last executing test programs: 36.096226598s ago: executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_WANTACK(r0, 0x0, 0x0, 0x0, &(0x7f0000001580)) 35.806430515s ago: executing program 3: syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000001040)='./file1\x00', 0x4040, &(0x7f00000015c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000011,fileset=00000000000000000011,uid=', @ANYRES64, @ANYRES32, @ANYBLOB="cdf7c0c4ada580d5d36bd90806b670b73bb5112f75ca483652cf9b8a22555c3af34a84c5747ac51aa890ca205a0f27d7dde81ad3a01f21810b6de2d56be05416c54e1c6e8459e1643b129327581f7716b38db3d3f3bbeb6d1b846a2aad654e1795850a1f82ac738387d9c3009d18eb2a78258fcc4ac4eb6a12a5650e10ebf077d9ab33f24de7cbffe0", @ANYRESHEX], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010200000000000000006700000008000300", @ANYRES32=r2, @ANYBLOB="0800c300741300000800c400"], 0x30}}, 0x0) 35.656108545s ago: executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="5300000007000046009ce6e7e68cce17bca736"], 0x53) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 35.556772028s ago: executing program 3: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) close(r0) socket$phonet_pipe(0x23, 0x5, 0x2) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x43}, 0x10) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 35.451089355s ago: executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000180)={0xc}) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f00000009c0)=0x2, 0x1) 34.442533464s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x8}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x22}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xf7}, 0x48) 34.270800968s ago: executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x0, 0x0, 0x55595659}}) 34.245846971s ago: executing program 3: r0 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1000407, &(0x7f0000000000)={[{@grpjquota}, {@norecovery}, {@orlov}, {@stripe={'stripe', 0x3d, 0x400}}]}, 0x0, 0x5d9, &(0x7f0000000180)="$eJzs3c9vFFUcAPDvzG5b2qqtxETxYBqNQqK0tIDBHwe4E4I/bl6stBCkQENrtGhiSdCDifHigcSTB/G/UKJXTyYePHjxZEjQGC4aY9bM/uq23W23ZbeD3c8nWfbNvGnfG9pv5837sRNAzxrL/kkj9kXEfBIx0pBXjGrmWOW4u39+cCZ7JVEqvfZHEs9U99WOT6rvw9Uv/nck4sfvkthbWF/uwtLVC9Nzc7NXqtsTixfnJxaWrh48f3H63Oy52UtTz08dO3rk6LHJQ/d0fmlD+uT1t98d+eTUG1998U8y+fUvp5I4Hr+freQ1nkenjMVY/FUqfbh2f/b/eqzTheWkUP89WZGs3cH9K6nESF9EPBojUWj4aY7ER6/kWjegq0pJRAnoUYn4hx5VawfU7u3buw9Ou9wqAXbCnRNRvvtfH//FSt9gjJb7BobuJqv6eZp06W1LVsYP35+6nr2iS/1wQHPL1waqqbXxn5RjczT2lLeG7qar4j9rAZyuvmf7X91m+WNrtsU/7JzlaxHxWLP2/+bx/2ZD/L+1Mvy3JeIfAAAAAAAAOufWiYh4rtn4X1odm9sTTzbO//lpZYXg8Q6Uv/n4X3q7A8UATdw5EfHy6vm/a8fxRwvVcf4HK7MBk7Pn52YPRcRDEXEg+gay7ckNyjj46d4brfIa5/9lr6wOtbmAFent4sDqr5mZXpze7vkCK+5ci3i82Hr+T8wXyxN71s7/zf4ezLdZxt6nb55ulbd5/APdUvoyYn/T9T8rzYBk48/nmCi3ByZqrYL1nnj/s29alS/+IT/Z9X9o4/gfTRo/r2dha9+/PyIOLxVLrfJbxn+9sdG8/d+fvF6off/Me9OLi1cmI/qTk+v3T22tzrBb1eKhFi9Z/B94auP+v3r7vyEOByNiuc0yB2P411Z5rv+Qnyz+Z7Z0/d96Yurm6Letym+v/+9I+Zp+oLpH/x9srN0AzbueAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB/lEbEA5Gk4/V0mo6PRwxHxCMxlM5dXlh89uzldy7NZHnl5/+ntSf9jlS2k9rz/0cbtqfq24Xy04gOR8TDEfF5YbCcP37m8txM3icPAAAAAAAAAAAAAAAAAAAA94nhFuv/M78V8q4d0HXF6rt4h95TzLsCQG7EP/Qu8Q+9S/xD79pW/B/vfD2AnbfN67/hAtgFtP+hV/W1d9iebtcDyEO71//BLtcDAAAAAADoiFsvvXAjiYjlFwfLr0x/Na8+MKjfH3alNO8KALkxhxd6l6m/0LvanPwL7GJJPfV3qVl+69n/SXcqBAAAAAAAAAAAAACss3/frZ83Xf8P7ErW/0PvWrX+fyC/egA7z/p/6F3u8YHNVvFb/w8AAAAAAAAAAAAA+VtYunphem5u9kqPJArV+cr3S30kNkj0RUSrY2q/wPde1uGPm2UluQZIf/7hmcdfIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJn/AgAA//8O5xoP") fdatasync(r0) 34.154260661s ago: executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0) 34.147456349s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00'}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r2, r0, 0x2f, 0x0, 0x0, @prog_fd}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup=r0, r2, 0x2f, 0x0, 0x4, @prog_fd}, 0x20) 34.076298474s ago: executing program 2: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x4040, &(0x7f00000023c0)=ANY=[], 0x3, 0x6ed, &(0x7f0000000900)="$eJzs3U1sHGcZAOB31uv1roHUadOkoEhdNVJBWCR2jAvmQkAIfKhQVQ6cV4nTWNk4le0iJ0LU4efOoQfEqRx8qzigco8EZ6pKqFcfOFRC6qUn34xmdmZ3bY9314lju/R5rJn5Zr7feWdnZn9kTQBfWovTUX0cSSxOv76Rrm9vzbXHtuYm8ux2RNQiohJR7SwiWcnzvno5bqTLr6cb823JYf28t7zw5iefb3/aWavmU1Y+GVSvRO3gps18imZEjOXLg8YPafHD/d3vae/moe2NqreHacCu5MuIPz9Vq/DUdg/Y7OZ98O9sPqj6Uc5b4IxKOvfNA6YiJiOiHhHZe4L86lA52dEdv83THgAAAAAcVePoVZ7biZ3YiHPPYjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/yp//n+ST5Ui3YykeP5/Ld8WefoMGv4gxI8nOsvHz34wAAAAAAAAAPDMvbwTO7ER54r13ST7zf+Vvt/4vxLvxFosxWpcjY1oxXqsx2rMRsRUX0O1jdb6+upsVjPiwoCa1+OjkprXDx/jjWPeZwAAAAAAAAA44+pD8u+OH9z221js/f4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnQRIx1llk04UiPRWVakTUi3KbER9FRO10R3skSdnGxyc/DgAAAHgq9b2rSX2EOs+9GzuxEeeK9d0k+8x/Mfu8XI93YiXWYznWox1LcSv/DJ1+6q9sb821t7fm7qXTwXZ/9NmRhp61GJ3vHsp7fikr0YjbsZxtuRo3I4ndTCVv5aXtrbl0ea98XI/SMSU/zA0YzVhf+lY6u/Rhlv7j3m8RqkfaxSdUOTRnKssd70ZkJh9bWuN8EYHySAw9OtWBPc1GpfvNz4XBPZXH/NHg3if3lSr95uZU7I/E9ah0j9DFwZGI+ObfP/jlnfbK3Tu316bPzi6VendoiW4kvltcZnqRuDRyJBrHPfBTMJPt+4vd9cX4afwipuOziTdiNZbjV9GK9VhqFvmt/PWczqcGR+rjyf61N4aNJD0nm93rV9mYmrFnTNGMn2SpVrySHdNzsRxJ3I+IpXgt+7ses92rQe8IvzjCWV8Z4Urb58q3skU3TDHgtfHX0Zo8Lmlcz/fFtf+aO5Xl9W/pRen50igV97rR70d9qt/IE2kLvxt4fzhp+yMx2xeJFw57vXRC+pfddL7WXrm7eqf19oj9vZov0/PoD2fqLlGLR/F81POdO5/Nk+ycmsmO/gvdO+zeeNXyX1w6Kvvzfvanbr3OmfrzuB+39pyp34v5mI+FrKWLWenxA3esNO9St6X+vLksL32nVe3+sNP/fut+tDvvhwA42ya/PVlr/Lfxr8b7jd837jRer/944vsTl2sx/s/xH1Rnxl6tXE7+Fu/Hb3qf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCe39uDh3Va7vbRanqiUZyWDa7Xau8WDxAaU2ZNI8kfljFA4WXvwcHdog4MTE/nwnrD6cSaKx6gNL9x8hsNINvcfr/rwY1E85WmELpIDAU8rP/GYi557W8bPwKHcn2geX4PFC7Yva/RX73++1qncKDteYxFRVmvIhWNsT4vAF9C19XtvX1t78PA7y/daby29tbQyPj+/MLMw/9rctdvL7aWZzryvwok8/BY4Cf1vJ7pqEfHy8Lpu/gAAAAAAAAAAAHA6TuJ/IU57HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAvtsXpqD6OJGZnrs6k69tbc+10KtK9ktWIqERE8uuI5B8RN6IzxVRfc8lh/by3vPDmJ59vf9prq1qUr0RsHlpvNJv5FM2IGMuXx9XezeHt1XrJiZLspBuZNGBXisDBaftfAAAA//+o7+kR") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000000)=""/63, 0x18) getdents64(r0, 0x0, 0x18) 33.736975107s ago: executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) recvmmsg(r2, &(0x7f0000001f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 33.550143475s ago: executing program 2: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_WANTACK(r0, 0x0, 0x0, 0x0, &(0x7f0000001580)) 33.35760535s ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x87) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) clock_settime(0x26b63767e4fa4493, &(0x7f0000000380)) 33.087562136s ago: executing program 2: syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000001040)='./file1\x00', 0x4040, &(0x7f00000015c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000011,fileset=00000000000000000011,uid=', @ANYRES64, @ANYRES32, @ANYBLOB="cdf7c0c4ada580d5d36bd90806b670b73bb5112f75ca483652cf9b8a22555c3af34a84c5747ac51aa890ca205a0f27d7dde81ad3a01f21810b6de2d56be05416c54e1c6e8459e1643b129327581f7716b38db3d3f3bbeb6d1b846a2aad654e1795850a1f82ac738387d9c3009d18eb2a78258fcc4ac4eb6a12a5650e10ebf077d9ab33f24de7cbffe0", @ANYRESHEX], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010200000000000000006700000008000300", @ANYRES32=r2, @ANYBLOB="0800c300741300000800c400"], 0x30}}, 0x0) 32.417593612s ago: executing program 4: r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000001080), 0x2002, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000080), 0x2) syz_read_part_table(0x107b, &(0x7f0000000000)="$eJzs0L1NxEAQBeBn34+PKmjlAjIyKIA2nGFqIUa0QEwPRJRAhAANWhaXAJd8XzB6sp5npA0ntR2TYWhpGZIlGZMckvvH/VrZrOG91m7y1EbPXzVV1cvD3e63V228ttG/HJObtqbekuWzdrk9jM9Tsuw3w9XF9WW/2M1rGD+q6tj+bXfmZMq27e5+Kudnf/o0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBvvgMAAP//S7Qi7A==") write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000300), 0x2) 31.968843152s ago: executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="5300000007000046009ce6e7e68cce17bca736"], 0x53) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 31.835555234s ago: executing program 4: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x4040, &(0x7f00000023c0)=ANY=[], 0x3, 0x6ed, &(0x7f0000000900)="$eJzs3U1sHGcZAOB31uv1roHUadOkoEhdNVJBWCR2jAvmQkAIfKhQVQ6cV4nTWNk4le0iJ0LU4efOoQfEqRx8qzigco8EZ6pKqFcfOFRC6qUn34xmdmZ3bY9314lju/R5rJn5Zr7feWdnZn9kTQBfWovTUX0cSSxOv76Rrm9vzbXHtuYm8ux2RNQiohJR7SwiWcnzvno5bqTLr6cb823JYf28t7zw5iefb3/aWavmU1Y+GVSvRO3gps18imZEjOXLg8YPafHD/d3vae/moe2NqreHacCu5MuIPz9Vq/DUdg/Y7OZ98O9sPqj6Uc5b4IxKOvfNA6YiJiOiHhHZe4L86lA52dEdv83THgAAAAAcVePoVZ7biZ3YiHPPYjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/yp//n+ST5Ui3YykeP5/Ld8WefoMGv4gxI8nOsvHz34wAAAAAAAAAPDMvbwTO7ER54r13ST7zf+Vvt/4vxLvxFosxWpcjY1oxXqsx2rMRsRUX0O1jdb6+upsVjPiwoCa1+OjkprXDx/jjWPeZwAAAAAAAAA44+pD8u+OH9z221js/f4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnQRIx1llk04UiPRWVakTUi3KbER9FRO10R3skSdnGxyc/DgAAAHgq9b2rSX2EOs+9GzuxEeeK9d0k+8x/Mfu8XI93YiXWYznWox1LcSv/DJ1+6q9sb821t7fm7qXTwXZ/9NmRhp61GJ3vHsp7fikr0YjbsZxtuRo3I4ndTCVv5aXtrbl0ea98XI/SMSU/zA0YzVhf+lY6u/Rhlv7j3m8RqkfaxSdUOTRnKssd70ZkJh9bWuN8EYHySAw9OtWBPc1GpfvNz4XBPZXH/NHg3if3lSr95uZU7I/E9ah0j9DFwZGI+ObfP/jlnfbK3Tu316bPzi6VendoiW4kvltcZnqRuDRyJBrHPfBTMJPt+4vd9cX4afwipuOziTdiNZbjV9GK9VhqFvmt/PWczqcGR+rjyf61N4aNJD0nm93rV9mYmrFnTNGMn2SpVrySHdNzsRxJ3I+IpXgt+7ses92rQe8IvzjCWV8Z4Urb58q3skU3TDHgtfHX0Zo8Lmlcz/fFtf+aO5Xl9W/pRen50igV97rR70d9qt/IE2kLvxt4fzhp+yMx2xeJFw57vXRC+pfddL7WXrm7eqf19oj9vZov0/PoD2fqLlGLR/F81POdO5/Nk+ycmsmO/gvdO+zeeNXyX1w6Kvvzfvanbr3OmfrzuB+39pyp34v5mI+FrKWLWenxA3esNO9St6X+vLksL32nVe3+sNP/fut+tDvvhwA42ya/PVlr/Lfxr8b7jd837jRer/944vsTl2sx/s/xH1Rnxl6tXE7+Fu/Hb3qf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCe39uDh3Va7vbRanqiUZyWDa7Xau8WDxAaU2ZNI8kfljFA4WXvwcHdog4MTE/nwnrD6cSaKx6gNL9x8hsNINvcfr/rwY1E85WmELpIDAU8rP/GYi557W8bPwKHcn2geX4PFC7Yva/RX73++1qncKDteYxFRVmvIhWNsT4vAF9C19XtvX1t78PA7y/daby29tbQyPj+/MLMw/9rctdvL7aWZzryvwok8/BY4Cf1vJ7pqEfHy8Lpu/gAAAAAAAAAAAHA6TuJ/IU57HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAvtsXpqD6OJGZnrs6k69tbc+10KtK9ktWIqERE8uuI5B8RN6IzxVRfc8lh/by3vPDmJ59vf9prq1qUr0RsHlpvNJv5FM2IGMuXx9XezeHt1XrJiZLspBuZNGBXisDBaftfAAAA//+o7+kR") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000000)=""/63, 0x18) getdents64(r0, 0x0, 0x18) 31.424599633s ago: executing program 4: syz_open_dev$usbmon(&(0x7f00000001c0), 0x2, 0x0) io_setup(0x3, &(0x7f0000000180)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/3\x00') io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r1, 0x0}]) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x0) 31.211049012s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000120000f1850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000600)='kfree\x00', r0}, 0x10) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0xc0189436, 0xb) 31.115580883s ago: executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) recvmmsg(r2, &(0x7f0000001f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 31.074514835s ago: executing program 4: unshare(0x2a020400) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) pwritev2(r0, &(0x7f00000002c0), 0x1000000000000228, 0x0, 0x0, 0x0) 30.96310851s ago: executing program 0: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) close(r0) socket$phonet_pipe(0x23, 0x5, 0x2) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x43}, 0x10) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 30.9497927s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x20000000, 0x1, 0xffffffff}, 0x48) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0, 0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000002c0)}, 0x20) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x5}]}}}, @IFLA_MASTER={0x8, 0x3, r7}]}, 0x44}, 0x1, 0x8}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x1d, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x280}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffc0}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @alu={0x4, 0x0, 0x7, 0x8, 0xc, 0xffffffffffffffbc, 0xffffffffffffffff}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7}, @btf_id={0x18, 0xf, 0x3, 0x0, 0x2}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = syz_open_dev$evdev(&(0x7f0000000040), 0x5, 0x121002) ioctl$EVIOCGBITKEY(r8, 0x80404521, &(0x7f0000000440)=""/244) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0xfffffffffffff801]}, 0x8) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=0xffffffffffffffff, 0x4) r9 = syz_open_dev$tty1(0xc, 0x4, 0x1) r10 = dup(r9) ioctl$TIOCL_SETSEL(r10, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d}}) 30.02246033s ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=@framed={{}, [@printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000340)='ext4_ext_remove_space\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYRES16, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="22003300d0000000ffffffffffff080211000000505050d05050000004"], 0x40}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'erspan0\x00', 0x0}) syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0) ioctl$VIDIOC_G_DV_TIMINGS(0xffffffffffffffff, 0xc0285628, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x7, 0x10001, 0x0, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="b70000000000000007000000000000009500e200000000001e5286574356940658273ad1326fc65be4b1037a74cfb5af100fc4e94d123d9b22a7561b8850821bc1f8b5b0a3e3b79b0d96ab7cc60e0e144f0f04bfffe68fe46421a161eedd1a5cee316f68f7617859f06c8efd5da6abe446649c322209b1af93c6c999058168ad0a70992124d19c7c9cc22ff9a6b1a058039ab938480e8697f8715bcb18e1fd0773909464a783148e0e7b604a6c47b33c43a3ffff92ec8bbde1af40f29cfcf0836a70a2f6b1192ab8f24ca363492393e1c2a3b190180caafbf8cfca720074bdcc7cbd978efd8404a1c700000000d97899514e64e36cad5eba82010b2d149ac02e5f07000000000000000000000000000000000000000000009d5df0e0dbb9821d9c5402474d5866ce5eb60188d83ac741b45aeacac594cf09de9b460f48b96ae8a0eead478e46c8ca3e4c5d2b3cb4ad48c830e8003c45f5b2dcbf36b7e8be59ca4b46266cf75bea8a22ab71895d954dc6d28864144c73391770690a9301cde97565d509effc252599b26555355d7955f551df82ea475a711ec56d00000000a89c7533c9955fd63cd00cb83d1228"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195}, 0x48) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x100400, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r4, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x3c) setsockopt$sock_attach_bpf(r4, 0x1, 0x34, &(0x7f00000000c0)=r3, 0x4) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6}]}, 0x10) 4.12271326s ago: executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000040)=0x101, 0x4) getsockopt$SO_TIMESTAMP(r3, 0x1, 0x8, 0x0, &(0x7f00000001c0)) 4.108124754s ago: executing program 1: r0 = socket(0x15, 0x5, 0x0) connect$rxrpc(r0, &(0x7f0000000000)=@in4={0xa, 0x0, 0x2, 0x10, {0xfc, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x24) getsockname$l2tp(r0, 0x0, &(0x7f0000000040)) 3.043451648s ago: executing program 2: syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000240)='./bus\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d66326673002c00ff371013587045d0d273e856ce75c2b11120ece6d6a76856a2cdd8c835ef14aa3aea583b7f3affd12ff9abc9b21098874a75607f009920ad1a283ce7b8b528e239692ab156e30dd8365f708e6c98cfcd0b30d5304dd70f87da026e2d4e4df1ad07ba72683f43d76541d455d1fa118f0900000009fe28bfded255e7c5806f05b80ec0e186b4f72759eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4728bb2a2c2d20bc5e61b0a4c7ddb25da21c75f35f711581d1f5b8db3be07c80000000000000000"], 0x1, 0x54f4, &(0x7f0000005600)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdj0Y9Fb1V38wC7Fj4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJmZ6tYvhKaNtb8fTJ6ZN2+eed5QCs9MmADOrfn0px+SuBFXImI2Iq5H5PtJueXWivBMRNyMiJnHtqQc/23gYkRcjYgb4+RFzqR865Pbo1ur37/245dfX7pw7dMvvpneqoFpezYietvF/l6viFm7iA/L8fqok8feyqiMxRu9R+VxVsS91maeYa9+OK+ex+V2MT/b3h2MY5LUG+PY7mzl49v94oSDUfswT/6Bh/Wd/LjZ2sxjZ5DlsX1Q1LV/UPxvOxgMizzNMt/7efoYDg9jMd7abxXr2X6Ux0Z/WI4XebNma38cR2UsTxeNrNvM69g8zjf93/Z6p7+7n45aO4NO1k9Xq7XnqrW7ldpO1mwNWyuVeq95dyVdaHfH0yrDVr231s6ydrdVbWS9xXSh3WhUarV04V5rs1Pvp7Vadbl6p7K6WO7dTl9+8HbabaYL4/hip7877HQH6Va2kxafWEyXqsvPL6a3aumb6xvpxhv3769vvPXuvXcevLD+6kvlpD+VlS4s3VlaqtTuVJZqi+do/R+WRU9w/XAsybQLADh79P/ANEyj/9/qTq7/D/3/RJyp/ve89/8nsH44Fv0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC59e3cZ6/kO/PF8bVy/ImIm+Ohp8rjJCJmIuKXvzAbF4/knC3zzP3N/Lk/1PBVEnmG8TkuldvViFgrt5+fPOlvAQAAAP6/Pv/g5sdFt168zE+7IE5TcdFm5vp7E8qXRMTc/HcTyjYzfnl6Qsnyv+8LsT+hbPkFrMsTSlZccrswqWz/yuyRcPmxkBRh5lTLAQAATsXRTuB0uxAAAABO00fTLoDpSOLwVubhveD8l/e/3xC8cuQIAAAAOIOSaRcAAAAAnLi8//+H5/+F5/8BAADA2Vc8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiVnfvJSR2K4gB8Wuh7vD9GYpy7FWewDJfg0KFhAW6CJeAW3ABrwJlLMGBoS7QGE5PetpF8X9JebkN+nBIm515SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJzsZo/3l89tM3Z7tpJczcAAADAMZtiNS9fTKv5v/r6WX3pop5nEZFHxLHefRS/GpmjOqf44v3FpxqeIsqE/Wf8ro+/EXFdH6/nXX8LAAAAcLrWi+Ws6tar03ToguhTtWiT/79JlJdFRDF9SZSW70+XicLK3/c47hKllQtYk0Rh1ZLbOFXat4waw+TDkFVD3ms5AABAL5qdQL9dCAAAAH26HboAhpHFYSvzsBdc/vP+fUPwT2MGAAAA/EDZ0AUAAAAAnSv7f8//AwAAgNNWPf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2K1Xy9WM7a5mx37aS5GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7nNY4qDgD4d2Z2trYqxig5RETBg17sdlNbe/WgBA/+CUJItzW69Ueagy1FyMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnmmkacLV0Zpt8PvD2fWcY5n3fJIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2eW8vzoqPhWmcVudu3b+2XvS39/WFGzt3lotWxEmbST8dXm0eJEvdJQIAAMDRkdX1fUTczXdXiz5dKOv/vL6mqPl/eH4a1/X8/rq/7uvav2i//3bv5QcDLUzHKW56YWM8OvVoKr0nN8v59sK/XtErn3z57iUrvyDph9svTfLyeSbf3bz5fr8Mj7WRLQDwf5ys+yqofx8q+mGXiQFwZPQahXdd/2cL3eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IbJdjxbx0lELPf24sLt+9fWD+pv7NxZrtvZ69d3mvcsbpFHxIWN8ehUi3OZd5evXP1sbTwebbYfvBYR3Y1eBR/PcE1ElxkKHjdIq+/1ecnn6Qg6/sEEAMChk1etqOvv5rurxblkMeLvHx+u/99sxDFj/X/vk7O3mmM16/9hazOcf4OtS18OLl+5+vbGpbWLo4ujz99ZGb47PH3uzJlzg/JdycAbEwAAAB5PP4no76v/08VH1/9PNOKYsf7/6vvhN82xMvX/gfYW/brOBAAA4Gh78fW//kwOOJ/0+/H12tbW5nD6WR3H5kp5vNJBqv/Zsao16/9sseusAAAAgDZMtpOH1v/PN+KYcf3/uZ9e+aV5zywijlfr/yfXvxifb286c62NPyfueo4AAAB063jVmuv/ebn/P32w5SGNiLfemMbVvwGcqf7PPvj25+ZYzf3/p9ub4lxKl6bPo+yXInpLXWcEAADAYfZM1Ypi/498d/XTX0981Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//K8ZAQg==") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3) 910.781818ms ago: executing program 4: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x4040, &(0x7f00000023c0)=ANY=[], 0x3, 0x6ed, &(0x7f0000000900)="$eJzs3U1sHGcZAOB31uv1roHUadOkoEhdNVJBWCR2jAvmQkAIfKhQVQ6cV4nTWNk4le0iJ0LU4efOoQfEqRx8qzigco8EZ6pKqFcfOFRC6qUn34xmdmZ3bY9314lju/R5rJn5Zr7feWdnZn9kTQBfWovTUX0cSSxOv76Rrm9vzbXHtuYm8ux2RNQiohJR7SwiWcnzvno5bqTLr6cb823JYf28t7zw5iefb3/aWavmU1Y+GVSvRO3gps18imZEjOXLg8YPafHD/d3vae/moe2NqreHacCu5MuIPz9Vq/DUdg/Y7OZ98O9sPqj6Uc5b4IxKOvfNA6YiJiOiHhHZe4L86lA52dEdv83THgAAAAAcVePoVZ7biZ3YiHPPYjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/yp//n+ST5Ui3YykeP5/Ld8WefoMGv4gxI8nOsvHz34wAAAAAAAAAPDMvbwTO7ER54r13ST7zf+Vvt/4vxLvxFosxWpcjY1oxXqsx2rMRsRUX0O1jdb6+upsVjPiwoCa1+OjkprXDx/jjWPeZwAAAAAAAAA44+pD8u+OH9z221js/f4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnQRIx1llk04UiPRWVakTUi3KbER9FRO10R3skSdnGxyc/DgAAAHgq9b2rSX2EOs+9GzuxEeeK9d0k+8x/Mfu8XI93YiXWYznWox1LcSv/DJ1+6q9sb821t7fm7qXTwXZ/9NmRhp61GJ3vHsp7fikr0YjbsZxtuRo3I4ndTCVv5aXtrbl0ea98XI/SMSU/zA0YzVhf+lY6u/Rhlv7j3m8RqkfaxSdUOTRnKssd70ZkJh9bWuN8EYHySAw9OtWBPc1GpfvNz4XBPZXH/NHg3if3lSr95uZU7I/E9ah0j9DFwZGI+ObfP/jlnfbK3Tu316bPzi6VendoiW4kvltcZnqRuDRyJBrHPfBTMJPt+4vd9cX4afwipuOziTdiNZbjV9GK9VhqFvmt/PWczqcGR+rjyf61N4aNJD0nm93rV9mYmrFnTNGMn2SpVrySHdNzsRxJ3I+IpXgt+7ses92rQe8IvzjCWV8Z4Urb58q3skU3TDHgtfHX0Zo8Lmlcz/fFtf+aO5Xl9W/pRen50igV97rR70d9qt/IE2kLvxt4fzhp+yMx2xeJFw57vXRC+pfddL7WXrm7eqf19oj9vZov0/PoD2fqLlGLR/F81POdO5/Nk+ycmsmO/gvdO+zeeNXyX1w6Kvvzfvanbr3OmfrzuB+39pyp34v5mI+FrKWLWenxA3esNO9St6X+vLksL32nVe3+sNP/fut+tDvvhwA42ya/PVlr/Lfxr8b7jd837jRer/944vsTl2sx/s/xH1Rnxl6tXE7+Fu/Hb3qf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCe39uDh3Va7vbRanqiUZyWDa7Xau8WDxAaU2ZNI8kfljFA4WXvwcHdog4MTE/nwnrD6cSaKx6gNL9x8hsNINvcfr/rwY1E85WmELpIDAU8rP/GYi557W8bPwKHcn2geX4PFC7Yva/RX73++1qncKDteYxFRVmvIhWNsT4vAF9C19XtvX1t78PA7y/daby29tbQyPj+/MLMw/9rctdvL7aWZzryvwok8/BY4Cf1vJ7pqEfHy8Lpu/gAAAAAAAAAAAHA6TuJ/IU57HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAvtsXpqD6OJGZnrs6k69tbc+10KtK9ktWIqERE8uuI5B8RN6IzxVRfc8lh/by3vPDmJ59vf9prq1qUr0RsHlpvNJv5FM2IGMuXx9XezeHt1XrJiZLspBuZNGBXisDBaftfAAAA//+o7+kR") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000000)=""/63, 0x18) getdents64(r0, 0x0, 0x18) 0s ago: executing program 0: io_uring_setup(0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x345}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) landlock_create_ruleset(&(0x7f0000000040), 0x18, 0x0) kernel console output (not intermixed with test programs): 9a50-61ac97e9b59d [ 365.566659][ T2860] veth0_vlan: left promiscuous mode [ 365.612542][T11772] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 365.657132][ T5105] Bluetooth: hci0: command tx timeout [ 365.820729][T11772] BTRFS info (device loop1): rebuilding free space tree [ 365.883061][T11772] BTRFS info (device loop1): disabling free space tree [ 365.896053][T11772] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 365.919639][T11772] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 366.400181][ T29] audit: type=1800 audit(1717791272.865:2266): pid=11799 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 366.441548][ T5099] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 367.750553][ T5105] Bluetooth: hci0: command tx timeout [ 367.822741][ T2860] team0 (unregistering): Port device team_slave_1 removed [ 367.886171][T11838] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 367.911178][ T29] audit: type=1804 audit(1717791274.375:2267): pid=11837 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2412080266/syzkaller.B77Nwk/33/file0" dev="sda1" ino=1958 res=1 errno=0 [ 368.025186][ T2860] team0 (unregistering): Port device team_slave_0 removed [ 368.931602][T11850] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 368.986896][T11850] vlan2: entered promiscuous mode [ 368.996738][T11850] veth0: entered promiscuous mode [ 369.063719][T11850] veth0: left promiscuous mode [ 369.113218][T11859] loop0: detected capacity change from 0 to 256 [ 369.157786][T11715] chnl_net:caif_netlink_parms(): no params data found [ 369.407494][ T29] audit: type=1804 audit(1717791275.875:2268): pid=11870 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1984873513/syzkaller.IDjntD/472/bus" dev="sda1" ino=1950 res=1 errno=0 [ 369.531969][T11715] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.547144][T11715] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.603695][T11715] bridge_slave_0: entered allmulticast mode [ 369.626615][T11715] bridge_slave_0: entered promiscuous mode [ 369.675977][T11715] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.701407][T11715] bridge0: port 2(bridge_slave_1) entered disabled state [ 369.726638][ T29] audit: type=1804 audit(1717791276.185:2269): pid=11872 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1950 res=1 errno=0 [ 369.749146][T11715] bridge_slave_1: entered allmulticast mode [ 369.773158][T11715] bridge_slave_1: entered promiscuous mode [ 369.816713][ T5105] Bluetooth: hci0: command tx timeout [ 369.872816][T11715] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 369.933678][T11715] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 370.106192][T11715] team0: Port device team_slave_0 added [ 370.145237][T11715] team0: Port device team_slave_1 added [ 370.252352][T11715] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 370.274872][T11715] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 370.361088][T11856] loop1: detected capacity change from 0 to 32768 [ 370.363248][T11715] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 370.374774][T11856] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (11856) [ 370.439710][T11856] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 370.462727][T11715] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 370.488967][T11715] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 370.509539][T11856] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 370.574215][T11856] BTRFS info (device loop1): using free-space-tree [ 370.576366][T11715] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 370.910245][T11715] hsr_slave_0: entered promiscuous mode [ 370.929040][ T5099] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 370.947247][T11715] hsr_slave_1: entered promiscuous mode [ 370.970589][T11715] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 370.983609][T11715] Cannot create hsr debugfs directory [ 371.580371][T11915] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 372.337756][T11715] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 372.373781][T11715] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 372.414474][T11715] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 372.449551][T11715] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 373.039607][T11715] 8021q: adding VLAN 0 to HW filter on device bond0 [ 373.082911][T11941] loop1: detected capacity change from 0 to 64 [ 373.191388][T11715] 8021q: adding VLAN 0 to HW filter on device team0 [ 373.278259][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state [ 373.285473][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 373.416892][ T5152] bridge0: port 2(bridge_slave_1) entered blocking state [ 373.424066][ T5152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 373.837621][T11948] serio: Serial port pts0 [ 374.418327][T11715] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 374.796521][ T29] audit: type=1800 audit(1717791281.235:2270): pid=11933 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1945 res=0 errno=0 [ 375.336239][T11715] veth0_vlan: entered promiscuous mode [ 375.371811][T11715] veth1_vlan: entered promiscuous mode [ 375.455309][T11715] veth0_macvtap: entered promiscuous mode [ 375.475600][T11715] veth1_macvtap: entered promiscuous mode [ 375.528795][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 375.562363][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.588753][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 375.608155][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.636612][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 375.656845][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.679331][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 375.706184][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.726085][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 375.758790][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.790815][T11715] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 375.838366][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 375.896758][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.907931][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 375.927582][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.945562][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 375.966462][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.999274][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 376.035615][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.064444][T11715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 376.092668][T11715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.124702][ T29] audit: type=1800 audit(1717791282.585:2271): pid=11979 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 376.132393][T11715] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 376.277301][T11715] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.286052][T11715] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.343457][T11715] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.382632][T11715] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.594377][T11975] loop0: detected capacity change from 0 to 32768 [ 376.630944][T11975] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (11975) [ 376.669441][ T2823] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 376.698035][ T2823] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 376.721819][T11975] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 376.766893][T11975] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 376.810659][T11975] BTRFS info (device loop0): using free-space-tree [ 376.820681][ T2823] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 376.877078][ T2823] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 376.926179][T11977] loop1: detected capacity change from 0 to 32768 [ 377.018542][T12001] overlayfs: lower data-only dirs require metacopy support. [ 377.082076][T11977] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 377.134125][T11977] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 377.192780][T11977] bcachefs (loop1): alloc_read... done [ 377.210621][T12012] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 377.212703][T11977] bcachefs (loop1): stripes_read... done [ 377.253374][T11977] bcachefs (loop1): snapshots_read... done [ 377.268809][ T5106] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 377.287853][T11977] bcachefs (loop1): journal_replay... done [ 377.328088][T11977] bcachefs (loop1): resume_logged_ops... done [ 377.361952][T11977] bcachefs (loop1): going read-write [ 377.376097][T11977] bcachefs (loop1): done starting filesystem [ 377.398908][T12019] loop4: detected capacity change from 0 to 64 [ 377.730513][T11977] syz-executor.1 (11977) used greatest stack depth: 15224 bytes left [ 377.790566][ T5099] bcachefs (loop1): shutting down [ 377.816263][ T5099] bcachefs (loop1): going read-only [ 377.831044][ T5099] bcachefs (loop1): finished waiting for writes to stop [ 377.870457][ T5099] bcachefs (loop1): flushing journal and stopping allocators, journal seq 13 [ 377.928255][ T5099] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 14 [ 377.992174][ T5099] bcachefs (loop1): shutdown complete, journal seq 15 [ 378.004496][T12033] loop0: detected capacity change from 0 to 512 [ 378.039684][ T5099] bcachefs (loop1): marking filesystem clean [ 378.108489][T12033] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 378.129103][ T5099] bcachefs (loop1): shutdown complete [ 378.205653][T12033] ext4 filesystem being mounted at /root/syzkaller-testdir1984873513/syzkaller.IDjntD/481/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 378.422000][ T5106] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 378.938680][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.945193][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.066717][ T29] audit: type=1804 audit(1717791285.525:2272): pid=12051 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2412080266/syzkaller.B77Nwk/52/file0" dev="sda1" ino=1965 res=1 errno=0 [ 379.178919][T12042] loop4: detected capacity change from 0 to 32768 [ 379.196145][T12042] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (12042) [ 379.249065][T12042] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 379.275167][T12042] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 379.286766][T12042] BTRFS info (device loop4): using free-space-tree [ 379.502326][T11715] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 379.538616][ T5250] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 379.612633][T12089] usb usb8: usbfs: process 12089 (syz-executor.2) did not claim interface 0 before use [ 379.746425][ T5250] usb 1-1: Using ep0 maxpacket: 8 [ 379.767763][ T5250] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 379.779846][ T5250] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 379.811931][ T5250] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0 [ 379.836402][ T5250] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 379.876667][ T5250] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 379.885753][ T5250] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.928597][ T5250] usb 1-1: config 0 descriptor?? [ 380.072955][ T29] audit: type=1804 audit(1717791286.535:2273): pid=12093 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2412080266/syzkaller.B77Nwk/56/file0" dev="sda1" ino=1941 res=1 errno=0 [ 380.088412][T12101] input: syz0 as /devices/virtual/input/input7 [ 380.173727][ T5250] usb 1-1: USB disconnect, device number 6 [ 380.665821][T12129] loop4: detected capacity change from 0 to 2048 [ 380.691234][T12129] EXT4-fs: Ignoring removed mblk_io_submit option [ 380.732941][T12129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 380.900055][T11715] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.946455][ T29] audit: type=1804 audit(1717791287.395:2274): pid=12135 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2412080266/syzkaller.B77Nwk/59/file0" dev="sda1" ino=1962 res=1 errno=0 [ 381.658291][T12164] loop1: detected capacity change from 0 to 2048 [ 381.668771][T12164] EXT4-fs: Ignoring removed mblk_io_submit option [ 381.716672][T12164] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 381.790303][T12172] loop0: detected capacity change from 0 to 2048 [ 381.888811][T12172] loop0: p1 p2 p3 [ 381.913585][ T5099] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 382.734749][T12170] loop4: detected capacity change from 0 to 32768 [ 383.497760][T12218] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 383.560339][T12196] loop0: detected capacity change from 0 to 32768 [ 383.659561][T12196] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 383.722351][T12235] loop4: detected capacity change from 0 to 64 [ 383.973703][T12196] XFS (loop0): Ending clean mount [ 384.016078][T12196] XFS (loop0): Quotacheck needed: Please wait. [ 384.077906][T12248] xt_TCPMSS: Only works on TCP SYN packets [ 384.205158][T12196] XFS (loop0): Quotacheck: Done. [ 384.270634][T12253] Bluetooth: MGMT ver 1.22 [ 384.462805][ T5106] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 384.744045][T12273] x_tables: duplicate underflow at hook 3 [ 384.809187][T12273] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'. [ 384.936809][T12279] loop4: detected capacity change from 0 to 1024 [ 384.959984][T12273] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 385.004027][T12273] bridge_slave_1: left allmulticast mode [ 385.031323][T12273] bridge_slave_1: left promiscuous mode [ 385.046648][T12279] hfsplus: request for non-existent node -709361664 in B*Tree [ 385.054834][T12273] bridge0: port 2(bridge_slave_1) entered disabled state [ 385.072380][T12279] hfsplus: request for non-existent node -709361664 in B*Tree [ 385.100466][T12273] bridge_slave_0: left allmulticast mode [ 385.121352][T12273] bridge_slave_0: left promiscuous mode [ 385.128830][T12279] hfsplus: b-tree write err: -5, ino 8 [ 385.166676][T12273] bridge0: port 1(bridge_slave_0) entered disabled state [ 385.514888][T12275] wireguard0: entered promiscuous mode [ 385.626905][T12275] wireguard0: entered allmulticast mode [ 386.174192][T12310] loop1: detected capacity change from 0 to 2048 [ 386.249016][T12310] loop1: p1 p2 p3 [ 386.458536][T12285] loop0: detected capacity change from 0 to 32768 [ 386.487859][T12285] XFS: noattr2 mount option is deprecated. [ 386.502402][T12285] XFS (loop0): attr2 and noattr2 cannot both be specified. [ 386.955337][T12340] loop1: detected capacity change from 0 to 1024 [ 387.029120][T12340] hfsplus: request for non-existent node -709361664 in B*Tree [ 387.051050][T12340] hfsplus: request for non-existent node -709361664 in B*Tree [ 387.061908][T12340] hfsplus: b-tree write err: -5, ino 8 [ 387.282090][T12349] netlink: 203516 bytes leftover after parsing attributes in process `syz-executor.2'. [ 387.330134][T12351] loop4: detected capacity change from 0 to 512 [ 387.339662][T12349] netlink: zone id is out of range [ 387.367416][T12351] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 387.377812][T12349] netlink: zone id is out of range [ 387.396861][T12349] netlink: zone id is out of range [ 387.479218][T12349] netlink: zone id is out of range [ 387.490763][T12351] EXT4-fs (loop4): 1 truncate cleaned up [ 387.513411][T12351] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 387.552211][T12349] netlink: zone id is out of range [ 387.591122][T12349] netlink: zone id is out of range [ 387.620431][T12349] netlink: zone id is out of range [ 387.631404][T12349] netlink: zone id is out of range [ 387.668646][T12351] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.4: corrupted in-inode xattr: overlapping e_value [ 387.706540][T12349] netlink: zone id is out of range [ 387.726534][T12349] netlink: zone id is out of range [ 387.731374][T12351] EXT4-fs (loop4): Remounting filesystem read-only [ 387.750840][T12351] EXT4-fs warning (device loop4): ext4_xattr_set_entry:1766: inode #15: comm syz-executor.4: unable to update i_inline_off [ 387.795191][T12369] veth1_to_bridge: Caught tx_queue_len zero misconfig [ 387.803950][T12365] xt_TCPMSS: Only works on TCP SYN packets [ 387.864126][T11715] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.486310][T12401] netlink: 'syz-executor.0': attribute type 15 has an invalid length. [ 388.628023][ T29] audit: type=1326 audit(1717791295.095:2275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 388.717573][ T29] audit: type=1326 audit(1717791295.115:2276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 388.806067][ T29] audit: type=1326 audit(1717791295.115:2277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 388.860673][ T29] audit: type=1326 audit(1717791295.125:2278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 388.943191][ T29] audit: type=1326 audit(1717791295.125:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 388.992562][T12417] loop1: detected capacity change from 0 to 2048 [ 389.032672][ T29] audit: type=1326 audit(1717791295.125:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 389.043430][T12417] EXT4-fs: Ignoring removed mblk_io_submit option [ 389.118750][ T29] audit: type=1326 audit(1717791295.125:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 389.211143][ T29] audit: type=1326 audit(1717791295.145:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb29de7a6e7 code=0x7ffc0000 [ 389.228591][T12389] loop4: detected capacity change from 0 to 32768 [ 389.252992][T12417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 389.307271][T12389] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (12389) [ 389.344183][ T29] audit: type=1326 audit(1717791295.145:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb29de403b9 code=0x7ffc0000 [ 389.416444][T12389] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 389.452272][ T29] audit: type=1326 audit(1717791295.145:2284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb29de7a6e7 code=0x7ffc0000 [ 389.475590][T12389] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 389.488560][ T5099] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.494954][T12389] BTRFS info (device loop4): using free-space-tree [ 389.687848][T12449] loop1: detected capacity change from 0 to 64 [ 389.949766][T11715] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 390.184395][T12422] loop0: detected capacity change from 0 to 32768 [ 390.499594][T12422] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 390.565724][T12422] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 390.647063][T12422] bcachefs (loop0): alloc_read... done [ 390.652612][T12422] bcachefs (loop0): stripes_read... done [ 390.693380][T12422] bcachefs (loop0): snapshots_read... done [ 390.719099][T12422] bcachefs (loop0): journal_replay... done [ 390.724997][T12422] bcachefs (loop0): resume_logged_ops... done [ 390.752383][T12422] bcachefs (loop0): going read-write [ 390.781200][T12422] bcachefs (loop0): done starting filesystem [ 390.878332][T12497] loop1: detected capacity change from 0 to 64 [ 391.148990][ T5106] bcachefs (loop0): shutting down [ 391.154068][ T5106] bcachefs (loop0): going read-only [ 391.176377][ T5106] bcachefs (loop0): finished waiting for writes to stop [ 391.208241][ T5106] bcachefs (loop0): flushing journal and stopping allocators, journal seq 13 [ 391.253090][ T5106] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15 [ 391.283624][ T5106] bcachefs (loop0): shutdown complete, journal seq 16 [ 391.308994][ T5106] bcachefs (loop0): marking filesystem clean [ 391.394059][ T5106] bcachefs (loop0): shutdown complete [ 391.617087][T12508] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 391.650219][T12508] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 391.718969][T12508] bridge0: port 3(syz_tun) entered blocking state [ 391.742801][T12508] bridge0: port 3(syz_tun) entered disabled state [ 391.772856][T12508] syz_tun: entered allmulticast mode [ 391.813462][T12508] syz_tun: entered promiscuous mode [ 391.851532][T12508] bridge0: port 3(syz_tun) entered blocking state [ 391.858213][T12508] bridge0: port 3(syz_tun) entered forwarding state [ 392.445537][T12531] loop1: detected capacity change from 0 to 16 [ 392.454656][T12531] erofs: (device loop1): mounted with root inode @ nid 36. [ 392.815416][T12540] netlink: 'syz-executor.4': attribute type 15 has an invalid length. [ 393.198933][T12521] loop0: detected capacity change from 0 to 32768 [ 393.228290][T12521] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (12521) [ 393.271392][T12521] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 393.304390][T12521] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 393.326622][T12563] loop1: detected capacity change from 0 to 16 [ 393.336562][T12521] BTRFS info (device loop0): using free-space-tree [ 393.353411][T12563] erofs: (device loop1): mounted with root inode @ nid 36. [ 393.736939][T12588] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 393.739242][ T5106] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 394.202301][T12594] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'. [ 394.271020][T12594] net_ratelimit: 48 callbacks suppressed [ 394.271043][T12594] openvswitch: netlink: IP tunnel attribute has 3036 unknown bytes. [ 394.674769][T12581] loop4: detected capacity change from 0 to 32768 [ 394.785551][T12581] ERROR: (device loop4): diNewExt: no free extents [ 394.785551][T12581] [ 394.868808][T12581] ERROR: (device loop4): remounting filesystem as read-only [ 394.890433][T12581] ialloc: diAlloc returned -5! [ 395.152964][T12592] loop1: detected capacity change from 0 to 32768 [ 395.181596][T12592] XFS: noattr2 mount option is deprecated. [ 395.203245][T12592] XFS (loop1): attr2 and noattr2 cannot both be specified. [ 395.629654][T12634] loop0: detected capacity change from 0 to 256 [ 395.773261][T12638] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 395.799385][T12632] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 396.477152][T12672] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 396.953397][T12672] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 398.378537][T12729] loop0: detected capacity change from 0 to 512 [ 398.409074][T12729] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: casefold flag without casefold feature [ 398.444251][T12729] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 398.522496][T12729] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 398.743867][T12729] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 398.754338][T12711] loop1: detected capacity change from 0 to 32768 [ 398.781225][T12729] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 398.833375][T12711] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 398.908234][ T5106] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.109042][T12754] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'. [ 399.132635][T12754] openvswitch: netlink: IP tunnel attribute has 3036 unknown bytes. [ 399.148467][T12711] XFS (loop1): Ending clean mount [ 399.186402][T12711] XFS (loop1): Quotacheck needed: Please wait. [ 399.296220][T12711] XFS (loop1): Quotacheck: Done. [ 399.432834][T12720] loop4: detected capacity change from 0 to 40427 [ 399.491668][T12720] F2FS-fs (loop4): invalid crc value [ 399.512953][T12720] F2FS-fs (loop4): Found nat_bits in checkpoint [ 399.590069][T12762] loop0: detected capacity change from 0 to 4096 [ 399.623429][T12762] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 399.630751][ T5099] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 399.665073][T12720] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 399.714689][T12762] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 400.004522][T12720] syz-executor.4: attempt to access beyond end of device [ 400.004522][T12720] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 400.021590][T12776] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 400.076179][T12776] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 400.123846][ T73] ntfs3: loop0: ino=5, ntfs3_write_inode failed, -22. [ 400.150852][T11715] syz-executor.4: attempt to access beyond end of device [ 400.150852][T11715] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 400.196868][T11715] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 400.508103][T12789] loop1: detected capacity change from 0 to 512 [ 400.575217][T12789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 400.596200][T12789] ext4 filesystem being mounted at /root/syzkaller-testdir1654772114/syzkaller.hdIChW/555/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 400.633638][T12789] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #15: comm syz-executor.1: corrupted xattr block 32: invalid ea_ino [ 400.659356][T12789] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #15: comm syz-executor.1: corrupted xattr block 32: invalid ea_ino [ 400.679943][T12789] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #15: comm syz-executor.1: corrupted xattr block 32: invalid ea_ino [ 400.705615][T12789] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #15: comm syz-executor.1: corrupted xattr block 32: invalid ea_ino [ 400.798072][ T5099] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.835344][T12802] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'. [ 401.148322][T12806] loop0: detected capacity change from 0 to 4096 [ 401.185867][T12806] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 401.232738][T12806] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 401.234856][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 401.234868][ T29] audit: type=1326 audit(1717791307.695:2295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 401.270426][T12819] loop4: detected capacity change from 0 to 256 [ 401.348004][ T29] audit: type=1326 audit(1717791307.695:2296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 401.387702][ T29] audit: type=1326 audit(1717791307.745:2297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 401.411827][T12812] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 401.434619][T12812] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 401.463434][ T29] audit: type=1326 audit(1717791307.745:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 401.533594][ T29] audit: type=1326 audit(1717791307.745:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 402.050743][ T29] audit: type=1326 audit(1717791307.755:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 402.417429][ T73] ntfs3: loop0: ino=5, ntfs3_write_inode failed, -22. [ 402.434853][ T29] audit: type=1326 audit(1717791307.755:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb29de7cf69 code=0x7ffc0000 [ 402.508813][ T29] audit: type=1326 audit(1717791307.755:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb29de7a6e7 code=0x7ffc0000 [ 402.602069][ T29] audit: type=1326 audit(1717791307.755:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb29de403b9 code=0x7ffc0000 [ 402.660176][ T29] audit: type=1326 audit(1717791307.755:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12814 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb29de7a6e7 code=0x7ffc0000 [ 402.788545][T12846] loop1: detected capacity change from 0 to 256 [ 402.815495][T12846] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 403.491826][T12869] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 403.550028][T12865] loop1: detected capacity change from 0 to 4096 [ 403.592809][T12865] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 403.656039][T12865] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 404.767071][ T2798] ntfs3: loop1: ino=5, ntfs3_write_inode failed, -22. [ 404.947934][T12877] bridge0: entered allmulticast mode [ 405.060471][T12882] loop4: detected capacity change from 0 to 1024 [ 405.092846][T12882] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 405.232433][T12842] kexec: Could not allocate control_code_buffer [ 405.382954][T12893] loop0: detected capacity change from 0 to 256 [ 405.408563][T12893] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 405.554374][T12900] netlink: 'syz-executor.2': attribute type 5 has an invalid length. [ 406.822219][ T29] kauditd_printk_skb: 39 callbacks suppressed [ 406.822240][ T29] audit: type=1326 audit(1717791313.215:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12921 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc419c7cf69 code=0x0 [ 406.968597][T12933] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 406.979601][T12933] netlink: 'syz-executor.0': attribute type 25 has an invalid length. [ 407.025305][T12933] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 407.035246][T12933] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 407.044824][T12933] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 407.054223][T12933] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 407.094258][T12912] kexec: Could not allocate control_code_buffer [ 407.245863][T12945] ptrace attach of "/root/syz-executor.4 exec"[11715] was attempted by " [ 407.346733][ T785] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 407.702577][ T785] usb 2-1: Using ep0 maxpacket: 16 [ 407.723614][ T785] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 407.767355][ T785] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024 [ 407.789336][ T785] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 407.810662][ T785] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 407.838489][ T785] usb 2-1: SerialNumber: syz [ 407.860408][T12935] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 407.897559][ T785] cdc_acm 2-1:1.0: Control and data interfaces are not separated! [ 407.969757][T12969] ptrace attach of "/root/syz-executor.0 exec"[5106] was attempted by " [ 408.101313][ T785] cdc_acm 2-1:1.0: ttyACM0: USB ACM device [ 408.196673][ T29] audit: type=1800 audit(1717791314.565:2345): pid=12973 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1966 res=0 errno=0 [ 408.368603][ T785] usb 2-1: USB disconnect, device number 11 [ 409.104661][T12961] kexec: Could not allocate control_code_buffer [ 409.192735][T12994] ptrace attach of "/root/syz-executor.3 exec"[10967] was attempted by " [ 410.581030][T13021] loop0: detected capacity change from 0 to 4096 [ 410.672457][ C0] vkms_vblank_simulate: vblank timer overrun [ 410.728618][T13021] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 410.775000][T13021] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 411.846020][T13033] loop4: detected capacity change from 0 to 512 [ 411.899620][T13033] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 411.992544][T13033] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz-executor.4: invalid indirect mapped block 83886080 (level 1) [ 412.021108][T13033] EXT4-fs (loop4): Remounting filesystem read-only [ 412.034294][T13033] EXT4-fs (loop4): 1 orphan inode deleted [ 412.045678][T13033] EXT4-fs (loop4): 1 truncate cleaned up [ 412.066023][T13033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 412.164113][T13008] ext4: Unknown parameter '' [ 412.352426][T11715] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.652139][T13060] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 412.715849][T13060] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. [ 414.084904][T13087] loop0: detected capacity change from 0 to 256 [ 414.138838][ T29] audit: type=1800 audit(1717791320.605:2346): pid=13087 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="loop0" ino=1048781 res=0 errno=0 [ 414.570926][T13093] wireguard0: entered promiscuous mode [ 414.577036][T13093] wireguard0: entered allmulticast mode [ 415.447726][T13113] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 416.569897][T13123] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 417.507810][T13134] 9pnet_fd: Insufficient options for proto=fd [ 417.844997][T13144] loop4: detected capacity change from 0 to 2048 [ 417.878724][T13144] NILFS (loop4): invalid segment: Magic number mismatch [ 417.903218][T13144] NILFS (loop4): trying rollback from an earlier position [ 417.985726][T13144] NILFS (loop4): recovery complete [ 419.080054][T13167] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 420.072083][T13174] loop4: detected capacity change from 0 to 256 [ 420.176578][ T29] audit: type=1800 audit(1717791326.635:2347): pid=13174 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="loop4" ino=1048782 res=0 errno=0 [ 420.406903][T13183] 9pnet_fd: Insufficient options for proto=fd [ 421.696532][ T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 421.883244][T13239] fuse: Bad value for 'fd' [ 421.905694][ T8] usb 3-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=eb.57 [ 421.929435][ T8] usb 3-1: New USB device strings: Mfr=1, Product=32, SerialNumber=0 [ 421.971437][ T8] usb 3-1: Product: syz [ 421.976183][ T8] usb 3-1: Manufacturer: syz [ 422.010826][ T8] usb 3-1: config 0 descriptor?? [ 422.020595][ T8] keyspan 3-1:0.0: Keyspan 4 port adapter converter detected [ 422.046831][ T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 81 [ 422.056003][ T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 88 [ 422.103924][ T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 1 [ 422.146857][ T8] usb 3-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 422.169408][ T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 2 [ 422.228882][ T8] usb 3-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 422.257705][ T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 4 [ 422.279331][ T8] usb 3-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 422.310460][ T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 6 [ 422.340443][ T8] usb 3-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 422.375677][ T8] usb 3-1: USB disconnect, device number 6 [ 422.403855][ T8] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 422.469016][ T8] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 422.510244][T13262] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 422.514835][ T8] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 422.565227][ T8] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 422.599121][ T8] keyspan 3-1:0.0: device disconnected [ 422.626598][T13262] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 422.655976][ T29] audit: type=1326 audit(1717791329.105:2348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13265 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f499927cf69 code=0x7ffc0000 [ 422.725238][ T29] audit: type=1326 audit(1717791329.105:2349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13265 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f499927cf69 code=0x7ffc0000 [ 422.772228][T13271] fuse: Bad value for 'fd' [ 422.785197][ T29] audit: type=1326 audit(1717791329.145:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13265 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f499927cf69 code=0x7ffc0000 [ 422.813756][ T29] audit: type=1326 audit(1717791329.145:2351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13265 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f499927cf69 code=0x7ffc0000 [ 422.849189][ T29] audit: type=1326 audit(1717791329.145:2352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13265 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f499927cf69 code=0x7ffc0000 [ 422.952532][ T29] audit: type=1800 audit(1717791329.415:2353): pid=13279 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1936 res=0 errno=0 [ 422.999490][ T29] audit: type=1800 audit(1717791329.455:2354): pid=13279 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1936 res=0 errno=0 [ 423.068191][T13278] loop0: detected capacity change from 0 to 2048 [ 423.094842][T13278] NILFS (loop0): invalid segment: Magic number mismatch [ 423.106006][ T29] audit: type=1800 audit(1717791329.565:2355): pid=13279 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1936 res=0 errno=0 [ 423.141619][T13278] NILFS (loop0): trying rollback from an earlier position [ 423.160717][T13278] NILFS (loop0): recovery complete [ 423.425316][T13294] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.3'. [ 423.446711][T13294] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 423.974363][ T29] audit: type=1804 audit(1717791330.435:2356): pid=13316 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1984873513/syzkaller.IDjntD/572/bus" dev="sda1" ino=1962 res=1 errno=0 [ 424.016595][T13316] bridge_slave_0: Caught tx_queue_len zero misconfig [ 424.687962][T13336] loop4: detected capacity change from 0 to 256 [ 424.729373][T13336] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 424.800941][T13336] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 424.963390][T13333] loop1: detected capacity change from 0 to 32768 [ 425.012727][T13333] gfs2: fsid=([{{{+: Trying to join cluster "lock_nolock", "([{{{+" [ 425.021753][T13333] gfs2: fsid=([{{{+: Now mounting FS (format 0)... [ 425.043954][T13333] gfs2: fsid=([{{{+: can't read superblock: -22 [ 425.653304][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 425.653323][ T29] audit: type=1800 audit(1717791332.115:2358): pid=13309 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file2" dev="sda1" ino=1957 res=0 errno=0 [ 425.727515][T13352] loop4: detected capacity change from 0 to 8 [ 425.798624][T13352] SQUASHFS error: Failed to read block 0x63a: -5 [ 425.805146][T13352] SQUASHFS error: Unable to read metadata cache entry [638] [ 425.816800][T13352] SQUASHFS error: Unable to read directory block [26067d:0] [ 426.337273][T13373] loop4: detected capacity change from 0 to 256 [ 427.050479][T13373] FAT-fs (loop4): Directory bread(block 64) failed [ 427.057283][T13373] FAT-fs (loop4): Directory bread(block 65) failed [ 427.064046][T13373] FAT-fs (loop4): Directory bread(block 66) failed [ 427.070792][T13373] FAT-fs (loop4): Directory bread(block 67) failed [ 427.077897][T13373] FAT-fs (loop4): Directory bread(block 68) failed [ 427.084802][T13373] FAT-fs (loop4): Directory bread(block 69) failed [ 427.092145][T13373] FAT-fs (loop4): Directory bread(block 70) failed [ 427.110822][T13373] FAT-fs (loop4): Directory bread(block 71) failed [ 427.145421][T13373] FAT-fs (loop4): Directory bread(block 72) failed [ 427.188823][T13373] FAT-fs (loop4): Directory bread(block 73) failed [ 427.567810][T13384] loop1: detected capacity change from 0 to 2048 [ 427.705154][T13359] loop0: detected capacity change from 0 to 32768 [ 428.617824][T13404] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 429.263387][T13419] loop1: detected capacity change from 0 to 2048 [ 429.935410][T13441] loop1: detected capacity change from 0 to 1024 [ 429.968696][T13441] EXT4-fs: Ignoring removed orlov option [ 429.998153][T13441] EXT4-fs (loop1): Test dummy encryption mode enabled [ 430.026575][T13441] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 430.070655][T13441] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 430.243313][ T29] audit: type=1400 audit(1717791336.705:2359): lsm=SMACK fn=smack_inode_setattr action=denied subject="N" object="_" requested=w pid=13456 comm="syz-executor.0" name="hugetlb.2MB.usage_in_bytes" dev="sda1" ino=1962 [ 430.342161][T13441] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 430.428265][T13468] loop0: detected capacity change from 0 to 512 [ 430.465305][T13468] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 430.533497][ T5099] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 430.543357][T13468] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.0: corrupted in-inode xattr: e_value out of bounds [ 430.690596][T13468] EXT4-fs (loop0): Remounting filesystem read-only [ 430.707991][T13468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 430.834335][ T5106] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 431.082932][T13479] loop0: detected capacity change from 0 to 256 [ 431.138589][T13479] FAT-fs (loop0): Directory bread(block 64) failed [ 431.151438][T13479] FAT-fs (loop0): Directory bread(block 65) failed [ 431.165445][T13479] FAT-fs (loop0): Directory bread(block 66) failed [ 431.179367][T13479] FAT-fs (loop0): Directory bread(block 67) failed [ 431.192010][T13479] FAT-fs (loop0): Directory bread(block 68) failed [ 431.218739][T13479] FAT-fs (loop0): Directory bread(block 69) failed [ 431.237311][T13479] FAT-fs (loop0): Directory bread(block 70) failed [ 431.252494][T13479] FAT-fs (loop0): Directory bread(block 71) failed [ 431.268922][T13479] FAT-fs (loop0): Directory bread(block 72) failed [ 431.284581][T13479] FAT-fs (loop0): Directory bread(block 73) failed [ 431.574658][T13497] lo: Caught tx_queue_len zero misconfig [ 432.153135][T13504] loop0: detected capacity change from 0 to 1024 [ 432.254231][T13504] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 432.666051][ T5106] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.894217][T13514] kAFS: unparsable volume name [ 432.946744][T13518] loop0: detected capacity change from 0 to 64 [ 433.057164][T13520] loop4: detected capacity change from 0 to 256 [ 433.174282][ T5099] bridge0: port 3(syz_tun) entered disabled state [ 433.239709][ T5099] syz_tun (unregistering): left allmulticast mode [ 433.255623][ T5099] syz_tun (unregistering): left promiscuous mode [ 433.274098][ T5099] bridge0: port 3(syz_tun) entered disabled state [ 433.287004][T13520] FAT-fs (loop4): Directory bread(block 64) failed [ 433.293655][T13520] FAT-fs (loop4): Directory bread(block 65) failed [ 433.316906][T13520] FAT-fs (loop4): Directory bread(block 66) failed [ 433.364584][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 433.379443][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 433.389649][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 433.397936][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 433.407916][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 433.415488][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 433.423544][T13520] FAT-fs (loop4): Directory bread(block 67) failed [ 433.430485][T13520] FAT-fs (loop4): Directory bread(block 68) failed [ 433.437588][T13520] FAT-fs (loop4): Directory bread(block 69) failed [ 433.444797][T13520] FAT-fs (loop4): Directory bread(block 70) failed [ 433.451587][T13520] FAT-fs (loop4): Directory bread(block 71) failed [ 433.461602][T13520] FAT-fs (loop4): Directory bread(block 72) failed [ 433.468447][T13520] FAT-fs (loop4): Directory bread(block 73) failed [ 434.141824][T13523] chnl_net:caif_netlink_parms(): no params data found [ 434.668525][T13547] loop0: detected capacity change from 0 to 1024 [ 434.790815][T13547] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 435.228225][ T5106] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 435.408782][T13523] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.416309][T13523] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.456813][T13523] bridge_slave_0: entered allmulticast mode [ 435.466743][T13523] bridge_slave_0: entered promiscuous mode [ 435.467174][T13559] loop0: detected capacity change from 0 to 512 [ 435.494461][T13523] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.506793][ T53] Bluetooth: hci1: command tx timeout [ 435.520415][T13523] bridge0: port 2(bridge_slave_1) entered disabled state [ 435.542931][T13523] bridge_slave_1: entered allmulticast mode [ 435.564358][T13559] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 435.572144][T13523] bridge_slave_1: entered promiscuous mode [ 435.592904][T13559] ext4 filesystem being mounted at /root/syzkaller-testdir1984873513/syzkaller.IDjntD/587/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 435.679128][T13559] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 435.745221][T13559] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 435.752362][T13523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 435.816151][T13523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 435.981328][ T5106] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.001403][T13523] team0: Port device team_slave_0 added [ 436.058716][T13523] team0: Port device team_slave_1 added [ 436.244043][T13523] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 436.280639][T13523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 436.336394][T13523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 436.368299][T13523] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 436.380187][T13523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 436.419356][T13523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 436.577600][T13583] loop4: detected capacity change from 0 to 2048 [ 436.724666][T13523] hsr_slave_0: entered promiscuous mode [ 436.780283][T13523] hsr_slave_1: entered promiscuous mode [ 436.839687][T13523] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 436.856669][T13523] Cannot create hsr debugfs directory [ 437.403929][T13523] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 437.527234][T13614] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'. [ 437.551618][T13614] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 437.586848][ T53] Bluetooth: hci1: command tx timeout [ 437.668966][T13523] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 437.823724][T13523] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.000721][T13626] loop4: detected capacity change from 0 to 256 [ 438.029926][T13523] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.084339][T13626] loop4: detected capacity change from 0 to 256 [ 438.128210][T13626] exfat: Deprecated parameter 'utf8' [ 438.133550][T13626] exfat: Unexpected value for 'utf8' [ 438.252830][T13629] loop0: detected capacity change from 0 to 2048 [ 438.417411][T13631] loop4: detected capacity change from 0 to 256 [ 438.435476][T13631] exfat: Unknown parameter '@' [ 438.453899][T13523] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 438.479395][T13523] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 438.509035][T13523] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 438.532581][T13523] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 438.768700][T13523] 8021q: adding VLAN 0 to HW filter on device bond0 [ 438.821550][T13523] 8021q: adding VLAN 0 to HW filter on device team0 [ 438.850942][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 438.858134][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 438.904566][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 438.911756][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 439.081430][T13640] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'. [ 439.107777][T13640] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 439.619303][T13523] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 439.656793][ T53] Bluetooth: hci1: command tx timeout [ 440.380283][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.387910][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.053482][T13523] veth0_vlan: entered promiscuous mode [ 441.106828][T13523] veth1_vlan: entered promiscuous mode [ 441.219478][T13523] veth0_macvtap: entered promiscuous mode [ 441.252603][T13523] veth1_macvtap: entered promiscuous mode [ 441.303298][T13673] loop0: detected capacity change from 0 to 2048 [ 441.326840][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 441.356713][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.384262][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 441.410945][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.439877][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 441.473130][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.500992][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 441.529864][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.559420][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 441.592476][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.618789][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 441.649835][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.683850][T13523] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 441.725579][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 441.771082][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.802111][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 441.817364][ T53] Bluetooth: hci1: command tx timeout [ 441.843152][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.895047][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 441.937023][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.974631][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 441.998624][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.018651][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.040299][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.072271][T13523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.102739][T13523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.135592][T13523] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 442.161852][T13523] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.194892][T13523] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.236398][T13523] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.243907][T13672] loop4: detected capacity change from 0 to 32768 [ 442.256478][T13523] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.285923][T13672] *** Log Format Error ! *** [ 442.310671][T13672] lmLogInit: exit(-22) [ 442.330802][T13672] lmLogOpen: exit(-22) [ 442.334916][T13672] jfs_mount_rw failed, return code = -22 [ 442.511538][ T2798] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.539229][ T2798] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 442.617546][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.642377][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.052654][T13708] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'. [ 443.081617][T13708] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 443.600210][T13727] loop4: detected capacity change from 0 to 128 [ 443.825894][T13724] loop0: detected capacity change from 0 to 4096 [ 443.876273][T13731] loop1: detected capacity change from 0 to 16 [ 443.896191][T13731] erofs: (device loop1): mounted with root inode @ nid 36. [ 444.103362][T13735] syz-executor.3[13735] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 444.103510][T13735] syz-executor.3[13735] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 445.089525][T13523] erofs: (device loop1): erofs_fill_dentries: bogus dirent @ nid 46 [ 445.159593][T13523] erofs: (device loop1): erofs_readdir: invalid de[0].nameoff 0 @ nid 89 [ 445.190152][T13523] erofs: (device loop1): erofs_readdir: invalid de[0].nameoff 0 @ nid 89 [ 445.272987][T13738] loop4: detected capacity change from 0 to 32768 [ 445.438495][T13749] loop0: detected capacity change from 0 to 2048 [ 445.583692][ T29] audit: type=1800 audit(1717791352.045:2360): pid=13749 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=1347 res=0 errno=0 [ 445.633596][ T29] audit: type=1800 audit(1717791352.085:2361): pid=13749 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=1347 res=0 errno=0 [ 445.661407][T13738] JFS: charset not found [ 446.227566][T13765] loop4: detected capacity change from 0 to 128 [ 446.399280][T13770] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 446.451938][T13775] syz-executor.0[13775] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 446.452084][T13775] syz-executor.0[13775] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 446.577895][T13777] loop1: detected capacity change from 0 to 2048 [ 446.670427][T13777] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 446.706738][T13777] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor.1: bg 0: block 234: padding at end of block bitmap is not set [ 446.783500][T13777] EXT4-fs (loop1): Remounting filesystem read-only [ 446.794051][T13786] loop0: detected capacity change from 0 to 2048 [ 446.938780][T13523] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.954507][ T29] audit: type=1800 audit(1717791353.415:2362): pid=13786 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=1347 res=0 errno=0 [ 447.036119][ T29] audit: type=1800 audit(1717791353.455:2363): pid=13786 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=1347 res=0 errno=0 [ 447.636559][ T5102] Bluetooth: hci2: command 0x0406 tx timeout [ 448.083734][T13810] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 448.123884][ T29] audit: type=1326 audit(1717791354.585:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13811 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419c7cf69 code=0x7ffc0000 [ 448.152958][T13814] loop4: detected capacity change from 0 to 128 [ 448.214230][ T29] audit: type=1326 audit(1717791354.585:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13811 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419c7cf69 code=0x7ffc0000 [ 448.236575][ T8] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 448.279318][ T29] audit: type=1326 audit(1717791354.615:2366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13811 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419c7cf69 code=0x7ffc0000 [ 448.343035][ T29] audit: type=1326 audit(1717791354.615:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13811 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419c7cf69 code=0x7ffc0000 [ 448.382873][ T29] audit: type=1326 audit(1717791354.615:2368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13811 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419c7cf69 code=0x7ffc0000 [ 448.416876][T13821] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 448.429242][ T29] audit: type=1326 audit(1717791354.615:2369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13811 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419c7cf69 code=0x7ffc0000 [ 448.443796][T13821] netlink: 209848 bytes leftover after parsing attributes in process `syz-executor.3'. [ 448.573457][T13825] loop4: detected capacity change from 0 to 512 [ 448.589321][T13825] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 448.603890][T13825] UDF-fs: Scanning with blocksize 512 failed [ 448.613922][T13825] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 448.629903][T13825] UDF-fs: Scanning with blocksize 1024 failed [ 448.636853][T13827] loop0: detected capacity change from 0 to 512 [ 448.643909][T13825] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 448.651521][T13825] UDF-fs: Scanning with blocksize 2048 failed [ 448.660627][T13825] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 448.673588][T13825] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 448.686801][T13827] EXT4-fs (loop0): 1 truncate cleaned up [ 448.696089][T13827] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 448.750620][T13827] ext4: Unknown parameter 'pDX&^x䝲cSm__yԷ_KdΟ嶗\9' [ 448.794346][T13831] loop1: detected capacity change from 0 to 128 [ 449.796062][ T5106] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.993614][T13843] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 450.019656][T13847] xt_TCPMSS: Only works on TCP SYN packets [ 450.256100][T13855] loop1: detected capacity change from 0 to 128 [ 450.623690][T13860] loop0: detected capacity change from 0 to 512 [ 450.965720][T13860] EXT4-fs (loop0): 1 truncate cleaned up [ 450.992311][T13867] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 451.061085][T13867] netlink: 209848 bytes leftover after parsing attributes in process `syz-executor.2'. [ 451.078430][T13860] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 451.216875][T13860] ext4: Unknown parameter 'pDX&^x䝲cSm__yԷ_KdΟ嶗\9' [ 451.371656][T13871] sctp: [Deprecated]: syz-executor.3 (pid 13871) Use of int in max_burst socket option deprecated. [ 451.371656][T13871] Use struct sctp_assoc_value instead [ 452.214755][ T5106] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.227866][T13882] xt_TCPMSS: Only works on TCP SYN packets [ 452.620878][T13898] loop4: detected capacity change from 0 to 2048 [ 452.665112][T13898] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 452.706422][T13898] UDF-fs: Scanning with blocksize 512 failed [ 452.801341][T13898] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 452.982417][T13906] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 453.023228][T13906] netlink: 209848 bytes leftover after parsing attributes in process `syz-executor.2'. [ 453.234697][T13909] sctp: [Deprecated]: syz-executor.3 (pid 13909) Use of int in max_burst socket option deprecated. [ 453.234697][T13909] Use struct sctp_assoc_value instead [ 453.302976][T13912] loop4: detected capacity change from 0 to 512 [ 453.337547][T13912] EXT4-fs (loop4): 1 truncate cleaned up [ 453.344456][T13912] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 453.365496][T13891] loop0: detected capacity change from 0 to 32768 [ 453.408218][T13912] ext4: Unknown parameter 'pDX&^x䝲cSm__yԷ_KdΟ嶗\9' [ 453.654849][T13891] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 453.676591][T13891] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 454.353989][T13930] xt_TCPMSS: Only works on TCP SYN packets [ 454.376107][T13891] bcachefs (loop0): alloc_read... done [ 454.403568][T13891] bcachefs (loop0): stripes_read... done [ 454.440599][T13891] bcachefs (loop0): snapshots_read... done [ 454.477837][T11715] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 454.490976][T13891] bcachefs (loop0): journal_replay... done [ 454.506765][T13891] bcachefs (loop0): resume_logged_ops... done [ 454.568185][T13891] bcachefs (loop0): going read-write [ 454.596534][T13891] bcachefs (loop0): done starting filesystem [ 454.696110][ T5106] bcachefs (loop0): shutting down [ 454.710529][ T5106] bcachefs (loop0): going read-only [ 454.715769][ T5106] bcachefs (loop0): finished waiting for writes to stop [ 454.745389][ T5106] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10 [ 454.768024][ T5106] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10 [ 454.801617][ T5106] bcachefs (loop0): shutdown complete, journal seq 11 [ 454.837277][ T5106] bcachefs (loop0): marking filesystem clean [ 454.913093][T13955] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 454.942101][ T5106] bcachefs (loop0): shutdown complete [ 456.524579][T13989] loop0: detected capacity change from 0 to 256 [ 456.861744][T14003] loop0: detected capacity change from 0 to 128 [ 457.207636][T14003] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 457.237760][T14003] ext4 filesystem being mounted at /root/syzkaller-testdir1984873513/syzkaller.IDjntD/621/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 457.973762][ T5106] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 458.355070][T14029] loop0: detected capacity change from 0 to 256 [ 459.278515][T14049] netlink: 'syz-executor.1': attribute type 27 has an invalid length. [ 460.245398][T14049] bridge0: port 2(bridge_slave_1) entered disabled state [ 460.253169][T14049] bridge0: port 1(bridge_slave_0) entered disabled state [ 461.621210][T14049] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 461.707219][T14049] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 462.202388][T14049] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.242055][T14049] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.268420][T14049] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.309741][T14049] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 462.945145][ T53] Bluetooth: hci5: command 0x0406 tx timeout [ 463.118694][T14088] loop4: detected capacity change from 0 to 32768 [ 463.370238][T14088] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=gzip,nojournal_transaction_names [ 463.427057][T14088] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 463.490109][T14088] bcachefs (loop4): alloc_read... done [ 463.495681][T14088] bcachefs (loop4): stripes_read... done [ 463.534298][T14088] bcachefs (loop4): snapshots_read... done [ 463.553949][T14088] bcachefs (loop4): journal_replay... done [ 463.579605][T14088] bcachefs (loop4): resume_logged_ops... done [ 463.627948][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 463.629805][T14088] bcachefs (loop4): going read-write [ 463.647431][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 463.668032][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 463.677121][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 463.677987][T14088] bcachefs (loop4): done starting filesystem [ 463.693512][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 463.702140][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 463.884937][T14096] loop0: detected capacity change from 0 to 32768 [ 463.933321][T14127] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.942889][T14127] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.943242][T14096] [ 463.943242][T14096] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 463.943242][T14096] [ 463.951704][T14127] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.951808][T14127] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 464.147306][T11715] bcachefs (loop4): shutting down [ 464.158997][T11715] bcachefs (loop4): going read-only [ 464.173749][T14096] [ 464.173749][T14096] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.173749][T14096] [ 464.181121][T11715] bcachefs (loop4): finished waiting for writes to stop [ 464.215120][T11715] bcachefs (loop4): flushing journal and stopping allocators, journal seq 13 [ 464.235412][T14096] [ 464.235412][T14096] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.235412][T14096] [ 464.266316][T11715] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 15 [ 464.277260][T14096] [ 464.277260][T14096] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.277260][T14096] [ 464.326749][T11715] bcachefs (loop4): shutdown complete, journal seq 16 [ 464.327460][T14134] [ 464.327460][T14134] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.327460][T14134] [ 464.334435][T11715] bcachefs (loop4): marking filesystem clean [ 464.414406][T14096] [ 464.414406][T14096] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.414406][T14096] [ 464.467920][T11715] bcachefs (loop4): shutdown complete [ 464.497232][T14096] [ 464.497232][T14096] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.497232][T14096] [ 464.542243][T14096] [ 464.542243][T14096] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.542243][T14096] [ 464.603910][T14134] [ 464.603910][T14134] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.603910][T14134] [ 464.616883][T14096] [ 464.616883][T14096] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.616883][T14096] [ 464.686812][T14134] jfs: Unrecognized mount option "00000000000000000000000Xcv:Q"Co"'ή_0-%+ t6P'k;/|%T9i(%Z@G~ͱ\%S:UVTOvO7MfOJjN"Bn]XZ [ 464.686812][T14134] o*e4bL*" or missing value [ 464.780997][ T113] [ 464.780997][ T113] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.780997][ T113] [ 464.860994][ T12] bridge_slave_1: left allmulticast mode [ 464.889668][ T12] bridge_slave_1: left promiscuous mode [ 464.926700][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.972910][ T5106] [ 464.972910][ T5106] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.972910][ T5106] [ 464.989499][ T12] bridge_slave_0: left allmulticast mode [ 464.995274][ T12] bridge_slave_0: left promiscuous mode [ 464.999945][ T5106] [ 464.999945][ T5106] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 464.999945][ T5106] [ 465.024333][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 465.480267][T14157] loop4: detected capacity change from 0 to 256 [ 465.599105][T14157] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.619470][T14157] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.641781][T14157] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.660534][ T29] kauditd_printk_skb: 160 callbacks suppressed [ 465.660550][ T29] audit: type=1800 audit(1717791372.125:2530): pid=14157 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.4" name="file1" dev="loop4" ino=1048791 res=0 errno=0 [ 465.751221][T14157] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.762350][ T29] audit: type=1800 audit(1717791372.215:2531): pid=14157 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.4" name="file1" dev="loop4" ino=1048791 res=0 errno=0 [ 465.783904][T14157] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.795358][T14157] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.816621][ T53] Bluetooth: hci1: command tx timeout [ 465.835295][T14155] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.892120][T14155] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.939687][T14155] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 465.978344][T14157] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 466.466034][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 466.495108][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 466.527282][ T12] bond0 (unregistering): Released all slaves [ 466.564230][T14156] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 466.574224][T14122] chnl_net:caif_netlink_parms(): no params data found [ 467.103706][T14122] bridge0: port 1(bridge_slave_0) entered blocking state [ 467.116658][T14122] bridge0: port 1(bridge_slave_0) entered disabled state [ 467.136674][T14122] bridge_slave_0: entered allmulticast mode [ 467.155206][T14187] loop0: detected capacity change from 0 to 256 [ 467.179015][T14122] bridge_slave_0: entered promiscuous mode [ 467.207909][T14122] bridge0: port 2(bridge_slave_1) entered blocking state [ 467.215082][T14122] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.252267][T14122] bridge_slave_1: entered allmulticast mode [ 467.268535][T14122] bridge_slave_1: entered promiscuous mode [ 467.287540][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.356598][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.396484][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.421765][ T29] audit: type=1800 audit(1717791373.885:2532): pid=14187 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.0" name="file1" dev="loop0" ino=1048792 res=0 errno=0 [ 467.478096][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.503378][ T29] audit: type=1800 audit(1717791373.965:2533): pid=14187 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.0" name="file1" dev="loop0" ino=1048792 res=0 errno=0 [ 467.546037][ T12] hsr_slave_0: left promiscuous mode [ 467.548082][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.571489][T14191] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.581859][ T12] hsr_slave_1: left promiscuous mode [ 467.599791][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 467.611828][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.625114][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 467.656435][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.713347][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.751684][T14187] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 467.896904][ T53] Bluetooth: hci1: command tx timeout [ 469.456646][ T12] team0 (unregistering): Port device team_slave_1 removed [ 469.575967][ T12] team0 (unregistering): Port device team_slave_0 removed [ 469.802858][T14224] loop4: detected capacity change from 0 to 32768 [ 469.839001][T14224] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (14224) [ 469.877858][T14224] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 469.896532][T14224] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 469.915769][T14224] BTRFS info (device loop4): using free-space-tree [ 469.988470][ T53] Bluetooth: hci1: command tx timeout [ 470.212906][T11715] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 470.667294][T14242] netlink: 'syz-executor.4': attribute type 19 has an invalid length. [ 471.029020][T14122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 471.065929][T14222] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 471.562708][T14078] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 471.669658][T14222] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 471.737645][T14222] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 471.759291][T14078] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 471.798426][T14078] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 471.824465][T14078] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 471.877780][T14078] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 471.907151][T14078] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 471.944909][T14078] usb 1-1: config 0 descriptor?? [ 471.968104][T14247] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 472.056948][ T53] Bluetooth: hci1: command tx timeout [ 472.101034][T14222] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.126548][T14222] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.157885][T14222] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.177038][T14222] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.278610][T14222] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 472.287600][T14222] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 472.297452][T14222] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 472.306691][T14222] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 472.352612][T14242] netlink: 'syz-executor.4': attribute type 19 has an invalid length. [ 472.389535][T14122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 472.482409][T14078] plantronics 0003:047F:FFFF.0009: unknown main item tag 0xd [ 472.504930][T14078] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving [ 472.559817][T14078] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 472.610238][T14122] team0: Port device team_slave_0 added [ 472.643826][T14122] team0: Port device team_slave_1 added [ 472.719940][T14122] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 472.729832][T14122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.768327][T14122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 472.793582][T14078] usb 1-1: USB disconnect, device number 7 [ 472.827588][T14122] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 472.834564][T14122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.862875][T14122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 472.961175][T14122] hsr_slave_0: entered promiscuous mode [ 472.968354][T14122] hsr_slave_1: entered promiscuous mode [ 472.974783][T14122] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 472.983021][T14122] Cannot create hsr debugfs directory [ 473.613831][T14122] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 473.632564][T14122] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 473.652853][T14122] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 473.679062][T14122] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 473.876190][T14122] 8021q: adding VLAN 0 to HW filter on device bond0 [ 473.922323][T14122] 8021q: adding VLAN 0 to HW filter on device team0 [ 473.948123][T13548] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.955275][T13548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 473.984369][T13548] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.991552][T13548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 474.022148][T14122] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 474.033373][T14122] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 474.254823][T14122] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.318321][T14122] veth0_vlan: entered promiscuous mode [ 474.342740][T14122] veth1_vlan: entered promiscuous mode [ 474.446169][T14122] veth0_macvtap: entered promiscuous mode [ 474.472661][T14122] veth1_macvtap: entered promiscuous mode [ 474.547774][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.584175][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.605029][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.645158][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.657856][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.669213][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.679173][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.690157][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.701809][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.713345][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.733559][T14122] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.784210][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.825674][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.857136][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.881811][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.893079][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.926395][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.943064][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.955795][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.965769][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.977983][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.992377][T14122] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 475.050240][T14122] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.062514][T14122] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.077690][T14122] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.091192][T14122] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.226846][T14278] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 475.311310][ T2860] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.323337][ T2860] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.390985][ T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.394507][T14262] loop0: detected capacity change from 0 to 32768 [ 475.401081][ T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.542019][T14262] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 475.597118][T14262] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 475.677225][T14262] bcachefs (loop0): alloc_read... done [ 475.682789][T14262] bcachefs (loop0): stripes_read... done [ 475.720278][T14295] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.1'. [ 475.736547][T14262] bcachefs (loop0): snapshots_read... done [ 475.744916][T14262] bcachefs (loop0): journal_replay... done [ 475.792579][T14295] loop1: detected capacity change from 0 to 1024 [ 475.799187][T14262] bcachefs (loop0): resume_logged_ops... done [ 475.805364][T14262] bcachefs (loop0): going read-write [ 475.835361][T14262] bcachefs (loop0): done starting filesystem [ 475.949024][ T2860] hfsplus: b-tree write err: -5, ino 4 [ 476.195063][T14262] syz-executor.0 (14262) used greatest stack depth: 14416 bytes left [ 476.230358][ T5106] bcachefs (loop0): shutting down [ 476.235443][ T5106] bcachefs (loop0): going read-only [ 476.283110][ T5106] bcachefs (loop0): finished waiting for writes to stop [ 476.299768][ T5106] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [ 476.377323][ T5106] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 14 [ 476.417372][ T5106] bcachefs (loop0): shutdown complete, journal seq 15 [ 476.435996][ T5106] bcachefs (loop0): marking filesystem clean [ 476.507833][ T5106] bcachefs (loop0): shutdown complete [ 477.610520][ T29] audit: type=1804 audit(1717791384.075:2534): pid=14349 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1968 res=1 errno=0 [ 477.960903][T14361] loop0: detected capacity change from 0 to 256 [ 478.043260][T14361] FAT-fs (loop0): Directory bread(block 64) failed [ 478.067248][T14361] FAT-fs (loop0): Directory bread(block 65) failed [ 478.081484][T14361] FAT-fs (loop0): Directory bread(block 66) failed [ 478.092369][T14361] FAT-fs (loop0): Directory bread(block 67) failed [ 478.100904][T14361] FAT-fs (loop0): Directory bread(block 68) failed [ 478.110592][T14361] FAT-fs (loop0): Directory bread(block 69) failed [ 478.119377][T14361] FAT-fs (loop0): Directory bread(block 70) failed [ 478.137792][T14361] FAT-fs (loop0): Directory bread(block 71) failed [ 478.146542][T14361] FAT-fs (loop0): Directory bread(block 72) failed [ 478.169993][T14361] FAT-fs (loop0): Directory bread(block 73) failed [ 478.443366][T14370] loop4: detected capacity change from 0 to 64 [ 478.517781][T14370] Trying to free block not in datazone [ 478.523946][T14370] Trying to free block not in datazone [ 478.532771][T14361] syz-executor.0: attempt to access beyond end of device [ 478.532771][T14361] loop0: rw=2049, sector=1800, nr_sectors = 404 limit=256 [ 478.558463][T14370] Trying to free block not in datazone [ 478.574113][T14370] Trying to free block not in datazone [ 478.585365][T14370] minix_free_block (loop4:6): bit already cleared [ 478.607709][T14370] Trying to free block not in datazone [ 478.615586][T14370] Trying to free block not in datazone [ 478.756289][T14372] loop1: detected capacity change from 0 to 4096 [ 478.824497][T14374] loop4: detected capacity change from 0 to 1024 [ 478.906228][T14374] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 479.068820][T14374] loop4: detected capacity change from 1024 to 1023 [ 479.111982][T14381] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 832) has entry at pos 0 with incorrect tag 1 [ 479.198556][T11715] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 832) has entry at pos 0 with incorrect tag 1 [ 479.212989][T11715] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 832) has entry at pos 0 with incorrect tag 1 [ 479.962492][ T2798] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.299811][ T2798] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.520680][ T2798] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.555833][T14414] netlink: 'syz-executor.1': attribute type 9 has an invalid length. [ 480.716865][ T2798] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.789820][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 480.806131][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 480.824932][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 480.839985][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 480.847792][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 480.855181][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 481.116588][ T2798] bridge_slave_1: left allmulticast mode [ 481.122319][ T2798] bridge_slave_1: left promiscuous mode [ 481.140213][ T2798] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.170504][ T2798] bridge_slave_0: left allmulticast mode [ 481.176198][ T2798] bridge_slave_0: left promiscuous mode [ 481.196746][ T2798] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.036301][ T2798] bridge0 (unregistering): left allmulticast mode [ 482.645360][T14439] loop0: detected capacity change from 0 to 32768 [ 482.667675][T14439] XFS: ikeep mount option is deprecated. [ 482.673363][T14439] XFS: ikeep mount option is deprecated. [ 482.724827][T14439] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 482.735379][ T2798] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 482.765383][ T2798] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 482.814437][ T2798] bond0 (unregistering): Released all slaves [ 482.874830][T14439] XFS (loop0): Ending clean mount [ 482.928037][T14439] XFS (loop0): Quotacheck needed: Please wait. [ 482.937616][ T5102] Bluetooth: hci0: command tx timeout [ 482.966900][T14426] chnl_net:caif_netlink_parms(): no params data found [ 483.078291][T14439] XFS (loop0): Quotacheck: Done. [ 483.442153][ T5106] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 483.858077][T14426] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.865251][T14426] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.904917][T14426] bridge_slave_0: entered allmulticast mode [ 483.925878][T14426] bridge_slave_0: entered promiscuous mode [ 483.999732][ T2798] hsr_slave_0: left promiscuous mode [ 484.011775][ T2798] hsr_slave_1: left promiscuous mode [ 484.037769][ T2798] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 484.049075][ T2798] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 484.081032][ T2798] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 484.103249][ T2798] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 484.187240][ T2798] veth1_macvtap: left promiscuous mode [ 484.192821][ T2798] veth0_macvtap: left promiscuous mode [ 484.206579][ T2798] veth1_vlan: left promiscuous mode [ 484.220838][ T2798] veth0_vlan: left promiscuous mode [ 484.477820][T14517] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'. [ 484.705658][T14519] loop0: detected capacity change from 0 to 1024 [ 484.753062][T14519] hfsplus: unable to parse mount options [ 484.933035][T14517] loop0: detected capacity change from 0 to 1024 [ 485.016751][ T5102] Bluetooth: hci0: command tx timeout [ 485.335329][ T2823] hfsplus: b-tree write err: -5, ino 4 [ 485.540660][ T2798] team0 (unregistering): Port device team_slave_1 removed [ 485.675627][ T2798] team0 (unregistering): Port device team_slave_0 removed [ 485.762194][T14527] netlink: 134788 bytes leftover after parsing attributes in process `syz-executor.0'. [ 486.513093][T14426] bridge0: port 2(bridge_slave_1) entered blocking state [ 486.537841][T14426] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.566974][T14426] bridge_slave_1: entered allmulticast mode [ 486.574802][T14426] bridge_slave_1: entered promiscuous mode [ 486.770494][T14426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 486.814810][T14426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 487.032693][T14426] team0: Port device team_slave_0 added [ 487.057410][T14544] loop0: detected capacity change from 0 to 2048 [ 487.068028][T14426] team0: Port device team_slave_1 added [ 487.083043][T14544] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 487.101819][ T8] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 487.109542][ T5102] Bluetooth: hci0: command tx timeout [ 487.306541][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 487.315622][T14426] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 487.334448][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 487.365270][T14426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 487.417967][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 487.442100][ T8] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 487.495418][T14426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 487.879710][T14426] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 488.025239][T14426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 488.078568][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.090062][T14426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 488.108565][ T8] usb 2-1: config 0 descriptor?? [ 488.119313][ T8] hub 2-1:0.0: USB hub found [ 488.234215][T14558] netlink: 134788 bytes leftover after parsing attributes in process `syz-executor.3'. [ 488.260079][T14426] hsr_slave_0: entered promiscuous mode [ 488.277059][T14426] hsr_slave_1: entered promiscuous mode [ 488.287328][T14426] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 488.294937][T14426] Cannot create hsr debugfs directory [ 488.337279][ T8] hub 2-1:0.0: config failed, can't read hub descriptor (err -22) [ 488.366156][ T8] usbhid 2-1:0.0: can't add hid device: -71 [ 488.372848][ T8] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 488.441777][ T8] usb 2-1: USB disconnect, device number 13 [ 489.635327][ T5102] Bluetooth: hci0: command tx timeout [ 490.331686][T14426] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 490.451965][T14426] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 490.541186][T14426] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 490.631423][T14426] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 490.851827][T14593] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 490.993265][T14426] 8021q: adding VLAN 0 to HW filter on device bond0 [ 491.065566][T14426] 8021q: adding VLAN 0 to HW filter on device team0 [ 491.100044][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 491.107319][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 491.161746][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 491.169067][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 491.248780][T14426] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 491.261351][T14426] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 491.624674][ T29] audit: type=1800 audit(1717791398.085:2535): pid=14624 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1962 res=0 errno=0 [ 491.677425][ T5149] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 491.695966][T14426] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 491.922695][ T5149] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 491.974459][ T5149] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 491.976700][T14631] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 492.006531][ T5149] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 492.018564][ T5149] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 492.078885][ T5149] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 492.126486][ T5149] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 492.156479][ T5149] usb 3-1: Manufacturer: syz [ 492.168876][ T5149] usb 3-1: config 0 descriptor?? [ 492.188134][ T29] audit: type=1326 audit(1717791398.655:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f45c7cf69 code=0x7ffc0000 [ 492.273670][ T29] audit: type=1326 audit(1717791398.685:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f45c7cf69 code=0x7ffc0000 [ 492.307502][T14251] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 492.357925][ T29] audit: type=1326 audit(1717791398.685:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f45c7cf69 code=0x7ffc0000 [ 492.381978][T14426] veth0_vlan: entered promiscuous mode [ 492.394768][T14426] veth1_vlan: entered promiscuous mode [ 492.434829][ T29] audit: type=1326 audit(1717791398.685:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1f45c7a6e7 code=0x7ffc0000 [ 492.507768][ T29] audit: type=1326 audit(1717791398.685:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1f45c403b9 code=0x7ffc0000 [ 492.557577][T14426] veth0_macvtap: entered promiscuous mode [ 492.580181][T14426] veth1_macvtap: entered promiscuous mode [ 492.583141][T14642] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 492.586476][ T29] audit: type=1326 audit(1717791398.685:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1f45c7a6e7 code=0x7ffc0000 [ 492.615191][ T5149] appleir 0003:05AC:8243.000A: unknown main item tag 0x0 [ 492.650184][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 492.653669][ T5149] appleir 0003:05AC:8243.000A: No inputs registered, leaving [ 492.668215][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.668235][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 492.668257][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.668275][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 492.668289][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.668310][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 492.668324][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.668340][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 492.668353][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 492.690069][T14426] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 492.776857][ T29] audit: type=1326 audit(1717791398.695:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1f45c403b9 code=0x7ffc0000 [ 492.836498][ T29] audit: type=1326 audit(1717791398.695:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f1f45c7cf69 code=0x7ffc0000 [ 492.896567][ T5149] appleir 0003:05AC:8243.000A: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 492.896620][ T29] audit: type=1326 audit(1717791398.695:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14636 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1f45c7a6e7 code=0x7ffc0000 [ 492.963356][ T5149] usb 3-1: USB disconnect, device number 7 [ 492.984445][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 493.003060][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 493.049225][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 493.084019][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 493.122203][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 493.144539][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 493.161942][T14648] loop0: detected capacity change from 0 to 2048 [ 493.165880][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 493.189756][T14648] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 493.195647][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 493.211792][T14426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 493.217694][T14648] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 493.224228][T14426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 493.245620][T14426] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 493.260000][T14426] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.275809][T14426] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.285075][T14426] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.295174][T14426] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.455278][ T2823] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 493.481069][ T2823] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 493.542920][T14658] 9pnet: p9_errstr2errno: server reported unknown error 6 [ 493.605103][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 493.636928][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 493.709484][T14664] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 493.844272][T14670] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.4'. [ 493.928965][T14670] loop4: detected capacity change from 0 to 1024 [ 494.045551][ T2798] hfsplus: b-tree write err: -5, ino 4 [ 494.209843][T14676] loop0: detected capacity change from 0 to 2048 [ 494.239884][T14676] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 494.291211][T14676] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 494.443245][T14686] 9pnet: p9_errstr2errno: server reported unknown error 6 [ 495.044232][T14700] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.0'. [ 495.065442][T14674] loop1: detected capacity change from 0 to 32768 [ 495.110881][T14700] loop0: detected capacity change from 0 to 1024 [ 495.217624][ T2823] hfsplus: b-tree write err: -5, ino 4 [ 495.702948][T14710] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 495.775488][T14714] 9pnet: p9_errstr2errno: server reported unknown error 6 [ 497.271792][T14704] loop0: detected capacity change from 0 to 40427 [ 497.293837][T14704] F2FS-fs (loop0): invalid crc value [ 497.330212][T14704] F2FS-fs (loop0): Found nat_bits in checkpoint [ 497.488883][T14704] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 497.521711][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 497.521731][ T29] audit: type=1800 audit(1717791403.985:2558): pid=14704 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 497.533603][T14704] syz-executor.0: attempt to access beyond end of device [ 497.533603][T14704] loop0: rw=34817, sector=53248, nr_sectors = 848 limit=40427 [ 497.627079][ T5106] syz-executor.0: attempt to access beyond end of device [ 497.627079][ T5106] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 497.651776][ T5106] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 497.822580][ T29] audit: type=1800 audit(1717791404.285:2559): pid=14752 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="sda1" ino=1941 res=0 errno=0 [ 498.067128][ T29] audit: type=1326 audit(1717791404.535:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c6e7cf69 code=0x7ffc0000 [ 498.130504][ T29] audit: type=1326 audit(1717791404.555:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4c6e7cf69 code=0x7ffc0000 [ 498.165186][T14760] loop4: detected capacity change from 0 to 1024 [ 498.183357][T14760] EXT4-fs: Ignoring removed orlov option [ 498.190135][ T29] audit: type=1326 audit(1717791404.555:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c6e7cf69 code=0x7ffc0000 [ 498.206484][T14760] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 498.247707][ T29] audit: type=1326 audit(1717791404.565:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb4c6e7a6e7 code=0x7ffc0000 [ 498.287337][T14760] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 498.295048][ T29] audit: type=1326 audit(1717791404.565:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb4c6e403b9 code=0x7ffc0000 [ 498.336551][T14760] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 498.345929][ T29] audit: type=1326 audit(1717791404.565:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb4c6e7a6e7 code=0x7ffc0000 [ 498.396797][T14760] EXT4-fs (loop4): invalid journal inode [ 498.402560][T14760] EXT4-fs (loop4): can't get journal size [ 498.417335][ T29] audit: type=1326 audit(1717791404.565:2566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb4c6e403b9 code=0x7ffc0000 [ 498.471458][T14760] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 498.516506][ T29] audit: type=1326 audit(1717791404.565:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb4c6e7a6e7 code=0x7ffc0000 [ 498.655647][T14426] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.733899][T14762] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 498.823257][T14767] loop4: detected capacity change from 0 to 128 [ 499.224865][T14765] loop0: detected capacity change from 0 to 32768 [ 499.308679][T14769] loop4: detected capacity change from 0 to 8192 [ 499.387873][T14769] Dev loop4: RDB in block 1 has bad checksum [ 499.669054][T14772] loop4: detected capacity change from 0 to 1024 [ 499.925514][ T2798] hfsplus: b-tree write err: -5, ino 4 [ 500.052060][T14775] 9pnet: p9_errstr2errno: server reported unknown error 6 [ 501.819771][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.826275][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 527.924390][ T53] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 527.936504][ T53] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 527.947999][ T53] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 527.956105][ T53] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 527.965646][ T53] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 527.973118][ T53] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 528.041331][ T53] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 528.064755][ T53] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 528.074481][ T53] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 528.102590][ T53] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 528.114038][ T53] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 528.146606][ T53] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 528.840818][ T5102] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 528.857599][ T5102] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 528.866214][ T5102] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 528.876102][ T5102] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 528.895156][ T5102] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 528.903418][ T5102] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 530.056608][ T53] Bluetooth: hci6: command tx timeout [ 530.217047][ T53] Bluetooth: hci7: command tx timeout [ 530.864673][ T5102] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 530.875799][ T5102] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 530.885455][ T5102] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 530.894606][ T5102] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 530.902542][ T5102] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 530.909945][ T5102] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 531.016539][ T53] Bluetooth: hci8: command tx timeout [ 531.879395][ T5102] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 531.893145][ T5102] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 531.902434][ T5102] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 531.911650][ T5102] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 531.921655][ T5102] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 531.929196][ T5102] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 532.137467][ T53] Bluetooth: hci6: command tx timeout [ 532.296965][ T53] Bluetooth: hci7: command tx timeout [ 533.017088][ T53] Bluetooth: hci9: command tx timeout [ 533.096471][ T53] Bluetooth: hci8: command tx timeout [ 533.977338][ T53] Bluetooth: hci10: command tx timeout [ 534.216999][ T53] Bluetooth: hci6: command tx timeout [ 534.376489][ T53] Bluetooth: hci7: command tx timeout [ 535.096945][ T53] Bluetooth: hci9: command tx timeout [ 535.176665][ T53] Bluetooth: hci8: command tx timeout [ 536.067244][ T53] Bluetooth: hci10: command tx timeout [ 536.296429][ T53] Bluetooth: hci6: command tx timeout [ 536.456899][ T53] Bluetooth: hci7: command tx timeout [ 537.177794][ T53] Bluetooth: hci9: command tx timeout [ 537.256448][ T53] Bluetooth: hci8: command tx timeout [ 538.137473][ T53] Bluetooth: hci10: command tx timeout [ 539.265357][ T53] Bluetooth: hci9: command tx timeout [ 540.217336][ T53] Bluetooth: hci10: command tx timeout [ 563.262014][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.268436][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 590.945663][ T5102] Bluetooth: hci1: command 0x0406 tx timeout [ 593.467322][ T5102] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 593.482202][ T5102] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 593.491924][ T5102] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 593.501150][ T5102] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 593.509162][ T5102] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 593.517592][ T5102] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 593.644637][ T53] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 593.667828][ T53] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 593.676497][ T53] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 593.686448][ T53] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 593.694268][ T53] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 593.701779][ T53] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 593.983105][ T5105] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 593.996249][ T5105] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 594.008079][ T5105] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 594.017888][ T5105] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 594.026771][ T5105] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 594.034234][ T5105] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 595.578463][ T53] Bluetooth: hci11: command tx timeout [ 595.816802][ T53] Bluetooth: hci12: command tx timeout [ 596.075433][ T5105] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 596.089933][ T5105] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 596.100380][ T5105] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 596.108715][ T5105] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 596.116509][ T5105] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 596.132094][ T5105] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 596.147303][ T53] Bluetooth: hci13: command tx timeout [ 596.998056][ T5105] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 597.011426][ T5105] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 597.023217][ T5105] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 597.031698][ T5105] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 597.045501][ T5105] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 597.053776][ T5105] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 597.657595][ T53] Bluetooth: hci11: command tx timeout [ 597.896673][ T53] Bluetooth: hci12: command tx timeout [ 598.216891][ T53] Bluetooth: hci14: command tx timeout [ 598.216911][ T5105] Bluetooth: hci13: command tx timeout [ 599.105357][ T5105] Bluetooth: hci15: command tx timeout [ 599.736541][ T5105] Bluetooth: hci11: command tx timeout [ 599.976892][ T5105] Bluetooth: hci12: command tx timeout [ 600.304624][ T5105] Bluetooth: hci14: command tx timeout [ 600.304639][ T53] Bluetooth: hci13: command tx timeout [ 601.176597][ T53] Bluetooth: hci15: command tx timeout [ 601.816462][ T53] Bluetooth: hci11: command tx timeout [ 602.056720][ T53] Bluetooth: hci12: command tx timeout [ 602.376442][ T53] Bluetooth: hci13: command tx timeout [ 602.376834][ T5105] Bluetooth: hci14: command tx timeout [ 603.257162][ T5105] Bluetooth: hci15: command tx timeout [ 604.456930][ T5105] Bluetooth: hci14: command tx timeout [ 605.336711][ T5105] Bluetooth: hci15: command tx timeout [ 606.305030][ T5105] Bluetooth: hci0: command 0x0406 tx timeout [ 624.710011][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.721348][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 649.016720][ T30] INFO: task syz-executor.1:14737 blocked for more than 143 seconds. [ 649.024846][ T30] Not tainted 6.10.0-rc2-syzkaller-00235-g8a92980606e3 #0 [ 649.056423][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. 2024/06/07 20:19:15 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 649.065133][ T30] task:syz-executor.1 state:D stack:23800 pid:14737 tgid:14736 ppid:14122 flags:0x00000006 [ 649.117775][ T30] Call Trace: [ 649.121105][ T30] [ 649.124051][ T30] __schedule+0x1796/0x49d0 [ 649.146905][ T30] ? __pfx___schedule+0x10/0x10 [ 649.151812][ T30] ? __pfx_lock_release+0x10/0x10 [ 649.174118][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 649.186395][ T30] ? schedule+0x90/0x320 [ 649.190682][ T30] schedule+0x14b/0x320 [ 649.194855][ T30] schedule_preempt_disabled+0x13/0x30 [ 649.226292][ T30] __mutex_lock+0x6a4/0xd70 [ 649.231981][ T30] ? __mutex_lock+0x527/0xd70 [ 649.247421][ T30] ? tcx_link_attach+0xed/0x950 [ 649.252326][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 649.276409][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 649.281483][ T30] tcx_link_attach+0xed/0x950 [ 649.286186][ T30] ? __pfx_tcx_link_attach+0x10/0x10 [ 649.316451][ T30] ? bpf_prog_attach_check_attach_type+0x1d6/0x4b0 [ 649.324234][ T30] link_create+0x3a0/0x8b0 [ 649.337618][ T30] ? bpf_lsm_bpf+0x9/0x10 [ 649.341996][ T30] __sys_bpf+0x4bc/0x810 [ 649.346263][ T30] ? __pfx___sys_bpf+0x10/0x10 [ 649.366415][ T30] ? __rseq_handle_notify_resume+0x353/0x14e0 [ 649.372542][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 649.386860][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 649.393232][ T30] ? do_syscall_64+0x100/0x230 [ 649.416919][ T30] __x64_sys_bpf+0x7c/0x90 [ 649.422134][ T30] do_syscall_64+0xf3/0x230 [ 649.448120][ T30] ? clear_bhb_loop+0x35/0x90 [ 649.452847][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.477073][ T30] RIP: 0033:0x7f1f45c7cf69 [ 649.481535][ T30] RSP: 002b:00007f1f46a810c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 649.496550][ T30] RAX: ffffffffffffffda RBX: 00007f1f45db3f80 RCX: 00007f1f45c7cf69 [ 649.504569][ T30] RDX: 0000000000000020 RSI: 0000000020000000 RDI: 000000000000001c [ 649.536890][ T30] RBP: 00007f1f45cda6fe R08: 0000000000000000 R09: 0000000000000000 [ 649.544917][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 649.577743][ T30] R13: 000000000000000b R14: 00007f1f45db3f80 R15: 00007ffe650c7b38 [ 649.585802][ T30] [ 649.596860][ T30] INFO: task syz-executor.1:14742 blocked for more than 143 seconds. [ 649.604949][ T30] Not tainted 6.10.0-rc2-syzkaller-00235-g8a92980606e3 #0 [ 649.636430][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 649.645130][ T30] task:syz-executor.1 state:D stack:27872 pid:14742 tgid:14736 ppid:14122 flags:0x00000006 [ 649.696409][ T30] Call Trace: [ 649.699747][ T30] [ 649.702692][ T30] __schedule+0x1796/0x49d0 [ 649.726417][ T30] ? __pfx___schedule+0x10/0x10 [ 649.732197][ T30] ? __pfx_lock_release+0x10/0x10 [ 649.756418][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 649.761949][ T30] ? schedule+0x90/0x320 [ 649.766208][ T30] schedule+0x14b/0x320 [ 649.784250][ T30] schedule_preempt_disabled+0x13/0x30 [ 649.789884][ T30] __mutex_lock+0x6a4/0xd70 [ 649.794413][ T30] ? __mutex_lock+0x527/0xd70 [ 649.799341][ T30] ? tcx_prog_detach+0x10f/0x6c0 [ 649.804295][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 649.831818][ T30] tcx_prog_detach+0x10f/0x6c0 [ 649.843148][ T30] ? __pfx___might_resched+0x10/0x10 [ 649.849757][ T30] ? __pfx_tcx_prog_detach+0x10/0x10 [ 649.855075][ T30] bpf_prog_detach+0x488/0x600 [ 649.867863][ T30] ? bpf_lsm_bpf+0x9/0x10 [ 649.872226][ T30] ? security_bpf+0x87/0xb0 [ 649.883421][ T30] __sys_bpf+0x701/0x810 [ 649.887934][ T30] ? __pfx___sys_bpf+0x10/0x10 [ 649.892729][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 649.902035][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 649.915417][ T30] ? do_syscall_64+0x100/0x230 [ 649.922662][ T30] __x64_sys_bpf+0x7c/0x90 [ 649.934271][ T30] do_syscall_64+0xf3/0x230 [ 649.941551][ T30] ? clear_bhb_loop+0x35/0x90 [ 649.946252][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [