2-1: Product: syz [ 107.523095][ T965] IPVS: starting estimator thread 0... [ 107.533216][ T5805] usb 2-1: SerialNumber: syz [ 107.554459][ T5805] hub 2-1:250.228: bad descriptor, ignoring hub [ 107.579837][ T5805] hub: probe of 2-1:250.228 failed with error -5 [ 107.627181][ T6668] IPVS: using max 25 ests per chain, 60000 per kthread [ 107.648149][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 107.682042][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 107.697431][ T8] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 107.729578][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.758747][ T8] usb 4-1: config 0 descriptor?? [ 107.784946][ T5805] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 107.970950][ T6680] loop4: detected capacity change from 0 to 2048 [ 108.010687][ T6680] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.023501][ T6680] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.051568][ T5805] usb 2-1: reset high-speed USB device number 3 using dummy_hcd [ 108.119028][ T6149] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 16: comm syz-executor: path /19/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 108.168200][ T6149] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.222635][ T8] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 108.254584][ T8] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0 [ 108.415383][ T8] cp2112 0003:10C4:EA90.0002: Part Number: 0x82 Device Version: 0xFE [ 108.772570][ T6699] mmap: syz.2.267 (6699) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 108.827591][ T8] cp2112 0003:10C4:EA90.0002: error setting SMBus config [ 108.872288][ T8] cp2112: probe of 0003:10C4:EA90.0002 failed with error -71 [ 108.912539][ T8] usb 4-1: USB disconnect, device number 5 [ 108.998039][ T5805] usb 2-1: USB disconnect, device number 3 [ 109.027593][ T5805] usblp0: removed [ 109.117806][ T27] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 109.295992][ T6713] netlink: 32 bytes leftover after parsing attributes in process `syz.2.271'. [ 109.322436][ T27] usb 5-1: Using ep0 maxpacket: 8 [ 109.333250][ T27] usb 5-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 109.350674][ T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239 [ 109.361369][ T27] usb 5-1: Product: syz [ 109.365680][ T27] usb 5-1: Manufacturer: syz [ 109.380169][ T27] usb 5-1: SerialNumber: syz [ 109.389180][ T27] usb 5-1: config 0 descriptor?? [ 109.395183][ T6715] loop2: detected capacity change from 0 to 128 [ 109.403699][ T27] gspca_main: sq905-2.14.0 probing 2770:9120 [ 110.108744][ T6721] loop2: detected capacity change from 0 to 32768 [ 110.186474][ T28] audit: type=1800 audit(1776800423.580:4): pid=6721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.275" name="file0" dev="loop2" ino=7 res=0 errno=0 [ 110.201860][ T6717] loop1: detected capacity change from 0 to 40427 [ 110.266305][ T6717] F2FS-fs (loop1): invalid crc value [ 110.330651][ T6717] F2FS-fs (loop1): Found nat_bits in checkpoint [ 110.444010][ T27] gspca_sq905: sq905_read_data: usb_control_msg failed (-71) [ 110.462137][ T27] sq905: probe of 5-1:0.0 failed with error -71 [ 110.481458][ T27] usb 5-1: USB disconnect, device number 3 [ 110.512692][ T6717] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 110.736761][ T6717] syz.1.274: attempt to access beyond end of device [ 110.736761][ T6717] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 110.957433][ T5765] syz-executor: attempt to access beyond end of device [ 110.957433][ T5765] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 110.992316][ T5765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 111.276662][ T6754] tipc: Started in network mode [ 111.281781][ T6754] tipc: Node identity ac14142f, cluster identity 4711 [ 111.310962][ T6754] tipc: Enabled bearer , priority 10 [ 111.388258][ T6754] tipc: Can't add remote ip to TIPC UDP multicast bearer [ 111.762631][ T6761] loop3: detected capacity change from 0 to 4096 [ 111.918127][ T6773] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 112.132491][ T6753] loop4: detected capacity change from 0 to 32768 [ 112.431471][ T6753] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 112.457130][ T8] tipc: Node number set to 2886997039 [ 112.658135][ T6787] (syz.4.281,6787,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0 [ 112.694035][ T6787] (syz.4.281,6787,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 112.703771][ T6787] (syz.4.281,6787,0):ocfs2_mknod:298 ERROR: status = -2 [ 112.720246][ T6769] loop1: detected capacity change from 0 to 40427 [ 112.724676][ T6787] (syz.4.281,6787,0):ocfs2_mknod:502 ERROR: status = -2 [ 112.750581][ T6769] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 112.763118][ T6787] (syz.4.281,6787,0):ocfs2_create:676 ERROR: status = -2 [ 112.767126][ T6769] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 112.799141][ T6769] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7 [ 112.827843][ T6769] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff [ 112.864158][ T6769] F2FS-fs (loop1): Image doesn't support compression [ 112.900547][ T6769] F2FS-fs (loop1): invalid crc value [ 112.930315][ T6769] F2FS-fs (loop1): Found nat_bits in checkpoint [ 112.998276][ T6149] ocfs2: Unmounting device (7,4) on (node local) [ 113.120596][ T6769] F2FS-fs (loop1): Start checkpoint disabled! [ 113.196070][ T6769] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 113.203448][ T6769] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 113.333994][ T28] audit: type=1800 audit(1776800426.730:5): pid=6769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.280" name="file2" dev="loop1" ino=10 res=0 errno=0 [ 113.628547][ T6769] F2FS-fs (loop1): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x127/0xb50 [ 113.704924][ T6769] syz.1.280: attempt to access beyond end of device [ 113.704924][ T6769] loop1: rw=2049, sector=45096, nr_sectors = 56 limit=40427 [ 113.742869][ T6819] dummy0: entered promiscuous mode [ 113.772819][ T6819] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 113.824439][ T6822] loop3: detected capacity change from 0 to 1024 [ 113.841780][ T6819] hsr1: entered allmulticast mode [ 113.859587][ T6819] dummy0: entered allmulticast mode [ 113.868804][ T6819] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 114.104778][ T6822] hfsplus: invalid catalog entry type in lookup [ 114.243773][ T1076] kworker/u4:5: attempt to access beyond end of device [ 114.243773][ T1076] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 114.278757][ T1076] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 114.293746][ T1076] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 114.438156][ T6835] netlink: 316 bytes leftover after parsing attributes in process `syz.2.298'. [ 114.833777][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.865691][ T5805] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.906584][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.915904][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.924638][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.933076][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.941671][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.950067][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.958644][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.967383][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.730546][ T6868] loop2: detected capacity change from 0 to 8 [ 116.008546][ T6853] loop1: detected capacity change from 0 to 32768 [ 116.281415][ T6863] loop4: detected capacity change from 0 to 32768 [ 116.349501][ T6863] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.304 (6863) [ 116.496526][ T6863] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 116.524535][ T6863] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 116.547337][ T6863] BTRFS info (device loop4): enabling auto defrag [ 116.575743][ T6863] BTRFS info (device loop4): use no compression [ 116.583686][ T6863] BTRFS info (device loop4): force clearing of disk cache [ 116.600131][ T6863] BTRFS info (device loop4): max_inline at 4096 [ 116.606999][ T6863] BTRFS info (device loop4): disabling free space tree [ 116.741934][ T6863] BTRFS info (device loop4): enabling ssd optimizations [ 116.761296][ T6863] BTRFS info (device loop4): auto enabling async discard [ 116.787643][ T6863] BTRFS info (device loop4): rebuilding free space tree [ 116.944509][ T6863] BTRFS info (device loop4): disabling free space tree [ 116.954610][ T6863] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 116.967707][ T6863] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 117.126327][ T5824] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 117.318310][ T5824] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 117.364050][ T5824] usb 3-1: too many endpoints for config 1 interface 1 altsetting 0: 255, using maximum allowed: 30 [ 117.412142][ T5824] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 117.477880][ T5824] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 117.495302][ T5824] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.513999][ T5824] usb 3-1: Product: syz [ 117.526270][ T5824] usb 3-1: Manufacturer: syz [ 117.534861][ T5824] usb 3-1: SerialNumber: syz [ 117.553407][ T5824] cdc_ncm 3-1:1.0: skipping garbage [ 117.696348][ T6149] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 118.606697][ T5824] cdc_ncm 3-1:1.0: bind() failure [ 118.639570][ T5824] cdc_ncm: probe of 3-1:1.1 failed with error -71 [ 118.671323][ T5824] cdc_mbim: probe of 3-1:1.1 failed with error -71 [ 118.691200][ T5824] usbtest: probe of 3-1:1.1 failed with error -71 [ 118.743998][ T5824] usb 3-1: USB disconnect, device number 4 [ 118.768225][ T27] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 118.983203][ T27] usb 5-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice= 9.00 [ 119.014820][ T27] usb 5-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0 [ 119.041754][ T27] usb 5-1: Product: syz [ 119.055557][ T27] usb 5-1: config 0 descriptor?? [ 119.075250][ T27] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 119.112368][ T27] usb 5-1: Detected FT232H [ 119.290980][ T27] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 119.734800][ T6953] loop3: detected capacity change from 0 to 32768 [ 119.740271][ T27] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 119.802916][ T6953] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 119.862100][ T6953] XFS (loop3): Ending clean mount [ 119.876187][ T6953] XFS (loop3): Quotacheck needed: Please wait. [ 119.960892][ T27] usb 5-1: USB disconnect, device number 4 [ 119.977935][ T6953] XFS (loop3): Quotacheck: Done. [ 119.991796][ T27] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 120.024985][ T27] ftdi_sio 5-1:0.0: device disconnected [ 120.105983][ T6971] XFS (loop3): User initiated shutdown received. [ 120.113575][ T5805] net_ratelimit: 113 callbacks suppressed [ 120.113592][ T5805] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.114676][ T6971] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 120.143574][ T28] audit: type=1800 audit(1776800433.530:6): pid=6953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.320" name="file1" dev="loop3" ino=6150 res=0 errno=0 [ 120.147791][ T6971] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 120.238099][ T5768] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 120.705281][ T6983] loop4: detected capacity change from 0 to 8 [ 120.906395][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 121.133294][ T6974] loop2: detected capacity change from 0 to 32768 [ 121.161273][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 121.192379][ T6974] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 121.281393][ T6974] XFS (loop2): Ending clean mount [ 121.307089][ T6974] XFS (loop2): Quotacheck needed: Please wait. [ 121.389340][ T6974] XFS (loop2): Quotacheck: Done. [ 121.400311][ T6986] loop1: detected capacity change from 0 to 32768 [ 121.413972][ T6986] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.326 (6986) [ 121.474590][ T6986] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 121.499826][ T6986] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 121.509470][ T6986] BTRFS info (device loop1): enabling auto defrag [ 121.526533][ T6986] BTRFS info (device loop1): use no compression [ 121.534281][ T6986] BTRFS info (device loop1): force clearing of disk cache [ 121.546791][ T6986] BTRFS info (device loop1): max_inline at 4096 [ 121.553395][ T6986] BTRFS info (device loop1): disabling free space tree [ 121.584254][ T6998] XFS (loop2): User initiated shutdown received. [ 121.598379][ T6998] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 121.598591][ T28] audit: type=1800 audit(1776800435.000:7): pid=6974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.330" name="file1" dev="loop2" ino=6150 res=0 errno=0 [ 121.617662][ T6998] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 121.757566][ T6986] BTRFS info (device loop1): enabling ssd optimizations [ 121.764683][ T6986] BTRFS info (device loop1): auto enabling async discard [ 121.809789][ T6986] BTRFS info (device loop1): rebuilding free space tree [ 121.842826][ T6986] BTRFS info (device loop1): disabling free space tree [ 121.862344][ T5767] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 121.866275][ T6986] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 121.885410][ T6986] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 122.194082][ T5805] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.396362][ T5765] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 122.800671][ T7032] loop4: detected capacity change from 0 to 512 [ 122.848187][ T7032] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 123.028402][ T7032] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.336: invalid indirect mapped block 4294967295 (level 0) [ 123.078744][ T7032] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.336: invalid indirect mapped block 4294967295 (level 1) [ 123.214684][ T7032] EXT4-fs (loop4): 1 orphan inode deleted [ 123.226834][ T7032] EXT4-fs (loop4): 1 truncate cleaned up [ 123.233909][ T5805] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 123.312838][ T7032] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.501081][ T6149] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.900407][ T7054] pim6reg: entered allmulticast mode [ 123.933254][ T7054] pim6reg: left allmulticast mode [ 123.947079][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 124.267885][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 124.276441][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 124.426347][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 124.538784][ T7045] loop4: detected capacity change from 0 to 32768 [ 124.599405][ T7045] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 124.626214][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 124.634940][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 124.656390][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 124.670374][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 124.765352][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 124.864462][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 124.892925][ T9] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 124.893166][ T7045] XFS (loop4): Ending clean mount [ 124.902885][ T9] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 124.921750][ T9] usb 2-1: Manufacturer: syz [ 124.938432][ T9] usb 2-1: config 0 descriptor?? [ 124.949430][ T7045] XFS (loop4): Quotacheck needed: Please wait. [ 125.084151][ T7045] XFS (loop4): Quotacheck: Done. [ 125.276326][ T9] rc_core: IR keymap rc-hauppauge not found [ 125.285413][ T7045] XFS (loop4): User initiated shutdown received. [ 125.312587][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 125.333670][ T7045] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 125.367483][ T7045] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 125.376965][ T28] audit: type=1800 audit(1776800438.770:8): pid=7073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.341" name="file1" dev="loop4" ino=6150 res=0 errno=0 [ 125.416315][ T9] Registered IR keymap rc-empty [ 125.429831][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 125.486849][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 125.546580][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 125.565484][ T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 125.584864][ T6149] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 125.603598][ T7068] loop2: detected capacity change from 0 to 32768 [ 125.653052][ T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input8 [ 125.709213][ T7068] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 125.716899][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 125.757087][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 125.806628][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 125.846452][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 125.880183][ T7068] XFS (loop2): Ending clean mount [ 125.907641][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 125.966872][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 126.036571][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 126.084445][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 126.145160][ T7068] syz.2.349 (7068) used greatest stack depth: 20712 bytes left [ 126.164225][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 126.200052][ T5767] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 126.202246][ T7089] kernel read not supported for file /file1 (pid: 7089 comm: syz.3.351) [ 126.218470][ T9] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 126.229513][ T28] audit: type=1800 audit(1776800439.630:9): pid=7089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.351" name="file1" dev="mqueue" ino=11514 res=0 errno=0 [ 126.259267][ T9] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 126.276187][ T9] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 126.310509][ T9] usb 2-1: USB disconnect, device number 4 [ 126.364649][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 126.807777][ T7097] pim6reg: entered allmulticast mode [ 126.833948][ T7095] loop3: detected capacity change from 0 to 40427 [ 126.843024][ T7097] pim6reg: left allmulticast mode [ 126.857947][ T7095] F2FS-fs (loop3): invalid crc value [ 126.870718][ T7095] F2FS-fs (loop3): Found nat_bits in checkpoint [ 126.958671][ T7095] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 127.140707][ T7095] syz.3.355: attempt to access beyond end of device [ 127.140707][ T7095] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 127.228548][ T5768] syz-executor: attempt to access beyond end of device [ 127.228548][ T5768] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 127.247688][ T5768] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 127.306689][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 127.394248][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 127.896589][ T7119] input: syz1 as /devices/virtual/input/input9 [ 128.109108][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.220056][ T7124] validate_nla: 2 callbacks suppressed [ 128.220067][ T7124] netlink: 'syz.2.365': attribute type 3 has an invalid length. [ 128.253651][ T7124] netlink: 'syz.2.365': attribute type 4 has an invalid length. [ 128.271591][ T7124] netlink: 'syz.2.365': attribute type 7 has an invalid length. [ 128.300489][ T7124] netlink: 'syz.2.365': attribute type 8 has an invalid length. [ 128.326439][ T7124] netlink: 'syz.2.365': attribute type 7 has an invalid length. [ 128.334566][ T7124] netlink: 198048 bytes leftover after parsing attributes in process `syz.2.365'. [ 128.374864][ T7128] loop3: detected capacity change from 0 to 128 [ 128.403583][ T7128] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 128.430669][ T5805] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.449211][ T7128] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 128.752248][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.766553][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.897522][ T5805] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 128.945815][ T7134] can0: slcan on ttyS3. [ 129.088943][ T7134] can0 (unregistered): slcan off ttyS3. [ 129.096248][ T5805] usb 3-1: Using ep0 maxpacket: 8 [ 129.110441][ T5805] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 129.135959][ T5805] usb 3-1: config 0 has no interface number 0 [ 129.162750][ T5805] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 129.187996][ T5805] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 129.224654][ T5805] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.258639][ T5805] usb 3-1: config 0 descriptor?? [ 129.316757][ T5805] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 129.486030][ T5805] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 129.619727][ C1] iowarrior 3-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 129.629500][ T5805] usb 3-1: USB disconnect, device number 5 [ 129.815940][ T7149] loop1: detected capacity change from 0 to 1024 [ 129.882800][ T7136] loop4: detected capacity change from 0 to 32768 [ 129.946302][ T5804] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 129.963146][ T7136] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 130.065580][ T7136] XFS (loop4): Ending clean mount [ 130.102815][ T7136] XFS (loop4): Quotacheck needed: Please wait. [ 130.144255][ T7149] hfsplus: b-tree write err: -5, ino 3 [ 130.170478][ T5804] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 130.208473][ T5804] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 130.226222][ T5804] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 130.226593][ T7136] XFS (loop4): Quotacheck: Done. [ 130.246263][ T5804] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 130.281751][ T5804] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 130.313004][ T5804] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 130.346532][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.371709][ T5804] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 130.392023][ T5804] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.407271][ T5804] usb 4-1: config 0 descriptor?? [ 130.413568][ T7145] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 130.506662][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.539306][ T6149] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 130.701466][ T5804] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 130.922074][ C1] usblp0: nonzero read bulk status received: -71 [ 130.933724][ T7145] usblp0: error -71 reading from printer [ 130.944968][ C1] usblp0: nonzero read bulk status received: -71 [ 130.956548][ T5805] usb 4-1: USB disconnect, device number 6 [ 130.972625][ T5805] usblp0: removed [ 131.554416][ T5805] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 131.583170][ T7183] pim6reg: entered allmulticast mode [ 131.636609][ T7183] pim6reg: left allmulticast mode [ 132.372002][ T7194] loop3: detected capacity change from 0 to 4096 [ 132.663586][ T7185] loop4: detected capacity change from 0 to 131072 [ 132.673155][ T7185] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0) [ 132.683827][ T7185] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 132.705661][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 132.715030][ T7185] F2FS-fs (loop4): invalid crc value [ 132.762052][ T7185] F2FS-fs (loop4): Found nat_bits in checkpoint [ 132.814434][ T7185] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 132.824405][ T7185] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 133.233654][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.241470][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.370228][ T7213] loop2: detected capacity change from 0 to 512 [ 133.381031][ T7213] EXT4-fs: Ignoring removed bh option [ 133.399846][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.420552][ T7213] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 133.450257][ T7213] EXT4-fs (loop2): 1 truncate cleaned up [ 133.507554][ T7213] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.607131][ T7217] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set [ 133.736388][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.806290][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.876436][ T7221] syzkaller1: entered promiscuous mode [ 133.892822][ T7221] syzkaller1: entered allmulticast mode [ 134.508147][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 134.523998][ T7240] input: syz1 as /devices/virtual/input/input10 [ 134.536893][ T7240] input: failed to attach handler leds to device input10, error: -6 [ 134.754427][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.176869][ T27] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 135.358046][ T27] usb 3-1: Using ep0 maxpacket: 16 [ 135.362595][ T27] usb 3-1: config 0 has an invalid interface number: 34 but max is 0 [ 135.387839][ T27] usb 3-1: config 0 has no interface number 0 [ 135.387889][ T27] usb 3-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023 [ 135.408156][ T27] usb 3-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80 [ 135.413272][ T27] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 135.413301][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.413319][ T27] usb 3-1: Product: syz [ 135.413331][ T27] usb 3-1: Manufacturer: syz [ 135.413369][ T27] usb 3-1: SerialNumber: syz [ 135.423849][ T27] usb 3-1: config 0 descriptor?? [ 135.425043][ T7256] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 135.425353][ T7256] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 135.514407][ T7268] loop4: detected capacity change from 0 to 1024 [ 135.571564][ T7268] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 135.652630][ T7256] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 135.652854][ T7256] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 135.662244][ T7268] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.815522][ T7268] EXT4-fs error (device loop4): ext4_map_blocks:720: inode #15: comm syz.4.409: lblock 0 mapped to illegal pblock 0 (length 6) [ 135.815772][ T5805] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.818589][ T7268] EXT4-fs error (device loop4): ext4_ext_remove_space:2940: inode #15: comm syz.4.409: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 135.880993][ T7271] EXT4-fs error (device loop4): ext4_map_blocks:720: inode #15: block 3: comm syz.4.409: lblock 3 mapped to illegal pblock 3 (length 3) [ 135.881495][ T7271] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 135.881521][ T7271] EXT4-fs (loop4): This should not happen!! Data will be lost [ 135.881521][ T7271] [ 135.916324][ T27] asix 3-1:0.34 (unnamed net_device) (uninitialized): invalid hw address, using random [ 135.968442][ T1076] EXT4-fs error (device loop4): ext4_map_blocks:720: inode #15: block 8: comm kworker/u4:5: lblock 8 mapped to illegal pblock 8 (length 8) [ 135.969015][ T1076] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 135.969039][ T1076] EXT4-fs (loop4): This should not happen!! Data will be lost [ 135.969039][ T1076] [ 135.993339][ T6149] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 136.526413][ T27] asix 3-1:0.34 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 136.557833][ T27] asix 3-1:0.34 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9 [ 136.616377][ T27] asix: probe of 3-1:0.34 failed with error -71 [ 136.658309][ T27] usb 3-1: USB disconnect, device number 6 [ 136.833116][ T7297] loop4: detected capacity change from 0 to 2048 [ 136.836986][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.948816][ T7297] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.023700][ T7297] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 137.050265][ T7297] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 30 with max blocks 1 with error 28 [ 137.064350][ T7297] EXT4-fs (loop4): This should not happen!! Data will be lost [ 137.064350][ T7297] [ 137.076540][ T7297] EXT4-fs (loop4): Total free blocks count 0 [ 137.084154][ T7307] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 137.087312][ T7297] EXT4-fs (loop4): Free/Dirty block details [ 137.097721][ T7307] EXT4-fs (loop4): This should not happen!! Data will be lost [ 137.097721][ T7307] [ 137.114553][ T7307] EXT4-fs (loop4): Total free blocks count 0 [ 137.121048][ T7307] EXT4-fs (loop4): Free/Dirty block details [ 137.121734][ T7297] EXT4-fs (loop4): free_blocks=66060288 [ 137.264180][ T7309] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.274133][ T5824] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 137.282302][ T27] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 137.371506][ T7313] loop2: detected capacity change from 0 to 1024 [ 137.476342][ T27] usb 2-1: Using ep0 maxpacket: 32 [ 137.481773][ T7313] hfsplus: b-tree write err: -5, ino 3 [ 137.505874][ T5824] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.531621][ T27] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 137.545846][ T5824] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 137.558921][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.572237][ T27] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 137.593101][ T5824] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 137.604393][ T5824] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.614415][ T5824] usb 4-1: Product: syz [ 137.620562][ T5824] usb 4-1: Manufacturer: syz [ 137.626008][ T27] usb 2-1: New USB device found, idVendor=1f71, idProduct=3306, bcdDevice=1b.23 [ 137.646239][ T5824] usb 4-1: SerialNumber: syz [ 137.656216][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.678140][ T27] usb 2-1: Product: syz [ 137.685321][ T5824] cdc_mbim 4-1:1.0: skipping garbage [ 137.696184][ T27] usb 2-1: Manufacturer: syz [ 137.701117][ T27] usb 2-1: SerialNumber: syz [ 137.730949][ T27] usb 2-1: config 0 descriptor?? [ 137.779420][ T7318] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.793066][ T7318] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.805011][ T7318] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.817681][ T7318] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.836852][ T7318] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.846444][ T7318] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.894200][ T7306] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 137.915421][ T7322] netlink: 'syz.4.429': attribute type 4 has an invalid length. [ 138.000266][ T7322] netlink: 'syz.4.429': attribute type 17 has an invalid length. [ 138.041276][ T27] usb 2-1: USB disconnect, device number 5 [ 138.264741][ T7329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.432'. [ 138.345913][ T7331] netlink: 'syz.4.433': attribute type 12 has an invalid length. [ 138.357445][ T7331] netlink: 'syz.4.433': attribute type 29 has an invalid length. [ 138.367472][ T7331] netlink: 148 bytes leftover after parsing attributes in process `syz.4.433'. [ 138.384232][ T7331] netlink: 'syz.4.433': attribute type 1 has an invalid length. [ 138.534566][ T7306] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 138.548804][ T5824] cdc_mbim 4-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 138.557013][ T5824] cdc_mbim 4-1:1.0: setting rx_max = 2048 [ 138.788086][ T5824] cdc_mbim 4-1:1.0: setting tx_max = 184 [ 138.820250][ T5824] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device [ 138.856900][ T5824] wwan wwan0: port wwan0mbim0 attached [ 138.926822][ T5824] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, c6:84:c4:cb:30:09 [ 138.990651][ T5824] usb 4-1: USB disconnect, device number 7 [ 139.035350][ T5824] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM [ 139.211337][ T5824] wwan wwan0: port wwan0mbim0 disconnected [ 139.712779][ T7351] netlink: 'syz.2.440': attribute type 4 has an invalid length. [ 139.715535][ T7350] loop3: detected capacity change from 0 to 256 [ 139.826303][ T7351] netlink: 'syz.2.440': attribute type 17 has an invalid length. [ 140.033884][ T7358] loop3: detected capacity change from 0 to 256 [ 140.087978][ T7358] exfat: Unknown parameter '017777777777777777777770x00000000ffffffff' [ 140.141927][ T7358] fuse: Invalid user_id [ 140.518744][ T7368] loop3: detected capacity change from 0 to 4096 [ 140.557553][ T7368] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 140.630788][ T7368] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 140.905684][ T7368] ntfs3: loop3: ino=1f, "file2" failed to open parent directory r=5 to update [ 141.137576][ T1122] ntfs3: loop3: ino=1f, failed to open parent directory r=5 to update [ 141.344757][ T7401] loop3: detected capacity change from 0 to 64 [ 141.491270][ T7405] pim6reg: entered allmulticast mode [ 141.537055][ T7407] netlink: 'syz.1.457': attribute type 4 has an invalid length. [ 141.666279][ T7411] netlink: 'syz.1.457': attribute type 17 has an invalid length. [ 141.734029][ T7405] pim6reg: left allmulticast mode [ 142.288863][ T7431] loop4: detected capacity change from 0 to 64 [ 142.503392][ T7438] loop1: detected capacity change from 0 to 512 [ 142.614975][ T7438] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.645840][ T7438] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 143.098607][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.238503][ T7451] netlink: 'syz.1.470': attribute type 4 has an invalid length. [ 143.294462][ T7451] netlink: 'syz.1.470': attribute type 17 has an invalid length. [ 144.035778][ T7449] loop3: detected capacity change from 0 to 32768 [ 144.082581][ T7449] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 144.201743][ T7449] XFS (loop3): Ending clean mount [ 144.254425][ T7449] XFS (loop3): Quotacheck needed: Please wait. [ 144.280350][ T7456] loop1: detected capacity change from 0 to 32768 [ 144.337758][ T7456] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 144.385612][ T7449] XFS (loop3): Quotacheck: Done. [ 144.423889][ T7456] XFS (loop1): Ending clean mount [ 144.449119][ T7456] XFS (loop1): Quotacheck needed: Please wait. [ 144.507605][ T7456] XFS (loop1): Quotacheck: Done. [ 144.548360][ T7475] XFS (loop3): User initiated shutdown received. [ 144.551024][ T28] audit: type=1800 audit(1776800713.953:10): pid=7449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.469" name="file1" dev="loop3" ino=6150 res=0 errno=0 [ 144.555096][ T7475] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 144.593079][ T7475] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 144.712200][ T5765] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 144.746655][ T5773] Bluetooth: hci4: command 0x1003 tx timeout [ 144.747087][ T5769] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 144.778675][ T5768] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 144.893466][ T7479] loop4: detected capacity change from 0 to 4096 [ 145.016373][ T7480] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 145.031102][ T965] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 145.269721][ T965] usb 3-1: config 0 interface 0 has no altsetting 0 [ 145.286227][ T965] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 145.320456][ T7481] NILFS (loop4): nilfs_palloc_freev (ino=3): entry number 32 already freed [ 145.331272][ T965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.362459][ T7481] NILFS (loop4): nilfs_palloc_freev (ino=3): entry number 191 already freed [ 145.366714][ T965] usb 3-1: config 0 descriptor?? [ 145.374621][ T7481] NILFS (loop4): nilfs_sufile_do_free: segment 9 is already clean [ 145.625595][ T7486] loop3: detected capacity change from 0 to 2048 [ 145.728124][ T7486] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.759342][ T7486] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.956530][ T5768] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 16: comm syz-executor: path /123/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 146.035303][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.294593][ T7502] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 117 [ 146.412157][ T7504] netlink: 'syz.4.484': attribute type 4 has an invalid length. [ 146.429228][ T965] video4linux radio48: keene_cmd_set failed (-71) [ 146.446271][ T965] radio-keene 3-1:0.0: V4L2 device registered as radio48 [ 146.482251][ T965] usb 3-1: USB disconnect, device number 7 [ 146.611927][ T7506] hsr0: entered promiscuous mode [ 146.628298][ T7506] netlink: 4 bytes leftover after parsing attributes in process `syz.4.485'. [ 147.136294][ T5805] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 147.165659][ T7508] loop3: detected capacity change from 0 to 40427 [ 147.190813][ T7508] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 147.205753][ T7508] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 147.248110][ T7508] F2FS-fs (loop3): invalid crc value [ 147.366290][ T5805] usb 2-1: Using ep0 maxpacket: 8 [ 147.382622][ T5805] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 147.416357][ T5805] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.442755][ T5805] usb 2-1: Product: syz [ 147.452920][ T5805] usb 2-1: Manufacturer: syz [ 147.457922][ T7519] loop2: detected capacity change from 0 to 4096 [ 147.466291][ T5805] usb 2-1: SerialNumber: syz [ 147.475553][ T5805] usb 2-1: config 0 descriptor?? [ 147.485094][ T5805] gspca_main: se401-2.14.0 probing 047d:5003 [ 147.528773][ T7508] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 147.556252][ T7508] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 147.568677][ T7524] loop4: detected capacity change from 0 to 256 [ 147.572038][ T7525] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 147.746579][ T7526] NILFS (loop2): nilfs_palloc_freev (ino=3): entry number 191 already freed [ 147.783006][ T7526] NILFS (loop2): nilfs_sufile_do_free: segment 9 is already clean [ 147.877593][ T5768] syz-executor: attempt to access beyond end of device [ 147.877593][ T5768] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 147.904883][ T5768] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 147.927071][ T5805] gspca_se401: ExtraFeatures: 48 [ 147.947365][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 147.964899][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 147.987005][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 147.993097][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 148.037916][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 148.044079][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 148.056489][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 148.062829][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 148.099344][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 148.121582][ T5805] gspca_se401: Frame size: 0x0 1/16th janggu [ 148.162591][ T5805] input: se401 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input11 [ 148.215616][ T7533] loop2: detected capacity change from 0 to 1024 [ 148.321994][ T7533] hfsplus: invalid catalog entry type in lookup [ 148.446326][ T5824] usb 2-1: USB disconnect, device number 6 [ 148.825695][ T7542] loop3: detected capacity change from 0 to 4096 [ 148.843817][ T7542] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 148.906378][ T7542] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 148.932963][ T7542] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 149.056924][ T28] audit: type=1800 audit(1776800718.453:11): pid=7542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.498" name="file1" dev="loop3" ino=30 res=0 errno=0 [ 149.089302][ T8] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 149.168612][ T7547] loop1: detected capacity change from 0 to 256 [ 149.185917][ T7547] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 149.296228][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 149.323125][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 149.358391][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 149.406298][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 149.451681][ T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 149.478663][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.512077][ T8] usb 3-1: config 0 descriptor?? [ 149.767321][ T7556] loop1: detected capacity change from 0 to 4096 [ 149.825015][ T7559] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 149.986469][ T8] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:05AC:8241.0003/input/input12 [ 150.007607][ T7560] NILFS (loop1): nilfs_palloc_freev (ino=3): entry number 32 already freed [ 150.030402][ T7560] NILFS (loop1): nilfs_palloc_freev (ino=3): entry number 191 already freed [ 150.078964][ T7560] NILFS (loop1): nilfs_sufile_do_free: segment 9 is already clean [ 150.146581][ T8] appleir 0003:05AC:8241.0003: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0 [ 150.217500][ T8] usb 3-1: USB disconnect, device number 8 [ 150.393063][ T7561] fido_id[7561]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 150.493341][ T7567] loop1: detected capacity change from 0 to 1024 [ 150.660535][ T7570] netlink: 64 bytes leftover after parsing attributes in process `syz.4.509'. [ 151.216890][ T7586] loop4: detected capacity change from 0 to 4096 [ 151.226372][ T5824] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 151.271878][ T7588] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 151.444700][ T5824] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 151.460901][ T7586] NILFS (loop4): nilfs_palloc_freev (ino=3): entry number 191 already freed [ 151.471533][ T5824] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 151.486216][ T5824] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 151.509186][ T7586] NILFS (loop4): nilfs_sufile_do_free: segment 9 is already clean [ 151.518782][ T5824] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.540190][ T5824] usb 3-1: config 0 descriptor?? [ 151.563067][ T5824] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 151.586240][ T5824] dvb-usb: bulk message failed: -22 (3/0) [ 151.603827][ T5824] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 151.632483][ T5824] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 151.643706][ T5824] usb 3-1: media controller created [ 151.655997][ T5824] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 151.671817][ T5824] dvb-usb: bulk message failed: -22 (6/0) [ 151.679668][ T5824] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 151.690887][ T5824] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input13 [ 151.768644][ T7578] dvb-usb: bulk message failed: -22 (4/0) [ 151.775341][ T5824] dvb-usb: schedule remote query interval to 150 msecs. [ 151.806183][ T5824] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 151.822508][ T5824] usb 3-1: USB disconnect, device number 9 [ 151.856679][ T5824] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 152.755130][ T7592] loop2: detected capacity change from 0 to 32768 [ 152.962837][ T7594] loop1: detected capacity change from 0 to 40427 [ 153.020845][ T7594] F2FS-fs (loop1): invalid crc value [ 153.067586][ T7594] F2FS-fs (loop1): Found nat_bits in checkpoint [ 153.223668][ T7594] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 153.499495][ T5765] syz-executor: attempt to access beyond end of device [ 153.499495][ T5765] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 153.526402][ T5765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 153.635143][ T7617] loop3: detected capacity change from 0 to 1024 [ 153.663867][ T7617] EXT4-fs (loop3): bad geometry: bigalloc file system with non-zero first_data_block [ 153.663867][ T7617] [ 153.713135][ T7617] netlink: 156 bytes leftover after parsing attributes in process `syz.3.529'. [ 153.859318][ T7621] loop3: detected capacity change from 0 to 2048 [ 153.898767][ T7621] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 154.419705][ T7630] loop4: detected capacity change from 0 to 64 [ 154.494453][ T7631] loop2: detected capacity change from 0 to 2048 [ 154.548954][ T7631] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.598001][ T7631] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 154.691713][ T7631] fs-verity: sha512 using implementation "sha512-avx2" [ 154.781977][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.175933][ T7645] netlink: 'syz.1.538': attribute type 4 has an invalid length. [ 155.257016][ T7647] loop5: detected capacity change from 0 to 7 [ 155.276577][ T7647] Dev loop5: unable to read RDB block 7 [ 155.282311][ T7647] loop5: unable to read partition table [ 155.302556][ T7647] loop5: partition table beyond EOD, truncated [ 155.334885][ T7647] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 155.616461][ T7654] loop2: detected capacity change from 0 to 4096 [ 155.826609][ T5804] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 155.924230][ T7657] loop2: detected capacity change from 0 to 256 [ 155.987187][ T7657] syz.2.545: attempt to access beyond end of device [ 155.987187][ T7657] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256 [ 156.026462][ T5804] usb 4-1: Using ep0 maxpacket: 16 [ 156.049901][ T5804] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 156.100148][ T5804] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 156.133961][ T5804] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 156.166244][ T5804] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 156.195841][ T5804] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.218144][ T5804] usb 4-1: config 0 descriptor?? [ 156.320580][ T7662] loop5: detected capacity change from 0 to 2151 [ 156.364319][ T7662] loop5: detected capacity change from 2151 to 3471 [ 156.605397][ T7666] netlink: 'syz.2.549': attribute type 4 has an invalid length. [ 156.693552][ T5804] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:05AC:8241.0004/input/input14 [ 156.828059][ T5804] appleir 0003:05AC:8241.0004: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 156.885152][ T5804] usb 4-1: USB disconnect, device number 8 [ 156.982724][ T7630] [ 156.985124][ T7630] ============================================ [ 156.991373][ T7630] WARNING: possible recursive locking detected [ 156.997524][ T7630] syzkaller #0 Not tainted [ 157.002004][ T7630] -------------------------------------------- [ 157.008232][ T7630] syz.4.541/7630 is trying to acquire lock: [ 157.014110][ T7630] ffff88802f1120b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 157.023630][ T7630] [ 157.023630][ T7630] but task is already holding lock: [ 157.031157][ T7630] ffff88802f1120b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 157.040469][ T7630] [ 157.040469][ T7630] other info that might help us debug this: [ 157.048637][ T7630] Possible unsafe locking scenario: [ 157.048637][ T7630] [ 157.056166][ T7630] CPU0 [ 157.059617][ T7630] ---- [ 157.062972][ T7630] lock(&tree->tree_lock/1); [ 157.067670][ T7630] lock(&tree->tree_lock/1); [ 157.072383][ T7630] [ 157.072383][ T7630] *** DEADLOCK *** [ 157.072383][ T7630] [ 157.080533][ T7630] May be due to missing lock nesting notation [ 157.080533][ T7630] [ 157.089209][ T7630] 5 locks held by syz.4.541/7630: [ 157.094939][ T7630] #0: ffff88807ae24418 (sb_writers#17){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 157.104384][ T7630] #1: ffff88802bb13038 (&sb->s_type->i_mutex_key#23){+.+.}-{3:3}, at: do_truncate+0x19c/0x240 [ 157.115311][ T7630] #2: ffff88802bb12e78 (&HFS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 157.126562][ T7630] #3: ffff88802f1120b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 157.136971][ T7630] #4: ffff88802bb11af8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 157.148374][ T7630] [ 157.148374][ T7630] stack backtrace: [ 157.154454][ T7630] CPU: 1 PID: 7630 Comm: syz.4.541 Not tainted syzkaller #0 [ 157.161932][ T7630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 157.172348][ T7630] Call Trace: [ 157.175660][ T7630] [ 157.178668][ T7630] dump_stack_lvl+0x18c/0x250 [ 157.183350][ T7630] ? show_regs_print_info+0x20/0x20 [ 157.188557][ T7630] ? print_deadlock_bug+0x435/0x5d0 [ 157.193755][ T7630] __lock_acquire+0x5dbc/0x7d40 [ 157.198697][ T7630] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 157.204582][ T7630] ? verify_lock_unused+0x140/0x140 [ 157.210034][ T7630] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 157.216177][ T7630] ? _raw_spin_unlock+0x40/0x40 [ 157.221108][ T7630] ? stack_trace_save+0xaa/0x100 [ 157.226063][ T7630] ? stack_trace_snprint+0xf0/0xf0 [ 157.231188][ T7630] lock_acquire+0x19e/0x420 [ 157.235687][ T7630] ? hfs_find_init+0x17e/0x1f0 [ 157.240543][ T7630] ? hfs_extend_file+0x361/0x1380 [ 157.245641][ T7630] ? hfs_bmap_reserve+0x107/0x430 [ 157.250750][ T7630] ? block_write_begin+0x9a/0x1e0 [ 157.256034][ T7630] ? __might_sleep+0xe0/0xe0 [ 157.260620][ T7630] ? hfs_write_begin+0x8b/0xd0 [ 157.265462][ T7630] ? read_lock_is_recursive+0x20/0x20 [ 157.270996][ T7630] ? do_truncate+0x1b0/0x240 [ 157.275597][ T7630] ? vfs_truncate+0x266/0x300 [ 157.280278][ T7630] ? do_sys_truncate+0xf6/0x1c0 [ 157.285130][ T7630] ? do_syscall_64+0x55/0xa0 [ 157.289974][ T7630] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 157.296036][ T7630] __mutex_lock+0x136/0xcc0 [ 157.300539][ T7630] ? hfs_find_init+0x17e/0x1f0 [ 157.305314][ T7630] ? hfs_find_init+0x17e/0x1f0 [ 157.310243][ T7630] ? mutex_lock_nested+0x20/0x20 [ 157.315269][ T7630] ? __kmem_cache_alloc_node+0x13a/0x250 [ 157.321158][ T7630] ? hfs_find_init+0xa7/0x1f0 [ 157.325837][ T7630] ? hfs_find_init+0xa7/0x1f0 [ 157.330632][ T7630] ? __kmalloc+0xe2/0x230 [ 157.335051][ T7630] hfs_find_init+0x17e/0x1f0 [ 157.339636][ T7630] hfs_extend_file+0x361/0x1380 [ 157.344502][ T7630] ? hfs_bnode_read+0x358/0x7a0 [ 157.349628][ T7630] ? hfs_ext_keycmp+0x1c7/0x320 [ 157.354643][ T7630] ? hfs_get_block+0xc50/0xc50 [ 157.359409][ T7630] ? hfs_rename+0x2c0/0x2c0 [ 157.363898][ T7630] ? hfs_find_exit+0xa0/0xa0 [ 157.368593][ T7630] ? hfs_brec_find+0x3cd/0x500 [ 157.373354][ T7630] hfs_bmap_reserve+0x107/0x430 [ 157.378212][ T7630] __hfs_ext_write_extent+0x1fa/0x470 [ 157.383662][ T7630] __hfs_ext_cache_extent+0x6b/0x9b0 [ 157.388941][ T7630] ? hfs_find_init+0x17e/0x1f0 [ 157.393719][ T7630] hfs_extend_file+0x3a0/0x1380 [ 157.398647][ T7630] ? filemap_get_folios+0x102/0x7e0 [ 157.404168][ T7630] ? hfs_get_block+0xc50/0xc50 [ 157.409059][ T7630] ? find_lock_entries+0xfe0/0xfe0 [ 157.414226][ T7630] ? clean_bdev_aliases+0x587/0x680 [ 157.419607][ T7630] hfs_get_block+0x413/0xc50 [ 157.424210][ T7630] ? hfs_free_extents+0x430/0x430 [ 157.429233][ T7630] ? _raw_spin_unlock+0x28/0x40 [ 157.434084][ T7630] ? folio_add_lru+0x320/0xd30 [ 157.438883][ T7630] __block_write_begin_int+0x57f/0x1af0 [ 157.444436][ T7630] ? folio_add_lru+0xd30/0xd30 [ 157.449284][ T7630] ? hfs_free_extents+0x430/0x430 [ 157.454301][ T7630] ? folio_zero_new_buffers+0x550/0x550 [ 157.459952][ T7630] ? hfs_free_extents+0x430/0x430 [ 157.465125][ T7630] block_write_begin+0x9a/0x1e0 [ 157.469985][ T7630] cont_write_begin+0x5ee/0x810 [ 157.475204][ T7630] ? generic_cont_expand_simple+0x200/0x200 [ 157.481214][ T7630] ? __block_commit_write+0x23f/0x350 [ 157.486618][ T7630] ? put_page+0xea/0x260 [ 157.490882][ T7630] hfs_write_begin+0x8b/0xd0 [ 157.495565][ T7630] ? hfs_free_extents+0x430/0x430 [ 157.500591][ T7630] cont_write_begin+0x2b1/0x810 [ 157.505452][ T7630] ? generic_cont_expand_simple+0x200/0x200 [ 157.511361][ T7630] hfs_write_begin+0x8b/0xd0 [ 157.515994][ T7630] ? hfs_free_extents+0x430/0x430 [ 157.521125][ T7630] hfs_file_truncate+0x1c4/0xa10 [ 157.526080][ T7630] ? __up_read+0x2b6/0x6b0 [ 157.530620][ T7630] ? up_read+0x20/0x20 [ 157.535233][ T7630] ? up_read+0x20/0x20 [ 157.539309][ T7630] ? hfs_extend_file+0x1380/0x1380 [ 157.544412][ T7630] ? unmap_mapping_range+0xe7/0x180 [ 157.549616][ T7630] ? unmap_mapping_pages+0x160/0x160 [ 157.554892][ T7630] ? pagecache_isize_extended+0x116/0x570 [ 157.560627][ T7630] hfs_inode_setattr+0x4af/0x6e0 [ 157.565576][ T7630] ? bpf_lsm_inode_setattr+0x9/0x10 [ 157.570771][ T7630] ? try_break_deleg+0x79/0x120 [ 157.575614][ T7630] ? hfs_evict_inode+0x110/0x110 [ 157.580807][ T7630] notify_change+0xb0d/0xe10 [ 157.586356][ T7630] do_truncate+0x1b0/0x240 [ 157.590777][ T7630] ? put_page_bootmem+0x2c0/0x2c0 [ 157.595881][ T7630] ? bpf_lsm_path_truncate+0x9/0x10 [ 157.601251][ T7630] vfs_truncate+0x266/0x300 [ 157.605771][ T7630] do_sys_truncate+0xf6/0x1c0 [ 157.610571][ T7630] ? lock_chain_count+0x20/0x20 [ 157.615556][ T7630] ? break_lease+0xd0/0xd0 [ 157.619997][ T7630] ? lockdep_hardirqs_on+0x98/0x150 [ 157.625219][ T7630] do_syscall_64+0x55/0xa0 [ 157.629647][ T7630] ? clear_bhb_loop+0x40/0x90 [ 157.634341][ T7630] ? clear_bhb_loop+0x40/0x90 [ 157.639020][ T7630] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 157.644917][ T7630] RIP: 0033:0x7f4e7359c819 [ 157.649440][ T7630] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 157.669312][ T7630] RSP: 002b:00007f4e74380028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 157.677739][ T7630] RAX: ffffffffffffffda RBX: 00007f4e73815fa0 RCX: 00007f4e7359c819 [ 157.685842][ T7630] RDX: 0000000000000000 RSI: 0000000002fffffd RDI: 0000200000000940 [ 157.693906][ T7630] RBP: 00007f4e73632c91 R08: 0000000000000000 R09: 0000000000000000 [ 157.702050][ T7630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 157.710024][ T7630] R13: 00007f4e73816038 R14: 00007f4e73815fa0 R15: 00007ffe514d7a58 [ 157.718639][ T7630] [ 157.746492][ T7669] fido_id[7669]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory