last executing test programs: 10.956344608s ago: executing program 2 (id=2049): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) getsockopt$bt_hci(r0, 0x84, 0xd, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7) 10.823126658s ago: executing program 2 (id=2051): syz_mount_image$udf(&(0x7f0000000a40), &(0x7f0000000000)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746164000000006d653d3030303030303030303030303030303030b030342c6e6f6164696e6963622c7569643d00", @ANYRESHEX, @ANYRES64=0x0], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r0, 0xfffffffffffffffe, 0x29) 8.975862332s ago: executing program 2 (id=2055): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000240)={0x0, @local, @private}, &(0x7f0000000340)=0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000002a00)='./file0\x00', 0x40, 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nobarrier,mode=lfs,fsync_mode=strict\x00acl,\x00'], 0x1, 0x5509, &(0x7f0000000500)="$eJzs3E1rY+UXAPCTdjrv//kXceFuLgxCC5Mw6cugu6oz+IIdyqgLV5omachMkluaNK1duXApLvwmouDKpZ/BhWt34kJxJyi591anvoBDk8a2vx/cnPs8eXLuecIwcO4tCeDcmk9+/rEUN+JKRMxGxPWI7LxUHJm1PDwXETcjYuaJo1TM/z5xMSKuRsSNUfI8Z6l469Pbw1urP7zx01ffXLpw7bMvv53eroFpez4iutv5+V43j2krj4+K+dqwncXuyrCI+Rvdx8U4zeNeczPLsFc7XFfL4nIrX59u7/ZHcatTq49iq72VzW/38gv2h63DPNkHHtV2snGjuZnFdj/NYusgr2v/IP+/7aA/yPM0inwfZOljMDiM+Xxzv5nvZ/txFuu9QTGf500bzf1RHBaxuFzU004jq2PzON/0f9ub7d7ufjJs7vTbaS9ZrVRfqFTvlqs7aaM5aK6Ua93G3ZVkodUZLSsPmrXuWitNW51mpZ52F5OFVr1erlaThXvNzXatl1SrleXKnfLqYnF2O3n1wTtJp5EsjOLL7d7uoN3pJ1vpTpJ/YjFZqiy/uJjcqiZvrW8kGw/v31/fePu9e+8+eGn99VeKRX8pK1lYurO0VK7eKS9VF8/R/j8qih7j/uFYSk+3/NKk6gA4RfT/wDRMrv/feRgx+f4/9P9jcar63/Pe/09g/3AsT9n/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdnw39/lr2cl8Pr5WzP+vmHqmGJciYiYifv0bs3HxSM7ZIs/cP6yf+1MNX5ciyzC6xqXiuBoRa8Xxy/8n/S0AAADA2fXFhzc/ybv1/GV+2gVxkvKbNjPX3x9TvlJEzM1/P6ZsM6OXZ8eULPv3fSH2x5Qtu4F1eUzJ8ltuF8aV7V+ZPRIuPxFKeZg50XIAAIATcbQTONkuBAAAgJP08bQLYDpKcfgo8/BZcPaX9388ELxyZAQAAACcQqVpFwAAAABMXNb/+/0/AAAAONvy3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+Y+d+bhMHojgAPxu8sP+0aLX3bWVvUMaWsMc9RhSQJiiBtJAGqIHcUkIEER4HhYhEkTy2FfR9khnGgh8zCA7zRhoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo0l21Xtxc/b5um7Pbt5NnNgAAAMA522q9qJ/MUv9rc/97c+tn0y8iooyIc2v3UXw6yRw1OdUrr69ejOE2ok44fMakub5ExJ/mevjR9bcAAAAAl2uzXM3Taj09zIYeEH1KRZvy299MeUVEVLP7TGnlIe9XprD69z2O/5nS6gLWNFNYKrmNc6W9S/13P1btps+aIjXl2+/PNncAAKBHo5Om31UIAAAAffo39AAYRhFPW5nHrcBJaprtvc8nPQAAAOADKoYeAAAAANC5ev3v/D8AAAC4bOn8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALq0rdaLzXI1b5uz27eTZzYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj+zPOwqEQBiEwd71ncnc/7DSoKmpSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb373l/8TU+NMMvfaWHoeSdZOja1TY+/cOPrD+Po1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT+3KQCCQBgGt7Kvf+H9Dxsv6BkimAHhYRcFAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiRe8YyTq0ztsRTVS3TxJ5xr6ojq8SZVeLKhT4ebP3DHwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC879/MaRxUHAPzNzM42rYprlBwiYsGDXmy6ra29iQclePBPEEK6rbFbf7Q52FKEXLxJzr2IHkUEJd76P/TcQi/11sMeKnhW5lfy0gZchc5ssp8PvHnfGYZ53zcLId99LwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCfyft7cVYcBlWc1tfuPb61XvT3n+gLd7YfLBetiJM2kz4cXotPkqXoZKH9ZAAAAJgPWVPfhxAe5jurRZ8Oyvo/b+4pav4fXqjipp5/su5v+qb2L9rvvz16ZXegQTVO8dBLG+PR6adT6T27Wc62F//1jl755svvXrLyA0k/2np5kpfvM/nu7t0P+mV4rI1sAYD/41TT10Hz+1DRD7tMDIC50YsK76b+zwbd5gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQhslWeK6JkxDCcm8vLtx/fGv9oP7O9oPlpp2/fXs7fmbxiDyEcGljPDodFlqczWy7fuPmlbXxeHSt/eD1EEJXo79XT//KJ1PcHMIzSuNkR29+zoK0/rBnJZ/DEXT4QwkAgCMpr1tR1z/Md1aLa8liCH//uL/+fzOKw5T1/6NPz9+Lx4rr/2FrM5x9K5tXv1y5fuPm2xtX1y6PLo8+f+fM8N3h2Qvnzl1YKb8rqY5dpwkAAMAh1q9bXP+ni0+v/5+I4jBl/f/V98Nv4rEy9f+B9hb9us4EAABgvr108q8/kwOuJ/1++Hptc/PasDrunp+pjh2k+p8dq1tc/2eLXWcFAAAAtGGylexb/78YxWHK9f/nf3r1l/iZWQjheL3+f2r9i/HF9qYz09r4c+Ku5wgAAEC3jtctXv/Py/3/6e6WhzSE8NYbVVz/G8Cp6v/sw29/jseK9/+fbW+KMyldqt5H2S+F0FvqOiMAAACOsoWyDcr6/498Z/WzX0983Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//LVo+Qw==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000008c0)=ANY=[], 0x1, 0x0, &(0x7f0000000200)) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f00000001c0)=0x20000008) rename(&(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 7.844188235s ago: executing program 1 (id=2058): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f00000000c0)=@add_del={0x3, &(0x7f0000000080)='nr0\x00'}) 7.615080931s ago: executing program 1 (id=2060): syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5ac, 0x292, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, {0x9}}}]}}]}}, 0x0) 7.380145787s ago: executing program 2 (id=2061): socket$inet6_udplite(0xa, 0x2, 0x88) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='sched_switch\x00', r0}, 0x10) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000540)={0x9df7}, 0x8) r1 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000240)=0x3, 0x4) r2 = socket$netlink(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000080)={0x44, r3, 0x615, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x44}, 0x5}, 0x0) 5.872147568s ago: executing program 2 (id=2072): syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mlock(&(0x7f0000006000/0x3000)=nil, 0x3000) r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, &(0x7f0000000240)='6', 0x1) syz_usb_disconnect(r0) socket$inet_smc(0x2b, 0x1, 0x0) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) mmap$snddsp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x81000000) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) 5.042836565s ago: executing program 3 (id=2075): syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)=ANY=[], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) write$char_usb(r0, &(0x7f0000000540)="a3cff903a068ab0a53718c13378cd068a74430b2d1589a576219b674479e4c96e93cc7c2c40fc9c497a0355ef94e223397af4d210291a0c900096cbf54e74b73a1eb9c32e01ea632d9cf21227e9c", 0x4e) 4.631893369s ago: executing program 4 (id=2076): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0xab, 0xbe, 0x67, 0x40, 0x17e9, 0x8b4e, 0x9c08, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, &(0x7f00000000c0)={0xc, &(0x7f0000000000)={0x0, 0x0, 0x2, {0x2}}, 0x0}, 0x0) 4.404161754s ago: executing program 1 (id=2078): memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x36, &(0x7f0000000b00)=ANY=[@ANYRES32, @ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b705", @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000083940000fcffffffbf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x95, &(0x7f00000003c0)=""/149}, 0x90) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000340), 0x4) mbind(&(0x7f000012c000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0x8006, 0x86, 0x3) r1 = landlock_create_ruleset(&(0x7f0000000000)={0x6084}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) truncate(&(0x7f0000000080)='./file0\x00', 0x0) 3.081231527s ago: executing program 1 (id=2080): syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="007e2a01b3e93dc9b01cde3a16380b3485a43d22a0baf1475abb31820c847c4cc9c5f7fb5b0346e9584bd76d3e0284a2d88a1203a216f9000000000000000000cd53386d3903cd1c5feea0df6ae2ffebef5a71b94f19fe6b85f2e9673d8056b96f0ea03203e45120741be6031f1d069575c54d3635d0bfe4f1c7021f"], 0x1, 0x179, &(0x7f0000000680)="$eJzskbtKM0Ecxc9sJrev+FCwSpOAorHQ7G5UxEbL2PsAhmSNwY2XbEATUqyIpLAQS58gryH4AlpIsLYTUgRrWZnLjrPP4PyKPfM/c+Y/lz0OLoIsgO/ZsIE9cFL4j1dCQAEUifCmltAHqW9S74XgReb2pX8jtRD0Byd13/e6pZ0S5hPGJ/DFPWUFu9cWprzVZDZssMEhgCiKIuY1ARaHnkm9U75RnClQYIFfIlIZlmDFCoBKr3NeCfqDtXan3vJa3qnrVrfsDdvedCtHbd+zxZdoW8irgOkqAPZeeW0+DeBWZv4hCdGOJueJvjajvWF5MbnWQl6N4x4ET2ptFvH/Ag6wjByAy5D8uhPRhYJfqQaClCwcqp1PpHJ8Yr1x5jdHICDxsjGo6uF8IK0KVy+q22F81JHUJak1qWPtGRnFTNKgvMOdrMphfMSuw4JX9V6v6wAZMXKV586F0BqxXR+t5OWeLRgMBoPBYDAYDAbDX+cnAAD//4SCddk=") bpf$OBJ_GET_PROG(0x7, &(0x7f00000004c0)=@generic={&(0x7f0000000480)='./file1\x00'}, 0x18) 2.821119387s ago: executing program 1 (id=2081): tkill(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r6) write$cgroup_pid(r4, &(0x7f0000000040), 0x12) 2.623969247s ago: executing program 4 (id=2082): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) readv(r0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/171, 0xab}], 0x1) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0) 1.944107952s ago: executing program 4 (id=2084): socket$unix(0x1, 0x5, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) timerfd_create(0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00') socket$netlink(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r0], 0x3c}}, 0x0) 1.813591932s ago: executing program 4 (id=2085): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="540100001000130700000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000000000000000000005000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414bb0000000000000000000000000000000032000000ac1414aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000400000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00040007"], 0x154}}, 0x0) 1.784765506s ago: executing program 1 (id=2086): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x0, {}, {}, @cond=[{}, {0x0, 0x0, 0x0, 0x4}]}) syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000cc0)=ANY=[@ANYBLOB="0001d2"], 0x0, 0x0, 0x0, 0x0}, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES16], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x10) r2 = syz_open_dev$evdev(&(0x7f0000000880), 0x200000000000002, 0x862b01) write$char_usb(r2, &(0x7f0000000040)="e2", 0x2250) 1.324271707s ago: executing program 2 (id=2087): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x32, 0xf4, 0x49, 0x10, 0x9c0, 0x201, 0xaa4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe5, 0xa5, 0xc8}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000940)={0x2c, &(0x7f00000006c0)={0x0, 0x0, 0x1, "c2"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000180)={0x0, 0x0, 0x1, "99"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000800)={0x18, &(0x7f00000005c0)={0x0, 0x0, 0x24, "94b1612049e0b70293e3f0392046053883c2d0589658fd5126a38aee0a157400e19c6106"}, 0x0, &(0x7f0000000700)={0x0, 0x8, 0x1}, 0x0, 0x0}) syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000440)={0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20, 0x85, 0x3, "146b2f"}}) 1.323875047s ago: executing program 3 (id=2088): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x0, "5d9bc136c963354c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9dc50050257ebf728bb1687ad314a7b0ce15c1e6be0e7ecabfdfde0dfa00b100"}, 0x48, 0xffffffffffffffff) pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0x0) keyctl$update(0x2, r2, &(0x7f0000000b40)="8b", 0x1) 1.323679107s ago: executing program 4 (id=2089): socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000480)={'vxcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f00000004c0)={0x1d, r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000040)={'vxcan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r4], 0x20}}, 0x0) 1.323297467s ago: executing program 0 (id=2090): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040)=0x5, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e24, 0x0, @empty}, 0x1c) 1.288620292s ago: executing program 0 (id=2091): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) getsockopt$sock_cred(r0, 0x1, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0xc) 1.1728192s ago: executing program 0 (id=2092): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000010200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f00000202c0)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x12, r1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) setsockopt$sock_int(r0, 0x1, 0xd, &(0x7f0000000000), 0x4) 1.052094749s ago: executing program 4 (id=2093): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000000)={0x20080522, r0}, &(0x7f0000000240)={0x6, 0x0, 0x0, 0x0, 0x0, 0x4159}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_ACTIVATE(r1, 0x4b45, 0x0) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010921"], 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x4, 0xb4, &(0x7f00000001c0)=""/180}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='timer_start\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r4, &(0x7f0000000200), 0x43400) syz_usb_control_io$hid(r2, &(0x7f0000000040)={0x24, 0x0, &(0x7f0000000640)={0x0, 0x3, 0x2, @string}, 0x0, 0x0}, 0x0) 1.015360074s ago: executing program 0 (id=2094): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087bd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4) sendto$inet(r0, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000001180)={0x0, 0x0, 0x0}, 0x2040) 263.89866ms ago: executing program 3 (id=2095): socket$unix(0x1, 0x5, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) timerfd_create(0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00') socket$netlink(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r0], 0x3c}}, 0x0) 192.027541ms ago: executing program 3 (id=2096): socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00'}, 0x10) socket$unix(0x1, 0x0, 0x0) r0 = socket$unix(0x1, 0x0, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) listen(r0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @remote, @void, {@arp={0x806, @ether_ipv4={0x9, 0x800, 0x6, 0x4, 0x1, @broadcast, @remote, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0) 191.727641ms ago: executing program 3 (id=2097): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x6}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e85000000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='jbd2_handle_stats\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) 151.052857ms ago: executing program 3 (id=2098): syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)=ANY=[], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) write$char_usb(r0, &(0x7f0000000540)="a3cff903a068ab0a53718c13378cd068a74430b2d1589a576219b674479e4c96e93cc7c2c40fc9c497a0355ef94e223397af4d210291a0c900096cbf54e74b73a1eb9c32e01ea632d9cf21227e9c", 0x4e) 125.251501ms ago: executing program 0 (id=2099): syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc000000850000000800000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2300, 0x0, &(0x7f0000000100), 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) r1 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r1, &(0x7f0000000600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x10, 0x84, 0x8}}], 0x10}}], 0x1, 0x0) 0s ago: executing program 0 (id=2100): syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x2, 0xc8, 0x2}}}, 0x7) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x9, 0xff81, 0x1, 0x6}}]}}, 0x15) r0 = syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) arch_prctl$ARCH_SHSTK_ENABLE(0x1011, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$sock_ifreq(r4, 0x89f0, &(0x7f0000000040)={'bond0\x00', @ifru_names='erspan0\x00'}) socket$inet(0x2, 0x0, 0x0) mmap$usbmon(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xe, 0x10, r0, 0x0) syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x0, 0xc9, "4bddfc52fd3a5399"}}}, 0xe) syz_emit_vhci(0x0, 0x0) kernel console output (not intermixed with test programs): 4639][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 282.580616][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 282.589373][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 282.608724][ T8760] device veth1_macvtap entered promiscuous mode [ 282.633117][ T8763] device veth1_macvtap entered promiscuous mode [ 282.699552][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 282.728030][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 282.740066][ T25] audit: type=1326 audit(1719604670.985:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9004 comm="syz.0.1402" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1dd170eb99 code=0x0 [ 282.740768][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 282.761715][ C0] vkms_vblank_simulate: vblank timer overrun [ 282.822834][ T8760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.869704][ T8760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.892045][ T8760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.932806][ T8760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.968762][ T8760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 282.980462][ T8760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.991311][ T8760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.002122][ T8760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.013642][ T8760] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 283.024548][ T8760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.029869][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 283.159611][ T8760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.212226][ T4429] Bluetooth: (null): Invalid header checksum [ 283.221220][ T4429] Bluetooth: (null): Invalid header checksum [ 283.235562][ T8760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.304227][ T8760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.333409][ T4628] Bluetooth: (null): Invalid header checksum [ 283.375466][ T8760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.436667][ T8760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.452136][ T154] Bluetooth: (null): Invalid header checksum [ 283.509741][ T8760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.552767][ T3592] Bluetooth: (null): Invalid header checksum [ 283.586510][ T8760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.597928][ T8760] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 283.611816][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 283.620971][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 283.630526][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 283.639693][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 283.663814][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 283.673622][ T8760] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.686994][ T8760] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.696357][ T8760] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.705368][ T8760] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.717755][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.733453][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.743400][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.754324][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.764541][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.775080][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.792531][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.821276][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.831235][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.841804][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.853817][ T8763] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 283.868933][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.879822][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.892026][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.911800][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.922402][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.935472][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.945669][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.957337][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.968410][ T8763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.980107][ T8763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.007177][ T8763] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 284.019397][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 284.031790][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 284.036944][ T9009] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 284.040744][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 284.056769][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 284.096386][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 284.153884][ T8763] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.163314][ T8763] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.172302][ T8763] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.181235][ T8763] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.297996][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 284.521536][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 284.560892][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 284.609141][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 284.657827][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 284.709336][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 284.761368][ T9009] ip6gretap0 speed is unknown, defaulting to 1000 [ 284.922538][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 284.932304][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 285.030404][ T8777] device veth0_vlan entered promiscuous mode [ 285.045198][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 285.072413][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 285.095438][ T4429] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.099126][ T8777] device veth1_vlan entered promiscuous mode [ 285.110789][ T4429] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.126751][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 285.135968][ T9035] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 285.136068][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 285.161741][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 285.176935][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 285.518763][ T4429] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.551018][ T3579] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 285.560022][ T4429] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.571429][ T3579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 285.585990][ T3579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 285.673067][ T8777] device veth0_macvtap entered promiscuous mode [ 285.696440][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 285.714090][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 285.891638][ T4429] Bluetooth: (null): Invalid header checksum [ 285.907468][ T4429] Bluetooth: (null): Invalid header checksum [ 286.022480][ T3895] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.092023][ T8777] device veth1_macvtap entered promiscuous mode [ 286.107002][ T4429] Bluetooth: (null): Invalid header checksum [ 286.123941][ T3895] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 286.267679][ T4429] Bluetooth: (null): Invalid header checksum [ 286.299429][ T4429] Bluetooth: (null): Invalid header checksum [ 286.338102][ T5066] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 286.346113][ T4429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.357264][ T4429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 286.383349][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 286.464731][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.494507][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.506704][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.526998][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.538970][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.563819][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.586541][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.607224][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.607318][ T25] audit: type=1326 audit(1719604674.845:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 286.637609][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.659526][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.696868][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.696891][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.707139][ T8777] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 286.719194][ T25] audit: type=1326 audit(1719604674.885:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 286.719232][ T25] audit: type=1326 audit(1719604674.885:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 286.719261][ T25] audit: type=1326 audit(1719604674.885:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 286.719290][ T25] audit: type=1326 audit(1719604674.885:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 286.719319][ T25] audit: type=1326 audit(1719604674.885:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd895f0071f code=0x7ffc0000 [ 286.719351][ T25] audit: type=1326 audit(1719604674.885:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 286.719379][ T25] audit: type=1326 audit(1719604674.895:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 286.719407][ T25] audit: type=1326 audit(1719604674.895:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.3.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 286.736236][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 286.736920][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 286.739302][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.739320][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.739332][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.739344][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.739355][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.739367][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.739378][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.739389][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.739400][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.739412][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.739421][ T8777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.739432][ T8777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.740929][ T8777] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 286.744339][ T8777] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.744370][ T8777] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.744395][ T8777] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.744419][ T8777] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.758378][ T5066] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 286.759104][ T5066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 286.799608][ T5223] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 286.815507][ T9064] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 286.815530][ T9064] overlayfs: failed to set xattr on upper [ 286.815547][ T9064] overlayfs: ...falling back to index=off,metacopy=off. [ 286.944227][ T4366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.944299][ T4366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 286.951647][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 286.993804][ T4628] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 286.993881][ T4628] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.040369][ T5223] usb 2-1: Using ep0 maxpacket: 16 [ 287.115860][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 287.339836][ T5223] usb 2-1: New USB device found, idVendor=0e41, idProduct=5044, bcdDevice=37.e3 [ 287.339867][ T5223] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.339886][ T5223] usb 2-1: Product: syz [ 287.339899][ T5223] usb 2-1: Manufacturer: syz [ 287.339912][ T5223] usb 2-1: SerialNumber: syz [ 287.341705][ T5223] usb 2-1: config 0 descriptor?? [ 287.479190][ T9] device hsr_slave_0 left promiscuous mode [ 287.489852][ T9] device hsr_slave_1 left promiscuous mode [ 287.490504][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 287.490557][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 287.492554][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 287.492580][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 287.499387][ T9] device bridge_slave_1 left promiscuous mode [ 287.500297][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.502048][ T9] device bridge_slave_0 left promiscuous mode [ 287.502161][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.528783][ T9] device hsr_slave_0 left promiscuous mode [ 287.529731][ T9] device hsr_slave_1 left promiscuous mode [ 287.530374][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 287.530445][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 287.540328][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 287.540360][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 287.543669][ T9] device bridge_slave_1 left promiscuous mode [ 287.543790][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.569319][ T9] device bridge_slave_0 left promiscuous mode [ 287.569451][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.629294][ T9] device veth1_macvtap left promiscuous mode [ 287.629351][ T9] device veth0_macvtap left promiscuous mode [ 287.629443][ T9] device veth1_vlan left promiscuous mode [ 287.629951][ T9] device veth0_vlan left promiscuous mode [ 287.639301][ T9076] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 287.651977][ T5223] snd_usb_pod 2-1:0.0: Line 6 PODxt found [ 288.055696][ T5223] usb 2-1: selecting invalid altsetting 5 [ 288.062111][ T5223] snd_usb_pod 2-1:0.0: set_interface failed [ 288.068162][ T5223] snd_usb_pod 2-1:0.0: Line 6 PODxt now disconnected [ 288.075559][ T5223] snd_usb_pod: probe of 2-1:0.0 failed with error -22 [ 288.176597][ T9] device veth1_macvtap left promiscuous mode [ 288.184351][ T9] device veth0_macvtap left promiscuous mode [ 288.214404][ T9] device veth1_vlan left promiscuous mode [ 288.250276][ T5223] usb 2-1: USB disconnect, device number 15 [ 288.377219][ T9] device veth0_vlan left promiscuous mode [ 288.699707][ T3579] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 289.231351][ T3579] usb 4-1: New USB device found, idVendor=0547, idProduct=2727, bcdDevice=b0.d2 [ 289.250165][ T3579] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.272022][ T3579] usb 4-1: Product: syz [ 289.277482][ T3579] usb 4-1: Manufacturer: syz [ 289.288645][ T3579] usb 4-1: SerialNumber: syz [ 289.360999][ T3579] usb 4-1: config 0 descriptor?? [ 289.620978][ T3579] cdc_subset: probe of 4-1:0.0 failed with error -22 [ 289.630973][ T9] team0 (unregistering): Port device team_slave_1 removed [ 289.658020][ T9] team0 (unregistering): Port device team_slave_0 removed [ 289.683917][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 289.706541][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 289.847392][ T5056] usb 4-1: USB disconnect, device number 19 [ 289.943092][ T9] bond0 (unregistering): Released all slaves [ 290.088817][ T25] kauditd_printk_skb: 12 callbacks suppressed [ 290.088830][ T25] audit: type=1804 audit(1719604678.325:110): pid=9120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1436" name="/root/syzkaller.7CUn9m/2/file0" dev="sda1" ino=2047 res=1 errno=0 [ 290.128025][ T25] audit: type=1804 audit(1719604678.365:111): pid=9120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1436" name="/root/syzkaller.7CUn9m/2/file0" dev="sda1" ino=2047 res=1 errno=0 [ 290.224914][ T9] team0 (unregistering): Port device team_slave_1 removed [ 290.241252][ T9] team0 (unregistering): Port device team_slave_0 removed [ 290.255831][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 290.269144][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 290.299600][ T3579] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 290.348502][ T9] bond0 (unregistering): Released all slaves [ 290.539845][ T3579] usb 1-1: Using ep0 maxpacket: 16 [ 291.345329][ T4429] Bluetooth: (null): Invalid header checksum [ 291.354659][ T3579] usb 1-1: New USB device found, idVendor=0e41, idProduct=5044, bcdDevice=37.e3 [ 291.355834][ T4429] Bluetooth: (null): Invalid header checksum [ 291.364021][ T3579] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.392698][ T3579] usb 1-1: Product: syz [ 291.397016][ T3579] usb 1-1: Manufacturer: syz [ 291.402427][ T3579] usb 1-1: SerialNumber: syz [ 291.425222][ T3579] usb 1-1: config 0 descriptor?? [ 291.443637][ T4628] Bluetooth: (null): Invalid header checksum [ 291.486305][ T9140] sp0: Synchronizing with TNC [ 291.868638][ T3579] snd_usb_pod 1-1:0.0: Line 6 PODxt found [ 291.875175][ T25] audit: type=1804 audit(1719604680.115:112): pid=9155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1448" name="/root/syzkaller.jdfGFQ/10/file0" dev="sda1" ino=2049 res=1 errno=0 [ 291.900603][ T3579] usb 1-1: selecting invalid altsetting 5 [ 291.906350][ T3579] snd_usb_pod 1-1:0.0: set_interface failed [ 291.943789][ T9160] loop3: detected capacity change from 0 to 164 [ 291.958889][ T9161] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 291.962410][ T25] audit: type=1804 audit(1719604680.115:113): pid=9152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1448" name="/root/syzkaller.jdfGFQ/10/file0" dev="sda1" ino=2049 res=1 errno=0 [ 291.979687][ T3579] snd_usb_pod 1-1:0.0: Line 6 PODxt now disconnected [ 291.987994][ C0] vkms_vblank_simulate: vblank timer overrun [ 292.018250][ T3579] snd_usb_pod: probe of 1-1:0.0 failed with error -22 [ 292.076070][ T9160] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 292.090329][ T3579] usb 1-1: USB disconnect, device number 18 [ 292.096990][ T9161] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 292.191801][ T9161] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 292.376083][ T25] audit: type=1326 audit(1719604680.615:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.3.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 292.442055][ T25] audit: type=1326 audit(1719604680.635:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.3.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 292.592293][ T25] audit: type=1326 audit(1719604680.635:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.3.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 292.740870][ T25] audit: type=1326 audit(1719604680.635:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.3.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 292.915849][ T25] audit: type=1326 audit(1719604680.635:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.3.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 292.938280][ C0] vkms_vblank_simulate: vblank timer overrun [ 293.073303][ T25] audit: type=1326 audit(1719604680.635:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.3.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fd895f01b99 code=0x7ffc0000 [ 293.414746][ T9195] loop0: detected capacity change from 0 to 512 [ 293.688855][ T9195] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 293.704690][ T9195] ext4 filesystem being mounted at /root/syzkaller.zvMCOZ/64/file0 supports timestamps until 2038 (0x7fffffff) [ 293.769859][ T9195] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 293.854200][ T9203] fuse: Unknown parameter 'gid' [ 293.887096][ T9195] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 1 with error 28 [ 293.940365][ T9195] EXT4-fs (loop0): This should not happen!! Data will be lost [ 293.940365][ T9195] [ 293.979613][ T9195] EXT4-fs (loop0): Total free blocks count 0 [ 294.035808][ T9195] EXT4-fs (loop0): Free/Dirty block details [ 294.063889][ T9195] EXT4-fs (loop0): free_blocks=39626 [ 294.094643][ T9195] EXT4-fs (loop0): dirty_blocks=1 [ 294.104640][ T9195] EXT4-fs (loop0): Block reservation details [ 294.149903][ T9195] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 294.423590][ T9233] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 294.445805][ T9231] loop0: detected capacity change from 0 to 736 [ 294.645432][ T5056] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 295.059858][ T13] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 295.740361][ T9254] loop0: detected capacity change from 0 to 512 [ 295.816033][ T9259] loop1: detected capacity change from 0 to 512 [ 295.876459][ T9254] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 295.890330][ T9254] ext4 filesystem being mounted at /root/syzkaller.zvMCOZ/66/file0 supports timestamps until 2038 (0x7fffffff) [ 295.911816][ T5056] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 295.933440][ T5056] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 295.944321][ T9259] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz.1.1486: corrupted in-inode xattr [ 295.968508][ T9259] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.1486: couldn't read orphan inode 15 (err -117) [ 295.990372][ T9259] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 296.011742][ T9254] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 296.031260][ T5056] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 296.043826][ T9254] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 1 with error 28 [ 296.059577][ T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 296.077583][ T25] kauditd_printk_skb: 15 callbacks suppressed [ 296.077598][ T25] audit: type=1804 audit(1719604684.315:135): pid=9259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1486" name=2F726F6F742F73797A6B616C6C65722E48735A6737732F31302F131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D3382F66696C6531 dev="loop1" ino=18 res=1 errno=0 [ 296.110835][ T9254] EXT4-fs (loop0): This should not happen!! Data will be lost [ 296.110835][ T9254] [ 296.136483][ T5056] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 296.145905][ T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 296.160690][ T9254] EXT4-fs (loop0): Total free blocks count 0 [ 296.166804][ T5056] usb 4-1: SerialNumber: syz [ 296.173442][ T9254] EXT4-fs (loop0): Free/Dirty block details [ 296.180754][ T13] usb 5-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00 [ 296.186108][ T9254] EXT4-fs (loop0): free_blocks=39626 [ 296.200768][ T9254] EXT4-fs (loop0): dirty_blocks=1 [ 296.213661][ T9254] EXT4-fs (loop0): Block reservation details [ 296.220005][ T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.228649][ T9254] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 296.261589][ T13] usb 5-1: config 0 descriptor?? [ 296.524224][ T5056] usb 4-1: 0:2 : does not exist [ 296.625857][ T9279] loop1: detected capacity change from 0 to 512 [ 296.634984][ T5056] usb 4-1: USB disconnect, device number 20 [ 296.733632][ T9284] loop2: detected capacity change from 0 to 736 [ 296.763919][ T13] samsung 0003:0419:0001.0005: unknown global tag 0xd [ 296.796355][ T9279] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1493: inode #1: comm syz.1.1493: iget: illegal inode # [ 296.798917][ T13] samsung 0003:0419:0001.0005: item 0 0 1 13 parsing failed [ 296.817056][ T9279] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1493: error while reading EA inode 1 err=-117 [ 296.842335][ T9279] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 296.866373][ T9279] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1493: inode #1: comm syz.1.1493: iget: illegal inode # [ 296.885596][ T9279] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1493: error while reading EA inode 1 err=-117 [ 296.898922][ T9279] EXT4-fs (loop1): 1 orphan inode deleted [ 296.904365][ T13] samsung 0003:0419:0001.0005: parse failed [ 296.909814][ T9279] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback. [ 297.062080][ T13] samsung: probe of 0003:0419:0001.0005 failed with error -22 [ 297.073630][ T13] usb 5-1: USB disconnect, device number 23 [ 297.753170][ T9307] loop1: detected capacity change from 0 to 512 [ 297.833727][ T9307] EXT4-fs (loop1): Ignoring removed orlov option [ 297.845366][ T9310] loop0: detected capacity change from 0 to 1024 [ 297.857515][ T9307] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 297.891755][ T9307] EXT4-fs error (device loop1): dx_probe:822: inode #2: comm syz.1.1498: Attempting to read directory block (0) that is past i_size (256) [ 297.924937][ T9310] EXT4-fs (loop0): Ignoring removed bh option [ 297.945396][ T9307] EXT4-fs (loop1): Remounting filesystem read-only [ 297.958520][ T9310] EXT4-fs error (device loop0): ext4_map_blocks:601: inode #3: block 69: comm syz.0.1506: lblock 8 mapped to illegal pblock 69 (length 1) [ 297.988518][ T9307] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 298.018818][ T9321] loop2: detected capacity change from 0 to 128 [ 298.026549][ T9310] Quota error (device loop0): write_blk: dquota write failed [ 298.043563][ T9307] EXT4-fs (loop1): mounted filesystem without journal. Opts: sysvgroups,orlov,nogrpid,init_itable,dioread_nolock,grpjquota=.oldalloc,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 298.049832][ T9310] EXT4-fs error (device loop0): ext4_map_blocks:601: inode #3: block 68: comm syz.0.1506: lblock 7 mapped to illegal pblock 68 (length 1) [ 298.080134][ T9310] Quota error (device loop0): write_blk: dquota write failed [ 298.087576][ T9310] EXT4-fs error (device loop0): ext4_map_blocks:601: inode #3: block 67: comm syz.0.1506: lblock 6 mapped to illegal pblock 67 (length 1) [ 298.106710][ T9310] Quota error (device loop0): write_blk: dquota write failed [ 298.118538][ T9310] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 298.129939][ T9307] EXT4-fs error (device loop1): ext4_xattr_set_entry:1609: inode #2: comm syz.1.1498: corrupted xattr entries [ 298.144215][ T9310] EXT4-fs error (device loop0): ext4_map_blocks:601: inode #3: block 48: comm syz.0.1506: lblock 0 mapped to illegal pblock 48 (length 1) [ 298.158313][ T9307] EXT4-fs (loop1): Remounting filesystem read-only [ 298.193687][ T9310] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 298.194127][ T9321] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 298.208836][ T9310] EXT4-fs error (device loop0): ext4_acquire_dquot:6196: comm syz.0.1506: Failed to acquire dquot type 0 [ 298.228498][ T9310] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 298.238995][ T9321] ext4 filesystem being mounted at /root/syzkaller.7CUn9m/18/mnt supports timestamps until 2038 (0x7fffffff) [ 298.268340][ T9310] EXT4-fs error (device loop0): ext4_evict_inode:282: inode #11: comm syz.0.1506: mark_inode_dirty error [ 298.290037][ T9310] EXT4-fs warning (device loop0): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 298.312136][ T9310] EXT4-fs (loop0): 1 orphan inode deleted [ 298.356211][ T9] EXT4-fs error (device loop0): ext4_map_blocks:601: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 298.390824][ T9310] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,barrier,resuid=0x0000000000000000,noload,dioread_lock,bh,bsddf,bsdgroups,,errors=continue. Quota mode: none. [ 298.412621][ T9] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 298.427767][ T9329] loop1: detected capacity change from 0 to 736 [ 298.427945][ T9] EXT4-fs error (device loop0): ext4_release_dquot:6219: comm kworker/u4:0: Failed to release dquot type 0 [ 298.457255][ T9310] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 298.468875][ T9310] EXT4-fs error (device loop0): ext4_quota_off:6485: inode #3: comm syz.0.1506: mark_inode_dirty error [ 298.508677][ T9333] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 298.558356][ T9334] loop2: detected capacity change from 0 to 512 [ 298.727285][ T3579] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 299.762063][ T9355] loop1: detected capacity change from 0 to 8 [ 300.334279][ T9371] loop4: detected capacity change from 0 to 736 [ 300.474232][ T9373] loop1: detected capacity change from 0 to 164 [ 300.707472][ T3579] usb 4-1: config 0 has an invalid interface number: 129 but max is 0 [ 300.727569][ T3579] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 300.748174][ T3579] usb 4-1: config 0 has no interface number 0 [ 300.754901][ T3579] usb 4-1: config 0 interface 129 altsetting 254 bulk endpoint 0x9 has invalid maxpacket 32 [ 301.241849][ T9367] loop0: detected capacity change from 0 to 32768 [ 301.263269][ T3579] usb 4-1: config 0 interface 129 altsetting 254 has an invalid endpoint with address 0xDD, skipping [ 301.274922][ T3579] usb 4-1: config 0 interface 129 altsetting 254 endpoint 0x5 has an invalid bInterval 96, changing to 10 [ 301.286752][ T3579] usb 4-1: config 0 interface 129 altsetting 254 bulk endpoint 0xC has invalid maxpacket 64 [ 301.297035][ T3579] usb 4-1: config 0 interface 129 altsetting 254 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 301.315880][ T3579] usb 4-1: config 0 interface 129 has no altsetting 0 [ 301.324588][ T3579] usb 4-1: New USB device found, idVendor=0f92, idProduct=0001, bcdDevice=c9.a0 [ 301.379561][ T3579] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.458626][ T3579] usb 4-1: config 0 descriptor?? [ 301.524283][ T3579] usb 4-1: can't set config #0, error -71 [ 301.564228][ T3579] usb 4-1: USB disconnect, device number 21 [ 301.629174][ T9367] XFS (loop0): Mounting V5 Filesystem [ 301.814819][ T9367] XFS (loop0): Ending clean mount [ 301.885510][ T9367] XFS (loop0): Quotacheck needed: Please wait. [ 302.099222][ T9367] XFS (loop0): Quotacheck: Done. [ 302.181223][ T9417] loop4: detected capacity change from 0 to 256 [ 302.181364][ T8128] XFS (loop0): Unmounting Filesystem [ 302.383790][ T9417] loop4: detected capacity change from 0 to 256 [ 302.849160][ T9422] loop4: detected capacity change from 0 to 1024 [ 302.879721][ T25] audit: type=1804 audit(1719604691.035:136): pid=9422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1547" name="/root/syzkaller.jdfGFQ/34/file0" dev="sda1" ino=2047 res=1 errno=0 [ 302.947154][ T9422] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 304.375107][ T9453] ip6gretap0 speed is unknown, defaulting to 1000 [ 304.697321][ T25] audit: type=1800 audit(1719604692.935:137): pid=9457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1558" name="bus" dev="sda1" ino=2047 res=0 errno=0 [ 305.098995][ T9461] syz.4.1559[9461] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 305.099094][ T9461] syz.4.1559[9461] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 305.242518][ T9463] syz.4.1560[9463] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 305.315169][ T9463] syz.4.1560[9463] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 305.706056][ T9471] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 307.260223][ T9487] loop0: detected capacity change from 0 to 8 [ 308.315905][ T9467] loop4: detected capacity change from 0 to 40427 [ 308.471787][ T9506] netlink: 393 bytes leftover after parsing attributes in process `syz.1.1576'. [ 308.508684][ T9467] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-12) [ 309.089708][ T5223] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 309.226521][ T9525] device syzkaller0 entered promiscuous mode [ 309.329664][ T5223] usb 1-1: Using ep0 maxpacket: 32 [ 309.449798][ T5223] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 309.487943][ T5223] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 309.525230][ T5223] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 309.569613][ T5223] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.609158][ T5223] usb 1-1: config 0 descriptor?? [ 309.661545][ T5223] hub 1-1:0.0: USB hub found [ 309.859647][ T5056] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 309.909744][ T5223] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 310.069603][ T3550] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 310.120465][ T9546] loop1: detected capacity change from 0 to 40427 [ 310.185125][ T9546] F2FS-fs (loop1): Found nat_bits in checkpoint [ 310.211896][ T5223] usbhid 1-1:0.0: can't add hid device: -71 [ 310.217909][ T5223] usbhid: probe of 1-1:0.0 failed with error -71 [ 310.250358][ T5223] usb 1-1: USB disconnect, device number 19 [ 310.271531][ T9546] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 310.280031][ T5056] usb 5-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 310.296251][ T5056] usb 5-1: config 9 has 0 interfaces, different from the descriptor's value: 1 [ 310.314945][ T9546] syz.1.1593[9546] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 310.315058][ T9546] syz.1.1593[9546] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 310.327730][ T5056] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 310.364722][ T5056] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.379941][ T3550] usb 3-1: Using ep0 maxpacket: 16 [ 310.404494][ T8763] attempt to access beyond end of device [ 310.404494][ T8763] loop1: rw=2049, want=45104, limit=40427 [ 310.680573][ T3550] usb 3-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 310.726889][ T3550] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.779793][ T3550] usb 3-1: Product: syz [ 310.794531][ T3550] usb 3-1: Manufacturer: syz [ 310.803478][ T5056] usb 5-1: string descriptor 0 read error: -22 [ 310.823050][ T3550] usb 3-1: SerialNumber: syz [ 310.828934][ T9572] netlink: 'syz.1.1603': attribute type 12 has an invalid length. [ 310.840208][ T3550] usb 3-1: config 0 descriptor?? [ 311.019230][ T5056] usb 5-1: USB disconnect, device number 24 [ 311.181409][ T3550] usb 3-1: MIDIStreaming interface descriptor not found [ 311.249360][ T3550] usb 3-1: USB disconnect, device number 19 [ 311.593595][ T9570] loop0: detected capacity change from 0 to 40427 [ 311.770978][ T9570] F2FS-fs (loop0): Found nat_bits in checkpoint [ 311.880566][ T9594] loop2: detected capacity change from 0 to 1024 [ 311.929667][ T9570] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 311.971423][ T9594] EXT4-fs (loop2): Ignoring removed bh option [ 312.017002][ T8128] attempt to access beyond end of device [ 312.017002][ T8128] loop0: rw=2049, want=45104, limit=40427 [ 312.019219][ T9594] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 69: comm syz.2.1610: lblock 8 mapped to illegal pblock 69 (length 1) [ 312.046382][ T9604] netlink: 'syz.1.1614': attribute type 12 has an invalid length. [ 312.054981][ T9594] Quota error (device loop2): write_blk: dquota write failed [ 312.073750][ T9607] loop4: detected capacity change from 0 to 512 [ 312.085398][ T9594] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 68: comm syz.2.1610: lblock 7 mapped to illegal pblock 68 (length 1) [ 312.147089][ T9594] Quota error (device loop2): write_blk: dquota write failed [ 312.186339][ T9607] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 312.236464][ T9594] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 67: comm syz.2.1610: lblock 6 mapped to illegal pblock 67 (length 1) [ 312.256251][ T9607] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 312.319936][ T9607] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz.4.1615: Corrupt directory, running e2fsck is recommended [ 312.340222][ T9594] Quota error (device loop2): write_blk: dquota write failed [ 312.381527][ T9607] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 312.384625][ T9594] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 312.390545][ T9607] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz.4.1615: corrupted in-inode xattr [ 312.439040][ T9607] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.1615: couldn't read orphan inode 15 (err -117) [ 312.449577][ T9594] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 48: comm syz.2.1610: lblock 0 mapped to illegal pblock 48 (length 1) [ 312.480779][ T9607] EXT4-fs (loop4): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.nouid32,auto_da_alloc,jqfmt=vfsv1,i_version,,,errors=continue. Quota mode: writeback. [ 312.487574][ T9598] loop3: detected capacity change from 0 to 40427 [ 312.520822][ T25] audit: type=1326 audit(1719604700.765:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf93234b99 code=0x7ffc0000 [ 312.526883][ T9594] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 312.582392][ T25] audit: type=1326 audit(1719604700.785:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf93234b99 code=0x7ffc0000 [ 312.605361][ T9607] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 312.612860][ T9594] EXT4-fs error (device loop2): ext4_acquire_dquot:6196: comm syz.2.1610: Failed to acquire dquot type 0 [ 312.643999][ T9594] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 312.665369][ T9594] EXT4-fs error (device loop2): ext4_evict_inode:282: inode #11: comm syz.2.1610: mark_inode_dirty error [ 312.679783][ T9598] F2FS-fs (loop3): Found nat_bits in checkpoint [ 312.710387][ T9607] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 312.721631][ T25] audit: type=1326 audit(1719604700.785:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf93234b99 code=0x7ffc0000 [ 312.739286][ T9594] EXT4-fs warning (device loop2): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 312.765822][ T9607] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz.4.1615: Corrupt directory, running e2fsck is recommended [ 312.789429][ T25] audit: type=1326 audit(1719604700.795:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf93234b99 code=0x7ffc0000 [ 312.805442][ T9594] EXT4-fs (loop2): 1 orphan inode deleted [ 312.823469][ T154] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 312.842773][ T25] audit: type=1326 audit(1719604700.795:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf93234b99 code=0x7ffc0000 [ 312.859541][ T9594] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,barrier,resuid=0x0000000000000000,noload,dioread_lock,bh,bsddf,bsdgroups,,errors=continue. Quota mode: none. [ 312.889037][ T154] EXT4-fs error (device loop2): ext4_release_dquot:6219: comm kworker/u4:2: Failed to release dquot type 0 [ 312.906848][ T9607] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 312.925740][ T9598] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 312.939052][ T9607] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 312.965065][ T9607] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz.4.1615: Corrupt directory, running e2fsck is recommended [ 312.988671][ T9607] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 3: comm syz.4.1615: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 313.053216][ T9594] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 313.109996][ T9594] EXT4-fs error (device loop2): ext4_quota_off:6485: inode #3: comm syz.2.1610: mark_inode_dirty error [ 313.570510][ T9631] loop4: detected capacity change from 0 to 512 [ 313.979409][ T9631] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 314.312193][ T9631] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 314.391401][ T9631] EXT4-fs (loop4): 1 truncate cleaned up [ 314.397078][ T9631] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback. [ 314.438550][ T9642] syz.2.1626 (pid 9642) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 314.470127][ T9616] loop1: detected capacity change from 0 to 40427 [ 314.587235][ T9644] device syzkaller0 entered promiscuous mode [ 314.731176][ T9616] F2FS-fs (loop1): Found nat_bits in checkpoint [ 314.731993][ T9623] loop0: detected capacity change from 0 to 40427 [ 314.836605][ T9660] netlink: 'syz.4.1631': attribute type 12 has an invalid length. [ 314.900812][ T9623] F2FS-fs (loop0): Found nat_bits in checkpoint [ 314.920686][ T9616] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 315.010518][ T9664] ip6gretap0 speed is unknown, defaulting to 1000 [ 315.027291][ T8763] attempt to access beyond end of device [ 315.027291][ T8763] loop1: rw=2049, want=45104, limit=40427 [ 315.096479][ T9623] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 315.206750][ T8128] attempt to access beyond end of device [ 315.206750][ T8128] loop0: rw=2049, want=45104, limit=40427 [ 315.275738][ T9679] loop4: detected capacity change from 0 to 512 [ 315.369145][ T9679] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 315.432206][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 315.466851][ T9679] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 315.589982][ T9679] EXT4-fs (loop4): 1 truncate cleaned up [ 315.595648][ T9679] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback. [ 315.738659][ T9692] loop1: detected capacity change from 0 to 512 [ 315.888990][ T9692] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 315.924139][ T9692] EXT4-fs (loop1): group descriptors corrupted! [ 316.922541][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.331429][ T5223] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 318.262952][ T5223] usb 2-1: too many configurations: 65, using maximum allowed: 8 [ 318.446034][ T9760] loop2: detected capacity change from 0 to 512 [ 318.452755][ T3553] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 318.504815][ T9760] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 318.587447][ T9760] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 318.643622][ T9760] EXT4-fs (loop2): 1 truncate cleaned up [ 318.649288][ T9760] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback. [ 318.881059][ T3553] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 318.905148][ T3553] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 318.938392][ T3553] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 318.939855][ T5223] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 318.967038][ T3553] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.975612][ T5223] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 319.008339][ T3553] usb 5-1: config 0 descriptor?? [ 319.041769][ T5223] usb 2-1: Found UVC 0.00 device (046d:08c1) [ 319.048671][ T5223] usb 2-1: No valid video chain found. [ 319.069976][ T3553] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 319.211963][ T5223] usb 2-1: USB disconnect, device number 16 [ 320.620930][ T9820] loop2: detected capacity change from 0 to 256 [ 320.911929][ T9831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1692'. [ 321.018647][ T3553] usb 5-1: USB disconnect, device number 25 [ 321.177590][ T9840] loop2: detected capacity change from 0 to 136 [ 322.709324][ T9868] loop2: detected capacity change from 0 to 512 [ 322.797976][ T9868] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 322.854980][ T9868] EXT4-fs (loop2): external journal device major/minor numbers have changed [ 323.014025][ T9868] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6 [ 323.044676][ T9878] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1708'. [ 323.341840][ T25] kauditd_printk_skb: 13 callbacks suppressed [ 323.341854][ T25] audit: type=1326 audit(1719604711.585:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9890 comm="syz.0.1715" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1dd170eb99 code=0x0 [ 323.348488][ T9894] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1716'. [ 323.410272][ T9894] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1716'. [ 324.013646][ T9929] loop2: detected capacity change from 0 to 512 [ 324.577602][ T9929] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,grpjquota=,errors=remount-ro,. Quota mode: writeback. [ 324.705686][ T9940] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1730'. [ 324.827124][ T9929] ext4 filesystem being mounted at /root/syzkaller.7CUn9m/62/file0 supports timestamps until 2038 (0x7fffffff) [ 324.859714][ T9940] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1730'. [ 324.976380][ T9929] EXT4-fs error (device loop2): ext4_do_update_inode:5160: inode #2: comm syz.2.1729: corrupted inode contents [ 324.994073][ T9929] EXT4-fs (loop2): Remounting filesystem read-only [ 325.000750][ T9929] EXT4-fs error (device loop2): ext4_dirty_inode:5993: inode #2: comm syz.2.1729: mark_inode_dirty error [ 325.042265][ T9929] EXT4-fs error (device loop2): ext4_do_update_inode:5160: inode #2: comm syz.2.1729: corrupted inode contents [ 325.069092][ T9929] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz.2.1729: mark_inode_dirty error [ 325.238312][ T9964] loop4: detected capacity change from 0 to 256 [ 325.238782][ T4366] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync! [ 325.239110][ T4366] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 325.239185][ T4366] Quota error (device loop2): write_blk: dquota write failed [ 325.239199][ T4366] Quota error (device loop2): free_dqentry: Can't write quota data block 5 [ 325.293387][ T9964] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0) [ 325.293763][ T9964] exFAT-fs (loop4): invalid boot region [ 325.293783][ T9964] exFAT-fs (loop4): failed to recognize exfat type [ 325.384701][ T9967] loop2: detected capacity change from 0 to 128 [ 325.452071][ T9967] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 325.452171][ T9967] ext4 filesystem being mounted at /root/syzkaller.7CUn9m/63/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 325.811582][ C0] vkms_vblank_simulate: vblank timer overrun [ 326.575453][ T9986] loop2: detected capacity change from 0 to 256 [ 326.585610][ T9984] loop1: detected capacity change from 0 to 512 [ 326.611231][ T9986] exfat: Deprecated parameter 'namecase' [ 326.635930][ T9986] exfat: Unknown parameter 'measure' [ 326.636382][ T9984] EXT4-fs (loop1): Unrecognized mount option "=" or missing value [ 326.693915][ T9991] loop0: detected capacity change from 0 to 512 [ 326.786360][ T9991] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 326.849186][ T9991] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 327.050673][ T9991] System zones: 0-2, 18-18, 34-34 [ 327.226215][ T9991] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 327.451025][ T9991] EXT4-fs (loop0): 1 truncate cleaned up [ 327.456786][ T9991] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 327.537351][ T25] audit: type=1326 audit(1719604715.775:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9990 comm="syz.0.1749" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1dd170eb99 code=0x0 [ 327.629624][ T3553] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 327.901668][ T8128] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /root/syzkaller.zvMCOZ/104/file0: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 328.230532][ T3553] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 328.374837][ T3553] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 328.510404][ T3553] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 328.679750][ T3553] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 328.688944][ T3553] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.759311][ T3553] usb 4-1: config 0 descriptor?? [ 329.375055][ T154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.421299][ T3553] acrux 0003:1A34:0802.0006: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.3-1/input0 [ 329.659741][ T3553] acrux 0003:1A34:0802.0006: no inputs found [ 329.665752][ T3553] acrux 0003:1A34:0802.0006: Failed to enable force feedback support, error: -19 [ 329.812813][ T154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.902656][ T154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.108324][ T154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.138296][ T3553] usb 4-1: USB disconnect, device number 22 [ 330.930079][ T25] audit: type=1804 audit(1719604719.165:157): pid=10064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1774" name="/root/syzkaller.7CUn9m/69/memory.events" dev="sda1" ino=2049 res=1 errno=0 [ 331.026433][ T25] audit: type=1804 audit(1719604719.225:158): pid=10067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1774" name="/root/syzkaller.7CUn9m/69/memory.events" dev="sda1" ino=2049 res=1 errno=0 [ 331.072786][T10061] ip6gretap0 speed is unknown, defaulting to 1000 [ 331.218569][ T25] audit: type=1804 audit(1719604719.225:159): pid=10064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1774" name="/root/syzkaller.7CUn9m/69/memory.events" dev="sda1" ino=2049 res=1 errno=0 [ 331.277334][T10071] loop3: detected capacity change from 0 to 1024 [ 331.773217][ T3546] ip6gretap0 speed is unknown, defaulting to 1000 [ 331.836605][T10071] EXT4-fs (loop3): Ignoring removed bh option [ 331.910738][T10071] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 69: comm syz.3.1777: lblock 8 mapped to illegal pblock 69 (length 1) [ 331.984937][T10071] Quota error (device loop3): write_blk: dquota write failed [ 332.023972][T10071] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 68: comm syz.3.1777: lblock 7 mapped to illegal pblock 68 (length 1) [ 332.127745][T10071] Quota error (device loop3): write_blk: dquota write failed [ 332.149820][T10071] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 67: comm syz.3.1777: lblock 6 mapped to illegal pblock 67 (length 1) [ 332.233147][T10071] Quota error (device loop3): write_blk: dquota write failed [ 332.249609][T10071] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 332.267819][T10071] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 48: comm syz.3.1777: lblock 0 mapped to illegal pblock 48 (length 1) [ 332.271296][T10061] chnl_net:caif_netlink_parms(): no params data found [ 332.331536][T10071] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 332.572020][T10071] EXT4-fs error (device loop3): ext4_acquire_dquot:6196: comm syz.3.1777: Failed to acquire dquot type 0 [ 332.675602][T10071] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 332.812475][T10071] EXT4-fs error (device loop3): ext4_evict_inode:282: inode #11: comm syz.3.1777: mark_inode_dirty error [ 332.889914][ T7] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 332.944706][T10071] EXT4-fs warning (device loop3): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 332.975406][ T5219] Bluetooth: hci3: command 0x0409 tx timeout [ 332.992534][T10071] EXT4-fs (loop3): 1 orphan inode deleted [ 333.007373][T10071] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,barrier,resuid=0x0000000000000000,noload,dioread_lock,bh,bsddf,bsdgroups,,errors=continue. Quota mode: none. [ 333.025948][ T4366] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 1: comm kworker/u4:12: lblock 1 mapped to illegal pblock 1 (length 1) [ 333.026494][ T4366] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 333.050211][ T4366] EXT4-fs error (device loop3): ext4_release_dquot:6219: comm kworker/u4:12: Failed to release dquot type 0 [ 333.131475][T10071] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 333.161385][T10071] EXT4-fs error (device loop3): ext4_quota_off:6485: inode #3: comm syz.3.1777: mark_inode_dirty error [ 333.278596][T10061] bridge0: port 1(bridge_slave_0) entered blocking state [ 333.304493][T10061] bridge0: port 1(bridge_slave_0) entered disabled state [ 333.314051][T10061] device bridge_slave_0 entered promiscuous mode [ 333.319877][ T7] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 333.332954][ T7] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 333.342881][ T7] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 333.355842][ T7] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 333.364974][ T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.365898][T10061] bridge0: port 2(bridge_slave_1) entered blocking state [ 333.397750][ T7] usb 3-1: config 0 descriptor?? [ 333.404868][T10061] bridge0: port 2(bridge_slave_1) entered disabled state [ 333.418605][T10061] device bridge_slave_1 entered promiscuous mode [ 333.550264][T10061] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 333.561963][T10061] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 333.584445][ T3553] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 333.884608][T10061] team0: Port device team_slave_0 added [ 334.148662][T10061] team0: Port device team_slave_1 added [ 334.226689][ T7] acrux 0003:1A34:0802.0007: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.2-1/input0 [ 334.317886][T10061] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 334.325488][T10061] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 334.359226][ T7] acrux 0003:1A34:0802.0007: no inputs found [ 334.372242][ T7] acrux 0003:1A34:0802.0007: Failed to enable force feedback support, error: -19 [ 334.388427][T10061] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 334.401554][T10061] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 334.408494][T10061] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 334.435711][ T13] Bluetooth: hci4: command 0x0406 tx timeout [ 334.444170][T10061] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 334.688170][T10061] device hsr_slave_0 entered promiscuous mode [ 334.696335][T10061] device hsr_slave_1 entered promiscuous mode [ 334.700717][ T3553] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 334.713855][ T3553] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 334.727265][ T3553] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 334.736614][ T3553] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.773025][T10061] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 334.832933][ T3553] usb 4-1: config 0 descriptor?? [ 334.844641][T10061] Cannot create hsr debugfs directory [ 334.948349][ T3553] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 335.468574][ T3553] Bluetooth: hci3: command 0x041b tx timeout [ 335.751018][ T154] device hsr_slave_0 left promiscuous mode [ 335.757236][ T154] device hsr_slave_1 left promiscuous mode [ 335.770001][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 335.778132][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 335.787980][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 335.802286][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 335.817414][ T154] device bridge_slave_1 left promiscuous mode [ 335.823857][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.836343][ T154] device bridge_slave_0 left promiscuous mode [ 335.845505][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.858442][ T154] device veth1_macvtap left promiscuous mode [ 335.864685][ T154] device veth0_macvtap left promiscuous mode [ 335.872479][ T154] device veth1_vlan left promiscuous mode [ 335.872873][T10175] loop4: detected capacity change from 0 to 1024 [ 335.916490][T10175] EXT4-fs (loop4): Ignoring removed bh option [ 335.944666][T10175] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 69: comm syz.4.1800: lblock 8 mapped to illegal pblock 69 (length 1) [ 335.961893][T10175] Quota error (device loop4): write_blk: dquota write failed [ 335.969673][T10175] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 68: comm syz.4.1800: lblock 7 mapped to illegal pblock 68 (length 1) [ 335.986523][T10175] Quota error (device loop4): write_blk: dquota write failed [ 335.994423][T10175] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 67: comm syz.4.1800: lblock 6 mapped to illegal pblock 67 (length 1) [ 336.010088][T10175] Quota error (device loop4): write_blk: dquota write failed [ 336.017606][T10175] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 336.028090][T10175] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 48: comm syz.4.1800: lblock 0 mapped to illegal pblock 48 (length 1) [ 336.044877][T10175] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 336.060879][T10175] EXT4-fs error (device loop4): ext4_acquire_dquot:6196: comm syz.4.1800: Failed to acquire dquot type 0 [ 336.082254][T10175] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 336.097598][T10175] EXT4-fs error (device loop4): ext4_evict_inode:282: inode #11: comm syz.4.1800: mark_inode_dirty error [ 336.116685][T10175] EXT4-fs warning (device loop4): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 336.136434][T10175] EXT4-fs (loop4): 1 orphan inode deleted [ 336.142432][T10175] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,barrier,resuid=0x0000000000000000,noload,dioread_lock,bh,bsddf,bsdgroups,,errors=continue. Quota mode: none. [ 336.167791][ T3895] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 1: comm kworker/u4:11: lblock 1 mapped to illegal pblock 1 (length 1) [ 336.196516][ T3895] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 336.218138][ T3895] EXT4-fs error (device loop4): ext4_release_dquot:6219: comm kworker/u4:11: Failed to release dquot type 0 [ 336.259443][T10175] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 336.273838][T10175] EXT4-fs error (device loop4): ext4_quota_off:6485: inode #3: comm syz.4.1800: mark_inode_dirty error [ 336.312596][ T3553] usb 3-1: USB disconnect, device number 20 [ 336.481100][ T154] team0 (unregistering): Port device team_slave_1 removed [ 336.562646][ T154] team0 (unregistering): Port device team_slave_0 removed [ 336.619887][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 337.434176][ T5219] usb 4-1: USB disconnect, device number 23 [ 337.525380][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 337.559736][ T13] Bluetooth: hci3: command 0x040f tx timeout [ 338.043616][ T154] bond0 (unregistering): Released all slaves [ 338.399293][T10220] loop4: detected capacity change from 0 to 1024 [ 338.459625][ T5145] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 338.530999][T10220] EXT4-fs (loop4): Ignoring removed bh option [ 338.584963][T10220] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 69: comm syz.4.1813: lblock 8 mapped to illegal pblock 69 (length 1) [ 338.594354][T10061] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 338.628734][T10061] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 338.654551][T10061] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 338.710281][ T5145] usb 4-1: Using ep0 maxpacket: 8 [ 338.720238][T10061] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 338.727530][T10220] Quota error (device loop4): write_blk: dquota write failed [ 338.741249][T10220] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 68: comm syz.4.1813: lblock 7 mapped to illegal pblock 68 (length 1) [ 338.797161][T10220] Quota error (device loop4): write_blk: dquota write failed [ 338.827637][T10220] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 67: comm syz.4.1813: lblock 6 mapped to illegal pblock 67 (length 1) [ 338.842807][ T5145] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 338.865504][ T5145] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 338.878933][ T5145] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 338.898551][T10220] Quota error (device loop4): write_blk: dquota write failed [ 338.906212][T10220] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 338.916588][ T5145] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 338.947881][T10220] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 48: comm syz.4.1813: lblock 0 mapped to illegal pblock 48 (length 1) [ 338.962471][ T5145] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 338.979623][ T5145] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.022562][T10220] EXT4-fs error (device loop4): ext4_acquire_dquot:6196: comm syz.4.1813: Failed to acquire dquot type 0 [ 339.068882][T10220] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 339.088949][T10061] 8021q: adding VLAN 0 to HW filter on device bond0 [ 339.106274][T10220] EXT4-fs error (device loop4): ext4_evict_inode:282: inode #11: comm syz.4.1813: mark_inode_dirty error [ 339.132605][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 339.141130][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 339.161366][T10061] 8021q: adding VLAN 0 to HW filter on device team0 [ 339.175609][T10220] EXT4-fs warning (device loop4): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 339.206833][ T5219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 339.219760][T10220] EXT4-fs (loop4): 1 orphan inode deleted [ 339.230438][ T5219] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 339.239052][ T5219] bridge0: port 1(bridge_slave_0) entered blocking state [ 339.246203][ T5219] bridge0: port 1(bridge_slave_0) entered forwarding state [ 339.249679][T10220] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,barrier,resuid=0x0000000000000000,noload,dioread_lock,bh,bsddf,bsdgroups,,errors=continue. Quota mode: none. [ 339.269728][ T5145] usb 4-1: GET_CAPABILITIES returned 0 [ 339.277650][ T5145] usbtmc 4-1:16.0: can't read capabilities [ 339.458134][ T5219] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 339.467338][ T5219] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 339.499727][ T5219] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.506803][ T5219] bridge0: port 2(bridge_slave_1) entered forwarding state [ 339.592950][T10217] usbtmc 4-1:16.0: stb usb_control_msg returned -32 [ 340.248984][ T13] Bluetooth: hci3: command 0x0419 tx timeout [ 340.291446][ T13] usb 4-1: USB disconnect, device number 24 [ 340.481082][ T5145] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 340.507804][ T3895] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #3: block 1: comm kworker/u4:11: lblock 1 mapped to illegal pblock 1 (length 1) [ 340.531356][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 340.540681][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 340.561935][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 340.571177][ T3895] EXT4-fs error (device loop4): ext4_release_dquot:6219: comm kworker/u4:11: Failed to release dquot type 0 [ 340.586272][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 340.595598][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 340.605587][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 340.624393][T10220] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 340.631370][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 340.642053][T10220] EXT4-fs error (device loop4): ext4_quota_off:6485: inode #3: comm syz.4.1813: mark_inode_dirty error [ 340.698624][T10061] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 340.753720][T10061] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 340.816596][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 340.841390][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 340.880236][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 340.911313][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 340.916417][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 342.368542][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 342.392058][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 342.422662][T10061] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 342.526044][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 342.545625][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 342.595169][T10314] loop2: detected capacity change from 0 to 1024 [ 342.624049][T10061] device veth0_vlan entered promiscuous mode [ 342.670015][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 342.698849][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 342.700209][T10314] EXT4-fs (loop2): Ignoring removed bh option [ 342.742838][T10061] device veth1_vlan entered promiscuous mode [ 342.761739][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 342.777979][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 342.796458][T10314] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 69: comm syz.2.1836: lblock 8 mapped to illegal pblock 69 (length 1) [ 342.829990][T10314] __quota_error: 2 callbacks suppressed [ 342.830007][T10314] Quota error (device loop2): write_blk: dquota write failed [ 342.839410][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 342.852643][T10314] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 68: comm syz.2.1836: lblock 7 mapped to illegal pblock 68 (length 1) [ 342.869007][T10314] Quota error (device loop2): write_blk: dquota write failed [ 342.888150][T10314] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 67: comm syz.2.1836: lblock 6 mapped to illegal pblock 67 (length 1) [ 342.976282][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 342.990188][T10314] Quota error (device loop2): write_blk: dquota write failed [ 343.001900][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 343.003432][T10314] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 343.035157][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 343.040962][T10314] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 48: comm syz.2.1836: lblock 0 mapped to illegal pblock 48 (length 1) [ 343.065786][T10061] device veth0_macvtap entered promiscuous mode [ 343.067432][T10314] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 343.082497][T10061] device veth1_macvtap entered promiscuous mode [ 343.147500][T10314] EXT4-fs error (device loop2): ext4_acquire_dquot:6196: comm syz.2.1836: Failed to acquire dquot type 0 [ 343.148875][T10061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.225523][T10314] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 343.231790][T10336] xt_CT: You must specify a L4 protocol and not use inversions on it [ 343.236532][T10334] loop3: detected capacity change from 0 to 1024 [ 343.243863][T10061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.265807][T10314] EXT4-fs error (device loop2): ext4_evict_inode:282: inode #11: comm syz.2.1836: mark_inode_dirty error [ 343.294532][T10314] EXT4-fs warning (device loop2): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 343.295899][T10061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.324332][T10314] EXT4-fs (loop2): 1 orphan inode deleted [ 343.335433][T10061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.342620][ T4368] EXT4-fs error (device loop2): ext4_map_blocks:601: inode #3: block 1: comm kworker/u4:13: lblock 1 mapped to illegal pblock 1 (length 1) [ 343.356861][T10061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.365441][T10314] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,barrier,resuid=0x0000000000000000,noload,dioread_lock,bh,bsddf,bsdgroups,,errors=continue. Quota mode: none. [ 343.388150][ C1] vkms_vblank_simulate: vblank timer overrun [ 343.389035][T10061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.405860][ T4368] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 343.414418][ T4368] EXT4-fs error (device loop2): ext4_release_dquot:6219: comm kworker/u4:13: Failed to release dquot type 0 [ 343.428131][T10061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.456778][T10061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.481672][T10314] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 343.493392][T10061] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 343.538203][T10314] EXT4-fs error (device loop2): ext4_quota_off:6485: inode #3: comm syz.2.1836: mark_inode_dirty error [ 343.572991][T10336] device veth1_macvtap left promiscuous mode [ 343.580348][T10336] device macsec0 entered promiscuous mode [ 343.672408][T10340] device veth1_macvtap entered promiscuous mode [ 343.678932][T10340] device macsec0 left promiscuous mode [ 343.702862][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 343.741012][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 343.758991][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 343.796859][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 343.961910][T10061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.142170][T10061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.135463][T10061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.146451][T10061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.156393][T10061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.166843][T10061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.177246][T10061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.188534][T10061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.201172][T10061] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 345.215580][T10061] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.224450][T10061] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.235487][T10061] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.244334][T10061] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.261261][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 345.270902][ T25] audit: type=1326 audit(1719604733.515:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10361 comm="syz.3.1846" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd895f01b99 code=0x0 [ 345.290210][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 345.322470][T10371] loop1: detected capacity change from 0 to 256 [ 345.431245][T10371] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 345.549856][ T3628] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 345.558396][ T3628] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 345.625046][T10382] loop3: detected capacity change from 0 to 1024 [ 345.673331][ T3628] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 345.740579][ T3628] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 345.740995][ T5066] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 345.780434][T10382] EXT4-fs (loop3): Ignoring removed bh option [ 345.890128][ T3548] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 346.087394][T10382] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 69: comm syz.3.1851: lblock 8 mapped to illegal pblock 69 (length 1) [ 346.182676][T10382] Quota error (device loop3): write_blk: dquota write failed [ 346.215858][T10395] loop2: detected capacity change from 0 to 1024 [ 346.225319][ T5066] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 346.227971][T10382] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 68: comm syz.3.1851: lblock 7 mapped to illegal pblock 68 (length 1) [ 346.301786][ T3548] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 346.338436][T10382] Quota error (device loop3): write_blk: dquota write failed [ 346.347009][T10382] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 67: comm syz.3.1851: lblock 6 mapped to illegal pblock 67 (length 1) [ 346.401545][T10382] Quota error (device loop3): write_blk: dquota write failed [ 346.409663][ T3548] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.432988][ T3548] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.433375][T10382] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 48: comm syz.3.1851: lblock 0 mapped to illegal pblock 48 (length 1) [ 346.464560][ T3548] usb 5-1: config 0 interface 0 has no altsetting 0 [ 346.543896][T10382] EXT4-fs error (device loop3): ext4_acquire_dquot:6196: comm syz.3.1851: Failed to acquire dquot type 0 [ 346.642311][T10407] loop1: detected capacity change from 0 to 512 [ 346.650064][ T3548] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.668128][ T3548] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.687134][ T3548] usb 5-1: config 0 interface 0 has no altsetting 0 [ 346.905348][T10407] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 348.033707][T10406] sched: RT throttling activated [ 348.037300][T10382] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 348.984033][T10382] EXT4-fs error (device loop3): ext4_evict_inode:282: inode #11: comm syz.3.1851: mark_inode_dirty error [ 349.020078][T10382] EXT4-fs warning (device loop3): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 349.046513][T10382] EXT4-fs (loop3): 1 orphan inode deleted [ 349.059566][T10382] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,barrier,resuid=0x0000000000000000,noload,dioread_lock,bh,bsddf,bsdgroups,,errors=continue. Quota mode: none. [ 349.190741][ T4628] EXT4-fs error (device loop3): ext4_map_blocks:601: inode #3: block 1: comm kworker/u4:15: lblock 1 mapped to illegal pblock 1 (length 1) [ 349.205084][ T3548] usb 5-1: unable to read config index 2 descriptor/all [ 349.213462][ T3548] usb 5-1: can't read configurations, error -71 [ 349.943303][ T4628] __quota_error: 2 callbacks suppressed [ 349.943318][ T4628] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 350.027378][ T4628] EXT4-fs error (device loop3): ext4_release_dquot:6219: comm kworker/u4:15: Failed to release dquot type 0 [ 350.075728][T10382] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5789: Corrupt filesystem [ 350.103024][T10382] EXT4-fs error (device loop3): ext4_quota_off:6485: inode #3: comm syz.3.1851: mark_inode_dirty error [ 350.246936][T10441] loop4: detected capacity change from 0 to 512 [ 350.309518][ T13] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 350.416960][T10441] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 350.473895][T10441] ext4 filesystem being mounted at /root/syzkaller.jdfGFQ/102/bus supports timestamps until 2038 (0x7fffffff) [ 350.498290][T10441] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #12: block 32: comm syz.4.1864: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0 [ 350.599234][T10456] loop1: detected capacity change from 0 to 2048 [ 350.676092][T10458] loop4: detected capacity change from 0 to 1024 [ 350.719809][ T13] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 350.752964][ T13] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 350.826164][ T13] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 350.863234][ T13] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 350.879129][ T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.904942][ T13] usb 1-1: config 0 descriptor?? [ 351.016403][T10468] loop1: detected capacity change from 0 to 128 [ 351.117527][T10469] loop4: detected capacity change from 0 to 2048 [ 351.181472][T10451] loop3: detected capacity change from 0 to 32768 [ 351.526208][T10469] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none. [ 351.583403][T10468] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 351.729125][T10468] ext4 filesystem being mounted at /root/syzkaller.HsZg7s/100/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 351.777858][ T13] acrux 0003:1A34:0802.0008: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.0-1/input0 [ 351.789740][ T13] acrux 0003:1A34:0802.0008: no inputs found [ 351.796120][ T13] acrux 0003:1A34:0802.0008: Failed to enable force feedback support, error: -19 [ 351.827551][T10451] XFS (loop3): Mounting V5 Filesystem [ 351.978345][T10451] XFS (loop3): Ending clean mount [ 352.022481][T10490] loop2: detected capacity change from 0 to 128 [ 352.082184][T10493] loop4: detected capacity change from 0 to 2048 [ 352.135621][T10493] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none. [ 352.214700][ T7361] XFS (loop3): Unmounting Filesystem [ 352.561414][ T5066] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 352.719566][T10509] loop2: detected capacity change from 0 to 512 [ 352.823733][T10509] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 352.837287][ T5066] usb 2-1: Using ep0 maxpacket: 8 [ 352.868674][T10509] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 352.922264][T10509] EXT4-fs (loop2): 1 orphan inode deleted [ 352.959602][T10509] EXT4-fs (loop2): 1 truncate cleaned up [ 352.979789][ T5066] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 352.996581][ T5066] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 352.999135][T10509] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,jqfmt=vfsv0,data_err=ignore,inode_readahead_blks=0x0000000000010000,resuid=0x0000000000000000,block_validity,. Quota mode: none. [ 353.015092][ T5066] usb 2-1: config 0 has no interface number 0 [ 353.031359][ T5066] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 353.058764][ T5066] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 353.078048][ T5066] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.086718][ T13] usb 1-1: reset high-speed USB device number 20 using dummy_hcd [ 353.114804][ T5066] usb 2-1: config 0 descriptor?? [ 353.229931][T10509] EXT4-fs error (device loop2): ext4_lookup:1855: inode #15: comm syz.2.1885: iget: bad extra_isize 46 (inode size 256) [ 353.320257][T10509] EXT4-fs (loop2): Remounting filesystem read-only [ 354.273734][T10522] loop2: detected capacity change from 0 to 128 [ 354.377971][T10522] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 354.403958][T10507] loop4: detected capacity change from 0 to 40427 [ 354.442896][ T3553] usb 1-1: USB disconnect, device number 20 [ 354.480938][T10522] ext4 filesystem being mounted at /root/syzkaller.7CUn9m/104/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 354.532454][T10507] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 354.577184][T10511] loop3: detected capacity change from 0 to 32768 [ 354.600413][T10507] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 354.634764][T10507] F2FS-fs (loop4): invalid crc value [ 354.678897][T10507] F2FS-fs (loop4): Found nat_bits in checkpoint [ 354.787995][T10520] loop0: detected capacity change from 0 to 32768 [ 354.867970][T10507] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 354.887592][T10511] XFS (loop3): Mounting V5 Filesystem [ 354.898077][T10507] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 354.947436][T10538] loop2: detected capacity change from 0 to 1024 [ 354.985235][T10520] XFS (loop0): Mounting V5 Filesystem [ 355.058640][T10511] XFS (loop3): Ending clean mount [ 355.106880][T10546] fuse: Bad value for 'fd' [ 355.112441][T10520] XFS (loop0): Ending clean mount [ 355.131920][T10511] XFS (loop3): Quotacheck needed: Please wait. [ 355.189380][T10520] XFS (loop0): Quotacheck needed: Please wait. [ 355.321212][T10520] XFS (loop0): Quotacheck: Done. [ 355.418641][T10061] XFS (loop0): Unmounting Filesystem [ 355.441128][T10511] XFS (loop3): Quotacheck: Done. [ 355.560130][ T7361] XFS (loop3): Unmounting Filesystem [ 355.656631][T10550] loop2: detected capacity change from 0 to 2048 [ 355.721375][T10552] loop4: detected capacity change from 0 to 2048 [ 355.787470][T10550] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none. [ 355.910684][ T4628] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 355.940035][T10552] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 356.003477][ T4628] EXT4-fs (loop2): Remounting filesystem read-only [ 356.032991][T10552] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 356.265319][T10559] loop0: detected capacity change from 0 to 64 [ 356.320333][T10565] loop4: detected capacity change from 0 to 128 [ 356.372901][T10562] loop3: detected capacity change from 0 to 2048 [ 356.544245][ T13] usb 2-1: USB disconnect, device number 17 [ 356.843515][T10574] loop0: detected capacity change from 0 to 256 [ 356.937993][T10562] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none. [ 357.380558][T10571] loop1: detected capacity change from 0 to 4096 [ 357.398232][T10578] loop4: detected capacity change from 0 to 1764 [ 357.404605][T10580] loop2: detected capacity change from 0 to 128 [ 357.452103][T10580] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 357.784275][T10589] loop1: detected capacity change from 0 to 1024 [ 357.794591][T10588] loop2: detected capacity change from 0 to 2048 [ 358.171601][T10591] loop2: detected capacity change from 0 to 64 [ 358.494293][T10584] loop0: detected capacity change from 0 to 32768 [ 358.589691][ T5066] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 358.708271][T10584] XFS (loop0): Mounting V5 Filesystem [ 358.869638][ T5066] usb 5-1: Using ep0 maxpacket: 8 [ 358.978455][T10584] XFS (loop0): Ending clean mount [ 359.029905][ T5066] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 359.049095][ T5066] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 359.079566][ T5066] usb 5-1: config 0 has no interface number 0 [ 359.085828][ T5066] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 359.122983][ T5066] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 359.187452][ T5066] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.228861][ T5066] usb 5-1: config 0 descriptor?? [ 359.274778][T10061] XFS (loop0): Unmounting Filesystem [ 359.720191][T10623] loop3: detected capacity change from 0 to 1764 [ 360.180912][ T25] audit: type=1800 audit(1719604748.425:161): pid=10629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1918" name="bus" dev="sda1" ino=2055 res=0 errno=0 [ 361.190363][ T3548] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 362.205450][T10653] sg_write: process 318 (syz.2.1926) changed security contexts after opening file descriptor, this is not allowed. [ 362.259723][ T3548] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 362.316396][ T3548] usb 4-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00 [ 362.318821][T10656] netlink: 'syz.2.1927': attribute type 10 has an invalid length. [ 362.328576][ T3548] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.386802][T10656] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1927'. [ 362.391360][ T3548] usb 4-1: config 0 descriptor?? [ 362.407003][T10656] device vlan1 entered promiscuous mode [ 362.420150][T10658] loop1: detected capacity change from 0 to 1764 [ 362.469287][T10656] team0: Port device vlan1 added [ 362.477544][ T3548] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 362.684396][T10631] udc-core: couldn't find an available UDC or it's busy [ 362.691546][T10631] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 363.384692][ T13] usb 5-1: USB disconnect, device number 28 [ 363.465575][T10682] netlink: 'syz.1.1936': attribute type 12 has an invalid length. [ 364.202283][ T3548] usb 4-1: USB disconnect, device number 25 [ 365.121303][T10701] loop1: detected capacity change from 0 to 1764 [ 366.879350][T10720] netlink: 'syz.0.1949': attribute type 12 has an invalid length. [ 367.049796][ T13] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 368.399589][ T13] usb 5-1: Using ep0 maxpacket: 8 [ 368.539857][ T13] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 368.568998][ T13] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 368.569027][ T13] usb 5-1: config 0 has no interface number 0 [ 368.569060][ T13] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 368.569096][ T13] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 368.569121][ T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 368.580559][ T13] usb 5-1: config 0 descriptor?? [ 368.581333][T10746] loop1: detected capacity change from 0 to 1764 [ 369.162282][T10767] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1966'. [ 370.670028][ T3548] Bluetooth: hci3: command 0x0405 tx timeout [ 370.919636][ T3548] usb 5-1: USB disconnect, device number 29 [ 371.261547][T10818] loop1: detected capacity change from 0 to 256 [ 372.167629][T10840] loop2: detected capacity change from 0 to 2048 [ 372.231851][T10846] loop1: detected capacity change from 0 to 1024 [ 372.299325][T10846] EXT4-fs (loop1): barriers disabled [ 372.317649][T10846] JBD2: no valid journal superblock found [ 372.330667][T10846] EXT4-fs (loop1): error loading journal [ 373.507908][T10858] loop0: detected capacity change from 0 to 40427 [ 373.544945][T10861] loop1: detected capacity change from 0 to 256 [ 373.626109][T10861] exfat: Unknown parameter ''Hek8' [ 373.684165][T10858] F2FS-fs (loop0): Found nat_bits in checkpoint [ 373.749628][T10858] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 374.159926][T10061] attempt to access beyond end of device [ 374.159926][T10061] loop0: rw=2049, want=45104, limit=40427 [ 374.362130][T10878] loop2: detected capacity change from 0 to 256 [ 374.535322][T10878] exfat: Bad value for 'uid' [ 374.669704][ T13] usb 4-1: new full-speed USB device number 26 using dummy_hcd [ 374.917092][T10887] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2008'. [ 375.206157][T10886] loop1: detected capacity change from 0 to 2048 [ 375.269549][ T25] audit: type=1804 audit(1719604763.175:162): pid=10887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2008" name="/root/syzkaller.7CUn9m/137/bus" dev="sda1" ino=2059 res=1 errno=0 [ 375.633726][ T13] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 375.653189][ T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.298679][ T13] usb 4-1: config 0 descriptor?? [ 376.351379][ T13] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 376.464552][ T5066] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 377.423899][ T5066] usb 1-1: Using ep0 maxpacket: 8 [ 377.479975][ T13] gp8psk: usb out operation failed. [ 377.486412][ T13] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 377.581062][ T13] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 377.609804][ T5066] usb 1-1: config 0 has no interfaces? [ 377.624401][T10910] loop2: detected capacity change from 0 to 40427 [ 377.625814][ T13] usb 4-1: USB disconnect, device number 26 [ 377.811969][ T5066] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 377.858829][ T5066] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.907627][T10910] F2FS-fs (loop2): Found nat_bits in checkpoint [ 378.387790][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.471990][ T5066] usb 1-1: Product: syz [ 378.476878][ T5066] usb 1-1: Manufacturer: syz [ 378.481568][ T5066] usb 1-1: SerialNumber: syz [ 378.495075][ T5066] usb 1-1: config 0 descriptor?? [ 378.611781][ T5066] usb 1-1: can't set config #0, error -71 [ 378.619932][ T5066] usb 1-1: USB disconnect, device number 21 [ 378.638031][T10910] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 378.763954][T10925] loop0: detected capacity change from 0 to 1024 [ 378.883894][ T8760] attempt to access beyond end of device [ 378.883894][ T8760] loop2: rw=2049, want=45104, limit=40427 [ 378.904360][T10931] loop1: detected capacity change from 0 to 256 [ 378.937935][T10925] EXT4-fs (loop0): barriers disabled [ 378.998359][T10925] JBD2: no valid journal superblock found [ 379.008364][T10925] EXT4-fs (loop0): error loading journal [ 379.100692][T10931] exfat: Bad value for 'uid' [ 380.048202][T10938] loop3: detected capacity change from 0 to 2048 [ 380.173175][T10946] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2024'. [ 380.201156][ T25] audit: type=1804 audit(1719604768.435:163): pid=10946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2024" name="/root/syzkaller.HsZg7s/140/bus" dev="sda1" ino=2058 res=1 errno=0 [ 381.020426][T10948] overlayfs: missing 'lowerdir' [ 382.011781][ T25] audit: type=1804 audit(1719604770.255:164): pid=10973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2039" name="file0" dev="sda1" ino=2060 res=1 errno=0 [ 383.261198][T10974] loop3: detected capacity change from 0 to 40427 [ 383.369337][T10974] F2FS-fs (loop3): Found nat_bits in checkpoint [ 383.422158][T10984] loop1: detected capacity change from 0 to 256 [ 383.463032][T10974] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 383.489407][T10988] loop4: detected capacity change from 0 to 2048 [ 383.516565][T10984] exfat: Bad value for 'uid' [ 383.823120][T10994] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2040'. [ 383.825587][ T25] audit: type=1804 audit(1719604772.065:165): pid=10994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2040" name="/root/syzkaller.HsZg7s/144/bus" dev="sda1" ino=2068 res=1 errno=0 [ 383.838432][ T7361] attempt to access beyond end of device [ 383.838432][ T7361] loop3: rw=2049, want=45104, limit=40427 [ 384.359682][ T13] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 384.479304][T11008] loop2: detected capacity change from 0 to 1024 [ 385.341298][T11008] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 386.199908][ T13] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 386.209239][ T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 386.219920][ T13] usb 1-1: config 0 descriptor?? [ 386.238366][T11023] loop4: detected capacity change from 0 to 512 [ 386.284071][T11027] loop3: detected capacity change from 0 to 8 [ 386.327087][T11023] EXT4-fs (loop4): Ignoring removed orlov option [ 386.481714][T11023] EXT4-fs (loop4): Test dummy encryption mode enabled [ 387.280258][ T13] [drm] vendor descriptor length:c3 data:02 00 00 00 00 00 00 00 00 00 00 [ 387.341644][ T13] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 387.380222][T11023] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a014e09c, mo2=0002] [ 387.402506][T11023] System zones: 1-12 [ 387.426156][T11033] loop2: detected capacity change from 0 to 40427 [ 387.463257][T11023] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.2056: casefold flag without casefold feature [ 387.498390][T11033] F2FS-fs (loop2): Found nat_bits in checkpoint [ 387.509977][ T13] [drm:udl_init] *ERROR* Selecting channel failed [ 387.541723][T11023] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.2056: missing EA_INODE flag [ 387.541979][T11023] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.2056: error while reading EA inode 12 err=-117 [ 387.542239][T11023] EXT4-fs (loop4): 1 orphan inode deleted [ 387.542261][T11023] EXT4-fs (loop4): mounted filesystem without journal. Opts: orlov,minixdf,max_dir_size_kb=0x0000000000009c7c,debug,grpquota,errors=continue,test_dummy_encryption,auto_da_alloc,nodiscard,,errors=continue. Quota mode: writeback. [ 387.546289][T11033] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 387.617929][ T13] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 387.673658][ T13] [drm] Initialized udl on minor 2 [ 387.711387][ T13] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 387.713335][ T13] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 387.728455][ T13] usb 1-1: USB disconnect, device number 22 [ 387.805801][ T8760] attempt to access beyond end of device [ 387.805801][ T8760] loop2: rw=2049, want=45104, limit=40427 [ 387.887988][T11023] fscrypt (loop4): Error allocating 'xts(aes)' transform: -4 [ 387.918186][T11048] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 387.924598][ T3579] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 388.024830][T11058] loop3: detected capacity change from 0 to 1024 [ 388.098499][T11058] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 388.254185][T11067] loop4: detected capacity change from 0 to 8 [ 388.610014][ T3579] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 388.975146][ T3579] usb 2-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice= 0.00 [ 389.024352][ T3579] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.045461][T11072] MPTCP: kernel_bind error, err=-22 [ 389.052965][ T3579] usb 2-1: config 0 descriptor?? [ 389.262886][T11077] tipc: Can't bind to reserved service type 0 [ 389.283032][ T3579] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input16 [ 390.207173][T11084] loop4: detected capacity change from 0 to 512 [ 390.213787][ T5066] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 390.239349][T11082] loop0: detected capacity change from 0 to 40427 [ 390.259206][ T3579] usb 2-1: USB disconnect, device number 18 [ 390.271927][T11084] EXT4-fs (loop4): Ignoring removed orlov option [ 390.294745][T11084] EXT4-fs (loop4): Test dummy encryption mode enabled [ 390.329113][T11084] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a014e09c, mo2=0002] [ 390.345457][T11082] F2FS-fs (loop0): Found nat_bits in checkpoint [ 390.345706][T11084] System zones: 1-12 [ 390.367544][T11084] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.2074: casefold flag without casefold feature [ 390.387896][T11084] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.2074: missing EA_INODE flag [ 390.389649][T11082] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 390.407713][T11084] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.2074: error while reading EA inode 12 err=-117 [ 390.441273][T11084] EXT4-fs (loop4): 1 orphan inode deleted [ 390.447103][T11084] EXT4-fs (loop4): mounted filesystem without journal. Opts: orlov,minixdf,max_dir_size_kb=0x0000000000009c7c,debug,grpquota,errors=continue,test_dummy_encryption,auto_da_alloc,nodiscard,,errors=continue. Quota mode: writeback. [ 390.509860][ T13] usb 4-1: new full-speed USB device number 27 using dummy_hcd [ 390.560069][ T5066] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 390.616899][T10061] attempt to access beyond end of device [ 390.616899][T10061] loop0: rw=2049, want=45104, limit=40427 [ 390.640335][ T5066] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 390.665453][ T5066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 390.684077][ T5066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 390.799737][ T5066] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 390.808873][ T5066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 390.821012][ T5066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 390.919812][ T5066] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 390.928735][ T5066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 390.940085][ T13] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 390.950797][ T5066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 390.957439][ T13] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 390.967074][ T13] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 390.978320][ T13] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 390.979643][ T3579] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 390.987636][ T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.021947][T11086] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 391.039859][ T5066] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 391.050700][ T13] hub 4-1:1.0: bad descriptor, ignoring hub [ 391.057042][ T5066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 391.068072][ T13] hub: probe of 4-1:1.0 failed with error -5 [ 391.074853][ T13] cdc_wdm 4-1:1.0: skipping garbage [ 391.080168][ T5066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 391.086844][ T13] cdc_wdm 4-1:1.0: skipping garbage [ 391.093555][ T13] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 391.100127][ T13] cdc_wdm 4-1:1.0: Unknown control protocol [ 391.179678][ T5066] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 391.188717][ T5057] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 391.196383][ T5066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 391.207314][ T5066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 391.310340][ T5066] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 391.319402][ T5066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 391.330633][ T5066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 391.360051][ T3579] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 391.369341][ T3579] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.383237][ T3579] usb 5-1: config 0 descriptor?? [ 391.429864][ T5066] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 391.438852][ T5066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 391.450490][ T5066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 391.501581][T11086] udc-core: couldn't find an available UDC or it's busy [ 391.508548][T11086] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 391.549784][ T5066] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 391.558770][ T5066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 391.573991][ T5057] usb 1-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 391.584449][ T5066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 391.591184][ T5057] usb 1-1: config 9 has 0 interfaces, different from the descriptor's value: 1 [ 391.600266][ T5057] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 391.609297][ T5057] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.669601][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.676200][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.689558][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.696315][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.709568][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.716181][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.723477][ T3579] [drm] vendor descriptor length:c3 data:02 00 00 00 00 00 00 00 00 00 00 [ 391.732040][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.738617][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.744827][ T3579] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 391.752654][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.759248][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.769545][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.769807][ T5066] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 391.776155][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.789648][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.791795][ T5066] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 391.797929][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.806330][ T5066] usb 3-1: Product: syz [ 391.812571][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.816460][ T5066] usb 3-1: Manufacturer: syz [ 391.823030][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.829535][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.833829][ T5066] usb 3-1: SerialNumber: syz [ 391.840304][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.849530][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.857834][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.859697][ T5066] usb 3-1: config 0 descriptor?? [ 391.869531][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.876128][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.889519][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.896121][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.909560][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.916143][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.928960][ T5066] yurex 3-1:0.0: USB YUREX device now attached to Yurex #1 [ 391.929502][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.942738][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.949243][ T3579] [drm:udl_init] *ERROR* Selecting channel failed [ 391.957863][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.964468][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.970770][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 391.977368][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 391.988547][ T3579] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 391.996106][ T3579] [drm] Initialized udl on minor 2 [ 391.999693][ T5057] usb 1-1: string descriptor 0 read error: -22 [ 392.009381][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.015988][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.022299][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.028909][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.035719][ T3579] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 392.044782][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.044797][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.057978][ T3579] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 392.065130][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.065149][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.079517][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.086114][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.094296][ T3579] usb 5-1: USB disconnect, device number 30 [ 392.100268][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.100292][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.119512][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.126147][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.139506][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.146129][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.159526][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.166145][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.179510][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.183708][ T5057] usb 3-1: USB disconnect, device number 21 [ 392.186119][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.197602][T11105] loop1: detected capacity change from 0 to 8 [ 392.199488][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.210679][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.219501][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.226103][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.227880][ T5057] yurex 3-1:0.0: USB YUREX #1 now disconnected [ 392.239531][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.242288][ T5066] usb 1-1: USB disconnect, device number 23 [ 392.246125][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.259513][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.266110][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.279510][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.286129][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.299512][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.306142][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.319515][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.326143][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.339509][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.346121][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.359511][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.366135][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.379554][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.386183][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.399505][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.406137][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.419515][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.426136][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.445122][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.451756][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.459503][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.466121][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.479516][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.486139][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.618713][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.625335][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.631805][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.638408][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.649497][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.656090][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.669524][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.676131][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.689598][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.696199][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.709510][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.716143][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.729523][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.736140][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.749519][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.756223][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.790110][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.796746][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.809783][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.816429][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.837778][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.844396][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.850749][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.857339][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.869507][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.876108][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.908988][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.915602][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 392.921957][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 392.928630][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.087316][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.093936][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.100439][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.107032][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.383527][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.390165][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.460982][T11125] bond0: (slave erspan0): Error -99 calling set_mac_address [ 393.505172][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.511885][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.519513][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.526122][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.551172][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.557806][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.595005][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.601629][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.619993][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.626612][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.640023][ C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 393.646638][ C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 393.658651][ T5145] usb 4-1: USB disconnect, device number 27 [ 394.012068][ T5219] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 394.134983][ T5066] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 394.349637][ T3579] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 394.379629][ T5219] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 394.399637][ T5066] usb 3-1: Using ep0 maxpacket: 16 [ 394.399707][ T5219] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 394.429976][ T5219] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 394.439080][ T5219] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.455549][ T5219] usb 2-1: config 0 descriptor?? [ 394.709706][ T3579] usb 5-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 394.726072][ T3579] usb 5-1: config 9 has 0 interfaces, different from the descriptor's value: 1 [ 394.736069][ T3579] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 394.739658][ T5066] usb 3-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4 [ 394.750975][ T3579] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.779513][ T5066] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 394.787964][ T5066] usb 3-1: Product: syz [ 394.809682][ T5066] usb 3-1: Manufacturer: syz [ 394.814325][ T5066] usb 3-1: SerialNumber: syz [ 394.827993][ T5066] usb 3-1: config 0 descriptor?? [ 394.875888][ T5066] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 394.940819][ T5219] keytouch 0003:0926:3333.0009: fixing up Keytouch IEC report descriptor [ 394.960359][ T5219] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0009/input/input17 [ 395.078934][ T5219] keytouch 0003:0926:3333.0009: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 395.189293][ T5057] keytouch 0003:0926:3333.0009: implement() called with too large value 12 (n: 1)! (kworker/0:14) [ 395.200763][ T5057] ------------[ cut here ]------------ [ 395.206234][ T5057] WARNING: CPU: 0 PID: 5057 at drivers/hid/hid-core.c:1449 hid_output_report+0x541/0x750 [ 395.216138][ T5057] Modules linked in: [ 395.220036][ T5057] CPU: 0 PID: 5057 Comm: kworker/0:14 Not tainted 5.15.161-syzkaller #0 [ 395.228359][ T5057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 395.238536][ T5057] Workqueue: events hidinput_led_worker [ 395.244259][ T5057] RIP: 0010:hid_output_report+0x541/0x750 [ 395.249966][ T5057] Code: c1 c0 08 00 00 48 8b 44 24 40 48 8d b8 38 19 00 00 48 c7 c6 a0 a6 64 8b 48 c7 c2 a2 f2 2c 8c 44 89 f1 45 89 e8 e8 df 49 70 02 <0f> 0b 44 23 74 24 18 e9 bb fd ff ff 89 d9 80 e1 07 80 c1 03 38 c1 [ 395.269823][ T5057] RSP: 0018:ffffc90002f87b30 EFLAGS: 00010046 [ 395.275874][ T5057] RAX: 8dc457b610235e00 RBX: 0000000000000001 RCX: 8dc457b610235e00 [ 395.283819][ T5057] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000 [ 395.291760][ T5057] RBP: 0000000000000000 R08: ffffffff8166835c R09: ffffed10173467a8 [ 395.299707][ T5057] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 395.307690][ T5057] R13: 0000000000000001 R14: 000000000000000c R15: 0000000000000000 [ 395.315648][ T5057] FS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 395.324805][ T5057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 395.331399][ T5057] CR2: 000000110c2de221 CR3: 0000000075349000 CR4: 00000000003506f0 [ 395.339438][ T5057] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 395.347389][ T5057] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 395.355358][ T5057] Call Trace: [ 395.358635][ T5057] [ 395.361662][ T5057] ? __warn+0x15b/0x300 [ 395.365829][ T5057] ? hid_output_report+0x541/0x750 [ 395.370950][ T5057] ? report_bug+0x1b7/0x2e0 [ 395.375442][ T5057] ? handle_bug+0x3d/0x70 [ 395.379759][ T5057] ? exc_invalid_op+0x16/0x40 [ 395.384428][ T5057] ? asm_exc_invalid_op+0x16/0x20 [ 395.389449][ T5057] ? __wake_up_klogd+0xcc/0x100 [ 395.394287][ T5057] ? hid_output_report+0x541/0x750 [ 395.399507][ T5057] usbhid_submit_report+0x43d/0x9e0 [ 395.404812][ T5057] process_one_work+0x8a1/0x10c0 [ 395.409737][ T5057] ? worker_detach_from_pool+0x260/0x260 [ 395.415369][ T5057] ? _raw_spin_lock_irqsave+0x120/0x120 [ 395.420891][ T5057] ? kthread_data+0x4e/0xc0 [ 395.425388][ T5057] ? wq_worker_running+0x97/0x170 [ 395.430390][ T5057] worker_thread+0xaca/0x1280 [ 395.435055][ T5057] kthread+0x3f6/0x4f0 [ 395.439110][ T5057] ? rcu_lock_release+0x20/0x20 [ 395.443960][ T5057] ? kthread_blkcg+0xd0/0xd0 [ 395.448545][ T5057] ret_from_fork+0x1f/0x30 [ 395.452966][ T5057] [ 395.456016][ T5057] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 395.463286][ T5057] CPU: 0 PID: 5057 Comm: kworker/0:14 Not tainted 5.15.161-syzkaller #0 [ 395.471588][ T5057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 395.481635][ T5057] Workqueue: events hidinput_led_worker [ 395.487171][ T5057] Call Trace: [ 395.490435][ T5057] [ 395.493353][ T5057] dump_stack_lvl+0x1e3/0x2d0 [ 395.498050][ T5057] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 395.503745][ T5057] ? panic+0x860/0x860 [ 395.507799][ T5057] ? hid_output_report+0x500/0x750 [ 395.512889][ T5057] ? hid_output_report+0x500/0x750 [ 395.518100][ T5057] panic+0x318/0x860 [ 395.521985][ T5057] ? __warn+0x16a/0x300 [ 395.526146][ T5057] ? fb_is_primary_device+0xd0/0xd0 [ 395.531328][ T5057] ? ret_from_fork+0x1f/0x30 [ 395.535899][ T5057] ? hid_output_report+0x541/0x750 [ 395.541005][ T5057] __warn+0x2b2/0x300 [ 395.545096][ T5057] ? hid_output_report+0x541/0x750 [ 395.550189][ T5057] report_bug+0x1b7/0x2e0 [ 395.554499][ T5057] handle_bug+0x3d/0x70 [ 395.558632][ T5057] exc_invalid_op+0x16/0x40 [ 395.563114][ T5057] asm_exc_invalid_op+0x16/0x20 [ 395.567939][ T5057] RIP: 0010:hid_output_report+0x541/0x750 [ 395.573650][ T5057] Code: c1 c0 08 00 00 48 8b 44 24 40 48 8d b8 38 19 00 00 48 c7 c6 a0 a6 64 8b 48 c7 c2 a2 f2 2c 8c 44 89 f1 45 89 e8 e8 df 49 70 02 <0f> 0b 44 23 74 24 18 e9 bb fd ff ff 89 d9 80 e1 07 80 c1 03 38 c1 [ 395.593230][ T5057] RSP: 0018:ffffc90002f87b30 EFLAGS: 00010046 [ 395.599271][ T5057] RAX: 8dc457b610235e00 RBX: 0000000000000001 RCX: 8dc457b610235e00 [ 395.607218][ T5057] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000 [ 395.615161][ T5057] RBP: 0000000000000000 R08: ffffffff8166835c R09: ffffed10173467a8 [ 395.623106][ T5057] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 395.631048][ T5057] R13: 0000000000000001 R14: 000000000000000c R15: 0000000000000000 [ 395.638999][ T5057] ? __wake_up_klogd+0xcc/0x100 [ 395.643849][ T5057] usbhid_submit_report+0x43d/0x9e0 [ 395.649039][ T5057] process_one_work+0x8a1/0x10c0 [ 395.653957][ T5057] ? worker_detach_from_pool+0x260/0x260 [ 395.659565][ T5057] ? _raw_spin_lock_irqsave+0x120/0x120 [ 395.665092][ T5057] ? kthread_data+0x4e/0xc0 [ 395.669566][ T5057] ? wq_worker_running+0x97/0x170 [ 395.674564][ T5057] worker_thread+0xaca/0x1280 [ 395.679231][ T5057] kthread+0x3f6/0x4f0 [ 395.683278][ T5057] ? rcu_lock_release+0x20/0x20 [ 395.688106][ T5057] ? kthread_blkcg+0xd0/0xd0 [ 395.692667][ T5057] ret_from_fork+0x1f/0x30 [ 395.697061][ T5057] [ 396.784627][ T5057] Shutting down cpus with NMI [ 396.789448][ T5057] Kernel Offset: disabled [ 396.794134][ T5057] Rebooting in 86400 seconds..