last executing test programs: 4.581723258s ago: executing program 4 (id=3912): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af25, 0x0) 4.299436474s ago: executing program 4 (id=3916): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002080)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="cdb6a40a11584a15d4b3e1f9c1d956b1b1bd40fe9238a8622f69427a708f83e1b0fe3e3208bb13f558", 0x29}], 0x1}}], 0x1, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c050102030109021b00010000000009040000018ea44300090585"], 0x0) 2.369307097s ago: executing program 4 (id=3950): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) 2.121105239s ago: executing program 4 (id=3955): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$sock(r0, &(0x7f0000000140)={&(0x7f0000000280)=@in6={0xa, 0x4e24, 0x0, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14}}, @timestamping={{0x14}}], 0x30}, 0x0) 1.938909386s ago: executing program 4 (id=3958): pipe2$watch_queue(&(0x7f0000000780)={0xffffffffffffffff}, 0x80) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r0, 0x5761, &(0x7f00000007c0)) 1.681733779s ago: executing program 4 (id=3964): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xd4, 0xc1, 0x8a, 0x8, 0x402, 0x5602, 0x3576, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf4, 0x62, 0x26}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 1.537853922s ago: executing program 0 (id=3966): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000030000000000000008006966623000000000000000000000000064756d6d78300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000b8000000e80000006970005100000000000600000000000000000000000000a823c565625b8d72002000000000000000008430040000000000000000000033a149b78ffe4b020d7400e286b830f07fca000000466ef58f5dc8438b000000000000000800"/376]}, 0x1f0) 1.403113884s ago: executing program 2 (id=3968): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=@newlink={0x50, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xebe3}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @private1}, @IFLA_IPTUN_TTL={0x5, 0x4, 0x40}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20811}, 0x0) 1.319185211s ago: executing program 0 (id=3970): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x10}]}, 0x50}}, 0x0) 1.144601688s ago: executing program 2 (id=3973): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x30, 0x3, 0x8, 0x5, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_CLOSEREQ={0x8}]}]}, 0x30}}, 0x0) 1.051411096s ago: executing program 3 (id=3974): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000280)={0x0, 0x0, 0x1, 'F'}, 0x9) 1.021079368s ago: executing program 1 (id=3975): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000004080000000000000003000000000000000000000002000000000000000000000000000002000000000000000000000004"], 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 970.555003ms ago: executing program 0 (id=3976): r0 = socket(0xa, 0x801, 0x0) getsockopt(r0, 0x0, 0x40, &(0x7f0000b3ffac)=""/84, &(0x7f0000001ffc)=0x54) 969.943893ms ago: executing program 2 (id=3977): capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x200000, 0x600000}) syz_init_net_socket$ax25(0x3, 0x3, 0x0) 885.68803ms ago: executing program 1 (id=3978): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000300)={'ip6tnl0\x00', &(0x7f0000000780)={'syztnl2\x00', 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, @empty, @loopback={0xfec0ffff00000000}}}) 850.254134ms ago: executing program 3 (id=3979): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000100)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}, {{&(0x7f0000000700)={0xa, 0x4e20, 0x7, @remote, 0x80}, 0x1c, 0x0, 0x0, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0xb96}}, @tclass={{0x14, 0x29, 0x43, 0xffff}}], 0x30}}], 0x2, 0x0) 784.33936ms ago: executing program 2 (id=3980): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000280)={0x0, @in6={{0xa, 0x0, 0x0, @dev, 0x200}}, 0x0, 0x6}, 0x90) 660.498901ms ago: executing program 1 (id=3981): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="280000006a006bb20000000000000000000000000000010008000500", @ANYRES32=0x0, @ANYBLOB='\b\x00\n'], 0x28}}, 0x0) 588.643177ms ago: executing program 3 (id=3982): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xb4, &(0x7f0000000000), &(0x7f0000000080)=0x4) 574.810008ms ago: executing program 0 (id=3983): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB="60000000100003050000000000e2ffffff000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e000100697036677265746170000000b8ff0280140007000000000000000000000000000000000106001100000000000a000100aa"], 0x60}}, 0x0) 564.40943ms ago: executing program 2 (id=3984): syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1200808, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16, @ANYRES64, @ANYRESOCT, @ANYRES8, @ANYRES16], 0x1, 0x1e5, &(0x7f0000000400)="$eJzs20tu00Acx/HfJGkSQ4HyXCCkILGADUmaikqsWs7BqmrTqsIFhNkkQsJcAM7AObgMB4AFO1YY+ZGm9aM1E9y0zfez8Xh+/dvjuu6MolgAFtamHsrIqBnuPGivfLltStU1qx4YgMoFyfZPYMOxqgJwXtR/p3uSFYA/n/EAOCs/X0jfJf349WFb9eyqPsz9SV5rZfNP0v1Gkpu2nPT64qv0eFJvrmTrG/E2zq/mHv/Jo8n5l3VN13VDK7qpW8aXifKdw/p7VmsgAAAWjVH3tLwr1QvSePLOrgqmlrT7LTurTzW1u+8OB6fka4V5K8q722/cnRPOAiBPrdTzX6wePX/9wrwR5avJXttukAAq4Y3GLbnu8J03Cif5qDF+teX+U8OxqirTMJUdOb/RTPUEHyUd9mzaHjnQsR7n6O+543VmH7yJP6VROnLKlNeUF720GMZGNlqSNNtNMb5V+fJn5V7XbI0NlfrhTs69sG60zuiP/3hj3v+ZAFSt9/7gbc8bjZ/uH2ztDfeGrwf9/vP1Z2ur64NetLLvnby+B3BxTSd9Hfk2EAAAAAAAAAAAAAAAuEju6G64Sb+2CwAAAOAS+m/vDDVU+LrVvK8RAAAAAAAAAAAAAAAAAIDL5m8AAAD//3E6Bko=") truncate(&(0x7f0000000040)='./file2\x00', 0x81c00) 472.693438ms ago: executing program 1 (id=3985): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$sock(r0, &(0x7f0000000140)={&(0x7f0000000280)=@in6={0xa, 0x4e24, 0x0, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14}}, @timestamping={{0x14}}], 0x30}, 0x0) 428.789502ms ago: executing program 3 (id=3986): futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}, {0x3, &(0x7f0000000040)=0x3, 0x2}], 0x2, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0) 340.99191ms ago: executing program 1 (id=3987): prlimit64(0x0, 0x2, &(0x7f0000000040), 0x0) mremap(&(0x7f0000371000/0x3000)=nil, 0x3000, 0x400000, 0x0, &(0x7f000082a000/0x400000)=nil) 277.592615ms ago: executing program 0 (id=3988): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x5c}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0) 196.370022ms ago: executing program 2 (id=3989): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x190, 0x78, 0x0, 0x0, 0x20000000, 0x11, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}) 196.272512ms ago: executing program 3 (id=3990): r0 = syz_open_dev$vim2m(&(0x7f0000000200), 0x401, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f16242413860608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"}) 125.475449ms ago: executing program 1 (id=3991): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x20108c0, &(0x7f0000000080)=ANY=[@ANYBLOB="75737271756f74612c696f636861727365743d69736f383835392d352c696f636861727365743d6575632d6a702c696e746567726974792c71756f74612c6e6f71756f74612c71756f7461006572726f72733d636f6e74696e75652c756d61736b3d3078303030303030303030303030303038312c75737271756f74612c06000000756f74612c756d61736b3d3078303030303030303030303030303030312c67727071756f74612c756d61736b3d3078303030303030303030303032303034352c726f6f74636f6e746578743d7379752c646566636f6e746578743d73797361646d5f752c66736e616d653d003f0000587d5b2d292b2c00a9c1a30bc3207997b7f4e9447ee50b7a7e32bbde0fc9243970c38a6cb5080b27024c8fa61254ca59336acbf090ea35b6e7e44f4af2c218e937a7689e5f17975998f3ff7c1c7b896131aaf5097320e70b9b3c7424cb12be8a69b44da8d201000000abf6813950c019ae80f2a89a067e768d0c305f77357aaccfbf7dc0503768aaa6b8940e1ccbc41e021e0cf63c2d1c991852b2b84c2d677f2898bde305ce8fa91a7c14e01f5f066af16ae8fa48cdee8bf24677ab469a4f18d640cc"], 0xfe, 0x619d, &(0x7f00000012c0)="$eJzs3c9vHGf9B/DP/vSPfptaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QLmiRK5bRaSAkoDSyiKufOHAib8AhMQRIY6IA39AD1y5ceJEJBsJ1BODxn6eeHay23VwvLP2vF6SM/OZZ9b7jN87+yMzs08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPHd73xvrRMR13+aFqxE/F/0IroRS2W9GhFLqyt5/X5EPB97zfFcRAwWIsrb7/3zTMRrEfHxmYid3c31cvGlQ/bj27//62++/9Tbf/nd4MK//3C39/qk9e7d+8W//nj/aNsMAAAAbVMURdFJH/PPps/33aY7BQDMRH79L5K8/NTXv/z723+ap/6o1Wq1Wj2DuqoY7361iIit6m3K9wwOxwPACbMVnzTdBRok/1brR8RTTXcCmGudpjvAsdjZ3VzvpHw71deD1f32fC7ISP5bnYfXd0yaTlM/x2RWj6/t6MWzE/qzNKM+zJOcf7ee//X99mFa77jzn5VJ+Q/3L31qnZx/r55/zenJvzs2/7bK+fcfK/+e/AEAAAAAYI7l//9fafj478LRN+VQPu347+qM+gAAAAAAAAAAT9pRx/97yPh/AAAAMLfKz+qlX505WDbpu9jK5dc6EU/X1gdaJl0ss9x0PwAAAAAAAAAAAACgTfr75/Be60QMIuLp5eWiKMqfqnr9uI56+5Ou7dsPbdb0kzwAAOz7+EztWv5OxGJEXEvf9TdYXl4uisWl5WK5WFrI72eHC4vFUuVzbZ6WyxaGh3hD3B8W5S9brNyuatrn5Wnt9d9X3tew6B2iY0/IIP01JzQ3FDYAJPuvRjtekU6Zonhm0psPGGH/P4VWYqXpxxXzr+mHKQAAAHD8iqIoOunrvM+mY/7dpjsFAMxEfv2vHxc4Ut2d0B7xZH7/3NaDmK/+qNVqtVo9WlcV492vFhGxVb1N+Z7BcPwAcMJsxSdNd4EGyb/V+hHxfNOdAOZap+kOcCx2djfXOynfTvX1II3vns8FGcl/q7N3u3z7cdNp6ueYzOrxtR29eHZCf56bUR/mSc6/W8//+n77MK133PnPyqT8h3uXzLVPzr9Xz7/m9OTfHZt/W+X8+4+Vf0/+AAAAAAAwx/L//684/ps3GQAAAAAAAABOnJ3dzfV83Ws+/v+ZMeu5/vN0yvl3Hjf/pTQv/xMt59+t5f/F2nq9yvyDtw72/3/ubq7/9u4//j9PD5v/Qp7ppEdWJz0iOumeOv00PcrWPWp70BuW9zTodHv9dM5PMXg3bsat2IiLI+t209/joH1tpL3s6WCk/dJIe/+R9ssj7YP0vQPFUm4/H+vxo7gV7+y1l20LU7Z/cUp7MaU959/z/N9KOf9+5afMfzm1d2rT0oOPuo/s99XpuPt58+Znf37x+Ddnqu3oPdy2qnL7zjXQn72/yVPD+Mmdjdvn7924e/f2WqTJyNJLkSZPWM5/sPezcPD8/+J+e37er+6vDz4aPnb+82I7+hPzf7EyX27vyzPuWxNy/sP0k/N/J7WP3/9Pcv6T9/9XGugPAAAAAAAAAAAAAAAAfJqiKPYuEX0zIq6k63+aujYTAJit/PpfJHm5Wq1Wq9Xq01dXFeO9US0i4s/V25TvGX427pcBAPPsPxHxt6Y7QWPk32L5+/7K6UtNdwaYqTsffPiDG7dubdy+03RPAAAAAAAAAID/VR7/c7Uy/vNLEbFSW29k/Ne3YvWo43/288zDAUaf8EDfE2x3h71uZbjxF2JvfO7zk8b/PhePjv+dx8TtVbdjgsGU9uGU9oUp7Ytjlx6kNfZCj4qc/wuV8c7L/M/Whl9vw/iv9THv2yDnf67yeC7z/0JtvWr+xa/nLv+tw664Hd2R/C/cff/HF+588OGrN9+/8d7Gexs/vLy2dvHylStXr1698O7NWxsX9/89nl7PgZx/HvvaeaDtkvPPmcu/XXL+n0u1/Nsl5//5VMu/XXL++f2e/Nsl558/+8i/XXL+L6da/u2S8/9SquXfLju7mwtl/q+kWv7tkvf/L6da/u2S83811fJvl5z/+VTLv11y/hdSfYj8fT38KZLzz0e47P/tkvNfS7X82yXnfynV8m+XnP/lVMu/XXL+r6Va/u2S8/9KquXfLjn/K6mWf7vk/L+aavm3S87/aqrl3y45/6+lWv7tkvP/eqrl3y45/9dTLf92yfl/I9Xyb5ec/zdTLf92yfl/K9Xyb5ec/xupln+7HHz/vxkzZszkmaafmQAAAAAAAAAAAACAulmcTtz0NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLUauu74D+Jm9ee0QYiAEJzWwSYwxzpJdX+ILrYsJ1wYoBRIKvWC73rVZ8A2vXQJFsmmgRMKoqKJq+tAWEGojVRVWxQOtKM1D1ctTaR/oS0VVCalRFZBBRWormq1mzv//98zs7Myud7yePf/PR7J/uzNn5pw5c2Z2v2t/9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs3vfOPvZWlEU9T+NvzYXxQvqH2+c2Ny47HW3egsBAACA1fq/xt/X7kgXHF7GjZqW+btX/OPXFxYWFor3D//u6BcXFtIVE0UxuqEoGtdFV//9A7XmZYInivHaUNPnQz1WP9zj+pEe14/2uH6sx/Ubelw/3uP6RTtgkY3lz2Mad7at8eHmcpcWdxajjeu2dbjVE7UNQ0PxZzkNtcZtFkZPFHPFqWK2mG5Zvly21lj+m/fW1/W2Iq5rqGldW+tHyA8/eTxuQy3s420t67p+n9H331BM/OiHnzz+xxeeu7vT7LkbWu6v3M4d99W389PhknJba8WGtE/idg41befWDs/JcMt21hq3q3/cvp3Xlrmdw9c3c021P+fjxVDj42839tNI84/10n7aGi777/uLorh8fbPbl1m0rmKo2NRyydD152e8PCLr91E/lF5cjKzoOL13Gcdpfc5saz1O218T8fm/N9xuZIltaH6avv+psUXP+0qP06j+qJd6rbQfg/1+rQzKMRiPi283HvSTHY/BbeHxf3L70sdgx2OnwzGYHnfTMXhfr2NwaGy4sc3pSag1bnP9GNzVsvxwY021xnx2e/djcOrC6XNT8x//xGvnTh87OXty9syeXbum9+zbd+DAgakTc6dmp8u/b3BvD75NxVB6DdwX9l18Dby6bdnmQ3Xhy/17HY53eR1ublu236/DkfYHV1ubF+TiY7p8bTxa3+njV4aKJV5jjedn5+pfh+lxN70OR5pehx2/pnR4HY4s43VYX+bczuV9zzLS9KfTNtysrwWbm47B9u9H2o/Bfn8/MijH4Hg4Lv5159JfC7aG7X1ycqXfjwwvOgbTww3vPfVL0vf74wcao9NxeU/9itvGiovzs+cffPzYhQvndxVhrImXNB0r7cfrpqbHVCw6XodWfLwennvFk/d0uHxz2Ffjr63/Nb7kc1VfZu+D3Z+rxle3zvuz5dLdRRh9ttb7s9NX8/r+TFmyy/6sL/PpqdV/L55yadP77+gS778x9z9fri/d1RPDoyPl63c47Z3Rlvfj1qdqpPHeVWus+9rU8t6PR8OftX4/vrPL+/GWtmX7/X482v7g4vtxrddPO1an/fkcD8fJqenu78f1ZbbsXukxOdL1/fj+MGth/78mJIWUi5qOnaWO27SukZHR8LhG4hpaj9M9LcuPhmxWX9fTu2/sON1xf3lfw+nRXbdWx+lE27L9Pk7T+9VSx2mt10/fbkz78zkejos793Q/TuvLPLN39e+dG+OHTe+dY41j8NrS9zM6PFbf5tF0EJbv9wsb4zH4YHG8OFucKmYa1441jqdaY12TDy3vGBwLf9b6vXJLl2NwR9uy/T4G09expY692sjiB98H7c/neDgunnqo+zFYX+ZN+/v7veuOcElapul71/afry31M6972nbTzfyZV307/2Z/95/N1pc5dWClObP7fnogXHJbh/001vY1ZKnX1EyxNvtpS9jO5w4svZ/q21Nf5osHl3k8HS6K4tJHH278vDf8+8qfX/zO11v+3aXTv+lc+ujDP7j9xN+uZPsBWP+eL8em8mtd079MLeff/wEAAIB1Ieb+oTAT+R8AAAAqI+b++L/CE/kfAAAAKiPm/pEwk0zy/5Y3PTf3/KUiNfMXgnh92g2PlMvFjut0+Hxi4br65Q9/dfbHf3lpeeseKoriJ4/8RsfltzwSt6s0Ebbz6ptbL198w0vLWv/Rx64v19xf/1K4//h4lnsYdKrgThdF8c07Pt9Yz8QHrjTmM48cbcz3XH7yifoy1w6Wn8fbP/uScvk/COXfwyeOtdz+2bAfvhfm9Ns77494u69dec3W/e+7vr54u9p9L2w87Kc+WN5v/D05X3iiXD7u56W2/68+9/TX6ss//qrO239pqPP2Px3u96th/s/Ly+Wbn4P65/F2nwnbH9cXb/fgV77VcfuvfrZc/txbyuWOhhnXvyN8vu0tz80176/Ha8daHlfx1nK5uP7p7/x24/p4f/H+27d//MiVlv3Rfnw888/l/Uy1LR8vj+uJ/qJt/fX7aT4+4/qf/q2jLfu51/qvvufZl9fvt339D7QtN9x2+/bf2PSHn/l8x/XF7Tn8Z+daHs/hd4fXcVj/Ux8Mx2O4/n+vfr5lvdHRd7e+/8Tlv7T5Usvjid72o3L9V19/sjH/Y+LHv3/bC25/4eVX1vddUXz7veX99Vr/yT8627L9X75rZ+P5iNfHjn77+pcS13/+Y5Nnzs5fnJtp2quN353zjnJ7Noxv3FTf3jvCe2v750fOXvjQ7PmJ6Ynpopio7q/Qu2FfCfMH5bi80tvvfCw8n/f83jc3bf+nz8XL/+XR8vIrby+/br06LPeFcPnm8vlbqK1y/U/de1fj9V17pvy8pcfeB1u3/eeBZS0YHn/79wXxeD/30g819kP9usbXjfi6XuX2f3emvJ9vhP26EH4z8313XV9f8/LxdyNceW/5el/1/gtvc/F5/ZPwfL/ze+X9x+2Kj/e74fuYb21pfb+Lx8c3Lg2133/jt3hcDu8nxeXy+rhU3N9Xrt3VcfPi7yEpLt/d+Px30v3cvaKHuZT5j89PnZo7c/HxqQuz8xem5j/+iSOnz148c+FI43d5Hvlwr9tff3/a1Hh/mpndt7eY3lgUxdlieg3esG7O9tc/Wt72n3vs+Mz+6e0zsyeOXTxx4bFzs+dPHp+fPz47M7/92IkTsx/rdfu5mUO7dh/cs3/35Mm5mUMHDh7cc3By7szZ+maUG9XDvumPTJ45f6Rxk/lDew/ueuihvdOTp8/OzB7aPz09ebHX7Rtfmybrt/71yfOzp45dmDs9Ozk/94nZQ7sO7tu3u+dvAzx97sT8xNT5i2emLs7Pnp8qH8vEhcbF9a99vW5PNc3/W/n9bLta+Yv4inc9sC/9fta6r35qybsqF2n7BaLPhd9F8w8vOndgOZ/H3D8aZpJJ/gcAAIAcxNw/FmYi/wMAAEBlxNy/IcxE/gcAAIDKiLl/PMwkk/yv/6//v7z+f3m9/n9e/f9zHy17peu9/x/78/r/ebjF/f9Vr1//X/+/ev3/5ffn1/v26//r/7PYoPX/Y+7fWBRZ5n8AAADIQcz9m8JM5H8AAACojJj7bwszkf8BAACgMmLuf0GYSSb5X/9/Wf3/3b0KV9Xv/zv/v/5/sT77//HJ0f/Pxor79+97tOVT/f9A/1//X/9f/1//n1UbXfKaW9X/j7n/9jCTTPI/AAAA5CDm/heGmcj/AAAAUBkx998RZiL/AwAAQGXE3L85zCST/K//7/z/+v/6/937/2NN97QO+/+rPf9/08bo/68Pzv/fnf5/Dzfc/x/X/1+P/f/R/m7/YPf/e26+/j83xaCd/z/m/heFmWSS/wEAACAHMfe/OMxE/gcAAIDKiLn/JWEm8j8AAABURsz9d4aZZJL/9f/1//X/9f8rff7/1fb/u57/v/xI/3+w6P93p//fg/P/59X/7/P2D3b/v9/n/x99c/vt9f/pZND6/zH3vzTMJJP8DwAAADmIuf+uMBP5HwAAACoj5v6XhZnI/wAAAFAZMfdvCTPJJP/r/+v/6//r/+v/d15/7/5/Sf9/sOj/d6f/34P+v/6//v/y+v8dvvnV/6eTQev/x9x/d5hJJvkfAAAAchBz/z1hJvI/AAAAVEbM/T8VZiL/AwAAQGXE3L81zCST/K//r/+v/59X//+BMf1//f9q0//vTv+/B/1//X/9/2We/3+xlfT/N/S6Mypj0Pr/Mfe/PMwkk/wPAAAAOYi5/xVhJvI/AAAAVEbM/a8MM5H/AQAAoDJi7p8IM8kk/+v/V6v//6d//dQrC/1//f8e669o/z8eBvr/mdP/707/vwf9f/1//f816f+Tj0Hr/8fcf2+YSSb5HwAAAHIQc/99YSbyPwAAAFRGzP33h5nI/wAAAFAZMfdvCzOpfP4vmw/6/9Xq/0f6//r/3dZf0f5/ov+fN/3/DppepPr/Pej/Z9//j2kg3/5//O5X/5/+GLT+f8z9rwozqXz+BwAAgHzE3L89zET+BwAAgMqIuf/VYSbyPwAAAFRGzP07wkwyyf/6//r/+v/6//r/ndev/78+6f93t9L+/5j+v/5/Zv1/5/93/n/6a9D6/zH3vybMJJP8DwAAADmIuX9nmIn8DwAAAJUR//9m+f9e5X8AAACoopj7J8NMMsn/+v/6/zn1/2v6//r/+v+Vp//fnfP/96D/r/+v/6//T18NWv8/5v7Xhplkkv8BAAAgBzH3PxhmIv8DAABAZcTcPxVmIv8DAABAZcTcPx1mkkn+1//X/8+p/+/8//r/+v/Vp//fnf5/D/r/+v9V6/8Xhf4/t9Sg9f9j7t8VZpJJ/gcAAIAcxNy/O8xE/gcAAIDKiLl/T5iJ/A8AAACVEXP/3jCTTPK//r/+v/6//r/+f+f16/+vT/r/3en/96D/r/9ftf6/8/9ziw1a/z/m/ofCTDLJ/wAAAJCDmPv3hZnI/wAAAFAZMffvDzMJ+b/T/+sGAAAA1peY+w+EmWTy7//6/xXp///m37esW/9f/7/L+tPVq+v/b9T/D1P/f7BUtP/f/rK4Yfr/Pej/6//r/+v/01eD1v+Puf9gmEkm+R8AAAByEHP/68JM5H8AAACojJj7fzrMRP4HAACAyoi5/2fCTDLJ//r/Fen/t9H/1//vtn7n/9f/r7KK9v/7plL9/yH9f/3/wdp+/X/9fxa7+f3/+NHy+v8x9x8KM8kk/wMAAEAOYu7/2TAT+R8AAAAqI+b+14eZyP8AAABQGTH3Hw4zyST/6//r/+v/6//fnP7/64t2g9j/rx88+v/Vov/fXaX6/87/r/8/YNuv/6//z2KDdv7/mPvfEGaSSf4HAACAHMTc/3CYifwPAAAAlRFz/xvDTOR/AAAAqIyY+98UZpJJ/tf/1//X/9f/d/7/zuvX/1+f9P+70//vQf9f/z/X/v8z+v/cHIPW/4+5/81hJpnkfwAAAMhBzP1vCTOR/wEAAKAyYu5/a5iJ/A8AAACVEXP/28JMMsn/+v/6//r/+v/6/53Xr/+/Pun/d6f/34P+v/5/rv1/5//nJhm0/n/M/T8XZpJJ/gcAAIAcxNz/SJiJ/A8AAACVEXP/28NM5H8AAACojJj73xFmkkn+v7X9/9pIUej/6//r/+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3P/OMJNM8j8AAADkIOb+nw8zkf8BAACgMmLuf1eYifwPAAAAlRFz/y+EmWSS/53/X/9/sPr/C5eab6f/r/9f9Kv/X7+R/n8W9P+70//voUP/f4P+v/6//r/+Pzds0Pr/Mfe/O8wkk/wPAAAAOYi5/z1hJvI/AAAAVEbM/e8NM5H/AQAAoDJi7n80zCST/K//n2X/Pz3kwev/O/+//r/z/+v/r47+f3f6/z04/7/+v/6//j99NWj9/5j7HwszyST/AwAAQA5i7n9fmIn8DwAAAJURc/8vhpnI/wAAAFAZMfe/P8wkk/yv/59l/3+Az/9ftf7/SMvxkVP/f7zp+UzHpf6//v8a0P/vbg36/y13o/+v/6//38f+fziaNy5xe/1/BtGg9f9j7v9AmEkm+R8AAAByEHP/L4WZyP8AAABQGTH3/3KYifwPAAAAlRFz/6+EmWSS//X/9f/1/53/3/n/O69f/3990v/vzvn/e9D/1/8f5P5/D/r/DKJB6//H3P+rYSZLBr8f/NcyHiYAAAAwQGLu/2CYSSb//g8AAAA5iLn/SJiJ/A8AAACVEXP/0TCTTPK//n97/z+eUVX/X/9f/1//X/9/Pepf//9ltxeF/r/+v/6//r/+v/4/qzFo/f+Y+4+FmWSS/wEAACAHMff/WpiJ/A8AAACVEXP/8TAT+R8AAAAqI+b+mTCTTPL/Lez/jw5m/9/5/2+0//8T/X/9/0D/vzP9/7Xh/P/d6f/3oP+v/6//r/9PXw1a/z/m/tkwk0zyPwAAAFRY+nFwzP0nwkzkfwAAAKiMmPtPhpnI/wAAAFAZMfd/KMwkk/zv/P/6/87/fyv6/yMty+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3D8XZpJJ/gcAAIAcxNz/4TAT+R8AAAAqI+b+j4SZyP8AAABQGTH3nwozyST/6//r/+fe/68VxWXn/8+8/z/eef36/+uT/n93+v896P/r/+v/6//TV4PW/4+5/3SYSSb5HwAAAHIQc/+ZMBP5HwD+n737aLLrrPo+fB4/tqQewUdgzIghjOyPwJQBVVQxpkgmB1tkk03OweScczI5B5MzJudoonGVKHevtdStPtq7pd46Z+/7vq7Jeq2y3j6NGz/1R/WrGwCgGbn77xu32P8AAADQjNz994tbOtn/+n/9f+/9/2or7/8f/Pv1/3u8/6//n8Kh/v7y9X/f+aLw8/b/d7nr1ffS/+v/9f+D9P/6f/0/55pb/5+7//5xSyf7HwAAAHqQu/8BcYv9DwAAAM3I3f/AuMX+BwAAgGbk7r86bulk/+v/59D/n/0E+n/9/9b7/xv1//r/ZfP+/zD9/wj9v/5f/6//Z1Jz6/9z9z8obulk/wMAAEAPcvc/OG6x/wEAAKAZufsfErfY/wAAANCM3P0PjVs62f/6/zn0/97/1/8fpf8/4f3/c74f/b/+fx39/zD9/wj9v/5f/6//Z1Jz6/9z9z8sbulk/wMAAEAPcvc/PG6x/wEAAKAZufsfEbfY/wAAANCM3P2PjFs62f/6f/2//n8p/f+G3v/X/+v/F+6G1dl/J+j/D9P/jxjp/1cr/f+QI/fz67+95Xz+89D/6/85bG79f+7+R8UtV61WJy72mwQAAABmJXf/o+OWTv78HwAAAHqQu/+auMX+BwAAgGbk7r82bulk/+v/9f/6/yP1//kt6v/30f/v0f/Pi/f/hx2//7/zHe9z7377f+//D/P+/9T9/+0/Gfp/lm1u/X/u/tNxSyf7HwAAAHqQu/8xcYv9DwAAAM3I3f/YuMX+BwAAgGbk7n9c3NLJ/tf/t9b///+B37ev/9+tXfT/3v/X/+v/W6f/H+b9/xG7/5rbqb/U/+v/vf+v/+d45tb/5+5/fNzSyf4HAACAHuTuf0LcYv8DAABAM3L3PzFusf8BAACgGbn7nxS3dLL/9f+t9f8Hf5/3//X/676+/l//3zL9/zD9/4hW3v+/yJ+abffzx7Xtz6//1/9z2Nz6/9z918Utnex/AAAA6EHu/ifHLfY/AAAANCN3/1PiFvsfAAAAmpG7/6lxSyf7X/+v/19G/59fQf+v/7/0/X/S/y+T/n+Y/n9EK/3/Rdp2P7/0zz/Y/++Mf379Py2aW/+fu/9pcUsn+x8AAAB6kLv/6Xv3nvU/E9v/AAAA0IzY/atnxC32PwAAADQjd/8z45ZO9r/+X/+/jP7f+//6f+//6/+PRv8/TP8/Qv+v//f+v/6fSc2t/8/df33c0sn+BwAAgB7k7n9W3GL/AwAAQDNy9z87brH/AQAAoBm5+58Tt3Sy//X/+n/9v/5f/7/+6+v/l0n/P0z/P0L/r//X/+v/mdSM+v99v+vU6rlxSyf7HwAAAHqQu/95cYv9DwAAAM3I3f/8uMX+BwAAgGbk7n9B3NLJ/tf/z6b/38352ur/d1arlf5/1Wn/v7Pvn2f9XOr/9f8boP8fpv8fof/X/+v/9f9Makb9/+5f5+5/YdzSyf4HAACAHuTuf1HcYv8DAABAM3L3vzhusf8BAACgGbn7XxK3dLL/9f+z6f93tdX/e///3J+Pnvp/7/8fpv/fDP3/MP3/CP2//l//r/9nUnPr/3P3vzRuOnHFRX+LAAAAwMzk7n9Z3NLJn/8DAABAD3L3vzxusf8BAABgoa4/9Cu5+18Rt3Sy//X/0/b/J/b9mv5f/3/uz4f+X/+v/7/09P/D9P8j9P/6f/2//p9Jza3/z93/yrilk/0PAAAAPcjdf0PcYv8DAABAM3L3vypusf8BAACgGbn7Xx23dLL/9f/e/9f/6//1/+u/vv5/mfT/wy55/x//QtT/6//X9fO3TfzzvOnPP2aC/v/k2f+n/p82XED/f+bMmWsuef+fu/81cUsn+x8AAAB6kLv/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/3fa/+eP+rL6/2tXK/2//l//r/8fpv8f5v3/Efp/7/97/1//z6Tm9v5/7v43xC2d7H8AAADoQe7+N8Yt9j8AAAA0I3f/m+IW+x8AAACakbv/zXFLJ/tf/99p/+/9f/2//n/T/f+tK/3/Riyi/985/9efe/9/Wv+v/x/QXf9/97sd+Ev9v/6fw+bW/+fuf0vc0sn+BwAAgB7k7n9r3GL/AwAAQDNy978tbrH/AQAAoBm5+98eN13eyf7X/+v/9f/6f/3/+q+/4ff/T6xWK/3/BBbR/w+Ye/8/zfv/5/63/Cz9v/5/yZ9f/6//57C59f+5+98Rt3Sy/wEAAKAHufvfGbfY/wAAANCM3P3vilvsfwAAAGhG7v53xy2d7H/9v/5f/6//b77/P72I/t/7/xPZbP9/Wv/f4/v/V+n/z0f/r//X/3NU2+r/c/e/J27pZP8DAABAD3L3vzdusf8BAACgGbn73xe32P8AAADQjNz9749bOtn/+n/9/4X0//k59f9t9f8nZ9f/nzrw/18n7//r/yfi/f9h+v8R3v/X/+v/r9f/M6W5vf+fu/8DcUsn+x8AAAB6kLv/g3Hrf7q1/wEAAKAZufs/FLfY/wAAANCM3P0fjls62f/6f/2/9//1/82//6//74r+f5j+f4T+X/+v//f+P5OaW/+fu/8jcUsn+x8AAAB6kLv/o3GL/Q8AAADNyN3/sbjF/gcAAIBm5O6/MW7pZP/r//X/+n/9v/5/75+h/r8N+v9hm+n/d/T/+v/q5/8v/lug/9f/j/1+2jS3/j93/8fjlk72PwAAAPQgd/8n4hb7HwAAAJqRu/+TcYv9DwAAAIt0+Zpfy93/qbilk/2v/9f/6//1//r/9V9f/79MW+n/84dC/+/9/9BP/3+nA3+1tPf/z/2/X/p//T/Tm1v/n7v/03FLJ/sfAAAAepC7/zNxi/0PAAAAzcjd/9m4xf4HAACAZuTu/1zc0sn+1//r//X/+n/9//qvr/9fJu//D9P/j9D/b/X9/KV/fv2//p/D5tb/5+7/fNzSyf4HAACAHuTu/0LcYv8DAABAM3L3fzFusf8BAACgGbu7P+OyDve//l//r//X/+v/1399/f8y6f+H6f9H6P/1//p//T+Tmlv//6Xd33Vq9eW4pZP9DwAAAD3I3f+VuMX+BwAAgGbk7v9q3GL/AwAAQDNy938tbulk/+v/9f/L6P/PnDlzjf5f/3/w+znb/9+s/6fo/4fp/0fo//X/+n/9P5OaW/+fu/+muKWT/Q8AAAA9yN3/9bjF/gcAAIBm5O7/Rtxi/wMAAEAzcvd/M27pZP/r/2fQ/5/S/3v/X/+/8v6//n8i+v9h+v8RLfb/p47+7W+7nz+ubX9+/b/+n8Pm1v/n7v9W3NLJ/gcAAIAe5O7/dtxi/wMAAEAzcvd/J26x/wEAAKAZufu/G7d0sv/1/5vr/2//z66X9/93Vus/v/5f/6//1/9favr/Yfr/ES32/xdg2/380j+//l//z2Fz6/9z938vbjk4/K64sO8SAAAAmJPc/d+PWzr5838AAADoQe7+H8Qt9j8AAAA0I3f/D+OWTva//n8G7/832P97/3/9z4f+f9b9/2X6/zbo/4fp/0csu/+/6YK+1zW23c8v/fPr//f3//nTrP/v3dz6/9z9P4pbOtn/AAAA0IPc/T+OW+x/AAAAaEbu/p/ELfY/AAAANCN3/81xy779v67tboX+X/+v/9f/6//Xf339/zLp/4cdtf8/uTpe/5/0/97/1//32v97/589c+v/c/f/NG7x5/8AAACwOFec59dz9/8sbrH/AQAAoBm5+38et9j/AAAA0Izc/b+IW265bFsfaaP0//p//b/+X/+//uvr/5dJ/z/M+/8j9P9T9PNX6v/b6P9XK/0/xze3/j93/y/jFn/+DwAAAM3I3f+ruMX+BwAAgGbk7v913GL/AwAAQDNy9/8mbulk/+v/9f/H7P9300z9/x79/x79/3r6/83Q/w/T/4/Q/3v/X//v/X8mNbf+P3f/b+OWTvY/AAAA9CB3/+/iFvsfAAAAmpG7//dxi/0PAAAAzcjd/4e4pZP9v7X+P/6j1v8vvv/3/r/+X/+v/58V/f8w/f8I/b/+X/+v/2dSc+v/c/f/MW7pZP8DAABAD3L3/ylusf8BAACgGbn7/xy32P8AAADQjNz9f4lbOtn/3v/X/+v/9f/6//VfX/+/TPr/Yfr/9eoflP5f/6//1/8zqbn1/7n7/xq3dLL/AQAAoAe5+/8Wt9j/AAAA0Izc/bfELfY/AAAANCN3/9/jlk72v/5f/6//1//r/9d/ff3/Mun/h22z/7/HHca/rPf/t97/50fQ/+v/9f9MYm79f+7+f8Qtnex/AAAA6EHu/n/GLfY/AAAANCN3/7/iFvsfAAAAmpG7/99xSyf7f6T/P1l/o/5/kP7/4OfX/6//+dD/V/9/XfyS/l//Pzn9/zDv/4/Q/3v/X/+v/2dSc+v/c/f/J27pZP8DAABAD3L33xq32P8AAADQjNz9/41b7H8AAABoRu7+2+KWTva/9/+X1P9fqf/X/7fS/3v/X/9/yej/h+n/R+j/9f/6f/0/k5pb/5+7/38BAAD//w4+TuQ=") truncate(&(0x7f0000000080)='./file1\x00', 0xc00) 87.475472ms ago: executing program 3 (id=3992): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001880)=@mangle={'mangle\x00', 0x44, 0x6, 0x3e0, 0x98, 0x130, 0x0, 0x98, 0x280, 0x348, 0x348, 0x280, 0x348, 0x348, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'netpci0\x00', 'netpci0\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28}}, {{@ip={@local, @local, 0x0, 0x0, 'vcan0\x00', 'netpci0\x00', {}, {}, 0x11, 0x0, 0x4c}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00'}}}, {{@ip={@broadcast, @rand_addr, 0x0, 0x0, 'ip6erspan0\x00', 'team_slave_1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@dccp={{0x30}}]}, @TTL={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x440) 0s ago: executing program 0 (id=3993): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='tlb_flush\x00', r0}, 0x10) kernel console output (not intermixed with test programs): ] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 223.587709][ T8349] OCFS2: File system is now read-only. [ 223.610490][ T8349] (syz.1.1917,8349,1):ocfs2_search_one_group:1684 ERROR: status = -30 [ 223.639081][ T8374] xt_CT: You must specify a L4 protocol and not use inversions on it [ 223.642538][ T8349] (syz.1.1917,8349,1):ocfs2_claim_suballoc_bits:1920 ERROR: status = -30 [ 223.673804][ T8349] (syz.1.1917,8349,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 223.682591][ T6799] adutux 3-1:0.0: Could not retrieve serial number [ 223.697427][ T6799] adutux: probe of 3-1:0.0 failed with error -5 [ 223.701234][ T8349] (syz.1.1917,8349,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 223.718316][ T8349] (syz.1.1917,8349,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 223.739817][ T8349] (syz.1.1917,8349,1):ocfs2_mknod_locked:637 ERROR: status = -30 [ 223.771212][ T8349] (syz.1.1917,8349,1):ocfs2_mknod:383 ERROR: status = -30 [ 223.801360][ T8349] (syz.1.1917,8349,1):ocfs2_mknod:500 ERROR: status = -30 [ 223.861714][ T8349] (syz.1.1917,8349,1):ocfs2_create:674 ERROR: status = -30 [ 223.911373][ T4610] ocfs2: Unmounting device (7,1) on (node local) [ 223.923564][ T6800] usb 3-1: USB disconnect, device number 7 [ 225.236300][ T8439] xt_CT: You must specify a L4 protocol and not use inversions on it [ 225.864484][ T8467] netlink: 'syz.1.1972': attribute type 24 has an invalid length. [ 225.924412][ T8471] xt_TCPMSS: Only works on TCP SYN packets [ 226.307922][ T8477] loop2: detected capacity change from 0 to 4096 [ 226.359664][ T8477] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 226.501929][ T8489] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1981'. [ 226.808893][ T8496] loop2: detected capacity change from 0 to 1024 [ 227.297725][ T8513] loop0: detected capacity change from 0 to 16 [ 227.374656][ T8513] erofs: (device loop0): mounted with root inode @ nid 36. [ 227.450238][ T3658] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[9000] [ 227.464451][ T8513] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 227.548931][ T27] audit: type=1800 audit(1728526082.105:46): pid=8513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1995" name="file3" dev="loop0" ino=89 res=0 errno=0 [ 227.979544][ T8499] loop3: detected capacity change from 0 to 32768 [ 228.036932][ T8507] loop2: detected capacity change from 0 to 32768 [ 228.067099][ T8499] ERROR: (device loop3): diNewExt: no free extents [ 228.067099][ T8499] [ 228.159895][ T8507] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 228.182598][ T8499] ERROR: (device loop3): remounting filesystem as read-only [ 228.272800][ T8539] netlink: 'syz.4.2008': attribute type 4 has an invalid length. [ 228.273594][ T8499] ialloc: diAlloc returned -5! [ 228.309521][ T8507] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #65 has bad signature INODE01 [ 228.370337][ T8507] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 228.425718][ T8507] OCFS2: File system is now read-only. [ 228.431267][ T8507] (syz.2.1991,8507,0):ocfs2_search_one_group:1684 ERROR: status = -30 [ 228.507635][ T8507] (syz.2.1991,8507,0):ocfs2_claim_suballoc_bits:1920 ERROR: status = -30 [ 228.578871][ T8507] (syz.2.1991,8507,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 228.625069][ T8507] (syz.2.1991,8507,0):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 228.657399][ T8507] (syz.2.1991,8507,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 228.684658][ T8507] (syz.2.1991,8507,0):ocfs2_mknod_locked:637 ERROR: status = -30 [ 228.717188][ T8507] (syz.2.1991,8507,0):ocfs2_mknod:383 ERROR: status = -30 [ 228.758209][ T8507] (syz.2.1991,8507,0):ocfs2_mknod:500 ERROR: status = -30 [ 228.782469][ T8507] (syz.2.1991,8507,0):ocfs2_create:674 ERROR: status = -30 [ 228.899190][ T8558] (syz.3.2011,8558,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 228.926339][ T4180] ocfs2: Unmounting device (7,2) on (node local) [ 228.932457][ T8558] (syz.3.2011,8558,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 228.942315][ T8561] netlink: 'syz.0.2018': attribute type 13 has an invalid length. [ 228.960431][ T8561] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2018'. [ 229.107670][ T8564] netlink: 'syz.1.2021': attribute type 2 has an invalid length. [ 229.132591][ T8564] netlink: 'syz.1.2021': attribute type 8 has an invalid length. [ 229.153633][ T8564] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2021'. [ 229.722820][ T8590] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2033'. [ 229.879315][ T8597] loop3: detected capacity change from 0 to 1024 [ 230.292273][ T8615] loop2: detected capacity change from 0 to 1764 [ 230.369765][ T8615] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 230.584151][ T8627] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2049'. [ 231.207120][ T8647] netlink: 45 bytes leftover after parsing attributes in process `syz.0.2059'. [ 231.343405][ T8609] loop1: detected capacity change from 0 to 32768 [ 231.992985][ T3648] Bluetooth: hci1: command 0x0406 tx timeout [ 232.080764][ T27] audit: type=1326 audit(1728526086.635:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.2.2076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 232.142454][ T27] audit: type=1326 audit(1728526086.635:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.2.2076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 232.270668][ T27] audit: type=1326 audit(1728526086.685:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.2.2076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 232.335946][ T27] audit: type=1326 audit(1728526086.685:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.2.2076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 232.425207][ T27] audit: type=1326 audit(1728526086.685:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.2.2076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 232.859809][ T8700] loop2: detected capacity change from 0 to 4096 [ 232.906946][ T8700] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 232.975377][ T8700] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 233.084925][ T8700] ntfs3: loop2: ino=5, "/" The size of extended attributes must not exceed 64KiB [ 233.237558][ T46] ntfs3: loop2: ntfs3_write_inode r=5 failed, -22. [ 233.265843][ T4180] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 233.300357][ T8681] loop0: detected capacity change from 0 to 32768 [ 233.364851][ T8681] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 233.401470][ T8723] loop2: detected capacity change from 0 to 1024 [ 233.421895][ T8681] JBD2: Ignoring recovery information on journal [ 233.469057][ T8724] x_tables: unsorted entry at hook 3 [ 233.553499][ T8723] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 233.613811][ T8723] overlayfs: conflicting options: metacopy=on,redirect_dir=off [ 233.635246][ T8681] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 233.734339][ T8738] ebt_among: src integrity fail: 30a [ 233.748452][ T8736] loop1: detected capacity change from 0 to 4096 [ 233.775026][ T8736] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 233.801501][ T8740] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2101'. [ 233.805083][ T27] audit: type=1800 audit(1728526088.355:52): pid=8681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2073" name="bus" dev="loop0" ino=16946 res=0 errno=0 [ 233.812102][ T4180] EXT4-fs (loop2): unmounting filesystem. [ 234.003983][ T3645] ocfs2: Unmounting device (7,0) on (node local) [ 234.410926][ T8757] SET target dimension over the limit! [ 234.454808][ T8762] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2103'. [ 234.498893][ T8762] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2103'. [ 234.774802][ T8772] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2114'. [ 235.707971][ T8808] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 236.252574][ T6800] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 236.415325][ T27] audit: type=1326 audit(1728526090.975:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 236.488881][ T27] audit: type=1326 audit(1728526090.975:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 236.515473][ T6800] usb 1-1: Using ep0 maxpacket: 32 [ 236.616918][ T27] audit: type=1326 audit(1728526091.005:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 236.670624][ T27] audit: type=1326 audit(1728526091.005:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 236.673557][ T6800] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 236.771256][ T6800] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 236.787367][ T6800] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 236.797920][ T27] audit: type=1326 audit(1728526091.005:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8836 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 236.849925][ T6800] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.868136][ T6800] usb 1-1: config 0 descriptor?? [ 236.927661][ T6800] hub 1-1:0.0: USB hub found [ 237.152563][ T6800] hub 1-1:0.0: config failed, can't read hub descriptor (err -90) [ 237.347413][ T8874] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 237.425852][ T8877] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2167'. [ 237.452718][ T6800] usbhid 1-1:0.0: can't add hid device: -71 [ 237.459700][ T6800] usbhid: probe of 1-1:0.0 failed with error -71 [ 237.534465][ T6800] usb 1-1: USB disconnect, device number 13 [ 237.920817][ T8899] loop2: detected capacity change from 0 to 512 [ 238.019378][ T8897] loop3: detected capacity change from 0 to 4096 [ 238.035030][ T8897] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 238.036239][ T8899] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 238.058859][ T8904] loop1: detected capacity change from 0 to 64 [ 238.086677][ T8897] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 238.100896][ T8899] ext4 filesystem being mounted at /392/file0 supports timestamps until 2038 (0x7fffffff) [ 238.186351][ T8897] ntfs3: loop3: ino=5, "/" The size of extended attributes must not exceed 64KiB [ 238.353326][ T4210] ntfs3: loop3: ntfs3_write_inode r=5 failed, -22. [ 238.375179][ T3642] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 238.446590][ T4180] EXT4-fs (loop2): unmounting filesystem. [ 238.471068][ T8912] loop1: detected capacity change from 0 to 256 [ 238.590122][ T8916] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms [ 238.688388][ T8916] 8021q: adding VLAN 0 to HW filter on device bond2 [ 238.767111][ T8925] loop0: detected capacity change from 0 to 1024 [ 238.862087][ T8925] hfsplus: xattr searching failed [ 239.003959][ T8923] loop3: detected capacity change from 0 to 4096 [ 239.056367][ T8923] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 239.192835][ T8923] ntfs3: loop3: failed to convert "c46c" to euc-jp [ 239.489663][ T8955] mmap: syz.0.2205 (8955) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 240.235056][ T8986] loop2: detected capacity change from 0 to 64 [ 240.238245][ T8987] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2219'. [ 240.436328][ T8993] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 240.610770][ T9001] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 240.683748][ T9001] overlayfs: missing 'lowerdir' [ 240.968204][ T9010] loop1: detected capacity change from 0 to 1024 [ 241.041840][ T9010] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 241.202535][ T9023] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2236'. [ 241.254814][ T4610] EXT4-fs (loop1): unmounting filesystem. [ 241.754485][ T9039] 9pnet_virtio: no channels available for device syz [ 241.869656][ T9041] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2246'. [ 241.884908][ T9036] loop3: detected capacity change from 0 to 4096 [ 241.923572][ T9036] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 242.038944][ T9036] ntfs3: loop3: failed to convert "c46c" to macinuit [ 242.169670][ T8977] loop0: detected capacity change from 0 to 65536 [ 242.327051][ T8977] XFS (loop0): Mounting V5 Filesystem [ 242.414381][ T9064] loop2: detected capacity change from 0 to 256 [ 242.482658][ T8977] XFS (loop0): Ending clean mount [ 242.550163][ T9069] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms [ 242.572242][ T9064] FAT-fs (loop2): Directory bread(block 64) failed [ 242.581094][ T9064] FAT-fs (loop2): Directory bread(block 65) failed [ 242.586776][ T9069] 8021q: adding VLAN 0 to HW filter on device bond3 [ 242.590819][ T9064] FAT-fs (loop2): Directory bread(block 66) failed [ 242.602716][ T9064] FAT-fs (loop2): Directory bread(block 67) failed [ 242.625877][ T27] audit: type=1326 audit(1728526097.185:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9071 comm="syz.4.2256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 242.633823][ T9064] FAT-fs (loop2): Directory bread(block 68) failed [ 242.707379][ T27] audit: type=1326 audit(1728526097.185:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9071 comm="syz.4.2256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 242.753662][ T9064] FAT-fs (loop2): Directory bread(block 69) failed [ 242.760330][ T9064] FAT-fs (loop2): Directory bread(block 70) failed [ 242.812575][ T27] audit: type=1326 audit(1728526097.185:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9071 comm="syz.4.2256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 242.842005][ T9064] FAT-fs (loop2): Directory bread(block 71) failed [ 242.856216][ T9064] FAT-fs (loop2): Directory bread(block 72) failed [ 242.866187][ T9064] FAT-fs (loop2): Directory bread(block 73) failed [ 242.883221][ T27] audit: type=1326 audit(1728526097.185:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9071 comm="syz.4.2256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 243.069498][ T9086] ieee802154 phy0 wpan0: encryption failed: -22 [ 243.271780][ T9095] loop3: detected capacity change from 0 to 256 [ 243.893211][ T9124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2281'. [ 244.489254][ T9148] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms [ 244.619743][ T9148] 8021q: adding VLAN 0 to HW filter on device bond1 [ 244.893119][ T9167] netlink: 'syz.4.2305': attribute type 10 has an invalid length. [ 245.564824][ T27] audit: type=1326 audit(1728526100.125:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9196 comm="syz.3.2319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5776b7dff9 code=0x7ffc0000 [ 245.642271][ T27] audit: type=1326 audit(1728526100.125:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9196 comm="syz.3.2319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f5776b7dff9 code=0x7ffc0000 [ 245.672525][ T9202] netlink: 'syz.4.2321': attribute type 13 has an invalid length. [ 245.691337][ T27] audit: type=1326 audit(1728526100.125:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9196 comm="syz.3.2319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5776b7dff9 code=0x7ffc0000 [ 245.716223][ T27] audit: type=1326 audit(1728526100.125:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9196 comm="syz.3.2319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5776b7dff9 code=0x7ffc0000 [ 245.780216][ T9205] loop3: detected capacity change from 0 to 256 [ 245.843769][ T9205] FAT-fs (loop3): Directory bread(block 64) failed [ 245.869069][ T9205] FAT-fs (loop3): Directory bread(block 65) failed [ 245.886129][ T9205] FAT-fs (loop3): Directory bread(block 66) failed [ 245.912666][ T9205] FAT-fs (loop3): Directory bread(block 67) failed [ 245.944708][ T9205] FAT-fs (loop3): Directory bread(block 68) failed [ 245.960159][ T9205] FAT-fs (loop3): Directory bread(block 69) failed [ 245.980439][ T9205] FAT-fs (loop3): Directory bread(block 70) failed [ 245.990620][ T9213] loop1: detected capacity change from 0 to 512 [ 245.997390][ T9205] FAT-fs (loop3): Directory bread(block 71) failed [ 246.027238][ T9213] EXT4-fs error (device loop1): __ext4_fill_super:5399: inode #2: comm syz.1.2327: casefold flag without casefold feature [ 246.071805][ T9205] FAT-fs (loop3): Directory bread(block 72) failed [ 246.110275][ T9205] FAT-fs (loop3): Directory bread(block 73) failed [ 246.132849][ T9213] EXT4-fs (loop1): get root inode failed [ 246.138536][ T9213] EXT4-fs (loop1): mount failed [ 246.574447][ T9203] loop2: detected capacity change from 0 to 40427 [ 246.608278][ T9203] F2FS-fs (loop2): invalid crc value [ 246.676739][ T9203] F2FS-fs (loop2): Found nat_bits in checkpoint [ 246.682880][ T9232] netlink: 708 bytes leftover after parsing attributes in process `syz.1.2335'. [ 246.683285][ T9231] Cannot find add_set index 0 as target [ 246.812314][ T9203] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 247.060764][ T9245] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 247.185280][ T4180] syz-executor: attempt to access beyond end of device [ 247.185280][ T4180] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 247.309376][ T9249] loop1: detected capacity change from 0 to 2048 [ 247.407222][ T9249] loop1: p1 < > p3 p4 < > [ 247.443066][ T9249] loop1: p3 start 4284289 is beyond EOD, truncated [ 247.467773][ T9257] binfmt_misc: register: failed to install interpreter file ./file0 [ 247.793824][ T3862] udevd[3862]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 247.808109][ T3633] udevd[3633]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 248.195598][ T9283] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2360'. [ 248.418569][ T9295] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2365'. [ 248.904138][ T9316] loop3: detected capacity change from 0 to 8 [ 249.485649][ T22] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 249.657245][ T9349] loop1: detected capacity change from 0 to 4096 [ 249.680283][ T9349] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 249.816872][ T9349] ntfs3: loop1: failed to convert "c46c" to macinuit [ 250.015803][ T9360] netlink: 'syz.3.2399': attribute type 32 has an invalid length. [ 250.042741][ T22] usb 3-1: New USB device found, idVendor=0547, idProduct=2727, bcdDevice=c8.d3 [ 250.051834][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.088200][ T22] usb 3-1: Product: syz [ 250.098259][ T22] usb 3-1: Manufacturer: syz [ 250.113484][ T22] usb 3-1: SerialNumber: syz [ 250.153877][ T22] usb 3-1: config 0 descriptor?? [ 250.188823][ T9366] blktrace: Concurrent blktraces are not allowed on loop0 [ 250.248888][ T9368] loop3: detected capacity change from 0 to 64 [ 250.400895][ T27] audit: type=1326 audit(1728526104.955:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9371 comm="syz.1.2404" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x0 [ 250.443068][ T22] cdc_subset: probe of 3-1:0.0 failed with error -22 [ 250.523456][ T48] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 250.537369][ T48] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 250.545975][ T48] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 250.556362][ T48] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 250.568197][ T48] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 250.579892][ T48] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 250.593412][ T9376] netlink: 'syz.3.2405': attribute type 5 has an invalid length. [ 250.646055][ T22] usb 3-1: USB disconnect, device number 8 [ 250.710124][ T9373] lo speed is unknown, defaulting to 1000 [ 250.714342][ T9382] loop1: detected capacity change from 0 to 256 [ 251.223166][ T9373] chnl_net:caif_netlink_parms(): no params data found [ 251.440694][ T9373] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.502849][ T9403] loop2: detected capacity change from 0 to 512 [ 251.511836][ T9373] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.596224][ T9373] device bridge_slave_0 entered promiscuous mode [ 251.612642][ T9403] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.2415: casefold flag without casefold feature [ 251.643088][ T9403] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.2415: couldn't read orphan inode 15 (err -117) [ 251.703381][ T9373] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.714732][ T9403] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 251.734250][ T9373] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.754458][ T9373] device bridge_slave_1 entered promiscuous mode [ 251.848286][ T4180] EXT4-fs (loop2): unmounting filesystem. [ 251.920135][ T9373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 251.961816][ T9373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.094847][ T9373] team0: Port device team_slave_0 added [ 252.111918][ T9373] team0: Port device team_slave_1 added [ 252.232148][ T9373] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.256517][ T9373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.392622][ T9373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.441617][ T9373] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.462503][ T9373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.559177][ T9373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 252.612670][ T9431] netlink: 'syz.1.2429': attribute type 10 has an invalid length. [ 252.630837][ T9431] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2429'. [ 252.642537][ T48] Bluetooth: hci6: command tx timeout [ 252.657921][ T9381] loop3: detected capacity change from 0 to 65536 [ 252.664545][ T9431] device hsr0 entered promiscuous mode [ 252.671834][ T9431] bridge0: port 3(hsr0) entered blocking state [ 252.683729][ T9431] bridge0: port 3(hsr0) entered disabled state [ 252.738464][ T9381] XFS (loop3): Mounting V5 Filesystem [ 252.777747][ T9381] XFS (loop3): Ending clean mount [ 252.784510][ T9373] device hsr_slave_0 entered promiscuous mode [ 252.865672][ T9373] device hsr_slave_1 entered promiscuous mode [ 252.894234][ T9373] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 252.904724][ T9445] loop2: detected capacity change from 0 to 256 [ 252.918879][ T9373] Cannot create hsr debugfs directory [ 252.929880][ T9447] loop1: detected capacity change from 0 to 256 [ 252.950808][ T9445] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 253.234990][ T9451] netlink: 'syz.2.2434': attribute type 1 has an invalid length. [ 253.283222][ T9451] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2434'. [ 253.417178][ T9373] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.592813][ T6797] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 253.621289][ T9373] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.647663][ T9463] usb usb8: usbfs: process 9463 (syz.4.2441) did not claim interface 0 before use [ 253.776383][ T9373] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.807219][ T9468] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2444'. [ 253.856696][ T6797] usb 2-1: Using ep0 maxpacket: 8 [ 253.997617][ T6797] usb 2-1: config 135 has an invalid interface number: 230 but max is 0 [ 254.011963][ T9373] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.024883][ T6797] usb 2-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 254.064704][ T6797] usb 2-1: config 135 has no interface number 0 [ 254.082107][ T6797] usb 2-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 254.099373][ T6797] usb 2-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 254.113833][ T6797] usb 2-1: config 135 interface 230 has no altsetting 0 [ 254.290872][ T6797] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 254.333043][ T6797] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.341275][ T6797] usb 2-1: Product: syz [ 254.369924][ T6797] usb 2-1: Manufacturer: syz [ 254.393282][ T6797] usb 2-1: SerialNumber: syz [ 254.442882][ T9373] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 254.454433][ T9373] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 254.473004][ T6797] usb 2-1: Found UVC 0.00 device syz (18ec:3288) [ 254.479749][ T6797] usb 2-1: No valid video chain found. [ 254.498091][ T9373] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 254.530027][ T9373] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 254.531795][ T9491] xt_recent: Unsupported userspace flags (00000064) [ 254.570676][ T9493] loop2: detected capacity change from 0 to 64 [ 254.653321][ T9373] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.694917][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 254.712504][ T48] Bluetooth: hci6: command tx timeout [ 254.719093][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 254.736393][ T22] usb 2-1: USB disconnect, device number 11 [ 254.741768][ T9373] 8021q: adding VLAN 0 to HW filter on device team0 [ 254.818438][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 254.835516][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 254.860550][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.867742][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 254.892912][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 254.901495][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 254.910836][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 254.921455][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.928618][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 254.938359][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 254.973706][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 254.983575][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 255.000124][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 255.010175][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 255.019960][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 255.029526][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 255.039000][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 255.048495][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 255.057744][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 255.071338][ T9373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 255.080582][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 255.142975][ T6799] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 255.484745][ T4210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 255.514234][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.520602][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.527953][ T4210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 255.560961][ T9373] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 255.598743][ T9519] netlink: 'syz.4.2468': attribute type 26 has an invalid length. [ 255.640332][ T4210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 255.659815][ T4210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 255.679176][ T9521] loop1: detected capacity change from 0 to 256 [ 255.725779][ T6799] usb 3-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64 [ 255.744887][ T6799] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.750237][ T9373] device veth0_vlan entered promiscuous mode [ 255.772412][ T6799] usb 3-1: Product: syz [ 255.776623][ T6799] usb 3-1: Manufacturer: syz [ 255.789188][ T6799] usb 3-1: SerialNumber: syz [ 255.796470][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 255.805168][ T6799] usb 3-1: config 0 descriptor?? [ 255.840332][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 255.850214][ T6799] hub 3-1:0.0: bad descriptor, ignoring hub [ 255.864792][ T6799] hub: probe of 3-1:0.0 failed with error -5 [ 255.871472][ T6799] f81232 3-1:0.0: f81534a converter detected [ 255.893630][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 255.901474][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 255.964762][ T9373] device veth1_vlan entered promiscuous mode [ 256.042090][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 256.054310][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 256.063167][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 256.071853][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 256.082393][ T9373] device veth0_macvtap entered promiscuous mode [ 256.094836][ T9373] device veth1_macvtap entered promiscuous mode [ 256.107191][ T6799] usb 3-1: f81534a converter now attached to ttyUSB0 [ 256.121788][ T9529] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2472'. [ 256.162142][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.229724][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.249068][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.260318][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.270738][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.281819][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.332974][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.352669][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.362967][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.373434][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.392807][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.405820][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.421850][ T9373] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 256.440256][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 256.460625][ T6799] usb 3-1: USB disconnect, device number 9 [ 256.473304][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 256.484164][ T6799] f81534a ttyUSB0: f81534a converter now disconnected from ttyUSB0 [ 256.496080][ T6799] f81232 3-1:0.0: device disconnected [ 256.501706][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 256.519250][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 256.533535][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.549140][ T9541] loop1: detected capacity change from 0 to 8 [ 256.564222][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.574271][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.615673][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.626683][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.645757][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.659500][ T9541] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 256.667266][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.688258][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.708665][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.720397][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.747498][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.758453][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.773846][ T9373] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.786346][ T9373] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.796220][ T48] Bluetooth: hci6: command tx timeout [ 256.805784][ T9373] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.814628][ T9373] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.823545][ T9373] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.842136][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 256.865041][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 256.993578][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.009996][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.048472][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 257.139299][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.172692][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.201847][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 257.446300][ T9565] xt_nfacct: accounting object `syz1' does not exists [ 258.115713][ T9593] overlayfs: unrecognized mount option "y^\@\+\" or missing value [ 258.280514][ T9597] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2505'. [ 258.312921][ T9597] unsupported nlmsg_type 40 [ 258.872845][ T48] Bluetooth: hci6: command tx timeout [ 259.031094][ T9625] loop1: detected capacity change from 0 to 1764 [ 259.583221][ T9643] xt_l2tp: missing protocol rule (udp|l2tpip) [ 259.982617][ T27] audit: type=1326 audit(1728526114.535:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9656 comm="syz.2.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 260.024481][ T6799] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 260.054344][ T27] audit: type=1326 audit(1728526114.535:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9656 comm="syz.2.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 260.078590][ T27] audit: type=1326 audit(1728526114.575:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9656 comm="syz.2.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 260.139945][ T27] audit: type=1326 audit(1728526114.575:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9656 comm="syz.2.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 260.211425][ T27] audit: type=1326 audit(1728526114.575:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9656 comm="syz.2.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 260.322503][ T6799] usb 2-1: Using ep0 maxpacket: 32 [ 260.522545][ T4424] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 260.592642][ T22] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 260.617928][ T120] block nbd4: Attempted send on invalid socket [ 260.624864][ T120] I/O error, dev nbd4, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 260.642761][ T6799] usb 2-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 260.651891][ T6799] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.660405][ T6799] usb 2-1: Product: syz [ 260.664960][ T6799] usb 2-1: Manufacturer: syz [ 260.669576][ T6799] usb 2-1: SerialNumber: syz [ 260.676348][ T6799] usb 2-1: config 0 descriptor?? [ 260.832483][ T22] usb 3-1: Using ep0 maxpacket: 8 [ 260.888669][ T4424] usb 1-1: config 0 has an invalid interface number: 216 but max is 0 [ 260.905612][ T4424] usb 1-1: config 0 has no interface number 0 [ 260.911905][ T4424] usb 1-1: config 0 interface 216 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 260.936459][ T4424] usb 1-1: config 0 interface 216 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 260.960737][ T9686] device ip6tnl1 entered promiscuous mode [ 260.972820][ T22] usb 3-1: config 0 has an invalid interface number: 191 but max is 0 [ 260.982611][ T22] usb 3-1: config 0 has no interface number 0 [ 260.988742][ T22] usb 3-1: config 0 interface 191 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 261.071146][ T3658] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 261.102798][ T3658] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 261.113884][ T3658] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 261.122990][ T4424] usb 1-1: New USB device found, idVendor=0499, idProduct=1002, bcdDevice=df.d7 [ 261.134112][ T4424] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.142247][ T3658] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 261.150818][ T4424] usb 1-1: Product: syz [ 261.155518][ T3658] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 261.163436][ T4424] usb 1-1: Manufacturer: syz [ 261.168845][ T3648] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 261.168850][ T4424] usb 1-1: SerialNumber: syz [ 261.175970][ T22] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=b6.36 [ 261.190290][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.194721][ T6799] peak_usb 2-1:0.0 can0: unable to request usb[type=0 value=0] err=-71 [ 261.199700][ T4424] usb 1-1: config 0 descriptor?? [ 261.211837][ T22] usb 3-1: Product: syz [ 261.216084][ T22] usb 3-1: Manufacturer: syz [ 261.220701][ T22] usb 3-1: SerialNumber: syz [ 261.256362][ T22] usb 3-1: config 0 descriptor?? [ 261.257615][ T6799] peak_usb 2-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71) [ 261.321371][ T22] em28xx 3-1:0.191: New device syz syz @ 480 Mbps (0413:6023, interface 191, class 191) [ 261.343773][ T4424] snd-usb-audio: probe of 1-1:0.216 failed with error -2 [ 261.360590][ T9687] lo speed is unknown, defaulting to 1000 [ 261.366537][ T22] em28xx 3-1:0.191: Video interface 191 found: [ 261.385659][ T6799] peak_usb: probe of 2-1:0.0 failed with error -71 [ 261.396585][ T3862] udevd[3862]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.216/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 261.429345][ T6799] usb 2-1: USB disconnect, device number 12 [ 261.540735][ T14] usb 1-1: USB disconnect, device number 14 [ 261.732564][ T22] em28xx 3-1:0.191: unknown em28xx chip ID (0) [ 261.872651][ T22] em28xx 3-1:0.191: failed to trigger read from i2c address 0xa0 (error=-5) [ 261.882195][ T22] em28xx 3-1:0.191: board has no eeprom [ 261.993915][ T22] em28xx 3-1:0.191: Identified as Leadtek Winfast USB II (card=7) [ 262.001804][ T22] em28xx 3-1:0.191: analog set to bulk mode. [ 262.028798][ T22] usb 3-1: USB disconnect, device number 10 [ 262.035696][ T22] em28xx 3-1:0.191: Disconnecting em28xx [ 262.041976][ T4430] em28xx 3-1:0.191: Registering V4L2 extension [ 262.215475][ T9687] chnl_net:caif_netlink_parms(): no params data found [ 262.525614][ T4430] em28xx 3-1:0.191: Config register raw data: 0xffffffed [ 262.542460][ T4430] em28xx 3-1:0.191: AC97 chip type couldn't be determined [ 262.549704][ T4430] em28xx 3-1:0.191: No AC97 audio processor [ 262.565929][ T4430] usb 3-1: Decoder not found [ 262.570565][ T4430] em28xx 3-1:0.191: failed to create media graph [ 262.577170][ T4430] em28xx 3-1:0.191: V4L2 device video71 deregistered [ 262.592516][ T4430] em28xx 3-1:0.191: Remote control support is not available for this card. [ 262.615381][ T22] em28xx 3-1:0.191: Closing input extension [ 262.650711][ T9687] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.664967][ T22] em28xx 3-1:0.191: Freeing device [ 262.670278][ T9687] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.698253][ T9687] device bridge_slave_0 entered promiscuous mode [ 262.723704][ T9687] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.734991][ T9687] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.773720][ T9687] device bridge_slave_1 entered promiscuous mode [ 262.890697][ T9687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.922104][ T9687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 263.004714][ T9731] team0: Port device team_slave_0 removed [ 263.023737][ T9731] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 263.052489][ T22] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 263.152197][ T9687] team0: Port device team_slave_0 added [ 263.183374][ T9687] team0: Port device team_slave_1 added [ 263.192647][ T3648] Bluetooth: hci7: command tx timeout [ 263.324106][ T9687] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 263.355110][ T9687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.416558][ T9687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 263.446417][ T9687] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 263.453861][ T22] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 263.471843][ T22] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 263.481404][ T9687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.518044][ T22] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 263.540251][ T22] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 263.550542][ T22] usb 3-1: config 1 has no interface number 0 [ 263.557082][ T9687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 263.568080][ T22] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d6.01 [ 263.589450][ T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.666181][ T22] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 263.739657][ T9687] device hsr_slave_0 entered promiscuous mode [ 263.806058][ T9687] device hsr_slave_1 entered promiscuous mode [ 263.818260][ T9687] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 263.852450][ T9687] Cannot create hsr debugfs directory [ 263.873615][ T9764] loop1: detected capacity change from 0 to 8 [ 263.882834][ T22] snd_usb_pod 3-1:1.1: endpoint not available, using fallback values [ 263.911659][ T22] snd_usb_pod 3-1:1.1: invalid control EP [ 263.921568][ T22] snd_usb_pod 3-1:1.1: cannot start listening: -22 [ 263.941440][ T9764] SQUASHFS error: zlib decompression failed, data probably corrupt [ 263.961512][ T9764] SQUASHFS error: Failed to read block 0x9b: -5 [ 263.964201][ T22] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 263.998149][ T9764] SQUASHFS error: Unable to read metadata cache entry [99] [ 264.016544][ T9764] SQUASHFS error: Unable to read inode 0x127 [ 264.020173][ T22] snd_usb_pod: probe of 3-1:1.1 failed with error -22 [ 264.226090][ T14] usb 3-1: USB disconnect, device number 11 [ 264.417285][ T9687] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.591229][ T9784] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on. [ 264.635618][ T9784] overlayfs: overlapping lowerdir path [ 264.646812][ T9687] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.826166][ T9687] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.149493][ T9802] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2601'. [ 265.205796][ T9806] netlink: 1041 bytes leftover after parsing attributes in process `syz.1.2603'. [ 265.282718][ T3648] Bluetooth: hci7: command tx timeout [ 265.368028][ T9687] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 265.397546][ T9687] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 265.455341][ T9687] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 265.487379][ T9687] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 265.730681][ T9820] loop1: detected capacity change from 0 to 4096 [ 265.782648][ T9687] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.825702][ T9820] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 2) do not match. Run ntfsfix or chkdsk. [ 265.845251][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 265.873978][ T9820] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 265.889414][ T9820] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 265.891807][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 265.907763][ T9820] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 265.951680][ T9820] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 266.007156][ T9687] 8021q: adding VLAN 0 to HW filter on device team0 [ 266.019544][ T9832] loop2: detected capacity change from 0 to 512 [ 266.031057][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 266.040418][ T9820] ntfs: volume version 3.1. [ 266.045372][ T9820] ntfs: (device loop1): ntfs_read_locked_inode(): Inode is not in use! [ 266.053851][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 266.061955][ T9820] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 266.075665][ T3711] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.082842][ T3711] bridge0: port 1(bridge_slave_0) entered forwarding state [ 266.102683][ T9820] ntfs: (device loop1): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 266.107902][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 266.141500][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 266.153479][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 266.168959][ T3711] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.176127][ T3711] bridge0: port 2(bridge_slave_1) entered forwarding state [ 266.198032][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 266.211073][ T9832] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 266.226534][ T9820] ntfs: (device loop1): ntfs_read_locked_inode(): $INDEX_ROOT attribute is missing. [ 266.241607][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 266.249837][ T9832] ext4 filesystem being mounted at /479/bus supports timestamps until 2038 (0x7fffffff) [ 266.261366][ T9820] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 266.270520][ T3686] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 266.304838][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 266.362777][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 266.381874][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 266.446534][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 266.454694][ T4180] EXT4-fs (loop2): unmounting filesystem. [ 266.473238][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 266.526891][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 266.559572][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 266.589772][ T9687] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 266.602656][ T3686] usb 1-1: Using ep0 maxpacket: 32 [ 266.644266][ T9687] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 266.654814][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 266.677752][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 266.785627][ T9853] xt_TCPMSS: Only works on TCP SYN packets [ 266.893188][ T3686] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 266.921303][ T3686] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.948591][ T3686] usb 1-1: Product: syz [ 266.953666][ T3686] usb 1-1: Manufacturer: syz [ 266.958297][ T3686] usb 1-1: SerialNumber: syz [ 266.980751][ T3686] usb 1-1: config 0 descriptor?? [ 267.036536][ T3686] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 267.046381][ T9861] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 267.171851][ T9866] loop2: detected capacity change from 0 to 512 [ 267.249000][ T9866] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 267.352715][ T3648] Bluetooth: hci7: command tx timeout [ 267.385018][ T9866] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #16: comm syz.2.2630: iget: bad extended attribute block 128 [ 267.400299][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 267.416245][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 267.431576][ T9866] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.2630: couldn't read orphan inode 16 (err -117) [ 267.459471][ T9687] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 267.472618][ T3686] gspca_stk1135: reg_w 0x0 err -71 [ 267.479010][ T3686] gspca_stk1135: serial bus timeout: status=0x00 [ 267.496113][ T3686] gspca_stk1135: Sensor write failed [ 267.511750][ T3686] gspca_stk1135: serial bus timeout: status=0x00 [ 267.518554][ T9866] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 267.518658][ T9866] ext4 filesystem being mounted at /483/file1 supports timestamps until 2038 (0x7fffffff) [ 267.584712][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 267.592389][ T3686] gspca_stk1135: Sensor write failed [ 267.606951][ T3686] gspca_stk1135: serial bus timeout: status=0x00 [ 267.614609][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 267.626237][ T9866] EXT4-fs error (device loop2): ext4_acquire_dquot:6800: comm syz.2.2630: Failed to acquire dquot type 1 [ 267.632460][ T3686] gspca_stk1135: Sensor read failed [ 267.667328][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 267.678848][ T3686] gspca_stk1135: serial bus timeout: status=0x00 [ 267.697804][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 267.727417][ T3686] gspca_stk1135: Sensor read failed [ 267.737948][ T3686] gspca_stk1135: Detected sensor type unknown (0x0) [ 267.747196][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 267.772735][ T3686] gspca_stk1135: serial bus timeout: status=0x00 [ 267.782888][ T3686] gspca_stk1135: Sensor read failed [ 267.788159][ T3686] gspca_stk1135: serial bus timeout: status=0x00 [ 267.796379][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 267.806777][ T3686] gspca_stk1135: Sensor read failed [ 267.810115][ T9687] device veth0_vlan entered promiscuous mode [ 267.812005][ T3686] gspca_stk1135: serial bus timeout: status=0x00 [ 267.844087][ T9687] device veth1_vlan entered promiscuous mode [ 267.860682][ T3686] gspca_stk1135: Sensor write failed [ 267.870866][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 267.887043][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 267.895033][ T3686] gspca_stk1135: serial bus timeout: status=0x00 [ 267.901724][ T3686] gspca_stk1135: Sensor write failed [ 267.917915][ T3686] stk1135: probe of 1-1:0.0 failed with error -71 [ 267.937464][ T3686] usb 1-1: USB disconnect, device number 15 [ 267.947221][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 267.970973][ T4180] EXT4-fs (loop2): unmounting filesystem. [ 267.985852][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 268.004923][ T9687] device veth0_macvtap entered promiscuous mode [ 268.069261][ T9687] device veth1_macvtap entered promiscuous mode [ 268.161922][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.199604][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.250169][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.281934][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.302493][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.352647][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.391003][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.462459][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.479961][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.500879][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.524974][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.561297][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.613878][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.652145][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.708694][ T9687] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 268.754025][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 268.793876][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 268.811329][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 268.851639][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 268.880521][ T9910] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2650'. [ 268.890238][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.912493][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.948094][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.041630][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.092431][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.111487][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.135801][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.152331][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.165901][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.212438][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.224201][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.235999][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.255509][ T9687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.288771][ T9687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.311613][ T9687] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 269.382701][ T9922] netlink: 124 bytes leftover after parsing attributes in process `syz.0.2656'. [ 269.391810][ T9922] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2656'. [ 269.421407][ T4210] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 269.432754][ T3648] Bluetooth: hci7: command tx timeout [ 269.448323][ T4210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 269.505008][ T9687] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.532419][ T9687] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.559252][ T9687] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.600387][ T9687] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.846640][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.882514][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.929549][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 269.971430][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.983561][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 270.037068][ T3711] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 270.047194][ T9944] loop2: detected capacity change from 0 to 512 [ 270.197851][ T9944] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 270.224147][ T9944] ext4 filesystem being mounted at /494/file1 supports timestamps until 2038 (0x7fffffff) [ 270.581940][ T4180] EXT4-fs (loop2): unmounting filesystem. [ 270.622612][ T4438] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 270.876711][ T4438] usb 4-1: Using ep0 maxpacket: 32 [ 270.939265][ T9964] loop2: detected capacity change from 0 to 512 [ 270.992682][ T4438] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175 [ 271.006850][ T9964] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 271.026958][ T9964] ext4 filesystem being mounted at /496/file0 supports timestamps until 2038 (0x7fffffff) [ 271.212643][ T4438] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16 [ 271.231919][ T4438] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.258042][ T4180] EXT4-fs (loop2): unmounting filesystem. [ 271.262275][ T4438] usb 4-1: Product: syz [ 271.268600][ T4438] usb 4-1: Manufacturer: syz [ 271.302667][ T4438] usb 4-1: SerialNumber: syz [ 271.329658][ T4438] usb 4-1: config 0 descriptor?? [ 271.383007][ T9954] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 271.493995][ T4438] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 271.632944][ T4438] usb 4-1: USB disconnect, device number 8 [ 271.642686][ T3700] usb 4-1: Failed to submit usb control message: -71 [ 271.650067][ T3700] usb 4-1: unable to send the bmi data to the device: -71 [ 271.682650][ T3700] usb 4-1: unable to get target info from device [ 271.704687][ T3700] usb 4-1: could not get target info (-71) [ 271.731516][ T3700] usb 4-1: could not probe fw (-71) [ 272.026770][ T9997] loop2: detected capacity change from 0 to 256 [ 272.090680][ T9997] FAT-fs (loop2): Directory bread(block 64) failed [ 272.119399][ T9997] FAT-fs (loop2): Directory bread(block 65) failed [ 272.153999][ T9997] FAT-fs (loop2): Directory bread(block 66) failed [ 272.160838][ T9997] FAT-fs (loop2): Directory bread(block 67) failed [ 272.168066][ T9997] FAT-fs (loop2): Directory bread(block 68) failed [ 272.175282][ T9997] FAT-fs (loop2): Directory bread(block 69) failed [ 272.182084][ T9997] FAT-fs (loop2): Directory bread(block 70) failed [ 272.214169][ T9997] FAT-fs (loop2): Directory bread(block 71) failed [ 272.229824][ T9997] FAT-fs (loop2): Directory bread(block 72) failed [ 272.271146][ T9997] FAT-fs (loop2): Directory bread(block 73) failed [ 272.750435][T10021] tmpfs: Bad value for 'mpol' [ 272.919783][ T120] block nbd2: Attempted send on invalid socket [ 272.926183][ T120] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 272.935839][T10025] (syz.2.2703,10025,0):ocfs2_get_sector:1771 ERROR: status = -5 [ 272.945126][T10025] (syz.2.2703,10025,0):ocfs2_sb_probe:749 ERROR: status = -5 [ 272.952923][T10025] (syz.2.2703,10025,0):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 272.961631][T10025] (syz.2.2703,10025,0):ocfs2_fill_super:1176 ERROR: status = -5 [ 273.015717][T10029] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2706'. [ 273.174445][T10035] loop1: detected capacity change from 0 to 512 [ 273.330879][T10044] QAT: Invalid ioctl 1075883590 [ 273.364315][T10035] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 273.376264][T10047] loop2: detected capacity change from 0 to 128 [ 273.399131][T10044] QAT: Invalid ioctl 1075883590 [ 273.405040][T10035] ext4 filesystem being mounted at /531/file0 supports timestamps until 2038 (0x7fffffff) [ 273.430351][T10044] QAT: Invalid ioctl 1075883590 [ 273.470705][T10044] QAT: Invalid ioctl 1075883590 [ 273.496132][T10044] QAT: Invalid ioctl 1075883590 [ 273.501085][T10044] QAT: Invalid ioctl 1075883590 [ 273.527358][T10044] QAT: Invalid ioctl 1075883590 [ 273.532341][T10044] QAT: Invalid ioctl 1075883590 [ 273.548346][T10044] QAT: Invalid ioctl 1075883590 [ 273.559622][T10044] QAT: Invalid ioctl 1075883590 [ 273.572279][ T4610] EXT4-fs (loop1): unmounting filesystem. [ 273.741309][T10057] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2718'. [ 273.802768][ T22] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 273.889710][T10063] loop2: detected capacity change from 0 to 4096 [ 273.897101][T10063] __ntfs_warning: 2 callbacks suppressed [ 273.897118][T10063] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 273.977168][T10063] ntfs: volume version 3.1. [ 274.322711][ T22] usb 4-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=b5.55 [ 274.339550][ T22] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.351192][T10075] loop1: detected capacity change from 0 to 136 [ 274.371222][ T22] usb 4-1: Product: syz [ 274.401102][ T22] usb 4-1: Manufacturer: syz [ 274.422798][ T22] usb 4-1: SerialNumber: syz [ 274.430394][T10079] netlink: 'syz.4.2728': attribute type 10 has an invalid length. [ 274.457723][ T22] usb 4-1: config 0 descriptor?? [ 274.512768][T10079] device ipvlan1 entered promiscuous mode [ 274.525293][ T22] gspca_main: sonixb-2.14.0 probing 0c45:60a8 [ 274.532469][T10079] batman_adv: batadv0: Adding interface: ipvlan1 [ 274.541058][T10079] batman_adv: batadv0: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 274.578785][T10079] batman_adv: batadv0: Not using interface ipvlan1 (retrying later): interface not active [ 274.962523][ T22] sonixb 4-1:0.0: Error writing register 01: -71 [ 274.977048][ T22] sonixb: probe of 4-1:0.0 failed with error -71 [ 275.012096][ T22] usb 4-1: USB disconnect, device number 9 [ 275.666570][T10121] netlink: 'syz.2.2747': attribute type 10 has an invalid length. [ 275.724009][T10121] device ipvlan1 entered promiscuous mode [ 275.731570][T10121] batman_adv: batadv0: Adding interface: ipvlan1 [ 275.762212][T10121] batman_adv: batadv0: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.834947][ T27] audit: type=1326 audit(1728526130.395:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.3.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6edd97dff9 code=0x7ffc0000 [ 275.867912][T10089] loop1: detected capacity change from 0 to 32768 [ 275.882536][T10121] batman_adv: batadv0: Not using interface ipvlan1 (retrying later): interface not active [ 275.895225][ T27] audit: type=1326 audit(1728526130.425:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.3.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f6edd97dff9 code=0x7ffc0000 [ 275.935864][T10089] ERROR: (device loop1): diAllocBit: iag inconsistent [ 275.935864][T10089] [ 275.976563][T10089] ialloc: diAlloc returned -5! [ 276.070649][ T27] audit: type=1326 audit(1728526130.425:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.3.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6edd97dff9 code=0x7ffc0000 [ 276.169481][ T27] audit: type=1326 audit(1728526130.425:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.3.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6edd97dff9 code=0x7ffc0000 [ 276.531709][T10147] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 276.599735][T10147] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 276.865626][T10158] ebt_among: wrong size: 1048 against expected 1006634004, rounded to 1006634008 [ 277.146280][T10168] loop2: detected capacity change from 0 to 512 [ 277.212795][T10168] EXT4-fs (loop2): 1 truncate cleaned up [ 277.218524][T10168] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 277.401570][ T4180] EXT4-fs (loop2): unmounting filesystem. [ 277.901392][T10197] loop1: detected capacity change from 0 to 4096 [ 277.962457][T10197] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 278.033214][T10197] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 278.581885][T10214] loop1: detected capacity change from 0 to 2048 [ 278.664130][T10219] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 278.710005][T10214] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 278.750078][T10214] Remounting filesystem read-only [ 278.762057][T10214] NILFS error (device loop1): nilfs_bmap_last_key: broken bmap (inode number=16) [ 278.812644][T10214] NILFS (loop1): error -5 truncating bmap (ino=16) [ 278.931124][ T4610] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 278.967519][ T4610] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 278.992743][ T4610] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 279.031423][ T4610] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 279.070639][ T4610] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 279.100935][ T4610] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 279.569697][T10246] binder: 10245:10246 ioctl c0046209 0 returned -22 [ 279.717046][T10250] dlm: no locking on control device [ 279.988219][T10264] sctp: [Deprecated]: syz.4.2817 (pid 10264) Use of int in max_burst socket option. [ 279.988219][T10264] Use struct sctp_assoc_value instead [ 280.162193][T10262] loop2: detected capacity change from 0 to 4096 [ 280.198296][T10262] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 280.215103][T10272] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2822'. [ 280.276507][T10262] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 280.788829][T10295] overlayfs: missing 'lowerdir' [ 282.285541][T10359] ieee802154 phy0 wpan0: encryption failed: -90 [ 282.612910][T10377] x_tables: duplicate entry at hook 2 [ 282.822692][ T4430] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 283.072601][ T4430] usb 1-1: Using ep0 maxpacket: 16 [ 283.202826][ T4430] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 283.211464][T10399] mkiss: ax0: crc mode is auto. [ 283.230429][ T4430] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 283.295557][ T4430] usb 1-1: config 0 interface 0 has no altsetting 0 [ 283.492697][ T4430] usb 1-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 283.547486][ T4430] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.580570][ T4430] usb 1-1: Product: syz [ 283.585287][ T4430] usb 1-1: Manufacturer: syz [ 283.589918][ T4430] usb 1-1: SerialNumber: syz [ 283.657076][ T4430] usb 1-1: config 0 descriptor?? [ 283.915330][ T4430] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input12 [ 283.949451][T10429] netlink: 'syz.1.2899': attribute type 21 has an invalid length. [ 284.128848][ T4745] usb 1-1: USB disconnect, device number 16 [ 284.168173][ T3077] synaptics_usb 1-1:0.0: synusb_open - usb_submit_urb failed, error: -19 [ 284.413665][ T6799] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 284.813548][ T6799] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 284.862610][ T6799] usb 3-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.2f [ 284.892139][ T6799] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.934696][ T6799] usb 3-1: config 0 descriptor?? [ 284.997989][ T6799] rndis_wlan: probe of 3-1:0.0 failed with error -22 [ 285.008769][T10458] netlink: 'syz.3.2915': attribute type 10 has an invalid length. [ 285.012953][ T6799] rndis_host: probe of 3-1:0.0 failed with error -22 [ 285.042925][ T6799] cdc_acm 3-1:0.0: Control and data interfaces are not separated! [ 285.091569][ T6799] cdc_acm 3-1:0.0: This needs exactly 3 endpoints [ 285.097707][T10458] 8021q: adding VLAN 0 to HW filter on device team0 [ 285.111901][ T6799] cdc_acm: probe of 3-1:0.0 failed with error -22 [ 285.126291][T10458] bond0: (slave team0): Enslaving as an active interface with an up link [ 285.218734][ T14] usb 3-1: USB disconnect, device number 12 [ 285.395620][T10470] netlink: 300 bytes leftover after parsing attributes in process `syz.3.2920'. [ 285.993830][T10459] loop1: detected capacity change from 0 to 32768 [ 286.105664][T10459] JBD2: Ignoring recovery information on journal [ 286.213475][T10459] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 286.291118][T10492] xt_nfacct: accounting object `sy' does not exists [ 286.350344][T10497] lo speed is unknown, defaulting to 1000 [ 286.400440][T10497] lo speed is unknown, defaulting to 1000 [ 286.450679][T10497] lo speed is unknown, defaulting to 1000 [ 286.487705][T10497] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 286.556861][T10497] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 286.577649][ T4610] ocfs2: Unmounting device (7,1) on (node local) [ 286.682050][T10497] lo speed is unknown, defaulting to 1000 [ 286.704108][T10497] lo speed is unknown, defaulting to 1000 [ 286.743300][T10497] lo speed is unknown, defaulting to 1000 [ 286.763654][T10497] lo speed is unknown, defaulting to 1000 [ 286.803903][T10497] lo speed is unknown, defaulting to 1000 [ 286.823792][T10497] lo speed is unknown, defaulting to 1000 [ 286.830701][T10497] lo speed is unknown, defaulting to 1000 [ 286.863757][T10497] lo speed is unknown, defaulting to 1000 [ 287.151364][T10518] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2945'. [ 287.191313][T10523] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 287.198640][T10523] IPv6: NLM_F_CREATE should be set when creating new route [ 287.205967][T10523] IPv6: NLM_F_CREATE should be set when creating new route [ 287.412643][ T4745] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 287.465619][T10533] tmpfs: Bad value for 'mpol' [ 287.641908][T10541] netlink: 'syz.1.2954': attribute type 11 has an invalid length. [ 287.662606][T10541] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2954'. [ 287.782522][ T4745] usb 3-1: config 1 has an invalid interface number: 65 but max is 1 [ 287.802453][ T4745] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 287.833875][ T4745] usb 3-1: config 1 has 3 interfaces, different from the descriptor's value: 2 [ 287.877384][ T4745] usb 3-1: config 1 has no interface number 2 [ 287.902452][ T4745] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 287.948380][ T4745] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 287.992462][ T4745] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 288.053334][ T4745] usb 3-1: config 1 interface 1 has no altsetting 0 [ 288.212862][ T4745] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 288.222011][ T4745] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=131 [ 288.262537][ T4745] usb 3-1: Product: syz [ 288.266830][ T4745] usb 3-1: Manufacturer: syz [ 288.271492][ T4745] usb 3-1: SerialNumber: syz [ 288.294963][ T27] audit: type=1326 audit(1728526142.855:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.4.2966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 288.386120][ T4745] cdc_ncm 3-1:1.65: CDC Union missing and no IAD found [ 288.414038][ T4745] cdc_ncm 3-1:1.65: bind() failure [ 288.422953][ T27] audit: type=1326 audit(1728526142.855:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.4.2966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 288.527458][ T27] audit: type=1326 audit(1728526142.855:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.4.2966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 288.638650][ T27] audit: type=1326 audit(1728526142.855:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.4.2966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 288.853870][ T14] usb 3-1: USB disconnect, device number 13 [ 289.106076][T10594] netlink: 'syz.3.2980': attribute type 1 has an invalid length. [ 289.977193][T10633] loop1: detected capacity change from 0 to 256 [ 290.031015][T10638] netlink: 'syz.2.3001': attribute type 10 has an invalid length. [ 290.053665][T10633] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 290.141337][T10638] 8021q: adding VLAN 0 to HW filter on device team0 [ 290.184634][T10638] bond0: (slave team0): Enslaving as an active interface with an up link [ 290.396930][T10648] loop1: detected capacity change from 0 to 256 [ 290.680108][T10660] netlink: 'syz.2.3012': attribute type 3 has an invalid length. [ 290.887517][T10667] loop2: detected capacity change from 0 to 256 [ 290.963545][T10667] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 290.976850][T10672] SET target dimension over the limit! [ 291.501295][T10693] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3028'. [ 291.605922][T10697] loop1: detected capacity change from 0 to 512 [ 291.702610][T10697] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 291.774222][ T27] audit: type=1326 audit(1728526146.335:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10704 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee517dff9 code=0x7ffc0000 [ 291.834711][ T27] audit: type=1326 audit(1728526146.335:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10704 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee517dff9 code=0x7ffc0000 [ 291.856995][ C0] vkms_vblank_simulate: vblank timer overrun [ 291.863731][ T27] audit: type=1326 audit(1728526146.415:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10704 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f4ee517dff9 code=0x7ffc0000 [ 291.867375][T10697] EXT4-fs (loop1): 1 truncate cleaned up [ 291.888747][ T27] audit: type=1326 audit(1728526146.415:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10704 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee517dff9 code=0x7ffc0000 [ 291.914290][ T27] audit: type=1326 audit(1728526146.415:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10704 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee517dff9 code=0x7ffc0000 [ 291.946962][T10697] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 292.081876][T10716] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3039'. [ 292.153759][ T4610] EXT4-fs (loop1): unmounting filesystem. [ 292.952700][T10749] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3056'. [ 292.964479][T10751] loop1: detected capacity change from 0 to 64 [ 294.046467][T10775] loop2: detected capacity change from 0 to 256 [ 294.075010][T10775] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 294.419475][T10780] loop1: detected capacity change from 0 to 4096 [ 294.465115][T10780] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 294.867040][T10794] loop2: detected capacity change from 0 to 256 [ 294.904042][T10798] netlink: 'syz.4.3078': attribute type 10 has an invalid length. [ 294.971828][T10794] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 294.986562][T10798] 8021q: adding VLAN 0 to HW filter on device team0 [ 295.046601][T10798] bond0: (slave team0): Enslaving as an active interface with an up link [ 295.416523][T10815] siw: device registration error -23 [ 295.616266][T10818] loop2: detected capacity change from 0 to 128 [ 295.683700][T10818] qnx6: superblock #1 checksum error [ 295.992617][T10834] tmpfs: Bad value for 'mpol' [ 296.448991][ T6799] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 296.502767][ T14] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 296.833255][ T6799] usb 2-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 296.852567][ T6799] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.869914][ T6799] usb 2-1: config 0 descriptor?? [ 296.892679][ T14] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 296.954796][ T6799] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 297.082649][ T14] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice= 0.40 [ 297.091786][ T14] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.119845][ T14] usb 3-1: Product: syz [ 297.152454][ T14] usb 3-1: Manufacturer: syz [ 297.181396][ T14] usb 3-1: SerialNumber: syz [ 297.213310][ T6797] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 297.382720][ T6799] gspca_sn9c2028: read1 error -71 [ 297.402820][ T6799] gspca_sn9c2028: read1 error -71 [ 297.407934][ T6799] sn9c2028: probe of 2-1:0.0 failed with error -71 [ 297.430081][ T6799] usb 2-1: USB disconnect, device number 13 [ 297.464253][ T6797] usb 5-1: Using ep0 maxpacket: 16 [ 297.482921][ T14] cdc_ncm 3-1:1.0: bind() failure [ 297.509341][ T14] usbtest 3-1:1.0: Linux gadget zero [ 297.519743][ T14] usbtest 3-1:1.0: high-speed {control in/out int-in} tests (+alt) [ 297.561890][ T14] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 297.590504][ T6797] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 297.612481][ T14] cdc_ncm 3-1:1.1: bind() failure [ 297.621740][ T6797] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 297.635339][ T14] usbtest 3-1:1.1: couldn't get endpoints, -71 [ 297.641687][ T14] usbtest: probe of 3-1:1.1 failed with error -71 [ 297.657877][ T6797] usb 5-1: config 0 interface 0 has no altsetting 0 [ 297.691382][ T14] usb 3-1: USB disconnect, device number 14 [ 297.847133][ T6797] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 297.865426][ T6797] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.892771][ T6797] usb 5-1: Product: syz [ 297.896979][ T6797] usb 5-1: Manufacturer: syz [ 297.901609][ T6797] usb 5-1: SerialNumber: syz [ 297.938979][ T6797] usb 5-1: config 0 descriptor?? [ 298.214872][ T6797] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input13 [ 298.449895][ T14] usb 5-1: USB disconnect, device number 7 [ 298.456584][ T3077] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -19 [ 298.602170][T10894] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3129'. [ 298.853351][T10904] netlink: 'syz.2.3133': attribute type 30 has an invalid length. [ 299.395604][T10923] loop1: detected capacity change from 0 to 256 [ 299.445374][T10925] bond0: Error: Cannot enslave bond to itself. [ 299.589867][T10928] trusted_key: encrypted_key: master key parameter is missing [ 300.142931][T10951] cgroup: No subsys list or none specified [ 300.362500][ T4745] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 300.515583][T10965] loop1: detected capacity change from 0 to 512 [ 300.669518][T10965] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 300.688958][T10965] ext4 filesystem being mounted at /625/bus supports timestamps until 2038 (0x7fffffff) [ 300.701814][T10978] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3165'. [ 300.732639][ T4745] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 300.744496][ T4745] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.766003][ T4745] usb 3-1: config 0 descriptor?? [ 300.883819][ T4610] EXT4-fs (loop1): unmounting filesystem. [ 300.940497][T10985] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3169'. [ 301.121711][T10993] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3175'. [ 301.232712][ T4745] ath6kl: Failed to read usb control message: -71 [ 301.239275][ T4745] ath6kl: Unable to read the bmi data from the device: -71 [ 301.262995][ T4745] ath6kl: Unable to recv target info: -71 [ 301.279627][ T4745] ath6kl: Failed to init ath6kl core: -71 [ 301.368265][ T4745] ath6kl_usb: probe of 3-1:0.0 failed with error -71 [ 301.395693][ T4745] usb 3-1: USB disconnect, device number 15 [ 301.482713][ T14] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 301.752535][ T14] usb 1-1: Using ep0 maxpacket: 8 [ 301.885475][ T14] usb 1-1: New USB device found, idVendor=06cd, idProduct=011c, bcdDevice=d7.cc [ 301.914081][ T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.934627][ T14] usb 1-1: config 0 descriptor?? [ 302.004256][ T14] keyspan 1-1:0.0: Keyspan 1 port adapter converter detected [ 302.026941][ T14] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 84 [ 302.055944][ T14] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 81 [ 302.081287][ T14] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 82 [ 302.111132][ T14] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 1 [ 302.142506][ T14] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 2 [ 302.175970][ T14] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 83 [ 302.191428][ T14] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 3 [ 302.236746][ T14] usb 1-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 302.254582][ T14] usb 1-1: USB disconnect, device number 17 [ 302.258555][ T14] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 302.259635][ T14] keyspan 1-1:0.0: device disconnected [ 302.541432][T11003] loop1: detected capacity change from 0 to 32768 [ 302.643858][T11003] [ 302.643858][T11003] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 302.643858][T11003] [ 302.773223][ T4610] [ 302.773223][ T4610] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 302.773223][ T4610] [ 302.874628][ T4610] [ 302.874628][ T4610] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 302.874628][ T4610] [ 303.087374][T11054] loop2: detected capacity change from 0 to 256 [ 303.149704][T11054] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 303.761704][T11077] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3215'. [ 303.786886][T11077] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3215'. [ 303.815690][T11077] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3215'. [ 304.488604][T11089] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3221'. [ 304.506711][T11073] loop2: detected capacity change from 0 to 32768 [ 304.633157][T11091] loop1: detected capacity change from 0 to 2048 [ 304.755946][T11097] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 304.779664][T11091] syz.1.3222: attempt to access beyond end of device [ 304.779664][T11091] loop1: rw=0, sector=19791209300034, nr_sectors = 2 limit=2048 [ 304.835701][T11091] NILFS (loop1): I/O error reading b-tree node block (ino=16, blocknr=15) [ 304.851766][T11091] syz.1.3222: attempt to access beyond end of device [ 304.851766][T11091] loop1: rw=0, sector=19791209300034, nr_sectors = 2 limit=2048 [ 304.876688][T11101] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 304.893939][T11101] overlayfs: missing 'lowerdir' [ 304.920438][T11091] NILFS (loop1): I/O error reading b-tree node block (ino=16, blocknr=15) [ 304.944905][T11091] NILFS (loop1): error -5 truncating bmap (ino=16) [ 305.651433][T11131] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3241'. [ 305.682455][T11131] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3241'. [ 305.733643][T11131] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3241'. [ 305.882629][ T4745] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 305.986221][T11137] loop1: detected capacity change from 0 to 4096 [ 306.242687][ T4745] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 306.255522][ T4745] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.284038][ T4745] usb 1-1: config 0 descriptor?? [ 306.722460][ T6797] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 306.752675][ T4745] ath6kl: Failed to read usb control message: -71 [ 306.761734][ T4745] ath6kl: Unable to read the bmi data from the device: -71 [ 306.781836][ T4745] ath6kl: Unable to recv target info: -71 [ 306.803746][ T4745] ath6kl: Failed to init ath6kl core: -71 [ 306.838871][ T4745] ath6kl_usb: probe of 1-1:0.0 failed with error -71 [ 306.851525][ T4745] usb 1-1: USB disconnect, device number 18 [ 306.866794][T11171] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 306.982472][ T22] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 307.242565][ T22] usb 4-1: Using ep0 maxpacket: 8 [ 307.288575][ T6797] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 307.312693][ T6797] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.320768][ T6797] usb 3-1: Product: syz [ 307.342803][ T6797] usb 3-1: Manufacturer: syz [ 307.347907][ T6797] usb 3-1: SerialNumber: syz [ 307.362662][ T22] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 307.424157][ T6797] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 307.462795][ T22] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 307.492498][ T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 307.522133][ T22] usb 4-1: SerialNumber: syz [ 307.549381][ T22] usb 4-1: config 0 descriptor?? [ 307.605206][T11189] loop1: detected capacity change from 0 to 2048 [ 307.625597][ T22] usb 4-1: Found UVC 0.00 device (05ac:8501) [ 307.641302][ T22] usb 4-1: No valid video chain found. [ 307.680379][T11189] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 307.733598][T11189] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 307.746924][T11195] sock: sock_timestamping_bind_phc: sock not bind to device [ 307.860090][ T4745] usb 4-1: USB disconnect, device number 10 [ 308.142777][ T6797] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 308.567658][ T22] usb 3-1: USB disconnect, device number 16 [ 309.192443][ T6797] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 309.201378][ T6797] ath9k_htc: Failed to initialize the device [ 309.235628][ T22] usb 3-1: ath9k_htc: USB layer deinitialized [ 310.108767][T11281] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 310.312521][ T22] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 310.325086][T11289] netlink: 164 bytes leftover after parsing attributes in process `syz.2.3317'. [ 310.582606][ T22] usb 2-1: Using ep0 maxpacket: 16 [ 310.862701][ T22] usb 2-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 310.885197][ T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.909131][ T22] usb 2-1: Product: syz [ 310.924201][ T22] usb 2-1: Manufacturer: syz [ 310.928856][ T22] usb 2-1: SerialNumber: syz [ 310.942487][ T4745] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 310.964659][ T22] usb 2-1: config 0 descriptor?? [ 311.004007][ T22] visor 2-1:0.0: Sony Clie 3.5 converter detected [ 311.012576][T11310] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3328'. [ 311.125275][T11314] x_tables: duplicate entry at hook 3 [ 311.192999][ T4745] usb 4-1: Using ep0 maxpacket: 8 [ 311.222771][ T22] usb 2-1: clie_3_5_startup: get config number bad return length: 0 [ 311.230888][ T22] visor: probe of 2-1:0.0 failed with error -5 [ 311.312730][ T4745] usb 4-1: New USB device found, idVendor=06cd, idProduct=011c, bcdDevice=d7.cc [ 311.335736][ T4745] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.345640][T11295] loop2: detected capacity change from 0 to 32768 [ 311.373406][ T4745] usb 4-1: config 0 descriptor?? [ 311.380099][T11295] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.3322 (11295) [ 311.427121][ T4430] usb 2-1: USB disconnect, device number 14 [ 311.443941][ T4745] keyspan 4-1:0.0: Keyspan 1 port adapter converter detected [ 311.456383][ T4745] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 84 [ 311.477068][T11295] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 311.496716][ T4745] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 81 [ 311.505090][T11295] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 311.514879][ T4745] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 82 [ 311.523081][T11295] BTRFS info (device loop2): using free space tree [ 311.529834][ T4745] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 1 [ 311.538732][ T4745] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 2 [ 311.566418][ T4745] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 83 [ 311.575648][ T4745] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 3 [ 311.604561][ T4745] usb 4-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 311.685274][ T6797] usb 4-1: USB disconnect, device number 11 [ 311.721954][ T6797] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 311.732685][ T22] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 311.743128][ T6797] keyspan 4-1:0.0: device disconnected [ 311.783574][T11295] BTRFS info (device loop2): enabling ssd optimizations [ 311.909090][ T4180] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 312.235597][T11351] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3340'. [ 312.292886][ T22] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 312.313228][ T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.359972][ T22] usb 5-1: Product: syz [ 312.372459][ T22] usb 5-1: Manufacturer: syz [ 312.377107][ T22] usb 5-1: SerialNumber: syz [ 312.413599][ T22] usb 5-1: config 0 descriptor?? [ 312.524923][T11359] loop1: detected capacity change from 0 to 256 [ 312.683176][ T22] usb-storage 5-1:0.0: USB Mass Storage device detected [ 312.691968][T11359] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0xd9626611, utbl_chksum : 0xe619d30d) [ 312.834368][T11371] netlink: 'syz.0.3347': attribute type 5 has an invalid length. [ 312.857198][T11359] syz.1.3342: attempt to access beyond end of device [ 312.857198][T11359] loop1: rw=0, sector=34359738490, nr_sectors = 1 limit=256 [ 312.911217][ T4430] usb 5-1: USB disconnect, device number 8 [ 312.912815][T11359] exFAT-fs (loop1): error, tried to truncate zeroed cluster. [ 312.955411][T11359] exFAT-fs (loop1): Filesystem has been set read-only [ 313.206358][T11383] loop2: detected capacity change from 0 to 764 [ 313.234348][T11383] rock: directory entry would overflow storage [ 313.241153][T11383] rock: sig=0x4654, size=5, remaining=4 [ 313.404489][T11389] loop1: detected capacity change from 0 to 1024 [ 313.956749][T11411] loop2: detected capacity change from 0 to 256 [ 314.036590][T11417] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3371'. [ 314.094981][T11411] FAT-fs (loop2): Directory bread(block 64) failed [ 314.183688][T11411] FAT-fs (loop2): Directory bread(block 65) failed [ 314.190462][T11411] FAT-fs (loop2): Directory bread(block 66) failed [ 314.307564][T11411] FAT-fs (loop2): Directory bread(block 67) failed [ 314.342848][T11411] FAT-fs (loop2): Directory bread(block 68) failed [ 314.349437][T11411] FAT-fs (loop2): Directory bread(block 69) failed [ 314.393037][T11411] FAT-fs (loop2): Directory bread(block 70) failed [ 314.399623][T11411] FAT-fs (loop2): Directory bread(block 71) failed [ 314.450126][T11411] FAT-fs (loop2): Directory bread(block 72) failed [ 314.478138][T11411] FAT-fs (loop2): Directory bread(block 73) failed [ 315.393202][T11467] loop2: detected capacity change from 0 to 47 [ 315.828718][T11480] netlink: 'syz.0.3401': attribute type 6 has an invalid length. [ 316.221704][T11495] loop1: detected capacity change from 0 to 2048 [ 316.268872][T11495] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 316.299237][T11498] xt_NFQUEUE: number of total queues is 0 [ 316.381377][T11501] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 316.432569][T11501] overlayfs: missing 'lowerdir' [ 316.570271][T11507] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3415'. [ 316.957268][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.963649][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.997831][T11483] loop2: detected capacity change from 0 to 32768 [ 317.054017][T11483] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.3403 (11483) [ 317.126141][T11483] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 317.150173][T11483] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 317.162158][T11483] BTRFS info (device loop2): using free space tree [ 317.287941][ T27] audit: type=1326 audit(1728526171.845:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11529 comm="syz.1.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 317.302451][ T22] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 317.350420][ T27] audit: type=1326 audit(1728526171.845:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11529 comm="syz.1.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 317.375942][ T27] audit: type=1326 audit(1728526171.855:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11529 comm="syz.1.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 317.418661][ T27] audit: type=1326 audit(1728526171.855:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11529 comm="syz.1.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 317.444848][ T27] audit: type=1326 audit(1728526171.855:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11529 comm="syz.1.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe705d7dff9 code=0x7ffc0000 [ 317.539928][T11546] netlink: 'syz.0.3427': attribute type 1 has an invalid length. [ 317.571429][T11547] loop1: detected capacity change from 0 to 1024 [ 317.588665][T11483] BTRFS info (device loop2): enabling ssd optimizations [ 317.613861][T11547] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 317.632482][ T22] usb 4-1: Using ep0 maxpacket: 8 [ 317.675313][T11547] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 317.752636][ T22] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 317.800766][ T4180] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 317.852680][ T22] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 317.875701][ T4610] EXT4-fs (loop1): unmounting filesystem. [ 317.902479][ T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 317.916321][ T22] usb 4-1: SerialNumber: syz [ 317.947592][ T22] usb 4-1: config 0 descriptor?? [ 318.048471][ T22] usb 4-1: Found UVC 0.00 device (05ac:8501) [ 318.082622][ T22] usb 4-1: No valid video chain found. [ 318.211512][T11557] loop1: detected capacity change from 0 to 4096 [ 318.234408][ T22] usb 4-1: USB disconnect, device number 12 [ 318.271271][T11557] NILFS (loop1): invalid segment: Checksum error in segment payload [ 318.310818][T11557] NILFS (loop1): trying rollback from an earlier position [ 318.397424][T11557] NILFS (loop1): recovery complete [ 318.423852][T11564] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 319.302066][T11597] netlink: 'syz.1.3449': attribute type 10 has an invalid length. [ 319.412664][T11597] team0: Port device geneve1 added [ 319.437058][T11602] IPv6: Can't replace route, no match found [ 319.653052][T11608] netlink: 'syz.2.3465': attribute type 3 has an invalid length. [ 319.862538][ T4340] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 320.014329][T11622] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3461'. [ 320.072681][ T22] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 320.334168][T11628] autofs4:pid:11628:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 320.392956][ T4340] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 320.412655][ T4340] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.427843][ T4340] usb 4-1: Product: syz [ 320.432076][ T4340] usb 4-1: Manufacturer: syz [ 320.458414][ T4340] usb 4-1: SerialNumber: syz [ 320.480849][ T4340] r8152-cfgselector 4-1: config 0 descriptor?? [ 320.602967][ T22] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 320.622856][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.630908][ T22] usb 3-1: Product: syz [ 320.686395][ T22] usb 3-1: Manufacturer: syz [ 320.691053][ T22] usb 3-1: SerialNumber: syz [ 320.704107][T11644] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3473'. [ 320.725568][ T22] usb 3-1: config 0 descriptor?? [ 320.982529][ T4340] r8152-cfgselector 4-1: Unknown version 0x0000 [ 320.993043][ T22] usb-storage 3-1:0.0: USB Mass Storage device detected [ 321.016060][ T4340] r8152-cfgselector 4-1: USB disconnect, device number 13 [ 321.210954][ T3688] usb 3-1: USB disconnect, device number 17 [ 321.416081][T11673] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3486'. [ 321.428912][T11673] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3486'. [ 321.622532][ T4340] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 321.851223][T11687] loop2: detected capacity change from 0 to 64 [ 321.881488][T11687] syz.2.3493: attempt to access beyond end of device [ 321.881488][T11687] loop2: rw=0, sector=8192, nr_sectors = 2 limit=64 [ 322.162638][ T4340] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 322.171835][ T4340] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 322.216151][ T4340] usb 5-1: Product: syz [ 322.220413][ T4340] usb 5-1: Manufacturer: syz [ 322.273199][ T4340] usb 5-1: SerialNumber: syz [ 322.353585][ T4340] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 322.407416][T11693] loop2: detected capacity change from 0 to 4096 [ 322.453718][T11693] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 322.570325][T11693] ntfs3: loop2: failed to convert "c46c" to iso8859-15 [ 322.570358][T11707] syz.0.3503 uses old SIOCAX25GETINFO [ 322.962719][ T4340] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 323.003828][T11717] loop1: detected capacity change from 0 to 1024 [ 323.062805][T11721] IPv6: Can't replace route, no match found [ 323.195636][T11723] kAFS: unable to lookup cell '/' [ 323.377566][ T27] audit: type=1326 audit(1728526177.935:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.2.3513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 323.418797][ T3688] usb 5-1: USB disconnect, device number 9 [ 323.477490][ T27] audit: type=1326 audit(1728526177.935:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.2.3513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 323.558370][ T27] audit: type=1326 audit(1728526177.935:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.2.3513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 323.670381][ T27] audit: type=1326 audit(1728526177.935:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.2.3513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2115d7dff9 code=0x7ffc0000 [ 323.808485][T11733] loop1: detected capacity change from 0 to 2048 [ 323.882515][T11733] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 323.905267][ T3633] udevd[3633]: incorrect nilfs2 checksum on /dev/loop1 [ 323.927024][T11733] syz.1.3515: attempt to access beyond end of device [ 323.927024][T11733] loop1: rw=0, sector=1125899906842706, nr_sectors = 2 limit=2048 [ 324.002512][T11733] NILFS (loop1): I/O error reading meta-data file (ino=5, block-offset=0) [ 324.035480][T11733] NILFS (loop1): error -5 while loading super root [ 324.066554][T11739] netlink: 'syz.4.3519': attribute type 10 has an invalid length. [ 324.075569][ T4340] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 324.114190][ T4340] ath9k_htc: Failed to initialize the device [ 324.120967][ T3688] usb 5-1: ath9k_htc: USB layer deinitialized [ 324.212175][T11739] team0: Port device geneve1 added [ 324.307420][T11733] loop1: detected capacity change from 0 to 2048 [ 324.398526][T11733] NILFS (loop1): corrupt root inode [ 324.542811][T11753] loop2: detected capacity change from 0 to 16 [ 324.590649][T11753] erofs: (device loop2): mounted with root inode @ nid 36. [ 324.805732][T11763] loop2: detected capacity change from 0 to 128 [ 324.881937][T11765] netlink: 'syz.4.3532': attribute type 4 has an invalid length. [ 324.892927][ T4644] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 324.912723][T11765] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.3532'. [ 325.082490][T11771] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3535'. [ 325.447590][ T4644] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 325.471806][ T4644] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.506111][ T4644] usb 4-1: Product: syz [ 325.510400][ T4644] usb 4-1: Manufacturer: syz [ 325.540642][ T4644] usb 4-1: SerialNumber: syz [ 325.603500][ T4644] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 325.705099][T11793] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3546'. [ 325.941550][T11768] loop1: detected capacity change from 0 to 32768 [ 326.047667][T11768] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 326.062542][ T3630] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 326.211889][ T4610] ocfs2: Unmounting device (7,1) on (node local) [ 326.240429][ T4644] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 326.374923][T11812] netlink: 'syz.0.3556': attribute type 10 has an invalid length. [ 326.492842][T11812] team0: Port device geneve1 added [ 326.636147][ T52] block nbd0: Attempted send on invalid socket [ 326.642593][ T52] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 326.653080][ T3630] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 326.662799][T11818] hfs: can't find a HFS filesystem on dev nbd0 [ 326.669295][ T3630] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.711789][ T3630] usb 3-1: Product: syz [ 326.727611][ T3630] usb 3-1: Manufacturer: syz [ 326.738005][ T3630] usb 3-1: SerialNumber: syz [ 326.782733][ T3688] usb 4-1: USB disconnect, device number 14 [ 326.814497][ T3630] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 326.844216][T11825] netlink: 'syz.4.3561': attribute type 21 has an invalid length. [ 327.352631][ T4644] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 327.360057][ T4644] ath9k_htc: Failed to initialize the device [ 327.391470][ T3688] usb 4-1: ath9k_htc: USB layer deinitialized [ 327.412500][ T3630] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 327.834786][ T4644] usb 3-1: USB disconnect, device number 18 [ 327.913186][T11819] loop1: detected capacity change from 0 to 32768 [ 327.962031][T11819] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 327.988999][T11819] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 328.044798][T11819] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 328.074127][ T3688] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 328.081071][ T3688] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 328.268038][ T3688] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 186ms [ 328.287749][ T3688] gfs2: fsid=syz:syz.0: jid=0: Done [ 328.293423][T11819] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 328.386548][T11871] netlink: 116 bytes leftover after parsing attributes in process `syz.4.3583'. [ 328.472921][ T3630] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 328.479971][ T3630] ath9k_htc: Failed to initialize the device [ 328.522922][ T4644] usb 3-1: ath9k_htc: USB layer deinitialized [ 328.965005][T11894] netlink: 'syz.0.3596': attribute type 2 has an invalid length. [ 329.766193][T11931] netlink: 160 bytes leftover after parsing attributes in process `syz.0.3613'. [ 329.836486][T11931] netlink: 'syz.0.3613': attribute type 1 has an invalid length. [ 329.882527][T11931] netlink: 'syz.0.3613': attribute type 2 has an invalid length. [ 329.913765][T11931] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3613'. [ 330.148478][T11948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3622'. [ 330.168894][T11948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3622'. [ 330.893226][T11979] dlm: no locking on control device [ 331.090950][ T4430] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 331.342546][ T4430] usb 2-1: Using ep0 maxpacket: 16 [ 331.462990][ T4430] usb 2-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 331.486416][ T4430] usb 2-1: config 0 interface 0 altsetting 44 endpoint 0x83 has invalid wMaxPacketSize 0 [ 331.513269][ T4430] usb 2-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 331.541426][ T4430] usb 2-1: config 0 interface 0 has no altsetting 0 [ 331.702539][ T4430] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 331.719533][ T4430] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 331.750440][ T4430] usb 2-1: Product: syz [ 331.765283][ T4430] usb 2-1: Manufacturer: syz [ 331.786498][ T4430] usb 2-1: SerialNumber: syz [ 331.817665][ T4430] usb 2-1: config 0 descriptor?? [ 331.875610][ T4430] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input16 [ 332.190644][ T4340] usb 2-1: USB disconnect, device number 15 [ 333.877098][T12097] xt_ecn: cannot match TCP bits for non-tcp packets [ 334.352640][ T4644] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 334.503506][T12123] libceph: resolve '40.' (ret=-3): failed [ 334.731904][ T4644] usb 5-1: config 0 has an invalid interface number: 16 but max is 0 [ 334.760943][ T4644] usb 5-1: config 0 has no interface number 0 [ 334.774947][ T4644] usb 5-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee [ 334.794450][ T4644] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.811733][ T4644] usb 5-1: config 0 descriptor?? [ 335.083536][ T4644] usb 5-1: USB disconnect, device number 10 [ 335.235198][ T3688] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 335.802985][ T3688] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 335.843364][ T3688] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.851404][ T3688] usb 3-1: Product: syz [ 335.896578][ T3688] usb 3-1: Manufacturer: syz [ 335.923065][ T3688] usb 3-1: SerialNumber: syz [ 335.931886][T12177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3734'. [ 335.990883][ T3688] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 336.127536][T12185] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3736'. [ 336.632894][ T3688] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 336.661959][T12202] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 337.064614][ T4430] usb 3-1: USB disconnect, device number 19 [ 337.504157][T12231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3760'. [ 337.672505][ T3688] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 337.679682][ T3688] ath9k_htc: Failed to initialize the device [ 337.703445][ T4430] usb 3-1: ath9k_htc: USB layer deinitialized [ 337.786100][T12241] xt_cluster: node mask cannot exceed total number of nodes [ 338.369540][T12256] loop2: detected capacity change from 0 to 2048 [ 338.394346][T12256] EXT4-fs warning (device loop2): ext4_multi_mount_protect:298: Invalid MMP block in superblock [ 338.772510][ T6799] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 339.043012][ T6799] usb 3-1: Using ep0 maxpacket: 8 [ 339.172756][ T6799] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 339.191875][ T6799] usb 3-1: config 135 has an invalid descriptor of length 196, skipping remainder of the config [ 339.229580][ T6799] usb 3-1: config 135 has no interface number 0 [ 339.246650][ T6799] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 339.462695][ T6799] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 339.497499][ T6799] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.512681][ T3648] Bluetooth: hci5: command 0x0406 tx timeout [ 339.562527][ T6799] usb 3-1: Product: syz [ 339.566750][ T6799] usb 3-1: Manufacturer: syz [ 339.599371][T12295] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3791'. [ 339.602527][T12298] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 339.615081][ T6799] usb 3-1: SerialNumber: syz [ 339.754189][T12302] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3794'. [ 339.922838][ T6799] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 339.938113][ T6799] usb 3-1: No valid video chain found. [ 339.966524][ T6799] usb 3-1: USB disconnect, device number 20 [ 340.955658][T12304] loop1: detected capacity change from 0 to 32768 [ 340.975497][T12304] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.3795 (12304) [ 341.023992][T12304] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 341.063249][T12304] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 341.138174][T12304] BTRFS info (device loop1): using free space tree [ 341.553862][T12304] BTRFS info (device loop1): enabling ssd optimizations [ 341.684801][ T4610] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 341.878591][T12383] netlink: 763 bytes leftover after parsing attributes in process `syz.2.3825'. [ 341.981842][T12385] netlink: 'syz.4.3826': attribute type 3 has an invalid length. [ 342.122514][T12389] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3828'. [ 342.435062][ T27] audit: type=1400 audit(1728526196.995:94): apparmor="DENIED" operation="change_profile" info="label not found" error=-22 profile="unconfined" name="&" pid=12403 comm="syz.1.3836" [ 342.843183][T12422] IPv6: NLM_F_CREATE should be specified when creating new route [ 342.851013][T12422] netlink: 1 bytes leftover after parsing attributes in process `syz.2.3841'. [ 342.969117][T12427] loop1: detected capacity change from 0 to 8 [ 343.024276][T12428] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3845'. [ 343.483658][T12443] sctp: [Deprecated]: syz.3.3853 (pid 12443) Use of struct sctp_assoc_value in delayed_ack socket option. [ 343.483658][T12443] Use struct sctp_sack_info instead [ 343.710039][T12444] loop2: detected capacity change from 0 to 4096 [ 343.780359][T12444] ntfs: (device loop2): check_mft_mirror(): Incomplete multi sector transfer detected in mft record 2. [ 343.829322][T12444] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 343.915387][T12444] ntfs: volume version 3.1. [ 343.920067][T12444] ntfs: (device loop2): map_mft_record_page(): Mft record 0x2 is corrupt. Run chkdsk. [ 343.972528][T12444] ntfs: (device loop2): map_mft_record(): Failed with error code 5. [ 344.010910][T12444] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 344.013758][T12462] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3861'. [ 344.046787][T12444] ntfs: (device loop2): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 344.112981][T12444] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 344.124288][ T27] audit: type=1326 audit(1728526198.675:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12466 comm="syz.4.3866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1f97dff9 code=0x7ffc0000 [ 344.159740][T12444] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 344.608401][T12483] netlink: 'syz.1.3873': attribute type 21 has an invalid length. [ 344.692897][T12483] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3873'. [ 344.724029][T12483] netlink: 'syz.1.3873': attribute type 4 has an invalid length. [ 344.732731][ T26] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 344.747142][T12483] netlink: 'syz.1.3873': attribute type 5 has an invalid length. [ 344.756000][T12483] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3873'. [ 344.765174][T12488] netlink: 'syz.0.3877': attribute type 1 has an invalid length. [ 344.982740][ T26] usb 5-1: Using ep0 maxpacket: 8 [ 345.102633][ T26] usb 5-1: config 135 has an invalid interface number: 230 but max is 0 [ 345.137558][ T26] usb 5-1: config 135 has an invalid descriptor of length 196, skipping remainder of the config [ 345.178551][ T26] usb 5-1: config 135 has no interface number 0 [ 345.202449][ T26] usb 5-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 345.402670][ T26] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 345.403348][T12513] netlink: 'syz.1.3887': attribute type 1 has an invalid length. [ 345.427307][ T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.460211][T12513] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3887'. [ 345.460324][ T26] usb 5-1: Product: syz [ 345.506079][ T26] usb 5-1: Manufacturer: syz [ 345.510871][ T26] usb 5-1: SerialNumber: syz [ 345.768183][T12525] netlink: 'syz.0.3896': attribute type 10 has an invalid length. [ 345.802897][T12525] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 345.818689][ T26] usb 5-1: Found UVC 0.00 device syz (18ec:3288) [ 345.832921][ T26] usb 5-1: No valid video chain found. [ 345.845982][ T26] usb 5-1: USB disconnect, device number 11 [ 345.911896][ T3688] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 346.119450][T12536] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3900'. [ 346.161578][T12539] Invalid ELF header magic: != ELF [ 346.167185][ T3688] usb 2-1: Using ep0 maxpacket: 32 [ 346.472763][ T3688] usb 2-1: New USB device found, idVendor=0572, idProduct=cb07, bcdDevice=f6.00 [ 346.492082][ T3688] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 346.552623][ T3688] usb 2-1: Product: syz [ 346.556879][ T3688] usb 2-1: Manufacturer: syz [ 346.561500][ T3688] usb 2-1: SerialNumber: syz [ 346.593678][ T3688] usb 2-1: config 0 descriptor?? [ 346.633775][ T3688] usb-storage 2-1:0.0: USB Mass Storage device detected [ 346.673168][T12552] netlink: 'syz.2.3908': attribute type 15 has an invalid length. [ 346.872842][ T3688] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19! [ 346.903594][ T3688] usb 2-1: USB disconnect, device number 16 [ 347.532656][ T26] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 347.792488][ T26] usb 5-1: Using ep0 maxpacket: 32 [ 347.912872][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 347.964671][T12596] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3928'. [ 348.102706][ T26] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 348.139401][ T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.148014][ T26] usb 5-1: Product: syz [ 348.172618][T12604] tmpfs: Bad value for 'mpol' [ 348.187565][ T26] usb 5-1: Manufacturer: syz [ 348.192204][ T26] usb 5-1: SerialNumber: syz [ 348.229770][ T26] usb 5-1: config 0 descriptor?? [ 348.293167][ T26] hub 5-1:0.0: bad descriptor, ignoring hub [ 348.299127][ T26] hub: probe of 5-1:0.0 failed with error -5 [ 348.335475][ T26] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input18 [ 348.374982][T12611] libceph: resolve '0' (ret=-3): failed [ 348.397824][ T26] usbtouchscreen 5-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -22 [ 348.442560][T12614] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 348.469335][ T26] usbtouchscreen: probe of 5-1:0.0 failed with error -22 [ 348.523450][ T26] usb 5-1: USB disconnect, device number 12 [ 348.538601][T12616] netlink: 'syz.0.3938': attribute type 21 has an invalid length. [ 348.552989][T12616] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3938'. [ 349.221680][T12637] sctp: [Deprecated]: syz.1.3949 (pid 12637) Use of struct sctp_assoc_value in delayed_ack socket option. [ 349.221680][T12637] Use struct sctp_sack_info instead [ 350.162566][ T4425] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 350.200817][T12676] device ip6tnl2 entered promiscuous mode [ 350.426681][ T4425] usb 5-1: Using ep0 maxpacket: 8 [ 350.702636][ T4425] usb 5-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 350.727141][ T4425] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 350.752383][ T4425] usb 5-1: Product: syz [ 350.763304][ T4425] usb 5-1: Manufacturer: syz [ 350.785228][ T4425] usb 5-1: SerialNumber: syz [ 350.823165][ T4425] usb 5-1: config 0 descriptor?? [ 350.864715][ T4425] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 350.980070][T12707] loop2: detected capacity change from 0 to 64 [ 351.030487][T12710] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3983'. [ 351.057533][T12707] Trying to free block not in datazone [ 351.072520][T12707] Trying to free block not in datazone [ 351.093504][T12707] Trying to free block not in datazone [ 351.119426][T12707] Trying to free block not in datazone [ 351.135555][T12707] minix_free_block (loop2:6): bit already cleared [ 351.155893][T12707] Trying to free block not in datazone [ 351.172117][T12707] Trying to free block not in datazone [ 351.205297][T12716] mmap: syz.1.3987 (12716): VmData 41648128 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 351.442567][ T4425] gspca_m5602: Failed to find a sensor [ 351.442582][ T4425] ALi m5602 5-1:0.0: ALi m5602 webcam failed [ 351.444288][ T4425] usb 5-1: USB disconnect, device number 13 [ 351.513076][ T28] INFO: task syz.4.1647:7757 blocked for more than 143 seconds. [ 351.513100][ T28] Not tainted 6.1.112-syzkaller #0 [ 351.513113][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 351.513123][ T28] task:syz.4.1647 state:D stack:22600 pid:7757 ppid:4682 flags:0x00004004 [ 351.513177][ T28] Call Trace: [ 351.513185][ T28] [ 351.513199][ T28] __schedule+0x143f/0x4570 [ 351.513248][ T28] ? xlog_grant_head_wait+0x1ee/0xa00 [ 351.513283][ T28] ? release_firmware_map_entry+0x186/0x186 [ 351.513310][ T28] ? xlog_space_left+0xa9/0x2b0 [ 351.513340][ T28] ? do_raw_spin_unlock+0x137/0x8a0 [ 351.513363][ T28] ? xlog_grant_push_threshold+0x1a3/0x1f0 [ 351.513396][ T28] schedule+0xbf/0x180 [ 351.513418][ T28] xlog_grant_head_wait+0x3b6/0xa00 [ 351.513459][ T28] xlog_grant_head_check+0x295/0x480 [ 351.513494][ T28] ? xlog_grant_push_ail+0xd0/0xd0 [ 351.513524][ T28] ? xlog_grant_push_threshold+0x1a3/0x1f0 [ 351.513560][ T28] xfs_log_reserve+0x3e1/0xc30 [ 351.513595][ T28] ? xlog_grant_head_check+0x480/0x480 [ 351.513626][ T28] ? xfs_mod_freecounter+0x1e2/0x490 [ 351.513665][ T28] xfs_trans_reserve+0x239/0x6a0 [ 351.513701][ T28] xfs_trans_alloc+0x41b/0x870 [ 351.513788][ T28] xfs_trans_alloc_inode+0x129/0x450 [ 351.513828][ T28] ? xfs_trans_dup+0x6a0/0x6a0 [ 351.513860][ T28] ? xfs_da_hashname+0x23f/0x370 [ 351.513880][ T28] ? xfs_attr_leaf_newentsize+0xd5/0x1d0 [ 351.513918][ T28] xfs_attr_set+0xa4e/0x1660 [ 351.513964][ T28] ? xfs_attr_leaf_shrink+0x410/0x410 [ 351.514003][ T28] ? lockdep_unlock+0x165/0x300 [ 351.514050][ T28] xfs_xattr_set+0x227/0x3a0 [ 351.514084][ T28] ? xfs_xattr_get+0x2f0/0x2f0 [ 351.514127][ T28] ? evm_protect_xattr+0x366/0xb10 [ 351.514153][ T28] ? xfs_xattr_get+0x2f0/0x2f0 [ 351.514184][ T28] __vfs_setxattr+0x3e7/0x420 [ 351.514232][ T28] __vfs_setxattr_noperm+0x12a/0x5e0 [ 351.514307][ T28] vfs_setxattr+0x21d/0x420 [ 351.514340][ T28] ? xattr_permission+0x4f0/0x4f0 [ 351.514360][ T28] ? _copy_from_user+0xa1/0x170 [ 351.514387][ T28] ? copy_user_enhanced_fast_string+0xa/0x40 [ 351.514412][ T28] ? _copy_from_user+0x109/0x170 [ 351.514440][ T28] setxattr+0x250/0x2b0 [ 351.514467][ T28] ? path_setxattr+0x2a0/0x2a0 [ 351.514518][ T28] ? __mnt_want_write+0x222/0x2a0 [ 351.514553][ T28] path_setxattr+0x1bc/0x2a0 [ 351.514583][ T28] ? simple_xattr_list_add+0xf0/0xf0 [ 351.514611][ T28] ? syscall_enter_from_user_mode+0x2e/0x230 [ 351.514643][ T28] __x64_sys_setxattr+0xb7/0xd0 [ 351.514669][ T28] do_syscall_64+0x3b/0xb0 [ 351.514688][ T28] ? clear_bhb_loop+0x45/0xa0 [ 351.514721][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 351.514764][ T28] RIP: 0033:0x7f31f0d7dff9 [ 351.514787][ T28] RSP: 002b:00007f31f1b99038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 351.514812][ T28] RAX: ffffffffffffffda RBX: 00007f31f0f35f80 RCX: 00007f31f0d7dff9 [ 351.514829][ T28] RDX: 0000000020000880 RSI: 0000000020000240 RDI: 0000000020000300 [ 351.514845][ T28] RBP: 00007f31f0df0296 R08: 0000000000000000 R09: 0000000000000000 [ 351.514861][ T28] R10: 000000000000ff27 R11: 0000000000000246 R12: 0000000000000000 [ 351.514875][ T28] R13: 0000000000000000 R14: 00007f31f0f35f80 R15: 00007ffe20489a48 [ 351.514908][ T28] [ 351.514938][ T28] [ 351.514938][ T28] Showing all locks held in the system: [ 351.514960][ T28] 1 lock held by rcu_tasks_kthre/12: [ 351.514974][ T28] #0: ffffffff8d32b1d0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 351.515045][ T28] 1 lock held by rcu_tasks_trace/13: [ 351.515057][ T28] #0: ffffffff8d32b9d0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 351.515125][ T28] 3 locks held by kworker/1:1/26: [ 351.515139][ T28] 1 lock held by khungtaskd/28: [ 351.515150][ T28] #0: ffffffff8d32b000 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 351.515244][ T28] 2 locks held by getty/3401: [ 351.515256][ T28] #0: ffff88814b6c9098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 351.515319][ T28] #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 351.515385][ T28] 3 locks held by kworker/u4:5/3700: [ 351.515401][ T28] 3 locks held by kworker/1:10/4425: [ 351.515413][ T28] #0: ffff88801dad1538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 351.515475][ T28] #1: ffffc90003a5fd20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 351.515536][ T28] #2: ffff888145b5f190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5730 [ 351.515605][ T28] 3 locks held by syz.4.1647/7757: [ 351.515617][ T28] #0: ffff88805af92460 (sb_writers#31){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 351.515683][ T28] #1: ffff888073732238 (&inode->i_sb->s_type->i_mutex_dir_key){++++}-{3:3}, at: vfs_setxattr+0x1dd/0x420 [ 351.515746][ T28] #2: ffff88805af92650 (sb_internal#3){.+.+}-{0:0}, at: xfs_trans_alloc_inode+0x129/0x450 [ 351.515818][ T28] 3 locks held by syz.0.2215/8977: [ 351.515831][ T28] #0: ffff88807406c460 (sb_writers#31){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 351.515895][ T28] #1: ffff888027e131b8 (&inode->i_sb->s_type->i_mutex_dir_key){++++}-{3:3}, at: vfs_setxattr+0x1dd/0x420 [ 351.515951][ T28] #2: ffff88807406c650 (sb_internal#3){.+.+}-{0:0}, at: xfs_trans_alloc_inode+0x129/0x450 [ 351.516021][ T28] 3 locks held by syz-executor/9373: [ 351.516034][ T28] 3 locks held by syz.3.2408/9381: [ 351.516046][ T28] #0: ffff88805e000460 (sb_writers#31){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 351.516110][ T28] #1: ffff8880737312b8 (&inode->i_sb->s_type->i_mutex_dir_key){++++}-{3:3}, at: vfs_setxattr+0x1dd/0x420 [ 351.516167][ T28] #2: ffff88805e000650 (sb_internal#3){.+.+}-{0:0}, at: xfs_trans_alloc_inode+0x129/0x450 [ 351.516237][ T28] 2 locks held by syz.0.3903/12560: [ 351.516251][ T28] 1 lock held by syz.2.3989/12722: [ 351.516264][ T28] [ 351.516269][ T28] ============================================= [ 351.516269][ T28] [ 351.516283][ T28] NMI backtrace for cpu 0 [ 351.516292][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.112-syzkaller #0 [ 351.516312][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 351.516323][ T28] Call Trace: [ 351.516331][ T28] [ 351.516339][ T28] dump_stack_lvl+0x1e3/0x2cb [ 351.516374][ T28] ? nf_tcp_handle_invalid+0x642/0x642 [ 351.516406][ T28] ? panic+0x764/0x764 [ 351.516426][ T28] ? vprintk_emit+0x622/0x740 [ 351.516459][ T28] ? printk_sprint+0x490/0x490 [ 351.516490][ T28] ? nmi_cpu_backtrace+0x252/0x560 [ 351.516514][ T28] nmi_cpu_backtrace+0x4e1/0x560 [ 351.516540][ T28] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 351.516561][ T28] ? _printk+0xd1/0x111 [ 351.516583][ T28] ? panic+0x764/0x764 [ 351.516605][ T28] ? __wake_up_klogd+0xcc/0x100 [ 351.516625][ T28] ? panic+0x764/0x764 [ 351.516647][ T28] ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0 [ 351.516670][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 351.516704][ T28] nmi_trigger_cpumask_backtrace+0x1ae/0x3f0 [ 351.516734][ T28] watchdog+0xf88/0xfd0 [ 351.516767][ T28] ? watchdog+0x1f8/0xfd0 [ 351.516798][ T28] kthread+0x28d/0x320 [ 351.516816][ T28] ? hungtask_pm_notify+0x50/0x50 [ 351.516841][ T28] ? kthread_blkcg+0xd0/0xd0 [ 351.516862][ T28] ret_from_fork+0x1f/0x30 [ 351.516903][ T28] [ 351.516910][ T28] Sending NMI from CPU 0 to CPUs 1: [ 351.516936][ C1] NMI backtrace for cpu 1 [ 351.516944][ C1] CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 6.1.112-syzkaller #0 [ 351.516960][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 351.516970][ C1] Workqueue: rcu_gp process_srcu [ 351.517005][ C1] RIP: 0010:preempt_count_add+0x58/0x180 [ 351.517026][ C1] Code: 15 00 75 07 65 8b 05 1f f9 a3 7e 65 01 1d 18 f9 a3 7e 48 c7 c0 60 41 33 97 48 c1 e8 03 42 0f b6 04 38 84 c0 0f 85 d9 00 00 00 <83> 3d 11 cb d4 15 00 75 11 65 8b 05 f0 f8 a3 7e 0f b6 c0 3d f5 00 [ 351.517041][ C1] RSP: 0018:ffffc90000a1fad0 EFLAGS: 00000297 [ 351.517054][ C1] RAX: 0000000000000004 RBX: 0000000000000001 RCX: ffffffff97334103 [ 351.517065][ C1] RDX: 00000000000000b6 RSI: ffffffff8b5d7160 RDI: 0000000000000001 [ 351.517076][ C1] RBP: 00000000000010b0 R08: ffffffff8438b634 R09: fffffbfff1d33f2e [ 351.517087][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffffffff1d33f6f [ 351.517099][ C1] R13: 000000000001a156 R14: 0000000000002af9 R15: dffffc0000000000 [ 351.517110][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 351.517124][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 351.517135][ C1] CR2: 00007fe6fbf80000 CR3: 00000000447fa000 CR4: 00000000003506e0 [ 351.517150][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 351.517160][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 351.517170][ C1] Call Trace: [ 351.517175][ C1] [ 351.517180][ C1] ? nmi_cpu_backtrace+0x3de/0x560 [ 351.517208][ C1] ? read_lock_is_recursive+0x10/0x10 [ 351.517233][ C1] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 351.517248][ C1] ? nmi_handle+0x25/0x440 [ 351.517279][ C1] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 351.517302][ C1] ? nmi_handle+0x12e/0x440 [ 351.517343][ C1] ? nmi_handle+0x25/0x440 [ 351.517367][ C1] ? preempt_count_add+0x58/0x180 [ 351.517387][ C1] ? default_do_nmi+0x62/0x150 [ 351.517404][ C1] ? exc_nmi+0xa8/0x100 [ 351.517420][ C1] ? end_repeat_nmi+0x16/0x31 [ 351.517447][ C1] ? _find_next_bit+0x24/0x120 [ 351.517472][ C1] ? preempt_count_add+0x58/0x180 [ 351.517492][ C1] ? preempt_count_add+0x58/0x180 [ 351.517513][ C1] ? preempt_count_add+0x58/0x180 [ 351.517533][ C1] [ 351.517537][ C1] [ 351.517543][ C1] delay_tsc+0x62/0xd0 [ 351.517559][ C1] try_check_zero+0x3ee/0x410 [ 351.517587][ C1] process_srcu+0x1dc/0x1300 [ 351.517613][ C1] ? print_irqtrace_events+0x210/0x210 [ 351.517636][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 351.517659][ C1] ? do_raw_spin_unlock+0x137/0x8a0 [ 351.517679][ C1] ? process_one_work+0x7a9/0x11d0 [ 351.517698][ C1] process_one_work+0x8a9/0x11d0 [ 351.517725][ C1] ? worker_detach_from_pool+0x260/0x260 [ 351.517747][ C1] ? _raw_spin_lock_irqsave+0x120/0x120 [ 351.517767][ C1] ? kthread_data+0x4e/0xc0 [ 351.517793][ C1] ? wq_worker_running+0x97/0x190 [ 351.517810][ C1] worker_thread+0xa47/0x1200 [ 351.517841][ C1] kthread+0x28d/0x320 [ 351.517855][ C1] ? worker_clr_flags+0x190/0x190 [ 351.517872][ C1] ? kthread_blkcg+0xd0/0xd0 [ 351.517888][ C1] ret_from_fork+0x1f/0x30 [ 351.517917][ C1] [ 351.517932][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 351.517942][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.112-syzkaller #0 [ 351.517961][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 351.517972][ T28] Call Trace: [ 351.517979][ T28] [ 351.517986][ T28] dump_stack_lvl+0x1e3/0x2cb [ 351.518020][ T28] ? nf_tcp_handle_invalid+0x642/0x642 [ 351.518052][ T28] ? panic+0x764/0x764 [ 351.518079][ T28] ? vscnprintf+0x59/0x80 [ 351.518106][ T28] panic+0x318/0x764 [ 351.518131][ T28] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 351.518153][ T28] ? memcpy_page_flushcache+0xfc/0xfc [ 351.518185][ T28] ? nmi_trigger_cpumask_backtrace+0x2c8/0x3f0 [ 351.518209][ T28] watchdog+0xfc7/0xfd0 [ 351.518240][ T28] ? watchdog+0x1f8/0xfd0 [ 351.518270][ T28] kthread+0x28d/0x320 [ 351.518287][ T28] ? hungtask_pm_notify+0x50/0x50 [ 351.518311][ T28] ? kthread_blkcg+0xd0/0xd0 [ 351.518332][ T28] ret_from_fork+0x1f/0x30 [ 351.518371][ T28] [ 351.518692][ T28] Kernel Offset: disabled [ 352.648674][ T28] Rebooting in 86400 seconds..