last executing test programs: 9.933237037s ago: executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps_rollup\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x6}]}) socket$nl_netfilter(0x10, 0x3, 0xc) read$FUSE(r0, &(0x7f0000000c80)={0x2020}, 0x2020) 9.000264909s ago: executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_VERSION(r0, 0xc0406441, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff16, 0x0}) 8.082518663s ago: executing program 4: syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='./file1\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==") syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) 7.76633641s ago: executing program 4: write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2) r1 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3) ftruncate(r1, 0xffff) fcntl$addseals(r1, 0x409, 0x7) r2 = ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000000)={r1, 0x0, 0x0, 0x10000}) io_setup(0x5, &(0x7f0000000740)=0x0) io_submit(r3, 0x1, &(0x7f0000000300)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) 6.931697793s ago: executing program 4: r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x89fd, &(0x7f0000000000)={'macsec0\x00'}) 6.394730228s ago: executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() syz_open_dev$dri(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r4}, 0x10) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30) read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) umount2(&(0x7f00000001c0)='./file0\x00', 0x0) write$FUSE_NOTIFY_INVAL_INODE(r5, &(0x7f00000000c0)={0x28, 0x4}, 0x28) write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x28, 0x6, 0x0, 0x0, 0x0, 0x7ff}}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x0, 0x6, 0x208, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48) sched_setscheduler(r0, 0x2, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@ipv6_getroute={0x1c, 0x16, 0x200}, 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x0) close(r7) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x20c00) 3.624231631s ago: executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f00000008c0)=';', 0x1) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000000)=0xb2, 0x4) sendmmsg$inet6(r0, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000000b80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12141, 0x0) 3.591888277s ago: executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x8, 0x0, &(0x7f0000000100)) 3.446214459s ago: executing program 3: syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./bus\x00', 0x2218050, &(0x7f0000000140)=ANY=[], 0x1, 0x1528, &(0x7f0000001800)="$eJzs3Au4TtX2MPAx5pyLTS5vkvsacyze5DJJklwScqkkSUjuCUmSJKnEJrckJEmuO8l1h9zTTu73W+6hnSNJkpCQZH7PTn061fn6n/PvHH1nj9/zrGfPsdYac421x/u+a633efb+suvQGo1qVq3PzPCv0D8P8OKPRABIAIABAJAdAAIAKJOjTI607Zk0Jv5LBxH/Jg2mXe4KxOUk/U/fpP/pm/Q/fZP+p2/S//RN+p++Sf/TN+m/EOlact4rZUm/i3z///859b9Jluv/fx/E3676R/tK///b6H9qb+l/upHh91ZK/9OL378ESP/TN+l/ehZc7gLEZSbv//RN+i9Euvanf6e87uw/s3/wb6nhP7xouPw1/KuLEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgjxH3DWX2IA4Ofx5a5LCCGEEEIIIYQQfx7/zuWuQAghhBBCCCGEEP9+CAo0GAggA2SEBMgEmeEKyAJZIRtkhxhcCTngKsgJV0MuyA15IC/kg/xQAEIgsMAQQUEoBHG4BgrDtVAEikIxKA4OSkBJuA5KwfVQGm6AMnAjlIWboByUhwpQEW6GSnALVIYqUBVuhWpQHWpATbgNboc7oBbcCbXhLqgDd0NduAfqwb1QHxpAQ7gPGsH90BiaQFNoBs2hBbT8g/yk7L+X/yx0h+egB/SEROgFveF56AN9oR/0hwHwAgyEF2EQvASDYQgMhZdhGLwCw+FVGAGvwUh4HUbBaBgDY2EcjIckeAMmwJswEd66PytMhikwFabBdEiGt2EGzIRZ8A7MhjkwF5IyzYcFsBDehUXwHqTA+7AYPoAlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi3wIWyFbbAddsBO2AW74SPYA3thH3wMqfjJP5l/5u/zoRsCAipUaNBgBsyACZiAmTEzZsEsmA2zYQxjmANzYE7MibkwF+bBPJgP82EBLICEhIyMBbEgxjGOhbEwFsEiWAyLoUOHJbEklsLrsTSWxjJYBstiWSyH5bE8VsSKWAkrYWWsjFWxKlbDalgDa+BteBvegbWwFtbG2lgH62BdrIv1sB7Wx/rYEBtiI2yEjbExNsWm2BybY0tsia2wFbbG1tgW22I7bIftsT12wA7YETtiJ+yEnbEzdsEu2BW7Yjd8Gp/GZ/FZfA6fw55YTfXC3tgb+2Af7If9sT++gAPxRXwRX8LBOASH4sv4Mr6Cw/E0jsDXcCSOxEpqNI7BschqPCZhEmaECTgRJ+IknIyTcSpOw+mYjMk4A2fiTHwHZ+McnIPzcB4uwIW4EBfhe5iCKbgYz+ASXIrLcDmuwJW4AlfjGlyN63A9rsONuBE342b8ED/EbbgNd+AO3IW78CP8CPfiXhyMqZiK+3E/HsADeBAP4iE8hIfxMB7BI3gUj+IxPIbH8QSexBN4Ck/haTyDZwHgHJ7D83geL+CFtDe/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I1ny6qbVDlVXrVxFVVFVUm1dZVVFVVVVVXVVHVVQ9VUNdXt6nZVS9VStVVtVUfVUXXVPaqe6oX9sIFK60wjNQQbq6HYVDVTzVUL9Qo+oFqp4dhatVFt1UPqNRyB7VUr10E9qjqqMdhJPa7G4hOqixqPXdVTqpt6Wj2jnlXdVWvXQ/VUk7CX6q2mYh/VV/VT/dUMrK7SOlZDvaQGqyFqqHpZLcBX1HD16l68+IGpRqnRaowaq8ap8SpJvaEmqDfVRPWWmqQmqylqqpqmpqtk9baaoWaqWeodNVvNUXPVPDVfLVAL1btqkXpPpaj31WL1gVqilqplarlaoVaqVWq1WqPWqnVqvdqgNqpNarPaoj5UW9U2tV3tUDvVLrVbfaT2qL1qn/pYpapP1H71N3VAfaoOqs/UIfW5Oqy+UEfUl+qo+kodU1+r4+qEOqm+UafUt+q0OqPOqu/UOfW9Oq9+UBeUV6BRK6210YHOoDPqBJ1JZ9ZX6Cw6q86ms+uYvlLn0FfpnPpqnUvn1nlMXp1P59cFdKhJW8060gV1IR3X1+jC+lpdRBfVxXRx7XQJXVJfp0vp63VpfYMuo2/UZfVNupwuryt40DfrSvoWXVlX0VX1rbqarq5r6Jr6Nn27vkPX0nfq2vouXUffrevqe3Q9fa+urxvohvo+3UjfrxvrJrqpbqab6xa6pX5At9IP6kC30W31Q7qdfli314/oDvpR3VE/pjvpx3Vn/YTuop/UXfVTupuuAgA/6Ava6x66p07UvXRv/bzuo/vqfrq/HqBf0AP1i3qQfkkP1kP0UP2yHqZf0cP1q3qEfk2P1K/rUXq0HqPH6nF6vE7Sb+gJ+k09Ub+lJ+nJeoqeqqfp6bpf2kygLr5i/iD/zd/JH/Tj0TfrLfpDvVVv09v1Dr1T79K79W69R+/R+/Q+napT9X69Xx/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfUJ/p7/Rp/S3+rQ+o8/o7/Q5fU6f1xd/B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc97/O/6P6WpqWppVpZVqb1qataWvamXamvWlvOpgOpqPpaDqZTqaz6Wy6mC6mq+lquplu5hnzjOluupsepodJNImmt3ne9DF9TT/T3wwwL5iBZqAZZAaZwWawGWqGmmFmmBluhpsRCT/dMplRZowZY8aZcSbJZzcTzAQz0Uw0k8wkM2VAdjPNTDPJJtnMMDPMLDPLzDazzVwz18w3881Cs9AsMotMikkxi81is8QsNUvNcrPcrDQrzWqz2qw1a816s95sNBvNErPFbDFbzVaz3Ww3O81Os9vsNnvMHrPP7DOpJtXsN/vNAXPAHDQHzSFzyBw2h80Rc8QcNUfNMXPMHDfHzUlz0pwyp8xpc9qcNWfNOXPOnDfnzQVzIe22L1CBCkxgggxBhiAhSAgyB5mDLEGWIFuQLYgFsSBHkCPIGVwd5ApyB3mCvEG+IH9QIAgDCmzAQRQUDAoF8eCaoHBwbVAkKBoUC4oHLigRlAyuC0oF1welgxuCMsGNQdngpqBcUD6oEFQMbg4qBbcElYMqQdXg1qBaUD2oEdQMbgtuD+4IagV3BrWDu4I6wd1B3eCeoF5wb1A/aBA0DO4LGgX3B42DJkHToFnQPGgRtPxT5/f+dO4HXY+wZ5gY9gp7h8+HfcK+Yb+wfzggfCEcGL4YDgpfCgeHQ8Kh4cvhsPCVcHj4ajgifC0cGb4ejgpHh2PCseG4cHyYFL4RTgjfDCeGb4WTwsnhlGBqOC2cHiaHb4czwpnhrPCdcHY4J5wbzgvnhwtC/OnikhK+Hy4OPwiXhEvDZeHycEW4MlwVrg7XhGvDdeH6cEO4sczAi7uGW8Nt4fZwR7gz3BXuDj8K94R7w33hx2Fq+Em4P/xbeCD8NDwYfhYeCj8PD4dfhEfCL8Oj4VfhsfDr8Hh4IhOE34Snwm/D0+GZ8Gz4XXgu/D48H/4QXgh92s192uWdDBnKQBkogRIoM2WmLJSFslE2ilGMclAOykk5KRflojyUh/JRPipABSgNE1NBKkhxilNhKkxFqAgVo2LkyFFJKkmlqBSVptJUhspQWSpL5chSBapAN9PNdAvdQlWoCt1Kt1J1qk41qSYh3k61qBbVptpUh+pQXapL9age1af61JAaUiNqRI2pMTWlptScmlNLakmtqBW1ptbUltpSO2pH7ak9daAO1JE6UifqRJ2pM3WhLtSVulI36kbP0DPUnbpTD+pBiZRIvak39aE+1I/60QAaQANpIA2iQTSYBtNQGkrDaBgNp+E0gl6jkfQ6jaLRNIbG0jgaT0mURBNoAk2kiTSJJtEUmkLTaBolUzLNoBk0i2bRbJpNc2kuzaf5tJAW0iJaRCmUQotpMS2hJbSMltEKWkGraBWtoTW0jtbRBtpAm2gTbaEttJW20nbaTjtpJ+2m3bSH9tA+2keplEr7aT8doAN0kA7SITpEh+kwHaEjdJSO0jE6RsfpOJ2kk3SKTtFpOk1n6Sydo+/pPP1AF8hTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bG6bCQB+jslaW8QWtcVscetsCVvSXvebuJwtbyvYivZmW8neYivbcjYT/DK+3d5ha9k7bW17l61pb/u7uI6929a199t6tomtb5vZhraFbWTvt41tE9vUNrPNbQvbzj5s29tHbAf7qO1oH/tNvMi+Z9fYtXadXW/32L32rP3OHrFf2nP2e9vD9rQD7At2oH3RDrIv2cF2yN/HAHakfd2OsqPtGDvWjrPjfxNPsVPtNDvdJtu37Qw78zfxQvuunW1T7Fw7z863C36M02pKse/bxfYD7723y+xyu8KutKvs6v9b63K70W6ym+1u+5HdarfZ7XaH3Wl3/Rinncc++7FNtZ/Yw/YLe8B+ag/ao/aQ/fzHOO38jtqv7DH7tT1uT9iT9ht7yn5rT9szP55/2rl/Y3+wF6y3wMiKNRsOOANn5ATOxJn5Cs7CWTkbZ+cYX8k5+CrOyVdzLs7NeTgv5+P8XIBDJrbMHHFBLsRxvoYL87VchItyMS7OjktwSb6OS/H1XJpv4DJ8I5flm7gcl+cKXJFv5kp8C1fmKlyVb+VqXH3bHRc/7fgOrsV3cm2+i+vw3VyX7+F6fC/X5wbckO/jRnw/N+Ym3JSbcXNuwS35AW7FD3JrbsNt+SFuxw9ze36EO/Cj3JEf4078OHfmJ7gLP8ld+Snuxk/zM/wsd+fnuAf35ETuxb35ee7Dfbkf9+cB/AIP5Bd5EL/Eg3kID+WXmfkVHs6v8gh+jUfy6zyKR/MYHsvjeDwn8Rs8gd/kifwWT+LJPIWn8jSezsn8Ns/gmTyL3+HZPIfn8jyezwt4Ib/Li/g9TuH3eTF/wEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW/hD3srbeDvv4J28i3fzR7yH9/I+/phT+RPez3/jA/wpH+TP+BB/zof5Cz7CX/JR/oqP8dd8nE/wSf6GT/G3fJrP8Fn+js/x93yef+AL7BkijFSkIxMFUYYoY5QQZYoyR1dEWaKsUbYoexSLroxyRFdFOaOro1xR7ihPlDfKF+WPCkRhRJGNOIqiglGhKB5dExWOro2KREWjYlHxyEUlopLRdVGp6PqodHRDVCa6MSob3RSVi8pHFaKK0c1RpeiWqHJUJaoa3RpVi6pHNaKa0W3R7dEdUa3ozqh2dFdUOro7qhvdE9WL7o3qRw2ihtF9UaPo/qhx1CRqGjWLmkctopbRA1Gr6MGoddQmahs9FLWLHo7aR49EHaJHo47RY5e2Fw0uvr5+tT0x6hXpn2737tTz4wviC+PvxhfF34unxN+PL45/EF8SXxpfFl8eXxFfGV8VXx1fE18bXxdfH98Q3xjfFN8c975mRnCY9iAMxgUug8voElwml9ld4bK4rC6by+5i7kqXw13lcrqrXS6X2+VxeV0+l98VcKEjZx27yBV0hVzcXeMKu2tdEVfUFXPFnXMlXEnXwrV0LV0r96Br7dq4tu4h95B72D3sHnGPuEddR/eY6+Qed53dE66Le9I96Z5y3dzT7hn3rOvunnM9XE+X6BJdb9fb9XF9XD/Xzw1wA9xAN9ANcoPcYDfYDXVD3TA3zA13w90IN8KNdCPdKDfKjXFj3Dg3ziW5JDfBTXAT3UQ3yU1yU9wUN81Nc8ku2c1wM9wsN8vNdrPdXDfXzXfz3UK30C1yi1yKS3GL3WK3xC1xy9wyt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcVvdVrfdbXc73U632+12e9wet8/tc6ku1e13+90Bd8AddJ+5Q+5zd9h94Y64L91R95U75r52x90Jd9J94065b91pd8addd+5c+57d9794C4475Jib8QmxN6MTYy9FZsUmxybEpsamxabHkuOvR2bEZsZmxV7JzY7Nic2NzYvNj+2ILYw9m5sUey9WErs/dji2AexJbGlsWWx5bEVsZUx7/NvjXxBX8jH/TW+sL/WF/FFfTFf3Dtfwpf01/lS/npf2t/gy/gbfVl/ky/ny/sKvolv6pv55r6Fb+kf8K38g761b+Pb+od8O/+wb+8f8R38o76jf8x38o/7zv4J38U/6bv6p+b89PL03f1zvofv6RN9L9/bP+/7+L6+n+/vB/gX/ED/oh/kX/KD/RA/1L/sh/lX/HD/qh/hX/Mj/et+lB/tx/ixfpwf75P8G36Cf9NP9G/5SX6yn+Kn+ml+uk/2b/sZfqaf5d/xs/0cP9fP8/P9Ar/Qv+sX+fd8in/fL/Yf+CV+qV/ml/sVfqVf5Vf7NX6tX+fX+w1+o9/kN/stPiNs9dv8dr/D7/S7/G7/kd/j9/p9/mOf6j/x+/3f/AH/qT/oP/OH/Of+sP/CH/Ff+qP+K3/Mf+2P+xP+pP/Gn/Lf+tP+jD/rv/Pn/Pf+vP/BX5C/WRNCCCGE+B9J/IPtvX5nnfppMQDQGwCybst76Jfb056bNuS6OO6r9nSMAcCjPbs2+Hlp0CAx8efjLtEQFJoHALFL+RngUrwU2sLDP45K/W59fVUF5F/NH/xie9r88RsBMgNk+nldAvwY/2L+DtAGrv8H8zd599fz/7r++DyAIoUu5aQd6Of40vyl/8H8u9r9wfyZPk0CaP2LnCxwKb40f0l4EB6DDn+3pxBCCCGEEEIIcVFfda7bHz3fpj2f5zOXcjLCpfjS8+fvP5//gcp/xjkIIYQQQgghhBDi/+2Jp5955IEOHdp0/m8eZPxrlPEXGCAA/AXKkMFff3C5P5mEEEIIIYQQf7ZLN/2XuxIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+tf/Q5j6H+/8y+Ppy3eqQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxGXzfwIAAP//mQVHMg==") bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)=@generic={&(0x7f00000001c0)='./file0\x00'}, 0x18) 3.399028139s ago: executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0xa9) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x18, &(0x7f00000000c0)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x73}}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 3.327801661s ago: executing program 2: syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) r2 = dup(r0) ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x10007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.291045168s ago: executing program 1: r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f00000000c0)=0x3, 0x4) 3.237443871s ago: executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) clock_gettime(0xa, 0x0) 3.099943924s ago: executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f00000000c0)=0x8004, 0x4) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="1800000056000106000000000000000807"], 0x18}], 0x1}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0) 3.018753225s ago: executing program 3: bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000140)={0x0, 0x0, 0x0, @stepwise}) r1 = syz_open_dev$vcsa(0x0, 0x0, 0x2400) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f00000016c0)) mount(0x0, 0x0, 0x0, 0x0, 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0xa1840, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000005b00)=0x8) r3 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0) ftruncate(r3, 0x2007ffd) sendfile(r3, r4, 0x0, 0x1000000201005) r5 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x100000001) 2.940143811s ago: executing program 1: r0 = socket$nl_generic(0x11, 0x3, 0x10) sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f88f7", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0) 2.833369415s ago: executing program 1: sched_setscheduler(0x0, 0x0, &(0x7f0000000240)) socketpair$unix(0x1, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x1a0cc10, &(0x7f00000059c0)=ANY=[], 0x1, 0x559f, &(0x7f0000000400)="$eJzs3M2LG2UYAPBnkm6/rYt48NaBIuxCE5rtB3qyaosf2FL8OHjSbJKGtElm2aTp2lMPHsWD/4koePLo3+BBj3oTD4o3oZKZWWn6/ZFmtf39YPLMPHnzzPsOYeGZWRLAM2s5/euPJA7FvoioRsTBJPL9pNwirkecLsa+FBGHI6Jy05aU+X8TuyNif0QcmhYvaiblW18dnRw5+fu7f37/455dB77+7qcdXTiwo16OiMFGsX91UMSsm4cb1TLfnPTyODgxKePGTI1BVuSvdtbzCleb2+OaeTzeLcZnG1dG03ix32xNY7d3Mc9vDIsTjibd7TrTD6SXmpv5cbuznsfeKMtj91px3q1rxd+2a6NxUadd1vssLx/j8XYs8p2tTrGejct5bA3HZb6om7U7W9M4KWN5umhl/XY+j/VHvcr/fe/1hle20klnc9TLhunJeuOVeuNUrbGZtTvjzolac9A+dSJd6fanw2rjTnNwuptl3X6n3soGq+lKt9WqNRrpypnOeq85TBuN+vH6sdrJ1XLvaPrW+Y/SfjtdmcY3esMr415/lF7MNtPiE6vpWv34q6vpkUb6wbkL6YX3z549d+HDT858fP71c++8WQ66bVrpytqxtbVa41htrbH6DK3/83LSD7H+5M7pX35+vMsGADyi2/r/uLX/D/0/MHf36P/j0n36/8Hl8vjJ9P9xx/6/Mtv/xzz7/2lLpf+/f/9b2YH+dyn0/w+8/upjfhvgId3lBtN97J77PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWLhfl755O99ZLo4PlPnnytQL5XESEZWIuHEH1dg9U7Na1lm6y/ilW+bwQxJ5hek59pTb/og4XW5/P/+krwIAAAA8vb69fvjLolsvXpZ3ekIsUnHTpnLw0znVSyJiafm3OVWrTF9enFOx/Pu9K7bmVC2/gbV3TsWKW2675lXtgVRnwt6bQlKEykKnAwAALMRsJ7DYLgQAAIBF+uKe7762sHmwYElsP8rcfhac/+d9xL7ygeC+mfcAAACA/6FkpycAAAAAPHF5/+/3/wAAAODpVvz+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7NxdrtJAFADg0/YW/I3E+O5WfINluAQffRQW4CZYAq7AxA2wBkx8cAcqGDojSRUSYltQ7vclnd6ZC2dOgZczbQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCF9rlezD+9evu8Y5uOPXTd/N+32rmPeAAAAcC9s6tWs+WOS+o/z+NM89Dz3i4goI+JY7V7FqBWzynHqE6+vf8vhU0QTYT8+zsejiHiVj+/Phv4UAAAA4HatF8tpqtZTk5cAvpz37m8DZsYFpEWb8snrnuIVEVFPvvYUrdw3Lw7debdo+9/3XbztnFXSLGA96ClYWnI78SDLqK9J2qrW6deVzJsvsemVw8wLAABcU7sS8Dg9AADA7Xpz7QS4hD9L++LQHO4zjtMp3xB82OoBAAAA/6Hi2gkAAAAAfaqODTb1/7+0/19h/z8AAADoXdr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCFt6tVsvVhOT/1/fmac7a6b/q4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAn+/OOAiEQBmGwd31nMvc/rDRoaGxSBcLH3xgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzsz0sKhEAQRMGc8b+Tvv9hJUHPIEIENDyqqEUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzs27FvG1UYAPDPvthtCogQUCQCKEgdYKGpW1o6ghAoYuBPQIpSpwRSCm0GWkWULGwocxcEI0JIoLDlf+jcSF3K1iFDkJgYgu5855xjQ6MSnU39+0nP77vn67vvzlaV794ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjsvhMv1/M4SV+mOnExdm9vfSntdw71qe3N+7NpS+NaxXmPnonDA6+UN+ZmKk0GAACAMZUU9f3bB2P1qaz+b3S3I+L7ZzpxUc8frvt39tZP5m/NFvX/b78+fKE76VSSHSeddHlltX22P5W+QnlcPPvIPSayK5/de0myD6T+wcbzu43seta+vXv3vWYWnqgiWwDgcZwp+jwo/h5K+9YwEwNgbEyUCu8Hja2FtE+mhpsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBV2N+KpIq5FxOzEQZza2VtfGtR/vXl/djtvF+/c2SzPmU7RiIjlldX22QrPZXQVV/PWp4urq+3rN25WHcxFxIC3bh/tnyd5+v+4TzMiekZOvzhgno+OcKxD8/QF+dczqr2Gk+n5PXLnWs9Ire+Cv7vfMYwvwPEFc/knMHifev7uSKR6zEHx3Tv+mSv8rwgAgLHQyFtaiT5obC2kY7XpiP0feuv/10px9NT9+7c7I53t7VL9//Dji/fKxyrX/62Kzu//YH7t6ufzN27eemPl6uKV9pX2Z2+ea73VOn/pwoVL89m9kvnlqLtjAgAAwH/QzFu5/q9P96//nyrF8S/r/+X6/4vvWl+Vj5Wo/wc6WPQbdiYAAADjqNmNnnv1zz9qA/aoNZvx5eLa2vVW57W7fa7zWmm6j+lE3sr1fzI97KwAAACAKuxu1HrW/y+X4jji+v/TP770c3nOJCImI65FRPvM0rXVy9Wdzkir4ofK2YGawz5TAAAAhmUyb+X1/0b2/H+9+8hDPSJePx3xV/4b/jhi/Z+8/81P5WOVn/8/X+lZjp76TOd6ZP1MxMTMsDMCAADgSXYyb2mx/3tja+GTX0592PT8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDV/g4AAP//kF4wGA==") unlinkat(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000100)={[{@noquota}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x536, &(0x7f0000000680)="$eJzs3c9rJFkdAPBv9XRn50dmO6sedMF1dVdmFp3uycbdDR7WEURPC+J6H2PSE8J00iHd2Z2EgJm/QBBR0ZNevAj+AYIMePEowoCeFVYU0YweBHVKqrqSyWa6k56xtzs/Ph+oqVevqvr7Xg2vUq/qURXAmfViRNyIiIdpmr4SEdUiv1RMsd2dsu0e7GzNZ1MSafr235JIirzd30qK+aVit/MR8bWvRHwzeTxue2Pz9lyz2Vgrluud5dV6e2Pz2tLy3GJjsbEyMzP9+uwbs6/NXh9KPS9HxJtf+tP3vv3TL7/5y8+++8ebf7maVTsmi/X76/EEskNUPmyDbtUr+bHYle2w9hTBjqtyXsPChV5bpGmaPkyr+3LujqRkAAAclF3AfigiPhURr0Q1zh1+OQsAAACcQOkXJuM/SfcJTQ8TffIBAACAE6SUj4FNSrViLMBklEq1WncM70fiYqnZanc+c6u1vrJw/4eTETEVldKtpWbjejFWeCoqSbY8nacfLb96YHkmIp6LiO9WL+TLtflWc2HcNz8AAADgjLh0oP//z2q3/w8AAACcMlOPZ5XGUQ4AAADgg9Oj/w8AAACcMvr/AAAAcKp99a23sind/f71wjsb67db71xbaLRv15bX52vzrbXV2mKrtZi/s2/5qN9rtlqrn4uV9Tv1TqPdqbc3Nm8ut9ZXOjeX3vcJbAAAAGCEnvvEvd8nEbH9+Qv5lJkYd6GAkSjvpZJi3qP1/+HZ7vy9ERUKGIlzA2zz3jMjKAgwcuVxFwAYm8q4CwCMXXLE+r6Dd35TzD853PIAAADDd+Vj/Z//H/4NgG2fCIATTiOGs+vA8/+0Oq6CACOXP/8fdMCviwU4VSoDjQAETrP/+/n/kdL0iQoEAAAM3WQ+JaVacXtvMkqlWi3icv5ZgEpya6nZuB4Rz0bE76qVZ7Ll6XzP5Mg+AwAAAAAAAAAAAAAAAAAAAAAAAADQlaZJpIe5cehaAAAA4ASIKP05+VX3Xf5Xqi9PHrw/MJH8K/8k8EREvPujt79/Z67TWZvO8v++l9/5QZH/6jjuYAAAAAAH7fbTd/vxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBMD3a25h/sbKX/3tmaH2Xcv34xIqb24udTd005zufz81GJiIv/SKK8b78kIs4NIf723Yj4aK/4SVasvZC94l/44OPHVHEUesW/NIT4cJbdy84/N3q1v1K8mM97t79yxPuWn1b/81/snf/O9Wn/lweM8fz9n9f7xr8b8Xy59/lnN37SJ/5LURoo/je+vrnZb13644gr0Tv+/lj1zvJqvb2xeW1peW6xsdhYmZmZfn32jdnXZq/Xby01G8W/PWN85+O/eHhY/S/2iT91RP1fHqj2Ef+9f2fnw91kpVf8qy/1iP/rnxRbPB6/VPzt+3SRztZf2U1vd9P7vfCz375wWP0XHtW/8iT//1cHrP9QGgoAMDTtjc3bc81mY+0kJCpPs1fWSz8OhZc4folvDfUH0zRNszbVY9W9iBjkd5I4DoclT4z7zAQAAAzbo4v+cZcEAAAAAAAAAAAAAAAAAAAAzq4hvjNsot9r9g7G3N5LJd4MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcG/8LAAD//3uY3uY=") r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) open(0x0, 0x0, 0x0) linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000e00)='./file0\x00', 0x0, &(0x7f0000000e40), 0x1, 0xd99, &(0x7f0000000e80)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==") sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x147c42, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0, 0x0) r3 = socket$rds(0x15, 0x5, 0x0) bind$rds(r3, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) sendmsg$rds(r3, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001b80)=[@rdma_dest={0x18}], 0x18}, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e24, @empty}, 0x10) 2.373488654s ago: executing program 2: r0 = epoll_create(0x3ff) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x9, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r1}, 0x20) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)) 2.265491905s ago: executing program 2: syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2000082, &(0x7f0000000380)=ANY=[@ANYBLOB="696f636861727365743d64656661756c742c757466382c6769643d666f726765742c6c6f6e6761642c696f636861727365743d6370313235302c696f636861727365743d6d61636761656c69632c696f636861727365743d69736f383835392d31332c7569643d66a2fcc4ee78844ae26f726765742c00"], 0x0, 0xc34, &(0x7f0000001080)="$eJzs3U9sHNd9B/DfGy5F0m4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIbtowvfTQQ4Ci6CEnAq1RIEUDoymKHtnWBZKLD4VPPREtbARFD2wRIKeAxcy+FVf/LMkkJcr+fGzqOzv73sx7M+MZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+8cvb48+lhtwIAeJDOT3/1+AnPfwD4RLng//8BAAAAAAAAAAAAAOCgS1HEE5Fi6fxWmq0+dw2fa3euXpuZmLx9tZFU1Ryoypc/w8+fOHnqSy+Mn+7lh9ffa0/Fa9MXztZfXryytNxaWWnN12c67bnF+dY9b2G39W82Vh2A+pXXr85furRSP/HcyRu+vjb6wdDjR0bPjD9z7Ole2ZmJycnpvjK1wY+891vcaYTHoSjiWKR49vs/Ts2IKGL3x+Iu185+G6k6MVZ1YmZisurIQrvZWS2/nOodiCKi3lep0TtGD+Bc7EojYq1sftngsbJ700vN5ebFhVZ9qrm82l5tL3amUre1ZX/qUcTpFLEeEZtDt25uMIqoRYrvHt5KFyNioHccvlgNDL5zO4p97OM9KNtZH4xYLx6Bc3aADUURr0aKn7xTxFx5zPJPfCHi1TL/MeKtMl+KSOWFcSri/eo6GnnILWcv1KKIPyvP/5mtNF/dD3r3lXNfq3+lc2mxr2zvvvLIPx8epAN+bxqOIprVHX8rffTf7AAAAAAAAAAAAAAAAACw10aiiKcixSv//gfVuOKoxqUfPjP+u6M/3z9m/Mm7bKcs+1xErBX3Nib3UB5CPJWmUnrIY4k/yYajiD/K4/++/bAbAwAAAAAAAAAAAAAAAAAA8IlWxHuR4sV3j6b16J9TvN25XL/QvLjQnRW2N/dvb8707e3t7XrqZiPnbM61nOs5N3Ju5owi18/ZyDmbcy3nes6NnJs5YyDXz9nIOZtzLed6zo2cmzmjluvnbOSczbmWcz3nRs7NnHFA5u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg4KaKIn0WK73xjK0WKiEbEbHRzY6hXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4mIZSET+IFPXfa1xfV4uIVP3bdbT85VQ0DpX56WiMl/lSNM7mbFZZa3z7IbSf3RlMRfwoUgwNv339hOfzP9j9dP0yiLe+ufPpl2rdHOh9OfrB0ONHDp8Zn/yVJ++0nG7XgLFz7c7Va/WZicnJ6b7Vtbz3T/etG837Lfam60TEyhtvvt5cWGgtW/hkLNS6C7XY0y2PROztBvduodZdyPereOjtucNC42A0Y2chqnv/be/ZfGyUz//3I8VvvvsfvQd+7/n/c91P15/w8dM/3nn+v3jzhvbp+f9E37oX8+9GBmsRw6tXlgaPRAyvvPHmsfaV5uXW5Vbn1PHjXx4f//LJ44OHIoYvtRdafUu7PlQAAAAAAAAAAAAAAAAAD1Yq4rcjRfNHW6keEdeq8VqjZ8afOfb0QAxU461uGLf12vSFs/WXF68sLbdWVlrz9ZlOe25xvnWvuxuuhnvNTEzuS2fuamSf2z8y/PLi0hvL7cu/v3rb7x8bPntxZXW5OXf7r2MkiohG/5qxqsEzE5NVoxfazU5VdWqPBmYOpiL+M1LMnaqnz+d1efxfGe8N9pXtH/+/1re+Wt6n8X+fumk/KRXx00jxG3/+ZHy+audjccsxy+X+OlKMnf5cLheHynK9NnTfK9AdGViW/d9I8fc/u7Fsr+9P7JR9/v6O7sFXnv/DkeIHf/q9+NW87sb3P+yM/+w//4/dvKF9Ov+f6Vv32A3vK9h118nn/1ikeOmJt+PX8roPe/9HEdvb29+KOJoLX38/xz6d/8/2rRuN7n5/fe+6DwAAAAAAAAAA8MgaTEX8TaR4erKWXsjr7uXv/83fvKF9+vtfv9i3bv4BzVe064MKAAAAAAfEYCrivUhxefXt62Oo+8Z/3zj+87d25l6fSDd9W/053y9U7w3Yyz//6zea9zu7+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dRn7zKf+kakeOW/n83l0pGyXG8e+NHq1+Hzi51jZxcWFueaq82LC6369FJzrlXW/Uyk2Pqrz+W6RTW/em+++e4c78PbvbnYlyPF5N/2ynbnYu/NTd6dD7w7F3tZ9lOR4r/+7sayvXmsP7tT9kRZ9i8jxdf/6fZlj+yUPVmW/V6k+OHX672yj5Vle+9H7b6TdLgWC63n5hYXbnkVKgAAAAAAAAAAAAAAAAAAANyvwVTEn0SK/7myHmt52H+e/783A3+tV/atb/bN93+Ta9U8/6PV/P93Wv4o8/+P7llPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg0ZGiiDcjxdL5rbQxVH7uGj7X7ly9NjMxeftqI6mqOVCVL3+Gnz9x8tSXXhg/3csPr7/XnorXpi+crb+8eGVpubWy0pqvz3Tac4vzrXvewm7r7xy6rrHqANSvvH51/tKllfqJ507e8PW10Q+GHj8yemb8mWNP98rOTExOTveVqQ3ex97vq3E7DkURfxEpnv3+j9M/D0UUsftjcZdrZ7+NVJ0YqzoxMzFZdWSh3eysll9O9Q5EEVHvq9ToHaMHcC52pRGxVja/bPBY2b3ppeZy8+JCqz7VXF5tr7YXO1Op29qyP/Uo4nSKWI+IzaFbNzcYRbweKb57eCv9y1DEQO84fPH89FePn7hzO4p97OM9KNtZH4xYLx6Bc3aADUUR/xApfvLO0fjXoYhadH/iCxGv9hd8KSKVF8apiPdvcx3xaKpFEf9Xnv8zW+mdofJ+0LuvnPta/SudS4t9ZXv3lYP0fNi+/2txZA92e+8O+L1pOIr4YXXH30r/5r9rAAAAAAAAAAAAAAAAgAOkiF+OFC++ezRV44Ovjyludy7XLzQvLnSH9fXG/tUj/rDM7e3t7XrqZiPnbM61nOs5N3Ju5owi18/ZyDmbcy3nes6NnJs5YyDXz9nIOZtzLed6zo2cmzmjVsX29va3uvVruX7OtZzrtYiirJ8/b+aMAzJ2DwAAAAAAAAAAAAAAAAAA+Hgpqn9SfOcbW6maS7URMRvd3DAf6Mfe/wcAAP//3sf+xA==") r0 = socket$inet(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) connect$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0xfffffffe, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r6, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r6, &(0x7f0000000080)='D', 0x1, 0x1, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x7ffffffff000) setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0) getsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000000)=""/138, &(0x7f00000000c0)=0x8a) socket$inet_smc(0x2b, 0x1, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x2c00}}, 0xff0a}}, 0x0) r7 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r7, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90b, 0xf4c, '\x00', @p_u16=&(0x7f00000000c0)}}) 2.030994254s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 1.887974768s ago: executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) unshare(0x2000400) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_BT_VOICE(r1, 0x12, 0x3, 0x0, 0x0) 1.866346885s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000000100)='GPL\x00'}, 0x70) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000000100)='GPL\x00'}, 0x70) r4 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r3, r1, 0x2, 0x0, @val=@uprobe_multi={0x0, 0x0}}, 0x40) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r4, r2, 0x4, r3}, 0x10) 1.074679487s ago: executing program 0: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000180), &(0x7f00000001c0)=0x8) 958.979515ms ago: executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x3, r2, 0x80000001, 0x7ffffe02, 0xb, 0x1fd, 0x1}) 835.624479ms ago: executing program 3: syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='flush,nocase,discard,dots,fmask=00000000000000000000177,dots,nodots,nodots,dots,\x00'], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000001b000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) ioctl$RFKILL_IOCTL_NOINPUT(r2, 0x5201) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() r4 = io_uring_setup(0x1de0, &(0x7f00000007c0)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0x15, 0x20000002, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x40, 0x0, 0xab8e, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r6 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r6, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000ac0)="ee", 0xffffff1f}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb71658bda99b49720fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) fsetxattr$trusted_overlay_redirect(r7, &(0x7f0000000240), &(0x7f0000000300)='./bus\x00', 0x6, 0x0) 775.47258ms ago: executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f00000000c0)=0x8004, 0x4) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="1800000056000106000000000000000807"], 0x18}], 0x1}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0) 702.993572ms ago: executing program 0: r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe) ioctl$TCSETSW2(r0, 0x402c542c, 0x0) 601.034162ms ago: executing program 0: r0 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000100), &(0x7f0000001980)=0x4) 376.430498ms ago: executing program 0: syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$kcm(0x2b, 0x1, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) sendmsg$inet(r1, &(0x7f0000000040)={&(0x7f0000000100)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000488c) 0s ago: executing program 1: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000000)={0x0, 0x2}) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200ff03100005000500000002000020d3"]) kernel console output (not intermixed with test programs): butes in process `syz-executor.0'. [ 205.367333][ T7792] hsr_slave_0: entered promiscuous mode [ 205.405140][ T7792] hsr_slave_1: entered promiscuous mode [ 205.431551][ T7792] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 205.449647][ T7792] Cannot create hsr debugfs directory [ 205.560536][ T7905] vlan2: entered promiscuous mode [ 205.573806][ T7905] macvtap0: entered promiscuous mode [ 205.598834][ T53] Bluetooth: hci2: command tx timeout [ 205.604848][ T5107] Bluetooth: hci1: command tx timeout [ 205.612785][ T7905] team0: Port device vlan2 added [ 205.835615][ T7856] chnl_net:caif_netlink_parms(): no params data found [ 205.844730][ T12] IPVS: stop unused estimator thread 0... [ 206.231382][ T7856] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.268179][ T7856] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.294589][ T7856] bridge_slave_0: entered allmulticast mode [ 206.313023][ T7856] bridge_slave_0: entered promiscuous mode [ 206.484620][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.532110][ T7856] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.545221][ T7856] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.560033][ T7856] bridge_slave_1: entered allmulticast mode [ 206.577909][ T7856] bridge_slave_1: entered promiscuous mode [ 206.702531][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.766929][ T7856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.780088][ T7856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.823670][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.890946][ T7856] team0: Port device team_slave_0 added [ 206.922209][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.943056][ T7856] team0: Port device team_slave_1 added [ 207.014752][ T7856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 207.021941][ T7856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.049386][ T7856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 207.087182][ T7856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 207.094292][ T7856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.120207][ C0] vkms_vblank_simulate: vblank timer overrun [ 207.128084][ T5155] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 207.135744][ T7856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 207.236109][ T7792] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 207.255232][ T7792] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 207.324520][ T7856] hsr_slave_0: entered promiscuous mode [ 207.336327][ T7856] hsr_slave_1: entered promiscuous mode [ 207.339466][ T5155] usb 5-1: New USB device found, idVendor=30c9, idProduct=0093, bcdDevice=18.c6 [ 207.356738][ T7856] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 207.361543][ T5155] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.365486][ T7856] Cannot create hsr debugfs directory [ 207.384279][ T7792] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 207.403930][ T5155] usb 5-1: Found UVC 0.00 device (30c9:0093) [ 207.414463][ T7937] netlink: 'syz-executor.1': attribute type 16 has an invalid length. [ 207.415945][ T5155] usb 5-1: No valid video chain found. [ 207.438450][ T7792] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 207.489730][ T12] bridge_slave_1: left allmulticast mode [ 207.495507][ T12] bridge_slave_1: left promiscuous mode [ 207.503759][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.504523][ T7943] Process accounting resumed [ 207.525020][ T12] bridge_slave_0: left allmulticast mode [ 207.538212][ T12] bridge_slave_0: left promiscuous mode [ 207.546773][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.595491][ T7945] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 207.656377][ T783] usb 5-1: USB disconnect, device number 5 [ 207.678059][ T5107] Bluetooth: hci1: command tx timeout [ 207.724300][ T7945] loop1: detected capacity change from 0 to 1024 [ 207.763857][ T7945] hfsplus: extend alloc file! (8192,65536,366) [ 208.176860][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 208.206093][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 208.233792][ T12] bond0 (unregistering): Released all slaves [ 208.645830][ T7959] loop1: detected capacity change from 0 to 512 [ 208.731512][ T7959] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.774269][ T7959] ext4 filesystem being mounted at /root/syzkaller-testdir157019705/syzkaller.dtoNaK/73/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 208.849887][ T7959] EXT4-fs error (device loop1): ext4_readdir:260: inode #12: block 32: comm syz-executor.1: path /root/syzkaller-testdir157019705/syzkaller.dtoNaK/73/bus/file0: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0 [ 208.858230][ T7955] loop4: detected capacity change from 0 to 32768 [ 209.024513][ T6740] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.045119][ T12] hsr_slave_0: left promiscuous mode [ 209.077861][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.085757][ T7955] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,str_hash=crc64,nojournal_transaction_names [ 209.093653][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.107900][ T7955] bcachefs (loop4): recovering from clean shutdown, journal seq 8 [ 209.117909][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.125787][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.149129][ T12] hsr_slave_1: left allmulticast mode [ 209.155048][ T12] hsr_slave_1: left promiscuous mode [ 209.166178][ T12] veth1_macvtap: left promiscuous mode [ 209.168533][ T7955] bcachefs (loop4): alloc_read... done [ 209.173658][ T12] veth0_macvtap: left promiscuous mode [ 209.183329][ T12] veth1_vlan: left promiscuous mode [ 209.188730][ T12] veth0_vlan: left promiscuous mode [ 209.192065][ T7955] bcachefs (loop4): stripes_read... done [ 209.207682][ T7955] bcachefs (loop4): snapshots_read... done [ 209.216353][ T7955] bcachefs (loop4): journal_replay... done [ 209.243607][ T7955] bcachefs (loop4): resume_logged_ops... done [ 209.249932][ T7955] bcachefs (loop4): going read-write [ 209.264499][ T7955] bcachefs (loop4): done starting filesystem [ 209.387456][ T7983] program syz-executor.1 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.565475][ T7955] syz-executor.4 (7955) used greatest stack depth: 17968 bytes left [ 209.603395][ T6186] bcachefs (loop4): shutting down [ 209.625854][ T6186] bcachefs (loop4): going read-only [ 209.638755][ T6186] bcachefs (loop4): finished waiting for writes to stop [ 209.641713][ T7985] Bluetooth: MGMT ver 1.22 [ 209.665144][ T6186] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 209.790588][ T5107] Bluetooth: hci1: command tx timeout [ 209.811375][ T6186] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [ 209.832404][ T6186] bcachefs (loop4): shutdown complete, journal seq 13 [ 209.868520][ T6186] bcachefs (loop4): marking filesystem clean [ 209.917063][ T6186] bcachefs (loop4): shutdown complete [ 211.291341][ T12] team0 (unregistering): Port device team_slave_1 removed [ 211.601922][ T12] team0 (unregistering): Port device team_slave_0 removed [ 212.274062][ T8015] loop4: detected capacity change from 0 to 512 [ 212.284935][ T8015] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 212.292134][ T8015] EXT4-fs (loop4): mount failed [ 212.526936][ T8018] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 212.538668][ T7792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.636164][ T7792] 8021q: adding VLAN 0 to HW filter on device team0 [ 212.669568][ T5156] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.676716][ T5156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.701319][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.708513][ T5156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.812827][ T7792] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 212.997646][ T5152] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 213.067078][ T7856] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 213.102122][ T7856] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 213.148389][ T7856] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 213.180051][ T7856] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 213.230943][ T5152] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 213.257982][ T5152] usb 1-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84 [ 213.275209][ T7792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 213.277369][ T5152] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.297802][ T5152] usb 1-1: Product: syz [ 213.307846][ T5152] usb 1-1: Manufacturer: syz [ 213.327629][ T5152] usb 1-1: SerialNumber: syz [ 213.342620][ T5152] usb 1-1: config 0 descriptor?? [ 213.363051][ T5152] usb 1-1: bad CDC descriptors [ 213.383855][ T5152] option 1-1:0.0: GSM modem (1-port) converter detected [ 213.425665][ T8020] loop1: detected capacity change from 0 to 32768 [ 213.430784][ T29] kauditd_printk_skb: 50 callbacks suppressed [ 213.430800][ T29] audit: type=1326 audit(1719170921.534:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 213.481688][ T8035] syz-executor.4 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 213.484580][ T7792] veth0_vlan: entered promiscuous mode [ 213.506267][ T29] audit: type=1326 audit(1719170921.574:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 213.557681][ T29] audit: type=1326 audit(1719170921.584:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 213.606415][ T7792] veth1_vlan: entered promiscuous mode [ 213.611990][ T29] audit: type=1326 audit(1719170921.584:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 213.612041][ T29] audit: type=1326 audit(1719170921.584:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 213.666662][ T5152] usb 1-1: USB disconnect, device number 3 [ 213.676035][ T5152] option 1-1:0.0: device disconnected [ 213.699013][ T7856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.701152][ T29] audit: type=1326 audit(1719170921.584:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 213.730429][ T29] audit: type=1326 audit(1719170921.584:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 213.742670][ T7856] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.758263][ T29] audit: type=1326 audit(1719170921.584:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1f7d47a827 code=0x7ffc0000 [ 213.802636][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.809817][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.827420][ T29] audit: type=1326 audit(1719170921.584:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1f7d4404e9 code=0x7ffc0000 [ 213.873811][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.881077][ T5246] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.885296][ T29] audit: type=1326 audit(1719170921.584:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1f7d47a827 code=0x7ffc0000 [ 213.937430][ T8035] loop4: detected capacity change from 0 to 256 [ 213.973068][ T7792] veth0_macvtap: entered promiscuous mode [ 213.983551][ T8035] FAT-fs (loop4): Directory bread(block 64) failed [ 214.002751][ T8035] FAT-fs (loop4): Directory bread(block 65) failed [ 214.009557][ T8035] FAT-fs (loop4): Directory bread(block 66) failed [ 214.018553][ T8035] FAT-fs (loop4): Directory bread(block 67) failed [ 214.026443][ T8035] FAT-fs (loop4): Directory bread(block 68) failed [ 214.027116][ T7792] veth1_macvtap: entered promiscuous mode [ 214.033517][ T8035] FAT-fs (loop4): Directory bread(block 69) failed [ 214.045566][ T8035] FAT-fs (loop4): Directory bread(block 70) failed [ 214.061175][ T8035] FAT-fs (loop4): Directory bread(block 71) failed [ 214.070919][ T8035] FAT-fs (loop4): Directory bread(block 72) failed [ 214.096721][ T8035] FAT-fs (loop4): Directory bread(block 73) failed [ 214.136283][ T7792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.153788][ T7792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.188404][ T7792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.202517][ T7792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.245762][ T7792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.276852][ T7792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.291718][ T7792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 214.313717][ T7792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.337663][ T7792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.369880][ T7792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.380765][ T7792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.390626][ T7792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.403669][ T7792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.429374][ T7792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 214.444239][ T7792] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.454069][ T7792] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.464131][ T7792] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.472917][ T7792] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.491634][ T8052] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 214.505674][ T8052] netlink: 'syz-executor.0': attribute type 14 has an invalid length. [ 214.514066][ T8052] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 214.540145][ T8052] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 214.549696][ T8052] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 214.558810][ T8052] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 214.567798][ T8052] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 214.583190][ T8052] vxlan0: entered promiscuous mode [ 214.687787][ T8059] loop1: detected capacity change from 0 to 512 [ 214.719917][ T8059] EXT4-fs (loop1): corrupt root inode, run e2fsck [ 214.741782][ T7856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 214.748921][ T8059] EXT4-fs (loop1): mount failed [ 214.795970][ T2797] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 214.808352][ T2797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 214.839559][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 214.848577][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 214.916175][ T7856] veth0_vlan: entered promiscuous mode [ 214.969660][ T7856] veth1_vlan: entered promiscuous mode [ 215.065890][ T7856] veth0_macvtap: entered promiscuous mode [ 215.067306][ T8071] loop3: detected capacity change from 0 to 136 [ 215.103497][ T7856] veth1_macvtap: entered promiscuous mode [ 215.165473][ T7856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.176689][ T7856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.187475][ T7856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.211137][ T7856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.223621][ T7856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.346412][ T7856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.477847][ T7856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.694158][ T8078] loop3: detected capacity change from 0 to 40427 [ 215.746051][ T8078] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 215.754009][ T8078] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 215.893846][ T8078] F2FS-fs (loop3): Found nat_bits in checkpoint [ 216.040961][ T5155] libceph: connect (1)[c::]:6789 error -101 [ 216.230580][ T7856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.240895][ T5155] libceph: mon0 (1)[c::]:6789 connect error [ 216.248061][ T8082] ceph: No mds server is up or the cluster is laggy [ 216.249101][ T8078] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 216.261779][ T8078] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 216.265010][ T7856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 216.422804][ T7856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 216.450873][ T8078] cannot load conntrack support for proto=3 [ 216.523768][ T7856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.586172][ T7856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 216.603075][ T7856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.637119][ T7856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 216.648288][ T8072] loop4: detected capacity change from 0 to 32768 [ 216.671496][ T7856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.687746][ T7856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 216.702949][ T7856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.734900][ T7856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 216.778408][ T7856] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.803958][ T7856] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.826025][ T7856] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.846018][ T7856] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.857212][ T8072] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 216.902762][ T8072] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 217.003540][ T8072] bcachefs (loop4): alloc_read... done [ 217.017783][ T8072] bcachefs (loop4): stripes_read... done [ 217.029171][ T8072] bcachefs (loop4): snapshots_read... done [ 217.055239][ T8072] bcachefs (loop4): journal_replay... done [ 217.084039][ T8072] bcachefs (loop4): resume_logged_ops... done [ 217.119237][ T53] Bluetooth: hci3: command 0x0406 tx timeout [ 217.147386][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.155606][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.198377][ T8072] bcachefs (loop4): going read-write [ 217.227323][ T8072] bcachefs (loop4): done starting filesystem [ 217.365659][ T2797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.520806][ T2797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.222318][ T8124] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 218.305583][ T8128] loop1: detected capacity change from 0 to 512 [ 218.316191][ T8128] EXT4-fs: Ignoring removed orlov option [ 218.330268][ T8128] EXT4-fs: Ignoring removed i_version option [ 218.338220][ T8128] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 218.394286][ T8128] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 218.429816][ T8128] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e11c, mo2=0002] [ 218.461513][ T8128] EXT4-fs (loop1): orphan cleanup on readonly fs [ 218.485487][ T8128] __quota_error: 413 callbacks suppressed [ 218.485507][ T8128] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 218.501337][ T8128] EXT4-fs warning (device loop1): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 218.519448][ T8128] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 218.537231][ T8128] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor.1: bg 0: block 40: padding at end of block bitmap is not set [ 218.569571][ T8128] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 218.613408][ T8128] EXT4-fs (loop1): 1 truncate cleaned up [ 218.630842][ T8128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 218.760045][ T8128] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz-executor.1: bad symlink. [ 219.274955][ T8121] syz-executor.4 (8121) used greatest stack depth: 10672 bytes left [ 219.305456][ T6186] bcachefs (loop4): shutting down [ 219.347714][ T6186] bcachefs (loop4): going read-only [ 219.353000][ T6186] bcachefs (loop4): finished waiting for writes to stop [ 219.413776][ T6186] bcachefs (loop4): flushing journal and stopping allocators, journal seq 14 [ 219.474799][ T6186] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 16 [ 219.509734][ T8163] xt_CT: You must specify a L4 protocol and not use inversions on it [ 219.521064][ T6186] bcachefs (loop4): shutdown complete, journal seq 17 [ 219.540408][ T6186] bcachefs (loop4): marking filesystem clean [ 219.612113][ T6186] bcachefs (loop4): shutdown complete [ 219.972908][ T8177] fuse: Bad value for 'fd' [ 219.978152][ T8175] loop3: detected capacity change from 0 to 764 [ 220.025495][ T6740] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.779669][ T61] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.202630][ T61] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.119611][ T5102] Bluetooth: hci3: unexpected subevent 0x01 length: 78 > 18 [ 222.227290][ T61] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.445973][ T61] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.514684][ T8187] loop3: detected capacity change from 0 to 32768 [ 222.581749][ T5102] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 222.600288][ T5102] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 222.609029][ T5102] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 222.641091][ T5102] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 222.650894][ T5102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 222.659975][ T5102] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 222.740001][ T8187] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 222.757803][ T8187] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 222.796628][ T8220] loop2: detected capacity change from 0 to 256 [ 222.808520][ T8222] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 222.865426][ T8187] bcachefs (loop3): alloc_read... done [ 222.880588][ T61] bridge_slave_1: left allmulticast mode [ 222.886423][ T8187] bcachefs (loop3): stripes_read... done [ 222.892588][ T8187] bcachefs (loop3): snapshots_read... done [ 222.893933][ T61] bridge_slave_1: left promiscuous mode [ 222.900835][ T8187] bcachefs (loop3): journal_replay... done [ 222.910336][ T8187] bcachefs (loop3): resume_logged_ops... done [ 222.938692][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.947020][ T8187] bcachefs (loop3): going read-write [ 222.969541][ T61] bridge_slave_0: left allmulticast mode [ 222.978653][ T8187] bcachefs (loop3): done starting filesystem [ 222.996452][ T61] bridge_slave_0: left promiscuous mode [ 223.007731][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.160918][ T5102] Bluetooth: hci3: command 0x0406 tx timeout [ 224.187632][ T4496] usb 1-1: new low-speed USB device number 4 using dummy_hcd [ 224.307481][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 224.325421][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 224.339992][ T61] bond0 (unregistering): Released all slaves [ 224.370416][ T4496] usb 1-1: config 0 has an invalid descriptor of length 149, skipping remainder of the config [ 224.392735][ T4496] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt [ 224.413271][ T4496] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 224.426475][ T4496] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 224.436293][ T4496] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.447681][ T4496] usb 1-1: config 0 descriptor?? [ 224.454728][ T8234] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 224.520512][ T8250] loop2: detected capacity change from 0 to 2048 [ 224.551984][ T8252] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 224.635994][ T8207] chnl_net:caif_netlink_parms(): no params data found [ 224.717743][ T5102] Bluetooth: hci0: command tx timeout [ 224.795013][ T61] hsr_slave_0: left promiscuous mode [ 224.814169][ T61] hsr_slave_1: left promiscuous mode [ 224.841397][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 225.004820][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 225.033725][ T7792] bcachefs (loop3): shutting down [ 225.058100][ T7792] bcachefs (loop3): going read-only [ 225.070026][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.078314][ T8259] xt_CT: You must specify a L4 protocol and not use inversions on it [ 225.093174][ T7792] bcachefs (loop3): finished waiting for writes to stop [ 225.115125][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 225.144009][ T7792] bcachefs (loop3): flushing journal and stopping allocators, journal seq 13 [ 225.206086][ T61] macvtap0: left promiscuous mode [ 225.211362][ T7792] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 15 [ 225.228991][ T7792] bcachefs (loop3): shutdown complete, journal seq 16 [ 225.236723][ T7792] bcachefs (loop3): marking filesystem clean [ 225.258105][ T61] veth1_macvtap: left promiscuous mode [ 225.266384][ T61] veth0_macvtap: left promiscuous mode [ 225.280377][ T61] veth1_vlan: left promiscuous mode [ 225.295504][ T61] veth0_vlan: left promiscuous mode [ 225.323357][ T29] audit: type=1326 audit(1719170933.434:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a787d0a9 code=0x7ffc0000 [ 225.363007][ T29] audit: type=1326 audit(1719170933.464:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a787d0a9 code=0x7ffc0000 [ 225.413143][ T29] audit: type=1326 audit(1719170933.464:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a787d0a9 code=0x7ffc0000 [ 225.447605][ T29] audit: type=1326 audit(1719170933.464:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a787d0a9 code=0x7ffc0000 [ 225.478170][ T29] audit: type=1326 audit(1719170933.464:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03a787d0a9 code=0x7ffc0000 [ 225.530646][ T29] audit: type=1326 audit(1719170933.464:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a787d0a9 code=0x7ffc0000 [ 225.562706][ T29] audit: type=1326 audit(1719170933.464:1619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03a787a827 code=0x7ffc0000 [ 225.597228][ T29] audit: type=1326 audit(1719170933.464:1620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f03a78404e9 code=0x7ffc0000 [ 225.621589][ T29] audit: type=1326 audit(1719170933.464:1621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03a787d0a9 code=0x7ffc0000 [ 225.646638][ T29] audit: type=1326 audit(1719170933.464:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f03a787a827 code=0x7ffc0000 [ 225.775016][ T7792] bcachefs (loop3): shutdown complete [ 225.943939][ T4496] usb 1-1: USB disconnect, device number 4 [ 226.082007][ T61] team0 (unregistering): Port device vlan2 removed [ 226.188948][ T8271] loop4: detected capacity change from 0 to 128 [ 226.214751][ T8271] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 226.301706][ T6186] sysv_free_block: trying to free block not in datazone [ 226.333480][ T6186] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 226.822368][ T53] Bluetooth: hci0: command tx timeout [ 227.048856][ T8279] loop4: detected capacity change from 0 to 4096 [ 227.302359][ T8282] cannot load conntrack support for proto=3 [ 227.331012][ T8285] loop3: detected capacity change from 0 to 256 [ 227.349797][ T8285] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 228.030077][ T61] team0 (unregistering): Port device team_slave_1 removed [ 228.161973][ T61] team0 (unregistering): Port device team_slave_0 removed [ 228.880183][ T53] Bluetooth: hci0: command tx timeout [ 229.678384][ T53] Bluetooth: hci1: unexpected subevent 0x01 length: 78 > 18 [ 230.097344][ T8301] loop2: detected capacity change from 0 to 1764 [ 230.118114][ T8301] iso9660: Unknown parameter 'checkct' [ 230.393323][ T29] kauditd_printk_skb: 543 callbacks suppressed [ 230.393342][ T29] audit: type=1326 audit(1719170938.504:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 230.468486][ T29] audit: type=1326 audit(1719170938.544:2167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 230.496311][ T29] audit: type=1326 audit(1719170938.544:2168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 230.522267][ T29] audit: type=1326 audit(1719170938.544:2169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 230.561790][ T29] audit: type=1326 audit(1719170938.544:2170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 230.602968][ T29] audit: type=1326 audit(1719170938.544:2171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1f7d47a827 code=0x7ffc0000 [ 230.637970][ T29] audit: type=1326 audit(1719170938.544:2172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1f7d4404e9 code=0x7ffc0000 [ 230.703487][ T29] audit: type=1326 audit(1719170938.554:2173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f7d47d0a9 code=0x7ffc0000 [ 230.759607][ T29] audit: type=1326 audit(1719170938.554:2174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1f7d47a827 code=0x7ffc0000 [ 230.781858][ T29] audit: type=1326 audit(1719170938.554:2175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8302 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1f7d4404e9 code=0x7ffc0000 [ 230.869209][ T8207] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.877234][ T8207] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.908803][ T8207] bridge_slave_0: entered allmulticast mode [ 230.923815][ T8207] bridge_slave_0: entered promiscuous mode [ 230.951613][ T8207] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.962005][ T5102] Bluetooth: hci0: command tx timeout [ 231.003364][ T8207] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.020849][ T8312] loop3: detected capacity change from 0 to 128 [ 231.050931][ T8207] bridge_slave_1: entered allmulticast mode [ 231.079983][ T8207] bridge_slave_1: entered promiscuous mode [ 231.100039][ T8315] xt_CT: You must specify a L4 protocol and not use inversions on it [ 231.201061][ T8207] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 231.232357][ T8207] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 231.344288][ T8207] team0: Port device team_slave_0 added [ 231.366327][ T8207] team0: Port device team_slave_1 added [ 231.420439][ T8207] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 231.432049][ T8207] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.470801][ T8207] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 231.484595][ T8207] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 231.491937][ T8207] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.518622][ T8207] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 231.527634][ T4496] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 231.655717][ T8207] hsr_slave_0: entered promiscuous mode [ 231.672802][ T8207] hsr_slave_1: entered promiscuous mode [ 231.727935][ T4496] usb 4-1: Using ep0 maxpacket: 8 [ 231.742458][ T4496] usb 4-1: config 0 has no interfaces? [ 231.756318][ T4496] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 231.765801][ T5102] Bluetooth: hci1: command tx timeout [ 231.797577][ T4496] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.818255][ T4496] usb 4-1: config 0 descriptor?? [ 231.838079][ T8339] sp0: Synchronizing with TNC [ 231.893196][ T8338] [U] è [ 232.134566][ T783] usb 4-1: USB disconnect, device number 4 [ 232.186946][ T8335] loop4: detected capacity change from 0 to 32768 [ 232.222154][ T8335] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (8335) [ 232.256518][ T8335] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 232.272522][ T8335] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 232.282781][ T8335] BTRFS info (device loop4): using free-space-tree [ 232.500825][ T8207] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 232.558703][ T8207] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 232.621398][ T8207] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 232.644523][ T8207] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 232.912597][ T8352] loop2: detected capacity change from 0 to 32768 [ 232.960557][ T8352] gfs2: fsid=(œ[{{{+: Trying to join cluster "lock_nolock", "(œ[{{{+" [ 232.965806][ T8207] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.981093][ T8352] gfs2: fsid=(œ[{{{+: Now mounting FS (format 0)... [ 233.032129][ T6186] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 233.071293][ T8207] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.284893][ T4496] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.292044][ T4496] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.312089][ T4496] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.319301][ T4496] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.414817][ T8352] gfs2: fsid=(œ[{{{+.0: journal 0 mapped with 22 extents in 3ms [ 233.564306][ T8382] loop3: detected capacity change from 0 to 256 [ 233.761330][ T5246] gfs2: fsid=(œ[{{{+.0: jid=0, already locked for use [ 233.823889][ T5246] gfs2: fsid=(œ[{{{+.0: jid=0: Looking at journal... [ 234.118305][ T8384] vxcan1: tx address claim with dlc 1 [ 234.175996][ T5246] gfs2: fsid=(œ[{{{+.0: jid=0: Journal head lookup took 352ms [ 234.218292][ T5246] gfs2: fsid=(œ[{{{+.0: jid=0: Done [ 234.239727][ T8352] gfs2: fsid=(œ[{{{+.0: first mount done, others may mount [ 234.561108][ T8207] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.622565][ T8396] loop4: detected capacity change from 0 to 1024 [ 234.630952][ T8207] veth0_vlan: entered promiscuous mode [ 234.663937][ T8207] veth1_vlan: entered promiscuous mode [ 234.671238][ T8396] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 234.712280][ T8396] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 234.725158][ T8407] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 234.860027][ T8207] veth0_macvtap: entered promiscuous mode [ 234.915878][ T8207] veth1_macvtap: entered promiscuous mode [ 235.098781][ T8207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.125203][ T8207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.136512][ T8207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.164924][ T8207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.211996][ T8416] xt_CT: You must specify a L4 protocol and not use inversions on it [ 235.231665][ T8207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.242303][ T8207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.252227][ T8207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.264062][ T8207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.278272][ T8207] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.319696][ T8207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.379390][ T8207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.432114][ T8409] kvm: kvm [8408]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xa00000000 [ 235.470932][ T8207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.517832][ T8409] kvm: kvm [8408]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xd00000800 [ 235.563168][ T8207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.638571][ T8409] kvm: kvm [8408]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xe00000000 [ 235.677285][ T8207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.715418][ T8409] kvm: kvm [8408]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1100000800 [ 235.747721][ T8207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.812536][ T8409] kvm: kvm [8408]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1200000000 [ 235.830935][ T8207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.847901][ T8409] kvm: kvm [8408]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1500000800 [ 235.878290][ T8207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.888414][ T8409] kvm: kvm [8408]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1600000000 [ 235.924822][ T6186] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.938329][ T8207] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.983748][ T8207] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.035771][ T8207] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.047595][ T8207] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.056320][ T8207] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.081940][ T8418] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 236.102469][ T8405] loop3: detected capacity change from 0 to 32768 [ 236.115233][ T8405] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (8405) [ 236.143424][ T8405] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 236.177608][ T8405] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 236.225829][ T8405] BTRFS info (device loop3): using free-space-tree [ 236.237835][ T2874] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.245651][ T2874] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.343028][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.352011][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.479190][ T29] kauditd_printk_skb: 437 callbacks suppressed [ 236.479217][ T29] audit: type=1800 audit(1719170944.594:2613): pid=8405 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="loop3" ino=260 res=0 errno=0 [ 236.535231][ T29] audit: type=1800 audit(1719170944.644:2614): pid=8405 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="loop3" ino=260 res=0 errno=0 [ 236.614704][ T29] audit: type=1800 audit(1719170944.724:2615): pid=8453 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="loop3" ino=260 res=0 errno=0 [ 236.634922][ C1] vkms_vblank_simulate: vblank timer overrun [ 236.716791][ T8459] loop4: detected capacity change from 0 to 8 [ 236.734122][ T8459] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 236.820539][ T29] audit: type=1804 audit(1719170944.934:2616): pid=8405 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir958838204/syzkaller.Ss2EAB/20/file0/file1" dev="loop3" ino=260 res=1 errno=0 [ 236.825310][ T8459] cramfs: Error -3 while decompressing! [ 236.863128][ T8459] cramfs: ffffffff9489a998(27)->ffff888069884000(4096) [ 236.886495][ T8459] cramfs: Error -3 while decompressing! [ 236.936811][ T8459] cramfs: ffffffff9489a998(27)->ffff888069884000(4096) [ 236.989917][ T29] audit: type=1800 audit(1719170945.104:2617): pid=8459 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.4" name="file0" dev="loop4" ino=244 res=0 errno=0 [ 237.039809][ T7792] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 237.865575][ T8501] loop3: detected capacity change from 0 to 256 [ 238.323795][ T8501] FAT-fs (loop3): Directory bread(block 64) failed [ 238.449133][ T8501] FAT-fs (loop3): Directory bread(block 65) failed [ 238.547816][ T8501] FAT-fs (loop3): Directory bread(block 66) failed [ 238.588712][ T8501] FAT-fs (loop3): Directory bread(block 67) failed [ 238.615891][ T8501] FAT-fs (loop3): Directory bread(block 68) failed [ 238.623303][ T8501] FAT-fs (loop3): Directory bread(block 69) failed [ 238.630143][ T8501] FAT-fs (loop3): Directory bread(block 70) failed [ 238.636687][ T8501] FAT-fs (loop3): Directory bread(block 71) failed [ 238.644783][ T8501] FAT-fs (loop3): Directory bread(block 72) failed [ 238.651358][ T8501] FAT-fs (loop3): Directory bread(block 73) failed [ 238.698357][ T29] audit: type=1326 audit(1719170946.814:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8504 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c187d0a9 code=0x7ffc0000 [ 238.720452][ C1] vkms_vblank_simulate: vblank timer overrun [ 238.793233][ T29] audit: type=1326 audit(1719170946.814:2619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8504 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c187d0a9 code=0x7ffc0000 [ 238.874209][ T29] audit: type=1326 audit(1719170946.844:2620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8504 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7c187d0a9 code=0x7ffc0000 [ 238.910069][ T29] audit: type=1326 audit(1719170946.844:2621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8504 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c187d0a9 code=0x7ffc0000 [ 238.997678][ T29] audit: type=1326 audit(1719170946.844:2622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8504 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c187d0a9 code=0x7ffc0000 [ 239.086804][ T2778] kworker/u8:6: attempt to access beyond end of device [ 239.086804][ T2778] loop3: rw=1, sector=1224, nr_sectors = 128 limit=256 [ 239.116012][ T8496] loop2: detected capacity change from 0 to 32768 [ 239.156716][ T8496] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (8496) [ 239.197847][ T8496] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 239.218542][ T8496] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 239.227361][ T8496] BTRFS info (device loop2): using free-space-tree [ 239.537978][ T45] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 239.671587][ T7856] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 239.750045][ T45] usb 4-1: Using ep0 maxpacket: 8 [ 239.773453][ T45] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 239.831800][ T45] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 239.848510][ T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.856562][ T45] usb 4-1: Product: syz [ 239.896241][ T45] usb 4-1: Manufacturer: syz [ 239.901670][ T45] usb 4-1: SerialNumber: syz [ 239.931283][ T45] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22 [ 240.334047][ T8552] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 240.365856][ T8552] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 241.364149][ T8555] tty tty25: ldisc open failed (-12), clearing slot 24 [ 241.592282][ T5148] usb 4-1: USB disconnect, device number 5 [ 241.643377][ T8559] loop2: detected capacity change from 0 to 256 [ 241.650351][ T8560] vivid-008: disconnect [ 241.669367][ T8557] vivid-008: reconnect [ 241.763382][ T8559] vxcan1: tx address claim with dlc 1 [ 242.088048][ T8570] syz-executor.1 (pid 8570) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 243.679770][ T8580] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 243.689208][ T8580] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 243.989538][ T8580] loop4: detected capacity change from 0 to 128 [ 244.017886][ T5102] Bluetooth: hci4: command 0x0406 tx timeout [ 244.718875][ T8590] vivid-004: disconnect [ 244.752730][ T8586] vivid-004: reconnect [ 250.365393][ T8605] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 250.534291][ T8612] loop3: detected capacity change from 0 to 4096 [ 250.591546][ T8612] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 250.757984][ T8627] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.0'. [ 250.810798][ T8612] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 250.830208][ T8627] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.0'. [ 250.937966][ T8630] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 250.947310][ T8630] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 251.018993][ T8630] loop1: detected capacity change from 0 to 128 [ 251.557955][ T29] kauditd_printk_skb: 101 callbacks suppressed [ 251.557974][ T29] audit: type=1800 audit(1719170959.674:2724): pid=8612 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=0 res=0 errno=0 [ 251.661439][ T8631] ntfs3: loop3: mft corrupted [ 252.139276][ T8647] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 252.205175][ T8649] loop3: detected capacity change from 0 to 256 [ 252.477772][ T53] Bluetooth: hci0: command tx timeout [ 252.514571][ T8628] loop4: detected capacity change from 0 to 40427 [ 252.535566][ T8628] F2FS-fs (loop4): Found nat_bits in checkpoint [ 252.604721][ T5205] hid (null): unknown global tag 0xd [ 252.619112][ T8628] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 252.644123][ T5205] hid-generic 0007:1000:0007.0001: unknown main item tag 0x6 [ 252.664098][ T5205] hid-generic 0007:1000:0007.0001: unknown main item tag 0x1 [ 252.689913][ T5205] hid-generic 0007:1000:0007.0001: unknown global tag 0xd [ 252.716451][ T5205] hid-generic 0007:1000:0007.0001: item 0 4 1 13 parsing failed [ 252.745027][ T5205] hid-generic 0007:1000:0007.0001: probe with driver hid-generic failed with error -22 [ 252.813061][ T6186] syz-executor.4: attempt to access beyond end of device [ 252.813061][ T6186] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 252.871452][ T6186] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 253.154487][ T8660] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.3'. [ 253.181040][ T8660] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.3'. [ 253.323850][ T8664] loop3: detected capacity change from 0 to 512 [ 253.411995][ T8664] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 253.447640][ T8664] System zones: 0-2, 18-18, 34-35 [ 253.492262][ T8664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 253.535752][ T8664] ext4 filesystem being mounted at /root/syzkaller-testdir958838204/syzkaller.Ss2EAB/33/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.709833][ T7792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.843447][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xa00000000 [ 253.862311][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xd00000800 [ 253.882508][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xe00000000 [ 253.940373][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1100000800 [ 253.961514][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1200000000 [ 253.975083][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1500000800 [ 253.989459][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1600000000 [ 254.000585][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1900000800 [ 254.012127][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1a00000000 [ 254.021483][ T8671] kvm: kvm [8670]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1d00000800 [ 254.200842][ T61] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.363106][ T61] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.544790][ T61] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.689989][ T61] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.722288][ T5205] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 254.792823][ T29] audit: type=1326 audit(1719170962.904:2725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8693 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcc1c47d0a9 code=0x0 [ 254.947556][ T5205] usb 4-1: Using ep0 maxpacket: 32 [ 254.974789][ T61] bridge_slave_1: left allmulticast mode [ 254.981304][ T5205] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 254.985251][ T61] bridge_slave_1: left promiscuous mode [ 255.004117][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.012832][ T5205] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.031810][ T61] bridge_slave_0: left allmulticast mode [ 255.035042][ T5205] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 255.046839][ T5205] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 255.055595][ T5205] usb 4-1: Product: syz [ 255.063116][ T5205] usb 4-1: Manufacturer: syz [ 255.080071][ T5205] hub 4-1:4.0: USB hub found [ 255.171517][ T5107] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 255.183942][ T5107] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 255.194628][ T5107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 255.205074][ T5107] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 255.213310][ T5107] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 255.220846][ T5107] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 255.262897][ T61] bridge_slave_0: left promiscuous mode [ 255.270607][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.298126][ T5205] hub 4-1:4.0: 2 ports detected [ 255.449557][ T29] audit: type=1326 audit(1719170963.544:2726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8698 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa7c187d0a9 code=0x0 [ 255.471134][ C1] vkms_vblank_simulate: vblank timer overrun [ 255.624790][ T29] audit: type=1326 audit(1719170963.724:2727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8693 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc1c47d0a9 code=0x7fc00000 [ 256.005264][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.016396][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.567651][ T5246] hub 4-1:4.0: activate --> -90 [ 256.596244][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 256.616994][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 256.648249][ T61] bond0 (unregistering): Released all slaves [ 256.695887][ T61] bond1 (unregistering): Released all slaves [ 256.964647][ T4496] usb 4-1: USB disconnect, device number 6 [ 257.207851][ T5246] usb 4-1-port2: config error [ 257.278594][ T5107] Bluetooth: hci4: command tx timeout [ 257.316432][ T8716] loop1: detected capacity change from 0 to 512 [ 257.338985][ T8716] EXT4-fs: Ignoring removed bh option [ 257.361550][ T8716] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 257.446407][ T8716] EXT4-fs (loop1): 1 truncate cleaned up [ 257.507206][ T8716] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.552711][ T61] hsr_slave_0: left promiscuous mode [ 257.573356][ T61] hsr_slave_1: left promiscuous mode [ 257.603387][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 257.619350][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 257.645313][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 257.671251][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 257.739712][ T8725] loop3: detected capacity change from 0 to 2048 [ 257.762039][ T61] veth1_macvtap: left promiscuous mode [ 257.767609][ T8728] loop1: detected capacity change from 512 to 64 [ 257.776072][ T8725] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 257.785107][ T61] veth0_macvtap: left promiscuous mode [ 257.791572][ T61] veth1_vlan: left promiscuous mode [ 257.807707][ T61] veth0_vlan: left promiscuous mode [ 257.876174][ T8716] syz-executor.1: attempt to access beyond end of device [ 257.876174][ T8716] loop1: rw=0, sector=210, nr_sectors = 2 limit=64 [ 257.918811][ T8716] syz-executor.1: attempt to access beyond end of device [ 257.918811][ T8716] loop1: rw=2049, sector=72, nr_sectors = 2 limit=64 [ 257.949960][ T8716] EXT4-fs warning (device loop1): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 36) [ 257.977296][ T8716] Buffer I/O error on device loop1, logical block 36 [ 257.993797][ T8716] syz-executor.1: attempt to access beyond end of device [ 257.993797][ T8716] loop1: rw=2049, sector=510, nr_sectors = 2 limit=64 [ 258.025454][ T8716] EXT4-fs warning (device loop1): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 255) [ 258.044714][ T8716] Buffer I/O error on device loop1, logical block 255 [ 258.081333][ T8716] syz-executor.1: attempt to access beyond end of device [ 258.081333][ T8716] loop1: rw=2049, sector=506, nr_sectors = 4 limit=64 [ 258.099511][ T8716] EXT4-fs warning (device loop1): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 253) [ 258.146307][ T8716] Buffer I/O error on device loop1, logical block 253 [ 258.153110][ T8716] Buffer I/O error on device loop1, logical block 254 [ 258.193141][ T8716] syz-executor.1: attempt to access beyond end of device [ 258.193141][ T8716] loop1: rw=2049, sector=74, nr_sectors = 8 limit=64 [ 258.219636][ T8716] EXT4-fs warning (device loop1): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 37) [ 258.245408][ T8716] Buffer I/O error on device loop1, logical block 37 [ 258.252111][ T8716] Buffer I/O error on device loop1, logical block 38 [ 258.258799][ T8716] Buffer I/O error on device loop1, logical block 39 [ 258.265483][ T8716] Buffer I/O error on device loop1, logical block 40 [ 258.277915][ T8716] syz-executor.1: attempt to access beyond end of device [ 258.277915][ T8716] loop1: rw=2049, sector=498, nr_sectors = 8 limit=64 [ 258.297673][ T8716] EXT4-fs warning (device loop1): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 249) [ 258.317233][ T8716] Buffer I/O error on device loop1, logical block 249 [ 258.324024][ T8716] Buffer I/O error on device loop1, logical block 250 [ 258.339329][ T8716] syz-executor.1: attempt to access beyond end of device [ 258.339329][ T8716] loop1: rw=2049, sector=108, nr_sectors = 96 limit=64 [ 258.359344][ T8716] EXT4-fs warning (device loop1): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 54) [ 258.513106][ T8207] EXT4-fs error (device loop1): ext4_free_branches:1043: inode #18: block 41: comm syz-executor.1: Read failure [ 258.641566][ T8207] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.815894][ T61] team0 (unregistering): Port device team_slave_1 removed [ 258.894407][ T61] team0 (unregistering): Port device team_slave_0 removed [ 259.359339][ T5107] Bluetooth: hci4: command tx timeout [ 259.958348][ T8727] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 260.070483][ T8701] chnl_net:caif_netlink_parms(): no params data found [ 260.387342][ T8742] sp0: Synchronizing with TNC [ 260.408993][ T8743] pimreg: entered allmulticast mode [ 260.427831][ T8741] [U] è [ 260.480234][ T8701] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.487391][ T8701] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.527819][ T8701] bridge_slave_0: entered allmulticast mode [ 260.535103][ T8701] bridge_slave_0: entered promiscuous mode [ 260.558623][ T8701] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.568267][ T61] IPVS: stop unused estimator thread 0... [ 260.588329][ T8701] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.595530][ T8701] bridge_slave_1: entered allmulticast mode [ 260.619495][ T8701] bridge_slave_1: entered promiscuous mode [ 260.705187][ T8701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 260.741391][ T8701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 260.879884][ T8701] team0: Port device team_slave_0 added [ 260.914802][ T8701] team0: Port device team_slave_1 added [ 260.990147][ T8701] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 261.007331][ T8701] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 261.074158][ T8701] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 261.136229][ T8701] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 261.157907][ T8701] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 261.245509][ T8701] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 261.394076][ T8747] loop3: detected capacity change from 0 to 32768 [ 261.433170][ T8747] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section ext: field too small (40 < 88) [ 261.433170][ T8747] ext (size 40): [ 261.433170][ T8747] Recovery passes required: alloc_read,snapshots_read [ 261.433170][ T8747] Errors to silently fix: btree_node_topology_bad_max_key,btree_ptr_val_too_big,btree_ptr_has_non_ptr,ptr_crc_uncompressed_size_too_big,ptr_stripe_redundant,subvol_unreachable,btree_node_bkey_bad_u64s,btree_node_topology_empty_interior_node [ 261.433170][ T8747] Btrees with missing data: inodes,quotas [ 261.433170][ T8747] [ 261.489950][ T5107] Bluetooth: hci4: command tx timeout [ 261.562281][ T8701] hsr_slave_0: entered promiscuous mode [ 261.658818][ T8701] hsr_slave_1: entered promiscuous mode [ 261.707984][ T8701] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 261.776826][ T8701] Cannot create hsr debugfs directory [ 262.111818][ T8759] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 262.121254][ T8759] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 263.063073][ T8768] Context (ID=0x0) not attached to queue pair (handle=0x4d3:0x0) [ 263.120241][ T8767] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 263.560610][ T5107] Bluetooth: hci4: command tx timeout [ 263.843499][ T8774] loop3: detected capacity change from 0 to 64 [ 263.858961][ T8775] netlink: 'syz-executor.0': attribute type 12 has an invalid length. [ 263.867245][ T8775] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'. [ 263.876238][ T8774] hfs: keylen 94 too large [ 263.893406][ T8774] hfs: inconsistency in B*Tree (1,0,1,0,3) [ 264.440627][ T8784] loop3: detected capacity change from 0 to 8 [ 264.547173][ T8701] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 264.584459][ T8701] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 264.624008][ T8701] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 264.671803][ T8701] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 265.684542][ T8701] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.702990][ T8794] loop3: detected capacity change from 0 to 256 [ 265.756133][ T8701] 8021q: adding VLAN 0 to HW filter on device team0 [ 265.796317][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.803502][ T5246] bridge0: port 1(bridge_slave_0) entered forwarding state [ 265.841809][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.848997][ T5246] bridge0: port 2(bridge_slave_1) entered forwarding state [ 266.091025][ T8701] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 266.991906][ T8807] overlayfs: missing 'lowerdir' [ 267.130481][ T8810] loop3: detected capacity change from 0 to 64 [ 267.197397][ T8810] hfs: keylen 94 too large [ 267.232351][ T8813] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 267.242177][ T8810] hfs: inconsistency in B*Tree (1,0,1,0,3) [ 267.277949][ T8813] bridge_slave_1: left allmulticast mode [ 267.283636][ T8813] bridge_slave_1: left promiscuous mode [ 267.303357][ T8813] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.344579][ T8813] bridge_slave_0: left allmulticast mode [ 267.369842][ T8813] bridge_slave_0: left promiscuous mode [ 267.376966][ T8813] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.557400][ T8701] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 267.698933][ T8819] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 267.727445][ T8819] netlink: 193500 bytes leftover after parsing attributes in process `syz-executor.0'. [ 268.225351][ T8701] veth0_vlan: entered promiscuous mode [ 268.273704][ T8701] veth1_vlan: entered promiscuous mode [ 268.333680][ T8816] loop3: detected capacity change from 0 to 32768 [ 268.364689][ T8701] veth0_macvtap: entered promiscuous mode [ 268.399719][ T8701] veth1_macvtap: entered promiscuous mode [ 268.413017][ T8816] jfs_rename: dtInsert returned -EIO [ 268.443344][ T8701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.469185][ T8701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.480953][ T8701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.493493][ T8701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.506415][ T8701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.517246][ T8701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.532585][ T8701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.544809][ T8701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.577314][ T8701] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 268.603770][ T8701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.634937][ T8701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.662061][ T8701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.693190][ T8701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.713523][ T8701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.744377][ T8701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.770420][ T8701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.804160][ T8701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.829296][ T8701] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 268.869188][ T8701] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.898939][ T8701] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.921530][ T8701] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.936752][ T8701] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.964769][ T8832] loop3: detected capacity change from 0 to 8 [ 269.119007][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.126907][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.215323][ T29] audit: type=1804 audit(1719170977.284:2728): pid=8828 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir305772278/syzkaller.svoaOP/239/file0" dev="sda1" ino=1961 res=1 errno=0 [ 269.300712][ T2874] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.488814][ T29] audit: type=1804 audit(1719170977.314:2729): pid=8830 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir305772278/syzkaller.svoaOP/239/file0" dev="sda1" ino=1961 res=1 errno=0 [ 269.644488][ T2874] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 270.358696][ T8845] dccp_invalid_packet: P.type (CLOSEREQ) not Data || [Data]Ack, while P.X == 0 [ 270.547119][ T8845] loop3: detected capacity change from 0 to 4096 [ 270.632167][ T8845] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 270.678410][ T8845] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096) [ 270.718929][ T8845] NILFS (loop3): mounting unchecked fs [ 270.862977][ T8845] NILFS (loop3): invalid segment: Checksum error in segment payload [ 270.894448][ T8845] NILFS (loop3): unable to fall back to spare super block [ 270.905041][ T8845] NILFS (loop3): error -22 while searching super root [ 271.063760][ T5107] Bluetooth: Unexpected continuation frame (len 18) [ 271.954071][ T8845] loop3: detected capacity change from 0 to 512 [ 272.047270][ T8845] EXT4-fs (loop3): 1 truncate cleaned up [ 272.074633][ T8845] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.288377][ T8845] EXT4-fs error (device loop3): __ext4_remount:6503: comm syz-executor.3: Abort forced by user [ 272.322419][ T8845] EXT4-fs (loop3): Remounting filesystem read-only [ 272.794704][ T8864] loop4: detected capacity change from 0 to 32768 [ 272.833176][ T8864] XFS: noikeep mount option is deprecated. [ 272.840826][ T7792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.879998][ T8864] XFS: noikeep mount option is deprecated. [ 272.943414][ T8864] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 272.996019][ T8878] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 273.268640][ T8864] XFS (loop4): Ending clean mount [ 273.334488][ T8864] XFS (loop4): Quotacheck needed: Please wait. [ 273.429240][ T8890] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 273.511443][ T8864] XFS (loop4): Quotacheck: Done. [ 273.797603][ T8701] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 274.318208][ T8896] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 275.634646][ T8901] loop4: detected capacity change from 0 to 32768 [ 275.665997][ T8901] bcachefs (/dev/loop4): error validating superblock: Invalid superblock: optional field extends past end of superblock (type 0) [ 276.482087][ T8915] loop3: detected capacity change from 0 to 256 [ 276.501195][ T8915] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 276.540632][ T8915] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 276.636528][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.803827][ T8924] loop3: detected capacity change from 0 to 1024 [ 276.880757][ T8924] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 276.928907][ T8924] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.992307][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.178073][ T7792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.199870][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 277.219360][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 277.227659][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 277.235921][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 277.247814][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 277.259768][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 277.272112][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.453261][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.729817][ T11] bridge_slave_1: left allmulticast mode [ 277.735551][ T11] bridge_slave_1: left promiscuous mode [ 277.773638][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.818505][ T11] bridge_slave_0: left allmulticast mode [ 277.824190][ T11] bridge_slave_0: left promiscuous mode [ 277.861788][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 278.152347][ T8936] loop4: detected capacity change from 0 to 32768 [ 280.064035][ T8936] bcachefs (/dev/loop4): error validating superblock: Invalid superblock: optional field extends past end of superblock (type 0) [ 280.297990][ T8955] loop3: detected capacity change from 0 to 256 [ 280.428097][ T8955] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 280.583131][ T8955] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 280.959879][ T8950] sched: RT throttling activated [ 281.273441][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 281.306060][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 281.315298][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 281.330501][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 281.349092][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 281.360577][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 281.485874][ T8964] loop4: detected capacity change from 0 to 1024 [ 281.498397][ T8964] hfsplus: failed to load catalog file [ 282.112515][ T8972] loop4: detected capacity change from 0 to 128 [ 282.458619][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 282.613465][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 282.625009][ T11] bond0 (unregistering): Released all slaves [ 282.665604][ T8965] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 282.676593][ T8971] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 282.685886][ T8971] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 283.076105][ T8987] cgroup: fork rejected by pids controller in /syz3 [ 283.243143][ T9048] loop4: detected capacity change from 0 to 1024 [ 283.262766][ T9048] hfsplus: failed to load catalog file [ 283.437897][ T5107] Bluetooth: hci1: command tx timeout [ 283.723402][ T11] hsr_slave_0: left promiscuous mode [ 283.781703][ T11] hsr_slave_1: left promiscuous mode [ 283.793426][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 283.806674][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 283.822445][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 283.837799][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 283.876589][ T11] veth1_macvtap: left promiscuous mode [ 283.917681][ T11] veth0_macvtap: left promiscuous mode [ 283.932555][ T11] veth1_vlan: left promiscuous mode [ 283.948255][ T11] veth0_vlan: left promiscuous mode [ 284.545112][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 284.558655][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 284.581100][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 284.590187][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 284.602779][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 284.619663][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 284.861647][ T11] team0 (unregistering): Port device team_slave_1 removed [ 284.906714][ T11] team0 (unregistering): Port device team_slave_0 removed [ 285.379603][ T8956] chnl_net:caif_netlink_parms(): no params data found [ 285.468507][ T9073] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 285.517695][ T5107] Bluetooth: hci1: command tx timeout [ 285.779828][ T8956] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.794177][ T8956] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.803748][ T9082] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 285.814849][ T8956] bridge_slave_0: entered allmulticast mode [ 285.831827][ T8956] bridge_slave_0: entered promiscuous mode [ 285.864471][ T8956] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.888221][ T8956] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.895408][ T8956] bridge_slave_1: entered allmulticast mode [ 285.905145][ T8956] bridge_slave_1: entered promiscuous mode [ 285.978337][ T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 286.002657][ T8956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 286.012641][ T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 286.027295][ T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 286.036118][ T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 286.039071][ T8956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 286.043888][ T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 286.060964][ T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 286.227580][ T8956] team0: Port device team_slave_0 added [ 286.256279][ T8956] team0: Port device team_slave_1 added [ 286.304946][ T9068] chnl_net:caif_netlink_parms(): no params data found [ 286.352459][ T8956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 286.360392][ T8956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 286.395434][ T8956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 286.410437][ T8956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 286.424570][ T8956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 286.457463][ T8956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 287.096104][ T53] Bluetooth: hci0: command tx timeout [ 287.202999][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.278020][ T8956] hsr_slave_0: entered promiscuous mode [ 287.293608][ T8956] hsr_slave_1: entered promiscuous mode [ 287.385282][ T8956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 287.392971][ T8956] Cannot create hsr debugfs directory [ 287.425234][ T9110] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 287.437017][ T9112] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 287.489185][ T9068] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.496354][ T9068] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.515998][ T9068] bridge_slave_0: entered allmulticast mode [ 287.540614][ T9068] bridge_slave_0: entered promiscuous mode [ 287.587644][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.605857][ T53] Bluetooth: hci1: command tx timeout [ 287.662284][ T9068] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.681201][ T9068] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.708693][ T9068] bridge_slave_1: entered allmulticast mode [ 287.716045][ T9068] bridge_slave_1: entered promiscuous mode [ 287.844982][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.936793][ T9068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 288.006593][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.049547][ T9068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 288.158646][ T53] Bluetooth: hci2: command tx timeout [ 288.397614][ T5205] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 288.630012][ T9068] team0: Port device team_slave_0 added [ 288.643489][ T9068] team0: Port device team_slave_1 added [ 288.702772][ T9126] Bluetooth: MGMT ver 1.22 [ 288.732662][ T5205] usb 5-1: New USB device found, idVendor=0830, idProduct=0080, bcdDevice=f0.a0 [ 288.747597][ T5205] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.768708][ T5205] usb 5-1: config 0 descriptor?? [ 288.776923][ T9068] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.786757][ T9068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.789376][ T5205] kl5kusb105 5-1:0.0: KL5KUSB105D / PalmConnect converter detected [ 288.814777][ T9068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.840734][ T9068] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.845982][ T5205] usb 5-1: KL5KUSB105D / PalmConnect converter now attached to ttyUSB0 [ 288.847842][ T9068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.882469][ T9068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.992011][ T5148] usb 5-1: USB disconnect, device number 6 [ 289.009516][ T5148] kl5kusb105d ttyUSB0: KL5KUSB105D / PalmConnect converter now disconnected from ttyUSB0 [ 289.047919][ T5148] kl5kusb105 5-1:0.0: device disconnected [ 289.118285][ T53] Bluetooth: hci0: command tx timeout [ 289.157336][ T9130] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 289.216953][ T9085] chnl_net:caif_netlink_parms(): no params data found [ 289.294322][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.350036][ T9068] hsr_slave_0: entered promiscuous mode [ 289.356988][ T9068] hsr_slave_1: entered promiscuous mode [ 289.365636][ T9068] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 289.375247][ T9068] Cannot create hsr debugfs directory [ 289.451003][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.624703][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.687737][ T53] Bluetooth: hci1: command tx timeout [ 289.733977][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.832802][ T9085] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.840294][ T9085] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.848969][ T9085] bridge_slave_0: entered allmulticast mode [ 289.856381][ T9085] bridge_slave_0: entered promiscuous mode [ 289.888019][ T5148] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 289.905732][ T9085] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.915588][ T9085] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.924395][ T9085] bridge_slave_1: entered allmulticast mode [ 289.936711][ T9085] bridge_slave_1: entered promiscuous mode [ 290.010284][ T9085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 290.031668][ T8956] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 290.054256][ T9085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 290.074108][ T8956] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 290.077827][ T5148] usb 5-1: Using ep0 maxpacket: 8 [ 290.092603][ T5148] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 290.108557][ T5148] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 290.117917][ T5148] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.126126][ T5148] usb 5-1: Product: syz [ 290.128039][ T8956] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 290.132157][ T5148] usb 5-1: Manufacturer: syz [ 290.141870][ T5148] usb 5-1: SerialNumber: syz [ 290.154017][ T5148] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 290.184494][ T8956] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 290.216288][ T9085] team0: Port device team_slave_0 added [ 290.226536][ T9085] team0: Port device team_slave_1 added [ 290.247710][ T53] Bluetooth: hci2: command tx timeout [ 290.282723][ T11] bridge_slave_1: left allmulticast mode [ 290.288649][ T11] bridge_slave_1: left promiscuous mode [ 290.294409][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 290.304988][ T11] bridge_slave_0: left allmulticast mode [ 290.311462][ T11] bridge_slave_0: left promiscuous mode [ 290.317203][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.330834][ T11] bridge_slave_1: left allmulticast mode [ 290.336485][ T11] bridge_slave_1: left promiscuous mode [ 290.343043][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 290.359939][ T11] bridge_slave_0: left allmulticast mode [ 290.366000][ T11] bridge_slave_0: left promiscuous mode [ 290.377721][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.462063][ T9149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 290.477618][ T9149] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 291.063303][ T9151] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 291.129958][ T25] usb 5-1: USB disconnect, device number 7 [ 291.139814][ T9153] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 291.203947][ T53] Bluetooth: hci0: command tx timeout [ 291.688794][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 291.703720][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 291.724412][ T11] bond0 (unregistering): Released all slaves [ 291.730712][ T9157] loop4: detected capacity change from 0 to 64 [ 291.904000][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 291.914938][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 291.925743][ T11] bond0 (unregistering): Released all slaves [ 291.956320][ T9085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 291.963578][ T9085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.002850][ T9085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.102038][ T9085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.124187][ T9085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.159833][ T9085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 292.175728][ T9163] loop4: detected capacity change from 0 to 1024 [ 292.207081][ T9163] hfsplus: catalog searching failed [ 292.245220][ T35] hfsplus: b-tree write err: -5, ino 8 [ 292.320139][ T9085] hsr_slave_0: entered promiscuous mode [ 292.327307][ T53] Bluetooth: hci2: command tx timeout [ 292.335660][ T9085] hsr_slave_1: entered promiscuous mode [ 292.350646][ T9085] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 292.359053][ T9085] Cannot create hsr debugfs directory [ 292.428037][ T5205] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 292.630275][ T5205] usb 1-1: New USB device found, idVendor=0830, idProduct=0080, bcdDevice=f0.a0 [ 292.658907][ T5205] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.706235][ T5205] usb 1-1: config 0 descriptor?? [ 292.733806][ T5205] kl5kusb105 1-1:0.0: KL5KUSB105D / PalmConnect converter detected [ 293.010942][ T5205] usb 1-1: KL5KUSB105D / PalmConnect converter now attached to ttyUSB0 [ 293.168035][ T5205] usb 1-1: USB disconnect, device number 5 [ 293.237353][ T5205] kl5kusb105d ttyUSB0: KL5KUSB105D / PalmConnect converter now disconnected from ttyUSB0 [ 293.259141][ T5205] kl5kusb105 1-1:0.0: device disconnected [ 293.278132][ T53] Bluetooth: hci0: command tx timeout [ 293.331375][ T11] hsr_slave_0: left promiscuous mode [ 293.349399][ T11] hsr_slave_1: left promiscuous mode [ 293.359452][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 293.366868][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 293.404961][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 293.416076][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 293.435671][ T11] hsr_slave_0: left promiscuous mode [ 293.446657][ T11] hsr_slave_1: left promiscuous mode [ 293.460801][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 293.468597][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 293.476584][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 293.484519][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 293.555393][ T11] veth1_macvtap: left promiscuous mode [ 293.561415][ T11] veth0_macvtap: left promiscuous mode [ 293.567347][ T11] veth1_vlan: left promiscuous mode [ 293.573246][ T11] veth0_vlan: left promiscuous mode [ 293.586617][ T11] veth1_macvtap: left promiscuous mode [ 293.597602][ T11] veth0_macvtap: left promiscuous mode [ 293.603196][ T11] veth1_vlan: left promiscuous mode [ 293.615478][ T11] veth0_vlan: left promiscuous mode [ 294.014892][ T29] audit: type=1326 audit(1719171002.114:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9188 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcc1c47d0a9 code=0x0 [ 294.155076][ T9183] loop4: detected capacity change from 0 to 32768 [ 294.402504][ T53] Bluetooth: hci2: command tx timeout [ 294.523333][ T11] team0 (unregistering): Port device team_slave_1 removed [ 294.572321][ T11] team0 (unregistering): Port device team_slave_0 removed [ 296.185128][ T11] team0 (unregistering): Port device team_slave_1 removed [ 296.235150][ T11] team0 (unregistering): Port device team_slave_0 removed [ 296.716651][ T8956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 296.795999][ T8956] 8021q: adding VLAN 0 to HW filter on device team0 [ 296.814431][ T9068] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 296.876555][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.883719][ T5246] bridge0: port 1(bridge_slave_0) entered forwarding state [ 296.894858][ T9068] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 296.904727][ T9068] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 296.961495][ T9068] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 296.977925][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.985182][ T5246] bridge0: port 2(bridge_slave_1) entered forwarding state [ 297.190867][ T9068] 8021q: adding VLAN 0 to HW filter on device bond0 [ 297.225677][ T9068] 8021q: adding VLAN 0 to HW filter on device team0 [ 297.274969][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state [ 297.282147][ T5246] bridge0: port 1(bridge_slave_0) entered forwarding state [ 297.317115][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state [ 297.324247][ T5246] bridge0: port 2(bridge_slave_1) entered forwarding state [ 297.493670][ T8956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 297.531665][ T9085] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 297.561008][ T9085] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 297.581220][ T9085] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 297.608667][ T9085] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 297.676103][ T8956] veth0_vlan: entered promiscuous mode [ 297.690055][ T8956] veth1_vlan: entered promiscuous mode [ 297.727804][ T9068] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 297.785965][ T8956] veth0_macvtap: entered promiscuous mode [ 297.807200][ T8956] veth1_macvtap: entered promiscuous mode [ 297.820561][ T9085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 297.856684][ T9068] veth0_vlan: entered promiscuous mode [ 297.864189][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.875231][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.887278][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.899160][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.911283][ T8956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 297.930930][ T9085] 8021q: adding VLAN 0 to HW filter on device team0 [ 297.946986][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.961227][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.972781][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.983627][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.994842][ T8956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 298.006284][ T9068] veth1_vlan: entered promiscuous mode [ 298.017057][ T8956] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.026120][ T8956] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.035262][ T8956] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.044650][ T8956] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.064242][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.071393][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.085873][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.092995][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.224218][ T9068] veth0_macvtap: entered promiscuous mode [ 298.230236][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.240466][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.274908][ T9068] veth1_macvtap: entered promiscuous mode [ 298.311679][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.325540][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 298.332103][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.351932][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.364281][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 298.377604][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.387426][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 298.399463][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.410971][ T9068] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 298.424926][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 298.450107][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.477360][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 298.495582][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.516911][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 298.527384][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.539532][ T9068] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 298.552967][ T9068] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.562017][ T9068] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.571577][ T9068] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.580461][ T9068] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.615959][ T9085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 298.692063][ T2797] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.711489][ T2797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.743447][ T2778] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.753710][ T9085] veth0_vlan: entered promiscuous mode [ 298.759427][ T2778] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.789588][ T9085] veth1_vlan: entered promiscuous mode [ 298.851762][ T9085] veth0_macvtap: entered promiscuous mode [ 298.865294][ T9085] veth1_macvtap: entered promiscuous mode [ 298.904497][ T9085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 298.922331][ T9085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.933252][ T9085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 298.944994][ T9085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.956267][ T9085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 298.968103][ T9085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.978978][ T9085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 298.989550][ T9085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.001188][ T9085] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 299.029616][ T9085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.042024][ T9085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.054635][ T9085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.066084][ T9085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.076512][ T9085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.087098][ T9085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.097023][ T9085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.108594][ T9085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.121009][ T9085] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 299.150719][ T9085] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.166955][ T9085] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.177026][ T9085] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.186824][ T9085] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.246949][ T9218] loop3: detected capacity change from 0 to 40427 [ 299.256537][ T9218] F2FS-fs (loop3): heap/no_heap options were deprecated [ 299.274867][ T9218] F2FS-fs (loop3): invalid crc value [ 299.297410][ T9218] F2FS-fs (loop3): Found nat_bits in checkpoint [ 299.329745][ T2851] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 299.342175][ T2851] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 299.372134][ T9218] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 299.384373][ T2851] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 299.389568][ T9218] 9pnet_fd: p9_fd_create_unix (9218): problem connecting socket: ./file0: -111 [ 299.402135][ T2851] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 299.425395][ T9068] syz-executor.3: attempt to access beyond end of device [ 299.425395][ T9068] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 299.441351][ T9068] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 301.351143][ T9239] loop1: detected capacity change from 0 to 256 [ 301.391825][ T9239] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 301.444033][ T9243] loop4: detected capacity change from 0 to 1024 [ 301.490348][ T29] audit: type=1800 audit(1719171009.524:2731): pid=9243 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1948 res=0 errno=0 [ 301.583014][ T9240] loop3: detected capacity change from 0 to 4096 [ 301.597417][ T9240] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 301.608546][ T2797] hfsplus: b-tree write err: -5, ino 4 [ 301.819876][ T53] Bluetooth: Unexpected continuation frame (len 18) [ 302.550069][ T9240] ntfs3: loop3: failed to convert "c46c" to macroman [ 303.102959][ T9277] xt_hashlimit: overflow, try lower: 0/0 [ 303.186009][ T9279] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 303.353597][ T29] audit: type=1800 audit(1719171011.464:2732): pid=9285 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1964 res=0 errno=0 [ 303.487914][ T25] usb 4-1: new low-speed USB device number 7 using dummy_hcd [ 303.687311][ T9285] loop4: detected capacity change from 0 to 1024 [ 303.960804][ T9289] loop2: detected capacity change from 0 to 164 [ 304.794718][ T9286] Unsupported NM flag settings (8) [ 304.803743][ T53] Bluetooth: Unexpected continuation frame (len 18) [ 304.855800][ T2797] hfsplus: b-tree write err: -5, ino 4 [ 305.003469][ T25] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 305.017596][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 305.035356][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 305.047612][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 305.097627][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 305.104259][ T9259] loop1: detected capacity change from 0 to 32768 [ 305.145426][ T25] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 305.189686][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 305.206699][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 305.226930][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 305.255627][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 305.278613][ T9259] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 305.281811][ T25] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 305.426423][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 305.431553][ T9305] loop4: detected capacity change from 0 to 256 [ 305.443667][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 305.454268][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 305.465745][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 305.479944][ T25] usb 4-1: string descriptor 0 read error: -22 [ 305.486489][ T25] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 305.500551][ T9305] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 305.513161][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.564218][ T25] adutux 4-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 305.655934][ T9259] XFS (loop1): Ending clean mount [ 305.704697][ T9085] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 305.705959][ T29] audit: type=1800 audit(1719171013.814:2733): pid=9305 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1048671 res=0 errno=0 [ 306.613567][ T783] usb 4-1: USB disconnect, device number 7 [ 309.712269][ T9346] loop1: detected capacity change from 0 to 32768 [ 309.749455][ T9346] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 309.776625][ T9388] loop3: detected capacity change from 0 to 512 [ 310.388801][ T9346] XFS (loop1): Ending clean mount [ 310.394313][ T29] audit: type=1804 audit(1719171018.504:2734): pid=9398 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir305772278/syzkaller.svoaOP/306/file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="sda1" ino=1966 res=1 errno=0 [ 310.396039][ T9388] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.543093][ T9388] ext4 filesystem being mounted at /root/syzkaller-testdir983219299/syzkaller.AzKRDm/13/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 310.600435][ T9085] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 310.948912][ T9068] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.019254][ T9410] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 311.202313][ T9387] loop2: detected capacity change from 0 to 40427 [ 311.215774][ T9412] loop4: detected capacity change from 0 to 1024 [ 311.224738][ T9387] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 311.254314][ T9412] hfsplus: extend alloc file! (8192,65536,366) [ 311.260902][ T9387] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 311.284455][ T9387] F2FS-fs (loop2): invalid crc value [ 311.370143][ T9387] F2FS-fs (loop2): Found nat_bits in checkpoint [ 311.614132][ T9387] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 311.635691][ T9387] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 312.387793][ T9432] loop4: detected capacity change from 0 to 256 [ 312.455630][ T9432] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 312.481618][ T9423] loop1: detected capacity change from 0 to 32768 [ 312.533423][ T29] audit: type=1800 audit(1719171020.644:2735): pid=9432 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1048672 res=0 errno=0 [ 312.733751][ T2797] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 312.871613][ T9451] debugfs: Directory 'netdev:nicvf0' with parent 'phy26' already present! [ 312.935460][ T2797] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 313.391246][ T9423] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,noshard_inode_numbers,noinodes_use_key_cache,gc_reserve_bytes=512 GiB,nojournal_transaction_names [ 313.457779][ T9423] bcachefs (loop1): recovering from clean shutdown, journal seq 8 [ 313.542644][ T9423] bcachefs (loop1): alloc_read... done [ 313.552673][ T9423] bcachefs (loop1): stripes_read... done [ 313.565111][ T9423] bcachefs (loop1): snapshots_read... done [ 313.582073][ T9423] bcachefs (loop1): journal_replay... done [ 313.601298][ T9423] bcachefs (loop1): resume_logged_ops... done [ 313.616595][ T9423] bcachefs (loop1): going read-write [ 313.667634][ T9423] bcachefs (loop1): done starting filesystem [ 313.767791][ T9085] bcachefs (loop1): shutting down [ 313.783125][ T9085] bcachefs (loop1): going read-only [ 313.797539][ T9085] bcachefs (loop1): finished waiting for writes to stop [ 313.872408][ T9085] bcachefs (loop1): flushing journal and stopping allocators, journal seq 8 [ 313.903356][ T9085] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 8 [ 313.956846][ T9085] bcachefs (loop1): shutdown complete, journal seq 9 [ 313.968476][ T9085] bcachefs (loop1): marking filesystem clean [ 317.716080][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.724907][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.952682][ T9085] bcachefs (loop1): shutdown complete [ 318.045281][ T9477] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 318.237031][ T9477] loop4: detected capacity change from 0 to 1024 [ 318.303634][ T9477] hfsplus: extend alloc file! (8192,65536,366) [ 318.612161][ T9484] vlan2: entered promiscuous mode [ 318.653061][ T9484] batadv0: entered promiscuous mode [ 318.721743][ T9484] team0: Port device vlan2 added [ 318.742746][ T9492] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 318.765232][ T9492] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.0'. [ 318.971136][ T9498] binder: 9496:9498 ioctl c0306201 0 returned -14 [ 319.060921][ T29] audit: type=1326 audit(1719171027.174:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9502 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f936947d0a9 code=0x0 [ 319.233062][ T9519] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 319.241559][ T9519] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 319.351266][ T9523] loop1: detected capacity change from 0 to 256 [ 320.932683][ T9540] loop1: detected capacity change from 0 to 4096 [ 320.954140][ T9548] loop4: detected capacity change from 0 to 256 [ 320.990683][ T9520] loop2: detected capacity change from 0 to 40427 [ 321.025827][ T9520] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 321.033928][ T9520] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 321.064053][ T9548] loop4: detected capacity change from 256 to 0 [ 321.080467][ T9548] syz-executor.4: attempt to access beyond end of device [ 321.080467][ T9548] loop4: rw=0, sector=128, nr_sectors = 1 limit=0 [ 321.096440][ T9548] exFAT-fs (loop4): error, failed to access to FAT (entry 0x00000005, err:-5) [ 321.107915][ T9556] team0: entered promiscuous mode [ 321.112983][ T9556] team_slave_0: entered promiscuous mode [ 321.119854][ T9548] exFAT-fs (loop4): Filesystem has been set read-only [ 321.128892][ T9520] F2FS-fs (loop2): Found nat_bits in checkpoint [ 321.137889][ T9556] team_slave_1: entered promiscuous mode [ 321.166740][ T9556] team_slave_0: entered allmulticast mode [ 321.180817][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.180817][ T8701] loop4: rw=0, sector=128, nr_sectors = 1 limit=0 [ 321.226602][ T9556] team0: Port device team_slave_0 removed [ 321.237645][ T8701] exFAT-fs (loop4): error, failed to access to FAT (entry 0x00000005, err:-5) [ 321.255100][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.255100][ T8701] loop4: rw=524288, sector=8312, nr_sectors = 1 limit=0 [ 321.282770][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.282770][ T8701] loop4: rw=524288, sector=8313, nr_sectors = 1 limit=0 [ 321.299962][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.299962][ T8701] loop4: rw=524288, sector=8314, nr_sectors = 1 limit=0 [ 321.303949][ T9554] team0: left promiscuous mode [ 321.314633][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.314633][ T8701] loop4: rw=524288, sector=8315, nr_sectors = 1 limit=0 [ 321.332989][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.332989][ T8701] loop4: rw=524288, sector=8316, nr_sectors = 1 limit=0 [ 321.347178][ T9520] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 321.354343][ T9520] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 321.362041][ T9554] team_slave_1: left promiscuous mode [ 321.373643][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.373643][ T8701] loop4: rw=524288, sector=8317, nr_sectors = 1 limit=0 [ 321.394233][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.394233][ T8701] loop4: rw=524288, sector=8318, nr_sectors = 1 limit=0 [ 321.408347][ T8701] syz-executor.4: attempt to access beyond end of device [ 321.408347][ T8701] loop4: rw=524288, sector=8319, nr_sectors = 1 limit=0 [ 321.459599][ T29] audit: type=1800 audit(1719171029.574:2737): pid=9520 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=10 res=0 errno=0 [ 321.500680][ T9565] fscrypt (sda1, inode 1964): Unsupported encryption flags (0x08) [ 322.673508][ T51] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.709103][ T9583] loop3: detected capacity change from 0 to 256 [ 322.863583][ T9583] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 322.953296][ T51] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.098060][ T9587] loop1: detected capacity change from 0 to 2048 [ 323.151976][ T9587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.228244][ T5107] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 323.240884][ T5107] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 323.251210][ T5107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 323.259367][ T5107] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 323.267053][ T5107] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 323.275171][ T5107] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 323.286313][ T51] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.504209][ T51] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.813260][ T51] bridge_slave_1: left allmulticast mode [ 323.834455][ T51] bridge_slave_1: left promiscuous mode [ 323.856148][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.865685][ T29] audit: type=1800 audit(1719171031.964:2738): pid=9587 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.1" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 323.891015][ T51] bridge_slave_0: left allmulticast mode [ 323.897087][ T51] bridge_slave_0: left promiscuous mode [ 323.906788][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.923691][ T29] audit: type=1804 audit(1719171032.034:2739): pid=9611 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir305772278/syzkaller.svoaOP/327/bus" dev="sda1" ino=1957 res=1 errno=0 [ 323.957633][ T29] audit: type=1804 audit(1719171032.064:2740): pid=9611 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir305772278/syzkaller.svoaOP/327/bus" dev="sda1" ino=1957 res=1 errno=0 [ 323.978133][ T9085] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.014617][ T29] audit: type=1804 audit(1719171032.134:2741): pid=9612 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir305772278/syzkaller.svoaOP/327/bus" dev="sda1" ino=1957 res=1 errno=0 [ 324.796617][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 324.986066][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 325.115606][ T51] bond0 (unregistering): Released all slaves [ 325.210830][ T51] bond1 (unregistering): Released all slaves [ 325.367809][ T53] Bluetooth: hci4: command tx timeout [ 325.384926][ T9593] chnl_net:caif_netlink_parms(): no params data found [ 325.573815][ T9635] loop3: detected capacity change from 0 to 256 [ 325.645178][ T9635] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 325.664874][ T9635] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 325.757758][ T9593] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.765085][ T9593] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.776208][ T9593] bridge_slave_0: entered allmulticast mode [ 325.793580][ T25] kernel read not supported for file /usbmon0 (pid: 25 comm: kworker/1:0) [ 325.803952][ T9593] bridge_slave_0: entered promiscuous mode [ 325.827463][ T9593] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.837925][ T9593] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.856980][ T29] audit: type=1326 audit(1719171033.964:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9649 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6439e7d0a9 code=0x7ffc0000 [ 325.860728][ T9593] bridge_slave_1: entered allmulticast mode [ 325.899781][ T9593] bridge_slave_1: entered promiscuous mode [ 325.913230][ T29] audit: type=1326 audit(1719171033.964:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9649 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6439e7d0a9 code=0x7ffc0000 [ 325.971393][ T29] audit: type=1326 audit(1719171034.004:2744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9649 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6439e7d0a9 code=0x7ffc0000 [ 326.046912][ T29] audit: type=1326 audit(1719171034.004:2745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9649 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6439e7d0a9 code=0x7ffc0000 [ 326.073927][ T29] audit: type=1326 audit(1719171034.004:2746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9649 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6439e7d0a9 code=0x7ffc0000 [ 326.098913][ T29] audit: type=1326 audit(1719171034.014:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9649 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f6439e7d0a9 code=0x7ffc0000 [ 326.122466][ T29] audit: type=1326 audit(1719171034.014:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9649 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6439e7d0a9 code=0x7ffc0000 [ 326.144641][ T29] audit: type=1326 audit(1719171034.014:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9649 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6439e7d0a9 code=0x7ffc0000 [ 326.186007][ T29] audit: type=1804 audit(1719171034.134:2750): pid=9659 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir983219299/syzkaller.AzKRDm/36/bus" dev="sda1" ino=1953 res=1 errno=0 [ 326.229340][ T29] audit: type=1804 audit(1719171034.134:2751): pid=9659 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir983219299/syzkaller.AzKRDm/36/bus" dev="sda1" ino=1953 res=1 errno=0 [ 326.305421][ T9593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 326.395836][ T9593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 326.617091][ T51] hsr_slave_0: left promiscuous mode [ 326.646389][ T51] hsr_slave_1: left promiscuous mode [ 326.693024][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 326.727750][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 326.754706][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 326.795032][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 326.873236][ T51] veth1_macvtap: left promiscuous mode [ 326.889866][ T51] veth0_macvtap: left promiscuous mode [ 326.904200][ T51] veth1_vlan: left promiscuous mode [ 326.904402][ T9679] loop2: detected capacity change from 0 to 2048 [ 326.912042][ T51] veth0_vlan: left promiscuous mode [ 327.063473][ T9667] loop1: detected capacity change from 0 to 40427 [ 327.100307][ T9667] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 327.125107][ T9667] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 327.303208][ T9667] F2FS-fs (loop1): invalid crc value [ 327.449374][ T53] Bluetooth: hci4: command tx timeout [ 328.021801][ T9667] F2FS-fs (loop1): Found nat_bits in checkpoint [ 328.181338][ T9667] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 328.198652][ T9667] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 328.210870][ T9702] loop3: detected capacity change from 0 to 128 [ 328.401317][ T11] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 328.418985][ T11] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 328.923774][ T9085] ------------[ cut here ]------------ [ 328.930211][ T9085] kernel BUG at fs/f2fs/inode.c:912! [ 328.949408][ T9085] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 328.956367][ T9085] CPU: 1 PID: 9085 Comm: syz-executor.1 Not tainted 6.10.0-rc4-syzkaller-00330-g7c16f0a4ed1c #0 [ 328.966772][ T9085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 328.976808][ T9085] RIP: 0010:f2fs_evict_inode+0x14ea/0x1510 [ 328.982603][ T9085] Code: fd 31 ff 89 de e8 66 c0 ae fd 40 84 ed 75 2b e8 5c bd ae fd 4d 89 fc e9 52 ec ff ff e8 4f bd ae fd 90 0f 0b e8 47 bd ae fd 90 <0f> 0b e8 3f bd ae fd 90 0f 0b 90 e9 f6 fe ff ff e8 31 bd ae fd e8 [ 329.002185][ T9085] RSP: 0018:ffffc9000ccd79f8 EFLAGS: 00010293 [ 329.008237][ T9085] RAX: ffffffff83e76759 RBX: 0000000000000002 RCX: ffff88802ae53c00 [ 329.016207][ T9085] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 329.024156][ T9085] RBP: 0000000000000000 R08: ffffffff83e7613f R09: 1ffff1100bb5e617 [ 329.032103][ T9085] R10: dffffc0000000000 R11: ffffed100bb5e618 R12: ffff888053bf0000 [ 329.040053][ T9085] R13: dffffc0000000000 R14: ffff88805daf2c10 R15: ffff88805daf30b8 [ 329.047999][ T9085] FS: 0000555573fa2480(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 329.056900][ T9085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 329.063471][ T9085] CR2: 0000001b33455000 CR3: 000000002ca0e000 CR4: 00000000003506f0 [ 329.071434][ T9085] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 329.079392][ T9085] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 329.087351][ T9085] Call Trace: [ 329.090617][ T9085] [ 329.093537][ T9085] ? __die_body+0x88/0xe0 [ 329.097862][ T9085] ? die+0xcf/0x110 [ 329.101662][ T9085] ? do_trap+0x15a/0x3a0 [ 329.105894][ T9085] ? f2fs_evict_inode+0x14ea/0x1510 [ 329.111083][ T9085] ? do_error_trap+0x1dc/0x2c0 [ 329.115833][ T9085] ? f2fs_evict_inode+0x14ea/0x1510 [ 329.121020][ T9085] ? __pfx_do_error_trap+0x10/0x10 [ 329.126122][ T9085] ? handle_invalid_op+0x34/0x40 [ 329.131046][ T9085] ? f2fs_evict_inode+0x14ea/0x1510 [ 329.136231][ T9085] ? exc_invalid_op+0x38/0x50 [ 329.140890][ T9085] ? asm_exc_invalid_op+0x1a/0x20 [ 329.145902][ T9085] ? f2fs_evict_inode+0xecf/0x1510 [ 329.150998][ T9085] ? f2fs_evict_inode+0x14e9/0x1510 [ 329.156182][ T9085] ? f2fs_evict_inode+0x14ea/0x1510 [ 329.161375][ T9085] ? f2fs_evict_inode+0x14e9/0x1510 [ 329.166566][ T9085] ? do_raw_spin_unlock+0x13c/0x8b0 [ 329.171756][ T9085] ? _raw_spin_unlock+0x28/0x50 [ 329.176598][ T9085] ? __pfx_f2fs_evict_inode+0x10/0x10 [ 329.181955][ T9085] evict+0x2a8/0x630 [ 329.185841][ T9085] evict_inodes+0x5f9/0x690 [ 329.190330][ T9085] ? __pfx_evict_inodes+0x10/0x10 [ 329.195337][ T9085] ? dput+0x37/0x2b0 [ 329.199219][ T9085] generic_shutdown_super+0x9d/0x2d0 [ 329.204490][ T9085] kill_block_super+0x44/0x90 [ 329.209151][ T9085] kill_f2fs_super+0x344/0x690 [ 329.213909][ T9085] ? __pfx_kill_f2fs_super+0x10/0x10 [ 329.219184][ T9085] ? shrinker_free+0x2c7/0x3d0 [ 329.223940][ T9085] deactivate_locked_super+0xc4/0x130 [ 329.229301][ T9085] cleanup_mnt+0x41f/0x4b0 [ 329.233703][ T9085] ? lockdep_hardirqs_on+0x99/0x150 [ 329.238889][ T9085] task_work_run+0x24f/0x310 [ 329.243470][ T9085] ? __pfx_task_work_run+0x10/0x10 [ 329.248565][ T9085] ? __x64_sys_umount+0x126/0x170 [ 329.253577][ T9085] ? syscall_exit_to_user_mode+0xa3/0x370 [ 329.259287][ T9085] syscall_exit_to_user_mode+0x168/0x370 [ 329.264914][ T9085] do_syscall_64+0x100/0x230 [ 329.269505][ T9085] ? clear_bhb_loop+0x35/0x90 [ 329.274173][ T9085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.280069][ T9085] RIP: 0033:0x7fa49907e3d7 [ 329.284468][ T9085] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 329.304054][ T9085] RSP: 002b:00007ffc8bd5c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 329.312452][ T9085] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fa49907e3d7 2024/06/23 19:30:37 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 329.320406][ T9085] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc8bd5c0f0 [ 329.328358][ T9085] RBP: 00007ffc8bd5c0f0 R08: 0000000000000000 R09: 0000000000000000 [ 329.336311][ T9085] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc8bd5d1a0 [ 329.344277][ T9085] R13: 00007fa4990d96c6 R14: 000000000004f9fd R15: 000000000000001b [ 329.352241][ T9085] [ 329.355242][ T9085] Modules linked in: [ 329.359232][ C1] vkms_vblank_simulate: vblank timer overrun [ 329.433647][ T9085] ---[ end trace 0000000000000000 ]--- [ 329.439361][ T9085] RIP: 0010:f2fs_evict_inode+0x14ea/0x1510 [ 329.445294][ T9085] Code: fd 31 ff 89 de e8 66 c0 ae fd 40 84 ed 75 2b e8 5c bd ae fd 4d 89 fc e9 52 ec ff ff e8 4f bd ae fd 90 0f 0b e8 47 bd ae fd 90 <0f> 0b e8 3f bd ae fd 90 0f 0b 90 e9 f6 fe ff ff e8 31 bd ae fd e8 [ 329.527012][ T9085] RSP: 0018:ffffc9000ccd79f8 EFLAGS: 00010293 [ 329.527561][ T53] Bluetooth: hci4: command tx timeout [ 329.539864][ T9085] RAX: ffffffff83e76759 RBX: 0000000000000002 RCX: ffff88802ae53c00 [ 329.569364][ T9701] rfkill: input handler enabled