last executing test programs: 7m18.353066211s ago: executing program 4 (id=335): r0 = socket$vsock_stream(0x28, 0x1, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040010) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0406618, 0x0) write$cgroup_subtree(r1, &(0x7f0000000100)={[{0x0, 'rdma'}, {0x2b, 'cpuset'}]}, 0xe) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) r4 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3, 0x0, {0x2, 0x0, 0x4}, 0x2}, 0x18) sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee) sendmsg$can_j1939(r4, &(0x7f00000004c0)={&(0x7f0000000000)={0x1d, r3, 0x3, {0x0, 0x1, 0x1}, 0xfe}, 0x18, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000008c0)={'bridge0\x00'}) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4040000) close_range(r0, 0xffffffffffffffff, 0x0) 7m17.21939591s ago: executing program 4 (id=340): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, 0x0, &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x9c) 7m14.907199481s ago: executing program 4 (id=347): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000500)='./file0\x00', 0x1000000, &(0x7f00000018c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES16=0x0], 0xfe, 0x1b2, &(0x7f0000000580)="$eJzs289qE1EUB+CT2Na0LpKFK3Ex4MZVaPoEBqkgBgQlCwVBsQ1IRwIWArow2bnwIfRx3OqTuCwiXEmmf5Iai5Q2A+n3bXKYub9w7pDkMIF5efvt3k5/v/ei9y1qlUpU76UUB5VoRDWOjAIAWCYHKcWXiEjXR7H+NdKvVCi7LwDg8ozn/8/xwD+c/yY/ACy/p8+eP2p3OttPsqwWkX8adAfd4rU43+7Fm8hjNzajHr8j0rGifvCws72ZTTTicz48zA8H3Wuz+VbUozE/3yry2Wx+NTam81tRj5vz81tz82tx985Uvhn1+PE6+pHHToyzJ/mPrSy7/7hzKn9jsg4AAACWQTM7Nvf+vdn81/ki36789/8Dp+6vV+LWSrl7B4Crav/9h71Xeb77bqHF2tSRiBidsfj7RtHo4jrMzhk/uqSLvpgXV6zHxb/zapS/r+Up+tXzx1NKw/Hn8+zFtYiYFOX9JgGLcfLtnzlcL60hAAAAAAAAAAAAAADgL4t4dKnsPQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw9fwJAAD//xQYkLQ=") mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) 7m12.567699433s ago: executing program 4 (id=355): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000001900010000000000000000008020200000110705"], 0x38}}, 0x0) 7m10.991532686s ago: executing program 4 (id=359): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x80000001, 0x30}, 0xc) r1 = dup(r0) write$cgroup_subtree(r1, &(0x7f00000005c0)=ANY=[], 0x32600) write$P9_RRENAME(r1, &(0x7f0000000300)={0x7, 0x15, 0x1}, 0x7) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x0) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x32, 0x0, 0x0) syz_emit_ethernet(0x2e, 0x0, 0x0) fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r2, 0x1, 0x0, 0x0) r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800) sendmmsg$alg(r3, 0x0, 0x0, 0x40800) 7m8.767906032s ago: executing program 4 (id=366): sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710, @local}, 0x10) recvmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000005c0)=""/77, 0x4d}], 0x1}, 0x5}], 0x40000, 0x0, 0x0) shutdown(r1, 0x0) 6m53.636448082s ago: executing program 32 (id=366): sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710, @local}, 0x10) recvmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000005c0)=""/77, 0x4d}], 0x1}, 0x5}], 0x40000, 0x0, 0x0) shutdown(r1, 0x0) 8.025730331s ago: executing program 0 (id=1852): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setreuid(0xee00, 0x0) keyctl$join(0x1, 0x0) keyctl$session_to_parent(0x12) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="280000002100050125bd70000000000002000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="b7836f1c1b5be19805e133cc73fc5944bcec8171ae276f"], 0x28}}, 0x0) r4 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000540)={0x1, {{0xa, 0x0, 0x0, @mcast1, 0x6}}, {{0xa, 0xfffe, 0x3fe00, @initdev={0xfe, 0x88, '\x00', 0xde, 0x0}, 0x3}}}, 0x108) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x3, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x2, @loopback}}}, 0x108) 7.524327967s ago: executing program 5 (id=1858): r0 = io_uring_setup(0x3485, &(0x7f000001f340)={0x0, 0xcb1, 0x80, 0x3, 0xad}) io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x13, 0x0, 0x0) 7.344227526s ago: executing program 2 (id=1859): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10008, &(0x7f0000000080)={[{@nombcache}, {@nogrpid}]}, 0xff, 0x49e, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvbH/Qyo9WRBQEraCR+KOlBZWDBzSaeNDERA94rG1BZKGG1gRIo8UYPBoS78ajiX+BNy9GPRgTr5p4NCREe6F4qpmdGbpsd0u3tF3pfj7Jdt/bmd33vjPv7b6Z15kA2tZA+ieJ2BYRv0dEX5a9fYWB7Gl+bmbs5tzMWBILC2//nVTWuzE3M1asWrxva545VIoofZbE8WRpuVMXL50ZLZcnzuf5oemzHw5NXbz03Omzo6cmTk2cGzl27OiR4RdfGHl+TeJM47qx9+PJfXtef/fqm2Mnrr7307dptXbvz5ZXx3FHN+sEVMdAutX+WaioXfZkE3W/F2yvSiedLawITemIiHR3dVX6f190xOLO64vXPm1p5YB1lf42bWm8eHYB2MSSaHUNgNYofujT49/isUFDj/+F6y9HdOfp+bmZsflb8XdGKX+9ax3LH4iIE7P/fpU+otnzEAAAq1AZ2zxbb/xXit2V52yuY0c+h9IfEfdHxM6IeCAidkXEgxGVdR+KiIezNy/0rbD8gZr80vFP6VrdOq+RdPz3UtXYb74q/vypvyPPba/E35WcPF2eOJxvk0PRtSXNDy9Txvev/vZFo2XV47/0kZZfjAXzClzrrDlBNz46PbpWG+H65Yi9nfXiT27NBKQtYE9E7G3uo3cUidNPf7Ov0Up3jn8ZazDPtPB1xFPZ/p+NmvgLyfLzk0M9UZ44PFS0iqV+/vXKW43Kv6v418D1A49kicX9X7NGVUMrlyfOTzVfxpU/Pm94TLPa9t+dvFOZs/7l/ey1C6PT0+eHI7qTNyr54piu8vrI4nsvjE73pvli/bT9HzpYv//vzN+T7v90K6WNeH9EPBoRj+V1fzwiDkTEwWXi//GVJz5YJv4kkmjd/r8cMV73++9W++9PqufrV5HoOPPDd41mzFe2/4/GbOW7NlP5/ruDlVbwLjcfAAAA3BNKEbEtktJglh7YFqXS4GD2P/y74r5SeXJq+pmTkx+dG8+uEeiPrlJxpquv6nzocDKbf2KWH8nPFRfLj+Tnjb/s6K3kB8cmy+Mtjh3a3dbb+38U/T/1V0erawesO9drQfuq7f+lFtUD2Hgr+f13LACb0+39vyf909uqugAby/E/tK96/f+TmrzxP2xOS/v/n3VuWQdsRsb/0L70f2hf+j+0pWYu54/jjRb1REQztwUoLhZY/V0FelZ8hX+7JIo7XqxnWb1x6Ux3/kqUWhRpR5ONbVMk0h6zsYUu3kMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgXvZfAAAA//8hId5P") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x1) write$binfmt_register(r3, &(0x7f0000000880)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x1, 0x3a, 'usrjquota=\xb9\xc4\xd7A%S\n\x10i\xcf\x84\x93v\x02\xe4y}\xcbV\xbb\xc1\xd5\x06\v\xdc\xd8\\\xc5\xb3\ag\xa6u\xbe\xf4)\xae\xb6\xfe*\x9d?\xb2C\xf0<\xc9\x820M\x92Tzs\xba\xca\x9d\xad\x17\x1b\x84\xbc\xb3\xd8\xad\f\x17\xbe\x17\xb5}.H\x90\xc7\x0e\xb3y\xd0\xc3\xf0c\x04\xe6\fzZ\x02\xfd_W\x9a\xa7\x81\xfcr\xe9B\x95\x13\x9f\x10\'5\xc0\xf9\xb5\xe1\x15Y\x9b$\xa43\xe7F>\xb7\xa1\xb7zw\xac\xc8\x12\x94\xa7\xe5\xcb\xc0g\x865\\\x9e\xca\x8e\xe2\t\xb7\b\x00\x00\x00\x00\x00\x00\x00i7b\xad\x14oVT\xcb\xea\xd3\xad\xa9\x16\xd5\xb2\xa0 \x13^\xf6>\xd4\x8bZzl\x88\xddn\xab\xd6\x12\x1f\x06', 0x3a, '\x00\x03!\f\xee\x998r~\b\x13\x89\xae\xf1\x06hz\xcc\xd6\xbb\xb8\x19\x90\x9e\xdb\xa2F\xfa_F(\x05\b\x13\x82\x12\xad\x0f^\xdc\xf2\xb5', 0x3a, './file2', 0x3a, [0x46]}, 0x113) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x8, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000800000000000000080000006b110b000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) ioctl$FS_IOC_GETFSSYSFSPATH(r1, 0x80811501, &(0x7f00000004c0)={0x80}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_fuse_handle_req(r4, &(0x7f00000083c0)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0006cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734bc5862ef52983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1d7abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296560000d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fd92bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f46dc53a26fd997f3af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff14427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c97cba5ca94ef1c555d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46ba8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a650b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0c1043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5b38f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077be00000000d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc654ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f900", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 6.89232998s ago: executing program 5 (id=1860): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000001380)='./file1\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6d6f64653d6c66732c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c646973636172642c6e6f696e6c696e655f64656e7472792c008bfb3c1e4b1b12ae77c937da8858"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x14b302, 0x8c) pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="7f", 0x1}], 0x1, 0x5412, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x6fecb1) 5.398079698s ago: executing program 3 (id=1862): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000040)={[{@resgid}, {@stripe={'stripe', 0x3d, 0x40}}]}, 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=") r0 = open(&(0x7f0000000180)='./file1\x00', 0x64042, 0x0) pwrite64(r0, &(0x7f0000006a80)="89b9473cd0", 0x5, 0xf281) 5.341746631s ago: executing program 2 (id=1863): sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x20, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x4}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x20}}, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x14, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x2008051) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r1, 0x40045730, &(0x7f0000000040)=0x7) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000000480)={0x10000000, 0x0, &(0x7f00000002c0), 0x0, {0x31}, 0x0, 0x0, &(0x7f00000003c0)=""/15, 0x0}, 0x58) r4 = getpgrp(r3) sched_setaffinity(r4, 0x8, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5c5d000) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r7, 0x29, 0x2e, &(0x7f0000000340)={0x11, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x6}}, {{0xa, 0xfffe, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x13}}}, 0x108) close(r7) get_mempolicy(0x0, 0xfffffffffffffffe, 0x5b, &(0x7f0000ffd000/0x2000)=nil, 0x2) 5.224381297s ago: executing program 1 (id=1864): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0) close(r1) r2 = socket$unix(0x1, 0x1, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x4, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000300)={'syzkaller0\x00', @multicast}) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = socket$unix(0x1, 0x5, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(r7, 0x0, 0x4890) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r5, &(0x7f0000000240)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r8, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x8044) 4.321991784s ago: executing program 3 (id=1865): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80800, 0x0) close(r4) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0x8}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0xf}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000e0}, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 4.224931459s ago: executing program 0 (id=1866): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r0, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6}, 0x20) 3.945192194s ago: executing program 5 (id=1867): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4096, 0x1000}], 0x1) syz_emit_ethernet(0x40b, &(0x7f0000003200)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3fd, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e22, 0x4e20, 0x3e9, 0x0, @opaque="c36188db1b21bc2399f98fd1cd989dfe01d7c3d227f404606b4c0592153f0f80fec6842533dba5beffd4d44f8a00d33ec86feb6fe8cca450d31cd8c1745d419c207ef81b6728feba48c1fa7fa537d8fb647d47e6ebdaa143eb866356e0ff922826aa225e5340c0f97510244713ba9400073c39f330c81fa96c48deb4f30d7406fd96c1272003a31f184ca6e6bd9856e8db9c0243fc5b81bdd97ed886f408a02eec1a17a5dd8cae119e1d76a9c0ea5baf2422f11334d516a9b24f4f867d058dbec1bb9e79d0192cab3a15f58dc06f047ee3f46a16c3da51b886c2d7224a053ed216e2910176a7f8732ebeef55a0c4e7c10aaead641c7aca6d383669a682e39859e0688b21592cdcfbce7de55d056edc4f50f609f2ae068497836808674ef7cb510aa1d9f74e718e004b04f9005918128b2b127cf89cdd56805d6b57d77c09208e344d2229ef59ec750d4fefca61f16005dbcf229d736c9a4f58aba66c15b603ea8140a0f53aa757e62ec84f7dcf6639a14264213d6b7bca298ea620f6071142bb19e30941489b44cc37593fc805abcfb76a8a59644f54bff1cf632b56625211cfc265a57795d10dca69236c200425b54150996460c30d92b59726097256d130c565160aad5a1bbba56a7a8429e2d8a05395b3374b37aac913af186e3e984147845a9ba90e6843d3f3022b5e04ba458fa54e7b6fe39cfdf73711b7deab0de9a7ab2f7b84ed53ca2536ad0550cff43563a0d387fd16e63974dcf91d113806ac8b693734fb5a439b361544443249650f723408a27b291756052dddbeb2ec97840db4b22f885f12580dc83963dc8eae77994753b496b583b015711dcb0540774884236664ab3dbf308f3449e87c7304b3b404c24413c7ea3f07c232345a64bcdee63867c78a54191139c9fe63f5aaf7da500b2b0553f20eecec18e90f1bb3254648ef3663a6c18d4d0f07b3cae2d18d3a4e764c0a4c90523615f950cd7a4c20974ddceb72f7b8a1830607c5bc6d1c2dead238029f093b7579c428ed492f783657df9eea57da574edbcae25f55ff2cd6ef2923215ddfa569e900ac72dbb1530d5a737cc065204d6f4b0e965488619f966899cccd218eb9c26974d885fd8ccdd482f4245c7201cd2f13e5aef1efaad1a70a2a6e5da24bbf349453bcd71b677d4fa4e2881699a4f1d010c934eccd1453b07e4617636094a5d9dcc645fea2095e7147d07aafdfd5f0e260abe3ef02280bae5398d51a70565a4443c7139c514fcb6bd004bfa69b3c6239783f53c72c34b37dcf6a124ae4bf26326f929635553b72b3176985584d2e424bfa62f967d9da7ca4864c24bf58011a2d279d67b25a36f8889125cfb6ecff8737a91c44c29f4a49b259388f400db063336bad95ade5b2742e6fa6ec1c"}}}}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f001000000010104200000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e00010800074000000000080008400000000280000d801400038006000100"], 0x1f0}}, 0x4000000) 3.944889044s ago: executing program 0 (id=1868): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000100)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@jqfmt_vfsv0}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}, {@noload}, {@grpjquota_path={'grpjquota', 0x3d, '.\x02'}}, {@noblock_validity}, {@resgid}, {@nobarrier}, {@errors_continue}]}, 0xfa, 0x491, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvTLulgNiK+AMEqaKR+KOl5YccvGg04aCJiR4wnmpbSKVQQ2sihGj1gEdD4p149S8wnvRi1IsmXvVuSIjhAuJlzezM0NLutlu6ZQv7+SS7fW/mte99Z+btvJk33QA61kD2lkQ8EBF/RkRfnr29wED+48a1C2P/XrswlkS1+s4/Sa3c9WsXxsqi5e9tzTPVapHfVKfei+9HjE5NTZwt8kOzpz8amjl3/qXJ06MnJ05OnBk5evTQwT09R0YOtyTOLK7ruz6d3r3z2HuX3ho7fumDX5I08rhjURytMpBv3bqebXVlbbZtQTrpzt57i9ze3+bX1DsSaKeuiMh2V6XW//uiKzbfWtcXb3zR1sYB66parVaX+VSeqwL3sSTa3QKgPcoTfXb9W77u0tBjQ7j6an4BlMV9o3jla7ojzRN7K4uub1tpICKOz928nL1ine5DAAAs9EM2/nmx3vgvjUfzRE/29mAxh9IfEQ9FxPaIeDgidkTEIxG1so9FxOOrrH/xDMnS8U965Y6Da0I2/nulmNu6ffyXlkX6u4rctlr8leTE5NTEgWKb7I/KphOTycTwMnX8+PofXzVaVxv/lYPxuZuXs/rLsWDRjivdi27QjY/Ojq4l5oWufh6xq7te/EltXiCKeb2dEbHrDuuYfL674bqF49/jdeNfRuM/27TqNxHP5ft/LhbFX0oazk8Ov3xk5PBQb0xNHBgqj4qlfv394tuN6l9T/C2Q7f8tdY//W/H3J70RM+fOn6rN186svo6Lf33Z8Jpm5fhvO/6PbSuO/57k3dqCnmLFJ6Ozs2eHI3qSN5cuH5n/a2W+LJ/Fv39f/f6/Pea3xBMRsTsi9kTEk9lFYdH2pyLi6YjYt0z8P7/2zIerj7/+XfnKMvXciSz+8ZX2fyzc/6tPdJ366fuV4++NiEb7/1Attb9Y0sznX7MNXMu2AwAAgHtF/gx8kg7Op5PBwfwZ/h2xJZ2anpl94cT0x2fG82fl+6OSlne6+hbcDx0u7g2X+ZFF+YPFfeOvuzbX8oNj01Pj7Q4eOtzWJf0/TbP+n/m7q92tA9ZdC+bRgHuU/g+dS/+HzpSs2P9b/cgRsJE4/0Pnqtf/P2tYevC7dW0McFc5/0PnaqL/z+U/Go8KgHuT8z90Lv0fOlLD/41P1/Qv/y1N7Pk2b+tyZf4rvkJlo7T5/k9EuiGacf8nupv+MotGicrSvlzty/tUtmRT3d9q68cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAy/wfAAD//3gk5XA=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000)) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) unshare(0x22020600) r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f00000000c0)='cgroup.events\x00', 0x300, 0x0) read$FUSE(r5, &(0x7f0000000400)={0x2020}, 0x2020) 3.808452831s ago: executing program 0 (id=1869): syz_open_dev$usbfs(0x0, 0x76, 0x101301) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f0000000080)) listen(r0, 0x3) accept4$bt_l2cap(r0, 0x0, 0x0, 0x800) 3.794643082s ago: executing program 2 (id=1870): setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0xa, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x180048a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@errors_continue}, {@noinit_itable}, {@noblock_validity}]}, 0x1, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, &(0x7f0000000000)) 3.744736575s ago: executing program 1 (id=1871): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup(0x4685, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$SG_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) r5 = fsmount(r4, 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0) open_by_handle_at(r6, &(0x7f0000000100)=ANY=[], 0x408100) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000380)=ANY=[], 0x190) r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYRES16=r7, @ANYBLOB="01000000000000000000047400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) 3.399750243s ago: executing program 5 (id=1872): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x97) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000240)="002147172af100000000030600710a5e311a6b8d9c2b", 0x16}], 0x1, 0x3, 0x7) 2.602927204s ago: executing program 1 (id=1873): timer_create(0x0, 0x0, &(0x7f0000000300)) r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x40800}, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000480)={0x0, {{0xa, 0x0, 0x3, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0) openat$cgroup_subtree(r1, 0x0, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4, 0x0, @remote}}}, 0x108) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x24}}}}, 0x108) close(r2) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101}) 2.48772195s ago: executing program 1 (id=1874): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb87, &(0x7f00000017c0)="$eJzs3c9vFFUcAPDvzG5LKWgX40GMCTUeIDFsW0BB4gE8Gg8mkqAnXPuDNCxgaE0sIbHcTLyowZMnT2qiR6+GGPXkweiJ/8CQEFP4A2pmdras7W5LYcuQ9vNJZve9eSzvO02++9503nQC2LFGs5c0Yn9EfJ5EjBT704gYzEtDEYutf3dv6dpktiWxvPzOv0kkEXF36dpk+/9Kivc92Us1/2T89UvEM5W1/c4tXL3QaDanrxT1sfmLH47NLVw9PHuxcX76/PSlI6+OH5147diJV47d/9DQox3rwvH0sz/ffOO7G+e+/uPHEy98msSp2Fu0dR5Hv4zG6MrPpFM1It7rd2clqRTH0+04AQB48qQdc7j9MRKVvNQyEvXZUoMDAAAA+uKTiFgGAAAAtrnE+T8AAABsc+11AHeXrk22t3JXJACPy53TEVFr5X/7/v5WSzUW8/ehGIiI4XtJx51Brfu9a33ofzQifvjq+IFsiy26Dx/obvF6RDzXbfxP8vyvFX90Y3X+pxEx3of+R1fV5T88Pt3yv3VesHH+n+pD//IfAAAAAAAA+ufm6daF/LXX/9OV9T/R5fpfpcu1u4ex8fW/9HYfugG6uHM64vWOZ/vc68j/Qq1S1J7K1wMMJDOzzenxiHg6Ig7FwK6sPrFOH9/+dPLvXm2d6/+yLeu/vRawiON2ddf/PzPVmG88yjEDLXeuRzxf7Zb/ycr4n/RY//v2A/bx29mfZ3q1bZz/wFZZ/ibiYNfx//4T3ZL1n883ls8HxtqzgrXOvvjr9736l/9Qnmz8H14//2tJ5/M65zbfx/jw4fO92h52/j+YnMmfKjpY7Pu4MT9/ZSJiMHlr7f4jm48ZtqN2PrTzJcv/Qy91P/9fb/6fJdn7xbdEGhGN4j2rf7Cqz13nfv+iVzzGfyhPlv9Tmxr/N1/48t2lM736f7Dx/1g+ph8q9vj9H6zvQRO07DgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgSZJGxN5I0vpKOU3r9Yg9EfFsDKfNy3PzL89c/ujSVNYWUYuBdGa2OT0eESOtepLVJ/Ly/fqRVfWjEbEvIm6M7M7r9cnLzamyDx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAVeyJibyRpPSLSvJym9Xqr7Z+RsqMDAAAA+qZWdgAAAADAlnP+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj2nfg5q0kIhZP7s63zGDRNlBqZMBWS8sOAChNpewAgNJUyw4AKI1zfCDZoH2oZ4sZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBOcnD/zVtJRCye3J1vmcGibaDUyICtlpYdAFCaStkBAKWplh0AUBrn+ECyQftQzxYzCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdZG7h6oVGszl9RWHdQjUinoAwFBQeU6HsbyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2s/8CAAD//yT3/f8=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) unlink(&(0x7f00000004c0)='./file1\x00') pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 2.462823631s ago: executing program 3 (id=1875): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x17c, 0x19, 0x1, 0x400, 0x25dfdbfe, {{@in6=@remote, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x4d5, 0x32}, 0x0, @in6=@local, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {{@in6=@local, 0x0, 0x33}, 0x0, @in6=@private2, 0x0, 0x0, 0x0, 0xfd, 0x204}, {{@in6=@loopback, 0x0, 0x33}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x7}]}]}, 0x17c}}, 0x0) 2.425829743s ago: executing program 5 (id=1876): syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000040)='./file4\x00', 0x8000, &(0x7f0000000580)={[{@iocharset={'iocharset', 0x3d, 'cp863'}}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '932'}}, {}, {@rodir}, {@shortname_mixed}, {@numtail}, {@shortname_win95}, {@uni_xlateno}, {@fat=@showexec}, {@uni_xlate}, {@shortname_win95}, {@shortname_lower}, {@utf8}]}, 0x88, 0x29b, &(0x7f0000000180)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==") syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000017c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x189d051, 0x0, 0x40, 0x0, &(0x7f0000000140)) rmdir(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 2.275575381s ago: executing program 3 (id=1877): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x7fffe, {0x0, 0x0, 0x0, r4, {0x0, 0xfff2}, {0x0, 0xb}, {0xf, 0x1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x5}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400c800}, 0xc894) r6 = socket$unix(0x1, 0x1, 0x0) r7 = socket$kcm(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r7, &(0x7f0000000000)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200080314000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f0000000780)="f058050000007f8f", 0x4000}], 0x2}, 0x5) 2.183572196s ago: executing program 5 (id=1878): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setreuid(0xee00, 0x0) keyctl$join(0x1, 0x0) keyctl$session_to_parent(0x12) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="280000002100050125bd70000000000002000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="b7836f1c1b5be19805e133cc73fc5944bcec8171ae276f"], 0x28}}, 0x0) r4 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000540)={0x1, {{0xa, 0x0, 0x0, @mcast1, 0x6}}, {{0xa, 0xfffe, 0x3fe00, @initdev={0xfe, 0x88, '\x00', 0xde, 0x0}, 0x3}}}, 0x108) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x3, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x2, @loopback}}}, 0x108) 2.181527596s ago: executing program 2 (id=1879): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000100)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@jqfmt_vfsv0}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}, {@noload}, {@grpjquota_path={'grpjquota', 0x3d, '.\x02'}}, {@noblock_validity}, {@resgid}, {@nobarrier}, {@errors_continue}]}, 0xfa, 0x491, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvTLulgNiK+AMEqaKR+KOl5YccvGg04aCJiR4wnmpbSKVQQ2sihGj1gEdD4p149S8wnvRi1IsmXvVuSIjhAuJlzezM0NLutlu6ZQv7+SS7fW/mte99Z+btvJk33QA61kD2lkQ8EBF/RkRfnr29wED+48a1C2P/XrswlkS1+s4/Sa3c9WsXxsqi5e9tzTPVapHfVKfei+9HjE5NTZwt8kOzpz8amjl3/qXJ06MnJ05OnBk5evTQwT09R0YOtyTOLK7ruz6d3r3z2HuX3ho7fumDX5I08rhjURytMpBv3bqebXVlbbZtQTrpzt57i9ze3+bX1DsSaKeuiMh2V6XW//uiKzbfWtcXb3zR1sYB66parVaX+VSeqwL3sSTa3QKgPcoTfXb9W77u0tBjQ7j6an4BlMV9o3jla7ojzRN7K4uub1tpICKOz928nL1ine5DAAAs9EM2/nmx3vgvjUfzRE/29mAxh9IfEQ9FxPaIeDgidkTEIxG1so9FxOOrrH/xDMnS8U965Y6Da0I2/nulmNu6ffyXlkX6u4rctlr8leTE5NTEgWKb7I/KphOTycTwMnX8+PofXzVaVxv/lYPxuZuXs/rLsWDRjivdi27QjY/Ojq4l5oWufh6xq7te/EltXiCKeb2dEbHrDuuYfL674bqF49/jdeNfRuM/27TqNxHP5ft/LhbFX0oazk8Ov3xk5PBQb0xNHBgqj4qlfv394tuN6l9T/C2Q7f8tdY//W/H3J70RM+fOn6rN186svo6Lf33Z8Jpm5fhvO/6PbSuO/57k3dqCnmLFJ6Ozs2eHI3qSN5cuH5n/a2W+LJ/Fv39f/f6/Pea3xBMRsTsi9kTEk9lFYdH2pyLi6YjYt0z8P7/2zIerj7/+XfnKMvXciSz+8ZX2fyzc/6tPdJ366fuV4++NiEb7/1Attb9Y0sznX7MNXMu2AwAAgHtF/gx8kg7Op5PBwfwZ/h2xJZ2anpl94cT0x2fG82fl+6OSlne6+hbcDx0u7g2X+ZFF+YPFfeOvuzbX8oNj01Pj7Q4eOtzWJf0/TbP+n/m7q92tA9ZdC+bRgHuU/g+dS/+HzpSs2P9b/cgRsJE4/0Pnqtf/P2tYevC7dW0McFc5/0PnaqL/z+U/Go8KgHuT8z90Lv0fOlLD/41P1/Qv/y1N7Pk2b+tyZf4rvkJlo7T5/k9EuiGacf8nupv+MotGicrSvlzty/tUtmRT3d9q68cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAy/wfAAD//3gk5XA=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000)) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) unshare(0x22020600) r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f00000000c0)='cgroup.events\x00', 0x300, 0x0) read$FUSE(r5, &(0x7f0000000400)={0x2020}, 0x2020) 2.079414672s ago: executing program 2 (id=1880): sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x20, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x4}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x20}}, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x14, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x2008051) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r1, 0x40045730, &(0x7f0000000040)=0x7) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)=0x0) syz_clone3(&(0x7f0000000480)={0x10000000, 0x0, &(0x7f00000002c0), 0x0, {0x31}, 0x0, 0x0, &(0x7f00000003c0)=""/15, 0x0}, 0x58) r4 = getpgrp(r3) sched_setaffinity(r4, 0x8, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5c5d000) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r7, 0x29, 0x2e, &(0x7f0000000340)={0x11, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x6}}, {{0xa, 0xfffe, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x13}}}, 0x108) close(r7) get_mempolicy(0x0, 0xfffffffffffffffe, 0x5b, &(0x7f0000ffd000/0x2000)=nil, 0x2) 554.854101ms ago: executing program 3 (id=1881): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0) close(r1) r2 = socket$unix(0x1, 0x1, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x4, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000300)={'syzkaller0\x00', @multicast}) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = socket$unix(0x1, 0x5, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(r7, 0x0, 0x4890) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r5, &(0x7f0000000240)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r8, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x8044) 536.666112ms ago: executing program 0 (id=1882): socket(0xa, 0x2, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000d00)={[{@noauto_da_alloc}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x4c4, &(0x7f0000000540)="$eJzs3c9vHFcdAPDvjO3Ydd3ahUr8ENBQCgFF3bU3rVX1VC4gVFVCVJw4pMbeWJZ3vZZ3HWKTg/M/IBGJE/wJHJA4IOXEnRvcEFI4IAWIQDESh0UzO3YcZ9exiL2Tej8faTTz5u3u9721573x1/a+AEbW5YjYi4hLEfFJRMwW55Niiw96W/a4Rw9vL+8/vL2cRLf78T+SvD47F0eek3m5eM2piPjBdyN+nDwdt72zu77UaNS3inK109ystnd2/7LWXFqtr9Y3arXFhcX59669Wzuzvr7R/PWD76x9+MPf/fbL9/+w962fZs2aKeqO9uMs9bo+cRgnMx4RH55HsBKMFf25VHZD+L+kEfGZiHgzu/67ZbcGABiGbnc2urNHywDARZfmObAkrRS5gJlI00qll8N7PabTRqvduXqjtb2x0suVzcVEemOtUZ8vcoVzMZFk5YX8+HG5dqx8LSJei4ifTb6UlyvLrcZKmTc+ADDCXj42//97sjf/AwAX3FTZDQAAhs78DwCjx/wPAKPH/A8Ao8f8DwCjx/wPAKPH/A8AI+X7H32Ubd394vOvV27ubK+3br69Um+vV5rby5Xl1tZmZbXVWs0/s6f5rNdrtFqbC+/E9q1qp97uVNs7u9ebre2NzvX8c72v1yeG0isA4CSvvXHvT0lE7L3/Ur7FkbUczNVwsaVlNwAozVjZDQBKM152A4DS+Bkf6LNE7xMG/onQ3YFPMbTAC+7KF+T/YVTJ/8Pokv+H0SX/D6Or202s+Q8AI0aOHziH3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAhTeTb0laKdYCn4k0rVQiXomIuZhIbqw16vMR8WpE/HFyYjIrL5TdaADgOaV/S4r1v67MvjVzvPZS8p/JfB8RP/nFxz+/tdTpbC1k5/95eL5ztzhfOzGQpQYBoCQH8/TBPH7g0cPbywfbMNvz4Nu9xUWzuPvF1qsZj/F8P5XfOEz/KynKPdn9ytgZxN+7ExGf79f/JM+NzBUrnx6Pn8V+Zajx0yfip3ldb5+9F589g7bAqLmXjT8f9Lv+0ric7/tf/1P5CPX8Dsa//afGv/Rw/BsbMP5dPm2Md37/vYF1dyK+ON4vfnIYPxkQ/61Txv/zl77y5qC67i8jrkT/+EdjVTvNzWp7Z/fttebSan21vlGrLS4szr937d1aNc9RVw8y1U/7+/tXXz2p/9MD4k89o/9fP2X/f/XfT3701RPif/Nr/b/+r58QP5sTv3HK+EvTvxm4fHcWf6V//4vnDO7/1VPGv//X3ZVTPhQAGIL2zu76UqNR33IwtIPs3u0FaMaFO7jzqXlXs++As3idz51jU8semYDz9viiL7slAAAAAAAAAAAAAADAIMP4h6ey+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDF9b8AAAD//3Sb1xQ=") symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 524.448923ms ago: executing program 2 (id=1883): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup(0x4685, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$SG_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) r5 = fsmount(r4, 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0) open_by_handle_at(r6, &(0x7f0000000100)=ANY=[], 0x408100) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000380)=ANY=[], 0x190) r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYRES16=r7, @ANYBLOB="01000000000000000000047400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) 299.629075ms ago: executing program 1 (id=1884): timer_create(0x0, 0x0, &(0x7f0000000300)) r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x40800}, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000480)={0x0, {{0xa, 0x0, 0x3, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0) openat$cgroup_subtree(r1, 0x0, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4, 0x0, @remote}}}, 0x108) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x24}}}}, 0x108) close(r2) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101}) 229.928208ms ago: executing program 3 (id=1885): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001a", 0x23}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20004080) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x3ff, 0x2, 0x3, 0x7fffffffffffffff, 0x58f24868, 0x4, 0x7f, 0x80000001, 0x1, 0x0, 0x4, 0x1000, 0x3ff, 0x8, 0x8, 0x8001], 0x54000, 0x100204}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x8, 0xc5, 0x0, 0x6, 0x9, 0x4, 0x6, 0x1, 0xf8, 0x0, 0x1, 0x0, 0x3, 0x6, 0x6, 0x9, 0x4, 0xfe, '\x00', 0x4, 0x4}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 209.446629ms ago: executing program 1 (id=1886): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80800, 0x0) close(r4) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0x8}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0xf}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000e0}, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 0s ago: executing program 0 (id=1887): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=@newsa={0x158, 0x10, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@dev={0xac, 0x14, 0x14, 0x11}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84}, {@in, 0x0, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x23}, {0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xcd}, [@replay_esn_val={0x1c, 0x17, {0x0, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha1)\x00'}, 0x0, 0x100}}]}, 0x158}}, 0x0) kernel console output (not intermixed with test programs): y_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 169.705478][ T5307] netlink: 60 bytes leftover after parsing attributes in process `syz.2.330'. [ 170.855599][ T5319] netlink: 32 bytes leftover after parsing attributes in process `syz.3.331'. [ 170.888707][ T5319] tipc: Invalid UDP bearer configuration [ 170.888755][ T5319] tipc: Enabling of bearer rejected, failed to enable media [ 172.379595][ T5342] UBIFS error (pid: 5342): cannot open "(null)", error -22 [ 172.976790][ T5334] sctp: failed to load transform for md5: -2 [ 173.121876][ T5350] loop3: detected capacity change from 0 to 1024 [ 173.272845][ T5358] netlink: 60 bytes leftover after parsing attributes in process `syz.1.343'. [ 173.747198][ T5350] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 174.275004][ T5370] loop4: detected capacity change from 0 to 128 [ 174.460539][ T5370] FAT-fs (loop4): Directory bread(block 32) failed [ 174.484434][ T5370] FAT-fs (loop4): Directory bread(block 33) failed [ 174.511143][ T5370] FAT-fs (loop4): Directory bread(block 34) failed [ 174.860139][ T5370] FAT-fs (loop4): Directory bread(block 35) failed [ 175.236533][ T5370] FAT-fs (loop4): Directory bread(block 36) failed [ 175.294364][ T5370] FAT-fs (loop4): Directory bread(block 37) failed [ 175.348970][ T5383] loop2: detected capacity change from 0 to 128 [ 175.355588][ T5370] FAT-fs (loop4): Directory bread(block 38) failed [ 175.362167][ T5370] FAT-fs (loop4): Directory bread(block 39) failed [ 175.370366][ T5370] FAT-fs (loop4): Directory bread(block 40) failed [ 175.377217][ T5370] FAT-fs (loop4): Directory bread(block 41) failed [ 176.375788][ T5370] FAT-fs (loop4): Filesystem has been set read-only [ 176.405840][ T26] audit: type=1800 audit(1776922139.837:6): pid=5390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.351" name="bus" dev="loop2" ino=1048593 res=0 errno=0 [ 176.943879][ T5404] netlink: 28 bytes leftover after parsing attributes in process `syz.4.355'. [ 177.079114][ T5405] UBIFS error (pid: 5405): cannot open "(null)", error -22 [ 178.186038][ T5412] netlink: 'syz.2.361': attribute type 8 has an invalid length. [ 179.935444][ C0] vcan0: j1939_tp_rxtimer: 0xffff888060990800: rx timeout, send abort [ 179.944323][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888060990800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 182.168893][ T5450] loop3: detected capacity change from 0 to 2048 [ 182.392421][ T5450] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 182.503493][ T5450] EXT4-fs error (device loop3): ext4_ext_precache:608: inode #2: comm syz.3.371: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 186.622940][ T5498] loop1: detected capacity change from 0 to 512 [ 186.629834][ T5496] device syzkaller0 entered promiscuous mode [ 187.315863][ T5498] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 187.366372][ T5498] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 191.873212][ T4173] Bluetooth: hci1: command 0x0406 tx timeout [ 191.879766][ T4173] Bluetooth: hci3: command 0x0406 tx timeout [ 191.886773][ T4173] Bluetooth: hci0: command 0x0406 tx timeout [ 191.892959][ T4173] Bluetooth: hci2: command 0x0406 tx timeout [ 191.899445][ T4173] Bluetooth: hci4: command 0x0406 tx timeout [ 192.190814][ T5551] loop2: detected capacity change from 0 to 164 [ 193.541897][ T5561] loop0: detected capacity change from 0 to 128 [ 193.617035][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.663982][ T5561] FAT-fs (loop0): Filesystem has been set read-only [ 193.699286][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.802659][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.812015][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.820752][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.829391][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.837923][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.846656][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.858971][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 193.889326][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.247752][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.259720][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.286806][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.584737][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.636118][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.673565][ T5569] netlink: 40 bytes leftover after parsing attributes in process `syz.3.405'. [ 194.694381][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.703014][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.763717][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.772329][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.780845][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.794373][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.802870][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.826261][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.838286][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.852432][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.894598][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.904102][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.913383][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939508][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939708][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939736][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939760][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939784][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939808][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939832][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939856][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.939911][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.941743][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.941773][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.941796][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.941819][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.941843][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.941866][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.941899][ T5561] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 194.942118][ T26] audit: type=1800 audit(1776922158.377:7): pid=5561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.403" name="file1" dev="loop0" ino=1048596 res=0 errno=0 [ 195.016057][ T5561] syz.0.403 (5561) used greatest stack depth: 20592 bytes left [ 196.203710][ T5590] autofs4:pid:5590:autofs_fill_super: called with bogus options [ 196.553764][ T5587] chnl_net:caif_netlink_parms(): no params data found [ 196.790849][ T5604] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 196.828284][ T5587] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.835673][ T5587] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.844055][ T5587] device bridge_slave_0 entered promiscuous mode [ 196.853133][ T5587] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.860378][ T5587] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.875525][ T5598] loop3: detected capacity change from 0 to 2048 [ 196.888086][ T5587] device bridge_slave_1 entered promiscuous mode [ 196.928450][ T5587] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 196.940069][ T5606] netlink: 12 bytes leftover after parsing attributes in process `syz.2.413'. [ 196.952616][ T5587] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.013548][ T5598] EXT4-fs (loop3): mounted filesystem without journal. Opts: min_batch_time=0x000000000000000d,mb_optimize_scan=0x0000000000000001,noblock_validity,,errors=continue. Quota mode: none. [ 197.055701][ T5587] team0: Port device team_slave_0 added [ 197.064751][ T5587] team0: Port device team_slave_1 added [ 197.098784][ T5587] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 197.158201][ T5598] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 197.192930][ T5587] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.258844][ T5598] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 30 with max blocks 1 with error 28 [ 197.274670][ T5587] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 197.295849][ T5598] EXT4-fs (loop3): This should not happen!! Data will be lost [ 197.295849][ T5598] [ 197.299479][ T5610] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 197.336320][ T5587] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 197.343625][ T5598] EXT4-fs (loop3): Total free blocks count 0 [ 197.361813][ T5598] EXT4-fs (loop3): Free/Dirty block details [ 197.368848][ T5587] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.412706][ T5610] EXT4-fs (loop3): This should not happen!! Data will be lost [ 197.412706][ T5610] [ 197.426686][ T5598] EXT4-fs (loop3): free_blocks=66060288 [ 197.432847][ T5587] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 197.443938][ T5610] EXT4-fs (loop3): Total free blocks count 0 [ 197.451376][ T5598] EXT4-fs (loop3): dirty_blocks=32 [ 197.462013][ T5614] loop0: detected capacity change from 0 to 512 [ 197.473762][ T5610] EXT4-fs (loop3): Free/Dirty block details [ 197.515162][ T5612] tipc: Started in network mode [ 197.520103][ T5612] tipc: Node identity ee24d552937, cluster identity 4711 [ 197.536769][ T5612] tipc: Enabled bearer , priority 0 [ 197.556748][ T5614] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 197.583128][ T5615] device syzkaller0 entered promiscuous mode [ 197.605890][ T5587] device hsr_slave_0 entered promiscuous mode [ 197.622545][ T5587] device hsr_slave_1 entered promiscuous mode [ 197.632956][ T5587] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 197.658551][ T5587] Cannot create hsr debugfs directory [ 197.681832][ T5614] EXT4-fs (loop0): 1 truncate cleaned up [ 197.713607][ T5614] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 197.756016][ T5612] tipc: Resetting bearer [ 197.792598][ T5611] tipc: Resetting bearer [ 197.884729][ T5611] tipc: Disabling bearer [ 198.166081][ T4225] Bluetooth: hci1: command 0x0409 tx timeout [ 198.206252][ T5622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.420'. [ 198.258558][ T5587] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 198.276667][ T5587] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 198.307201][ T5587] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 198.335264][ T5587] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 198.427265][ T5628] loop1: detected capacity change from 0 to 256 [ 198.457874][ T5628] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 198.519071][ T5628] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 199.546593][ T5587] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.570336][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 199.611293][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 199.643692][ T5642] loop3: detected capacity change from 0 to 1764 [ 199.655882][ T5587] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.679222][ T5647] tipc: Started in network mode [ 199.692682][ T5647] tipc: Node identity 864ae7269185, cluster identity 4711 [ 199.714711][ T5647] tipc: Enabled bearer , priority 0 [ 199.736332][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 199.746165][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 199.822041][ T4696] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.829426][ T4696] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.881971][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 199.891252][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 199.900526][ T4696] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.907665][ T4696] bridge0: port 2(bridge_slave_1) entered forwarding state [ 199.915651][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 199.924773][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 199.933782][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 199.978688][ T5647] device syzkaller0 entered promiscuous mode [ 200.255734][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.282150][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.298744][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 200.334742][ T4225] Bluetooth: hci1: command 0x041b tx timeout [ 200.366702][ T5651] tipc: Resetting bearer [ 200.607361][ T5651] tipc: Disabling bearer [ 200.675720][ T5663] UBIFS error (pid: 5663): cannot open "(null)", error -22 [ 201.284553][ T5664] loop2: detected capacity change from 0 to 1024 [ 201.367677][ T5664] EXT4-fs (loop2): Ignoring removed nobh option [ 201.424686][ T5664] EXT4-fs (loop2): Ignoring removed bh option [ 201.467544][ T5668] loop3: detected capacity change from 0 to 512 [ 201.476037][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 201.491007][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 201.513987][ T5664] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000011,bh,init_itable,. Quota mode: none. [ 201.525095][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 201.546415][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 201.554945][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.563642][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.584590][ T4226] tipc: Node number set to 399501094 [ 201.626895][ T5664] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 201.673788][ T5668] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 201.778992][ T5587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 201.814472][ T5668] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.327463][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2, 10) failed: No such file or directory [ 202.410941][ T4173] Bluetooth: hci1: command 0x040f tx timeout [ 202.532461][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop2, 10) failed: No such file or directory [ 202.608106][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop2, 10) failed: No such file or directory [ 202.896650][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 202.915974][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 202.940042][ T5587] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.764316][ T5709] UBIFS error (pid: 5709): cannot open "(null)", error -22 [ 205.033931][ T4226] Bluetooth: hci1: command 0x0419 tx timeout [ 205.105524][ T5717] syz.2.450 uses obsolete (PF_INET,SOCK_PACKET) [ 206.030622][ T5728] device syzkaller0 entered promiscuous mode [ 206.218784][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 206.247402][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 206.329902][ T5587] device veth0_vlan entered promiscuous mode [ 206.361074][ T5587] device veth1_vlan entered promiscuous mode [ 206.399208][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 206.422158][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 206.458127][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 206.511092][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 206.519618][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 206.528557][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 206.572123][ T5017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 206.704573][ T5017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 206.934539][ T4173] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 207.058318][ T5587] device veth0_macvtap entered promiscuous mode [ 207.204517][ T5017] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 207.332182][ T5587] device veth1_macvtap entered promiscuous mode [ 207.420670][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.459230][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.503035][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.550742][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.593526][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.641925][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.668935][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.679583][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.689575][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 207.701336][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.712618][ T5587] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 207.824393][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 207.884280][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 208.100921][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.126057][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.145320][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.399466][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.456699][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.502751][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.544468][ T5587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 208.583362][ T5587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.595070][ T5587] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 208.605098][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 208.622724][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 208.656030][ T5587] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.682308][ T5587] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.696640][ T5587] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.716458][ T5587] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.899645][ T4642] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.937718][ T4642] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.060109][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 210.148409][ T4427] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.187500][ T4427] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.548434][ T5773] tmpfs: Too few inodes for current use [ 212.240939][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.249700][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.764473][ T5771] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.819014][ T5771] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 213.199321][ T5771] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.208898][ T5771] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.218682][ T5771] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.230593][ T5771] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.433274][ T4642] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 216.391755][ T5825] netlink: 76 bytes leftover after parsing attributes in process `syz.5.481'. [ 216.405201][ T5825] device syzkaller0 entered promiscuous mode [ 217.934598][ T5832] sctp: failed to load transform for md5: -2 [ 219.561262][ T5862] loop3: detected capacity change from 0 to 164 [ 223.556683][ T5921] netlink: 24 bytes leftover after parsing attributes in process `syz.3.513'. [ 223.781029][ T5921] netlink: 4 bytes leftover after parsing attributes in process `syz.3.513'. [ 226.696173][ T5969] UBIFS error (pid: 5969): cannot open "(null)", error -22 [ 226.963465][ T5983] device batadv0 entered promiscuous mode [ 226.996038][ T5983] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 227.012082][ T5983] device batadv0 left promiscuous mode [ 228.703810][ T5997] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 229.080165][ T6009] loop3: detected capacity change from 0 to 128 [ 229.124399][ T4173] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 229.166056][ T6009] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 229.242491][ T6009] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 229.394378][ T4173] usb 6-1: Using ep0 maxpacket: 8 [ 229.561084][ T4173] usb 6-1: unable to get BOS descriptor or descriptor too short [ 229.714543][ T4173] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 229.728834][ T4173] usb 6-1: can't read configurations, error -71 [ 230.643726][ T6046] netlink: 8 bytes leftover after parsing attributes in process `syz.0.560'. [ 232.086210][ T6092] netlink: 12 bytes leftover after parsing attributes in process `syz.3.574'. [ 233.071657][ T6101] loop0: detected capacity change from 0 to 512 [ 233.079604][ T6102] device syzkaller0 entered promiscuous mode [ 233.994697][ T6101] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,mb_optimize_scan=0x0000000000000001,stripe=0x0000000000000006,,errors=continue. Quota mode: writeback. [ 234.016397][ T6101] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 234.050720][ T26] audit: type=1800 audit(1776922197.487:8): pid=6101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.578" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 235.483525][ T6143] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 235.754987][ T6154] tipc: Enabled bearer , priority 0 [ 235.782954][ T6154] device syzkaller0 entered promiscuous mode [ 235.869925][ T6154] tipc: Resetting bearer [ 235.889222][ T6153] tipc: Resetting bearer [ 236.181253][ T6153] tipc: Disabling bearer [ 236.903825][ C1] hrtimer: interrupt took 344932 ns [ 237.004953][ T6182] loop3: detected capacity change from 0 to 4096 [ 237.318156][ T6182] EXT4-fs (loop3): Test dummy encryption mode enabled [ 237.325604][ T6182] EXT4-fs (loop3): Invalid want_extra_isize 63 [ 237.829767][ T6201] netlink: 12 bytes leftover after parsing attributes in process `syz.3.609'. [ 238.586044][ T6208] netlink: 24 bytes leftover after parsing attributes in process `syz.2.611'. [ 238.812746][ T6211] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 239.011743][ T6215] loop5: detected capacity change from 0 to 512 [ 240.778909][ T6236] loop5: detected capacity change from 0 to 1024 [ 240.857000][ T6239] loop0: detected capacity change from 0 to 128 [ 240.933004][ T6236] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 240.950548][ T26] audit: type=1804 audit(1776922204.387:9): pid=6236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.625" name="/newroot/26/file1/bus" dev="loop5" ino=18 res=1 errno=0 [ 241.041791][ T6239] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 241.065617][ T6239] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 242.994619][ T4229] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 243.822242][ T4262] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 243.899449][ T4229] usb 4-1: Using ep0 maxpacket: 8 [ 243.906321][ T4262] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 244.024411][ T4229] usb 4-1: unable to get BOS descriptor or descriptor too short [ 244.094367][ T4229] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 244.102036][ T4229] usb 4-1: can't read configurations, error -71 [ 247.867254][ T6321] Unknown options in mask 6faf [ 248.388784][ T6332] tipc: Started in network mode [ 248.393771][ T6332] tipc: Node identity , cluster identity 4711 [ 248.400006][ T6332] tipc: Failed to obtain node identity [ 248.405712][ T6332] tipc: Enabling of bearer rejected, failed to enable media [ 250.231512][ T6329] loop0: detected capacity change from 0 to 8192 [ 250.303453][ T6329] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 250.442779][ T6329] FAT-fs (loop0): error, clusters badly computed (1 != 0) [ 250.497949][ T6329] FAT-fs (loop0): Filesystem has been set read-only [ 251.803646][ T6357] netlink: 48 bytes leftover after parsing attributes in process `syz.5.664'. [ 255.688981][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.000608][ T6391] netlink: 48 bytes leftover after parsing attributes in process `syz.3.676'. [ 256.039331][ T6391] netlink: 48 bytes leftover after parsing attributes in process `syz.3.676'. [ 256.594002][ T6396] debugfs: File 'dropped' in directory 'loop4' already present! [ 256.604330][ T6396] debugfs: File 'msg' in directory 'loop4' already present! [ 256.611873][ T6396] debugfs: File 'trace0' in directory 'loop4' already present! [ 256.815605][ T6399] device syzkaller0 entered promiscuous mode [ 258.535620][ T6422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.683'. [ 258.919425][ T6429] debugfs: File 'trace0' in directory 'loop4' already present! [ 260.791732][ T6446] autofs4:pid:6446:autofs_fill_super: called with bogus options [ 266.548840][ T6509] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.747065][ T6513] device syzkaller0 entered promiscuous mode [ 267.335238][ T6528] device syzkaller0 entered promiscuous mode [ 268.008042][ T6532] Cannot find map_set index 65533 as target [ 270.134457][ T6509] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.006669][ T4226] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 273.074469][ T6509] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.026849][ T4226] usb 4-1: unable to get BOS descriptor or descriptor too short [ 274.381275][ T4226] usb 4-1: New USB device found, idVendor=041e, idProduct=0005, bcdDevice= 0.40 [ 274.390410][ T4226] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.418313][ T4226] usb 4-1: Product: syz [ 274.422536][ T4226] usb 4-1: Manufacturer: syz [ 274.427200][ T4226] usb 4-1: SerialNumber: syz [ 275.388164][ T6509] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.042814][ T4226] usb 4-1: USB disconnect, device number 8 [ 277.302954][ T6509] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.354737][ T6509] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.399572][ T6509] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.426012][ T6509] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.931060][ T6608] netlink: 4 bytes leftover after parsing attributes in process `syz.3.757'. [ 280.176567][ T6617] xt_hashlimit: size too large, truncated to 1048576 [ 280.572811][ T6625] netlink: 12 bytes leftover after parsing attributes in process `syz.2.762'. [ 281.092570][ T26] audit: type=1326 audit(1776922244.527:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 281.234302][ T26] audit: type=1326 audit(1776922244.527:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 281.374321][ T26] audit: type=1326 audit(1776922244.527:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 281.512621][ T26] audit: type=1326 audit(1776922244.557:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f110fd4e04e code=0x7ffc0000 [ 281.624486][ T26] audit: type=1326 audit(1776922244.557:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 281.710877][ T26] audit: type=1326 audit(1776922244.557:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 281.748071][ T6638] netlink: 24 bytes leftover after parsing attributes in process `syz.2.768'. [ 281.808624][ T26] audit: type=1326 audit(1776922244.567:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 281.954247][ T26] audit: type=1326 audit(1776922244.567:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 282.016725][ T26] audit: type=1326 audit(1776922244.577:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 282.114517][ T26] audit: type=1326 audit(1776922244.577:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.2.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 283.868850][ T6661] debugfs: File 'trace0' in directory 'loop4' already present! [ 286.372718][ T6682] netlink: 12 bytes leftover after parsing attributes in process `syz.1.783'. [ 287.320830][ T6687] netlink: 12 bytes leftover after parsing attributes in process `syz.1.785'. [ 289.307824][ T6712] netlink: 8 bytes leftover after parsing attributes in process `syz.5.794'. [ 289.616716][ T6716] xt_hashlimit: size too large, truncated to 1048576 [ 289.784119][ T6719] hub 8-0:1.0: USB hub found [ 289.791200][ T6719] hub 8-0:1.0: 1 port detected [ 291.491563][ T6724] device syz_tun entered promiscuous mode [ 291.551620][ T6724] team0: Port device syz_tun added [ 292.054445][ T6737] netlink: 16 bytes leftover after parsing attributes in process `syz.3.793'. [ 292.481879][ T6746] UBIFS error (pid: 6746): cannot open "(null)", error -22 [ 292.660590][ T6750] netlink: 14 bytes leftover after parsing attributes in process `syz.5.806'. [ 292.715609][ T6750] device hsr_slave_0 left promiscuous mode [ 292.748231][ T6750] device hsr_slave_1 left promiscuous mode [ 293.320993][ T6760] device syzkaller0 entered promiscuous mode [ 294.746712][ T6781] netlink: 12 bytes leftover after parsing attributes in process `syz.3.816'. [ 295.125528][ T6791] loop7: detected capacity change from 0 to 7 [ 295.992746][ T6794] hub 8-0:1.0: USB hub found [ 296.004412][ T6794] hub 8-0:1.0: 1 port detected [ 297.784473][ T6815] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(6) [ 297.791544][ T6815] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 297.800734][ T6814] netlink: 12 bytes leftover after parsing attributes in process `syz.2.826'. [ 297.803044][ T6812] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 297.816590][ T6812] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 297.890942][ T6815] vhci_hcd vhci_hcd.0: Device attached [ 297.894457][ T6812] vhci_hcd vhci_hcd.0: Device attached [ 297.946921][ T6820] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(9) [ 297.953637][ T6820] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 298.039387][ T6815] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(13) [ 298.046064][ T6815] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 298.057160][ T6820] vhci_hcd vhci_hcd.0: Device attached [ 298.100710][ T6812] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(5) [ 298.102694][ T6815] vhci_hcd vhci_hcd.0: Device attached [ 298.107278][ T6812] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 298.156356][ T6812] vhci_hcd vhci_hcd.0: Device attached [ 298.543849][ T6826] vhci_hcd: connection closed [ 298.564932][ T4323] vhci_hcd: stop threads [ 298.608487][ T13] usb 43-2: new low-speed USB device number 2 using vhci_hcd [ 298.618555][ T4323] vhci_hcd: release socket [ 298.635950][ T4323] vhci_hcd: disconnect device [ 298.644892][ T6821] vhci_hcd: connection closed [ 298.664456][ T6825] vhci_hcd: connection closed [ 298.674865][ T6816] vhci_hcd: connection reset by peer [ 298.685883][ T6813] vhci_hcd: connection closed [ 298.698467][ T9] vhci_hcd: stop threads [ 298.738617][ T9] vhci_hcd: release socket [ 298.763152][ T9] vhci_hcd: disconnect device [ 298.784811][ T6846] netlink: 28 bytes leftover after parsing attributes in process `syz.3.832'. [ 298.794286][ T9] vhci_hcd: stop threads [ 298.798586][ T9] vhci_hcd: release socket [ 298.825401][ T6849] loop0: detected capacity change from 0 to 512 [ 298.832057][ T9] vhci_hcd: disconnect device [ 298.844412][ T6846] netlink: 28 bytes leftover after parsing attributes in process `syz.3.832'. [ 298.855123][ T9] vhci_hcd: stop threads [ 298.859413][ T9] vhci_hcd: release socket [ 298.897775][ T9] vhci_hcd: disconnect device [ 298.912358][ T9] vhci_hcd: stop threads [ 298.921326][ T9] vhci_hcd: release socket [ 298.926056][ T9] vhci_hcd: disconnect device [ 299.156982][ T6846] device ip6gretap0 entered promiscuous mode [ 299.175432][ T6849] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #15: comm syz.0.836: corrupted inode contents [ 299.215098][ T6846] device syz_tun entered promiscuous mode [ 299.230829][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready [ 299.297676][ T6849] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 299.602648][ T6849] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #15: comm syz.0.836: corrupted inode contents [ 299.645256][ T6865] UBIFS error (pid: 6865): cannot open "(null)", error -22 [ 299.685743][ T6849] EXT4-fs error (device loop0): ext4_evict_inode:332: inode #15: comm syz.0.836: mark_inode_dirty error [ 299.880071][ T6849] EXT4-fs (loop0): 1 orphan inode deleted [ 299.893259][ T6849] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 299.979653][ T6871] netlink: 12 bytes leftover after parsing attributes in process `syz.3.842'. [ 301.056302][ T6889] loop0: detected capacity change from 0 to 512 [ 301.326849][ T6889] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000007,inode_readahead_blks=0x0000000000080000,usrjquota=,,errors=continue. Quota mode: writeback. [ 301.462567][ T6889] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 301.946931][ T6904] loop3: detected capacity change from 0 to 8192 [ 302.419447][ T6913] netlink: 12 bytes leftover after parsing attributes in process `syz.2.859'. [ 303.203896][ T6935] netlink: 52 bytes leftover after parsing attributes in process `syz.3.868'. [ 303.994837][ T13] vhci_hcd: vhci_device speed not set [ 304.151524][ T6950] netlink: 12 bytes leftover after parsing attributes in process `syz.5.873'. [ 306.900069][ T6978] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 307.039814][ T6976] device syzkaller0 entered promiscuous mode [ 308.189021][ T7002] loop5: detected capacity change from 0 to 512 [ 308.229640][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 308.229655][ T26] audit: type=1326 audit(1776922271.667:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.882" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe276586819 code=0x0 [ 308.338433][ T7002] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 308.470952][ T7002] EXT4-fs (loop5): 1 truncate cleaned up [ 308.501403][ T7002] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nombcache,. Quota mode: none. [ 309.404901][ T4232] kernel write not supported for file /572/coredump_filter (pid: 4232 comm: kworker/1:8) [ 309.431493][ T7020] device syzkaller0 entered promiscuous mode [ 311.099007][ T7060] netlink: 4 bytes leftover after parsing attributes in process `syz.0.907'. [ 311.424543][ T13] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 311.954328][ T7067] debugfs: File 'trace0' in directory 'loop4' already present! [ 312.422606][ T7073] netlink: 12 bytes leftover after parsing attributes in process `syz.3.916'. [ 312.611693][ T7078] device syzkaller0 entered promiscuous mode [ 313.082417][ T7095] debugfs: File 'trace0' in directory 'loop4' already present! [ 315.295106][ T7124] syz.2.937[7124] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 315.295226][ T7124] syz.2.937[7124] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 316.572772][ T7143] loop5: detected capacity change from 0 to 512 [ 316.928039][ T7143] EXT4-fs error (device loop5): ext4_xattr_inode_iget:401: inode #12: comm syz.5.945: missing EA_INODE flag [ 317.208978][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.303863][ T7143] EXT4-fs error (device loop5): ext4_xattr_inode_iget:406: comm syz.5.945: error while reading EA inode 12 err=-117 [ 317.550343][ T7143] EXT4-fs (loop5): 1 orphan inode deleted [ 317.559106][ T7143] EXT4-fs (loop5): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback. [ 317.706768][ T7165] hub 8-0:1.0: USB hub found [ 317.712385][ T7165] hub 8-0:1.0: 1 port detected [ 318.528370][ T7168] device syzkaller0 entered promiscuous mode [ 318.652677][ T7169] device syzkaller0 entered promiscuous mode [ 318.706635][ T4232] syzkaller0: tun_net_xmit 48 [ 319.624392][ T5791] Bluetooth: hci1: command 0x0406 tx timeout [ 325.079190][ T7259] netlink: 12 bytes leftover after parsing attributes in process `syz.5.985'. [ 325.895887][ T7268] device syzkaller0 entered promiscuous mode [ 326.026688][ T7273] hub 8-0:1.0: USB hub found [ 326.033012][ T7273] hub 8-0:1.0: 1 port detected [ 328.476452][ T7315] hub 8-0:1.0: USB hub found [ 328.481382][ T7315] hub 8-0:1.0: 1 port detected [ 328.538565][ T7316] device syzkaller0 entered promiscuous mode [ 328.550816][ T7319] loop5: detected capacity change from 0 to 256 [ 328.641087][ T7321] loop3: detected capacity change from 0 to 512 [ 329.256719][ T7321] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.1010: inode has both inline data and extents flags [ 329.299918][ T7319] FAT-fs (loop5): Directory bread(block 64) failed [ 329.524723][ T7319] FAT-fs (loop5): Directory bread(block 65) failed [ 329.582506][ T7321] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1010: couldn't read orphan inode 15 (err -117) [ 329.606791][ T7319] FAT-fs (loop5): Directory bread(block 66) failed [ 329.613394][ T7319] FAT-fs (loop5): Directory bread(block 67) failed [ 329.646122][ T7321] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 329.668804][ T7319] FAT-fs (loop5): Directory bread(block 68) failed [ 329.677559][ T7319] FAT-fs (loop5): Directory bread(block 69) failed [ 329.714325][ T7319] FAT-fs (loop5): Directory bread(block 70) failed [ 329.731016][ T7331] loop0: detected capacity change from 0 to 1024 [ 329.747125][ T7319] FAT-fs (loop5): Directory bread(block 71) failed [ 329.764553][ T7319] FAT-fs (loop5): Directory bread(block 72) failed [ 329.809851][ T7319] FAT-fs (loop5): Directory bread(block 73) failed [ 329.826146][ T7331] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 329.877689][ T7331] EXT4-fs (loop0): orphan cleanup on readonly fs [ 329.893307][ T7319] attempt to access beyond end of device [ 329.893307][ T7319] loop5: rw=524288, want=1196, limit=256 [ 329.909241][ T7331] EXT4-fs error (device loop0): ext4_free_blocks:6231: comm syz.0.1013: Freeing blocks not in datazone - block = 0, count = 4096 [ 329.938992][ T7319] attempt to access beyond end of device [ 329.938992][ T7319] loop5: rw=0, want=1196, limit=256 [ 329.950431][ T7331] EXT4-fs (loop0): Remounting filesystem read-only [ 329.957793][ T26] audit: type=1800 audit(1776922293.407:24): pid=7319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1009" name="file1" dev="loop5" ino=1048604 res=0 errno=0 [ 329.978581][ T7331] EXT4-fs (loop0): 1 orphan inode deleted [ 329.984513][ T7331] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: writeback. [ 330.009086][ T7319] attempt to access beyond end of device [ 330.009086][ T7319] loop5: rw=0, want=1196, limit=256 [ 330.081615][ T26] audit: type=1800 audit(1776922293.517:25): pid=7319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1009" name="file1" dev="loop5" ino=1048604 res=0 errno=0 [ 330.125625][ T7347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1018'. [ 330.365311][ T7353] device syzkaller0 entered promiscuous mode [ 330.836579][ T4262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.928017][ T7358] tipc: Started in network mode [ 330.933116][ T7358] tipc: Node identity 56929aaf94ac, cluster identity 4711 [ 330.940933][ T7358] tipc: Enabled bearer , priority 0 [ 330.953415][ T7358] tipc: Resetting bearer [ 331.074964][ T7362] hub 8-0:1.0: USB hub found [ 331.080752][ T7362] hub 8-0:1.0: 1 port detected [ 331.253311][ T7357] tipc: Disabling bearer [ 331.701962][ T7364] printk: syz.2.1024 (7364): Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated). [ 333.263820][ T7379] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1028'. [ 333.708214][ T7375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1029'. [ 334.545729][ T7395] device syzkaller0 entered promiscuous mode [ 335.231146][ T7402] hub 8-0:1.0: USB hub found [ 335.238376][ T7402] hub 8-0:1.0: 1 port detected [ 336.094518][ T7406] tipc: Enabling of bearer rejected, failed to enable media [ 337.437170][ T7423] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1043'. [ 337.799836][ T7427] loop0: detected capacity change from 0 to 256 [ 338.016958][ T7427] exfat: Deprecated parameter 'namecase' [ 338.272449][ T7427] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 339.086478][ T7437] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 339.248542][ T7437] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 339.998492][ T7433] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1045'. [ 340.374769][ T7443] device syzkaller0 entered promiscuous mode [ 341.971367][ T7455] tipc: Started in network mode [ 341.984392][ T7455] tipc: Node identity be48a216710e, cluster identity 4711 [ 342.001962][ T7455] tipc: Enabled bearer , priority 0 [ 342.023566][ T7455] tipc: Resetting bearer [ 342.048181][ T7454] tipc: Disabling bearer [ 342.289590][ T7461] loop0: detected capacity change from 0 to 512 [ 342.402293][ T7461] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 342.414154][ T7461] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 342.453483][ T7468] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1057'. [ 342.628732][ T7461] System zones: 0-1, 15-15, 18-18, 34-34 [ 342.898190][ T7461] EXT4-fs (loop0): orphan cleanup on readonly fs [ 343.082212][ T7461] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 343.286186][ T7461] EXT4-fs warning (device loop0): ext4_enable_quotas:6488: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 343.306878][ T7471] loop5: detected capacity change from 0 to 512 [ 343.314686][ T7461] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 343.332350][ T7461] EXT4-fs error (device loop0): ext4_orphan_get:1432: comm syz.0.1056: bad orphan inode 16 [ 343.339922][ T7471] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 343.427668][ T7461] ext4_test_bit(bit=15, block=18) = 1 [ 343.433111][ T7461] is_bad_inode(inode)=0 [ 343.478183][ T7461] NEXT_ORPHAN(inode)=0 [ 343.482313][ T7461] max_ino=32 [ 343.508578][ T7461] i_nlink=2 [ 343.511901][ T7461] EXT4-fs (loop0): mounted filesystem without journal. Opts: resgid=0x0000000000000000,,errors=continue. Quota mode: writeback. [ 343.552080][ T26] audit: type=1800 audit(1776922306.977:26): pid=7471 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1059" name="file1" dev="loop5" ino=1048605 res=0 errno=0 [ 343.606551][ T7471] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 548) [ 343.765730][ T7471] FAT-fs (loop5): Filesystem has been set read-only [ 343.893474][ T7471] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 548) [ 343.999117][ T7461] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 344.524834][ T7479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1064'. [ 344.684926][ T7479] bond0: (slave bond_slave_0): Releasing backup interface [ 344.854425][ T21] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 345.295075][ T21] usb 1-1: unable to get BOS descriptor or descriptor too short [ 345.374676][ T4232] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 345.429144][ T21] usb 1-1: config 0 has no interfaces? [ 345.484573][ T21] usb 1-1: language id specifier not provided by device, defaulting to English [ 345.611044][ T7492] hub 8-0:1.0: USB hub found [ 345.616864][ T7492] hub 8-0:1.0: 1 port detected [ 345.755186][ T21] usb 1-1: New USB device found, idVendor=041e, idProduct=3048, bcdDevice= 0.40 [ 345.823990][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.833878][ T4232] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 345.940178][ T4232] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 346.008950][ T21] usb 1-1: Product: syz [ 346.097007][ T21] usb 1-1: SerialNumber: syz [ 346.175534][ T4232] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 346.206700][ T7494] loop5: detected capacity change from 0 to 16 [ 346.226603][ T21] usb 1-1: config 0 descriptor?? [ 346.272133][ T4232] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.449569][ T7494] erofs: (device loop5): mounted with root inode @ nid 36. [ 346.492722][ T4232] usb 2-1: config 0 descriptor?? [ 346.720932][ T4232] usb 2-1: can't set config #0, error -71 [ 346.740604][ T4232] usb 2-1: USB disconnect, device number 5 [ 346.752245][ T21] usb 1-1: USB disconnect, device number 4 [ 348.313211][ T7508] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1071'. [ 348.382809][ T7512] debugfs: File 'trace0' in directory 'loop4' already present! [ 348.521629][ T7516] loop0: detected capacity change from 0 to 256 [ 348.594981][ T7516] exfat: Deprecated parameter 'utf8' [ 348.600588][ T7516] exfat: Deprecated parameter 'utf8' [ 348.771979][ T7516] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d) [ 348.791627][ T13] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 349.714073][ T7532] loop0: detected capacity change from 0 to 512 [ 349.744308][ T13] usb 3-1: Using ep0 maxpacket: 16 [ 349.794025][ T7532] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 349.818687][ T7527] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 349.828755][ T7527] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 349.838662][ T7532] EXT4-fs error (device loop0): ext4_iget_extra_inode:4573: inode #15: comm syz.0.1078: corrupted in-inode xattr [ 349.851487][ T7532] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.1078: couldn't read orphan inode 15 (err -117) [ 349.867201][ T7532] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 349.914332][ T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 349.925908][ T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 349.938222][ T13] usb 3-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 349.947807][ T13] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.050598][ T13] usb 3-1: config 0 descriptor?? [ 351.510815][ T7548] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1084'. [ 351.844801][ T7552] debugfs: File 'trace0' in directory 'loop4' already present! [ 352.501049][ T7564] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1088'. [ 353.983129][ T7575] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 355.865668][ T13] usbhid 3-1:0.0: can't add hid device: -71 [ 355.877560][ T13] usbhid: probe of 3-1:0.0 failed with error -71 [ 356.086062][ T13] usb 3-1: USB disconnect, device number 2 [ 357.158611][ T7603] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1098'. [ 357.857385][ T7606] loop0: detected capacity change from 0 to 1024 [ 357.977200][ T7606] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 358.064279][ T4229] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 359.584918][ T4173] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 360.017494][ T7620] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 360.046748][ T7620] 8021q: adding VLAN 0 to HW filter on device bond0 [ 360.063309][ T7620] 8021q: adding VLAN 0 to HW filter on device team0 [ 360.070445][ T4229] usb 2-1: unable to read config index 0 descriptor/all [ 360.081703][ T4229] usb 2-1: can't read configurations, error -71 [ 360.168293][ T7620] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 360.244917][ T7620] syz.2.1106 (7620) used greatest stack depth: 19792 bytes left [ 362.205455][ T4228] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 362.311431][ T7639] overlayfs: conflicting lowerdir path [ 362.394453][ T4228] usb 3-1: device descriptor read/64, error -71 [ 362.674310][ T4228] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 362.904608][ T4228] usb 3-1: device descriptor read/64, error -71 [ 363.093218][ T4228] usb usb3-port1: attempt power cycle [ 363.235315][ T7651] loop5: detected capacity change from 0 to 128 [ 363.435475][ T7651] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 363.473812][ T7651] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 363.504695][ T4228] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 363.605310][ T4228] usb 3-1: device descriptor read/8, error -71 [ 363.884415][ T4228] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 364.491004][ T4228] usb 3-1: device descriptor read/8, error -71 [ 364.640650][ T7661] tipc: Enabled bearer , priority 0 [ 364.649036][ T4228] usb usb3-port1: unable to enumerate USB device [ 364.692562][ T26] audit: type=1800 audit(1776922328.127:27): pid=7651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1114" name="file1" dev="loop5" ino=1048608 res=0 errno=0 [ 364.724599][ T7661] device syzkaller0 entered promiscuous mode [ 364.806829][ T7661] tipc: Resetting bearer [ 364.837093][ T7658] tipc: Resetting bearer [ 364.862631][ T7658] tipc: Disabling bearer [ 365.007617][ T4975] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 370.444275][ T7721] UBIFS error (pid: 7721): cannot open "(null)", error -22 [ 374.064664][ T7745] loop3: detected capacity change from 0 to 512 [ 374.302425][ T7755] loop5: detected capacity change from 0 to 2048 [ 374.315336][ T7745] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 374.399799][ T7745] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 374.523205][ T7766] UBIFS error (pid: 7766): cannot open "(null)", error -22 [ 374.677212][ T7755] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsddf,noblock_validity,jqfmt=vfsold,,errors=continue. Quota mode: none. [ 375.157776][ T7755] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 375.353440][ T7768] loop0: detected capacity change from 0 to 16 [ 375.400404][ T7768] erofs: (device loop0): mounted with root inode @ nid 36. [ 375.444612][ T5669] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 376.297282][ T5669] usb 2-1: Using ep0 maxpacket: 8 [ 376.624604][ T5669] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 376.649075][ T5669] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 251, changing to 7 [ 376.732905][ T5669] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 376.794200][ T5669] usb 2-1: config 1 interface 2 has no altsetting 0 [ 376.904006][ T7791] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1157'. [ 376.918143][ T7789] loop0: detected capacity change from 0 to 512 [ 376.948830][ T7789] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 376.956120][ T7791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1157'. [ 376.956170][ T7791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1157'. [ 377.068280][ T5669] usb 2-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice= 0.40 [ 377.098037][ T5669] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.116835][ T5669] usb 2-1: Product: syz [ 377.121068][ T5669] usb 2-1: Manufacturer: syz [ 377.142632][ T5669] usb 2-1: SerialNumber: syz [ 377.152812][ T7789] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6 [ 377.309351][ T7789] loop0: detected capacity change from 0 to 256 [ 378.147419][ T7803] 9pnet: Insufficient options for proto=fd [ 378.271860][ T5669] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 378.294446][ T5669] usb 2-1: selecting invalid altsetting 0 [ 378.300279][ T5669] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 378.334225][ T5669] usb 2-1: 2:1: invalid format type 0x1001 is detected, processed as PCM [ 378.343501][ T5669] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 378.373852][ T5669] usb 2-1: selecting invalid altsetting 0 [ 378.500324][ T5669] usb 2-1: USB disconnect, device number 8 [ 378.577279][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.589397][ T7808] tipc: Enabling of bearer rejected, failed to enable media [ 378.682547][ T7811] UBIFS error (pid: 7811): cannot open "(null)", error -22 [ 379.406505][ T7787] loop3: detected capacity change from 0 to 40427 [ 379.598930][ T7787] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 379.623330][ T7787] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 379.737106][ T7787] F2FS-fs (loop3): invalid crc value [ 379.792219][ T7787] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12) [ 380.245272][ T4228] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 382.819283][ T7855] tipc: Enabling of bearer rejected, failed to enable media [ 383.713812][ T7870] loop0: detected capacity change from 0 to 1024 [ 383.802202][ T7870] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 383.834990][ T7870] EXT4-fs (loop0): bad geometry: bigalloc file system with non-zero first_data_block [ 383.834990][ T7870] [ 384.622334][ T7887] loop0: detected capacity change from 0 to 1024 [ 384.678544][ T7887] EXT4-fs (loop0): Ignoring removed bh option [ 384.778008][ T7887] EXT4-fs (loop0): mounted filesystem without journal. Opts: nouid32,nodioread_nolock,noquota,delalloc,journal_dev=0x0000000000000009,commit=0x0000000000000000,usrquota,bh,,errors=continue. Quota mode: writeback. [ 384.834122][ T7887] ext4 filesystem being mounted at /214/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 384.894066][ T7887] EXT4-fs error (device loop0): ext4_map_blocks:741: inode #15: comm syz.0.1182: lblock 0 mapped to illegal pblock 0 (length 6) [ 384.912476][ T7887] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 384.929481][ T7887] EXT4-fs (loop0): This should not happen!! Data will be lost [ 384.929481][ T7887] [ 384.971623][ T4328] EXT4-fs error (device loop0): ext4_map_blocks:741: inode #15: block 8: comm kworker/u4:8: lblock 8 mapped to illegal pblock 8 (length 8) [ 384.986008][ T7894] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 385.008761][ T7850] loop3: detected capacity change from 0 to 40427 [ 385.033060][ T4328] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 385.073081][ T7850] F2FS-fs (loop3): invalid crc value [ 385.085193][ T4328] EXT4-fs (loop0): This should not happen!! Data will be lost [ 385.085193][ T4328] [ 385.130463][ T7850] F2FS-fs (loop3): Found nat_bits in checkpoint [ 386.075974][ T7850] F2FS-fs (loop3): Inconsistent segment (8) type [1, 0] in SSA and SIT [ 386.108154][ T7909] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1189'. [ 386.196519][ T7912] tipc: Enabling of bearer rejected, failed to enable media [ 386.385710][ T7917] binder: 7915:7917 ioctl c018620c 200000000000 returned -22 [ 392.623744][ T7990] loop0: detected capacity change from 0 to 4096 [ 392.781678][ T7990] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 392.834240][ T7990] EXT4-fs (loop0): inline encryption not supported [ 392.995645][ T7990] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=8856c019, mo2=0003] [ 393.064073][ T7990] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,jqfmt=vfsv0,inlinecrypt,dioread_nolock,barrier=0x0000000000010001,errors=continue,delalloc,nombcache,grpquota,noblock_validity,,errors=continue. Quota mode: writeback. [ 393.944290][ T23] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 394.213782][ T8012] tipc: Enabling of bearer rejected, failed to enable media [ 394.435976][ T23] usb 6-1: config 220 has an invalid interface number: 76 but max is 2 [ 394.444879][ T23] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 394.453781][ T23] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 394.464305][ T23] usb 6-1: config 220 has no interface number 2 [ 394.471178][ T23] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 394.504203][ T23] usb 6-1: config 220 interface 0 has no altsetting 0 [ 394.511051][ T23] usb 6-1: config 220 interface 76 has no altsetting 0 [ 394.645284][ T23] usb 6-1: config 220 interface 1 has no altsetting 0 [ 394.984620][ T23] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 395.044266][ T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.094415][ T23] usb 6-1: Product: syz [ 395.133732][ T23] usb 6-1: Manufacturer: syz [ 395.174338][ T23] usb 6-1: SerialNumber: syz [ 395.663170][ T23] usb 6-1: Found UVC 7.01 device syz (8086:0b07) [ 395.761533][ T23] usb 6-1: No valid video chain found. [ 395.871592][ T23] usb 6-1: selecting invalid altsetting 0 [ 396.194416][ T21] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 396.437620][ T23] usb 6-1: selecting invalid altsetting 0 [ 396.444256][ T23] usbtest: probe of 6-1:220.1 failed with error -22 [ 396.899892][ T23] usb 6-1: USB disconnect, device number 4 [ 397.282558][ T26] audit: type=1326 audit(1776922360.707:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8046 comm="syz.3.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe603a9e819 code=0x7ffc0000 [ 397.354721][ T26] audit: type=1326 audit(1776922360.717:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8046 comm="syz.3.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe603a9e819 code=0x7ffc0000 [ 398.104315][ T5791] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 398.501105][ T8063] tipc: Enabling of bearer rejected, failed to enable media [ 400.049473][ T5791] usb 4-1: unable to get BOS descriptor or descriptor too short [ 400.115564][ T5791] usb 4-1: not running at top speed; connect to a high speed hub [ 402.379601][ T8088] loop3: detected capacity change from 0 to 4096 [ 402.474295][ T5791] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 402.482022][ T5791] usb 4-1: can't read configurations, error -71 [ 402.600082][ T8088] EXT4-fs (loop3): inline encryption not supported [ 402.638878][ T8088] EXT4-fs (loop3): Test dummy encryption mode enabled [ 403.607961][ T8099] loop5: detected capacity change from 0 to 512 [ 403.629429][ T8088] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 403.645131][ T8088] System zones: 0-5 [ 404.582408][ T8088] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,delalloc,inlinecrypt,test_dummy_encryption,errors=continue,errors=continue,delalloc,barrier,,errors=continue. Quota mode: writeback. [ 404.659072][ T8099] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 404.684584][ T8099] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 404.812865][ T8088] EXT4-fs (loop3): Cannot change journaled quota options when quota turned on [ 404.886565][ T8115] tipc: Enabling of bearer rejected, failed to enable media [ 405.389553][ T8132] loop3: detected capacity change from 0 to 512 [ 405.439519][ T8132] FAT-fs (loop3): Unrecognized mount option "tots" or missing value [ 408.175030][ T8153] UBIFS error (pid: 8153): cannot open "(null)", error -22 [ 409.357304][ T8160] loop5: detected capacity change from 0 to 256 [ 409.425628][ T8162] tipc: Enabled bearer , priority 0 [ 409.475153][ T8162] tipc: Resetting bearer [ 409.481191][ T8160] FAT-fs (loop5): Directory bread(block 64) failed [ 409.496815][ T8161] tipc: Disabling bearer [ 409.500174][ T8160] FAT-fs (loop5): Directory bread(block 65) failed [ 409.533426][ T8160] FAT-fs (loop5): Directory bread(block 66) failed [ 409.558098][ T8160] FAT-fs (loop5): Directory bread(block 67) failed [ 409.581035][ T8160] FAT-fs (loop5): Directory bread(block 68) failed [ 409.614210][ T8160] FAT-fs (loop5): Directory bread(block 69) failed [ 409.645765][ T8160] FAT-fs (loop5): Directory bread(block 70) failed [ 409.652370][ T8160] FAT-fs (loop5): Directory bread(block 71) failed [ 409.679907][ T8160] FAT-fs (loop5): Directory bread(block 72) failed [ 409.694224][ T8160] FAT-fs (loop5): Directory bread(block 73) failed [ 410.843015][ T26] audit: type=1800 audit(1776922373.907:30): pid=8169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1256" name="bus" dev="loop5" ino=1048610 res=0 errno=0 [ 412.809770][ T8186] UBIFS error (pid: 8186): cannot open "(null)", error -22 [ 414.365368][ T23] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 414.408065][ T8208] loop3: detected capacity change from 0 to 256 [ 414.475878][ T8208] exfat: Deprecated parameter 'utf8' [ 414.489716][ T8208] exfat: Deprecated parameter 'utf8' [ 414.505052][ T8208] exfat: Deprecated parameter 'utf8' [ 414.546302][ T8208] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xc70f51ff, utbl_chksum : 0xe619d30d) [ 414.784564][ T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 414.814862][ T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 414.840988][ T23] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 414.885105][ T23] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 415.079707][ T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.096269][ T23] usb 6-1: config 0 descriptor?? [ 415.861884][ T23] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 415.996652][ T23] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 416.624697][ T5669] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 417.114394][ T8232] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 417.165817][ C1] plantronics 0003:047F:FFFF.0002: usb_submit_urb(ctrl) failed: -1 [ 418.354372][ T23] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 418.614526][ T23] usb 4-1: Using ep0 maxpacket: 8 [ 418.735690][ T23] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 419.174465][ T5791] usb 6-1: USB disconnect, device number 5 [ 419.185038][ T23] usb 4-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40 [ 419.218838][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 419.421614][ T23] usb 4-1: Product: syz [ 419.425995][ T23] usb 4-1: Manufacturer: syz [ 419.430638][ T23] usb 4-1: SerialNumber: syz [ 420.244777][ T23] usb 4-1: Audio class v2/v3 interfaces need an interface association [ 420.375592][ T23] snd-usb-audio: probe of 4-1:1.0 failed with error -22 [ 420.376320][ T8272] device syzkaller0 entered promiscuous mode [ 420.436100][ T23] usb 4-1: USB disconnect, device number 12 [ 420.479509][ T7743] udevd[7743]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 420.510253][ T8278] bridge0: port 3(hsr_slave_1) entered blocking state [ 420.650622][ T8278] bridge0: port 3(hsr_slave_1) entered disabled state [ 422.324384][ T4262] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 424.338580][ T8314] loop3: detected capacity change from 0 to 128 [ 424.399803][ T8314] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 424.454427][ T8314] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 424.521149][ T8319] loop5: detected capacity change from 0 to 256 [ 424.624802][ T8319] exfat: Deprecated parameter 'utf8' [ 424.631152][ T8319] exfat: Deprecated parameter 'namecase' [ 424.671565][ T8319] exfat: Deprecated parameter 'namecase' [ 425.204888][ T154] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 425.452286][ T8319] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc232f927, utbl_chksum : 0xe619d30d) [ 427.055056][ T8358] hub 8-0:1.0: USB hub found [ 427.059971][ T8358] hub 8-0:1.0: 1 port detected [ 427.862151][ T8362] tipc: Cannot configure node identity twice [ 428.068514][ T8368] loop5: detected capacity change from 0 to 128 [ 429.940823][ T8388] loop0: detected capacity change from 0 to 256 [ 432.195609][ T13] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 432.297776][ T8406] overlayfs: missing 'workdir' [ 432.576019][ T8413] device syzkaller0 entered promiscuous mode [ 432.664257][ T26] audit: type=1326 audit(1776922396.097:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 432.687300][ T13] usb 4-1: Using ep0 maxpacket: 32 [ 432.717256][ T26] audit: type=1326 audit(1776922396.097:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 432.863163][ T26] audit: type=1326 audit(1776922396.097:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 433.637175][ T26] audit: type=1326 audit(1776922396.097:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 433.681391][ T26] audit: type=1326 audit(1776922396.097:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 433.801621][ T8433] overlayfs: missing 'workdir' [ 433.844600][ T13] usb 4-1: unable to get BOS descriptor or descriptor too short [ 433.903037][ T26] audit: type=1326 audit(1776922396.137:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 433.926175][ T13] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 433.969680][ T13] usb 4-1: can't read configurations, error -71 [ 434.520186][ T8449] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1343'. [ 435.187962][ T26] audit: type=1326 audit(1776922396.137:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 435.681815][ T26] audit: type=1326 audit(1776922396.137:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 435.784815][ T26] audit: type=1326 audit(1776922396.137:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 435.831848][ T26] audit: type=1326 audit(1776922396.137:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fe276586819 code=0x7ffc0000 [ 436.993732][ T8477] loop0: detected capacity change from 0 to 1024 [ 438.068533][ T8477] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,jqfmt=vfsold,nodelalloc,nobarrier,debug_want_extra_isize=0x0000000000000006,min_batch_time=0x000000000000e8ac,,errors=continue. Quota mode: none. [ 438.151600][ T8495] loop3: detected capacity change from 0 to 512 [ 438.275988][ T8495] FAT-fs (loop3): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value [ 439.853790][ T8516] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1364'. [ 440.019099][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.536672][ T8524] loop3: detected capacity change from 0 to 512 [ 441.594889][ T8524] EXT4-fs (loop3): Test dummy encryption mode enabled [ 441.601741][ T8524] EXT4-fs (loop3): Ignoring removed oldalloc option [ 441.661539][ T8524] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption=v1,acl,oldalloc,debug_want_extra_isize=0x0000000000000008,,errors=continue. Quota mode: writeback. [ 441.711024][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 441.711039][ T26] audit: type=1800 audit(1776922405.147:43): pid=8524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1369" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 442.221976][ T8525] loop0: detected capacity change from 0 to 40427 [ 442.285891][ T8525] F2FS-fs (loop0): Found nat_bits in checkpoint [ 442.426849][ T8525] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 446.417723][ T4184] attempt to access beyond end of device [ 446.417723][ T4184] loop0: rw=2049, want=45104, limit=40427 [ 448.036350][ T8568] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1381'. [ 448.050775][ T8568] loop3: detected capacity change from 0 to 512 [ 448.936593][ T8568] EXT4-fs (loop3): Test dummy encryption mode enabled [ 448.943475][ T8568] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 449.012554][ T8568] EXT4-fs error (device loop3): ext4_orphan_get:1432: comm syz.3.1381: bad orphan inode 131083 [ 449.023842][ T8568] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,norecovery,,errors=continue. Quota mode: none. [ 450.223310][ T8609] loop0: detected capacity change from 0 to 512 [ 450.291401][ T8609] EXT4-fs (loop0): Ignoring removed nobh option [ 450.341329][ T8615] loop5: detected capacity change from 0 to 512 [ 451.901484][ T8615] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 451.914103][ T8609] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #3: comm syz.0.1391: corrupted inode contents [ 451.938263][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 451.945269][ T8615] EXT4-fs error (device loop5): ext4_iget_extra_inode:4573: inode #15: comm syz.5.1394: corrupted in-inode xattr [ 451.979125][ T8609] EXT4-fs error (device loop0): ext4_dirty_inode:6077: inode #3: comm syz.0.1391: mark_inode_dirty error [ 451.992198][ T8615] EXT4-fs error (device loop5): ext4_orphan_get:1411: comm syz.5.1394: couldn't read orphan inode 15 (err -117) [ 452.005261][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 452.005257][ T8615] EXT4-fs (loop5): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 452.095476][ T8609] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #3: comm syz.0.1391: corrupted inode contents [ 452.167311][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 452.243313][ T8609] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #3: comm syz.0.1391: mark_inode_dirty error [ 452.294711][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 452.608641][ T8609] Quota error (device loop0): write_blk: dquota write failed [ 452.644510][ T8609] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 452.732929][ T8609] EXT4-fs error (device loop0): ext4_acquire_dquot:6236: comm syz.0.1391: Failed to acquire dquot type 0 [ 452.808483][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 452.877762][ T8609] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #16: comm syz.0.1391: corrupted inode contents [ 452.979597][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 452.990037][ T8609] EXT4-fs error (device loop0): ext4_dirty_inode:6077: inode #16: comm syz.0.1391: mark_inode_dirty error [ 453.013158][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 453.040455][ T8609] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #16: comm syz.0.1391: corrupted inode contents [ 453.132632][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 453.154396][ T8609] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #16: comm syz.0.1391: mark_inode_dirty error [ 453.217423][ T8647] loop5: detected capacity change from 0 to 256 [ 453.224834][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 453.231545][ T8609] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #16: comm syz.0.1391: corrupted inode contents [ 453.275831][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 453.282409][ T8609] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 453.322364][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 453.332932][ T8647] FAT-fs (loop5): Directory bread(block 64) failed [ 453.352825][ T8609] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #16: comm syz.0.1391: corrupted inode contents [ 453.371390][ T8647] FAT-fs (loop5): Directory bread(block 65) failed [ 453.464349][ T8647] FAT-fs (loop5): Directory bread(block 66) failed [ 453.472619][ T8647] FAT-fs (loop5): Directory bread(block 67) failed [ 453.491533][ T8647] FAT-fs (loop5): Directory bread(block 68) failed [ 453.509380][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 453.519241][ T8609] EXT4-fs error (device loop0): ext4_truncate:4286: inode #16: comm syz.0.1391: mark_inode_dirty error [ 453.540167][ T8647] FAT-fs (loop5): Directory bread(block 69) failed [ 453.557264][ T8647] FAT-fs (loop5): Directory bread(block 70) failed [ 453.563848][ T8647] FAT-fs (loop5): Directory bread(block 71) failed [ 453.581414][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 453.604514][ T8655] loop3: detected capacity change from 0 to 512 [ 453.617920][ T8609] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem [ 453.622053][ T8647] FAT-fs (loop5): Directory bread(block 72) failed [ 453.633579][ T8647] FAT-fs (loop5): Directory bread(block 73) failed [ 453.674897][ T8609] EXT4-fs (loop0): Remounting filesystem read-only [ 453.682310][ T8609] EXT4-fs (loop0): 1 truncate cleaned up [ 453.688576][ T8609] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nobh,. Quota mode: writeback. [ 453.987442][ T8655] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 454.014355][ T8609] ext4 filesystem being mounted at /260/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 454.052641][ T8655] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 454.464962][ T8655] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.1405: Invalid block bitmap block 0 in block_group 0 [ 455.004811][ T8655] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6191: Corrupt filesystem [ 455.062440][ T8655] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.1405: attempt to clear invalid blocks 983261 len 1 [ 455.155289][ T8655] EXT4-fs error (device loop3): __ext4_get_inode_loc:4334: comm syz.3.1405: Invalid inode table block 0 in block_group 0 [ 455.183239][ T8655] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 455.200240][ T8655] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 455.210537][ T8655] EXT4-fs error (device loop3): __ext4_get_inode_loc:4334: comm syz.3.1405: Invalid inode table block 0 in block_group 0 [ 455.229404][ T8655] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 455.242327][ T8655] EXT4-fs error (device loop3): ext4_truncate:4286: inode #11: comm syz.3.1405: mark_inode_dirty error [ 455.279578][ T8655] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem [ 455.302883][ T8655] EXT4-fs error (device loop3): __ext4_get_inode_loc:4334: comm syz.3.1405: Invalid inode table block 0 in block_group 0 [ 455.318612][ T8655] EXT4-fs (loop3): 1 truncate cleaned up [ 455.324499][ T8655] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,init_itable=0x0000000000000008,journal_dev=0x0000000000000002,noblock_validity,,errors=continue. Quota mode: none. [ 455.456521][ T8655] EXT4-fs error (device loop3): __ext4_get_inode_loc:4334: comm syz.3.1405: Invalid inode table block 0 in block_group 0 [ 456.840415][ T8696] loop3: detected capacity change from 0 to 512 [ 457.564417][ T8696] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 457.672429][ T8696] EXT4-fs error (device loop3): ext4_iget_extra_inode:4573: inode #15: comm syz.3.1411: corrupted in-inode xattr [ 457.728558][ T8696] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1411: couldn't read orphan inode 15 (err -117) [ 457.764422][ T8696] EXT4-fs (loop3): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 460.408126][ T8720] loop0: detected capacity change from 0 to 256 [ 460.469368][ T8720] exfat: Deprecated parameter 'utf8' [ 460.685986][ T8720] exfat: Deprecated parameter 'namecase' [ 460.691720][ T8720] exfat: Deprecated parameter 'namecase' [ 461.528013][ T8720] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc232f927, utbl_chksum : 0xe619d30d) [ 462.969597][ T8728] hub 8-0:1.0: USB hub found [ 462.984353][ T8728] hub 8-0:1.0: 1 port detected [ 463.191084][ T21] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 463.303095][ T8730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1423'. [ 463.828047][ T21] usb 1-1: device not accepting address 7, error -71 [ 468.762888][ T8786] device syzkaller0 entered promiscuous mode [ 471.363510][ T8810] loop0: detected capacity change from 0 to 512 [ 471.709247][ T8820] loop3: detected capacity change from 0 to 128 [ 471.948201][ T26] audit: type=1804 audit(1776922691.355:44): pid=8820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1446" name="/newroot/299/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop3" ino=1048614 res=1 errno=0 [ 472.225471][ T8810] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 472.281566][ T8810] EXT4-fs error (device loop0): ext4_iget_extra_inode:4573: inode #15: comm syz.0.1447: corrupted in-inode xattr [ 472.414645][ T8810] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.1447: couldn't read orphan inode 15 (err -117) [ 472.514442][ T8810] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 472.696172][ T8823] loop5: detected capacity change from 0 to 4096 [ 472.945037][ T8823] EXT4-fs (loop5): Quota format mount options ignored when QUOTA feature is enabled [ 473.205930][ T8823] EXT4-fs (loop5): inline encryption not supported [ 473.954867][ T8823] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=8856c019, mo2=0003] [ 473.994512][ T8823] EXT4-fs (loop5): mounted filesystem without journal. Opts: debug,jqfmt=vfsv0,inlinecrypt,dioread_nolock,barrier=0x0000000000010001,errors=continue,delalloc,nombcache,grpquota,noblock_validity,,errors=continue. Quota mode: writeback. [ 474.901505][ T8823] overlayfs: failed index dir cleanup (-512) [ 474.934391][ T8823] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 475.014587][ T8835] device syzkaller0 entered promiscuous mode [ 475.277068][ T8848] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1451'. [ 475.301903][ T8847] device syzkaller0 entered promiscuous mode [ 476.592991][ T8866] loop0: detected capacity change from 0 to 512 [ 476.723206][ T8871] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1461'. [ 476.791798][ T8866] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 476.813571][ T8866] EXT4-fs error (device loop0): ext4_iget_extra_inode:4573: inode #15: comm syz.0.1460: corrupted in-inode xattr [ 476.842484][ T8866] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.1460: couldn't read orphan inode 15 (err -117) [ 476.855744][ T8871] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1461'. [ 476.952435][ T8866] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 478.749779][ T8888] device syzkaller0 entered promiscuous mode [ 479.551175][ T8906] device syzkaller0 entered promiscuous mode [ 480.771843][ T8892] loop3: detected capacity change from 0 to 40427 [ 480.911328][ T8892] F2FS-fs (loop3): invalid crc value [ 480.986837][ T8892] F2FS-fs (loop3): Found nat_bits in checkpoint [ 481.170732][ T8936] loop0: detected capacity change from 0 to 512 [ 481.238384][ T8892] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 481.316708][ T8936] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 481.372526][ T8936] EXT4-fs error (device loop0): ext4_iget_extra_inode:4573: inode #15: comm syz.0.1478: corrupted in-inode xattr [ 481.381832][ T8892] attempt to access beyond end of device [ 481.381832][ T8892] loop3: rw=10241, want=45104, limit=40427 [ 481.461727][ T8936] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.1478: couldn't read orphan inode 15 (err -117) [ 481.503577][ T8936] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 482.239064][ T4191] attempt to access beyond end of device [ 482.239064][ T4191] loop3: rw=2049, want=45112, limit=40427 [ 482.493674][ T8951] device syzkaller0 entered promiscuous mode [ 484.103046][ T8966] 9pnet: p9_errstr2errno: server reported unknown error Àñ'IÓ$íÛ·=¼ [ 484.681332][ T8996] loop0: detected capacity change from 0 to 256 [ 484.763966][ T8996] exfat: Deprecated parameter 'utf8' [ 484.818677][ T8999] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 484.832022][ T8996] exfat: Deprecated parameter 'namecase' [ 484.889788][ T8999] kvm: pic: level sensitive irq not supported [ 484.894871][ T8996] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbcde3a0f, utbl_chksum : 0xe619d30d) [ 484.916262][ T8999] kvm: pic: non byte read [ 484.927867][ T8999] kvm: pic: level sensitive irq not supported [ 484.928119][ T8999] kvm: pic: non byte read [ 484.949606][ T8999] kvm: pic: level sensitive irq not supported [ 484.949914][ T8999] kvm: pic: non byte read [ 485.664335][ T5669] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 485.719332][ T9006] loop3: detected capacity change from 0 to 40427 [ 485.794763][ T9006] F2FS-fs (loop3): invalid crc value [ 485.856536][ T9006] F2FS-fs (loop3): Found nat_bits in checkpoint [ 486.056853][ T9006] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 486.104755][ T5669] usb 6-1: unable to get BOS descriptor or descriptor too short [ 486.221311][ T5669] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 486.234513][ T5669] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 486.450971][ T5669] usb 6-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 486.470643][ T5669] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 486.494336][ T5669] usb 6-1: Product: syz [ 486.498559][ T5669] usb 6-1: Manufacturer: syz [ 486.503178][ T5669] usb 6-1: SerialNumber: syz [ 486.588010][ T5669] usb 6-1: selecting invalid altsetting 1 [ 486.604399][ T5669] usb 6-1: unit 6 not found! [ 486.643957][ T5669] snd-usb-audio: probe of 6-1:1.0 failed with error -22 [ 486.698571][ T7743] udevd[7743]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 487.034379][ T9014] loop5: detected capacity change from 0 to 512 [ 487.465549][ T9014] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 487.670833][ T9014] EXT4-fs error (device loop5): ext4_orphan_get:1406: inode #15: comm syz.5.1500: iget: bad i_size value: 38620345925642 [ 487.688535][ T9014] EXT4-fs error (device loop5): ext4_orphan_get:1411: comm syz.5.1500: couldn't read orphan inode 15 (err -117) [ 487.704370][ T9014] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,delalloc,dioread_nolock,journal_dev=0x0000000000000011,mb_optimize_scan=0x0000000000000000,norecovery,,errors=continue. Quota mode: writeback. [ 487.816199][ T4191] attempt to access beyond end of device [ 487.816199][ T4191] loop3: rw=2049, want=45112, limit=40427 [ 487.882565][ T9045] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.1500: bg 0: block 5: invalid block bitmap [ 487.991774][ T9045] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 404 with error 28 [ 488.717786][ T9045] EXT4-fs (loop5): This should not happen!! Data will be lost [ 488.717786][ T9045] [ 488.796223][ T9045] EXT4-fs (loop5): Total free blocks count 0 [ 488.854380][ T9045] EXT4-fs (loop5): Free/Dirty block details [ 488.874634][ T9045] EXT4-fs (loop5): free_blocks=0 [ 488.879781][ T9045] EXT4-fs (loop5): dirty_blocks=404 [ 488.916403][ T9045] EXT4-fs (loop5): Block reservation details [ 488.931817][ T9045] EXT4-fs (loop5): i_reserved_data_blocks=404 [ 489.105220][ T5791] usb 6-1: USB disconnect, device number 6 [ 489.421700][ T9074] UBIFS error (pid: 9074): cannot open "(null)", error -22 [ 491.672467][ T9097] loop0: detected capacity change from 0 to 4096 [ 492.284433][ T9097] EXT4-fs (loop0): inline encryption not supported [ 492.629275][ T9097] EXT4-fs (loop0): Test dummy encryption mode enabled [ 492.892694][ T9097] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=8843c018, mo2=0003] [ 492.922382][ T9097] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,delalloc,inlinecrypt,test_dummy_encryption,errors=continue,bsddf,noauto_da_alloc,noblock_validity,,errors=continue. Quota mode: writeback. [ 493.047737][ T9121] UBIFS error (pid: 9121): cannot open "(null)", error -22 [ 495.275130][ T9148] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1532'. [ 496.293566][ T9163] device syzkaller0 entered promiscuous mode [ 496.848790][ T9169] loop0: detected capacity change from 0 to 512 [ 496.953589][ T9169] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002] [ 496.961854][ T9169] System zones: 1-20 [ 496.986904][ T9169] EXT4-fs (loop0): mounted filesystem without journal. Opts: barrier,debug,lazytime,,errors=continue. Quota mode: writeback. [ 497.052463][ T9174] loop3: detected capacity change from 0 to 128 [ 497.381469][ T9174] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 498.156939][ T9174] ext4 filesystem being mounted at /312/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 499.741345][ T9204] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1550'. [ 500.219795][ T9210] device syzkaller0 entered promiscuous mode [ 500.323144][ T9214] UBIFS error (pid: 9214): cannot open "(null)", error -22 [ 500.692478][ T9218] loop5: detected capacity change from 0 to 512 [ 501.088735][ T9218] EXT4-fs error (device loop5): ext4_orphan_get:1406: inode #15: comm syz.5.1555: iget: bad i_size value: 38620345925642 [ 501.140195][ T9218] EXT4-fs error (device loop5): ext4_orphan_get:1411: comm syz.5.1555: couldn't read orphan inode 15 (err -117) [ 501.162439][ T9218] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,delalloc,acl,journal_dev=0x0000000000000011,usrjquota=,bsdgroups,,errors=continue. Quota mode: writeback. [ 501.330218][ T9228] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.1555: bg 0: block 5: invalid block bitmap [ 501.401598][ T9228] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 544 with error 28 [ 501.434573][ T9228] EXT4-fs (loop5): This should not happen!! Data will be lost [ 501.434573][ T9228] [ 501.457322][ T9228] EXT4-fs (loop5): Total free blocks count 0 [ 501.460130][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.463411][ T9228] EXT4-fs (loop5): Free/Dirty block details [ 501.505864][ T9228] EXT4-fs (loop5): free_blocks=0 [ 501.511494][ T9228] EXT4-fs (loop5): dirty_blocks=548 [ 501.518045][ T9228] EXT4-fs (loop5): Block reservation details [ 501.526210][ T9228] EXT4-fs (loop5): i_reserved_data_blocks=548 [ 501.702654][ T9233] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1559'. [ 501.867097][ T4553] Bluetooth: hci5: Frame reassembly failed (-84) [ 502.216288][ T9246] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1563'. [ 502.242616][ T9246] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1563'. [ 503.518371][ T9247] loop3: detected capacity change from 0 to 131072 [ 503.540492][ T9247] F2FS-fs (loop3): Invalid log sectorsize (67108873) [ 503.547627][ T9247] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 503.561172][ T9247] F2FS-fs (loop3): invalid crc value [ 503.578267][ T9247] F2FS-fs (loop3): Found nat_bits in checkpoint [ 503.654560][ T9247] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 503.661739][ T9247] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 504.013572][ T4173] Bluetooth: hci5: command 0x1003 tx timeout [ 504.020049][ T9238] Bluetooth: hci5: sending frame failed (-49) [ 504.602290][ T9281] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer. [ 504.697813][ T9285] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1576'. [ 504.714688][ T9288] UBIFS error (pid: 9288): cannot open "(null)", error -22 [ 505.671006][ T9303] loop0: detected capacity change from 0 to 512 [ 505.802343][ T9303] EXT4-fs (loop0): Test dummy encryption mode enabled [ 505.819709][ T9303] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 505.852031][ T9303] EXT4-fs error (device loop0): ext4_orphan_get:1432: comm syz.0.1582: bad orphan inode 131083 [ 505.891366][ T9303] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,norecovery,,errors=continue. Quota mode: none. [ 506.030611][ T9303] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 506.050292][ T9313] device syzkaller0 entered promiscuous mode [ 506.084217][ T4173] Bluetooth: hci5: command 0x1001 tx timeout [ 506.093974][ T9238] Bluetooth: hci5: sending frame failed (-49) [ 506.250197][ T9303] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 506.932649][ T9343] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1591'. [ 507.224307][ T4232] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 507.379350][ T9342] loop0: detected capacity change from 0 to 1024 [ 507.652283][ T9342] EXT4-fs (loop0): Ignoring removed orlov option [ 507.713944][ T9342] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c018, mo2=0002] [ 507.734263][ T9342] System zones: 0-1, 3-12 [ 507.743078][ T9342] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_dev=0x0000000000000007,debug,nodioread_nolock,min_batch_time=0x0000000000000006,debug_want_extra_isize=0x0000000000000080,orlov,nodelalloc,jqfmt=vfsv1,auto_da_alloc=0x0000000001800000,,errors=continue. Quota mode: none. [ 508.054819][ T9351] device syzkaller0 entered promiscuous mode [ 508.164225][ T23] Bluetooth: hci5: command 0x1009 tx timeout [ 508.201303][ T9349] loop3: detected capacity change from 0 to 40427 [ 508.294295][ T9349] F2FS-fs (loop3): invalid crc value [ 508.337190][ T9349] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 127) [ 508.338773][ T9353] kvm: pic: non byte write [ 508.473197][ T9349] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 508.500670][ T9349] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 508.601515][ T4191] attempt to access beyond end of device [ 508.601515][ T4191] loop3: rw=2049, want=45104, limit=40427 [ 509.057141][ T9361] loop0: detected capacity change from 0 to 40427 [ 509.090320][ T9361] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x1ffff [ 509.125611][ T9361] F2FS-fs (loop0): invalid crc value [ 509.146761][ T9361] F2FS-fs (loop0): Found nat_bits in checkpoint [ 509.275898][ T9361] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 509.404946][ T4184] attempt to access beyond end of device [ 509.404946][ T4184] loop0: rw=2049, want=45104, limit=40427 [ 509.912399][ T9369] overlayfs: failed to resolve './file0': -2 [ 510.277247][ T9374] UBIFS error (pid: 9374): cannot open "(null)", error -22 [ 510.309027][ T9370] loop3: detected capacity change from 0 to 8192 [ 510.406301][ T9379] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1604'. [ 510.914732][ T9391] device syzkaller0 entered promiscuous mode [ 513.107448][ T9415] UBIFS error (pid: 9415): cannot open "(null)", error -22 [ 513.409536][ T9419] loop5: detected capacity change from 0 to 2048 [ 513.526450][ T9419] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 514.125797][ T9433] UBIFS error (pid: 9433): cannot open "(null)", error -22 [ 515.115846][ T9446] UBIFS error (pid: 9446): cannot open "(null)", error -22 [ 515.804189][ T4232] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 516.584958][ T4232] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 516.646570][ T4232] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 516.914638][ T4232] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 516.934372][ T4232] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 516.942414][ T4232] usb 6-1: SerialNumber: syz [ 517.276033][ T4232] usb 6-1: 0:2 : does not exist [ 517.281105][ T4232] usb 6-1: unit 48 not found! [ 517.330447][ T4232] usb 6-1: USB disconnect, device number 7 [ 517.360768][ T7743] udevd[7743]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 517.843684][ T9479] loop3: detected capacity change from 0 to 256 [ 517.851865][ T9480] UBIFS error (pid: 9480): cannot open "(null)", error -22 [ 517.948266][ T9479] FAT-fs (loop3): Directory bread(block 64) failed [ 518.003056][ T9479] FAT-fs (loop3): Directory bread(block 65) failed [ 518.028758][ T9479] FAT-fs (loop3): Directory bread(block 66) failed [ 518.051428][ T9479] FAT-fs (loop3): Directory bread(block 67) failed [ 518.076526][ T9479] FAT-fs (loop3): Directory bread(block 68) failed [ 518.098701][ T9479] FAT-fs (loop3): Directory bread(block 69) failed [ 518.120893][ T9479] FAT-fs (loop3): Directory bread(block 70) failed [ 518.142525][ T9479] FAT-fs (loop3): Directory bread(block 71) failed [ 518.165450][ T9479] FAT-fs (loop3): Directory bread(block 72) failed [ 518.194808][ T9479] FAT-fs (loop3): Directory bread(block 73) failed [ 519.178891][ T26] audit: type=1800 audit(1776922738.605:45): pid=9490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1634" name="bus" dev="loop3" ino=1048618 res=0 errno=0 [ 520.919426][ T26] audit: type=1326 audit(1776922740.355:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 520.953172][ T9483] loop0: detected capacity change from 0 to 40427 [ 520.986215][ T26] audit: type=1326 audit(1776922740.375:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 521.012217][ T26] audit: type=1326 audit(1776922740.375:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 521.034922][ T13] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 521.042702][ T26] audit: type=1326 audit(1776922740.375:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 521.078386][ T26] audit: type=1326 audit(1776922740.375:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 521.101105][ T9483] F2FS-fs (loop0): Unrecognized mount option "age_extent_cache" or missing value [ 521.127270][ T26] audit: type=1326 audit(1776922740.375:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 521.157158][ T26] audit: type=1326 audit(1776922740.375:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 521.192117][ T26] audit: type=1326 audit(1776922740.375:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 521.223941][ T26] audit: type=1326 audit(1776922740.375:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110fd8d819 code=0x7ffc0000 [ 521.481643][ T13] usb 4-1: Using ep0 maxpacket: 16 [ 521.963187][ T9511] UBIFS error (pid: 9511): cannot open "(null)", error -22 [ 522.374387][ T13] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 522.689292][ T13] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 523.584454][ T13] usb 4-1: string descriptor 0 read error: -71 [ 523.591250][ T13] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 523.672455][ T9525] loop5: detected capacity change from 0 to 256 [ 523.682494][ T13] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 523.761178][ T13] usb 4-1: can't set config #1, error -71 [ 523.815230][ T13] usb 4-1: USB disconnect, device number 16 [ 523.884524][ T9525] FAT-fs (loop5): Directory bread(block 64) failed [ 523.902925][ T9525] FAT-fs (loop5): Directory bread(block 65) failed [ 523.944851][ T9525] FAT-fs (loop5): Directory bread(block 66) failed [ 523.971551][ T9535] tipc: Enabling of bearer rejected, failed to enable media [ 523.991830][ T9525] FAT-fs (loop5): Directory bread(block 67) failed [ 524.036875][ T9525] FAT-fs (loop5): Directory bread(block 68) failed [ 524.066355][ T9525] FAT-fs (loop5): Directory bread(block 69) failed [ 524.094893][ T9525] FAT-fs (loop5): Directory bread(block 70) failed [ 524.116345][ T9525] FAT-fs (loop5): Directory bread(block 71) failed [ 524.136774][ T9525] FAT-fs (loop5): Directory bread(block 72) failed [ 524.144002][ T9525] FAT-fs (loop5): Directory bread(block 73) failed [ 525.105551][ T26] kauditd_printk_skb: 141 callbacks suppressed [ 525.105695][ T26] audit: type=1800 audit(1776922744.455:196): pid=9545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1650" name="bus" dev="loop5" ino=1048619 res=0 errno=0 [ 525.268535][ T9544] device syzkaller0 entered promiscuous mode [ 525.745436][ T9555] UBIFS error (pid: 9555): cannot open "(null)", error -22 [ 526.593190][ T9541] loop0: detected capacity change from 0 to 40427 [ 531.076607][ T9581] tipc: Enabling of bearer rejected, failed to enable media [ 531.153984][ T9585] device syzkaller0 entered promiscuous mode [ 534.150168][ T9588] loop3: detected capacity change from 0 to 40427 [ 534.220063][ T9590] device syzkaller0 entered promiscuous mode [ 534.552265][ T9588] F2FS-fs (loop3): build fault injection attr: rate: 174, type: 0x1ffff [ 535.816496][ T9598] UBIFS error (pid: 9598): cannot open "(null)", error -22 [ 538.162854][ T9615] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1676'. [ 538.185289][ T9615] loop0: detected capacity change from 0 to 512 [ 538.200480][ T9615] EXT4-fs (loop0): Test dummy encryption mode enabled [ 538.207423][ T9615] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 538.304710][ T9615] EXT4-fs error (device loop0): ext4_orphan_get:1432: comm syz.0.1676: bad orphan inode 131083 [ 538.317369][ T9615] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,norecovery,,errors=continue. Quota mode: none. [ 540.486978][ T9633] loop0: detected capacity change from 0 to 512 [ 540.622674][ T9633] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: inode #12: comm syz.0.1681: missing EA_INODE flag [ 540.673972][ T9633] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.1681: error while reading EA inode 12 err=-117 [ 540.744673][ T9633] EXT4-fs (loop0): 1 orphan inode deleted [ 540.784346][ T9633] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,init_itable,,errors=continue. Quota mode: writeback. [ 541.234769][ T9643] UBIFS error (pid: 9643): cannot open "(null)", error -22 [ 541.842371][ T9655] xt_hashlimit: size too large, truncated to 1048576 [ 542.039639][ T9659] netlink: 'syz.1.1689': attribute type 29 has an invalid length. [ 542.757606][ T9669] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 542.814998][ T9673] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1694'. [ 542.834227][ T9669] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 543.333117][ T9686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1697'. [ 543.624388][ T4226] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 544.252701][ T9690] UBIFS error (pid: 9690): cannot open "(null)", error -22 [ 544.376857][ T9665] loop0: detected capacity change from 0 to 40427 [ 544.447782][ T9665] F2FS-fs (loop0): invalid crc value [ 544.463480][ T9665] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 544.578266][ T9665] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 544.592640][ T9665] F2FS-fs (loop0): Inconsistent segment (8) type [1, 0] in SSA and SIT [ 544.764769][ T23] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 545.328573][ T23] usb 2-1: Using ep0 maxpacket: 8 [ 546.584386][ T23] usb 2-1: unable to get BOS descriptor or descriptor too short [ 546.627410][ T9705] loop3: detected capacity change from 0 to 4096 [ 546.664392][ T23] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7 [ 546.677365][ T9705] EXT4-fs (loop3): inline encryption not supported [ 546.694656][ T9705] EXT4-fs (loop3): Test dummy encryption mode enabled [ 546.706362][ T9705] EXT4-fs (loop3): Ignoring removed bh option [ 546.724213][ T9705] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 546.769478][ T9705] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 546.794600][ T9705] System zones: 0-5 [ 546.854429][ T23] usb 2-1: New USB device found, idVendor=0499, idProduct=1718, bcdDevice= 0.40 [ 546.863538][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 546.873517][ T9705] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,dioread_nolock,inlinecrypt,test_dummy_encryption,grpjquota=,bh,delalloc,jqfmt=vfsv0,,errors=continue. Quota mode: writeback. [ 546.924879][ T23] usb 2-1: Product: syz [ 546.929114][ T23] usb 2-1: Manufacturer: syz [ 546.933734][ T23] usb 2-1: SerialNumber: syz [ 547.564407][ T23] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 547.594698][ T23] usb 2-1: found format II with max.bitrate = 1023, frame size=0 [ 549.115411][ T23] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 549.375227][ T23] usb 2-1: USB disconnect, device number 10 [ 550.388469][ T9733] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 550.437481][ T9744] UBIFS error (pid: 9744): cannot open "(null)", error -22 [ 550.438143][ T9733] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 550.660393][ T9746] loop3: detected capacity change from 0 to 512 [ 550.824310][ T9748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1715'. [ 552.220960][ T7743] udevd[7743]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 552.417691][ T23] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 552.891188][ T9746] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 552.915671][ T9746] EXT4-fs error (device loop3): ext4_iget_extra_inode:4573: inode #15: comm syz.3.1716: corrupted in-inode xattr [ 552.957713][ T9746] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1716: couldn't read orphan inode 15 (err -117) [ 553.088681][ T9746] EXT4-fs (loop3): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 553.855187][ T23] usb 3-1: device descriptor read/all, error -71 [ 554.422085][ T9774] loop0: detected capacity change from 0 to 4096 [ 555.830343][ T9774] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 556.038124][ T9774] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #15: comm syz.0.1721: corrupted inode contents [ 556.058948][ T9774] EXT4-fs error (device loop0): ext4_dirty_inode:6077: inode #15: comm syz.0.1721: mark_inode_dirty error [ 556.075895][ T9774] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #15: comm syz.0.1721: corrupted inode contents [ 556.090493][ T9774] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #15: comm syz.0.1721: mark_inode_dirty error [ 556.108724][ T9774] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #15: comm syz.0.1721: corrupted inode contents [ 556.703361][ T9783] loop5: detected capacity change from 0 to 256 [ 556.717154][ T9783] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 556.843011][ T9783] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 557.463161][ T9774] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #15: comm syz.0.1721: mark_inode_dirty error [ 557.477131][ T9774] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #15: comm syz.0.1721: corrupted inode contents [ 557.493500][ T9774] EXT4-fs error (device loop0): ext4_truncate:4286: inode #15: comm syz.0.1721: mark_inode_dirty error [ 557.505276][ T9774] EXT4-fs error (device loop0) in ext4_setattr:5645: Corrupt filesystem [ 560.270270][ T9824] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1732'. [ 560.603107][ T9821] tipc: Enabling of bearer rejected, failed to enable media [ 561.314261][ T5669] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 562.240093][ T9842] loop0: detected capacity change from 0 to 512 [ 562.291154][ T9842] EXT4-fs (loop0): 1 truncate cleaned up [ 562.307502][ T9842] EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,stripe=0x000000000000030c,jqfmt=vfsv1,nojournal_checksum,jqfmt=vfsv1,usrjquota=,,errors=continue. Quota mode: none. [ 562.353102][ T9842] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.1741: Invalid block bitmap block 1768304430 in block_group 0 [ 562.835826][ T9858] UBIFS error (pid: 9858): cannot open "(null)", error -22 [ 562.968414][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.203969][ T9866] tipc: Enabling of bearer rejected, failed to enable media [ 563.245173][ T9866] device syzkaller0 entered promiscuous mode [ 564.809055][ T9875] loop3: detected capacity change from 0 to 256 [ 564.972244][ T9875] FAT-fs (loop3): Directory bread(block 1285) failed [ 564.994358][ T9875] FAT-fs (loop3): Directory bread(block 1286) failed [ 565.038055][ T9875] FAT-fs (loop3): Directory bread(block 1287) failed [ 565.045105][ T9875] FAT-fs (loop3): Directory bread(block 1288) failed [ 565.108640][ T9875] FAT-fs (loop3): Directory bread(block 1285) failed [ 565.130430][ T9875] FAT-fs (loop3): Directory bread(block 1286) failed [ 565.382142][ T9875] FAT-fs (loop3): Directory bread(block 1287) failed [ 565.775121][ T9875] FAT-fs (loop3): Directory bread(block 1288) failed [ 565.782127][ T9875] FAT-fs (loop3): Directory bread(block 1285) failed [ 566.076686][ T9875] FAT-fs (loop3): Directory bread(block 1286) failed [ 566.535298][ T9893] loop3: detected capacity change from 0 to 4096 [ 566.640847][ T9893] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback. [ 566.707192][ T26] audit: type=1800 audit(1776922786.145:197): pid=9893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1757" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 566.792462][ T9899] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1759'. [ 567.104575][ T1107] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 569.097670][ T9918] xt_CONNSECMARK: invalid mode: 66 [ 572.484040][ T9955] usb usb9: usbfs: process 9955 (syz.3.1779) did not claim interface 4 before use [ 576.221935][ T9969] loop0: detected capacity change from 0 to 512 [ 576.660990][ T9978] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1783'. [ 577.194498][ T4228] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 578.711481][ T9994] loop0: detected capacity change from 0 to 1024 [ 578.863785][ T9994] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 579.729779][ T9994] EXT4-fs (loop0): mounted filesystem without journal. Opts: mblk_io_submit,nodioread_nolock,journal_ioprio=0x0000000000000006,noblock_validity,delalloc,grpjquota=,,errors=continue. Quota mode: none. [ 580.016883][ T9994] ext4 filesystem being mounted at /353/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 580.221112][ T9994] EXT4-fs error (device loop0): ext4_map_blocks:741: inode #15: comm syz.0.1787: lblock 0 mapped to illegal pblock 0 (length 4) [ 580.953344][T10023] UBIFS error (pid: 10023): cannot open "(null)", error -22 [ 582.674220][T10024] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1796'. [ 583.173900][T10003] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 583.298680][T10030] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1798'. [ 584.212243][T10029] loop3: detected capacity change from 0 to 4096 [ 584.286143][T10029] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 584.494994][ T13] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 584.534262][T10029] EXT4-fs (loop3): inline encryption not supported [ 584.565420][T10029] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=8856c019, mo2=0003] [ 585.417085][T10029] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,jqfmt=vfsv0,inlinecrypt,dioread_nolock,barrier=0x0000000000010001,errors=continue,delalloc,nombcache,grpquota,noblock_validity,,errors=continue. Quota mode: writeback. [ 586.624586][T10055] device syzkaller0 entered promiscuous mode [ 587.187284][T10068] UBIFS error (pid: 10068): cannot open "(null)", error -22 [ 590.540432][T10087] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1816'. [ 590.901238][T10097] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1818'. [ 591.332907][ T4262] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 591.794173][ T23] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 591.967612][T10082] loop3: detected capacity change from 0 to 40427 [ 592.022128][T10082] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 592.051889][T10082] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 592.164280][ T23] usb 2-1: Using ep0 maxpacket: 16 [ 592.180774][T10082] F2FS-fs (loop3): Found nat_bits in checkpoint [ 592.304895][ T23] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 592.430482][ T23] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 592.785068][T10082] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 592.804492][ T23] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 592.831727][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 592.851546][T10082] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 592.907004][ T23] usb 2-1: Product: syz [ 592.924723][T10112] device syzkaller0 entered promiscuous mode [ 592.932015][ T23] usb 2-1: Manufacturer: syz [ 592.958985][ T23] usb 2-1: SerialNumber: syz [ 593.144385][T10116] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1824'. [ 593.675422][ T23] usb 2-1: 0:2 : does not exist [ 594.192012][ T23] usb 2-1: USB disconnect, device number 13 [ 594.980557][ T9762] udevd[9762]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 595.904331][ T23] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 597.324151][ T23] usb 2-1: Using ep0 maxpacket: 8 [ 597.639845][T10166] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1838'. [ 597.819946][ T23] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 597.882442][T10176] netlink: 'syz.2.1842': attribute type 1 has an invalid length. [ 597.996300][ T23] usb 2-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40 [ 598.063206][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 598.177542][ T23] usb 2-1: Product: syz [ 598.252095][ T23] usb 2-1: Manufacturer: syz [ 598.325028][ T23] usb 2-1: SerialNumber: syz [ 598.684416][ T23] usb 2-1: can't set config #1, error -71 [ 598.711952][ T23] usb 2-1: USB disconnect, device number 14 [ 598.888921][T10184] loop5: detected capacity change from 0 to 2048 [ 599.225178][T10184] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 599.249285][T10195] device syzkaller0 entered promiscuous mode [ 601.044450][T10215] loop5: detected capacity change from 0 to 512 [ 601.163519][T10215] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 601.324342][T10215] EXT4-fs error (device loop5): ext4_iget_extra_inode:4573: inode #15: comm syz.5.1850: corrupted in-inode xattr [ 601.345958][T10222] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1852'. [ 601.379399][T10215] EXT4-fs error (device loop5): ext4_orphan_get:1411: comm syz.5.1850: couldn't read orphan inode 15 (err -117) [ 601.428975][T10215] EXT4-fs (loop5): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 603.026989][T10244] binfmt_misc: register: failed to install interpreter file ./file2 [ 603.845674][T10252] device syzkaller0 entered promiscuous mode [ 603.899471][T10250] loop3: detected capacity change from 0 to 512 [ 604.159214][T10250] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,stripe=0x0000000000000040,,errors=continue. Quota mode: writeback. [ 604.206447][T10250] ext4 filesystem being mounted at /373/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 604.402064][ T26] audit: type=1800 audit(1776922823.785:198): pid=10250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1862" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 604.616880][T10237] loop5: detected capacity change from 0 to 40427 [ 604.657147][T10237] F2FS-fs (loop5): Unrecognized mount option "age_extent_cache" or missing value [ 604.953030][T10262] loop0: detected capacity change from 0 to 512 [ 604.999887][T10262] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 605.022523][T10262] EXT4-fs error (device loop0): ext4_iget_extra_inode:4573: inode #15: comm syz.0.1868: corrupted in-inode xattr [ 605.042201][T10262] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.1868: couldn't read orphan inode 15 (err -117) [ 605.065286][T10262] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 605.310219][T10266] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 605.378062][T10265] netlink: 260 bytes leftover after parsing attributes in process `syz.5.1867'. [ 605.487887][T10269] device syzkaller0 entered promiscuous mode [ 605.494467][T10265] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1867'. [ 605.535010][T10265] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1867'. [ 606.747314][T10287] loop5: detected capacity change from 0 to 256 [ 606.845991][T10291] device syzkaller0 entered promiscuous mode [ 608.635583][T10303] device syzkaller0 entered promiscuous mode [ 608.657990][T10305] loop0: detected capacity change from 0 to 512 [ 608.909976][T10305] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 608.964877][T10305] ext4 filesystem being mounted at /375/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 608.985541][T10315] device syzkaller0 entered promiscuous mode [ 609.059738][T10314] ------------[ cut here ]------------ [ 609.084622][T10314] WARNING: CPU: 0 PID: 10314 at arch/x86/kvm/x86.c:10372 kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 609.119685][T10314] Modules linked in: [ 609.123955][T10314] CPU: 0 PID: 10314 Comm: syz.3.1885 Not tainted syzkaller #0 [ 609.155639][T10314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 609.172101][T10314] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 609.179137][T10314] Code: e8 a1 18 af 00 e9 03 e9 ff ff 44 89 f9 80 e1 07 38 c1 0f 8c d5 ed ff ff 4c 89 ff e8 86 18 af 00 e9 c8 ed ff ff e8 dc f9 69 00 <0f> 0b e9 31 fd ff ff 44 89 f9 80 e1 07 38 c1 0f 8c d2 ed ff ff 4c [ 609.236850][T10314] RSP: 0018:ffffc90003d3fc30 EFLAGS: 00010283 [ 609.259352][T10314] RAX: ffffffff810f3ab4 RBX: ffff888056bac000 RCX: 0000000000080000 [ 609.268441][T10314] RDX: ffffc9000cd91000 RSI: 000000000000041e RDI: 000000000000041f [ 609.277553][T10314] RBP: 0000000000000000 R08: ffffffff8d89f06f R09: 1ffffffff1b13e0d [ 609.286281][T10314] R10: dffffc0000000000 R11: fffffbfff1b13e0e R12: ffff888063e71001 [ 609.306924][T10314] R13: 1ffff1100ad7581e R14: ffff888056bac0f0 R15: ffff888063e71000 [ 609.333655][T10314] FS: 00007fe601cf86c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 609.374873][T10314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 609.381643][T10314] CR2: 00007fff5dfe5b90 CR3: 0000000078fe4000 CR4: 00000000003526e0 [ 609.392020][T10314] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 609.407821][T10314] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 609.418553][T10314] Call Trace: [ 609.421975][T10314] [ 609.429900][T10314] ? __lock_acquire+0x7d10/0x7d10 [ 609.437648][T10314] kvm_vcpu_ioctl+0x8f7/0xc10 [ 609.442479][T10314] ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0 [ 609.456865][T10314] ? bpf_lsm_file_ioctl+0x5/0x10 [ 609.462773][T10314] ? security_file_ioctl+0x7c/0xa0 [ 609.471948][T10314] ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0 [ 609.483161][T10314] __se_sys_ioctl+0xfa/0x170 [ 609.492345][T10314] do_syscall_64+0x4c/0xa0 [ 609.500617][T10314] ? clear_bhb_loop+0x30/0x80 [ 609.514182][T10314] ? clear_bhb_loop+0x30/0x80 [ 609.519103][T10314] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 609.534304][T10314] RIP: 0033:0x7fe603a9e819 [ 609.538863][T10314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 609.584416][T10314] RSP: 002b:00007fe601cf8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 609.603252][T10314] RAX: ffffffffffffffda RBX: 00007fe603d17fa0 RCX: 00007fe603a9e819 [ 609.629816][T10314] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 609.644296][T10314] RBP: 00007fe603b34c91 R08: 0000000000000000 R09: 0000000000000000 [ 609.662659][T10314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 609.682909][T10314] R13: 00007fe603d18038 R14: 00007fe603d17fa0 R15: 00007ffc5c1ab998 [ 609.700653][T10314] [ 609.703974][T10314] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 609.711292][T10314] CPU: 0 PID: 10314 Comm: syz.3.1885 Not tainted syzkaller #0 [ 609.718790][T10314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 609.728887][T10314] Call Trace: [ 609.732198][T10314] [ 609.735159][T10314] dump_stack_lvl+0x188/0x250 [ 609.739873][T10314] ? show_regs_print_info+0x20/0x20 [ 609.745123][T10314] ? load_image+0x400/0x400 [ 609.749682][T10314] panic+0x2e5/0x810 [ 609.753625][T10314] ? bpf_jit_dump+0xd0/0xd0 [ 609.758173][T10314] ? kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 609.764018][T10314] __warn+0x248/0x2b0 [ 609.768037][T10314] ? kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 609.773886][T10314] report_bug+0x1b7/0x2e0 [ 609.778265][T10314] handle_bug+0x3a/0x70 [ 609.782471][T10314] exc_invalid_op+0x16/0x40 [ 609.787006][T10314] asm_exc_invalid_op+0x16/0x20 [ 609.791915][T10314] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 609.798375][T10314] Code: e8 a1 18 af 00 e9 03 e9 ff ff 44 89 f9 80 e1 07 38 c1 0f 8c d5 ed ff ff 4c 89 ff e8 86 18 af 00 e9 c8 ed ff ff e8 dc f9 69 00 <0f> 0b e9 31 fd ff ff 44 89 f9 80 e1 07 38 c1 0f 8c d2 ed ff ff 4c [ 609.818018][T10314] RSP: 0018:ffffc90003d3fc30 EFLAGS: 00010283 [ 609.824126][T10314] RAX: ffffffff810f3ab4 RBX: ffff888056bac000 RCX: 0000000000080000 [ 609.832131][T10314] RDX: ffffc9000cd91000 RSI: 000000000000041e RDI: 000000000000041f [ 609.840138][T10314] RBP: 0000000000000000 R08: ffffffff8d89f06f R09: 1ffffffff1b13e0d [ 609.848249][T10314] R10: dffffc0000000000 R11: fffffbfff1b13e0e R12: ffff888063e71001 [ 609.856257][T10314] R13: 1ffff1100ad7581e R14: ffff888056bac0f0 R15: ffff888063e71000 [ 609.864270][T10314] ? kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 609.870126][T10314] ? __lock_acquire+0x7d10/0x7d10 [ 609.875207][T10314] kvm_vcpu_ioctl+0x8f7/0xc10 [ 609.879925][T10314] ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0 [ 609.885632][T10314] ? bpf_lsm_file_ioctl+0x5/0x10 [ 609.890609][T10314] ? security_file_ioctl+0x7c/0xa0 [ 609.895770][T10314] ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0 [ 609.901441][T10314] __se_sys_ioctl+0xfa/0x170 [ 609.906239][T10314] do_syscall_64+0x4c/0xa0 [ 609.910697][T10314] ? clear_bhb_loop+0x30/0x80 [ 609.915413][T10314] ? clear_bhb_loop+0x30/0x80 [ 609.920134][T10314] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 609.926066][T10314] RIP: 0033:0x7fe603a9e819 [ 609.930521][T10314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 609.950525][T10314] RSP: 002b:00007fe601cf8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 609.958986][T10314] RAX: ffffffffffffffda RBX: 00007fe603d17fa0 RCX: 00007fe603a9e819 [ 609.967196][T10314] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 609.975220][T10314] RBP: 00007fe603b34c91 R08: 0000000000000000 R09: 0000000000000000 [ 609.983237][T10314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 609.991257][T10314] R13: 00007fe603d18038 R14: 00007fe603d17fa0 R15: 00007ffc5c1ab998 [ 609.999412][T10314] [ 610.002753][T10314] Kernel Offset: disabled [ 610.007373][T10314] Rebooting in 86400 seconds..