last executing test programs: 9.550650677s ago: executing program 2 (id=1902): epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x6e, 0x0, 0x0) r0 = memfd_create(&(0x7f0000000600)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o84I\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HO\x00\x00\x00\x00R\xfc\xcb%u3\xec\xde%\x9d\xe4\x1d\rD\x82S\x17?\xd6\xb1\x9aF\xe2\xba[\xc7QR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11\x17\xd8\xda@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffwI\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\xa5\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\xae\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x93\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94\xfe2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[z\xb6>\xd3\xe7Y*\xdb\xa7h\nt\xddP\n\xc5\xeb\xb1ux\x94@\x00\x00g\x02D9\x83\xa7\x97\xf4\xb25wL\x97\xfb\xb9\xccj\xb3\x96\xc1@\xee`{\x87\xa8]\x96\x9cjF^+\xcc1l\xcbmA,5\xc4J\xcab\xa6\x91\xa0\xeaU\x92\x01\x1f,\xfa\x10\"+\x01\x00\x91\xe9\x1cz\xd1f\x901\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00o\"\x85Np\xba\x0e<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb8V\xe4\xa1C\x90\x17\xcc{\x9d\xf1\xbd\xb0\xca\x03\x96\x85h}\x8f\x1c)X\xc83rA\x90r\xb6\xba!;\x95\xaf\xe0\xcb\xec\xcd$\x02f\x8c4\x1aH\x8fC\xbfr\xd39\x92\x1fShu\x9e\b\xd4m\xa8\x16\xa6\xd5\xae\xcb\x03oFQ\"\xf7F\xb7\vp\xb6\xe5\x92\xe2O}.\x95A\x9bH\x8d\xa1\x80\x1b\x14u\xfdK\xce\xaf\x94i\xf1s\xf7\xb8Jq\xcb3=M\x84\x7f\x181/\x9bQ|4\xaf\xcf\r\xcfz Z\x19\xad_\x13\x99\xf7\xfdOD\xd3\x9d\x9d\xb8d5g\xf1\x84\xbd\xe5\xa2\xb3\xda\x82\x10n1\xed\xba\xe3\x96\x85\"\xb6\xa6n\xe7\xfd\xd4\a\x97\x85\x810/\xc4o\x11\xc8\x1b\xc0\f\xeec\xa4\x7f|P\x00\x00\x00\x000p\xaf\xfdk\xac\xcc\xac`\xc9\a<\xadIt\x9b\xeb\x8a\xfe\x9b\aO\xa5?h\xe1B\xa8C\x8e;/\xa8\x94\x1bs\xf0\xa9>\x9e\xff\xc9\xd2\x00h\xcb\xfb\xb6Y\xbfp\xd8\x90\x96\xec\x83N\x8bNnx\xb6\x16Y\xf8sU\xae\xa0\b\x8cLq\n\x1f\x99t\xb6\xffozu\xa0B(\xe9?\xcdA\xba\xa8\x13Qc\xda\x16?\xe8z\x8f\x862!\xbf\xa4\xb8\x9bC\xe9Od\xe8\xd32m\x06RX\x7f\xf7\xc2\n\x94\xe5P:l\xd9\xd5\xbd\rH6-\x8a\x12m\xff\xe9\xa0\r\tk\xda\xa4q(\xae\\\xb6\x14I\xf7\xe0z\xf10xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0}, 0x0) close(r3) socket(0xa, 0x1, 0x0) 7.639372216s ago: executing program 2 (id=1911): r0 = socket$alg(0x26, 0x5, 0x0) socket$igmp6(0xa, 0x3, 0x2) bind$alg(r0, &(0x7f0000002ec0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts-cbc-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) syz_open_dev$rtc(0x0, 0x1200000000400, 0x4780c3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) setreuid(0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) mount$nfs(&(0x7f00000003c0)='GPL\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x140c0, &(0x7f0000000540)=ANY=[@ANYBLOB="f1265c5e2c2c64697273796e632c", @ANYRESDEC=0x0, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESDEC=r4, @ANYBLOB=',appraise_type=ima']) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/cgroups\x00', 0x0, 0x0) r6 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) dup3(r6, r5, 0x0) io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000a40)="bb", 0x1}]) 6.471733768s ago: executing program 2 (id=1914): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = socket$inet6(0xa, 0x80002, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x8000, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote, 0x7}, 0x1c) sendto$inet6(r4, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c) setsockopt$inet6_mtu(r4, 0x29, 0x17, &(0x7f0000000040)=0x3, 0x4) setsockopt$inet6_udp_int(r4, 0x11, 0x1, &(0x7f0000000080), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000240)={'fscrypt:', @desc3}, &(0x7f00000002c0)={0x0, "615a091a55a8c9a640115d99d981b3886420589c6685d4982a83b71b906769e737201ac6b7a7804454156569cbf3a5be811debc957b5831b89b59d703e748c7c", 0x25}, 0x48, 0xffffffffffffffff) r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) symlinkat(0x0, r5, &(0x7f00000000c0)='./file0\x00') 6.440277523s ago: executing program 1 (id=1916): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d56549b}) creat(&(0x7f00000000c0)='./file0\x00', 0x0) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, &(0x7f0000000080)={0x20}, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b80a0000000f23c80f21f866350c00a0000f23f866b9800000c00f326635000400000f300fc76a002e0f080f23742e3b5753baf80c66b8f494f78e66efbafc0c66b83ac8000066efda6509", 0x4f}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0xf000, 0x1000, &(0x7f00000ab000/0x1000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 5.583666417s ago: executing program 4 (id=1918): recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) rt_sigreturn() getresuid(0x0, &(0x7f0000000240), 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) rt_sigreturn() msgctl$IPC_RMID(r0, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semop(r1, &(0x7f00000000c0)=[{0x0, 0x8001}], 0x1) semctl$GETZCNT(0x0, 0x3, 0xf, 0x0) rt_sigreturn() 5.443864279s ago: executing program 2 (id=1919): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mlockall(0x1) r1 = msgget$private(0x0, 0x0) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) rt_sigreturn() msgctl$IPC_RMID(r1, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) fsetxattr$security_ima(r0, 0x0, 0x0, 0x0, 0x0) 5.30953017s ago: executing program 1 (id=1920): r0 = epoll_create(0x101) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x5452, &(0x7f0000000140)={'ip6_vti0\x00', {0x2, 0x0, @broadcast}}) 5.281521304s ago: executing program 0 (id=1921): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) read$alg(r1, &(0x7f0000002f80)=""/4100, 0x930) sendmsg$alg(r1, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001140)="b5d5ec868892f9903440e8", 0xb}, {&(0x7f0000000180)="5995d02312", 0x5}], 0x2}, 0x0) 5.135877587s ago: executing program 1 (id=1922): mlockall(0x3) r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) rt_sigreturn() msgctl$IPC_RMID(r0, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) openat(0xffffffffffffff9c, 0x0, 0x0, 0x74) 5.119351759s ago: executing program 4 (id=1924): r0 = socket$alg(0x26, 0x5, 0x0) socket$igmp6(0xa, 0x3, 0x2) bind$alg(r0, &(0x7f0000002ec0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts-cbc-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) syz_open_dev$rtc(0x0, 0x1200000000400, 0x4780c3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) setreuid(0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) mount$nfs(&(0x7f00000003c0)='GPL\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x140c0, &(0x7f0000000540)=ANY=[@ANYBLOB="f1265c5e2c2c64697273796e632c", @ANYRESDEC=0x0, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESDEC=r4, @ANYBLOB=',appraise_type=ima']) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/cgroups\x00', 0x0, 0x0) r6 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) dup3(r6, r5, 0x0) io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000a40)="bb", 0x1}]) 4.841744453s ago: executing program 3 (id=1925): socket$inet_icmp(0x2, 0x2, 0x1) r0 = socket$inet(0x2, 0x1, 0x0) r1 = dup(r0) connect$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10) pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r2, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838) pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838) write$P9_RSYMLINK(r3, 0x0, 0x0) futex(&(0x7f0000000180)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) write$binfmt_elf32(r0, 0x0, 0x0) rt_sigreturn() shutdown(r0, 0x0) 4.623707977s ago: executing program 3 (id=1926): pipe2(&(0x7f00000000c0), 0x84880) socket$inet(0x2, 0x1, 0x0) mount(0x0, 0x0, 0x0, 0x2000084, 0x0) r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @long}, 0x2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)={0x24, r5, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0) 3.937925074s ago: executing program 4 (id=1927): syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f0000000140)={[{@nossd_spread}, {@nodatacow}, {@enospc_debug}, {@nossd}, {@nodatasum}, {@autodefrag}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x39, 0x65, 0x36]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0xbb3e, 0x404}) writev(r0, &(0x7f0000000240), 0x0) 3.789137057s ago: executing program 0 (id=1928): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f00000003c0)={[{@dioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@quota}, {@noinit_itable}, {@errors_continue}, {@errors_continue}, {@errors_remount}, {@delalloc}, {@auto_da_alloc}, {@norecovery}, {@errors_continue}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==") r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0) ftruncate(r0, 0x1f) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200), 0x175d9003) 3.754112933s ago: executing program 3 (id=1929): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = socket$inet6(0xa, 0x80002, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x8000, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote, 0x7}, 0x1c) sendto$inet6(r4, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c) setsockopt$inet6_mtu(r4, 0x29, 0x17, &(0x7f0000000040)=0x3, 0x4) setsockopt$inet6_udp_int(r4, 0x11, 0x1, &(0x7f0000000080), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000240)={'fscrypt:', @desc3}, &(0x7f00000002c0)={0x0, "615a091a55a8c9a640115d99d981b3886420589c6685d4982a83b71b906769e737201ac6b7a7804454156569cbf3a5be811debc957b5831b89b59d703e748c7c", 0x25}, 0x48, 0xffffffffffffffff) r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) symlinkat(0x0, r5, &(0x7f00000000c0)='./file0\x00') 2.697291698s ago: executing program 3 (id=1930): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d56549b}) creat(&(0x7f00000000c0)='./file0\x00', 0x0) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, &(0x7f0000000080)={0x20}, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b80a0000000f23c80f21f866350c00a0000f23f866b9800000c00f326635000400000f300fc76a002e0f080f23742e3b5753baf80c66b8f494f78e66efbafc0c66b83ac8000066efda6509", 0x4f}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0xf000, 0x1000, &(0x7f00000ab000/0x1000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2.475874703s ago: executing program 0 (id=1931): open(&(0x7f00000000c0)='./bus\x00', 0xca942, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x40002, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00') acct(0x0) fallocate(r0, 0x0, 0x0, 0xffeffeff000) 2.417241802s ago: executing program 3 (id=1932): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0xab, 0xbe, 0x67, 0x40, 0x17e9, 0x8b4e, 0x9c08, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0) syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000680)={0x44, 0x0, &(0x7f0000000380)={0x0, 0xa, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, &(0x7f0000001140)={0x24, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0}, 0x0) mount$cgroup(0x20000000, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00') read$FUSE(r1, &(0x7f0000000080)={0x2020, 0x0, 0x0, 0x0}, 0x2020) setresuid(0x0, r2, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = syz_open_dev$hiddev(&(0x7f00000024c0), 0x3fa, 0x2001) read$hiddev(r3, &(0x7f0000002500)=""/194, 0xc2) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5) utimensat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r4, 0x29, 0xd0, 0x0, &(0x7f0000000140)) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000bc0)={0x34, &(0x7f00000009c0)={0x20, 0xe}, &(0x7f0000000a80)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000ac0)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000b00)={0x20, 0x0, 0x24, {0x22, "14b45aeaefad26e0470fbb004e7dd1b90300d90007000000b013c63515a6a3000000"}}, &(0x7f0000000000)={0x20, 0x1, 0x1, 0xf8}, &(0x7f0000000b80)={0x20, 0x0, 0x0, 0x3}}) 2.310068018s ago: executing program 0 (id=1933): openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) write$ppp(r0, &(0x7f0000000140)="1627", 0x2) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xf, &(0x7f0000000900)=@ringbuf={{0x18, 0x7}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x31}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$inet(0x2, 0x0, 0x84) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r2}, 0x38) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r7, &(0x7f0000000200)="18", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c) sendmsg$inet6(r7, &(0x7f0000000580)={&(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000080)=' ', 0x1}], 0x1}, 0x0) shutdown(r7, 0x1) ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0], 0x3c}, 0x1, 0xffffffea}, 0x0) 1.935821177s ago: executing program 2 (id=1934): epoll_create(0x7) r0 = memfd_create(&(0x7f0000000280)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xea\x93aG\xd4\xfd\x1eB\xdc`b\xce\xbbHe)\x90\x97\xbd\xb2]\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3\x01m8\xa57\xc9\x06HOA\xc8mCR%\xd0]\xd8\xebD\x82S\x17?\xd6As\xe3\xb1\x9aF\xe6\x9a[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)\xfb\xe0\tm\x17\xd8\xda@4\xbd\x9ew\x8a\x9e\xdao\xab\xcb\xdf\r\xb8w\x1d\xe7_\xde\x86\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xaa\xa4\x83\x03\xce\x91 9\xad*\xa9\xfd\n\x9d\xdfD@+\xd3W}X\xe00a\"\x83\xb8\x89>\xc9\xf2\x1c\x16\x13{\x1aRo:4\x00+$\xedX\x98KVqU\x18\xe2k\xbd\xd5\xbb\xad\xa5t\xa2\x9f\xd2\x93\xbf\xfc\xb5b9\xdf\xdd\xf2ol\a^5\xdc\xf6,\x9dfhP\xe6\x1a\x0e\f\x14\xd0Qo\xec\x80+\xe4\x1c\x19vhYl\xf6\n\xf3a\x12*y\xb5\xfc\xe2T\xd0a\x88\xc2\xb4/T\xd6\xb5\x0e[\xd9\xae\x81 \x12\xb3\x80c@\x84\x9c\x00\xe1Ku\x8eB\xfap n\xd2\xb0Z\x8b\x82\x91\xbd\x10Y!\xd0\xc0\xc7(Y\x92W\xe6*v\x90\x05\x00\x00\x00\x00\x00\x00\x00\a\x02\xa1\xec\xa3\x8b\xfc\xc3\xec\xb1~;\x16\xfe\x98\x16w\x06\x00\xd6{\xc5\xd9\xf0\x96\xef&m\xeb\xc2\x9f\xb3\xc2\xe4\xe2\xa0k\x83\xa1\f\x05\x92\xff\x14\xe4\xd8\xaf\x9e~\x8aE\xd5\x8a\xbe\x84\xe5\n-4\x80\x18\xcf\xcf\xd6-\xf4\xc0\xdb\x19]\xbe-\x19\xef}\xc0\x12\rU\x0266\x7f\x1eSuX\xc6x\xafj\xe4(S>r,\x0e\t;\xbc\xdb\x83\x01\x19\x9c\xc1B$\xb0NjJ)\x85\fO\xa0\xd6\x05\xa0\x95\xce\xa7\xe5\xef\v\az\xae\xa0\r\xa4|\xca\xa3\'L\xb5\xe3\xed\r\xd4\xa5\x00\x85\xb2|\x81\xae\x00\x00\x00\x00\x00\x00\x00', 0x0) close(0xffffffffffffffff) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x12, r0, 0x0) fallocate(r0, 0x0, 0x0, 0x8000007) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) pipe2(&(0x7f000000afc0)={0xffffffffffffffff}, 0x0) dup2(r2, r3) setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000200)=@ccm_128={{}, "8b42b1819be8a652", "d2f8dbe058ef18187f6b5dfb0623f19b", "d12aa3e3", "74e27d7456350d7a"}, 0x28) 1.878557056s ago: executing program 1 (id=1935): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0x0, 0x3}, 0x6) io_setup(0x8, &(0x7f00000002c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0300ffff0000", 0x6}]) 1.7290897s ago: executing program 4 (id=1936): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x14) mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x2) 1.666214449s ago: executing program 1 (id=1937): r0 = socket$alg(0x26, 0x5, 0x0) socket$igmp6(0xa, 0x3, 0x2) bind$alg(r0, &(0x7f0000002ec0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts-cbc-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) syz_open_dev$rtc(0x0, 0x1200000000400, 0x4780c3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) setreuid(0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) mount$nfs(&(0x7f00000003c0)='GPL\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x140c0, &(0x7f0000000540)=ANY=[@ANYBLOB="f1265c5e2c2c64697273796e632c75", @ANYRESDEC=0x0, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESDEC=r4, @ANYBLOB=',appraise_type=ima']) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/cgroups\x00', 0x0, 0x0) r6 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) dup3(r6, r5, 0x0) io_submit(0x0, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000a40)="bb", 0x1}]) 1.227848788s ago: executing program 0 (id=1938): r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r0, &(0x7f00000000c0)='}', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x20) sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, 0x0, 0x0) 1.128323514s ago: executing program 0 (id=1939): pipe2(&(0x7f00000000c0), 0x84880) socket$inet(0x2, 0x1, 0x0) mount(0x0, 0x0, 0x0, 0x2000084, 0x0) r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @long}, 0x2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)={0x24, r5, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0) 1.061466783s ago: executing program 4 (id=1940): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = socket$inet6(0xa, 0x80002, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x8000, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote, 0x7}, 0x1c) sendto$inet6(r4, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c) setsockopt$inet6_mtu(r4, 0x29, 0x17, &(0x7f0000000040)=0x3, 0x4) setsockopt$inet6_udp_int(r4, 0x11, 0x1, &(0x7f0000000080), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @aes256, 0x0, @desc2}) add_key$fscrypt_v1(0x0, &(0x7f0000000240)={'fscrypt:', @desc3}, &(0x7f00000002c0)={0x0, "615a091a55a8c9a640115d99d981b3886420589c6685d4982a83b71b906769e737201ac6b7a7804454156569cbf3a5be811debc957b5831b89b59d703e748c7c", 0x25}, 0x48, 0xffffffffffffffff) r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) symlinkat(0x0, r5, &(0x7f00000000c0)='./file0\x00') 569.071931ms ago: executing program 1 (id=1941): socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/profiling', 0x88102, 0x10a) write$cgroup_int(r0, &(0x7f0000000040)=0x2, 0xfdef) 1.23172ms ago: executing program 3 (id=1942): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d56549b}) creat(&(0x7f00000000c0)='./file0\x00', 0x0) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, &(0x7f0000000080)={0x20}, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b80a0000000f23c80f21f866350c00a0000f23f866b9800000c00f326635000400000f300fc76a002e0f080f23742e3b5753baf80c66b8f494f78e66efbafc0c66b83ac8000066efda6509", 0x4f}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0xf000, 0x1000, &(0x7f00000ab000/0x1000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 0s ago: executing program 4 (id=1943): open(&(0x7f00000000c0)='./bus\x00', 0xca942, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x40002, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00') acct(0x0) fallocate(r0, 0x0, 0x0, 0xffeffeff000) kernel console output (not intermixed with test programs): 2 [ 366.316559][ T3593] usb 4-1: config 0 interface 0 has no altsetting 1 [ 366.445759][ T5224] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 366.462899][ T7164] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 366.482034][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.501626][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 367.337532][ T3593] usb 4-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice=41.ab [ 367.346614][ T3593] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 367.359732][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 367.360163][ T3593] usb 4-1: Product: syz [ 367.374752][ T3593] usb 4-1: Manufacturer: syz [ 367.384280][ T3593] usb 4-1: SerialNumber: syz [ 367.397829][ T3593] usb 4-1: config 0 descriptor?? [ 367.438434][ T3593] usb-storage 4-1:0.0: USB Mass Storage device detected [ 367.475408][ T3593] usb-storage 4-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 367.706334][ T8878] netlink: 'syz.1.1328': attribute type 10 has an invalid length. [ 368.159757][ T8888] fuse: Unknown parameter 'grou00000000000000000000' [ 368.626396][ T8883] loop0: detected capacity change from 0 to 32768 [ 368.721927][ T8883] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1327 (8883) [ 369.043174][ T5426] usb 4-1: USB disconnect, device number 47 [ 369.461482][ T8897] loop3: detected capacity change from 0 to 256 [ 369.496853][ T8883] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 369.547438][ T8883] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 369.577963][ T8883] BTRFS info (device loop0): setting nodatacow, compression disabled [ 369.607634][ T8883] BTRFS info (device loop0): enabling auto defrag [ 369.614146][ T8883] BTRFS info (device loop0): max_inline at 0 [ 369.678479][ T8883] BTRFS info (device loop0): using free space tree [ 369.807932][ T8900] loop3: detected capacity change from 0 to 2048 [ 369.875732][ T8900] UDF-fs: bad mount option "gid=öv"´„ˆ±ºŒììì“Avq ùÈ’*IX¢+Ó;ÉäS‘ñäO-ûnçåFG86Lê [ 369.875732][ T8900] ·´zÝ-{t(úmõ~Œ%‚¬A@" or missing value [ 370.302791][ T8925] loop3: detected capacity change from 0 to 256 [ 370.322175][ T8904] loop1: detected capacity change from 0 to 4096 [ 370.354465][ T8925] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 370.370395][ T5224] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 371.058588][ T8921] loop2: detected capacity change from 0 to 32768 [ 371.114406][ T8921] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.1335 (8921) [ 372.017268][ T8921] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 372.103279][ T8921] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 372.163945][ T8921] BTRFS info (device loop2): setting nodatacow, compression disabled [ 372.199791][ T8921] BTRFS info (device loop2): setting datacow [ 372.205830][ T8921] BTRFS info (device loop2): doing ref verification [ 372.248668][ T8921] BTRFS info (device loop2): force clearing of disk cache [ 372.255839][ T8921] BTRFS info (device loop2): turning off barriers [ 372.327069][ T8921] BTRFS info (device loop2): enabling ssd optimizations [ 372.357295][ T8921] BTRFS info (device loop2): using spread ssd allocation scheme [ 372.365331][ T8921] BTRFS info (device loop2): not using ssd optimizations [ 372.392470][ T8943] netlink: 'syz.1.1339': attribute type 10 has an invalid length. [ 372.424712][ T8921] BTRFS info (device loop2): not using spread ssd allocation scheme [ 372.439131][ T8921] BTRFS info (device loop2): using free space tree [ 372.645911][ T8928] loop3: detected capacity change from 0 to 32768 [ 372.967154][ T8928] XFS (loop3): Mounting V5 Filesystem [ 373.399967][ T8928] XFS (loop3): Ending clean mount [ 373.437854][ T8928] XFS (loop3): Quotacheck needed: Please wait. [ 373.527947][ T8921] BTRFS error (device loop2): open_ctree failed [ 373.624578][ T8928] XFS (loop3): Quotacheck: Done. [ 373.682241][ T8974] loop0: detected capacity change from 0 to 4096 [ 373.709801][ T8977] loop4: detected capacity change from 0 to 64 [ 373.710742][ T8974] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 373.763435][ T4481] XFS (loop3): Unmounting Filesystem [ 374.262760][ T8989] fuse: Unknown parameter 'grou00000000000000000000' [ 374.286043][ T8990] loop2: detected capacity change from 0 to 128 [ 374.389599][ T8994] netlink: 'syz.0.1354': attribute type 10 has an invalid length. [ 374.508293][ T8990] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 374.548034][ T8997] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 375.806946][ T8999] loop0: detected capacity change from 0 to 32768 [ 375.862985][ T8999] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.1355 (8999) [ 375.935658][ T8999] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 375.962164][ T8999] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 376.019429][ T8999] BTRFS info (device loop0): setting nodatacow, compression disabled [ 376.042519][ T8999] BTRFS info (device loop0): setting datacow [ 376.048637][ T26] audit: type=1326 audit(1719625572.519:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dc8575b99 code=0x7ffc0000 [ 376.099353][ T8999] BTRFS info (device loop0): doing ref verification [ 376.105996][ T8999] BTRFS info (device loop0): force clearing of disk cache [ 376.114406][ T3565] udevd[3565]: '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0' [9007] terminated by signal 33 (Unknown signal 33) [ 376.139611][ T26] audit: type=1326 audit(1719625572.529:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6dc8575b99 code=0x7ffc0000 [ 376.176494][ T8999] BTRFS info (device loop0): turning off barriers [ 376.183870][ T8999] BTRFS info (device loop0): enabling ssd optimizations [ 376.202725][ T8999] BTRFS info (device loop0): using spread ssd allocation scheme [ 376.223199][ T26] audit: type=1326 audit(1719625572.529:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dc8575b99 code=0x7ffc0000 [ 376.258419][ T8999] BTRFS info (device loop0): not using ssd optimizations [ 376.265495][ T8999] BTRFS info (device loop0): not using spread ssd allocation scheme [ 376.304172][ T8999] BTRFS info (device loop0): using free space tree [ 376.319451][ T26] audit: type=1326 audit(1719625572.529:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dc8575b99 code=0x7ffc0000 [ 376.353764][ T9004] loop2: detected capacity change from 0 to 32768 [ 376.377356][ T26] audit: type=1326 audit(1719625572.529:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6dc8575b99 code=0x7ffc0000 [ 376.430376][ T9004] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1358 (9004) [ 376.462347][ T8975] loop1: detected capacity change from 0 to 40427 [ 376.513227][ T26] audit: type=1326 audit(1719625572.569:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dc8575b99 code=0x7ffc0000 [ 376.584614][ T9004] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 376.614514][ T9002] loop4: detected capacity change from 0 to 32768 [ 376.637019][ T9004] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 376.657358][ T9004] BTRFS info (device loop2): setting nodatacow, compression disabled [ 376.698232][ T9004] BTRFS info (device loop2): enabling auto defrag [ 376.720384][ T9002] XFS (loop4): Mounting V5 Filesystem [ 376.724690][ T26] audit: type=1326 audit(1719625572.569:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6dc856cbe7 code=0x7ffc0000 [ 376.749082][ T26] audit: type=1326 audit(1719625572.569:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6dc85115b9 code=0x7ffc0000 [ 376.755180][ T9004] BTRFS info (device loop2): max_inline at 0 [ 376.773327][ T26] audit: type=1326 audit(1719625572.569:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f6dc8575b99 code=0x7ffc0000 [ 376.799868][ T26] audit: type=1326 audit(1719625572.569:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9008 comm="syz.3.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6dc856cbe7 code=0x7ffc0000 [ 376.831909][ T9004] BTRFS info (device loop2): using free space tree [ 376.932416][ T8999] BTRFS info (device loop0): rebuilding free space tree [ 376.981564][ T9002] XFS (loop4): Ending clean mount [ 376.982882][ T9055] netlink: 'syz.3.1365': attribute type 10 has an invalid length. [ 377.022923][ T9002] XFS (loop4): Quotacheck needed: Please wait. [ 377.167054][ T9002] XFS (loop4): Quotacheck: Done. [ 377.245927][ T5224] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 377.442014][ T8592] XFS (loop4): Unmounting Filesystem [ 377.457515][ T7162] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 377.495434][ T3552] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 378.460655][ T7162] usb 4-1: Using ep0 maxpacket: 8 [ 378.480294][ T1254] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.486642][ T1254] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.585615][ T7162] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 378.600718][ T7162] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 378.636608][ T7162] usb 4-1: New USB device found, idVendor=056a, idProduct=0333, bcdDevice= 0.00 [ 378.657051][ T7162] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 378.688559][ T7162] usb 4-1: config 0 descriptor?? [ 379.247729][ T7162] usbhid 4-1:0.0: can't add hid device: -71 [ 379.254539][ T7162] usbhid: probe of 4-1:0.0 failed with error -71 [ 379.280033][ T7162] usb 4-1: USB disconnect, device number 48 [ 379.627275][ T5505] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 379.887318][ T5505] usb 5-1: Using ep0 maxpacket: 16 [ 380.017534][ T5505] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 380.037358][ T5505] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 380.056831][ T5505] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.088349][ T5505] usb 5-1: config 0 descriptor?? [ 380.097487][ T3593] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 380.483848][ T3593] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 380.503533][ T3593] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.534398][ T3593] usb 4-1: config 0 descriptor?? [ 380.631109][ T9093] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 380.647740][ T9102] netlink: 'syz.2.1376': attribute type 10 has an invalid length. [ 380.666142][ T9093] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 380.745272][ T5505] hid-generic 0003:0158:0100.001E: unknown main item tag 0x1 [ 380.762509][ T5505] hid-generic 0003:0158:0100.001E: unexpected long global item [ 380.807950][ T5505] hid-generic: probe of 0003:0158:0100.001E failed with error -22 [ 380.942354][ T3594] usb 5-1: USB disconnect, device number 40 [ 381.262544][ T3593] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 381.280738][ T3593] [drm] Initialized udl on minor 2 [ 381.345656][ T9104] loop0: detected capacity change from 0 to 32768 [ 381.371903][ T9104] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.1377 (9104) [ 381.406743][ T9104] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 381.425834][ T9109] loop1: detected capacity change from 0 to 512 [ 381.437395][ T9104] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 381.456391][ T9104] BTRFS info (device loop0): setting nodatacow, compression disabled [ 381.477421][ T3593] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 381.486026][ T3593] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 381.512972][ T9104] BTRFS info (device loop0): setting datacow [ 381.527516][ T3593] usb 4-1: USB disconnect, device number 49 [ 381.533549][ T9104] BTRFS info (device loop0): doing ref verification [ 381.575679][ T9104] BTRFS info (device loop0): force clearing of disk cache [ 381.583569][ T9109] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 381.616528][ T9104] BTRFS info (device loop0): turning off barriers [ 381.629190][ T9104] BTRFS info (device loop0): enabling ssd optimizations [ 381.636387][ T9104] BTRFS info (device loop0): using spread ssd allocation scheme [ 381.648167][ T9104] BTRFS info (device loop0): not using ssd optimizations [ 381.655335][ T9104] BTRFS info (device loop0): not using spread ssd allocation scheme [ 381.713614][ T9109] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1379: casefold flag without casefold feature [ 381.714000][ T9109] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.1379: missing EA_INODE flag [ 381.721956][ T9109] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1379: error while reading EA inode 12 err=-117 [ 381.722113][ T9104] BTRFS info (device loop0): using free space tree [ 381.728707][ T9109] EXT4-fs (loop1): 1 orphan inode deleted [ 381.728743][ T9109] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 381.885640][ T4418] EXT4-fs (loop1): unmounting filesystem. [ 381.936240][ T9104] BTRFS info (device loop0): rebuilding free space tree [ 382.195783][ T5224] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 382.477067][ T9148] netlink: 'syz.4.1388': attribute type 10 has an invalid length. [ 382.726526][ T9159] loop3: detected capacity change from 0 to 512 [ 382.757837][ T9148] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 382.899258][ T9159] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 383.207438][ T3598] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 383.342240][ T9159] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.1392: casefold flag without casefold feature [ 383.419071][ T9159] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.1392: missing EA_INODE flag [ 383.443210][ T9161] IPv6: NLM_F_CREATE should be specified when creating new route [ 383.451366][ T9161] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1391'. [ 383.461533][ T9159] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1392: error while reading EA inode 12 err=-117 [ 383.517543][ T3598] usb 3-1: Using ep0 maxpacket: 32 [ 383.527646][ T9159] EXT4-fs (loop3): 1 orphan inode deleted [ 383.553766][ T9159] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 383.663613][ T4481] EXT4-fs (loop3): unmounting filesystem. [ 383.837495][ T935] usb 1-1: new high-speed USB device number 55 using dummy_hcd [ 384.198507][ T935] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 384.215195][ T935] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.246150][ T935] usb 1-1: config 0 descriptor?? [ 384.394847][ T9189] loop1: detected capacity change from 0 to 32768 [ 384.411261][ T9189] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1401 (9189) [ 384.462417][ T9189] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 384.483135][ T9189] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 384.503988][ T9189] BTRFS info (device loop1): using free space tree [ 384.746339][ T9189] BTRFS info (device loop1): enabling ssd optimizations [ 384.855678][ T4418] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 384.934686][ T9229] loop4: detected capacity change from 0 to 512 [ 384.969747][ T935] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 384.979210][ T9229] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 384.995099][ T935] [drm] Initialized udl on minor 2 [ 385.062595][ T9229] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.1408: casefold flag without casefold feature [ 385.101246][ T9229] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.1408: missing EA_INODE flag [ 385.157358][ T9229] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1408: error while reading EA inode 12 err=-117 [ 385.177351][ T935] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 385.191969][ T935] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 385.206703][ T9229] EXT4-fs (loop4): 1 orphan inode deleted [ 385.218903][ T935] usb 1-1: USB disconnect, device number 55 [ 385.235301][ T5433] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 385.244727][ T5433] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 385.254094][ T9229] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 385.263516][ T5433] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 385.383928][ T8592] EXT4-fs (loop4): unmounting filesystem. [ 385.510552][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 385.657465][ T3598] usb 3-1: unable to get BOS descriptor or descriptor too short [ 385.717329][ T3598] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 385.725028][ T3598] usb 3-1: can't read configurations, error -71 [ 386.170667][ T9237] loop1: detected capacity change from 0 to 40427 [ 386.206021][ T9237] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 386.228763][ T9237] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 386.262343][ T9237] F2FS-fs (loop1): invalid crc value [ 386.302754][ T9237] F2FS-fs (loop1): Found nat_bits in checkpoint [ 386.410430][ T9237] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 386.426014][ T9237] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 386.616651][ T9237] syz.1.1407: attempt to access beyond end of device [ 386.616651][ T9237] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 386.672465][ T9258] loop0: detected capacity change from 0 to 32768 [ 386.702805][ T9258] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1417 (9258) [ 386.716546][ T9237] syz.1.1407: attempt to access beyond end of device [ 386.716546][ T9237] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 386.823985][ T9258] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 386.876054][ T9258] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 386.891059][ T9262] loop3: detected capacity change from 0 to 32768 [ 386.903999][ T9275] loop2: detected capacity change from 0 to 512 [ 386.904007][ T9273] netlink: 'syz.4.1422': attribute type 10 has an invalid length. [ 386.918452][ T9258] BTRFS info (device loop0): using free space tree [ 386.923891][ T9262] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1420 (9262) [ 386.974300][ T9275] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 387.003611][ T9262] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 387.064377][ T9262] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 387.108845][ T9262] BTRFS info (device loop3): setting nodatacow, compression disabled [ 387.116985][ T9262] BTRFS info (device loop3): enabling auto defrag [ 387.174567][ T9262] BTRFS info (device loop3): max_inline at 0 [ 387.180961][ T9262] BTRFS info (device loop3): using free space tree [ 387.197153][ T9275] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1423: casefold flag without casefold feature [ 387.256614][ T9275] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.1423: missing EA_INODE flag [ 387.288728][ T9293] IPv6: NLM_F_CREATE should be specified when creating new route [ 387.298884][ T9293] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1425'. [ 387.496863][ T9275] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1423: error while reading EA inode 12 err=-117 [ 387.677522][ T3593] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 387.826801][ T9258] BTRFS info (device loop0): enabling ssd optimizations [ 387.866906][ T9275] EXT4-fs (loop2): 1 orphan inode deleted [ 387.916211][ T9275] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 387.987345][ T3593] usb 5-1: Using ep0 maxpacket: 32 [ 388.000943][ T5224] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 388.108908][ T4481] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 388.540022][ T3552] EXT4-fs (loop2): unmounting filesystem. [ 388.987301][ T9328] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 389.223263][ T9361] netlink: 'syz.0.1435': attribute type 10 has an invalid length. [ 389.347494][ T9328] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 389.360146][ T9328] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.383675][ T9328] usb 3-1: config 0 descriptor?? [ 389.613087][ T9367] loop3: detected capacity change from 0 to 512 [ 389.636443][ T9367] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 389.667851][ T9367] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.1438: casefold flag without casefold feature [ 389.697825][ T9367] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.1438: missing EA_INODE flag [ 389.702563][ T9364] loop0: detected capacity change from 0 to 32768 [ 389.710389][ T9367] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1438: error while reading EA inode 12 err=-117 [ 389.722523][ T9365] loop1: detected capacity change from 0 to 32768 [ 389.736478][ T9364] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1437 (9364) [ 389.748735][ T9367] EXT4-fs (loop3): 1 orphan inode deleted [ 389.748769][ T9367] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 389.785227][ T9365] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1436 (9365) [ 389.800905][ T9364] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 389.814775][ T9365] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 389.834048][ T9364] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 389.843744][ T9365] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 389.865448][ T9365] BTRFS info (device loop1): using free space tree [ 389.873710][ T9364] BTRFS info (device loop0): setting nodatacow, compression disabled [ 389.901192][ T9364] BTRFS info (device loop0): enabling auto defrag [ 389.927404][ T9364] BTRFS info (device loop0): max_inline at 0 [ 389.933877][ T9364] BTRFS info (device loop0): using free space tree [ 390.018637][ T4481] EXT4-fs (loop3): unmounting filesystem. [ 390.094758][ T9328] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 390.127518][ T3593] usb 5-1: unable to get BOS descriptor or descriptor too short [ 390.159454][ T9365] BTRFS info (device loop1): enabling ssd optimizations [ 390.177526][ T9328] [drm] Initialized udl on minor 2 [ 390.189470][ T3593] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 390.221694][ T3593] usb 5-1: can't read configurations, error -71 [ 390.250239][ T4418] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 390.287399][ T9328] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 390.307514][ T9328] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 390.340424][ T9328] usb 3-1: USB disconnect, device number 49 [ 390.570181][ T5224] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 390.992327][ T9431] netlink: 'syz.2.1447': attribute type 10 has an invalid length. [ 391.120532][ T9439] loop2: detected capacity change from 0 to 64 [ 391.425344][ T9452] IPv6: NLM_F_CREATE should be specified when creating new route [ 391.433918][ T9452] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1450'. [ 391.727727][ T14] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 392.047870][ T14] usb 4-1: Using ep0 maxpacket: 32 [ 392.387363][ T9329] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 392.490327][ T9446] loop0: detected capacity change from 0 to 32768 [ 392.505772][ T9446] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1453 (9446) [ 392.544142][ T9446] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 392.570030][ T9446] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 392.583598][ T9446] BTRFS info (device loop0): setting nodatacow, compression disabled [ 392.591964][ T9446] BTRFS info (device loop0): enabling auto defrag [ 392.598615][ T9446] BTRFS info (device loop0): max_inline at 0 [ 392.607380][ T9446] BTRFS info (device loop0): using free space tree [ 392.757569][ T9329] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 392.764198][ T5224] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 392.776831][ T9329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.792749][ T9329] usb 5-1: config 0 descriptor?? [ 392.862330][ T3593] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 393.157391][ T3593] usb 2-1: Using ep0 maxpacket: 16 [ 393.317807][ T3593] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 393.334885][ T3593] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 393.344731][ T3593] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 393.368546][ T3593] usb 2-1: config 0 descriptor?? [ 393.502560][ T9329] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 393.517253][ T9329] [drm] Initialized udl on minor 2 [ 393.652702][ T9524] loop2: detected capacity change from 0 to 32768 [ 393.654395][ T9524] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1477 (9524) [ 393.663141][ T9524] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 393.687499][ T9524] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 393.697058][ T9524] BTRFS info (device loop2): setting nodatacow, compression disabled [ 393.709955][ T9329] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 393.714574][ T9534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 393.720536][ T9329] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 393.736385][ T9524] BTRFS info (device loop2): enabling auto defrag [ 393.736443][ T9524] BTRFS info (device loop2): max_inline at 0 [ 393.736462][ T9524] BTRFS info (device loop2): using free space tree [ 393.741331][ T9329] usb 5-1: USB disconnect, device number 43 [ 393.744795][ T9534] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 393.961557][ T3552] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 394.176411][ T9477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 394.193047][ T9477] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 394.202788][ T14] usb 4-1: unable to get BOS descriptor or descriptor too short [ 394.299246][ T3593] hid (null): invalid report_size 1684763247 [ 394.324469][ T3593] hid-generic 0003:0158:0100.001F: unknown main item tag 0x1 [ 394.337411][ T14] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 394.350677][ T14] usb 4-1: can't read configurations, error -71 [ 394.370688][ T3593] hid-generic 0003:0158:0100.001F: unexpected long global item [ 394.396621][ T3593] hid-generic: probe of 0003:0158:0100.001F failed with error -22 [ 394.501188][ T3598] usb 2-1: USB disconnect, device number 45 [ 394.575016][ T9578] fuse: Bad value for 'fd' [ 395.007829][ T9582] loop2: detected capacity change from 0 to 32768 [ 395.016238][ T9582] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1492 (9582) [ 395.105443][ T9590] IPv6: NLM_F_CREATE should be specified when creating new route [ 395.113500][ T9590] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1494'. [ 395.166790][ T9582] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 395.406580][ T9582] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 395.416526][ T5505] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 395.610596][ T9582] BTRFS info (device loop2): setting nodatacow, compression disabled [ 395.698643][ T9582] BTRFS info (device loop2): enabling auto defrag [ 395.705518][ T9582] BTRFS info (device loop2): max_inline at 0 [ 395.711771][ T9582] BTRFS info (device loop2): using free space tree [ 395.727507][ T5505] usb 1-1: Using ep0 maxpacket: 32 [ 396.152293][ T3552] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 396.297119][ T9620] nfs: Unknown parameter 'ñ&\^' [ 396.387509][ T9622] fuse: Invalid rootmode [ 396.527588][ T9624] loop1: detected capacity change from 0 to 1024 [ 396.543646][ T9624] hfsplus: unable to parse mount options [ 397.047367][ T3290] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 397.230137][ T9639] loop3: detected capacity change from 0 to 32768 [ 397.244872][ T9639] XFS (loop3): Mounting V5 Filesystem [ 397.282145][ T9639] XFS (loop3): Ending clean mount [ 397.307293][ T3290] usb 5-1: Using ep0 maxpacket: 16 [ 397.357610][ T9639] syz.3.1507 (9639) used greatest stack depth: 18072 bytes left [ 397.367598][ T7] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 397.382009][ T4481] XFS (loop3): Unmounting Filesystem [ 397.441811][ T3290] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 397.453304][ T3290] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 397.462516][ T3290] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.472039][ T3290] usb 5-1: config 0 descriptor?? [ 397.577592][ T7] usb 2-1: device descriptor read/64, error -71 [ 397.756044][ T9631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 397.770726][ T9631] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 397.929799][ T7] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 397.977494][ T5505] usb 1-1: unable to get BOS descriptor or descriptor too short [ 397.988098][ T9665] fuse: Invalid rootmode [ 397.996696][ T9656] loop3: detected capacity change from 0 to 32768 [ 398.010817][ T9656] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1510 (9656) [ 398.042523][ T9656] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 398.052933][ T5505] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 398.068071][ T9656] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 398.076971][ T5505] usb 1-1: can't read configurations, error -71 [ 398.095431][ T9656] BTRFS info (device loop3): setting nodatacow, compression disabled [ 398.103837][ T9667] loop0: detected capacity change from 0 to 1024 [ 398.127512][ T7] usb 2-1: device descriptor read/64, error -71 [ 398.133854][ T9656] BTRFS info (device loop3): enabling auto defrag [ 398.141789][ T9667] hfsplus: unable to parse mount options [ 398.147633][ T9656] BTRFS info (device loop3): max_inline at 0 [ 398.147658][ T9656] BTRFS info (device loop3): using free space tree [ 398.224216][ T9631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 398.262967][ T7] usb usb2-port1: attempt power cycle [ 398.300914][ T9631] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 398.352229][ T3290] hid (null): invalid report_size 1684763247 [ 398.370725][ T3290] hid-generic 0003:0158:0100.0020: unknown main item tag 0x1 [ 398.383688][ T3290] hid-generic 0003:0158:0100.0020: unexpected long global item [ 398.398360][ T3290] hid-generic: probe of 0003:0158:0100.0020 failed with error -22 [ 398.556951][ T3290] usb 5-1: USB disconnect, device number 44 [ 398.677567][ T9693] 9pnet_fd: Insufficient options for proto=fd [ 398.979776][ T4481] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 399.267356][ T7] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 399.367725][ T7] usb 2-1: device descriptor read/8, error -71 [ 399.422982][ T9698] loop0: detected capacity change from 0 to 512 [ 399.431364][ T9698] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 399.491117][ T9698] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1518: casefold flag without casefold feature [ 399.508202][ T9698] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.1518: missing EA_INODE flag [ 399.567740][ T9698] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1518: error while reading EA inode 12 err=-117 [ 399.591370][ T9698] EXT4-fs (loop0): 1 orphan inode deleted [ 399.597183][ T9698] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 399.675832][ T7] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 399.732004][ T5224] EXT4-fs (loop0): unmounting filesystem. [ 399.767538][ T7] usb 2-1: device descriptor read/8, error -71 [ 399.887525][ T7] usb usb2-port1: unable to enumerate USB device [ 400.091721][ T9708] nfs: Unknown parameter 'ñ&\^' [ 400.752805][ T9723] fuse: Invalid rootmode [ 400.817067][ T9724] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1522'. [ 401.127589][ T7] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 401.407509][ T7] usb 3-1: Using ep0 maxpacket: 32 [ 401.733527][ T9736] loop4: detected capacity change from 0 to 512 [ 401.749900][ T9736] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 401.910291][ T9737] 9pnet_fd: Insufficient options for proto=fd [ 402.157500][ T5509] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 402.183573][ T9736] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1085: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 402.318072][ T9736] EXT4-fs (loop4): 1 truncate cleaned up [ 402.356396][ T9736] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 402.752295][ T9743] loop3: detected capacity change from 0 to 512 [ 402.774022][ T9743] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 402.806447][ T9743] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.1529: casefold flag without casefold feature [ 402.838309][ T9743] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.1529: missing EA_INODE flag [ 402.857524][ T5509] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 402.877302][ T5509] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 402.886359][ T5509] usb 2-1: config 1 has no interface number 0 [ 402.893089][ T9743] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1529: error while reading EA inode 12 err=-117 [ 402.911059][ T5509] usb 2-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 402.927000][ T9743] EXT4-fs (loop3): 1 orphan inode deleted [ 402.947467][ T9743] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 403.025797][ T4481] EXT4-fs (loop3): unmounting filesystem. [ 403.139913][ T8592] EXT4-fs (loop4): unmounting filesystem. [ 403.157742][ T5509] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 403.170438][ T5509] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 403.182356][ T5509] usb 2-1: Product: syz [ 403.186625][ T5509] usb 2-1: Manufacturer: syz [ 403.194115][ T5509] usb 2-1: SerialNumber: syz [ 403.258579][ T5509] usb 2-1: selecting invalid altsetting 1 [ 403.403291][ T9755] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1532'. [ 404.147892][ T48] Bluetooth: hci5: unexpected event 0x2f length: 763 > 260 [ 404.172885][ T9760] fuse: Bad value for 'rootmode' [ 404.185528][ T7] usb 3-1: unable to get BOS descriptor or descriptor too short [ 404.387363][ T7] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 404.395131][ T7] usb 3-1: can't read configurations, error -71 [ 404.430739][ T9768] nfs: Unknown parameter 'ñ&\^' [ 404.437540][ T7164] usb 1-1: new high-speed USB device number 58 using dummy_hcd [ 404.609707][ T9767] loop4: detected capacity change from 0 to 40427 [ 404.618502][ T9767] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 404.632899][ T9767] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 404.642997][ T9767] F2FS-fs (loop4): invalid crc value [ 404.651245][ T9767] F2FS-fs (loop4): Found nat_bits in checkpoint [ 404.687087][ T9767] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 404.694695][ T9767] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 404.707505][ T7164] usb 1-1: Using ep0 maxpacket: 32 [ 404.798697][ T5509] cdc_ncm 2-1:1.1: bind() failure [ 404.833555][ T5509] usb 2-1: USB disconnect, device number 50 [ 404.857597][ T7164] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 404.873069][ T7164] usb 1-1: config 0 interface 0 has no altsetting 1 [ 406.316585][ T9779] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1539'. [ 406.757484][ T7164] usb 1-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice=41.ab [ 406.786952][ T7164] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 406.814781][ T7164] usb 1-1: config 0 descriptor?? [ 406.885646][ T7164] usb 1-1: can't set config #0, error -71 [ 406.990525][ T9798] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1544'. [ 407.012989][ T7164] usb 1-1: USB disconnect, device number 58 [ 407.718157][ T9785] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1540'. [ 407.727488][ T7164] usb 1-1: new high-speed USB device number 59 using dummy_hcd [ 407.740049][ T9808] fuse: Bad value for 'rootmode' [ 408.087485][ T7164] usb 1-1: Using ep0 maxpacket: 32 [ 408.102044][ T9817] nfs: Unknown parameter 'ñ&\^' [ 408.197267][ T5509] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 409.038901][ T5509] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 409.059615][ T5509] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 409.092126][ T5509] usb 4-1: config 1 has no interface number 0 [ 409.106763][ T5509] usb 4-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 409.307733][ T9829] loop2: detected capacity change from 0 to 1024 [ 409.315283][ T9829] hfsplus: unable to parse mount options [ 409.368613][ T5509] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 409.383172][ T5509] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 409.393009][ T5509] usb 4-1: Product: syz [ 409.402406][ T5509] usb 4-1: Manufacturer: syz [ 409.407132][ T5509] usb 4-1: SerialNumber: syz [ 409.462939][ T5509] usb 4-1: selecting invalid altsetting 1 [ 409.602840][ T9839] fuse: Bad value for 'rootmode' [ 409.777404][ T48] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 409.979378][ T7164] usb 1-1: unable to get BOS descriptor or descriptor too short [ 410.035108][ T9851] nfs: Unknown parameter 'ñ&\^' [ 410.816233][ T9854] Process accounting resumed [ 410.900304][ T7164] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 410.909468][ T7164] usb 1-1: can't read configurations, error -71 [ 411.027670][ T5509] cdc_ncm 4-1:1.1: bind() failure [ 411.057576][ T5509] usb 4-1: USB disconnect, device number 52 [ 411.075765][ T9867] loop2: detected capacity change from 0 to 256 [ 411.086524][ T9870] fuse: Unknown parameter 'use00000000000000000000' [ 411.134658][ T9867] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 411.174713][ T9867] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 411.409691][ T5508] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 411.611682][ T9882] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1573'. [ 413.100280][ T5508] usb 5-1: Using ep0 maxpacket: 8 [ 414.571999][ T9897] 9pnet_fd: Insufficient options for proto=fd [ 414.617627][ T5508] usb 5-1: config 0 has an invalid interface number: 52 but max is 0 [ 414.646314][ T5508] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 414.656978][ T7164] usb 1-1: new high-speed USB device number 60 using dummy_hcd [ 414.665070][ T7] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 414.761922][ T5508] usb 5-1: config 0 has no interface number 0 [ 414.774081][ T9903] Process accounting resumed [ 414.781288][ T5508] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 414.797983][ T5508] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 414.816901][ T5508] usb 5-1: config 0 interface 52 has no altsetting 0 [ 414.939260][ T7] usb 4-1: Using ep0 maxpacket: 8 [ 414.987907][ T5508] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 414.991014][ T9912] fuse: Unknown parameter 'use00000000000000000000' [ 415.004791][ T5508] usb 5-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35 [ 415.022272][ T5508] usb 5-1: Product: syz [ 415.026787][ T5508] usb 5-1: Manufacturer: syz [ 415.035066][ T5508] usb 5-1: SerialNumber: syz [ 415.047492][ T5508] usb 5-1: config 0 descriptor?? [ 415.077750][ T7] usb 4-1: config 0 has no interfaces? [ 415.089594][ T7] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 415.099141][ T7164] usb 1-1: device descriptor read/64, error -71 [ 415.111952][ T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.124410][ T7] usb 4-1: config 0 descriptor?? [ 415.237590][ T7164] usb usb1-port1: attempt power cycle [ 415.331950][ T9918] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1586'. [ 415.964261][ T5509] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 415.972042][ T5508] usb 5-1: Can not set alternate setting to 1, error: -71 [ 415.979956][ T5508] synaptics_usb: probe of 5-1:0.52 failed with error -71 [ 415.989531][ T5508] usb 5-1: USB disconnect, device number 45 [ 416.326789][ T3598] usb 4-1: USB disconnect, device number 53 [ 416.427549][ T5509] usb 2-1: too many configurations: 65, using maximum allowed: 8 [ 416.435448][ T7164] usb 1-1: new high-speed USB device number 61 using dummy_hcd [ 416.468777][ T9925] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1587'. [ 416.677930][ T7164] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 416.696212][ T7164] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 416.723969][ T7164] usb 1-1: config 1 has no interface number 0 [ 416.737632][ T7164] usb 1-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 416.943048][ T7164] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 416.962790][ T7164] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.986370][ T7164] usb 1-1: Product: syz [ 416.998888][ T7164] usb 1-1: Manufacturer: syz [ 417.024492][ T7164] usb 1-1: SerialNumber: syz [ 417.078633][ T7164] usb 1-1: selecting invalid altsetting 1 [ 417.100351][ T9928] loop3: detected capacity change from 0 to 512 [ 417.129099][ T9928] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 417.167838][ T5509] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 417.183153][ T5509] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.183190][ T9928] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.1589: casefold flag without casefold feature [ 417.217705][ T9928] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.1589: missing EA_INODE flag [ 417.245631][ T9928] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1589: error while reading EA inode 12 err=-117 [ 417.277702][ T9928] EXT4-fs (loop3): 1 orphan inode deleted [ 417.296123][ T9928] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 417.408271][ T4481] EXT4-fs (loop3): unmounting filesystem. [ 418.115383][ T9939] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1591'. [ 419.319089][ T9941] Process accounting resumed [ 419.467362][ T3598] usb 3-1: new high-speed USB device number 52 using dummy_hcd [ 419.485523][ T7164] cdc_ncm 1-1:1.1: bind() failure [ 419.505496][ T7164] usb 1-1: USB disconnect, device number 61 [ 419.511617][ T5509] usb 2-1: Found UVC 0.00 device (046d:08c1) [ 419.518613][ T5509] usb 2-1: No valid video chain found. [ 419.526446][ T5509] usb 2-1: USB disconnect, device number 51 [ 419.593892][ T9949] fuse: Unknown parameter 'use00000000000000000000' [ 419.839608][ T3598] usb 3-1: Using ep0 maxpacket: 32 [ 420.109080][ T9964] loop4: detected capacity change from 0 to 512 [ 420.126421][ T9964] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 420.155065][ T9964] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.1600: casefold flag without casefold feature [ 420.175699][ T9964] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.1600: missing EA_INODE flag [ 420.188043][ T3594] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 420.197102][ T9964] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1600: error while reading EA inode 12 err=-117 [ 420.211143][ T9964] EXT4-fs (loop4): 1 orphan inode deleted [ 420.217051][ T9964] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 420.237423][ T5509] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 420.281661][ T8592] EXT4-fs (loop4): unmounting filesystem. [ 420.487499][ T3594] usb 4-1: Using ep0 maxpacket: 8 [ 420.837439][ T3594] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 420.893394][ T3594] usb 4-1: config 0 has no interfaces? [ 421.037615][ T3598] usb 3-1: unable to get BOS descriptor or descriptor too short [ 421.083630][ T3594] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 421.096298][ T3594] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.109740][ T3594] usb 4-1: config 0 descriptor?? [ 421.130585][ T3598] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 421.145883][ T3598] usb 3-1: can't read configurations, error -71 [ 421.188746][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 421.188761][ T26] audit: type=1804 audit(1719625617.659:43): pid=9973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1603" name="/root/syzkaller.2mF22z/370/file0" dev="sda1" ino=1966 res=1 errno=0 [ 421.258170][ T9975] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1602'. [ 421.277713][ T5509] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 421.295052][ T5509] usb 2-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice=bb.9d [ 421.327485][ T5509] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.415623][ T5509] snd-usb-audio: probe of 2-1:27.0 failed with error -22 [ 421.465617][ T3565] udevd[3565]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 421.527375][ T3598] usb 3-1: new high-speed USB device number 53 using dummy_hcd [ 421.589469][ T5509] usb 2-1: USB disconnect, device number 52 [ 421.617409][ T7] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 421.777251][ T3598] usb 3-1: Using ep0 maxpacket: 32 [ 421.901530][ T3598] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 421.913323][ T3598] usb 3-1: config 0 has no interface number 0 [ 422.018732][ T7] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 422.039171][ T7] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 422.053989][ T7] usb 5-1: config 1 has no interface number 0 [ 422.060309][ T7] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 422.077534][ T3598] usb 3-1: New USB device found, idVendor=1b3d, idProduct=017b, bcdDevice=30.b7 [ 422.096792][ T3598] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.117009][ T3598] usb 3-1: Product: syz [ 422.121266][ T3598] usb 3-1: Manufacturer: syz [ 422.137594][ T3598] usb 3-1: SerialNumber: syz [ 422.152251][ T3598] usb 3-1: config 0 descriptor?? [ 422.211650][ T3598] ftdi_sio 3-1:0.251: FTDI USB Serial Device converter detected [ 422.234031][ T3598] ftdi_sio ttyUSB0: unknown device type: 0x30b7 [ 422.252559][ T7] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 422.262665][ T9981] Process accounting resumed [ 422.278001][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.296327][ T7] usb 5-1: Product: syz [ 422.310948][ T7] usb 5-1: Manufacturer: syz [ 422.315576][ T7] usb 5-1: SerialNumber: syz [ 422.389219][ T7] usb 5-1: selecting invalid altsetting 1 [ 422.543055][ T9987] fuse: Unknown parameter 'user_i00000000000000000000' [ 422.665819][ T9989] loop0: detected capacity change from 0 to 1024 [ 422.674331][ T48] Bluetooth: hci2: unexpected event 0x2f length: 763 > 260 [ 422.685242][ T9989] hfsplus: unable to parse mount options [ 422.783784][ T9994] loop0: detected capacity change from 0 to 512 [ 422.800453][ T9994] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 422.849018][ T9994] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1611: casefold flag without casefold feature [ 422.877599][ T9994] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.1611: missing EA_INODE flag [ 422.907511][ T9994] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1611: error while reading EA inode 12 err=-117 [ 422.951159][ T9994] EXT4-fs (loop0): 1 orphan inode deleted [ 422.952935][ T3594] usb 3-1: USB disconnect, device number 53 [ 422.956915][ T9994] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 422.981172][ T3594] ftdi_sio 3-1:0.251: device disconnected [ 423.108164][ T5224] EXT4-fs (loop0): unmounting filesystem. [ 423.238708][ T7] cdc_ncm 5-1:1.1: bind() failure [ 423.267287][ T7] usb 5-1: USB disconnect, device number 46 [ 423.575852][T10006] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1613'. [ 424.322069][ T3594] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 424.397556][ T935] usb 1-1: new high-speed USB device number 62 using dummy_hcd [ 425.487282][ T935] usb 1-1: Using ep0 maxpacket: 32 [ 425.614494][T10017] Process accounting resumed [ 425.697562][ T3594] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 425.710889][ T3594] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 425.727452][ T3594] usb 3-1: Product: syz [ 425.735870][ T3594] usb 3-1: Manufacturer: syz [ 425.750222][ T3594] usb 3-1: SerialNumber: syz [ 425.765238][ T3594] usb 3-1: config 0 descriptor?? [ 425.987812][T10023] fuse: Unknown parameter 'user_i00000000000000000000' [ 426.037822][ T3594] usb-storage 3-1:0.0: USB Mass Storage device detected [ 426.107134][T10015] loop4: detected capacity change from 0 to 40427 [ 426.164858][T10027] loop1: detected capacity change from 0 to 1024 [ 426.186367][T10027] hfsplus: unable to parse mount options [ 426.204281][T10015] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 426.212412][T10015] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 426.229993][ T3565] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 426.244484][ T3598] usb 3-1: USB disconnect, device number 54 [ 426.246209][T10015] F2FS-fs (loop4): invalid crc value [ 426.288178][T10015] F2FS-fs (loop4): Found nat_bits in checkpoint [ 426.366712][T10015] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 426.385520][T10015] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 426.647608][ T935] usb 1-1: unable to get BOS descriptor or descriptor too short [ 426.737453][ T935] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 426.750710][ T935] usb 1-1: can't read configurations, error -71 [ 426.763234][T10036] loop0: detected capacity change from 0 to 512 [ 426.779038][T10036] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 426.821347][T10036] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1623: casefold flag without casefold feature [ 426.834660][T10036] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.1623: missing EA_INODE flag [ 426.848654][T10036] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1623: error while reading EA inode 12 err=-117 [ 426.891915][T10036] EXT4-fs (loop0): 1 orphan inode deleted [ 426.916913][T10036] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 427.336844][ T5224] EXT4-fs (loop0): unmounting filesystem. [ 427.742624][ T3594] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 428.148030][ T3594] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 428.218323][ T3594] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 428.351255][ T3594] usb 5-1: config 1 has no interface number 0 [ 428.383924][ T3594] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 428.484666][T10053] Process accounting resumed [ 428.642958][ T3594] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 428.687378][ T3594] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 428.705674][ T3594] usb 5-1: Product: syz [ 428.709996][ T3594] usb 5-1: Manufacturer: syz [ 428.714710][ T3594] usb 5-1: SerialNumber: syz [ 428.845807][T10060] fuse: Bad value for 'fd' [ 428.928319][ T3594] usb 5-1: selecting invalid altsetting 1 [ 429.667754][ T48] Bluetooth: hci2: unexpected event 0x2f length: 763 > 260 [ 429.688322][ T935] usb 4-1: USB disconnect, device number 54 [ 429.988898][ T5508] usb 1-1: new high-speed USB device number 64 using dummy_hcd [ 430.241665][ T3553] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 430.283604][ T3553] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 430.294537][ T3553] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 430.309217][ T3553] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 430.345911][ T3553] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 430.356462][ T3553] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 430.667486][ T3594] cdc_ncm 5-1:1.1: bind() failure [ 430.722220][ T3594] usb 5-1: USB disconnect, device number 47 [ 431.034334][ T5508] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 431.044069][ T5508] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 431.532224][ T5508] usb 1-1: config 0 descriptor?? [ 431.791357][ T3668] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.819085][T10086] loop4: detected capacity change from 0 to 512 [ 431.834545][T10086] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 431.915757][T10086] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.1637: casefold flag without casefold feature [ 431.975915][T10086] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.1637: missing EA_INODE flag [ 431.998710][ T3668] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.033389][T10086] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1637: error while reading EA inode 12 err=-117 [ 432.070391][T10086] EXT4-fs (loop4): 1 orphan inode deleted [ 432.076289][T10086] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 432.118243][T10074] chnl_net:caif_netlink_parms(): no params data found [ 432.262110][ T5508] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 432.271577][ T5508] [drm] Initialized udl on minor 2 [ 432.284916][ T3668] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.299826][T10094] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 432.449162][ T3553] Bluetooth: hci4: command tx timeout [ 432.478184][ T5508] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 432.539363][ T5508] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 432.688626][ T7] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 432.710662][ T5508] usb 1-1: USB disconnect, device number 64 [ 432.785836][ T7] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 432.869410][ T7] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 433.059327][ T3668] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.085952][ T8592] EXT4-fs (loop4): unmounting filesystem. [ 433.183384][T10074] bridge0: port 1(bridge_slave_0) entered blocking state [ 433.191758][T10074] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.203753][T10074] device bridge_slave_0 entered promiscuous mode [ 433.228032][T10074] bridge0: port 2(bridge_slave_1) entered blocking state [ 433.248009][T10106] fuse: Unknown parameter 'user_id00000000000000000000' [ 433.275821][T10074] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.309479][T10074] device bridge_slave_1 entered promiscuous mode [ 433.414365][T10074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 433.436325][T10074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 433.574903][T10074] team0: Port device team_slave_0 added [ 433.583317][T10074] team0: Port device team_slave_1 added [ 433.655963][T10074] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 433.683861][T10074] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 433.710513][ T7] usb 2-1: new high-speed USB device number 53 using dummy_hcd [ 433.765462][T10074] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 433.799255][T10074] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 433.806228][T10074] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 433.832820][ T5508] usb 1-1: new high-speed USB device number 65 using dummy_hcd [ 433.841713][T10074] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 434.052426][T10074] device hsr_slave_0 entered promiscuous mode [ 434.067053][T10074] device hsr_slave_1 entered promiscuous mode [ 434.076601][T10074] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 434.097460][ T7] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 434.107768][ T5508] usb 1-1: Using ep0 maxpacket: 16 [ 434.122979][ T7] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 434.138512][T10074] Cannot create hsr debugfs directory [ 434.144215][ T7] usb 2-1: config 1 has no interface number 0 [ 434.161013][ T7] usb 2-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 434.237702][ T5508] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 434.256080][ T5508] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 434.277504][ T5508] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.298283][ T5508] usb 1-1: config 0 descriptor?? [ 434.338930][ T7] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 434.350115][ T5508] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 434.377706][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 434.385754][ T7] usb 2-1: Product: syz [ 434.417008][ T7] usb 2-1: Manufacturer: syz [ 434.421846][ T7] usb 2-1: SerialNumber: syz [ 434.477481][ T48] Bluetooth: hci4: command tx timeout [ 434.658512][ T7] usb 2-1: selecting invalid altsetting 1 [ 435.141067][ T3553] Bluetooth: hci5: unexpected event 0x2f length: 763 > 260 [ 435.326208][T10128] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 435.386919][T10128] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 435.857241][ T7] cdc_ncm 2-1:1.1: bind() failure [ 435.888670][ T7] usb 2-1: USB disconnect, device number 53 [ 436.556651][ T3594] usb 1-1: USB disconnect, device number 65 [ 436.567251][ T3553] Bluetooth: hci4: command tx timeout [ 436.947535][ T7] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 437.500542][ T3668] bond0: (slave wlan1): Releasing backup interface [ 437.514336][ T3668] device wlan1 left promiscuous mode [ 437.578499][ T7] usb 2-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice= 5.88 [ 437.605500][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 437.614084][ T7] usb 2-1: Product: syz [ 437.626358][ T7] usb 2-1: Manufacturer: syz [ 437.631452][ T7] usb 2-1: SerialNumber: syz [ 437.647102][ T7] usb 2-1: config 0 descriptor?? [ 437.772392][T10160] fuse: Unknown parameter 'user_id00000000000000000000' [ 437.833657][T10074] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 437.844574][T10074] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 437.877482][ T9325] usb 1-1: new high-speed USB device number 66 using dummy_hcd [ 437.950094][T10147] loop2: detected capacity change from 0 to 40427 [ 437.960464][T10147] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 437.970966][ T3668] device hsr_slave_0 left promiscuous mode [ 437.977956][ T3668] device hsr_slave_1 left promiscuous mode [ 437.984468][T10147] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 438.010719][ T3668] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 438.030941][ T3668] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 438.048119][ T3668] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 438.055991][ T3668] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 438.056018][T10147] F2FS-fs (loop2): invalid crc value [ 438.069842][ T3668] device bond0 left promiscuous mode [ 438.075149][ T3668] device bond_slave_0 left promiscuous mode [ 438.082002][ T3668] device bond_slave_1 left promiscuous mode [ 438.089049][ T3668] bridge0: port 3(bond0) entered disabled state [ 438.097893][ T3668] device bridge_slave_1 left promiscuous mode [ 438.104550][ T3668] bridge0: port 2(bridge_slave_1) entered disabled state [ 438.114241][T10147] F2FS-fs (loop2): Found nat_bits in checkpoint [ 438.124221][ T3668] device bridge_slave_0 left promiscuous mode [ 438.137620][ T3668] bridge0: port 1(bridge_slave_0) entered disabled state [ 438.161055][ T3598] usb 2-1: USB disconnect, device number 54 [ 438.202089][ T3668] device veth1_macvtap left promiscuous mode [ 438.211165][ T3668] device veth0_macvtap left promiscuous mode [ 438.217283][T10147] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 438.225019][T10147] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 438.235418][ T3668] device veth1_vlan left promiscuous mode [ 438.242449][ T3668] device veth0_vlan left promiscuous mode [ 438.252852][ T9325] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 438.279746][ T9325] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.301160][ T9325] usb 1-1: config 0 descriptor?? [ 438.637696][ T3553] Bluetooth: hci4: command tx timeout [ 439.060425][T10171] binder: 10168:10171 ioctl 4008af22 20000280 returned -22 [ 439.698929][ T9325] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 439.706451][ T9325] [drm] Initialized udl on minor 2 [ 440.018067][ T1254] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.026829][ T1254] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.274195][ T9325] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 440.282956][ T9325] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 440.295295][ T9325] usb 1-1: USB disconnect, device number 66 [ 440.311640][ T3598] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 440.341272][ T3598] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 440.352596][ T3598] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 441.049845][ T3668] team0 (unregistering): Port device team_slave_1 removed [ 441.668369][ T3668] team0 (unregistering): Port device team_slave_0 removed [ 441.995967][T10201] fuse: Unknown parameter 'user_id00000000000000000000' [ 442.416642][ T3668] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 442.550142][ T3668] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 443.204252][ T3668] bond0 (unregistering): Released all slaves [ 443.309823][T10074] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 443.337782][T10074] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 443.567488][ T3598] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 444.336676][T10074] 8021q: adding VLAN 0 to HW filter on device bond0 [ 444.551071][ T9325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 444.574341][ T9325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 444.658351][T10074] 8021q: adding VLAN 0 to HW filter on device team0 [ 444.721281][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 444.739410][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 444.767572][ T3598] usb 1-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice= 5.88 [ 444.785720][ T935] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.792965][ T935] bridge0: port 1(bridge_slave_0) entered forwarding state [ 444.808373][ T3598] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 444.833196][ T3598] usb 1-1: Product: syz [ 444.846044][ T3598] usb 1-1: Manufacturer: syz [ 444.872005][ T3598] usb 1-1: SerialNumber: syz [ 444.874443][T10233] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1674'. [ 444.897113][ T3598] usb 1-1: config 0 descriptor?? [ 444.949236][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 444.964724][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 444.983870][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 445.003406][ T3594] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.010673][ T3594] bridge0: port 2(bridge_slave_1) entered forwarding state [ 445.035101][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 445.054542][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 445.072882][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 445.095811][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 445.135157][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 445.144688][T10220] loop1: detected capacity change from 0 to 40427 [ 445.152120][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 445.162029][T10220] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 445.212604][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 445.259328][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 445.270872][T10220] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 445.289598][T10220] F2FS-fs (loop1): invalid crc value [ 445.311283][T10220] F2FS-fs (loop1): Found nat_bits in checkpoint [ 445.320184][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 445.343148][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 445.364166][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 445.400695][T10074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 445.423584][ T9328] usb 1-1: USB disconnect, device number 67 [ 445.540220][T10220] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 445.553035][T10220] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 446.352748][T10264] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1677'. [ 446.577299][T10269] tipc: Started in network mode [ 446.587685][T10269] tipc: Node identity 005f00000000003a0000400000000001, cluster identity 4711 [ 446.596605][T10269] tipc: Enabling of bearer rejected, failed to enable media [ 446.804475][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 446.857467][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 446.886810][T10074] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 447.054408][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 447.076381][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 447.141376][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 447.161006][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 447.195733][T10074] device veth0_vlan entered promiscuous mode [ 447.211343][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 447.233729][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 447.261489][T10074] device veth1_vlan entered promiscuous mode [ 447.344197][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 447.363108][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 447.386508][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 447.414307][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 447.461250][T10074] device veth0_macvtap entered promiscuous mode [ 447.496457][T10074] device veth1_macvtap entered promiscuous mode [ 447.614630][ T8585] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 447.752127][T10074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 447.783955][T10074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.804484][T10074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 447.917151][T10074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.942954][T10074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 447.959383][T10074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.974890][T10074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 448.027576][ T8585] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 448.178991][ T8585] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.234053][T10074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 448.254347][ T8585] usb 5-1: config 0 descriptor?? [ 448.300768][T10301] fuse: Bad value for 'fd' [ 448.317886][T10074] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 448.325288][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 448.334188][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 448.343992][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 448.365157][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 448.379976][T10074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 448.438014][T10074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 448.447965][T10074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 448.458535][T10074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 448.494809][T10074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 448.513185][T10074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 448.524195][T10074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 448.541937][T10074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 448.555742][T10074] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 448.572266][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 448.584555][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 448.688243][T10074] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.706484][T10074] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.750634][T10074] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.767243][T10074] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.957135][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 449.004082][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.029999][ T8585] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 449.038277][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 449.046413][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.072001][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 449.075489][ T8585] [drm] Initialized udl on minor 2 [ 449.114982][ T5509] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 449.228027][ T8585] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 449.257098][ T8585] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 449.288684][ T8585] usb 5-1: USB disconnect, device number 48 [ 449.519260][T10331] IPv6: NLM_F_CREATE should be specified when creating new route [ 449.527247][T10331] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1634'. [ 449.987444][ T5509] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 450.407639][ T5509] usb 4-1: Using ep0 maxpacket: 32 [ 450.643234][T10345] fuse: Bad value for 'fd' [ 451.040886][T10351] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1698'. [ 451.057392][ T8586] usb 2-1: new high-speed USB device number 55 using dummy_hcd [ 451.307568][ T8586] usb 2-1: Using ep0 maxpacket: 32 [ 451.607512][ T8586] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 451.621204][ T8586] usb 2-1: config 0 interface 0 has no altsetting 1 [ 451.807482][ T8586] usb 2-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice=41.ab [ 451.820796][ T8586] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 451.829721][ T8586] usb 2-1: Product: syz [ 451.833960][ T8586] usb 2-1: Manufacturer: syz [ 451.841536][ T8586] usb 2-1: SerialNumber: syz [ 451.849888][ T8586] usb 2-1: config 0 descriptor?? [ 451.909330][ T8586] usb-storage 2-1:0.0: USB Mass Storage device detected [ 451.920460][ T8586] usb-storage 2-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 452.155965][T10362] Process accounting resumed [ 452.307481][ T5509] usb 4-1: unable to get BOS descriptor or descriptor too short [ 452.377546][ T5509] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 452.396230][ T5509] usb 4-1: can't read configurations, error -71 [ 452.687288][ T8586] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 453.625735][ T3598] usb 2-1: USB disconnect, device number 55 [ 453.725466][T10383] fuse: Bad value for 'fd' [ 454.087713][ T8586] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 454.149721][ T8586] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 454.181309][T10386] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1710'. [ 454.390782][ T8586] usb 1-1: config 0 descriptor?? [ 454.630864][T10392] Process accounting resumed [ 454.656312][ T26] audit: type=1804 audit(1719625651.089:44): pid=10392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1712" name="/root/syzkaller.kgLm8W/78/bus" dev="sda1" ino=1983 res=1 errno=0 [ 454.737135][T10394] netlink: 'syz.3.1713': attribute type 39 has an invalid length. [ 454.776030][ T26] audit: type=1804 audit(1719625651.089:45): pid=10392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1712" name="/root/syzkaller.kgLm8W/78/bus" dev="sda1" ino=1983 res=1 errno=0 [ 454.802664][ T26] audit: type=1804 audit(1719625651.099:46): pid=10392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1712" name="/root/syzkaller.kgLm8W/78/bus" dev="sda1" ino=1983 res=1 errno=0 [ 455.191538][T10407] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1714'. [ 455.704165][ T8586] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 455.711764][ T8586] [drm] Initialized udl on minor 2 [ 455.817554][ T8586] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffe0 [ 455.833377][ T8586] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 455.856187][ T8586] usb 1-1: USB disconnect, device number 68 [ 455.862532][ T5508] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 456.487381][ T935] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 456.757533][ T935] usb 2-1: Using ep0 maxpacket: 32 [ 456.821758][T10427] fuse: Bad value for 'fd' [ 456.832351][ T5508] usb 5-1: Using ep0 maxpacket: 32 [ 456.877484][ T935] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 456.891356][ T935] usb 2-1: config 0 interface 0 has no altsetting 1 [ 457.032176][ T26] audit: type=1804 audit(1719625653.509:47): pid=10432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1724" name="/root/syzkaller.KqdWhd/237/bus" dev="sda1" ino=1997 res=1 errno=0 [ 457.067562][ T935] usb 2-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice=41.ab [ 457.088031][ T26] audit: type=1804 audit(1719625653.539:48): pid=10432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1724" name="/root/syzkaller.KqdWhd/237/bus" dev="sda1" ino=1997 res=1 errno=0 [ 457.109553][ T935] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 457.112448][T10432] Process accounting resumed [ 457.123666][ T26] audit: type=1804 audit(1719625653.589:49): pid=10432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1724" name="/root/syzkaller.KqdWhd/237/bus" dev="sda1" ino=1997 res=1 errno=0 [ 457.206492][ T935] usb 2-1: Product: syz [ 457.211201][ T935] usb 2-1: Manufacturer: syz [ 457.215974][ T935] usb 2-1: SerialNumber: syz [ 457.234468][ T935] usb 2-1: config 0 descriptor?? [ 457.243233][T10435] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1725'. [ 457.282634][ T935] usb-storage 2-1:0.0: USB Mass Storage device detected [ 457.330854][T10438] binder: 10429:10438 ioctl 4008af22 20000280 returned -22 [ 457.517830][ T935] usb-storage 2-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 458.087443][ T5508] usb 5-1: unable to get BOS descriptor or descriptor too short [ 458.217757][ T5508] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 458.235466][ T5508] usb 5-1: can't read configurations, error -71 [ 458.763814][T10460] fuse: Bad value for 'fd' [ 458.884019][ T26] audit: type=1804 audit(1719625655.359:50): pid=10465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1736" name="/root/syzkaller.UbgjQj/10/bus" dev="sda1" ino=2003 res=1 errno=0 [ 458.912395][ T26] audit: type=1804 audit(1719625655.389:51): pid=10465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1736" name="/root/syzkaller.UbgjQj/10/bus" dev="sda1" ino=2003 res=1 errno=0 [ 458.939549][ T26] audit: type=1804 audit(1719625655.419:52): pid=10465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1736" name="/root/syzkaller.UbgjQj/10/bus" dev="sda1" ino=2003 res=1 errno=0 [ 458.939597][T10465] Process accounting resumed [ 458.987298][ T9329] usb 1-1: new high-speed USB device number 69 using dummy_hcd [ 459.015583][T10467] netlink: 'syz.3.1737': attribute type 39 has an invalid length. [ 459.056754][ T8586] usb 2-1: USB disconnect, device number 56 [ 460.007280][ T9329] usb 1-1: Using ep0 maxpacket: 16 [ 460.127352][ T9329] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 460.147279][ T9329] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 460.162313][T10485] netem: change failed [ 460.166679][ T9329] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.198762][ T9329] usb 1-1: config 0 descriptor?? [ 460.248243][T10489] fuse: Unknown parameter '0x0000000000000003' [ 460.257545][ T935] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 460.299431][T10482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1743'. [ 460.474695][T10456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 460.483468][T10456] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 460.500601][T10456] overlayfs: failed to create directory ./bus/work (errno: 126); mounting read-only [ 460.617655][ T935] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 460.631147][ T935] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 460.640846][ T935] usb 5-1: config 1 has no interface number 0 [ 460.647050][ T935] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 460.767342][ T5508] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 460.802386][T10456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 460.811732][T10456] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 460.817391][ T935] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 460.832844][ T935] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 460.842564][ T9329] hid (null): invalid report_size 1684763247 [ 460.848817][ T935] usb 5-1: Product: syz [ 460.855091][ T9329] hid-generic 0003:0158:0100.0021: unknown main item tag 0x1 [ 460.862661][ T935] usb 5-1: Manufacturer: syz [ 460.867530][ T935] usb 5-1: SerialNumber: syz [ 460.872607][ T9329] hid-generic 0003:0158:0100.0021: unexpected long global item [ 460.881990][ T9329] hid-generic: probe of 0003:0158:0100.0021 failed with error -22 [ 460.918330][ T935] usb 5-1: selecting invalid altsetting 1 [ 461.027642][ T5508] usb 4-1: Using ep0 maxpacket: 32 [ 461.045403][ T3598] usb 1-1: USB disconnect, device number 69 [ 461.177545][ T5508] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 461.178703][ T3553] Bluetooth: hci2: unexpected event 0x2f length: 763 > 260 [ 461.193298][ T5508] usb 4-1: config 0 interface 0 has no altsetting 1 [ 461.417525][ T5508] usb 4-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice=41.ab [ 461.426713][ T5508] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.434807][ T5508] usb 4-1: Product: syz [ 461.439324][ T5508] usb 4-1: Manufacturer: syz [ 461.444017][ T5508] usb 4-1: SerialNumber: syz [ 461.450968][ T5508] usb 4-1: config 0 descriptor?? [ 461.491338][ T5508] usb-storage 4-1:0.0: USB Mass Storage device detected [ 461.500240][ T5508] usb-storage 4-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 461.817350][ T935] cdc_ncm 5-1:1.1: bind() failure [ 461.838447][ T935] usb 5-1: USB disconnect, device number 51 [ 462.732756][T10523] fuse: Unknown parameter '0x0000000000000003' [ 462.837783][T10528] loop4: detected capacity change from 0 to 128 [ 463.706009][ T935] usb 4-1: USB disconnect, device number 57 [ 463.718336][T10536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1760'. [ 463.797290][ T5508] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 464.107478][ T8586] usb 2-1: new high-speed USB device number 57 using dummy_hcd [ 464.167742][ T5508] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 464.177026][ T7164] usb 1-1: new high-speed USB device number 70 using dummy_hcd [ 464.190761][ T5508] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.217029][ T5508] usb 3-1: config 0 descriptor?? [ 464.266524][T10558] nfs: Unknown parameter 'ñ&\^' [ 464.537579][ T8586] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 464.551054][ T8586] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 464.560350][ T8586] usb 2-1: config 1 has no interface number 0 [ 464.566531][ T8586] usb 2-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 464.607549][ T7164] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 464.616835][ T7164] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.627160][ T7164] usb 1-1: config 0 descriptor?? [ 464.757468][ T8586] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 464.766738][ T8586] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 464.774242][ T26] audit: type=1800 audit(1719625661.249:53): pid=10557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1765" name="file0" dev="fuse" ino=0 res=0 errno=0 [ 464.795094][ T8586] usb 2-1: Product: syz [ 464.795116][ T8586] usb 2-1: Manufacturer: syz [ 464.795129][ T8586] usb 2-1: SerialNumber: syz [ 464.842228][T10560] fuse: Unknown parameter '0x0000000000000003' [ 464.858747][ T8586] usb 2-1: selecting invalid altsetting 1 [ 464.912956][T10563] loop3: detected capacity change from 0 to 256 [ 464.924453][T10547] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 464.940581][T10547] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 464.959413][ T5508] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 464.973586][ T5508] [drm] Initialized udl on minor 2 [ 465.030228][T10563] FAT-fs (loop3): Directory bread(block 64) failed [ 465.036803][T10563] FAT-fs (loop3): Directory bread(block 65) failed [ 465.050977][T10563] FAT-fs (loop3): Directory bread(block 66) failed [ 465.058316][T10563] FAT-fs (loop3): Directory bread(block 67) failed [ 465.065330][T10563] FAT-fs (loop3): Directory bread(block 68) failed [ 465.073806][T10563] FAT-fs (loop3): Directory bread(block 69) failed [ 465.083750][T10563] FAT-fs (loop3): Directory bread(block 70) failed [ 465.090929][T10563] FAT-fs (loop3): Directory bread(block 71) failed [ 465.098214][T10563] FAT-fs (loop3): Directory bread(block 72) failed [ 465.104961][T10563] FAT-fs (loop3): Directory bread(block 73) failed [ 465.113423][ T5508] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 465.125881][ T3553] Bluetooth: hci5: unexpected event 0x2f length: 763 > 260 [ 465.137566][ T5508] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 465.155323][ T5508] usb 3-1: USB disconnect, device number 55 [ 465.177467][ T7164] [drm] vendor descriptor length:c3 data:cb 22 22 e5 a6 52 6b 06 8f 0f a2 [ 465.186114][ T7164] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 465.197944][T10565] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 465.386808][T10565] fscrypt: AES-128-CBC-ESSIV using implementation "essiv(cbc-aes-aesni,sha256-avx2)" [ 465.404001][ T26] audit: type=1800 audit(1719625661.879:54): pid=10565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1771" name="bus" dev="sda1" ino=2006 res=0 errno=0 [ 465.424345][ C1] vkms_vblank_simulate: vblank timer overrun [ 465.431785][ T26] audit: type=1800 audit(1719625661.879:55): pid=10567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1771" name="bus" dev="sda1" ino=2006 res=0 errno=0 [ 465.487522][ T7164] [drm:udl_init] *ERROR* Selecting channel failed [ 465.501716][ T7164] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 3 [ 465.509723][ T7164] [drm] Initialized udl on minor 3 [ 465.527426][ T7164] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 465.536313][ T7164] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 465.544576][ T7164] usb 1-1: USB disconnect, device number 70 [ 465.587374][ T935] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 465.707549][ T8586] cdc_ncm 2-1:1.1: bind() failure [ 465.734900][ T8586] usb 2-1: USB disconnect, device number 57 [ 465.829521][ T935] usb 4-1: Using ep0 maxpacket: 32 [ 465.893843][ T26] audit: type=1804 audit(1719625662.369:56): pid=10595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1776" name="/root/syzkaller.2mF22z/407/file1" dev="sda1" ino=2003 res=1 errno=0 [ 465.947358][ T935] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 465.965629][ T935] usb 4-1: config 0 interface 0 has no altsetting 1 [ 466.137334][ T935] usb 4-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice=41.ab [ 466.152984][ T935] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 466.173995][ T935] usb 4-1: Product: syz [ 466.183712][ T935] usb 4-1: Manufacturer: syz [ 466.193934][ T935] usb 4-1: SerialNumber: syz [ 466.207051][ T935] usb 4-1: config 0 descriptor?? [ 466.258428][ T935] usb-storage 4-1:0.0: USB Mass Storage device detected [ 466.285042][ T935] usb-storage 4-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 466.466033][ T3598] usb 4-1: USB disconnect, device number 58 [ 466.565517][T10608] fuse: Unknown parameter '0x0000000000000003' [ 468.007321][ T8586] usb 3-1: new high-speed USB device number 56 using dummy_hcd [ 468.427978][ T8586] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 468.504105][ T8586] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 468.560246][ T8586] usb 3-1: config 1 has no interface number 0 [ 468.601204][ T8586] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 468.659673][T10615] loop1: detected capacity change from 0 to 32768 [ 468.674174][T10615] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1783 (10615) [ 468.721699][T10639] fuse: Unknown parameter '0x0000000000000003' [ 468.730074][T10615] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 468.750680][T10615] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 468.783725][T10615] BTRFS info (device loop1): setting nodatacow, compression disabled [ 468.823001][T10615] BTRFS info (device loop1): enabling auto defrag [ 468.843501][T10615] BTRFS info (device loop1): max_inline at 0 [ 468.862847][T10615] BTRFS info (device loop1): using free space tree [ 468.875444][T10643] loop0: detected capacity change from 0 to 1024 [ 468.889026][ T8586] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 468.902511][T10643] hfsplus: unable to parse mount options [ 468.907467][ T8586] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 468.932488][ T8586] usb 3-1: Product: syz [ 468.936898][ T8586] usb 3-1: Manufacturer: syz [ 468.953089][ T8586] usb 3-1: SerialNumber: syz [ 469.073351][ T8586] usb 3-1: selecting invalid altsetting 1 [ 469.154195][ T4418] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 469.313752][ T9328] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 469.347515][ T935] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 469.408705][ T3553] Bluetooth: hci3: unexpected event 0x2f length: 763 > 260 [ 469.567431][ T9328] usb 1-1: Using ep0 maxpacket: 32 [ 469.628313][ T935] usb 4-1: too many configurations: 65, using maximum allowed: 8 [ 469.758180][ T9328] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 469.813545][ T9328] usb 1-1: config 0 interface 0 has no altsetting 1 [ 470.077555][ T9328] usb 1-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice=41.ab [ 470.093034][ T9328] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 470.117308][ T8586] cdc_ncm 3-1:1.1: bind() failure [ 470.134801][ T8586] usb 3-1: USB disconnect, device number 56 [ 470.165802][ T9328] usb 1-1: Product: syz [ 470.180720][ T9328] usb 1-1: Manufacturer: syz [ 470.189352][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 470.198527][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 470.214772][ T9328] usb 1-1: SerialNumber: syz [ 470.240603][ T9328] usb 1-1: config 0 descriptor?? [ 470.287378][ T935] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 470.298469][ T9328] usb-storage 1-1:0.0: USB Mass Storage device detected [ 470.307617][ T935] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.350693][T10688] fuse: Unknown parameter '0x0000000000000003' [ 470.358800][ T9328] usb-storage 1-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 470.389428][ T935] usb 4-1: Found UVC 0.00 device (046d:08c1) [ 470.396452][ T935] usb 4-1: No valid video chain found. [ 470.503583][ T5444] usb 1-1: USB disconnect, device number 71 [ 470.596191][ T7164] usb 4-1: USB disconnect, device number 59 [ 470.747275][ T935] usb 3-1: new high-speed USB device number 57 using dummy_hcd [ 470.987265][ T935] usb 3-1: Using ep0 maxpacket: 16 [ 471.107583][ T935] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 471.137240][ T935] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 471.147015][ T935] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 471.185984][T10697] loop3: detected capacity change from 0 to 1024 [ 471.219039][T10697] hfsplus: unable to parse mount options [ 471.357778][ T935] usb 3-1: New USB device found, idVendor=05da, idProduct=80a3, bcdDevice=d7.15 [ 471.366876][ T935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.417575][ T935] usb 3-1: Product: syz [ 471.421773][ T935] usb 3-1: Manufacturer: syz [ 471.426374][ T935] usb 3-1: SerialNumber: syz [ 471.458104][ T935] usb 3-1: config 0 descriptor?? [ 471.500481][ T935] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 10 is not bulk. [ 471.517535][ T935] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 12 is not bulk. [ 471.551629][ T935] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 7 is not bulk. [ 471.587479][ T935] microtek usb (rev 0.4.3): couldn't find two input bulk endpoints. Bailing out. [ 471.673590][ T5509] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 471.707151][ T7164] usb 3-1: USB disconnect, device number 57 [ 471.786798][T10695] loop0: detected capacity change from 0 to 32768 [ 471.807990][T10695] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1806 (10695) [ 471.839480][T10695] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 471.872186][T10695] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 471.891742][T10695] BTRFS info (device loop0): setting nodatacow, compression disabled [ 471.907310][T10695] BTRFS info (device loop0): enabling auto defrag [ 471.918296][T10695] BTRFS info (device loop0): max_inline at 0 [ 471.934661][T10695] BTRFS info (device loop0): using free space tree [ 471.943184][T10702] loop1: detected capacity change from 0 to 32768 [ 471.967277][ T935] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 471.978670][T10702] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by syz.1.1810 (10702) [ 472.013277][ T4790] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by udevd (4790) [ 472.073809][ T5509] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 472.104983][ T5509] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 472.130318][ T5509] usb 4-1: config 1 has no interface number 0 [ 472.149223][T10726] fuse: Unknown parameter 'fd0x0000000000000003' [ 472.155762][ T5509] usb 4-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 472.262911][ T5224] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 472.337534][ T5509] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 472.351794][ T5509] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.364513][ T5509] usb 4-1: Product: syz [ 472.375383][ T935] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 472.395117][ T935] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.440834][ T935] usb 5-1: config 0 descriptor?? [ 472.525039][ T5509] usb 4-1: Manufacturer: syz [ 472.530391][ T5509] usb 4-1: SerialNumber: syz [ 473.203244][ T935] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 473.229665][ T3553] Bluetooth: hci4: unexpected event 0x2f length: 763 > 260 [ 473.247252][ T935] [drm] Initialized udl on minor 2 [ 473.266970][ T5509] usb 4-1: selecting invalid altsetting 1 [ 473.437489][ T935] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 473.449524][ T935] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 473.476155][ T935] usb 5-1: USB disconnect, device number 52 [ 473.611868][T10762] fuse: Unknown parameter 'fd0x0000000000000003' [ 473.677740][ T5508] usb 3-1: new high-speed USB device number 58 using dummy_hcd [ 473.807436][ T5509] cdc_ncm 4-1:1.1: bind() failure [ 473.848212][ T5509] usb 4-1: USB disconnect, device number 60 [ 473.903959][T10770] loop0: detected capacity change from 0 to 512 [ 473.922991][T10770] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 473.947305][ T5508] usb 3-1: Using ep0 maxpacket: 8 [ 474.011970][T10770] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1829: casefold flag without casefold feature [ 474.065813][T10770] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.1829: missing EA_INODE flag [ 474.094003][ T5508] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 474.115712][T10770] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1829: error while reading EA inode 12 err=-117 [ 474.125410][T10764] loop1: detected capacity change from 0 to 32768 [ 474.139731][ T5508] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 474.150891][T10770] EXT4-fs (loop0): 1 orphan inode deleted [ 474.156662][T10770] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 474.166329][ T5508] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 474.175309][T10764] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1826 (10764) [ 474.185689][ T5508] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 474.241115][ T5508] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 474.274327][ T5508] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 474.298089][ T5508] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.331135][T10764] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 474.378433][ T5508] usbtmc: probe of 3-1:16.0 failed with error -22 [ 474.381747][T10764] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 474.434459][T10764] BTRFS info (device loop1): setting nodatacow, compression disabled [ 474.449697][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 474.453276][T10764] BTRFS info (device loop1): enabling auto defrag [ 474.496738][ T5224] EXT4-fs (loop0): unmounting filesystem. [ 474.503756][T10764] BTRFS info (device loop1): max_inline at 0 [ 474.521229][T10764] BTRFS info (device loop1): using free space tree [ 474.656301][T10797] fuse: Unknown parameter 'fd0x0000000000000003' [ 474.946578][ T4418] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 475.547310][ T5508] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 475.587486][ T9328] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 475.917457][ T5508] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 475.933475][ T5508] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 475.952904][ T5508] usb 2-1: config 1 has no interface number 0 [ 475.957512][ T9328] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 475.959723][ T5508] usb 2-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 475.977275][ T9328] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.999206][ T9328] usb 4-1: config 0 descriptor?? [ 476.147562][ T5508] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 476.161181][ T5508] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 476.172266][ T5508] usb 2-1: Product: syz [ 476.176615][ T5508] usb 2-1: Manufacturer: syz [ 476.184074][ T5508] usb 2-1: SerialNumber: syz [ 476.230672][ T5508] usb 2-1: selecting invalid altsetting 1 [ 476.392615][ T7162] usb 3-1: USB disconnect, device number 58 [ 476.481719][T10839] loop2: detected capacity change from 0 to 512 [ 476.508821][T10839] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 476.525980][ T48] Bluetooth: hci5: unexpected event 0x2f length: 763 > 260 [ 476.527403][ T9328] [drm] vendor descriptor length:b9 data:c8 08 df 50 6e f1 34 0b 9c 17 57 [ 476.559530][ T9328] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 476.579111][T10839] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1847: casefold flag without casefold feature [ 476.592836][ T9328] [drm:udl_init] *ERROR* Selecting channel failed [ 476.604229][T10839] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.1847: missing EA_INODE flag [ 476.604311][ T9328] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 476.624202][ T9328] [drm] Initialized udl on minor 2 [ 476.630933][T10839] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1847: error while reading EA inode 12 err=-117 [ 476.644517][T10839] EXT4-fs (loop2): 1 orphan inode deleted [ 476.647497][ T9328] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 476.651126][T10839] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 476.664253][ T9328] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 476.685140][ T9328] usb 4-1: USB disconnect, device number 61 [ 476.763327][ T3552] EXT4-fs (loop2): unmounting filesystem. [ 477.027404][ T5426] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 477.117384][ T5508] cdc_ncm 2-1:1.1: bind() failure [ 477.146131][ T5508] usb 2-1: USB disconnect, device number 58 [ 477.397441][ T5426] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 477.416838][ T5426] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.448923][ T5426] usb 5-1: config 0 descriptor?? [ 477.557868][T10852] loop3: detected capacity change from 0 to 32768 [ 477.595651][T10852] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1851 (10852) [ 477.623672][T10852] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 477.654406][T10852] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 477.663434][T10852] BTRFS info (device loop3): setting nodatacow, compression disabled [ 477.681665][T10852] BTRFS info (device loop3): enabling auto defrag [ 477.697705][T10852] BTRFS info (device loop3): max_inline at 0 [ 477.712453][T10852] BTRFS info (device loop3): using free space tree [ 477.717094][T10845] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 477.806372][T10845] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 477.837325][ T48] Bluetooth: hci2: command 0x0406 tx timeout [ 478.022280][T10074] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 478.047456][ T5426] [drm] vendor descriptor length:c3 data:cb 22 22 e5 a6 52 6b 06 8f 0f a2 [ 478.077503][ T5426] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 478.397474][ T5426] [drm:udl_init] *ERROR* Selecting channel failed [ 478.425226][ T5426] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 478.438961][ T5426] [drm] Initialized udl on minor 2 [ 478.458067][ T5426] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 478.466653][ T5426] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 478.482746][ T5426] usb 5-1: USB disconnect, device number 53 [ 478.638268][T10893] loop0: detected capacity change from 0 to 512 [ 478.646328][T10893] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 478.647388][ T9328] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 478.680149][T10893] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1858: casefold flag without casefold feature [ 478.704708][T10893] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.1858: missing EA_INODE flag [ 478.725376][T10893] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1858: error while reading EA inode 12 err=-117 [ 478.744007][T10893] EXT4-fs (loop0): 1 orphan inode deleted [ 478.751333][T10893] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 478.797506][ T5508] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 478.821894][ T5224] EXT4-fs (loop0): unmounting filesystem. [ 478.865357][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.874530][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.929407][ T9328] usb 4-1: Using ep0 maxpacket: 8 [ 479.057679][ T9328] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 479.076553][ T9328] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 479.077250][ T5508] usb 2-1: Using ep0 maxpacket: 8 [ 479.087242][ T9326] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 479.114504][ T9328] usb 4-1: New USB device found, idVendor=056a, idProduct=0333, bcdDevice= 0.00 [ 479.139427][ T9328] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.165439][ T9328] usb 4-1: config 0 descriptor?? [ 479.262303][ T5508] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 479.283823][ T5508] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 479.309226][ T5508] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 479.342492][ T5508] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 479.352594][ T5508] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 479.369612][T10909] loop4: detected capacity change from 0 to 32768 [ 479.370926][ T5508] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 479.386376][ T5508] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.407434][T10909] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1864 (10909) [ 479.426208][T10909] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 479.437933][T10909] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 479.446658][T10909] BTRFS info (device loop4): setting nodatacow, compression disabled [ 479.456019][ T5508] usbtmc: probe of 2-1:16.0 failed with error -22 [ 479.462636][T10909] BTRFS info (device loop4): enabling auto defrag [ 479.468577][ T9326] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 479.477322][T10909] BTRFS info (device loop4): max_inline at 0 [ 479.494475][T10909] BTRFS info (device loop4): using free space tree [ 479.504172][ T9326] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.529362][ T9326] usb 3-1: config 0 descriptor?? [ 479.660639][ T9328] wacom 0003:056A:0333.0022: item fetching failed at offset 7/8 [ 479.677096][ T9328] wacom 0003:056A:0333.0022: parse failed [ 479.690028][ T9328] wacom: probe of 0003:056A:0333.0022 failed with error -22 [ 479.800968][ T8592] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 479.876784][ T5508] usb 4-1: USB disconnect, device number 62 [ 480.061438][ T9326] [drm] vendor descriptor length:b9 data:c8 08 df 50 6e f1 34 0b 9c 17 57 [ 480.090416][ T9326] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 480.127495][ T9326] [drm:udl_init] *ERROR* Selecting channel failed [ 480.263432][ T9326] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 480.348809][T10940] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1865'. [ 480.998487][ T9326] [drm] Initialized udl on minor 2 [ 481.057265][ T9326] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 481.066873][ T9326] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 481.163561][ T9326] usb 3-1: USB disconnect, device number 59 [ 481.327803][ T8586] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 481.950045][ T9326] usb 2-1: USB disconnect, device number 59 [ 482.357478][ T8586] usb 4-1: Using ep0 maxpacket: 8 [ 482.490899][ T8586] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 482.512121][ T8586] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 482.552849][ T8586] usb 4-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00 [ 482.581795][ T8586] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 482.618305][ T8586] usb 4-1: config 0 descriptor?? [ 482.661826][T10962] loop1: detected capacity change from 0 to 32768 [ 482.706290][T10962] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1875 (10962) [ 483.446562][T10962] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 483.503260][T10962] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 483.549185][ T5508] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 483.558372][T10962] BTRFS info (device loop1): setting nodatacow, compression disabled [ 483.594236][T10962] BTRFS info (device loop1): enabling auto defrag [ 483.607437][T10962] BTRFS info (device loop1): max_inline at 0 [ 483.613473][T10962] BTRFS info (device loop1): using free space tree [ 483.818978][T10984] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1880'. [ 483.857374][ T5508] usb 5-1: Using ep0 maxpacket: 8 [ 484.003781][ T4418] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 484.007942][ T5508] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 484.044102][ T5508] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 484.065904][ T5508] usb 5-1: New USB device found, idVendor=056a, idProduct=0333, bcdDevice= 0.00 [ 484.085777][ T5508] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.108210][ T5508] usb 5-1: config 0 descriptor?? [ 484.611487][ T5508] wacom 0003:056A:0333.0023: item fetching failed at offset 3/8 [ 484.647720][ T5508] wacom 0003:056A:0333.0023: parse failed [ 484.653499][ T5508] wacom: probe of 0003:056A:0333.0023 failed with error -22 [ 484.818997][ T8585] usb 5-1: USB disconnect, device number 54 [ 484.963665][T11019] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1886'. [ 484.997354][ T7164] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 485.397421][ T7164] usb 2-1: Using ep0 maxpacket: 16 [ 485.548815][ T7164] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 485.664397][ T7164] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 485.907285][ T7164] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.961626][ T7164] usb 2-1: config 0 descriptor?? [ 486.247772][ T8586] usbhid 4-1:0.0: can't add hid device: -71 [ 486.247865][ T8586] usbhid: probe of 4-1:0.0 failed with error -71 [ 486.250704][ T8586] usb 4-1: USB disconnect, device number 63 [ 486.290408][T11039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 486.290881][T11039] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 486.300365][T11039] overlayfs: failed to resolve './file1': -2 [ 486.400909][T11043] Process accounting resumed [ 486.577509][ T9329] usb 1-1: new high-speed USB device number 72 using dummy_hcd [ 486.678542][T11032] loop2: detected capacity change from 0 to 32768 [ 486.688353][T11012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 486.708062][T11012] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 486.711757][T11032] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1891 (11032) [ 486.729738][T11050] nfs: Unknown parameter 'ñ&\^' [ 486.739184][ T7164] hid (null): invalid report_size 1684763247 [ 486.753041][ T7164] hid-generic 0003:0158:0100.0024: unknown main item tag 0x1 [ 486.765321][ T7164] hid-generic 0003:0158:0100.0024: unexpected long global item [ 486.776331][ T7164] hid-generic: probe of 0003:0158:0100.0024 failed with error -22 [ 486.793088][T11032] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 486.814416][T11032] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 486.823808][T11032] BTRFS info (device loop2): setting nodatacow, compression disabled [ 486.832524][T11032] BTRFS info (device loop2): enabling auto defrag [ 486.843016][T11032] BTRFS info (device loop2): max_inline at 0 [ 486.849409][T11032] BTRFS info (device loop2): using free space tree [ 486.947559][ T9329] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 486.964928][ T7164] usb 2-1: USB disconnect, device number 60 [ 486.967251][ T9329] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 487.004327][ T9329] usb 1-1: config 0 descriptor?? [ 487.044826][ T3552] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 487.291006][T11040] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 487.310738][T11040] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 487.322331][T11079] loop2: detected capacity change from 0 to 512 [ 487.377547][T11079] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 487.418232][T11079] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1898: casefold flag without casefold feature [ 487.436043][T11079] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.1898: missing EA_INODE flag [ 487.452834][T11079] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1898: error while reading EA inode 12 err=-117 [ 487.466048][T11079] EXT4-fs (loop2): 1 orphan inode deleted [ 487.479284][T11079] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 487.547439][ T9329] [drm] vendor descriptor length:c3 data:cb 22 22 e5 a6 52 6b 06 8f 0f a2 [ 487.572101][ T9329] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 487.588575][ T3552] EXT4-fs (loop2): unmounting filesystem. [ 487.717739][ T7164] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 488.037595][ T7164] usb 5-1: Using ep0 maxpacket: 8 [ 488.188000][ T7164] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 488.282239][ T7164] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 488.314638][ T7164] usb 5-1: New USB device found, idVendor=056a, idProduct=0333, bcdDevice= 0.00 [ 488.341611][ T7164] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.368584][ T9329] [drm:udl_init] *ERROR* Selecting channel failed [ 488.391319][ T7164] usb 5-1: config 0 descriptor?? [ 488.392316][ T9329] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 488.417748][ T9329] [drm] Initialized udl on minor 2 [ 488.437392][ T9329] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 488.455562][ T9329] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 488.479979][ T9329] usb 1-1: USB disconnect, device number 72 [ 488.595472][T11097] Process accounting resumed [ 488.900584][ T7164] wacom 0003:056A:0333.0025: item fetching failed at offset 3/8 [ 488.914519][ T7164] wacom 0003:056A:0333.0025: parse failed [ 488.930242][ T7164] wacom: probe of 0003:056A:0333.0025 failed with error -22 [ 489.101039][ T7164] usb 5-1: USB disconnect, device number 55 [ 489.335369][T11105] loop0: detected capacity change from 0 to 32768 [ 489.363419][T11105] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1908 (11105) [ 489.416376][T11105] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 489.448130][T11105] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 489.472811][T11105] BTRFS info (device loop0): setting nodatacow, compression disabled [ 489.504912][T11105] BTRFS info (device loop0): enabling auto defrag [ 489.532576][T11105] BTRFS info (device loop0): max_inline at 0 [ 489.557310][T11105] BTRFS info (device loop0): using free space tree [ 489.815618][T11117] nfs: Unknown parameter 'ñ&\^' [ 489.871725][T11124] loop4: detected capacity change from 0 to 512 [ 489.881312][T11124] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 489.904313][T11124] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.1912: casefold flag without casefold feature [ 489.932085][T11124] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.1912: missing EA_INODE flag [ 490.055288][T11124] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1912: error while reading EA inode 12 err=-117 [ 490.323027][T11124] EXT4-fs (loop4): 1 orphan inode deleted [ 490.687348][T11124] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 490.951783][ T5224] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 491.130143][ T26] audit: type=1800 audit(1719625687.609:57): pid=11147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1912" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 491.654974][T11157] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1915'. [ 491.722516][T11156] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1915'. [ 491.750406][ T8592] EXT4-fs (loop4): unmounting filesystem. [ 491.781849][T11161] Process accounting resumed [ 492.339845][T11176] nfs: Unknown parameter 'ñ&\^' [ 493.663979][T11190] loop0: detected capacity change from 0 to 512 [ 493.911628][T11190] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 494.206448][T11190] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1928: casefold flag without casefold feature [ 494.367707][T11190] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.1928: missing EA_INODE flag [ 494.437595][T11190] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1928: error while reading EA inode 12 err=-117 [ 494.517692][T11190] EXT4-fs (loop0): 1 orphan inode deleted [ 494.523479][T11190] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 494.644327][ T5224] EXT4-fs (loop0): unmounting filesystem. [ 494.806716][T11202] Process accounting resumed [ 494.962243][T11186] loop4: detected capacity change from 0 to 32768 [ 494.994847][T11186] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1927 (11186) [ 495.039201][T11186] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 495.067988][T11186] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 495.097264][ T9329] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 495.105011][T11186] BTRFS info (device loop4): setting nodatacow, compression disabled [ 495.115924][T11205] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1933'. [ 495.134820][T11205] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1933'. [ 495.142825][T11186] BTRFS info (device loop4): enabling auto defrag [ 495.167724][T11186] BTRFS info (device loop4): max_inline at 0 [ 495.192444][T11186] BTRFS info (device loop4): using free space tree [ 495.445532][ T8592] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 495.477483][ T9329] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 495.497262][ T9329] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.517779][ T9329] usb 4-1: config 0 descriptor?? [ 495.762093][T11236] nfs: Unknown parameter 'ñ&\^' [ 496.127400][ T9329] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 496.134985][ T9329] [drm] Initialized udl on minor 2 [ 496.337398][ T9329] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 496.515884][ T9329] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 496.685634][ T9329] usb 4-1: USB disconnect, device number 64 [ 496.697439][ T9324] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 496.794518][ T9324] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 496.934893][ T9324] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 497.088841][T11250] kernel profiling enabled (shift: 2) [ 497.157192][ C1] ================================================================== [ 497.165290][ C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0 [ 497.172415][ C1] Read of size 8 at addr ffffc90009feef40 by task kworker/1:27/9329 [ 497.180428][ C1] [ 497.182747][ C1] CPU: 1 PID: 9329 Comm: kworker/1:27 Not tainted 6.1.96-syzkaller #0 [ 497.190895][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 497.200957][ C1] Workqueue: usb_hub_wq hub_event [ 497.206003][ C1] Call Trace: [ 497.209289][ C1] [ 497.212137][ C1] dump_stack_lvl+0x1e3/0x2cb [ 497.216844][ C1] ? nf_tcp_handle_invalid+0x642/0x642 [ 497.222319][ C1] ? panic+0x764/0x764 [ 497.226396][ C1] ? _printk+0xd1/0x111 [ 497.230564][ C1] print_report+0x15f/0x4f0 [ 497.235081][ C1] ? __virt_addr_valid+0xb9/0x520 [ 497.240119][ C1] ? profile_pc+0xa4/0xe0 [ 497.244469][ C1] kasan_report+0x136/0x160 [ 497.248981][ C1] ? profile_pc+0xa4/0xe0 [ 497.253410][ C1] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 497.259311][ C1] profile_pc+0xa4/0xe0 [ 497.263478][ C1] profile_tick+0xee/0x170 [ 497.267904][ C1] tick_sched_timer+0x390/0x550 [ 497.272755][ C1] ? tick_setup_sched_timer+0x2f0/0x2f0 [ 497.278290][ C1] __hrtimer_run_queues+0x5a7/0xe50 [ 497.283486][ C1] ? hrtimer_interrupt+0x980/0x980 [ 497.288587][ C1] ? ktime_get_update_offsets_now+0x407/0x420 [ 497.294641][ C1] hrtimer_interrupt+0x392/0x980 [ 497.299574][ C1] __sysvec_apic_timer_interrupt+0x156/0x580 [ 497.305548][ C1] sysvec_apic_timer_interrupt+0x8c/0xb0 [ 497.311168][ C1] [ 497.314085][ C1] [ 497.317005][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 497.322977][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130 [ 497.329468][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 c2 b8 4c f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 67 06 c9 f6 65 8b 05 08 13 6d 75 85 c0 74 3f 48 c7 04 24 0e 36 [ 497.349172][ C1] RSP: 0018:ffffc90009feef40 EFLAGS: 00000206 [ 497.355226][ C1] RAX: 3fe5006dd7659800 RBX: 1ffff920013fddec RCX: ffffffff816ad45a [ 497.363185][ C1] RDX: dffffc0000000000 RSI: ffffffff8aec0240 RDI: 0000000000000001 [ 497.371151][ C1] RBP: ffffc90009feefd0 R08: dffffc0000000000 R09: fffffbfff2093849 [ 497.379109][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 497.387065][ C1] R13: 1ffff920013fdde8 R14: ffffc90009feef60 R15: 0000000000000246 [ 497.395032][ C1] ? mark_lock+0x9a/0x340 [ 497.399356][ C1] ? _raw_spin_unlock+0x40/0x40 [ 497.404207][ C1] ? __wake_up_common+0x2a0/0x4e0 [ 497.409221][ C1] __wake_up_sync_key+0x121/0x1c0 [ 497.414236][ C1] ? __wake_up_locked_key_bookmark+0x20/0x20 [ 497.420212][ C1] ? sock_def_readable+0x1d/0x280 [ 497.425226][ C1] sock_def_readable+0x15b/0x280 [ 497.430153][ C1] netlink_broadcast+0xba4/0x10b0 [ 497.435169][ C1] kobject_uevent_net_broadcast+0x377/0x560 [ 497.441049][ C1] kobject_uevent_env+0x576/0x8c0 [ 497.446068][ C1] device_del+0x9c4/0xbd0 [ 497.450388][ C1] ? kill_device+0x160/0x160 [ 497.454966][ C1] device_unregister+0x1c/0xc0 [ 497.459717][ C1] drm_sysfs_connector_remove+0xcc/0xf0 [ 497.465257][ C1] drm_connector_unregister+0x1fd/0x270 [ 497.470793][ C1] drm_connector_unregister_all+0xfb/0x1e0 [ 497.476590][ C1] ? drm_modeset_unregister_all+0x11/0x30 [ 497.482294][ C1] ? drm_connector_register+0x2d0/0x2d0 [ 497.487827][ C1] ? drm_client_dev_unregister+0x25a/0x2d0 [ 497.493620][ C1] drm_modeset_unregister_all+0x11/0x30 [ 497.499152][ C1] drm_dev_unregister+0x145/0x6b0 [ 497.504163][ C1] drm_dev_unplug+0x47/0xb0 [ 497.508649][ C1] usb_unbind_interface+0x1cd/0x840 [ 497.513834][ C1] ? kernfs_remove_by_name_ns+0x10f/0x150 [ 497.519536][ C1] ? usb_driver_release_interface+0x1c0/0x1c0 [ 497.525588][ C1] device_release_driver_internal+0x59e/0x880 [ 497.531641][ C1] bus_remove_device+0x2e5/0x400 [ 497.536569][ C1] device_del+0x6e2/0xbd0 [ 497.540888][ C1] ? kill_device+0x160/0x160 [ 497.545461][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 497.551425][ C1] ? usb_disconnect+0xfa/0x8c0 [ 497.556172][ C1] ? mutex_lock_nested+0x10/0x10 [ 497.561095][ C1] usb_disable_device+0x3b8/0x840 [ 497.566106][ C1] usb_disconnect+0x33c/0x8c0 [ 497.570791][ C1] hub_event+0x1f78/0x5730 [ 497.575216][ C1] ? led_work+0x700/0x700 [ 497.579550][ C1] ? read_lock_is_recursive+0x10/0x10 [ 497.584925][ C1] ? preempt_schedule+0xd9/0xe0 [ 497.589769][ C1] ? memblock_is_reserved+0x6d/0x106 [ 497.595045][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 497.600324][ C1] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 497.605948][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 497.611308][ C1] ? process_one_work+0x7a9/0x11d0 [ 497.616404][ C1] process_one_work+0x8a9/0x11d0 [ 497.621338][ C1] ? worker_detach_from_pool+0x260/0x260 [ 497.626972][ C1] ? _raw_spin_lock_irqsave+0x120/0x120 [ 497.632545][ C1] ? kthread_data+0x4e/0xc0 [ 497.637148][ C1] ? wq_worker_running+0x97/0x190 [ 497.642180][ C1] worker_thread+0xd04/0x1200 [ 497.646849][ C1] ? _raw_spin_unlock+0x40/0x40 [ 497.651689][ C1] kthread+0x28d/0x320 [ 497.655740][ C1] ? worker_clr_flags+0x190/0x190 [ 497.660749][ C1] ? kthread_blkcg+0xd0/0xd0 [ 497.665322][ C1] ret_from_fork+0x1f/0x30 [ 497.669726][ C1] [ 497.672725][ C1] [ 497.675036][ C1] The buggy address belongs to stack of task kworker/1:27/9329 [ 497.682554][ C1] and is located at offset 0 in frame: [ 497.688073][ C1] _raw_spin_unlock_irqrestore+0x0/0x130 [ 497.693693][ C1] [ 497.695997][ C1] This frame has 1 object: [ 497.700388][ C1] [32, 40) 'flags.i.i.i.i' [ 497.700398][ C1] [ 497.707177][ C1] The buggy address belongs to the virtual mapping at [ 497.707177][ C1] [ffffc90009fe8000, ffffc90009ff1000) created by: [ 497.707177][ C1] copy_process+0x637/0x4060 [ 497.724784][ C1] [ 497.727089][ C1] The buggy address belongs to the physical page: [ 497.733484][ C1] page:ffffea000181dc80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x60772 [ 497.743628][ C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 497.750730][ C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 497.759295][ C1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 497.767852][ C1] page dumped because: kasan: bad access detected [ 497.774260][ C1] page_owner tracks the page as allocated [ 497.779952][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 2, tgid 2 (kthreadd), ts 386288314080, free_ts 385190293165 [ 497.797556][ C1] post_alloc_hook+0x18d/0x1b0 [ 497.802306][ C1] get_page_from_freelist+0x31a1/0x3320 [ 497.807918][ C1] __alloc_pages+0x28d/0x770 [ 497.812511][ C1] __vmalloc_node_range+0x92b/0x1490 [ 497.817782][ C1] dup_task_struct+0x3e5/0x6d0 [ 497.822529][ C1] copy_process+0x637/0x4060 [ 497.827204][ C1] kernel_clone+0x222/0x920 [ 497.831700][ C1] kernel_thread+0x152/0x1d0 [ 497.836279][ C1] kthreadd+0x596/0x760 [ 497.840426][ C1] ret_from_fork+0x1f/0x30 [ 497.844833][ C1] page last free stack trace: [ 497.849481][ C1] free_unref_page_prepare+0xf63/0x1120 [ 497.855010][ C1] free_unref_page_list+0x663/0x900 [ 497.860199][ C1] release_pages+0x2836/0x2b40 [ 497.864941][ C1] tlb_flush_mmu+0xfc/0x210 [ 497.869423][ C1] tlb_finish_mmu+0xce/0x1f0 [ 497.873990][ C1] exit_mmap+0x3c3/0x9f0 [ 497.878226][ C1] __mmput+0x115/0x3c0 [ 497.882273][ C1] exit_mm+0x226/0x300 [ 497.886323][ C1] do_exit+0x9f6/0x26a0 [ 497.890480][ C1] do_group_exit+0x202/0x2b0 [ 497.895069][ C1] __x64_sys_exit_group+0x3b/0x40 [ 497.900092][ C1] do_syscall_64+0x3b/0xb0 [ 497.904502][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 497.910384][ C1] [ 497.912690][ C1] Memory state around the buggy address: [ 497.918297][ C1] ffffc90009feee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 497.926336][ C1] ffffc90009feee80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 497.934379][ C1] >ffffc90009feef00: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 [ 497.942524][ C1] ^ [ 497.948661][ C1] ffffc90009feef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 497.956705][ C1] ffffc90009fef000: f1 f1 f1 f1 00 00 00 00 00 f3 f3 f3 f3 f3 f3 f3 [ 497.964744][ C1] ================================================================== [ 497.972784][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 497.979954][ C1] CPU: 1 PID: 9329 Comm: kworker/1:27 Not tainted 6.1.96-syzkaller #0 [ 497.988086][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 497.998125][ C1] Workqueue: usb_hub_wq hub_event [ 498.003140][ C1] Call Trace: [ 498.006401][ C1] [ 498.009244][ C1] dump_stack_lvl+0x1e3/0x2cb [ 498.013910][ C1] ? nf_tcp_handle_invalid+0x642/0x642 [ 498.019354][ C1] ? panic+0x764/0x764 [ 498.023401][ C1] ? rcu_is_watching+0x11/0xb0 [ 498.028144][ C1] ? lock_release+0xd6/0xa20 [ 498.032725][ C1] ? vscnprintf+0x59/0x80 [ 498.037035][ C1] panic+0x318/0x764 [ 498.040913][ C1] ? __wake_up_klogd+0xcc/0x100 [ 498.045742][ C1] ? check_panic_on_warn+0x1d/0xa0 [ 498.050836][ C1] ? memcpy_page_flushcache+0xfc/0xfc [ 498.056190][ C1] ? do_raw_spin_unlock+0x137/0x8a0 [ 498.061374][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 498.067251][ C1] ? _raw_spin_unlock+0x40/0x40 [ 498.072085][ C1] check_panic_on_warn+0x7e/0xa0 [ 498.077005][ C1] ? profile_pc+0xa4/0xe0 [ 498.081320][ C1] end_report+0x66/0x110 [ 498.085545][ C1] kasan_report+0x143/0x160 [ 498.090030][ C1] ? profile_pc+0xa4/0xe0 [ 498.094342][ C1] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 498.100223][ C1] profile_pc+0xa4/0xe0 [ 498.104364][ C1] profile_tick+0xee/0x170 [ 498.108765][ C1] tick_sched_timer+0x390/0x550 [ 498.113601][ C1] ? tick_setup_sched_timer+0x2f0/0x2f0 [ 498.119127][ C1] __hrtimer_run_queues+0x5a7/0xe50 [ 498.124317][ C1] ? hrtimer_interrupt+0x980/0x980 [ 498.129413][ C1] ? ktime_get_update_offsets_now+0x407/0x420 [ 498.135465][ C1] hrtimer_interrupt+0x392/0x980 [ 498.140394][ C1] __sysvec_apic_timer_interrupt+0x156/0x580 [ 498.146362][ C1] sysvec_apic_timer_interrupt+0x8c/0xb0 [ 498.151978][ C1] [ 498.154888][ C1] [ 498.157800][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 498.163764][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130 [ 498.170252][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 c2 b8 4c f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 67 06 c9 f6 65 8b 05 08 13 6d 75 85 c0 74 3f 48 c7 04 24 0e 36 [ 498.190013][ C1] RSP: 0018:ffffc90009feef40 EFLAGS: 00000206 [ 498.196064][ C1] RAX: 3fe5006dd7659800 RBX: 1ffff920013fddec RCX: ffffffff816ad45a [ 498.204019][ C1] RDX: dffffc0000000000 RSI: ffffffff8aec0240 RDI: 0000000000000001 [ 498.211970][ C1] RBP: ffffc90009feefd0 R08: dffffc0000000000 R09: fffffbfff2093849 [ 498.220015][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 498.227977][ C1] R13: 1ffff920013fdde8 R14: ffffc90009feef60 R15: 0000000000000246 [ 498.235942][ C1] ? mark_lock+0x9a/0x340 [ 498.240262][ C1] ? _raw_spin_unlock+0x40/0x40 [ 498.245095][ C1] ? __wake_up_common+0x2a0/0x4e0 [ 498.250107][ C1] __wake_up_sync_key+0x121/0x1c0 [ 498.255118][ C1] ? __wake_up_locked_key_bookmark+0x20/0x20 [ 498.261086][ C1] ? sock_def_readable+0x1d/0x280 [ 498.266096][ C1] sock_def_readable+0x15b/0x280 [ 498.271020][ C1] netlink_broadcast+0xba4/0x10b0 [ 498.276038][ C1] kobject_uevent_net_broadcast+0x377/0x560 [ 498.281922][ C1] kobject_uevent_env+0x576/0x8c0 [ 498.286930][ C1] device_del+0x9c4/0xbd0 [ 498.291245][ C1] ? kill_device+0x160/0x160 [ 498.295818][ C1] device_unregister+0x1c/0xc0 [ 498.300560][ C1] drm_sysfs_connector_remove+0xcc/0xf0 [ 498.306093][ C1] drm_connector_unregister+0x1fd/0x270 [ 498.311623][ C1] drm_connector_unregister_all+0xfb/0x1e0 [ 498.317411][ C1] ? drm_modeset_unregister_all+0x11/0x30 [ 498.323111][ C1] ? drm_connector_register+0x2d0/0x2d0 [ 498.328646][ C1] ? drm_client_dev_unregister+0x25a/0x2d0 [ 498.334437][ C1] drm_modeset_unregister_all+0x11/0x30 [ 498.339973][ C1] drm_dev_unregister+0x145/0x6b0 [ 498.344983][ C1] drm_dev_unplug+0x47/0xb0 [ 498.349468][ C1] usb_unbind_interface+0x1cd/0x840 [ 498.354658][ C1] ? kernfs_remove_by_name_ns+0x10f/0x150 [ 498.360371][ C1] ? usb_driver_release_interface+0x1c0/0x1c0 [ 498.366420][ C1] device_release_driver_internal+0x59e/0x880 [ 498.372478][ C1] bus_remove_device+0x2e5/0x400 [ 498.377400][ C1] device_del+0x6e2/0xbd0 [ 498.381712][ C1] ? kill_device+0x160/0x160 [ 498.386282][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 498.392245][ C1] ? usb_disconnect+0xfa/0x8c0 [ 498.396988][ C1] ? mutex_lock_nested+0x10/0x10 [ 498.401923][ C1] usb_disable_device+0x3b8/0x840 [ 498.406934][ C1] usb_disconnect+0x33c/0x8c0 [ 498.411592][ C1] hub_event+0x1f78/0x5730 [ 498.416005][ C1] ? led_work+0x700/0x700 [ 498.420322][ C1] ? read_lock_is_recursive+0x10/0x10 [ 498.425677][ C1] ? preempt_schedule+0xd9/0xe0 [ 498.430508][ C1] ? memblock_is_reserved+0x6d/0x106 [ 498.435774][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 498.440954][ C1] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 498.446574][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 498.451929][ C1] ? process_one_work+0x7a9/0x11d0 [ 498.457019][ C1] process_one_work+0x8a9/0x11d0 [ 498.461940][ C1] ? worker_detach_from_pool+0x260/0x260 [ 498.467553][ C1] ? _raw_spin_lock_irqsave+0x120/0x120 [ 498.473079][ C1] ? kthread_data+0x4e/0xc0 [ 498.477565][ C1] ? wq_worker_running+0x97/0x190 [ 498.482577][ C1] worker_thread+0xd04/0x1200 [ 498.487238][ C1] ? _raw_spin_unlock+0x40/0x40 [ 498.492073][ C1] kthread+0x28d/0x320 [ 498.496130][ C1] ? worker_clr_flags+0x190/0x190 [ 498.501134][ C1] ? kthread_blkcg+0xd0/0xd0 [ 498.505703][ C1] ret_from_fork+0x1f/0x30 [ 498.510108][ C1] [ 498.513229][ C1] Kernel Offset: disabled [ 498.517537][ C1] Rebooting in 86400 seconds..