last executing test programs: 8.68162037s ago: executing program 1 (id=1748): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000006c0), &(0x7f0000000000), 0x2}, 0x20) 8.533012283s ago: executing program 1 (id=1750): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="b40000000000000069109a0000000000040000000000000095000000000000007220abb1b364768c328613d20a4d2451a69f9642"], &(0x7f0000000080)='GPL\x00', 0x2, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48) 8.337517638s ago: executing program 1 (id=1751): socket$unix(0x1, 0x1, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r2, 0x29, 0x0, &(0x7f0000000180), 0x4) connect$inet6(r2, 0x0, 0x0) madvise(&(0x7f0000ac2000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) madvise(&(0x7f000018e000/0x3000)=nil, 0x3000, 0x1) r3 = io_uring_setup(0x344f, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, 0x0, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0) r6 = dup(r5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x12, r6, 0x0) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x4000) ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000240)={0x0, 0x1000000}) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x10) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20) socket(0x10, 0x3, 0x0) 7.313559732s ago: executing program 3 (id=1758): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="850000002e000000350000000000ba000700000008000000950000000000000064f1c09faf5d6806f8a1572b41a141d524581835d80532cb457f454698165b61a3cf5fc6dd8442230e35230163cf094949fc8b0a9114f43d1b6538f5976be4adc07e8c97d76b1895c322a1ef1f83dd6c1023158a1086f7d0f9dce435554bc34e6bdea4217cfaa9a1f8ad1087c697acd9a7ab696922c9e35f0aee6156c599c7b297de0019b27d67bfb3fe241454a04080bf7f8ce021879c820f9b80fe04be5b11cc7bf16c8a029df573db051357c71be1f5e8ce8db0f96ee1d8a312e9671e652bd6f32c7a458f129a8d8bc9a5d905441c0785d333135a04001bb4cd5b295b9add7a0247cada056be3a9e29f9d4b57ddd4130ccbbbcd6e000000000000004102d74c391acc0880312cc8a8c51c7bddd3698f620a69f46984c2a2e742fadecf0e18c91f1715450ff0e09b7e52fd66a7c81b7e62ca8c3572c3dc46dc7579c100010000000000001af7d2149c8ab5ef187087f74b65a6c7da154853894437ffcb5cc3a2b13759c42b350b09a639a8f257d81204e7e61b7f7230db061fabbdc611df1129695265a3426e02f9b24ebc243a8b7ab50e4279be8594af30231a567d1f0ac5297daa6e9e82eb90c602adffc6a3de64b1db82ac547a6a4b78a323aebbf4917450e54b989c6065aeafe708ed91d86ee0ea4ad86715a9bad226f1eda090456f50863060f074c0469fb82752e4aacbf6ab830391cdb628b5f371ce3b1431b2726cbd8b933f3ce2d452d46d56a8cc49e160581b4a23e881264d498b4b6e7c2f9bc962da260e699aa50d2da32c555047ca"], &(0x7f0000001040)='GPL\x00', 0x0, 0x6b, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5d}, 0x15) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000002c0)=r0, 0x4) sendmsg$unix(r2, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x0) 7.277422315s ago: executing program 0 (id=1759): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003f0000000000000008000f0001000000", 0x24) 7.185097713s ago: executing program 3 (id=1761): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0], 0x1, 0xc3c, &(0x7f0000000d00)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1V+1nVVawSpIwA0Igoq0Ai7IDRIXXOQGCa0QirhZJECKQJUWgUSgabQSAmYFCysqYXRm3rHHbtK4+bLT/H5t/J8585w575n2OT4TzXsmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIL/30saGDaatHAQA8SK+NvzF02O9/AHiknPL+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA20tRxFuR4r2xVpps3+8YONGcO3d+YnTs5qsNpkhRiaJdX/4ZOHjo8JEXX3p5uJsfv/699rl4ffzUsdrx+dmFxcbSUmO6NjHXPD0/3dj0M9zt+hvtbb8Atdk3z02fObNUO3Tg8LqHz1dv7Hxsd/Xo8LP7nu/WToyOjY331PT13/HWPyLdu6fiU2RHFPHlSPGt/d9J9YioxN33wm2OHffbYPSV/dfeiYnRsfaOzDTrc8vlg6mSq/oiqj0rjXR75AH04l0ZibhQ/ncqB7y33L3xhfpifWqmUTtZX1xuLjfn51KlM9pyf6pRieEUsRARrWKrB8920x9FvBopbnzYSlMRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTx25Hi3cmhOJ37qt021yO+WOYrEW+VeSXFxXw/lQeI4Yjv+n0CD7W+KOJvIsV8aqXpbu+3zytPfLX2lbkz8z213fPKh/79wYPk3IRtbCCKmGqf8bfSnf9lFwAAAAAAAAAAAADwYBTxzUhxeXZPWojeOaXNubO1U/Wpmc6ngruf/a/ltVZWVlaqqZO1nEM5R3KezDmZcyHnhZwXc17KeTnnlZxXc17L2coZlbz9nLWcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhnmPQEAAAAAAAAAAAAAAAAAAHCPDUYRvxEp/v33v9b+Xulofy/9Z48OHz/xmd7vjH/mNs9T1h6IiG/G5r6Td0f+rvFUKf+59/sF3N5AFPH1/P1/v7zVgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALaFShTxK5HiG99rpUgRMRIxGZ28Vmz16AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0s5UxKuR4md/d2R1WV9EpPa/HXvKH0dipMj5RJmvxMjBdlZGjpU5EHFgC8YP3Lmlt995sz4z01h0ww033Fi9sdVHJgAAAAAAAAAAAAAAAAB4hKUi/j5S/OTvtVI1Is5Xb+x8bHf16PCz+54vomhfBCD11r8+fupY7fj87MJiY2mpMV2bmGuenp9ubHZzAyeac+fOT4yO3Zedua3B+zz+wYHj8wtvLzbP/sLyTR/fNXBsaml5sX765g/HYPRFDPUu2dse8MToWHvQM836XHvVVLnFAPsiapvdGR55u1IR/xsp3tv/7Xg8L8vX/+jv3Fvr/j/8xbV7P9y3Plf/d2wfPz57dPj4ruc2czttdqB7241XNsLYeM/ivjzKH+pZVs3j2vRzwyOq7P8XIsXP/1GRuj2U+/8HOveK1dr/+fpaTx3dkKu2qP+f6Fl2NB+1+vsiBpZnF/qfjhhYevud/c3Z+tnG2cbckUMvvzR85OUXj7zUvyNi4ExzpjG0dmvTrx0AAAAAAAAAAAAAAAAA3C/9qYgvRYpf+ru/XJ03nuf/faZzb23+X+/83z0bnqf3ugG3un3TuX63mdfXq9xmSkU8FSme/bNn2uNNscucd7hDu1IR3y/7afrL6Qt5We7/PLP/5v1/YUOu2qL5v4/3LLuQjxP/ESke/4Nn4gs9x4mNs3vLur+IFFM/8vlcFzvKuu7zdeZEdyYGl7VfixTvn1xf2503/cRa7cHN7hZspbL/ZyPFP/zW38aP5mXrr/9x8/7ftSFXbVH/P9m7TxGx9PY7b9ZnZhqLS5t+KeCRU/b/r0eKv/6Tb8dzednHXf+ne52fPc+tz8Fu0Rb1/1M9y6p5XD/2CV8LAAAAAAAAAAAAeFjsSkX8U6T48z/dl/bnZZv5/O/0hly1RZ//e7pn2fS6z//evxubfpEBAGCb6E9F/ESk+OPp66k7N/aW839fWZv/M7rxxL19Tv+D7Xn+n+hc/xPM/y+3mVIR/5fn9Q7dZl7vj0eKX/upfbku7S7rRrrDbf8ceG1+bv+xmZn50/Xl+tRMoza+UD/dKNfdGyn+9d8+n9ettOf5dudHd+YGr80J/p1I8XMfdGs7c4K7cymfXKs9WNbujxTff399bXfe1VNrtYfK2t+MFGP/ffPa3Wu1h8vaf4wU//lurVu7q6ztvp97eq32wOn5mY+8ZQMAAAAAAAAAAAAAAAAAAGDr9aciUqS48jOXVufGr7/+V/c6AOuv/7XR/fr+/+q92U0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCikKOK/IsV7Y610rSjvdwycaM6dOz8xOnbz1QZTpKhE0a4v/wwcPHT4yIsvvTzczY9f/177XLw+fupY7fj87MJiY2mpMV2bmGuenp9ubPoZ7nb9jfa2X4Da7Jvnps+cWaodOnB43cPnqzd2Pra7enT42X3Pd2snRsfGxntq+vrveOsfke7dU/EpsiOK+KtI8a3930n/XERU4u574TbHjvttMPrK/mvvxMToWHtHZpr1ueXywVTJVX0R1Z6VRro98gB68a6MRFyIiEo54L3l7o0v1BfrUzON2sn64nJzuTk/lyqd0Zb7U41KDKeIhYhoFVs9eLab/ijiSqS48WEr/UsRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTxZKR4d3Io3i86fdVum+sRXyzzlYi3yryS4mK+n8oDxHDEd/0+gYdaXxRxMlLMp1a6XuTeb59Xnvhq7StzZ+Z7arvnlQ/9+4MHybkJ29hAFPFB+4y/lT7w+xwAAAAAAAAAAAAAtrkiXo0Ul2f3pPb80NU5pc25s7VT9amZzsf6u5/9r+W1VlZWVqqpk7WcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhmVvP2ctZxDOUdynsw5mXMh54WcF3Neynk555WcV3Ney9nKGT4nDQAAAAAAAAAAAAAAAADAfVKJIn41Unzje620UnS+X3YyOnnNPFf4VPv/AAAA//84/iOE") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) r2 = socket(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) write(r2, &(0x7f0000000000)='\"', 0x1) recvmmsg(r2, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0) 6.989031769s ago: executing program 4 (id=1762): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xc0701, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 5.725749212s ago: executing program 0 (id=1764): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r0, 0x0, 0x0, 0x44000, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10) 4.954617705s ago: executing program 3 (id=1765): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xf}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) 4.002610023s ago: executing program 0 (id=1767): socket$kcm(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'ipvlan1\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001400230300000000000000000a000000", @ANYRES32=r3], 0x34}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006970766c616e3100000000000000000008000a00", @ANYRES32=r5], 0x3c}}, 0x0) 4.002426163s ago: executing program 4 (id=1768): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000040000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9547ed387dbe9abc86a457991", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.90978977s ago: executing program 3 (id=1770): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@resgid}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 3.781755181s ago: executing program 4 (id=1771): socket$nl_generic(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000680)=ANY=[@ANYBLOB="61202a322a942072776d0080526170670b574ffb2f3630ac4f5ce88736e6f615bac8314c7845079564a77081fca97cc3b9034ab2bbfe7a1381a84b1b64daf713d8e2a18568a1a1e6969453aef2cd2ac15035a7ea9077a992771d99d4ec02b742b54a1b784140ce9f2a03e35eebd2b17d27d0"], 0xa) 3.261842803s ago: executing program 3 (id=1773): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x100002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000001080)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549cab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e6255a2e5cd64402a4de537bf113fc7370099e4faebe3f8803d000000004c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2000000000000000000000000632ff0fa874ac0769142daca624cb4e0206734b6ed975359c4c61af929e56449437f109207ab97933bfa547d54f09f318a621c0180844af3362417ea3266d51c40f1f6abeaa2e90ce22d20600e22cd20de", @ANYBLOB="d23c17f6ec95b3b885b061be4d1d842e4a63ec77a88347691f71d1e41301cf3df73c16fd088806b677d36dfdfecb4a080900060031622d37a921b1c072bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6a2be8b8ea56db5b017149cfa27eb8080778c490a639625353dde9d1c6d1e69c8f629356c70f7c3b140340ce0d51592813652003977d21460538702c7a359af24a7cd83ee44c1c69a7abd35b7d27fe6f33ed371b3db09d05553843a2ae2fc8b1246690dd9db1b67e10fbeea0f8a5045a9f351faac4ffcb8f9a57b03f295c9517551310dda73d40c81eabda5628dc79bf012d0b37b49a05b0d275d46b97c4d8b237341491a2de17488a4fb9b18bf56c96c4ee499a69841d03c75e5837b20cdd1400d9d6d6fb17f88178adc14763fab9740607eccb9a03dee8abf7639e2f9530593b41172f8261bca7a34acd8eff67d25e03ac7532262f5c1256b5ba7bbb5a9966aaf4dddcf9000000000000"], 0xf, 0x2a6, &(0x7f0000000740)="$eJzs3c9qK2UUAPAz+deoiwRxowgO6MJVuXXrplGuIHalRFAXGrz3giThwi0ErGDsqk/g0vfwEdy48Q0Et4K7dlEZmcxMk9CkrTWm0Pv7rQ7zzTlz8n0lXeXMV6+Ph4+eJnF8+nu020nU9mM/zpLoRi0qP0QjAID74yzL4q/sNpmN2ua7AQC2ofj/X7jrXgCA7fjks88/6h0cPPw4Tdvxaudk0k8iYnwy6RfrvSfxTYzicTyITpxHZBeK+IMPDx5GI811463xdNLPM8df/lrW7/0ZMcvfi050V+fvpYWF/Omk34wXI43ek2bVaideWZ3/zor86Lfi7TcX+t+NTvz2dTyNUTyKPHee//1emr6f/Xj63Rf5Y/L8pBb9ndl9c1l9m+cCAAAAAAAAAAAAAAAAAAAAAMD9tpumSTG+Zza/J79Uzt+pn8/Wd9NKd3k+T5GfVIWK+UBZlCN6pln8VM3XeZCmaVbeOM9vxGsNLxYAAAAAAAAAAAAAAAAAAACA3OG3R8PBaPT42UaCahpA9bP+29bZX7jyRhwNB/X1BXdu/qzFaQN5r1feHI1GbGhbrgteyPvZeOWd+eF+GkVQHcy/L9hcn/Xye0XRo+EgLZeqTR4Okuue1a4O7ufFpVb8103IZn8S59nymbYvWl3Oam1o51svrVz6O8uym9V594/ijMoryWzExs2e3iyDlR8wD9qXz+KX9QXXfmXUN/LFAwAAAAAAAAAAAAAAAAAAXDL/0e+KxeMrU2v/W1MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGXz9/9XQTsilq9cCqZl8lX3lEErnh3e8UcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOfBPAAAA//8s7E5o") r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r4, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000240), 0xfecc) 3.261070223s ago: executing program 2 (id=1783): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x200, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) getpeername$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0xec, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0) 3.128532364s ago: executing program 4 (id=1774): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioprio_get$uid(0x3, 0x0) recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setpriority(0x2, 0x0, 0xffffffff00000001) socket$nl_route(0x10, 0x3, 0x0) 3.06172782s ago: executing program 2 (id=1775): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003f0000000000000008000f0001000000", 0x24) 2.835826718s ago: executing program 1 (id=1776): r0 = socket(0x1e, 0x2, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4) sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10, &(0x7f0000000340)}, 0x20000014) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x3, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) unshare(0x2c040000) r4 = socket$igmp(0x2, 0x3, 0x2) getsockopt$sock_int(r4, 0x1, 0x25, 0x0, 0x0) unshare(0xe020600) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0xf, 0x0, 0x18) openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) sendmmsg$inet(r5, &(0x7f00000014c0)=[{{&(0x7f0000000c40)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, 0x0}}, {{&(0x7f0000000f80)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f0000000e80)=ANY=[], 0x18}}], 0x2, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0) 1.992474387s ago: executing program 4 (id=1777): io_setup(0x7, &(0x7f0000000280)=0x0) r1 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000880)=[&(0x7f0000000040)={0x0, 0x4000, 0x0, 0x5, 0x0, r1, 0x0}]) 1.846411589s ago: executing program 4 (id=1778): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file1\x00', 0x1600008, &(0x7f0000000100)=ANY=[@ANYRES16=0x0], 0x3, 0x632, &(0x7f0000001840)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08800, &(0x7f0000000140)=ANY=[], 0x1, 0x67c, &(0x7f0000000440)="$eJzs3c1rHOcdB/DvrFay5IKjJLaTlkBFDGmpqS1ZKK16idtD0SGU4B5CoRdhy7HwWgmSUpRQWvX92kP+gPSgQ6GXFno3pNBT21voTfRQAoVectLNZWZnpZX1kl1Z0lrN52Nm95l5Xue3M89odjET4HNr7mqaD1Nk7urra+X65sZ0a3Nj+lyd3UpSphtJs/2WYikpPkpupr3ki+XGunxxUD8fLM7e+vjTzU/aa816qco3DqvXm/V6yUSSofp9r+EjtXf7wPYON7+dKrb3sAzYlU7gYNAe7bHeT/UnPG+Bp0HRvm7uMZ6cTzJa/x2QenZonO7ojl9fsxwAAACcUc9sZStruTDocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZUj//v6iXRic9kaLz/P+Relvq9K3GgMf8JB4OegAAAAAAAAAAcAy+vJWtrOVC6h/3H7V/2X+5er1YvX4h72YlC1nOtaxlPqtZzXKmkox3NTSyNr+6ujzVQ80b+9a8cbTx//Fo1QAAAAAAAADg/83PM9f+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4WRTLUfquWi530eBrNJKNJRspy68k/Oukzothv48PTHwcAAAA8kdEj1HlmK1tZy4XO+qOiuue/XN0vj+bdLGU1i1lNKwu5U99Dl3f9jc2N6dbmxvSDzY3pquMfPmprt/Pt//Y1jKrFtL972L/nF6sSY7mbxWrLtdyuBnMnjapm6cV6PNvL7k5+Vo5p7LVajyO7U7+Xnf32oG8RjkOj3wrjVaXh7YhM1mMrG3r28Eh85qfTPLSnqTS2v/m5eEhPnV0q+oz5+U69JL9+LOav/fv3P+ixmROwHYlGqkjc6Dr6Lh8e8+Qrf/7Dm/daS/fv3V25emKH0Wl5/JiY7orEC2c6Es0+y09Wkbi0vT6X7+b7uZqJvJHlLOZHmc9qFlLPjJmvj+fydbwrSsmeSN3ctfbGZ41kpP5c2rNoL2OayLkqNZ+Xq7oXspgib+dOFvJq9e9GpvKNzGQms12f8KUDP+Fq36qZttHfWX/lq9k51X9TztS91Uv+2mvB/rUvqWVcn+2Ka/ecO17ldW/ZidJzPVyP+pwbm1+qE2UfvzjKZePEPB6Jqa5IPH94JH5XnRsrraX7y/fm3zmg/fXH1l8Z3kn/6iSvzH0rj5fnMlrPJLuPjjLv+e1ZZne8RupfXNp5jT15l6q8ouicqd/b50wtIz5blb68b0s3qrwX9uYN1SP/57+68nb9vZW3/zaYeALQp/NfOz8y9p+xv499OPbLsXtjr49+59w3z700kuG/DH+rOTn0SuOl4k/5MD/Zuf8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACObuW99+/Pt1oLy/snGgdnHW+iqB/kc1CZZsZyCsM4zUSRrB97yxn8fvWQ6DxE8EnbefPmU7E7ZzoxlKTe8tNk5/ipP6KjPFwUOBOurz545/rKe+9/ffHB/FsLby0sDc/MzE7Ozrw6ff3uYmthsv066FECJ2Hn74FBjwQAAAAAAAAAAADo1Wn8T4Ou7iYGuKsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGTV3Nc3hFJmavDZZrm9uTLfKpZPeKdlM0mgkxY+T4qPkZtpLxruaKw7q54PF2Vsff7r5yU5bzU75xmH1erNeL5lIMlS/7zFytPZuH9Rez4rtPSwDdqUTOBi0/wUAAP//6PAGzw==") setxattr$trusted_overlay_upper(&(0x7f0000000b00)='./file0\x00', &(0x7f00000003c0), 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f0000000180), 0x1, 0x520, &(0x7f00000010c0)="$eJzs3d1rLGcZAPBnNtmer+iu2otaaHuwlZyiZzdpbBu8aCuIdwWl3h9Dsgkhm2zIbupJKJqD9woi2tteeSMI3grS/0BRCnovKkrRUwV7oY7M7OTkZLub5JD9oMnvB2/mnZmdeZ53kn3n85wJ4NK6GRGvRcRURDwfEZVieqkocdAt2ec+uP/WclaSSNM3/p5EUkzLPpYUJXOjWOxqd5D7d3o8bntvf2Op2WzsFOP1zuZ2vb23f3t9c2mtsdbYWliYf2nx5cUXF+eG0s6sXa989S8//sFPv/bKr7747T/e+dut72T5zhTzD9sxbN1tUs62xQPTEbEzimATMFW0pzzpRAAAOJPsGP/TEfG5/Pi/ElP50dzZJCPNDAAAABiW9NWZ+E8SkQIAAAAXVil/BjYp1YpnAWaiVKrVus/wPh7XS81Wu/OF1dbu1kr3WdlqlEur683GXPFMbTXKSTY+n9ePxl94MJ4cPHy94UeVa/n82nKruTK5yx4AAABwqdzoOf//V6V7/n+Ce2NLDgAAABie6lE1rUwyEQAAAGBkqh+Z8s5E8gAAAABG56Pn/wAAAMAF8vXXX89Kmr//uhqx8ube7kbrzdsrjfZGbXN3ubbc2tmurbVaa830SsTmaetrtlrbX4qt3bv1TqPdqbf39u9stna3OnfWj70CGwAAABijTz3z7h+SiDj48rW8ZB7LfkwNWMCzAnBhlB7lw38eXR7A+A3azQMX3/SkEwAmptwdJJPOA5ic0zqAgQ/v/Gb4uQAAAKMx+9n+9/+nj64NABfUI93/By4U9//h8nL/Hy6vsiMAuPRGf/8/TU9dFwAAMFIzeUlKteJe4EyUPky7ohrlZHW92ZiLiE9GxO8r5SvZ+Hy+ZOIfDQAAAAAAAAAAAAAAAAAAAAAAAADAGaVpEikAAABwoUWU/poU7/+arTw303t94LHkw0o+zN8O8MZP7i51Ojvz2fR/FNMjOm8X0194lCsP3jwOAAAAo3J4nn54Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/TB/beWD8vxOaWRxn3/KxFR7Rd/Oq7mw6tRjojr/0xi+nChZyKSiJgaQvyDexHxRL/4SZZWVIssjsUvtsq1PIuRx38qTdPv9ot/49zR4XJ7N+t/Xuv3/SvFzXzY//s/XZTzGtz/lR70f1N94mc9zyfOsP4rEfHkez+vD54b8eR0//7nMH4yIP6z/VbZZ6N865v7+4PyS9+JmD3a/3z/eISjWr2zuV1v7+3fXt9cWmusNbYWFuZfWnx58cXFufrqerNR/Owb44dP/fJ/g+K/fy/iet/9X7f/faj9S73tfy6rlAet+ch/37t7/zN5rZL2rCKPf+vZ/r//J47HP7Zps7+Jzxf7gWz+7GH9oFt/2NM/++3TJ7V/ZUD7T/v93+pZ16D98fPf+N6fTtxAAMBYtff2N5aazcbOyCtvp2k6plj5gci42nXuyuMfn1Tbe7/4Xbfyau+smye0Ir0y7j82lXNXenuKX4+/cwIAAIbq6KB/0pkAAAAAAAAAAAAAAAAAAADA5TWO/06sN+bBZJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCi/wcAAP//rgHbtw==") creat(0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) fsopen(&(0x7f0000000000)='debugfs\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = creat(&(0x7f0000000080)='./file1\x00', 0x0) write$binfmt_script(r2, &(0x7f00000038c0)={'#! ', './file0'}, 0xb) 1.845724549s ago: executing program 2 (id=1779): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_opts(r0, 0x29, 0x40, &(0x7f0000000380)=ANY=[@ANYBLOB="000a06000000b1bad858db018ffe0a000000000000000000100000000000000000000000000000000500000000000000000000000000000000010720000000000602000200000000080000000000000000000000f6"], 0x60) 1.601669569s ago: executing program 2 (id=1780): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) shutdown(r0, 0x2) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000280)) 767.945937ms ago: executing program 3 (id=1781): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000380)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000086aa6cfa6336587b0003110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet6(r5, &(0x7f0000000900)={&(0x7f00000000c0)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="180200002900ff000000000000007655bcfcfa299eb6826e476640d5a9ddae4cb34521666569b31efc5c"], 0x18}, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) r9 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r9) getsockname$packet(r9, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r10, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x64, 0x2c, 0xd27, 0x0, 0x3, {0x0, 0x0, 0x0, r10, {}, {}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x4}, {0x24, 0x5, [{0x2, 0x5, 0x6, 0x8}, {0x8, 0x3, 0x2, 0x1ff}, {0x81, 0x51, 0x3, 0x178}, {0x8, 0xc9, 0xf, 0x7}]}}, @TCA_BPF_FLAGS={0x8}]}}]}, 0x64}}, 0x0) r11 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) lseek(r11, 0x851, 0x0) syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=") 765.524547ms ago: executing program 2 (id=1782): setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000100)={r2, 0x0, 0x20}, &(0x7f0000002380)=0x18) 652.535986ms ago: executing program 0 (id=1784): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_opts(r0, 0x29, 0x40, &(0x7f0000000380)=ANY=[@ANYBLOB="000a06000000b1bad858db018ffe0a000000000000000000100000000000000000000000000000000500000000000000000000000000000000010720000000000602000200000000080000000000000000000000f678326f"], 0x60) 583.994232ms ago: executing program 1 (id=1785): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) gettid() timer_settime(0x0, 0x0, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000010000)=ANY=[@ANYBLOB="03"], 0x0, 0x0) 565.199503ms ago: executing program 2 (id=1786): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff030}, {0x48, 0xc5}, {0x6}]}, 0x10) r1 = socket(0x200000100000011, 0x803, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x1e000000, &(0x7f0000000780)={&(0x7f0000000f00)=ANY=[@ANYBLOB="300000001800dd8d0000000000000000020000000000000900000000060015000a0000000c00168008000100bc"], 0x30}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'xfrm0\x00', 0x0}) socket$pppl2tp(0x18, 0x1, 0x1) sendto$packet(r1, &(0x7f0000000100)="4dcdc7d96a760000000600050000000000060000", 0x54, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) r5 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)}], 0x1}, 0x0) shutdown(r5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x41}, {{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x3}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x2, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r8}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r10 = socket$alg(0x26, 0x5, 0x0) bind$alg(r10, &(0x7f00000003c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) close(r10) accept4(r10, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, r6, 0x800, 0x70bd26, 0x25dfdbfc, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0xc010) 477.438531ms ago: executing program 0 (id=1787): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) bind$inet(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) r7 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000300)='ipvlan1\x00', 0x10) ioctl$SIOCPNENABLEPIPE(r7, 0x89ed, 0x500) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time\x00', 0x275a, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x1c}]}, &(0x7f0000000040)='syzkaller\x00', 0xa9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa}, 0x90) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000140)={0x24, r1, 0x801, 0x0, 0x0, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}}, 0x0) 459.349852ms ago: executing program 1 (id=1788): r0 = socket(0x1e, 0x2, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4) sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10, &(0x7f0000000340)}, 0x20000014) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x3, 0x0) fadvise64(0xffffffffffffffff, 0xfffffffffffffffc, 0xf, 0x4) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0) unshare(0x2c040000) r4 = socket$igmp(0x2, 0x3, 0x2) getsockopt$sock_int(r4, 0x1, 0x25, 0x0, &(0x7f00000001c0)) pipe2(&(0x7f0000000000), 0x0) unshare(0xe020600) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0xf, 0x0, 0x18) openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) sendmmsg$inet(r5, &(0x7f00000014c0)=[{{&(0x7f0000000c40)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, 0x0}}, {{&(0x7f0000000f80)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="18000000000000000000000007000000860800000003"], 0x18}}], 0x2, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000000c0)) 0s ago: executing program 0 (id=1789): unshare(0x400) r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000000c0)=0x1, 0x4) kernel console output (not intermixed with test programs): point 0x81 has invalid wMaxPacketSize 0 [ 281.549795][ T3646] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 281.575135][ T3646] usb 5-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00 [ 281.592527][ T3646] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.631553][ T3646] usb 5-1: config 0 descriptor?? [ 281.697869][ T7] usb 1-1: USB disconnect, device number 13 [ 281.784565][ T6914] smc: net device lo applied user defined pnetid SYZ2 [ 281.803118][ T6914] smc: net device lo erased user defined pnetid SYZ2 [ 282.654096][ T3646] usbhid 5-1:0.0: can't add hid device: -71 [ 282.660694][ T3646] usbhid: probe of 5-1:0.0 failed with error -71 [ 282.705029][ T3646] usb 5-1: USB disconnect, device number 19 [ 282.719985][ T6938] netlink: 16 bytes leftover after parsing attributes in process `syz.2.902'. [ 282.751005][ T6932] device syz_tun entered promiscuous mode [ 282.753761][ T7] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 282.792251][ T6932] device macsec1 entered promiscuous mode [ 282.854198][ T6932] device syz_tun left promiscuous mode [ 283.003799][ T7] usb 1-1: Using ep0 maxpacket: 32 [ 283.124027][ T7] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 283.138076][ T7] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xDB, skipping [ 283.150861][ T7] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023 [ 283.163250][ T7] usb 1-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 283.313861][ T3646] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 283.343958][ T7] usb 1-1: New USB device found, idVendor=10cf, idProduct=8067, bcdDevice=2c.27 [ 283.357782][ T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.367739][ T7] usb 1-1: Product: syz [ 283.380386][ T7] usb 1-1: Manufacturer: syz [ 283.388715][ T7] usb 1-1: SerialNumber: syz [ 283.424043][ T7] usb 1-1: config 0 descriptor?? [ 283.454125][ T6918] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 283.472774][ T6918] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 283.498949][ T7] vmk80xx 1-1:0.0: driver 'vmk80xx' failed to auto-configure device. [ 283.553779][ T3646] usb 5-1: Using ep0 maxpacket: 8 [ 283.783969][ T1967] usb 1-1: USB disconnect, device number 14 [ 283.834208][ T3646] usb 5-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3 [ 283.858650][ T3646] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.868491][ T3646] usb 5-1: Product: syz [ 283.874168][ T3646] usb 5-1: Manufacturer: syz [ 283.879214][ T3646] usb 5-1: SerialNumber: syz [ 283.910507][ T3646] usb 5-1: config 0 descriptor?? [ 284.043931][ T3646] msi2500 5-1:0.0: Registered as swradio16 [ 284.052064][ T3646] msi2500 5-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 284.281726][ T6968] kvm: emulating exchange as write [ 284.513852][ T3646] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 284.571584][ T6975] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 284.904997][ T3646] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 284.909561][ C1] hrtimer: interrupt took 250892 ns [ 284.924473][ T3646] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 284.938559][ T3646] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 284.951448][ T3646] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.994785][ T3646] usb 3-1: config 0 descriptor?? [ 285.046852][ T3646] hdpvr 3-1:0.0: Could not find bulk-in endpoint [ 285.056367][ T3646] hdpvr: probe of 3-1:0.0 failed with error -12 [ 285.252035][ T3646] usb 3-1: USB disconnect, device number 11 [ 285.888459][ T7002] device syz_tun entered promiscuous mode [ 285.902785][ T7002] device macsec1 entered promiscuous mode [ 285.944072][ T7002] device syz_tun left promiscuous mode [ 286.043822][ T7007] device wlan0 entered promiscuous mode [ 286.127273][ T7007] device wlan0 left promiscuous mode [ 286.158785][ T1967] usb 5-1: USB disconnect, device number 20 [ 287.803158][ T7043] device wlan0 entered promiscuous mode [ 287.812666][ T7043] device wlan0 left promiscuous mode [ 288.093732][ T1967] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 288.364129][ T1967] usb 2-1: Using ep0 maxpacket: 8 [ 288.654342][ T1967] usb 2-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3 [ 288.668112][ T1967] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.684726][ T1967] usb 2-1: Product: syz [ 288.696322][ T1967] usb 2-1: Manufacturer: syz [ 288.704718][ T1967] usb 2-1: SerialNumber: syz [ 288.726467][ T1967] usb 2-1: config 0 descriptor?? [ 288.934791][ T1967] msi2500 2-1:0.0: Registered as swradio16 [ 288.941010][ T1967] msi2500 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 289.342640][ T7087] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 289.439073][ T7105] device wlan0 entered promiscuous mode [ 289.657733][ T7105] device wlan0 left promiscuous mode [ 289.683849][ T1967] Bluetooth: hci1: command 0x0406 tx timeout [ 289.691649][ T1967] Bluetooth: hci4: command 0x0406 tx timeout [ 290.304694][ T7119] device pim6reg1 entered promiscuous mode [ 290.551782][ T7130] netlink: 24 bytes leftover after parsing attributes in process `syz.2.965'. [ 290.942089][ T3616] usb 2-1: USB disconnect, device number 15 [ 291.083441][ T7144] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 291.234263][ T7147] netlink: 8 bytes leftover after parsing attributes in process `syz.1.970'. [ 291.253932][ T1967] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 291.470903][ T7154] device syzkaller0 entered promiscuous mode [ 291.482560][ T7157] device wlan0 entered promiscuous mode [ 291.493308][ T7157] device wlan0 left promiscuous mode [ 291.533842][ T3619] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 291.638122][ T7163] usb usb9: usbfs: process 7163 (syz.4.977) did not claim interface 0 before use [ 291.677420][ T1967] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 291.691110][ T1967] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.703958][ T1967] usb 3-1: config 0 descriptor?? [ 291.745791][ T1967] gspca_main: spca508-2.14.0 probing 8086:0110 [ 291.783750][ T3619] usb 1-1: Using ep0 maxpacket: 8 [ 291.973936][ T1967] gspca_spca508: reg_read err -32 [ 292.024093][ T1967] gspca_spca508: reg_read err -32 [ 292.063868][ T3619] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 292.065247][ T1967] gspca_spca508: reg_read err -32 [ 292.078168][ T3619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.086360][ T3619] usb 1-1: Product: syz [ 292.090521][ T3619] usb 1-1: Manufacturer: syz [ 292.098654][ T3619] usb 1-1: SerialNumber: syz [ 292.106081][ T3619] usb 1-1: config 0 descriptor?? [ 292.133783][ T1967] gspca_spca508: reg_read err -32 [ 292.146523][ T3619] gspca_main: sq930x-2.14.0 probing 2770:930c [ 292.348598][ T7149] udc-core: couldn't find an available UDC or it's busy [ 292.355691][ T7149] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 292.373797][ T3619] gspca_sq930x: reg_r 001f failed -71 [ 292.379750][ T3619] sq930x: probe of 1-1:0.0 failed with error -71 [ 292.389833][ T3619] usb 1-1: USB disconnect, device number 15 [ 292.393952][ T1967] gspca_spca508: reg write: error -71 [ 292.406254][ T1967] spca508: probe of 3-1:0.0 failed with error -71 [ 292.416538][ T1967] usb 3-1: USB disconnect, device number 12 [ 292.773821][ T3646] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 293.023729][ T3646] usb 4-1: Using ep0 maxpacket: 8 [ 293.047329][ T7181] sctp: [Deprecated]: syz.4.981 (pid 7181) Use of struct sctp_assoc_value in delayed_ack socket option. [ 293.047329][ T7181] Use struct sctp_sack_info instead [ 293.303957][ T3646] usb 4-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3 [ 293.313777][ T3646] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.326790][ T3646] usb 4-1: Product: syz [ 293.333324][ T3646] usb 4-1: Manufacturer: syz [ 293.398915][ T3646] usb 4-1: SerialNumber: syz [ 293.426125][ T3646] usb 4-1: config 0 descriptor?? [ 293.582848][ T3646] msi2500 4-1:0.0: Registered as swradio16 [ 293.596880][ T3646] msi2500 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 294.197064][ T7199] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 294.220695][ T7211] device wlan0 entered promiscuous mode [ 294.327173][ T7211] device wlan0 left promiscuous mode [ 294.765754][ T7227] netlink: 52 bytes leftover after parsing attributes in process `syz.1.997'. [ 295.666343][ T7239] binder: transaction release 6 bad object at offset 36, size 72 [ 295.948960][ T3619] usb 4-1: USB disconnect, device number 19 [ 297.259396][ T3621] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 297.926614][ T7270] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1014'. [ 298.004983][ T3621] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 298.105323][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 298.122062][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 298.141588][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0 [ 298.224035][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 298.247144][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 298.339640][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0 [ 298.454399][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 298.470058][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 298.482027][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0 [ 298.588072][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 298.656282][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 298.695987][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0 [ 298.803875][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 298.813373][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 298.843799][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0 [ 298.903088][ T7288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1022'. [ 298.939828][ T7288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1022'. [ 298.974054][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 298.987948][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 298.999764][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0 [ 299.844047][ T23] Bluetooth: hci0: command 0x0406 tx timeout [ 299.851243][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 299.861505][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 299.872731][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0 [ 299.903802][ T3625] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 299.973760][ T3621] usb 1-1: unable to read config index 7 descriptor/start: -71 [ 299.991843][ T3621] usb 1-1: can't read configurations, error -71 [ 300.078440][ T7316] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1031'. [ 300.083764][ T3646] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 300.126699][ T3616] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 300.174846][ T3625] usb 3-1: Using ep0 maxpacket: 8 [ 300.463879][ T3646] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 300.486241][ T3646] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.524194][ T3625] usb 3-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3 [ 300.533341][ T3616] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 300.556611][ T3625] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.568302][ T3616] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.571166][ T3646] usb 5-1: config 0 descriptor?? [ 300.605855][ T3625] usb 3-1: Product: syz [ 300.612897][ T3616] usb 2-1: config 0 descriptor?? [ 300.633439][ T3625] usb 3-1: Manufacturer: syz [ 300.660295][ T3646] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 300.671727][ T3625] usb 3-1: SerialNumber: syz [ 300.682914][ T3625] usb 3-1: config 0 descriptor?? [ 300.695065][ T3616] gspca_main: spca508-2.14.0 probing 8086:0110 [ 300.866665][ T3646] gspca_sonixj: reg_w1 err -71 [ 300.893908][ T3646] sonixj: probe of 5-1:0.0 failed with error -71 [ 300.913857][ T3616] gspca_spca508: reg_read err -32 [ 300.925697][ T3625] msi2500 3-1:0.0: Registered as swradio16 [ 300.931503][ T3625] msi2500 3-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 300.954131][ T3616] gspca_spca508: reg_read err -32 [ 301.003286][ T3646] usb 5-1: USB disconnect, device number 21 [ 301.013900][ T3616] gspca_spca508: reg_read err -32 [ 301.073758][ T3616] gspca_spca508: reg_read err -32 [ 301.113953][ T3616] gspca_spca508: reg_read err -32 [ 301.374891][ T3616] gspca_spca508: reg write: error -71 [ 301.380863][ T3616] spca508: probe of 2-1:0.0 failed with error -71 [ 301.429858][ T3616] usb 2-1: USB disconnect, device number 16 [ 301.551763][ T7324] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 303.375837][ T7360] dccp_check_seqno: Step 6 failed for RESET packet, (LSWL(71150611640163) <= P.seqno(0) <= S.SWH(71150611640237)) and (P.ackno exists or LAWL(141264886084524) <= P.ackno(141264886084527) <= S.AWH(141264886084527), sending SYNC... [ 303.725281][ T7363] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1043'. [ 303.909553][ T3627] usb 3-1: USB disconnect, device number 13 [ 304.987917][ T3627] Bluetooth: hci2: command 0x0406 tx timeout [ 305.543328][ T7404] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1060'. [ 306.513910][ T3619] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 306.903769][ T3619] usb 5-1: Using ep0 maxpacket: 8 [ 307.034058][ T3619] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 307.050446][ T3619] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 307.060857][ T3619] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 307.071218][ T3619] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 307.085806][ T3619] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 307.129718][ T3619] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.434022][ T3619] usb 5-1: GET_CAPABILITIES returned 0 [ 307.439529][ T3619] usbtmc 5-1:16.0: can't read capabilities [ 307.693809][ C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 307.953400][ T7436] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1066'. [ 309.503522][ T3559] usb 5-1: USB disconnect, device number 22 [ 312.346653][ T7480] ptrace attach of "./syz-executor exec"[7483] was attempted by ""[7480] [ 312.510387][ T7486] device vlan2 entered promiscuous mode [ 312.516544][ T7486] bond0: (slave vlan2): Error -34 calling dev_set_mtu [ 318.244548][ T1388] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.250937][ T1388] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.193436][ T7564] netlink: 'syz.4.1116': attribute type 10 has an invalid length. [ 319.222056][ T7564] netlink: 55 bytes leftover after parsing attributes in process `syz.4.1116'. [ 319.253796][ T1967] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 319.923706][ T3559] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 320.077995][ T1967] usb 4-1: Using ep0 maxpacket: 8 [ 320.213993][ T1967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 320.225880][ T3559] usb 3-1: Using ep0 maxpacket: 32 [ 320.247438][ T1967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 320.258752][ T1967] usb 4-1: New USB device found, idVendor=056a, idProduct=0028, bcdDevice= 0.00 [ 320.268179][ T1967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.306394][ T1967] usb 4-1: config 0 descriptor?? [ 320.343794][ T3627] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 320.365224][ T3559] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 320.384759][ T3559] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 2, skipping [ 320.396454][ T3559] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 320.573982][ T3559] usb 3-1: New USB device found, idVendor=10cf, idProduct=8067, bcdDevice=2c.27 [ 320.590942][ T3559] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.599599][ T3559] usb 3-1: Product: syz [ 320.607681][ T3559] usb 3-1: Manufacturer: syz [ 320.613119][ T3559] usb 3-1: SerialNumber: syz [ 320.623734][ T3627] usb 5-1: Using ep0 maxpacket: 32 [ 320.628652][ T3559] usb 3-1: config 0 descriptor?? [ 320.683993][ T1967] usbhid 4-1:0.0: can't add hid device: -71 [ 320.692315][ T1967] usbhid: probe of 4-1:0.0 failed with error -71 [ 320.744506][ T3627] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 320.749961][ T3559] vmk80xx 3-1:0.0: driver 'vmk80xx' failed to auto-configure device. [ 320.767233][ T1967] usb 4-1: USB disconnect, device number 20 [ 320.787793][ T3627] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 320.810378][ T3627] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 320.820213][ T3627] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.885275][ T3627] hub 5-1:4.0: USB hub found [ 320.901285][ T3619] usb 3-1: USB disconnect, device number 14 [ 321.109944][ T3627] hub 5-1:4.0: 2 ports detected [ 327.612177][ T1967] usb 5-1: USB disconnect, device number 23 [ 327.692673][ T3627] hub 5-1:4.0: hub_ext_port_status failed (err = -71) [ 328.272894][ T7629] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1135'. [ 328.783854][ T1967] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 329.194059][ T1967] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 329.203121][ T1967] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.216185][ T1967] usb 5-1: config 0 descriptor?? [ 329.279049][ T1967] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 329.923857][ T1967] gspca_sonixj: reg_w1 err -71 [ 329.928739][ T1967] sonixj: probe of 5-1:0.0 failed with error -71 [ 329.938980][ T1967] usb 5-1: USB disconnect, device number 24 [ 330.843902][ T1967] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 332.063827][ T1967] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 332.144032][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 332.170135][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 332.181780][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0 [ 332.263948][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 332.272876][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 332.286976][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0 [ 332.373989][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 332.382989][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 332.393909][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0 [ 332.473811][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 332.482822][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 332.493766][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0 [ 332.574011][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 332.583054][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 332.597154][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0 [ 332.683774][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 332.692703][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 332.704742][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0 [ 332.783880][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 332.792815][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 332.807859][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0 [ 332.893927][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 332.902835][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 332.914667][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0 [ 333.074001][ T1967] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 333.083102][ T1967] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 333.091639][ T1967] usb 2-1: Product: syz [ 333.095864][ T1967] usb 2-1: Manufacturer: syz [ 333.100461][ T1967] usb 2-1: SerialNumber: syz [ 333.107702][ T1967] usb 2-1: config 0 descriptor?? [ 333.148414][ T1967] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0 [ 333.350508][ T1967] usb 2-1: USB disconnect, device number 17 [ 333.364623][ T1967] yurex 2-1:0.0: USB YUREX #0 now disconnected [ 334.394217][ T3619] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 334.753009][ T3619] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 335.014391][ T3619] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 335.023291][ T3619] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 335.724074][ T3619] usb 1-1: config 0 interface 0 has no altsetting 0 [ 335.731682][ T7698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1156'. [ 335.833932][ T3619] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 335.853100][ T3619] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 335.854093][ T7701] bond0: (slave netdevsim0): Releasing backup interface [ 335.873685][ T3619] usb 1-1: config 0 interface 0 has no altsetting 0 [ 335.908288][ T7701] batman_adv: batadv1: Adding interface: netdevsim0 [ 335.915720][ T7701] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 335.943014][ T7701] batman_adv: batadv1: Not using interface netdevsim0 (retrying later): interface not active [ 336.028600][ T3619] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 336.645729][ T7698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1156'. [ 336.662417][ T3619] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 336.724710][ T7698] batman_adv: batadv1: Removing interface: netdevsim0 [ 336.731575][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 336.731646][ T26] audit: type=1326 audit(1723767958.239:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7705 comm="syz.2.1161" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa64b7089b9 code=0x0 [ 336.876034][ T3619] usb 1-1: config 0 interface 0 has no altsetting 0 [ 338.226140][ T3619] usb 1-1: unable to read config index 3 descriptor/all [ 338.239365][ T3619] usb 1-1: can't read configurations, error -71 [ 338.673804][ T3619] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 338.863300][ T1075] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 339.074115][ T3619] usb 1-1: Using ep0 maxpacket: 8 [ 339.134788][ T1075] usb 2-1: Using ep0 maxpacket: 32 [ 339.218339][ T1967] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 339.230808][ T1967] Bluetooth: hci4: Injecting HCI hardware error event [ 339.239970][ T3587] Bluetooth: hci4: hardware error 0x00 [ 339.244297][ T3619] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 339.263328][ T3619] usb 1-1: config 0 has no interface number 0 [ 339.271211][ T1075] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 339.363182][ T3619] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 339.374989][ T3619] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 339.384395][ T3619] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.398765][ T3619] usb 1-1: config 0 descriptor?? [ 339.545014][ T1075] usb 2-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=93.a8 [ 339.563758][ T7748] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 339.726060][ T3619] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 339.736542][ T1075] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.744890][ T1075] usb 2-1: Product: syz [ 339.750802][ T1075] usb 2-1: Manufacturer: syz [ 339.848675][ T7748] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 339.858137][ T3619] usb 1-1: USB disconnect, device number 19 [ 339.868771][ T1075] usb 2-1: SerialNumber: syz [ 339.956502][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 339.987511][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 340.060651][ T3619] iowarrior 1-1:0.1: I/O-Warror #0 now disconnected [ 340.118525][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0 [ 340.151217][ T1075] usb 2-1: config 0 descriptor?? [ 340.244115][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 340.254477][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 340.341949][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0 [ 340.422874][ T1967] usb 2-1: USB disconnect, device number 18 [ 340.423844][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 340.441857][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 340.454303][ T3638] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 340.465003][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0 [ 340.543830][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 340.552813][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 340.567124][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0 [ 340.654047][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 340.663172][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 340.674622][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0 [ 340.753989][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 340.763765][ T3625] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 340.764413][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 340.785155][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0 [ 340.823856][ T3638] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 340.873892][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 340.883063][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 340.894183][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0 [ 340.933890][ T3619] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 340.974156][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 340.988916][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 341.000994][ T3638] usb 4-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d [ 341.010353][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0 [ 341.017527][ T3638] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.026105][ T3638] usb 4-1: Product: syz [ 341.037230][ T3638] usb 4-1: Manufacturer: syz [ 341.037440][ T3625] usb 5-1: Using ep0 maxpacket: 32 [ 341.046215][ T3638] usb 4-1: SerialNumber: syz [ 341.067678][ T3638] usb 4-1: config 0 descriptor?? [ 341.184732][ T7748] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 341.188936][ T3625] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 341.193909][ T3619] usb 1-1: Using ep0 maxpacket: 16 [ 341.209911][ T7748] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 341.219073][ T7748] usb 3-1: Product: syz [ 341.223377][ T7748] usb 3-1: Manufacturer: syz [ 341.223620][ T3625] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xDB, skipping [ 341.228493][ T7748] usb 3-1: SerialNumber: syz [ 341.249095][ T3625] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023 [ 341.254532][ T7748] usb 3-1: config 0 descriptor?? [ 341.269628][ T3625] usb 5-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 341.309035][ T3638] usb 4-1: USB disconnect, device number 21 [ 341.335804][ T7748] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0 [ 341.453820][ T3625] usb 5-1: New USB device found, idVendor=10cf, idProduct=8067, bcdDevice=2c.27 [ 341.469213][ T3625] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.479081][ T3625] usb 5-1: Product: syz [ 341.489579][ T3625] usb 5-1: Manufacturer: syz [ 341.494083][ T3619] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 341.494331][ T3625] usb 5-1: SerialNumber: syz [ 341.503212][ T3619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.503238][ T3619] usb 1-1: Product: syz [ 341.503253][ T3619] usb 1-1: Manufacturer: syz [ 341.503266][ T3619] usb 1-1: SerialNumber: syz [ 341.543783][ T3619] r8152-cfgselector 1-1: config 0 descriptor?? [ 341.545113][ T3625] usb 5-1: config 0 descriptor?? [ 341.579627][ T7763] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 341.589145][ T7763] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 341.604890][ T3638] usb 3-1: USB disconnect, device number 15 [ 341.630274][ T3638] yurex 3-1:0.0: USB YUREX #0 now disconnected [ 341.633785][ T3625] vmk80xx 5-1:0.0: driver 'vmk80xx' failed to auto-configure device. [ 341.868848][ T3619] r8152-cfgselector 1-1: Unknown version 0x0000 [ 341.877598][ T3625] usb 5-1: USB disconnect, device number 25 [ 341.903852][ T3619] r8152-cfgselector 1-1: Unknown version 0x0000 [ 341.911138][ T3619] r8152-cfgselector 1-1: bad CDC descriptors [ 341.954756][ T3619] r8152-cfgselector 1-1: Unknown version 0x0000 [ 341.991837][ T3619] r8152-cfgselector 1-1: USB disconnect, device number 20 [ 342.231002][ T7790] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 342.848601][ T7803] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1197'. [ 343.076295][ T1967] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 343.109342][ T7803] device batadv0 entered promiscuous mode [ 343.126126][ T7803] device macvtap1 entered promiscuous mode [ 347.125495][ T7803] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 347.150884][ T7807] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1197'. [ 347.252013][ T7807] device batadv0 left promiscuous mode [ 347.493899][ T1967] usb 5-1: device not accepting address 26, error -71 [ 348.490473][ T7848] device gretap0 entered promiscuous mode [ 348.508976][ T7848] device macsec1 entered promiscuous mode [ 348.539812][ T7848] device gretap0 left promiscuous mode [ 348.782716][ T1967] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 348.844147][ T3619] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 349.132299][ T1967] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 349.254227][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 349.292779][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 349.323861][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0 [ 349.437060][ T3619] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 349.474312][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 349.483249][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 349.546973][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0 [ 349.652005][ T7859] print_req_error: 19 callbacks suppressed [ 349.652039][ T7859] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 349.668492][ T3619] usb 1-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d [ 349.670962][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 349.689252][ T3619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 349.699659][ T3619] usb 1-1: Product: syz [ 349.709078][ T3619] usb 1-1: Manufacturer: syz [ 349.722219][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 349.727699][ T3619] usb 1-1: SerialNumber: syz [ 349.748419][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0 [ 349.786652][ T3619] usb 1-1: config 0 descriptor?? [ 349.893955][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 349.910080][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 349.922491][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0 [ 350.003861][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 350.021751][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 350.060993][ T7875] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1219'. [ 350.094308][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0 [ 350.132151][ T3625] usb 1-1: USB disconnect, device number 21 [ 350.223916][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 350.233062][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 350.245124][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0 [ 350.289092][ T7882] device gretap0 entered promiscuous mode [ 350.295878][ T7882] device macsec1 entered promiscuous mode [ 350.304640][ T7882] device gretap0 left promiscuous mode [ 350.323971][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 350.343771][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 350.363739][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0 [ 350.445933][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 350.457684][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 350.463689][ T3619] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 350.471788][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0 [ 350.664579][ T1967] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 350.685168][ T1967] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 350.703677][ T1967] usb 5-1: Product: syz [ 350.707942][ T1967] usb 5-1: Manufacturer: syz [ 350.712571][ T1967] usb 5-1: SerialNumber: syz [ 350.713834][ T3619] usb 2-1: Using ep0 maxpacket: 32 [ 350.734786][ T1967] usb 5-1: config 0 descriptor?? [ 350.790177][ T1967] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 350.928564][ T7897] fuse: Bad value for 'fd' [ 350.959637][ T3619] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 351.004383][ T3619] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.034392][ T3619] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 351.121933][ T3619] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.367445][ T3619] hub 2-1:4.0: USB hub found [ 351.374339][ T1967] usb 5-1: USB disconnect, device number 28 [ 351.399838][ T1967] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 351.496523][ T3619] hub 2-1:4.0: 2 ports detected [ 352.700748][ T7918] device gretap0 entered promiscuous mode [ 352.714795][ T7918] device macsec1 entered promiscuous mode [ 352.733112][ T7918] device gretap0 left promiscuous mode [ 352.808924][ T3619] hub 2-1:4.0: activate --> -90 [ 353.260743][ T3559] usb 2-1: USB disconnect, device number 19 [ 353.274874][ T3619] hub 2-1:4.0: hub_ext_port_status failed (err = -71) [ 353.295115][ T3619] usb 2-1-port1: attempt power cycle [ 353.835423][ T7928] device gretap0 entered promiscuous mode [ 353.841858][ T7928] device macsec1 entered promiscuous mode [ 353.917195][ T7928] device gretap0 left promiscuous mode [ 354.218517][ T7945] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 354.294302][ T3559] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 354.694599][ T3559] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 354.883963][ T3559] usb 2-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d [ 354.897559][ T3559] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 354.916325][ T3559] usb 2-1: Product: syz [ 354.926380][ T3559] usb 2-1: Manufacturer: syz [ 354.936487][ T3559] usb 2-1: SerialNumber: syz [ 354.950740][ T3559] usb 2-1: config 0 descriptor?? [ 355.228784][ T3619] usb 2-1: USB disconnect, device number 24 [ 355.488395][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 356.317285][ T7967] loop2: detected capacity change from 0 to 32768 [ 356.335600][ T7978] netlink: 'syz.3.1257': attribute type 29 has an invalid length. [ 356.355303][ T7978] netlink: 'syz.3.1257': attribute type 29 has an invalid length. [ 356.387383][ T7979] netlink: 'syz.3.1257': attribute type 29 has an invalid length. [ 356.396016][ T7967] Dev loop2 SGI disklabel: csum bad, label corrupted [ 356.424146][ T3027] Dev loop2 SGI disklabel: csum bad, label corrupted [ 357.293948][ T3559] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 357.723314][ T3559] usb 2-1: Using ep0 maxpacket: 32 [ 357.872724][ T7996] syz.2.1264 sent an empty control message without MSG_MORE. [ 358.105101][ T3559] usb 2-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32 [ 358.177809][ T3559] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.356423][ T3559] usb 2-1: Product: syz [ 358.483889][ T3559] usb 2-1: Manufacturer: syz [ 358.488523][ T3559] usb 2-1: SerialNumber: syz [ 358.499264][ T3559] usb 2-1: config 0 descriptor?? [ 359.622090][ T7988] loop3: detected capacity change from 0 to 32768 [ 359.711313][ T3559] usb 2-1: USB disconnect, device number 25 [ 359.784705][ T7988] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 359.793542][ T7988] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 359.917223][ T7988] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 359.960237][ T7748] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 359.969181][ T7748] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 360.125446][ T3559] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.142556][ T8012] loop4: detected capacity change from 0 to 2048 [ 360.169830][ T7748] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 200ms [ 360.211651][ T7748] gfs2: fsid=syz:syz.0: jid=0: Done [ 360.230088][ T7988] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 360.291615][ T7988] gfs2: fsid=syz:syz.0: can't start logd thread: -4 [ 360.465007][ T8025] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1272'. [ 361.022093][ T8012] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none. [ 361.085820][ T26] audit: type=1800 audit(1723767982.609:213): pid=8012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1265" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 361.339747][ T8035] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 361.339846][ T8040] loop2: detected capacity change from 0 to 512 [ 361.371864][ T8035] EXT4-fs (loop4): Remounting filesystem read-only [ 361.382233][ T8035] EXT4-fs error (device loop4) in ext4_evict_inode:257: Readonly filesystem [ 361.410081][ T8035] EXT4-fs error (device loop4) in ext4_evict_inode:257: Readonly filesystem [ 362.195724][ T8048] loop3: detected capacity change from 0 to 512 [ 362.254739][ T8040] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 362.301545][ T8040] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038 (0x7fffffff) [ 362.333936][ T8048] EXT4-fs (loop3): orphan cleanup on readonly fs [ 362.351030][ T8048] EXT4-fs error (device loop3): ext4_quota_enable:6383: comm syz.3.1275: Bad quota inum: 11, type: 1 [ 362.410474][ T8048] EXT4-fs warning (device loop3): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=11). Please run e2fsck to fix. [ 362.481100][ T8048] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 362.537313][ T8048] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 362.564194][ T3616] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 362.669112][ T8054] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 362.708985][ T8054] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 362.745079][ T8054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 362.833938][ T3616] usb 1-1: Using ep0 maxpacket: 32 [ 364.004235][ T3616] usb 1-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32 [ 364.013321][ T3616] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 364.138649][ T8079] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1287'. [ 364.145076][ T3616] usb 1-1: Product: syz [ 364.158768][ T3616] usb 1-1: Manufacturer: syz [ 364.179218][ T3616] usb 1-1: SerialNumber: syz [ 364.252384][ T3616] usb 1-1: config 0 descriptor?? [ 364.914766][ T8093] loop2: detected capacity change from 0 to 512 [ 365.463113][ T8093] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 365.954005][ T8093] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038 (0x7fffffff) [ 366.368470][ T3616] usb 1-1: USB disconnect, device number 22 [ 366.653763][ T8118] kvm: vcpu 0: requested 16 ns lapic timer period limited to 200000 ns [ 367.310907][ T8134] loop3: detected capacity change from 0 to 2048 [ 367.419836][ T8140] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1305'. [ 367.590212][ T8140] device bridge_slave_0 left promiscuous mode [ 367.604291][ T8140] bridge0: port 1(bridge_slave_0) entered disabled state [ 368.696195][ T8149] loop1: detected capacity change from 0 to 2048 [ 369.070770][ T8134] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 369.265654][ T26] audit: type=1800 audit(1723767990.789:214): pid=8134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1303" name="memory.events" dev="loop3" ino=18 res=0 errno=0 [ 369.344330][ T8149] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 369.355226][ T8149] ext4 filesystem being mounted at /195/bus supports timestamps until 2038 (0x7fffffff) [ 369.817869][ T26] audit: type=1804 audit(1723767991.129:215): pid=8155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1303" name="/newroot/159/file1/memory.events" dev="loop3" ino=18 res=1 errno=0 [ 371.365573][ T3621] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 371.401742][ T8174] loop0: detected capacity change from 0 to 132 [ 371.686415][ T3621] usb 4-1: Using ep0 maxpacket: 32 [ 371.994336][ T3621] usb 4-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32 [ 372.019692][ T3621] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.085352][ T3621] usb 4-1: Product: syz [ 372.108649][ T3621] usb 4-1: Manufacturer: syz [ 372.135120][ T3621] usb 4-1: SerialNumber: syz [ 372.208500][ T3621] usb 4-1: config 0 descriptor?? [ 372.607919][ T8181] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 372.721041][ T8181] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 372.943736][ T8191] loop0: detected capacity change from 0 to 512 [ 373.012849][ T8191] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 373.218984][ T8194] loop2: detected capacity change from 0 to 2048 [ 373.264156][ T8191] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 374.186727][ T3621] usb 4-1: USB disconnect, device number 22 [ 374.223103][ T8194] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 374.234494][ T8194] ext4 filesystem being mounted at /187/bus supports timestamps until 2038 (0x7fffffff) [ 374.254068][ T8191] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 374.468155][ T8191] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 374.476452][ T8191] System zones: 0-2, 18-18, 34-34 [ 374.493334][ T8191] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 375.149765][ T8191] EXT4-fs (loop0): 1 truncate cleaned up [ 375.164673][ T8209] vivid-004: disconnect [ 375.223208][ T8191] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 375.249147][ T8208] vivid-004: reconnect [ 375.309658][ T8191] EXT4-fs error (device loop0): ext4_generic_delete_entry:2680: inode #12: block 13: comm syz.0.1315: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=4096 fake=0 [ 375.508711][ T26] audit: type=1326 audit(1723767997.029:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000 [ 375.580486][ T8222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1324'. [ 375.593455][ T8191] EXT4-fs error (device loop0) in ext4_delete_entry:2751: Corrupt filesystem [ 375.730296][ T26] audit: type=1326 audit(1723767997.039:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000 [ 376.224079][ T26] audit: type=1326 audit(1723767997.039:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f00916319b9 code=0x7ffc0000 [ 376.373779][ T26] audit: type=1326 audit(1723767997.039:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000 [ 376.435133][ T26] audit: type=1326 audit(1723767997.119:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f00916319b9 code=0x7ffc0000 [ 376.490007][ T26] audit: type=1326 audit(1723767998.009:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000 [ 376.513099][ T26] audit: type=1326 audit(1723767998.029:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000 [ 376.642032][ T26] audit: type=1326 audit(1723767998.159:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f00916319b9 code=0x7ffc0000 [ 376.710119][ T26] audit: type=1326 audit(1723767998.189:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x0 [ 377.621318][ T8242] loop1: detected capacity change from 0 to 2048 [ 378.375557][ T8242] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 378.386246][ T8242] ext4 filesystem being mounted at /198/bus supports timestamps until 2038 (0x7fffffff) [ 378.398368][ T3621] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 378.554535][ T8224] loop2: detected capacity change from 0 to 40427 [ 378.603651][ T4786] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 378.670268][ T8224] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 378.683533][ T8224] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 378.743717][ T3621] usb 5-1: Using ep0 maxpacket: 32 [ 378.750626][ T8224] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 378.832452][ T8224] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 378.853706][ T4786] usb 1-1: Using ep0 maxpacket: 8 [ 378.854908][ T8224] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 378.879361][ T3587] Bluetooth: hci1: Dropping invalid advertising data [ 378.974060][ T4786] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 378.992720][ T4786] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 379.042595][ T4786] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 379.060805][ T4786] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 379.081757][ T4786] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 379.497878][ T4786] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 379.508016][ T4786] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.678306][ T1388] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.697967][ T1388] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.738162][ T3621] usb 5-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32 [ 379.806482][ T5273] attempt to access beyond end of device [ 379.806482][ T5273] loop2: rw=2049, want=45104, limit=40427 [ 379.952730][ T3621] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 379.973773][ T3621] usb 5-1: Product: syz [ 379.983794][ T4786] usb 1-1: usb_control_msg returned -32 [ 379.989318][ T3621] usb 5-1: Manufacturer: syz [ 379.989387][ T4786] usbtmc 1-1:16.0: can't read capabilities [ 380.008750][ T3621] usb 5-1: SerialNumber: syz [ 380.061312][ T3621] usb 5-1: config 0 descriptor?? [ 380.109259][ T3621] usb 5-1: can't set config #0, error -71 [ 380.129111][ T3621] usb 5-1: USB disconnect, device number 29 [ 381.599243][ T8284] loop3: detected capacity change from 0 to 512 [ 381.607940][ T8285] loop4: detected capacity change from 0 to 2048 [ 381.941843][ T3627] usb 1-1: USB disconnect, device number 23 [ 382.023153][ T8284] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 382.056023][ T8285] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 382.068299][ T8285] ext4 filesystem being mounted at /190/bus supports timestamps until 2038 (0x7fffffff) [ 382.095521][ T8284] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e12c, mo2=0002] [ 382.104573][ T8284] EXT4-fs (loop3): orphan cleanup on readonly fs [ 382.116795][ T8284] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1347: bg 0: block 361: padding at end of block bitmap is not set [ 382.139270][ T8284] EXT4-fs (loop3): Remounting filesystem read-only [ 382.145833][ T8284] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6186: Corrupt filesystem [ 382.157276][ T8284] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.1347: attempt to clear invalid blocks 33619980 len 1 [ 382.181246][ T8284] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1347: invalid indirect mapped block 1811939328 (level 0) [ 382.195827][ T8284] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1347: invalid indirect mapped block 2185560079 (level 1) [ 382.302903][ T8284] EXT4-fs (loop3): 1 truncate cleaned up [ 382.308731][ T8284] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,noblock_validity,discard,errors=remount-ro,inode_readahead_blks=0x0000000000000000. Quota mode: none. [ 383.267456][ T8310] devpts: called with bogus options [ 383.499916][ T8288] loop1: detected capacity change from 0 to 512 [ 383.619518][ T8288] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 383.663063][ T8288] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038 (0x7fffffff) [ 383.784421][ T8288] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 384.055342][ T8309] loop4: detected capacity change from 0 to 40427 [ 384.109072][ T8309] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 384.123231][ T8309] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 384.207723][ T8309] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 384.288581][ T8309] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 384.295752][ T8309] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 385.092255][ T4786] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 385.372813][ T5221] attempt to access beyond end of device [ 385.372813][ T5221] loop4: rw=2049, want=45104, limit=40427 [ 385.393801][ T4786] usb 3-1: Using ep0 maxpacket: 32 [ 386.260199][ T8345] loop0: detected capacity change from 0 to 2048 [ 386.424435][ T4786] usb 3-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32 [ 386.477471][ T4786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.592838][ T4786] usb 3-1: Product: syz [ 386.633247][ T4786] usb 3-1: Manufacturer: syz [ 386.677683][ T4786] usb 3-1: SerialNumber: syz [ 386.791595][ T4786] usb 3-1: config 0 descriptor?? [ 386.924862][ T8345] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 386.935710][ T8345] ext4 filesystem being mounted at /287/bus supports timestamps until 2038 (0x7fffffff) [ 387.040807][ T8353] netlink: 'syz.4.1360': attribute type 2 has an invalid length. [ 387.043043][ T8351] loop1: detected capacity change from 0 to 1024 [ 387.050887][ T8353] netlink: 'syz.4.1360': attribute type 1 has an invalid length. [ 387.067385][ T8353] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1360'. [ 387.213527][ T8351] EXT4-fs (loop1): Ignoring removed orlov option [ 387.224812][ T8351] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 387.266887][ T8351] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 388.437633][ T4786] usb 3-1: USB disconnect, device number 16 [ 388.804187][ T8386] loop4: detected capacity change from 0 to 2048 [ 391.475707][ T8386] EXT4-fs warning (device loop4): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop4. [ 391.813847][ T8405] dccp_invalid_packet: P.Data Offset(0) too small [ 391.815050][ T8396] loop4: detected capacity change from 0 to 512 [ 391.849258][ T8405] tipc: Enabled bearer , priority 10 [ 392.046731][ T8409] loop3: detected capacity change from 0 to 2048 [ 392.512912][ T8396] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a003c019, mo2=0000] [ 392.580615][ T8396] System zones: 0-2, 18-18, 34-34 [ 392.584262][ T8409] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 392.596656][ T8409] ext4 filesystem being mounted at /177/bus supports timestamps until 2038 (0x7fffffff) [ 392.677068][ T8396] EXT4-fs error (device loop4): mb_free_blocks:1865: group 0, inode 16: block 41:freeing already freed block (bit 41); block bitmap corrupt. [ 392.702436][ T8396] EXT4-fs (loop4): 1 orphan inode deleted [ 392.718997][ T8396] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,sysvgroups,dioread_lock,debug,noauto_da_alloc,resgid=0x0000000000000000,barrier,nodelalloc,nombcache,,errors=continue. Quota mode: writeback. [ 392.788369][ T8396] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038 (0x7fffffff) [ 394.915040][ T8457] dccp_invalid_packet: P.Data Offset(0) too small [ 395.712604][ T8457] tipc: Started in network mode [ 395.868798][ T8464] loop4: detected capacity change from 0 to 1024 [ 395.913952][ T8457] tipc: Node identity ac1414aa, cluster identity 4711 [ 395.955127][ T8457] tipc: Enabled bearer , priority 10 [ 396.090775][ T8464] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #4: comm syz.4.1394: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 396.140561][ T8464] EXT4-fs error (device loop4): ext4_quota_enable:6390: comm syz.4.1394: Bad quota inode: 4, type: 1 [ 396.194125][ T8464] EXT4-fs warning (device loop4): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 396.312183][ T8464] EXT4-fs (loop4): mount failed [ 396.610895][ T8464] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1394'. [ 396.699684][ T8483] loop2: detected capacity change from 0 to 256 [ 397.205471][ T7] tipc: Node number set to 2886997162 [ 398.946252][ T26] audit: type=1326 audit(1723768020.469:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.1.1410" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x0 [ 398.985945][ T8507] capability: warning: `syz.3.1411' uses deprecated v2 capabilities in a way that may be insecure [ 398.986999][ T8502] dccp_invalid_packet: P.Data Offset(0) too small [ 399.131612][ T8502] tipc: Started in network mode [ 399.137903][ T8516] loop2: detected capacity change from 0 to 1024 [ 399.151274][ T8502] tipc: Node identity ac1414aa, cluster identity 4711 [ 399.200757][ T8522] loop3: detected capacity change from 0 to 256 [ 399.214160][ T8502] tipc: Enabled bearer , priority 10 [ 399.260214][ T8516] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #4: comm syz.2.1413: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 399.271875][ T8525] loop1: detected capacity change from 0 to 512 [ 399.282140][ T8516] EXT4-fs error (device loop2): ext4_quota_enable:6390: comm syz.2.1413: Bad quota inode: 4, type: 1 [ 399.313844][ T8516] EXT4-fs warning (device loop2): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 399.355001][ T8516] EXT4-fs (loop2): mount failed [ 399.507020][ T8525] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.1416: casefold flag without casefold feature [ 399.729965][ T8528] loop4: detected capacity change from 0 to 2048 [ 399.900532][ T8525] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.1416: missing EA_INODE flag [ 399.968235][ T8525] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1416: error while reading EA inode 12 err=-117 [ 400.253808][ T4786] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 400.324407][ T3621] tipc: Node number set to 2886997162 [ 400.476859][ T8525] EXT4-fs (loop1): 1 orphan inode deleted [ 400.504821][ T8528] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 400.533994][ T8525] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 400.598505][ T26] audit: type=1800 audit(1723768022.119:226): pid=8528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1417" name="memory.events" dev="loop4" ino=18 res=0 errno=0 [ 400.623715][ T8516] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1413'. [ 400.852110][ T26] audit: type=1804 audit(1723768022.199:227): pid=8547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1417" name="/newroot/204/file1/memory.events" dev="loop4" ino=18 res=1 errno=0 [ 400.879185][ T8528] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 400.895927][ T8528] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 400.908971][ T8528] EXT4-fs (loop4): This should not happen!! Data will be lost [ 400.908971][ T8528] [ 400.918673][ T8528] EXT4-fs (loop4): Total free blocks count 0 [ 400.924700][ T8528] EXT4-fs (loop4): Free/Dirty block details [ 400.930600][ T8528] EXT4-fs (loop4): free_blocks=2415919104 [ 400.936370][ T8528] EXT4-fs (loop4): dirty_blocks=32 [ 400.941487][ T8528] EXT4-fs (loop4): Block reservation details [ 400.947488][ T8528] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 400.958275][ T26] audit: type=1804 audit(1723768022.399:228): pid=8528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1417" name="/newroot/204/file1/memory.events" dev="loop4" ino=18 res=1 errno=0 [ 401.123908][ T4786] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 401.143781][ T4786] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 401.243791][ T4786] usb 4-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 401.290891][ T4786] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.343318][ T4786] usb 4-1: config 0 descriptor?? [ 401.405314][ T4786] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 401.529795][ T8560] input: syz0 as /devices/virtual/input/input8 [ 401.589076][ T8563] input: syz0 as /devices/virtual/input/input9 [ 401.835605][ T8567] loop3: detected capacity change from 0 to 1024 [ 403.058819][ T8574] loop1: detected capacity change from 0 to 256 [ 403.069977][ T8578] dccp_invalid_packet: P.Data Offset(0) too small [ 403.092626][ T8578] tipc: Started in network mode [ 403.097815][ T8578] tipc: Node identity ac1414aa, cluster identity 4711 [ 403.106430][ T8578] tipc: Enabled bearer , priority 10 [ 405.472741][ T7] tipc: Node number set to 2886997162 [ 405.601316][ T3627] usb 4-1: USB disconnect, device number 23 [ 405.692950][ T8591] loop1: detected capacity change from 0 to 1024 [ 405.830794][ T8591] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #4: comm syz.1.1434: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 405.909374][ T8605] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1439'. [ 405.957289][ T8591] EXT4-fs error (device loop1): ext4_quota_enable:6390: comm syz.1.1434: Bad quota inode: 4, type: 1 [ 405.989573][ T8605] 8021q: VLANs not supported on ipvlan1 [ 406.049265][ T8591] EXT4-fs warning (device loop1): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 406.127593][ T8591] EXT4-fs (loop1): mount failed [ 406.250525][ T8607] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 407.029253][ T8631] loop3: detected capacity change from 0 to 1024 [ 407.056497][ T8635] loop4: detected capacity change from 0 to 256 [ 407.189985][ T8631] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #4: comm syz.3.1457: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 407.242113][ T8642] loop2: detected capacity change from 0 to 256 [ 407.450442][ T8631] EXT4-fs error (device loop3): ext4_quota_enable:6390: comm syz.3.1457: Bad quota inode: 4, type: 1 [ 407.478484][ T8631] EXT4-fs warning (device loop3): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 408.730480][ T8651] loop1: detected capacity change from 0 to 2048 [ 409.215370][ T8631] EXT4-fs (loop3): mount failed [ 409.373203][ T8651] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 409.384043][ T8651] ext4 filesystem being mounted at /222/bus supports timestamps until 2038 (0x7fffffff) [ 413.999462][ T8688] vivid-002: disconnect [ 414.023411][ T8687] vivid-002: reconnect [ 414.253748][ T3627] usb 4-1: new full-speed USB device number 24 using dummy_hcd [ 415.068968][ T8702] vivid-000: disconnect [ 415.076697][ T8701] vivid-000: reconnect [ 415.178926][ T8708] loop0: detected capacity change from 0 to 512 [ 415.231232][ T8712] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1473'. [ 415.373910][ T3627] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 415.509905][ T8708] EXT4-fs (loop0): Ignoring removed oldalloc option [ 416.032255][ T3627] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 416.042595][ T8708] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1470: Parent and EA inode have the same ino 15 [ 416.125468][ T3627] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 416.136985][ T3627] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 416.146321][ T3627] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.173451][ T8708] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1470: Parent and EA inode have the same ino 15 [ 416.192839][ T8708] EXT4-fs (loop0): 1 orphan inode deleted [ 416.201069][ T3627] hub 4-1:1.0: bad descriptor, ignoring hub [ 416.207680][ T3627] hub: probe of 4-1:1.0 failed with error -5 [ 416.215594][ T3627] cdc_wdm 4-1:1.0: skipping garbage [ 416.221725][ T8708] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsdgroups,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,bsdgroups,oldalloc,usrjquota=,,errors=continue. Quota mode: none. [ 416.254124][ T3627] cdc_wdm 4-1:1.0: skipping garbage [ 416.259539][ T3627] cdc_wdm: probe of 4-1:1.0 failed with error -22 [ 416.459173][ T8730] vivid-002: disconnect [ 416.465053][ T8729] vivid-002: reconnect [ 416.468804][ T8728] smc: net device vxcan1 applied user defined pnetid SYZ1 [ 416.612221][ T3627] usb 4-1: USB disconnect, device number 24 [ 418.785478][ T8751] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1485'. [ 418.857733][ T8757] loop1: detected capacity change from 0 to 512 [ 418.948194][ T8757] EXT4-fs (loop1): Ignoring removed oldalloc option [ 419.017398][ T8757] EXT4-fs error (device loop1): ext4_xattr_inode_iget:400: comm syz.1.1491: Parent and EA inode have the same ino 15 [ 419.041048][ T8757] EXT4-fs error (device loop1): ext4_xattr_inode_iget:400: comm syz.1.1491: Parent and EA inode have the same ino 15 [ 419.090530][ T8757] EXT4-fs (loop1): 1 orphan inode deleted [ 419.184955][ T8757] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsdgroups,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,bsdgroups,oldalloc,usrjquota=,,errors=continue. Quota mode: none. [ 420.039191][ T8773] vivid-008: disconnect [ 420.062549][ T8772] vivid-008: reconnect [ 421.017068][ T8782] netlink: 'syz.1.1499': attribute type 29 has an invalid length. [ 421.026378][ T8782] netlink: 'syz.1.1499': attribute type 29 has an invalid length. [ 421.198877][ T8782] netlink: 'syz.1.1499': attribute type 29 has an invalid length. [ 421.249670][ T8786] netlink: 'syz.1.1499': attribute type 29 has an invalid length. [ 421.408554][ T8787] loop4: detected capacity change from 0 to 2048 [ 421.445996][ T8782] netlink: 'syz.1.1499': attribute type 29 has an invalid length. [ 421.743518][ T8787] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 421.755056][ T8787] ext4 filesystem being mounted at /224/bus supports timestamps until 2038 (0x7fffffff) [ 421.918459][ T8762] loop2: detected capacity change from 0 to 40427 [ 421.941959][ T8760] loop3: detected capacity change from 0 to 40427 [ 423.217522][ T8807] loop4: detected capacity change from 0 to 512 [ 423.383193][ T8811] loop2: detected capacity change from 0 to 2048 [ 423.869092][ T3627] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 426.183396][ T3627] usb 2-1: Using ep0 maxpacket: 8 [ 426.261491][ T8807] EXT4-fs (loop4): Ignoring removed oldalloc option [ 426.298977][ T8807] EXT4-fs: failed to create workqueue [ 426.331341][ T8811] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 426.343898][ T8807] EXT4-fs (loop4): mount failed [ 426.343921][ T3627] usb 2-1: device descriptor read/all, error -71 [ 427.480378][ T8827] loop1: detected capacity change from 0 to 512 [ 427.482992][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length. [ 427.498474][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length. [ 427.516409][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length. [ 427.526082][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length. [ 427.535456][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length. [ 427.682083][ T8827] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 427.704084][ T8827] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038 (0x7fffffff) [ 427.732295][ T26] audit: type=1326 audit(1723768049.249:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 427.794746][ T26] audit: type=1326 audit(1723768049.249:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 427.818317][ T26] audit: type=1326 audit(1723768049.249:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 427.842637][ T26] audit: type=1326 audit(1723768049.249:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 427.865641][ T26] audit: type=1326 audit(1723768049.249:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 427.896830][ T26] audit: type=1326 audit(1723768049.249:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 427.924644][ T26] audit: type=1326 audit(1723768049.249:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 428.001805][ T26] audit: type=1326 audit(1723768049.249:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 428.039899][ T8849] loop3: detected capacity change from 0 to 512 [ 428.052922][ T26] audit: type=1326 audit(1723768049.249:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 428.077299][ T26] audit: type=1326 audit(1723768049.249:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000 [ 428.102496][ T8852] loop2: detected capacity change from 0 to 512 [ 428.174080][ T8849] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 428.191182][ T8849] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038 (0x7fffffff) [ 428.210221][ T8852] EXT4-fs (loop2): Ignoring removed oldalloc option [ 428.348455][ T8852] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.1523: Parent and EA inode have the same ino 15 [ 428.378126][ T8852] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.1523: Parent and EA inode have the same ino 15 [ 428.395509][ T8852] EXT4-fs (loop2): 1 orphan inode deleted [ 428.401265][ T8852] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsdgroups,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,bsdgroups,oldalloc,usrjquota=,,errors=continue. Quota mode: none. [ 429.212163][ T8867] loop0: detected capacity change from 0 to 256 [ 429.611846][ T8876] netlink: 'syz.3.1528': attribute type 29 has an invalid length. [ 429.678535][ T8876] netlink: 'syz.3.1528': attribute type 29 has an invalid length. [ 430.117413][ T8876] netlink: 'syz.3.1528': attribute type 29 has an invalid length. [ 430.186046][ T8879] netlink: 'syz.3.1528': attribute type 29 has an invalid length. [ 430.249568][ T8881] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1530'. [ 430.342105][ T8882] netlink: 'syz.3.1528': attribute type 29 has an invalid length. [ 430.358809][ T8886] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1532'. [ 430.398551][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 430.449781][ T8886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1532'. [ 430.813942][ T8898] loop3: detected capacity change from 0 to 1024 [ 430.844346][ T8897] loop0: detected capacity change from 0 to 512 [ 431.017502][ T8898] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,debug_want_extra_isize=0x0000000000000082,bsddf,max_batch_time=0x0000000000000003,data=ordered,grpjquota=,usrquota,init_itable,,errors=continue. Quota mode: writeback. [ 431.053194][ T8911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1541'. [ 431.227712][ T8897] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 431.253229][ T8897] ext4 filesystem being mounted at /323/file0 supports timestamps until 2038 (0x7fffffff) [ 432.633805][ T3614] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 432.936973][ T3614] usb 2-1: Using ep0 maxpacket: 32 [ 433.012382][ T8957] tipc: Enabling of bearer rejected, already enabled [ 433.044836][ T8957] tipc: Disabling bearer [ 433.076868][ T3614] usb 2-1: config 0 has an invalid interface number: 111 but max is 1 [ 433.093873][ T3614] usb 2-1: config 0 has no interface number 1 [ 433.109280][ T1967] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 433.117817][ T3614] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 433.149119][ T8946] loop4: detected capacity change from 0 to 32768 [ 433.224700][ T8946] XFS: attr2 mount option is deprecated. [ 433.230791][ T8946] XFS: ikeep mount option is deprecated. [ 433.243983][ T8946] XFS: noikeep mount option is deprecated. [ 433.313023][ T8946] XFS (loop4): Mounting V5 Filesystem [ 433.333948][ T3614] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 433.343752][ T3614] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 433.351803][ T3614] usb 2-1: Product: syz [ 433.357168][ T3614] usb 2-1: Manufacturer: syz [ 433.362647][ T3614] usb 2-1: SerialNumber: syz [ 433.374329][ T3614] usb 2-1: config 0 descriptor?? [ 433.393765][ T1967] usb 4-1: Using ep0 maxpacket: 16 [ 433.399704][ T8946] XFS (loop4): Ending clean mount [ 433.432027][ T8946] XFS (loop4): Quotacheck needed: Please wait. [ 433.529290][ T8946] XFS (loop4): Quotacheck: Done. [ 433.534891][ T1967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 433.554293][ T1967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 433.565366][ T1967] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 433.579373][ T1967] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 433.588817][ T1967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.600338][ T1967] usb 4-1: config 0 descriptor?? [ 433.624136][ T3614] snd-usb-6fire 2-1:0.111: unable to receive device firmware state. [ 433.639670][ T3614] snd-usb-6fire: probe of 2-1:0.111 failed with error -71 [ 433.658816][ T3614] usb 2-1: USB disconnect, device number 28 [ 433.699157][ T5221] XFS (loop4): Unmounting Filesystem [ 434.128549][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.135867][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.143126][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.151039][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.158654][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.166420][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.173719][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.182002][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.312015][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.517263][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 434.924616][ T1967] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0005/input/input10 [ 434.952025][ T8994] loop4: detected capacity change from 0 to 512 [ 434.977315][ T8993] loop0: detected capacity change from 0 to 2048 [ 435.036506][ T8993] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 435.052060][ T8993] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 435.071312][ T8993] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 435.072598][ T1967] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 435.079231][ T8993] UDF-fs: Scanning with blocksize 512 failed [ 435.111922][ T8994] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 435.131651][ T8994] ext4 filesystem being mounted at /239/file0 supports timestamps until 2038 (0x7fffffff) [ 435.133946][ T1967] usb 4-1: USB disconnect, device number 25 [ 435.157023][ T8993] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 436.149127][ T9009] loop3: detected capacity change from 0 to 512 [ 436.184453][ T9010] syz.1.1575 uses old SIOCAX25GETINFO [ 436.251493][ T9016] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1565'. [ 436.276563][ T9009] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.1566: casefold flag without casefold feature [ 436.339110][ T9016] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1565'. [ 436.406992][ T9009] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.1566: missing EA_INODE flag [ 436.453035][ T9009] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1566: error while reading EA inode 12 err=-117 [ 436.472463][ T9022] loop1: detected capacity change from 0 to 2048 [ 436.480404][ T9009] EXT4-fs (loop3): 1 orphan inode deleted [ 436.613146][ T9009] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 437.137155][ T9022] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 437.165963][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 437.165981][ T26] audit: type=1800 audit(1723768058.689:252): pid=9022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1570" name="memory.events" dev="loop1" ino=18 res=0 errno=0 [ 437.365913][ T26] audit: type=1804 audit(1723768058.719:253): pid=9022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1570" name="/newroot/246/file1/memory.events" dev="loop1" ino=18 res=1 errno=0 [ 437.997798][ T9039] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 438.013115][ T9039] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 438.025554][ T9039] EXT4-fs (loop1): This should not happen!! Data will be lost [ 438.025554][ T9039] [ 438.035503][ T9039] EXT4-fs (loop1): Total free blocks count 0 [ 438.041532][ T9039] EXT4-fs (loop1): Free/Dirty block details [ 438.047713][ T9039] EXT4-fs (loop1): free_blocks=2415919104 [ 438.053487][ T9039] EXT4-fs (loop1): dirty_blocks=32 [ 438.058695][ T9039] EXT4-fs (loop1): Block reservation details [ 438.064880][ T9039] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 438.254526][ T26] audit: type=1804 audit(1723768059.509:254): pid=9039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1570" name="/newroot/246/file1/memory.events" dev="loop1" ino=18 res=1 errno=0 [ 439.210135][ T9051] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd [ 439.248372][ T9052] loop2: detected capacity change from 0 to 512 [ 439.463706][ T9054] loop4: detected capacity change from 0 to 1024 [ 440.473940][ T9054] EXT4-fs (loop4): Test dummy encryption mode enabled [ 440.480833][ T9054] EXT4-fs (loop4): Ignoring removed orlov option [ 440.581031][ T9054] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 440.630198][ T9052] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 440.678716][ T9052] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038 (0x7fffffff) [ 441.206822][ T1388] ieee802154 phy0 wpan0: encryption failed: -22 [ 441.214446][ T1388] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.560089][ T9096] loop3: detected capacity change from 0 to 256 [ 445.224785][ T9100] binder: BINDER_SET_CONTEXT_MGR already set [ 445.231402][ T9100] binder: 9085:9100 ioctl 4018620d 20000040 returned -16 [ 445.243613][ T9100] binder: 9085:9100 ioctl c0306201 0 returned -14 [ 446.034293][ T9104] loop2: detected capacity change from 0 to 512 [ 446.178248][ T9095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 446.188996][ T9095] FAT-fs (loop3): Filesystem has been set read-only [ 446.195923][ T9095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 446.207977][ T9095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 446.218731][ T26] audit: type=1800 audit(1723768067.739:255): pid=9095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1587" name="file1" dev="loop3" ino=1048635 res=0 errno=0 [ 446.239724][ T9095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 448.018380][ T9123] IPv6: Can't replace route, no match found [ 448.051910][ T9123] loop0: detected capacity change from 0 to 1764 [ 448.936109][ T9104] EXT4-fs warning (device loop2): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop2. [ 450.028075][ T9126] loop1: detected capacity change from 0 to 512 [ 450.178680][ T9126] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 450.306580][ T9126] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038 (0x7fffffff) [ 454.363810][ T1313] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 455.223628][ T1313] usb 5-1: Using ep0 maxpacket: 16 [ 455.343977][ T1313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 455.376050][ T1313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 455.399836][ T1313] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 455.422741][ T1313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.465193][ T1313] usb 5-1: config 0 descriptor?? [ 456.263784][ T3627] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 456.621563][ T9202] loop0: detected capacity change from 0 to 2048 [ 456.624040][ T1313] usbhid 5-1:0.0: can't add hid device: -71 [ 456.802634][ T1313] usbhid: probe of 5-1:0.0 failed with error -71 [ 456.811942][ T1313] usb 5-1: USB disconnect, device number 30 [ 457.756544][ T9202] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 457.785762][ T9202] ext4 filesystem being mounted at /341/file0 supports timestamps until 2038 (0x7fffffff) [ 457.933851][ T3627] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 457.953973][ T3627] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 457.971078][ T3627] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 457.991294][ T3627] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 458.363770][ T3627] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 459.383289][ T3627] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 459.413251][ T3627] usb 4-1: Product: syz [ 460.284296][ T3627] usb 4-1: can't set config #1, error -71 [ 460.336218][ T3627] usb 4-1: USB disconnect, device number 26 [ 461.382362][ T9248] loop2: detected capacity change from 0 to 512 [ 462.458770][ T9248] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1628: bg 0: block 97: padding at end of block bitmap is not set [ 462.604237][ T9248] Quota error (device loop2): write_blk: dquota write failed [ 462.612418][ T9248] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 462.673004][ T9248] EXT4-fs error (device loop2): ext4_acquire_dquot:6196: comm syz.2.1628: Failed to acquire dquot type 0 [ 462.681976][ T9264] loop3: detected capacity change from 0 to 1024 [ 462.700112][ T9248] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #15: comm syz.2.1628: corrupted xattr block 19 [ 462.714109][ T9248] EXT4-fs warning (device loop2): ext4_evict_inode:302: xattr delete (err -117) [ 462.727043][ T9248] EXT4-fs (loop2): 1 orphan inode deleted [ 462.732825][ T9248] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 462.744739][ T3695] Quota error (device loop2): remove_tree: Getting block too big (0 >= 6) [ 462.747130][ T9248] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038 (0x7fffffff) [ 462.770526][ T1313] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 462.777443][ T3695] EXT4-fs error (device loop2): ext4_release_dquot:6219: comm kworker/u4:8: Failed to release dquot type 0 [ 462.914845][ T3695] hfsplus: b-tree write err: -5, ino 4 [ 465.873820][ T1313] usb 2-1: unable to read config index 0 descriptor/all [ 465.887751][ T1313] usb 2-1: can't read configurations, error -71 [ 466.991684][ T9293] loop4: detected capacity change from 0 to 4096 [ 467.158998][ T9293] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 467.207833][ T9307] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 467.578690][ T9314] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1647'. [ 468.690085][ T9324] "syz.1.1649" (9324) uses obsolete ecb(arc4) skcipher [ 470.946965][ T9332] loop0: detected capacity change from 0 to 4096 [ 470.996748][ T9337] "syz.2.1663" (9337) uses obsolete ecb(arc4) skcipher [ 471.727606][ T9332] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 473.655998][ T3625] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 474.593911][ T3625] usb 5-1: config 0 has an invalid interface number: 18 but max is 0 [ 474.608346][ T3625] usb 5-1: config 0 has no interface number 0 [ 474.655568][ T3625] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 475.929448][ T3625] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 476.204343][ T3625] usb 5-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 476.232440][ T9370] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1659'. [ 476.287021][ T3625] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 476.350820][ T3625] usb 5-1: Manufacturer: syz [ 476.401988][ T3625] usb 5-1: config 0 descriptor?? [ 476.446451][ T3625] usb 5-1: can't set config #0, error -71 [ 476.474589][ T3625] usb 5-1: USB disconnect, device number 31 [ 476.971153][ T3616] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 477.891667][ T3616] usb 1-1: Using ep0 maxpacket: 8 [ 478.774048][ T3616] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 478.784082][ T9384] chnl_net:caif_netlink_parms(): no params data found [ 478.922072][ T9384] bridge0: port 1(bridge_slave_0) entered blocking state [ 478.930260][ T9384] bridge0: port 1(bridge_slave_0) entered disabled state [ 478.939693][ T9384] device bridge_slave_0 entered promiscuous mode [ 478.949211][ T9384] bridge0: port 2(bridge_slave_1) entered blocking state [ 478.953803][ T1313] Bluetooth: hci5: command 0x0409 tx timeout [ 478.957546][ T3616] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 478.972140][ T9384] bridge0: port 2(bridge_slave_1) entered disabled state [ 478.981380][ T3616] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 478.996978][ T9384] device bridge_slave_1 entered promiscuous mode [ 479.011405][ T3616] usb 1-1: Product: syz [ 479.019344][ T3616] usb 1-1: Manufacturer: syz [ 479.024457][ T3616] usb 1-1: SerialNumber: syz [ 479.031016][ T3616] usb 1-1: config 0 descriptor?? [ 479.047562][ T9384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 479.060454][ T9384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 479.089272][ T3616] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 479.127578][ T9384] team0: Port device team_slave_0 added [ 479.139589][ T9384] team0: Port device team_slave_1 added [ 479.178784][ T9384] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 479.192530][ T9384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 479.227317][ T9384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 479.245269][ T9384] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 479.252291][ T9384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 479.278733][ T9384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 479.334608][ T9384] device hsr_slave_0 entered promiscuous mode [ 479.342511][ T9384] device hsr_slave_1 entered promiscuous mode [ 479.350286][ T9384] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 479.358530][ T9384] Cannot create hsr debugfs directory [ 479.458948][ T9384] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.519856][ T9384] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.585688][ T9384] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.672702][ T9384] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.782573][ T9384] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 479.796563][ T9384] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 479.805902][ T9384] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 479.814937][ T9384] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 479.898945][ T9384] 8021q: adding VLAN 0 to HW filter on device bond0 [ 479.916684][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 479.925504][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 479.935835][ T9384] 8021q: adding VLAN 0 to HW filter on device team0 [ 479.946747][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 479.956060][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 479.965953][ T3614] bridge0: port 1(bridge_slave_0) entered blocking state [ 479.973007][ T3614] bridge0: port 1(bridge_slave_0) entered forwarding state [ 479.985849][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 479.994868][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 480.003475][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 480.012056][ T3625] bridge0: port 2(bridge_slave_1) entered blocking state [ 480.019120][ T3625] bridge0: port 2(bridge_slave_1) entered forwarding state [ 480.037246][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 480.053789][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 480.063365][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 480.074325][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 480.083361][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 480.106183][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 480.116130][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 480.125056][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 480.133484][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 480.154781][ T9384] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 480.166501][ T9384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 480.175242][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 480.183835][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 480.299181][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 480.306805][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 480.322970][ T9384] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 480.365642][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 480.374892][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 480.389591][ T9] device hsr_slave_0 left promiscuous mode [ 480.398571][ T9] device hsr_slave_1 left promiscuous mode [ 480.405649][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 480.413147][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 480.421417][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 480.431520][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 480.439731][ T9] device bridge_slave_0 left promiscuous mode [ 480.446210][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 480.458922][ T9] device veth1_macvtap left promiscuous mode [ 480.465682][ T9] device veth0_macvtap left promiscuous mode [ 480.471751][ T9] device veth1_vlan left promiscuous mode [ 480.477720][ T9] device veth0_vlan left promiscuous mode [ 480.633287][ T9] team0 (unregistering): Port device team_slave_1 removed [ 480.652386][ T9] team0 (unregistering): Port device team_slave_0 removed [ 480.670040][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 480.684197][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 480.749404][ T9] bond0 (unregistering): Released all slaves [ 480.794103][ T3616] gspca_zc3xx: reg_w_i err -71 [ 480.831276][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 480.840055][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 480.850823][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 480.859096][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 480.867252][ T9384] device veth0_vlan entered promiscuous mode [ 480.887245][ T9384] device veth1_vlan entered promiscuous mode [ 480.914764][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 480.923449][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 480.938965][ T9384] device veth0_macvtap entered promiscuous mode [ 480.950291][ T9384] device veth1_macvtap entered promiscuous mode [ 480.967809][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.979763][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.989664][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.000750][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.010924][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.021799][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.034532][ T3618] Bluetooth: hci5: command 0x041b tx timeout [ 481.036799][ T9384] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 481.048667][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 481.057612][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 481.066019][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 481.075279][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 481.087622][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.098203][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.108815][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.119917][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.132153][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.144290][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.154217][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.164753][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.176462][ T9384] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 481.201344][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 481.210505][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 481.222101][ T9384] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.231514][ T9384] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.240730][ T9384] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.249824][ T9384] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.360052][ T3693] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 481.372925][ T3693] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.395101][ T3695] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 481.403296][ T3695] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.410414][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 481.422495][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 481.476353][ T3616] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 481.482696][ T3616] gspca_zc3xx: probe of 1-1:0.0 failed with error -71 [ 481.495109][ T3616] usb 1-1: USB disconnect, device number 24 [ 482.779948][ T9425] "syz.0.1679" (9425) uses obsolete ecb(arc4) skcipher [ 483.636598][ T3618] Bluetooth: hci5: command 0x040f tx timeout [ 484.664173][ T9438] "syz.4.1684" (9438) uses obsolete ecb(arc4) skcipher [ 485.757969][ T3614] Bluetooth: hci5: command 0x0419 tx timeout [ 485.983292][ T9432] loop2: detected capacity change from 0 to 4096 [ 489.850114][ T9456] loop3: detected capacity change from 0 to 512 [ 489.862129][ T9460] loop2: detected capacity change from 0 to 512 [ 489.902813][ T9462] device vlan2 entered promiscuous mode [ 489.948235][ T9456] EXT4-fs (loop3): Unrecognized mount option "euid>00000000000000000000" or missing value [ 489.969379][ T9462] device gretap0 entered promiscuous mode [ 490.016734][ T9462] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready [ 490.096133][ T9460] EXT4-fs (loop2): 1 orphan inode deleted [ 490.101900][ T9460] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 490.203761][ T9460] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038 (0x7fffffff) [ 490.417413][ T9462] device gretap0 left promiscuous mode [ 491.011097][ T9483] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1687'. [ 491.032247][ T9487] loop0: detected capacity change from 0 to 512 [ 491.144848][ T9497] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1687'. [ 491.170161][ T9489] device vlan0 entered promiscuous mode [ 491.200728][ T9489] device gretap0 entered promiscuous mode [ 491.209326][ T9489] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 491.246646][ T9489] device gretap0 left promiscuous mode [ 491.297282][ T9487] EXT4-fs (loop0): 1 orphan inode deleted [ 491.311138][ T9487] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 491.335201][ T9487] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038 (0x7fffffff) [ 491.347241][ T9501] loop3: detected capacity change from 0 to 2048 [ 491.478491][ T9495] loop1: detected capacity change from 0 to 4096 [ 491.560852][ T9501] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 492.251986][ T9501] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,abort,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none. [ 492.300156][ T9495] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 492.483705][ T9483] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 492.490341][ T9483] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 492.524287][ T9483] vhci_hcd vhci_hcd.0: Device attached [ 492.539545][ T9518] vhci_hcd: connection closed [ 492.543089][ T5113] vhci_hcd: stop threads [ 492.560113][ T5113] vhci_hcd: release socket [ 492.564966][ T5113] vhci_hcd: disconnect device [ 493.153775][ T9526] device vlan2 entered promiscuous mode [ 493.180763][ T9526] device gretap0 entered promiscuous mode [ 493.189746][ T9526] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready [ 493.208285][ T9526] device gretap0 left promiscuous mode [ 493.374373][ T9525] validate_nla: 5 callbacks suppressed [ 493.374393][ T9525] netlink: 'syz.4.1690': attribute type 10 has an invalid length. [ 493.699952][ T9525] team0: Port device netdevsim0 added [ 494.211639][ T9546] device vlan2 entered promiscuous mode [ 494.228350][ T9546] device gretap0 entered promiscuous mode [ 494.255448][ T9546] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready [ 494.306918][ T9558] loop4: detected capacity change from 0 to 512 [ 494.319555][ T9546] device gretap0 left promiscuous mode [ 494.444438][ T7] usb 3-1: new full-speed USB device number 17 using dummy_hcd [ 494.857511][ T9558] EXT4-fs (loop4): 1 orphan inode deleted [ 494.864681][ T7] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 494.943791][ T9558] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 494.955582][ T7] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 494.974675][ T7] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24948, setting to 64 [ 494.986471][ T7] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 494.996032][ T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.034642][ T9547] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 495.052673][ T9558] ext4 filesystem being mounted at /266/file1 supports timestamps until 2038 (0x7fffffff) [ 495.074883][ T7] hub 3-1:1.0: bad descriptor, ignoring hub [ 495.080844][ T7] hub: probe of 3-1:1.0 failed with error -5 [ 495.099940][ T7] cdc_wdm 3-1:1.0: skipping garbage [ 495.105588][ T7] cdc_wdm 3-1:1.0: skipping garbage [ 495.151546][ T9567] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1703'. [ 495.165059][ T7] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 495.199983][ T7] cdc_wdm 3-1:1.0: Unknown control protocol [ 495.265956][ T9567] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1703'. [ 495.995780][ T9567] loop0: detected capacity change from 0 to 2048 [ 496.024528][ T9580] netlink: 'syz.1.1708': attribute type 10 has an invalid length. [ 496.094117][ T9567] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 496.131982][ T7] usb 3-1: USB disconnect, device number 17 [ 496.195129][ T9580] team0: Port device netdevsim0 added [ 496.315420][ T9567] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,abort,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none. [ 496.836106][ T9567] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 496.842739][ T9567] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 496.843629][ T7] usb 3-1: new low-speed USB device number 18 using dummy_hcd [ 496.856983][ T9567] vhci_hcd vhci_hcd.0: Device attached [ 496.906006][ T9596] vhci_hcd: connection closed [ 496.908675][ T3696] vhci_hcd: stop threads [ 496.940944][ T3696] vhci_hcd: release socket [ 496.969555][ T3696] vhci_hcd: disconnect device [ 497.233745][ T9613] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1712'. [ 497.313720][ T7] usb 3-1: device not accepting address 18, error -71 [ 497.350477][ T9613] team0: Device ipvlan1 failed to register rx_handler [ 499.463690][ T1313] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 499.692577][ T9640] device vlan2 entered promiscuous mode [ 499.699547][ T9640] device gretap0 entered promiscuous mode [ 499.709927][ T9640] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready [ 499.731649][ T9640] device gretap0 left promiscuous mode [ 499.754747][ T1313] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 499.843872][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 499.858949][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 499.875092][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0 [ 499.963927][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 499.965707][ T9646] loop3: detected capacity change from 0 to 512 [ 499.982777][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 500.002536][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0 [ 500.093695][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 500.109356][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 500.134835][ T9646] EXT4-fs (loop3): 1 orphan inode deleted [ 500.141858][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0 [ 500.142952][ T9646] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 500.174003][ T9646] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038 (0x7fffffff) [ 500.235783][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 500.262258][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 500.293011][ T9651] netlink: 'syz.2.1721': attribute type 10 has an invalid length. [ 500.306668][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0 [ 500.371263][ T9651] team0: Port device netdevsim0 added [ 500.400293][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 500.418670][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 500.490496][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0 [ 501.173924][ T9657] loop2: detected capacity change from 0 to 2048 [ 501.214292][ T9662] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1726'. [ 501.224049][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 501.233048][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 501.248868][ T9662] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1726'. [ 501.263793][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0 [ 501.286370][ T9662] loop1: detected capacity change from 0 to 2048 [ 501.316442][ T9657] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 501.338512][ T9662] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 501.382917][ T26] audit: type=1800 audit(1723768122.899:256): pid=9657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1723" name="memory.events" dev="loop2" ino=18 res=0 errno=0 [ 501.424837][ T1313] usb 5-1: unable to read config index 6 descriptor/all [ 501.443673][ T9670] loop0: detected capacity change from 0 to 4096 [ 501.470681][ T1313] usb 5-1: can't read configurations, error -71 [ 501.553744][ T9670] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 501.582451][ T9662] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,abort,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none. [ 501.617868][ T26] audit: type=1804 audit(1723768122.939:257): pid=9657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1723" name="/newroot/264/file1/memory.events" dev="loop2" ino=18 res=1 errno=0 [ 501.838250][ T9679] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 501.856115][ T9679] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 501.869391][ T9679] EXT4-fs (loop2): This should not happen!! Data will be lost [ 501.869391][ T9679] [ 501.879270][ T9679] EXT4-fs (loop2): Total free blocks count 0 [ 501.885356][ T9679] EXT4-fs (loop2): Free/Dirty block details [ 501.891321][ T9679] EXT4-fs (loop2): free_blocks=2415919104 [ 501.897148][ T9679] EXT4-fs (loop2): dirty_blocks=32 [ 501.902304][ T9679] EXT4-fs (loop2): Block reservation details [ 501.908371][ T9679] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 502.117216][ T1059] block nbd4: Attempted send on invalid socket [ 502.125535][ T1059] blk_update_request: I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0 [ 502.170565][ T9681] hfsplus: unable to find HFS+ superblock [ 502.242649][ T9662] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10) [ 502.249286][ T9662] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 502.259550][ T9662] vhci_hcd vhci_hcd.0: Device attached [ 502.269650][ T9682] vhci_hcd: connection closed [ 502.273914][ T3696] vhci_hcd: stop threads [ 502.283133][ T3696] vhci_hcd: release socket [ 502.361723][ T3696] vhci_hcd: disconnect device [ 502.421403][ T9688] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1732'. [ 502.451796][ T9691] team0: Device ipvlan1 failed to register rx_handler [ 502.555119][ T1388] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.569070][ T1388] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.932117][ T4786] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 503.183682][ T4786] usb 1-1: Using ep0 maxpacket: 8 [ 503.214389][ T9695] loop1: detected capacity change from 0 to 1024 [ 503.303911][ T4786] usb 1-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e [ 503.312985][ T4786] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 503.327814][ T9695] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #4: comm syz.1.1734: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 503.364776][ T9695] EXT4-fs error (device loop1): ext4_quota_enable:6390: comm syz.1.1734: Bad quota inode: 4, type: 1 [ 503.386462][ T9695] EXT4-fs warning (device loop1): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 503.407137][ T9695] EXT4-fs (loop1): mount failed [ 503.446826][ T4786] usb 1-1: config 0 descriptor?? [ 503.520748][ T4786] usb 1-1: bad CDC descriptors [ 503.546552][ T4786] usb 1-1: bad CDC descriptors [ 503.566550][ T4786] cdc_acm 1-1:0.0: Zero length descriptor references [ 503.597578][ T4786] cdc_acm: probe of 1-1:0.0 failed with error -22 [ 503.769452][ T9704] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1734'. [ 504.236689][ T1313] usb 1-1: USB disconnect, device number 25 [ 504.306188][ T9708] netlink: 'syz.3.1735': attribute type 10 has an invalid length. [ 504.379857][ T9708] team0: Port device netdevsim0 added [ 504.545151][ T9713] loop1: detected capacity change from 0 to 512 [ 505.168753][ T9713] EXT4-fs (loop1): 1 orphan inode deleted [ 505.185844][ T9713] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 505.263407][ T9713] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038 (0x7fffffff) [ 505.311901][ T9720] loop3: detected capacity change from 0 to 2048 [ 505.382526][ T9723] loop2: detected capacity change from 0 to 256 [ 505.439799][ T9720] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 505.562577][ T26] audit: type=1800 audit(1723768127.079:258): pid=9720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1740" name="memory.events" dev="loop3" ino=18 res=0 errno=0 [ 506.277899][ T9728] loop4: detected capacity change from 0 to 2048 [ 506.338660][ T9733] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 506.353641][ T9733] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 506.365918][ T9733] EXT4-fs (loop3): This should not happen!! Data will be lost [ 506.365918][ T9733] [ 506.375855][ T9733] EXT4-fs (loop3): Total free blocks count 0 [ 506.381823][ T9733] EXT4-fs (loop3): Free/Dirty block details [ 506.387719][ T9733] EXT4-fs (loop3): free_blocks=2415919104 [ 506.393415][ T9733] EXT4-fs (loop3): dirty_blocks=32 [ 506.398786][ T9733] EXT4-fs (loop3): Block reservation details [ 506.404772][ T9733] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 506.479357][ T9723] FAT-fs (loop2): Directory bread(block 64) failed [ 506.514041][ T9723] FAT-fs (loop2): Directory bread(block 65) failed [ 506.593828][ T9723] FAT-fs (loop2): Directory bread(block 66) failed [ 506.602420][ T26] audit: type=1804 audit(1723768127.079:259): pid=9720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1740" name="/newroot/14/file1/memory.events" dev="loop3" ino=18 res=1 errno=0 [ 506.608644][ T9723] FAT-fs (loop2): Directory bread(block 67) failed [ 506.636971][ T9736] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1743'. [ 506.665957][ T9723] FAT-fs (loop2): Directory bread(block 68) failed [ 506.672812][ T9723] FAT-fs (loop2): Directory bread(block 69) failed [ 506.681474][ T9728] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 506.693462][ T9723] FAT-fs (loop2): Directory bread(block 70) failed [ 506.700352][ T9723] FAT-fs (loop2): Directory bread(block 71) failed [ 506.709824][ T9723] FAT-fs (loop2): Directory bread(block 72) failed [ 506.717636][ T9723] FAT-fs (loop2): Directory bread(block 73) failed [ 506.730018][ T9741] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1754'. [ 506.964478][ T26] audit: type=1800 audit(1723768128.299:260): pid=9728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1742" name="memory.events" dev="loop4" ino=18 res=0 errno=0 [ 506.998269][ T9741] team0: Device ipvlan1 failed to register rx_handler [ 507.760962][ T9751] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1744'. [ 508.437182][ T9751] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1744'. [ 508.577891][ T9747] loop0: detected capacity change from 0 to 4096 [ 508.612992][ T9754] loop2: detected capacity change from 0 to 2048 [ 508.709360][ T9754] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 508.773899][ T9754] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,abort,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none. [ 509.190464][ T9751] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 509.197072][ T9751] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 509.238995][ T9769] netlink: 'syz.0.1752': attribute type 10 has an invalid length. [ 509.293849][ T9751] vhci_hcd vhci_hcd.0: Device attached [ 509.401862][ T9770] vhci_hcd: connection closed [ 509.402343][ T3695] vhci_hcd: stop threads [ 509.476788][ T9769] team0: Port device netdevsim0 added [ 509.499519][ T3695] vhci_hcd: release socket [ 509.573752][ T4786] usb 13-1: new high-speed USB device number 2 using vhci_hcd [ 509.581588][ T3695] vhci_hcd: disconnect device [ 510.232818][ T9785] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1759'. [ 510.384659][ T9788] loop3: detected capacity change from 0 to 2048 [ 510.414009][ T9785] device veth0_macvtap left promiscuous mode [ 510.761709][ T9788] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 510.815906][ T9788] UDF-fs: Scanning with blocksize 512 failed [ 510.921704][ T9788] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 513.279506][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 513.547299][ T9811] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1767'. [ 513.630919][ T9813] loop3: detected capacity change from 0 to 1024 [ 513.691974][ T9814] team0: Device ipvlan1 failed to register rx_handler [ 513.889707][ T9813] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,resgid=0x0000000000000000,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback. [ 513.915978][ C0] vkms_vblank_simulate: vblank timer overrun [ 514.409755][ T9828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1775'. [ 514.563291][ T9828] device veth0_macvtap left promiscuous mode [ 514.565703][ T9824] loop3: detected capacity change from 0 to 2048 [ 514.764233][ T4786] vhci_hcd: vhci_device speed not set [ 515.320770][ T9830] loop1: detected capacity change from 0 to 1024 [ 515.491247][ T9830] EXT4-fs (loop1): Ignoring removed orlov option [ 515.528270][ T9830] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 515.580990][ T9830] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 515.602437][ T9840] loop4: detected capacity change from 0 to 1024 [ 515.614230][ T9824] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 515.693806][ T26] audit: type=1800 audit(1723768137.209:261): pid=9824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1773" name="memory.events" dev="loop3" ino=18 res=0 errno=0 [ 515.732872][ T26] audit: type=1804 audit(1723768137.249:262): pid=9824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1773" name="/newroot/21/file1/memory.events" dev="loop3" ino=18 res=1 errno=0 [ 516.107678][ T9846] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 516.123223][ T9846] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 516.135588][ T9846] EXT4-fs (loop3): This should not happen!! Data will be lost [ 516.135588][ T9846] [ 516.145379][ T9846] EXT4-fs (loop3): Total free blocks count 0 [ 516.151420][ T9846] EXT4-fs (loop3): Free/Dirty block details [ 516.157505][ T9846] EXT4-fs (loop3): free_blocks=2415919104 [ 516.163298][ T9846] EXT4-fs (loop3): dirty_blocks=32 [ 516.168483][ T9846] EXT4-fs (loop3): Block reservation details [ 516.174529][ T9846] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 516.957055][ T9863] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1781'. [ 517.372410][ T9863] loop3: detected capacity change from 0 to 40427 [ 517.413637][ T9863] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 517.420282][ T9863] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 517.672705][ T9863] F2FS-fs (loop3): Found nat_bits in checkpoint [ 517.820634][ T9863] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 517.838715][ T9863] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 517.927468][ T9840] attempt to access beyond end of device [ 517.927468][ T9840] loop4: rw=0, want=201326594, limit=1024 [ 517.939641][ T9840] buffer_io_error: 19 callbacks suppressed [ 517.940396][ T9840] Buffer I/O error on dev loop4, logical block 100663296, async page read [ 517.959339][ T9840] hfsplus: unable to mark blocks free: error -5 [ 517.967773][ T9840] hfsplus: can't free extent [ 517.975116][ T9840] [ 517.977459][ T9840] ====================================================== [ 517.984464][ T9840] WARNING: possible circular locking dependency detected [ 517.991496][ T9840] 5.15.164-syzkaller #0 Not tainted [ 517.996663][ T9840] ------------------------------------------------------ [ 518.003648][ T9840] syz.4.1778/9840 is trying to acquire lock: [ 518.010123][ T9840] ffff8880642be0b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x864/0xb80 [ 518.020063][ T9840] [ 518.020063][ T9840] but task is already holding lock: [ 518.027403][ T9840] ffff888073aeb048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x2e1/0xb80 [ 518.038510][ T9840] [ 518.038510][ T9840] which lock already depends on the new lock. [ 518.038510][ T9840] [ 518.048887][ T9840] [ 518.048887][ T9840] the existing dependency chain (in reverse order) is: [ 518.057889][ T9840] [ 518.057889][ T9840] -> #1 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 518.067101][ T9840] lock_acquire+0x1db/0x4f0 [ 518.072185][ T9840] __mutex_lock_common+0x1da/0x25a0 [ 518.077938][ T9840] mutex_lock_nested+0x17/0x20 [ 518.083197][ T9840] hfsplus_file_extend+0x1d2/0x1b10 [ 518.088931][ T9840] hfsplus_bmap_reserve+0x101/0x4e0 [ 518.094624][ T9840] hfsplus_create_cat+0x1a9/0x1ba0 [ 518.100230][ T9840] hfsplus_fill_super+0x13e6/0x1c90 [ 518.105925][ T9840] mount_bdev+0x2c9/0x3f0 [ 518.110769][ T9840] legacy_get_tree+0xeb/0x180 [ 518.115987][ T9840] vfs_get_tree+0x88/0x270 [ 518.120912][ T9840] do_new_mount+0x2ba/0xb40 [ 518.126003][ T9840] __se_sys_mount+0x2d5/0x3c0 [ 518.131185][ T9840] do_syscall_64+0x3b/0xb0 [ 518.136242][ T9840] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 518.142678][ T9840] [ 518.142678][ T9840] -> #0 (&tree->tree_lock){+.+.}-{3:3}: [ 518.150430][ T9840] validate_chain+0x1649/0x5930 [ 518.155791][ T9840] __lock_acquire+0x1295/0x1ff0 [ 518.161142][ T9840] lock_acquire+0x1db/0x4f0 [ 518.166140][ T9840] __mutex_lock_common+0x1da/0x25a0 [ 518.171840][ T9840] mutex_lock_nested+0x17/0x20 [ 518.177098][ T9840] hfsplus_file_truncate+0x864/0xb80 [ 518.182880][ T9840] hfsplus_setattr+0x1b9/0x280 [ 518.188139][ T9840] notify_change+0xc6d/0xf50 [ 518.193282][ T9840] do_truncate+0x21c/0x300 [ 518.198238][ T9840] path_openat+0x28a3/0x2f20 [ 518.203329][ T9840] do_filp_open+0x21c/0x460 [ 518.208335][ T9840] do_sys_openat2+0x13b/0x4f0 [ 518.213507][ T9840] __x64_sys_creat+0x11f/0x160 [ 518.218808][ T9840] do_syscall_64+0x3b/0xb0 [ 518.223723][ T9840] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 518.230158][ T9840] [ 518.230158][ T9840] other info that might help us debug this: [ 518.230158][ T9840] [ 518.240364][ T9840] Possible unsafe locking scenario: [ 518.240364][ T9840] [ 518.247789][ T9840] CPU0 CPU1 [ 518.253134][ T9840] ---- ---- [ 518.258471][ T9840] lock(&HFSPLUS_I(inode)->extents_lock); [ 518.264253][ T9840] lock(&tree->tree_lock); [ 518.271421][ T9840] lock(&HFSPLUS_I(inode)->extents_lock); [ 518.279721][ T9840] lock(&tree->tree_lock); [ 518.284204][ T9840] [ 518.284204][ T9840] *** DEADLOCK *** [ 518.284204][ T9840] [ 518.292316][ T9840] 3 locks held by syz.4.1778/9840: [ 518.297427][ T9840] #0: ffff88801f50a460 (sb_writers#25){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 518.306635][ T9840] #1: ffff888073aeb240 (&sb->s_type->i_mutex_key#28){+.+.}-{3:3}, at: do_truncate+0x208/0x300 [ 518.317058][ T9840] #2: ffff888073aeb048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x2e1/0xb80 [ 518.328607][ T9840] [ 518.328607][ T9840] stack backtrace: [ 518.334542][ T9840] CPU: 0 PID: 9840 Comm: syz.4.1778 Not tainted 5.15.164-syzkaller #0 [ 518.342792][ T9840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 518.352988][ T9840] Call Trace: [ 518.356319][ T9840] [ 518.359228][ T9840] dump_stack_lvl+0x1e3/0x2d0 [ 518.363924][ T9840] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 518.369619][ T9840] ? print_circular_bug+0x12b/0x1a0 [ 518.375235][ T9840] check_noncircular+0x2f8/0x3b0 [ 518.380153][ T9840] ? add_chain_block+0x850/0x850 [ 518.385064][ T9840] ? lockdep_lock+0x11f/0x2a0 [ 518.389715][ T9840] validate_chain+0x1649/0x5930 [ 518.394545][ T9840] ? mark_lock+0x98/0x340 [ 518.398851][ T9840] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 518.404805][ T9840] ? reacquire_held_locks+0x660/0x660 [ 518.410154][ T9840] ? print_irqtrace_events+0x210/0x210 [ 518.415592][ T9840] ? do_raw_spin_unlock+0x137/0x8b0 [ 518.420765][ T9840] ? raw_spin_rq_unlock_irq+0x17/0x80 [ 518.426187][ T9840] ? look_up_lock_class+0x77/0x120 [ 518.431290][ T9840] ? register_lock_class+0x100/0x9a0 [ 518.436564][ T9840] ? __schedule+0x1462/0x45b0 [ 518.441217][ T9840] ? is_dynamic_key+0x1f0/0x1f0 [ 518.446049][ T9840] ? mark_lock+0x98/0x340 [ 518.450353][ T9840] __lock_acquire+0x1295/0x1ff0 [ 518.455185][ T9840] lock_acquire+0x1db/0x4f0 [ 518.459674][ T9840] ? hfsplus_file_truncate+0x864/0xb80 [ 518.465119][ T9840] ? read_lock_is_recursive+0x10/0x10 [ 518.470476][ T9840] ? preempt_schedule+0xd9/0xe0 [ 518.475306][ T9840] ? __might_sleep+0xc0/0xc0 [ 518.480412][ T9840] ? vprintk_emit+0x141/0x150 [ 518.485099][ T9840] __mutex_lock_common+0x1da/0x25a0 [ 518.490279][ T9840] ? hfsplus_file_truncate+0x864/0xb80 [ 518.495770][ T9840] ? hfsplus_free_extents+0x186/0xae0 [ 518.501120][ T9840] ? hfsplus_file_truncate+0x864/0xb80 [ 518.506550][ T9840] ? panic+0x860/0x860 [ 518.510644][ T9840] ? mutex_lock_io_nested+0x60/0x60 [ 518.515817][ T9840] ? hfsplus_free_extents+0xd3/0xae0 [ 518.521078][ T9840] ? hfsplus_free_extents+0x47e/0xae0 [ 518.526427][ T9840] mutex_lock_nested+0x17/0x20 [ 518.531174][ T9840] hfsplus_file_truncate+0x864/0xb80 [ 518.536433][ T9840] ? print_irqtrace_events+0x210/0x210 [ 518.541863][ T9840] ? hfsplus_add_extent+0x880/0x880 [ 518.547033][ T9840] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 518.552737][ T9840] hfsplus_setattr+0x1b9/0x280 [ 518.557482][ T9840] ? hfsplus_write_failed+0x90/0x90 [ 518.562657][ T9840] notify_change+0xc6d/0xf50 [ 518.567230][ T9840] do_truncate+0x21c/0x300 [ 518.571620][ T9840] ? rcu_lock_release+0x20/0x20 [ 518.576446][ T9840] ? ima_bprm_check+0x2b0/0x2b0 [ 518.581336][ T9840] ? bpf_lsm_path_truncate+0x5/0x10 [ 518.586544][ T9840] path_openat+0x28a3/0x2f20 [ 518.591298][ T9840] ? do_filp_open+0x460/0x460 [ 518.595957][ T9840] do_filp_open+0x21c/0x460 [ 518.600436][ T9840] ? vfs_tmpfile+0x2e0/0x2e0 [ 518.604999][ T9840] ? _raw_spin_unlock+0x24/0x40 [ 518.609829][ T9840] ? alloc_fd+0x598/0x630 [ 518.614137][ T9840] do_sys_openat2+0x13b/0x4f0 [ 518.618787][ T9840] ? read_lock_is_recursive+0x10/0x10 [ 518.624133][ T9840] ? do_sys_open+0x220/0x220 [ 518.628712][ T9840] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 518.635090][ T9840] __x64_sys_creat+0x11f/0x160 [ 518.639932][ T9840] ? __x64_compat_sys_openat+0x290/0x290 [ 518.645633][ T9840] ? syscall_enter_from_user_mode+0x2e/0x240 [ 518.651707][ T9840] ? lockdep_hardirqs_on+0x94/0x130 [ 518.656984][ T9840] ? syscall_enter_from_user_mode+0x2e/0x240 [ 518.662947][ T9840] do_syscall_64+0x3b/0xb0 [ 518.667349][ T9840] ? clear_bhb_loop+0x15/0x70 [ 518.672012][ T9840] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 518.677937][ T9840] RIP: 0033:0x7f67a142d9b9 [ 518.682339][ T9840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 518.703268][ T9840] RSP: 002b:00007f679f8aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 518.711671][ T9840] RAX: ffffffffffffffda RBX: 00007f67a15c9f80 RCX: 00007f67a142d9b9 [ 518.720057][ T9840] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 518.728007][ T9840] RBP: 00007f67a149b8d8 R08: 0000000000000000 R09: 0000000000000000 [ 518.735953][ T9840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 518.743992][ T9840] R13: 0000000000000000 R14: 00007f67a15c9f80 R15: 00007ffe03bf99f8 [ 518.752080][ T9840] [ 518.886977][ T9875] loop1: detected capacity change from 0 to 1024 [ 519.049137][ T9875] EXT4-fs (loop1): Ignoring removed orlov option [ 519.064029][ T9875] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 519.076066][ T9875] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.