last executing test programs: 2.490241973s ago: executing program 1 (id=3749): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000100)={'ip6gre0\x00', 0x0}) 2.330244869s ago: executing program 1 (id=3753): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) futex(0x0, 0x84, 0x2, 0x0, 0x0, 0x22) 2.204195891s ago: executing program 1 (id=3756): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x4]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) syz_usb_disconnect(r2) 1.384954042s ago: executing program 1 (id=3773): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="08001efb3e6f0000", 0x8}], 0x1, 0x0, 0x0, 0xe0000000}, 0x810) 1.301196241s ago: executing program 4 (id=3776): clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x4]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1}, 0x20) 1.263761815s ago: executing program 1 (id=3777): socket$nl_generic(0x10, 0x3, 0x10) bind$l2tp6(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) shutdown(r1, 0x0) recvmmsg(r1, &(0x7f0000005000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0) syz_open_dev$sg(0x0, 0x0, 0x202) listen(r0, 0x40000000) 1.143390356s ago: executing program 0 (id=3781): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="d0010000100013070000000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb000000004e2300010000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c2900"], 0x1d0}}, 0x0) 1.00611939s ago: executing program 3 (id=3784): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) prlimit64(0x0, 0x7, &(0x7f0000000180)={0x1, 0x8}, 0x0) fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) 970.099354ms ago: executing program 0 (id=3785): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x1c000001, 0x0, {[0x8]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="540000001200010000000000000000001d00000000004e2300000000ffffffffff0700000000000000000000000000000000000009000000", @ANYRES32=0x0, @ANYBLOB="010000000300000000000000000000000800030011"], 0x54}}, 0x20004010) 952.732455ms ago: executing program 2 (id=3786): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000940)=ANY=[@ANYBLOB="8401000010000100000000000000000064010101000000000000000000000000ac14149a0500000000000000000000000001fff9200000410a00002067000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="64010100000000000000000000000000fffffffe6c000000fe8000000000000000000000000000aa00000000000000000000000000000000008000000000000000000000000000000100000000000000010000000000000004000000000000000000000000000000020000000000000004000000000000000000004000000000000000000000000000000002000000000000000026bd7000000000000a0000010000000000000000480003"], 0x184}, 0x1, 0x0, 0x0, 0x44}, 0x4810) 862.994564ms ago: executing program 1 (id=3787): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x2000000, &(0x7f0000000640)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b46ea5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d9"], 0x1, 0x5514, &(0x7f0000013680)="$eJzs3M1rI2UcB/Bf2u2+uxbx4G0HFqGFTdh0X9Dbqrv4gl2KLwdPmiZpyG6SKU2a1p48eBQP/iei4Mmjf4MHz97Eg+JNWMk8U9n6gkqzjd1+PjD9zjyZ/Ob3hNLyTEICOLEWs19+qsSlOBcR8xFxMaLYr5Rb4XaK5yLickTMPbJVyvHfB05HxPmIuDQpnmpWyoc+uzq+cvPHN37++tszpy58/tV3s5s1MGvPR0R/M+3v9FPmnZT3y/HGuFtk/8a4zPRA/0F5nKfcaa8XFXYa++c1irzeSefnm9vDSW70Gs1JdrobxfjmIF1wOO7s1ymecL+xVRy32utFdod5kZ291NfuXvrbtjccpTqtst6HRfkYjfYzjbd322k+mw+KbA5G5Xiqm7fau5Mcl1leLpp5r1X0sX6YV/r/7c3uYHs3G7e3ht18kN2s1V+o1W9V61t5qz1q36g2+q1bN7KlTm9yWnXUbvRvd/K802vXmnl/OVvqNJvVej1butNe7zYGWb1eu167Vr25XO5dzV69927Wa2VLk3y5O9gedXvDbCPfytIzlrOV2vUXl7Mr9ezt1bVs7a27d1fX3nn/znv3Xlp9/ZXypD+1lS2tXFtZqdavVVfqy8d3/pP/9f9p/h+XTU9x/nAolVk3AHD8WP8D0/fwH8847uv/sP6fCuv/kz1/OBTrfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAE+v7hS9eK3YW0/GFcvypcuiZ8rgSEXMR8fAvzMfpAzXnyzoLf3P+wh96+KYSRYXJNc6U2/mIuF1uvz79uF8FAAAAeHJ9+dHlT9NqPf1YnHVDHKV002bu4gdTqleJiIXFH6ZQJcqbTfHs4btKJr/fp2J3StWKG1hnp1Qs3XI7Na1q/8r8gTj7SFRSzB1pOwAAwJE4uBI42lUIAAAAR+mTWTfAbBTvtJafxS8/wH8mRfmG4LkDRwAAAMAxVJl1AwAAAMBjV6z/ff8fAAAAPNnS9/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAb+zcTU7qUBQH8NOWvsf7yiPGuVtxBstwCQ4dGhbgJlgCbsENsAacuQQDhrYoNZgY+xXJ75e0t7chf06ZnXtJAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALj3my9n97cVd05zNtpl2ngYAAAA4Zp0vZ8XFpJz/qe7/q26dVfMkItKIONa7Z/GjlplVOfkHn8/f1fAQUSTsvuNndfyOiMvqeP7f9a8AAAAAp2s1X0zLbr08TYYuiO6NX6/KRZv071VLyUlE5JOnrwdss4NJujudt1BWYZc8ipuW0ooFrHFLYeWS26ittE/JasP4YEjKIe21HAAAoBf1TqDfLgQAAIA+XQ9dAMNIYr+Vud8LLv55/7Yh+Ks2AwAAAL6hZOgCAAAAgM4V/b/3/wEAAMBpK9//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJfW+XK2mi+mTXM222baeRoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAF/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN7/7y/+JqXEmmXttLD2PJGunxtapsXduHP1hfP0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J+XFAiBIIiCOeN/J33/w0qCnkGECGh4VFGLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCLfvfL/4mpcSaZO20sHY8ka1eNravG3oPG0YPx9m8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42Lmf3yiqOADg39lfWJRYq+mhxmjiQS9SFgS5etA0HvwTTJqyYHXxB/QghJj04s30ZsLF6NEYE0298T9whoQL3jj0gIknD5qZnWkfK+giMLPtfj7Jm/ed2WHe9w1N0++8aQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMrO23txO9/Mj+JWeezG3StreX9zrM9d27q1lLc8zupMen94Kd3JFptLBAAAgNnRrur7iLjd3V7J+9Z8Uf93q3Pymv+7I6O4qufH6/6qr2r/vP36y50XdgeaH42TX/Ts+nBw7J+pdJ7cLKfbs/95Rqe488Wzl3bxH9J6b/P5nW5xP7Ovr19/p1eEh+rIFgD4P45WfRlUPw/lfb/JxACYGZ2k8K7q//Z8szkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1KG3GU9XcRYRS529OHfz7pW1oh/bv7Z1a6lqp65e3UqvmV+iGxFn14eDY3VNZB+4eOnyx6vD4eDCfYO5iHjAR48evBwRj//K8XD/6oMJzol47HMX1Bi0yq/1aclnfwQNf2MCAODA6ZYtr+tvd7dX8mPZQsRf399b/7+WxJHW/2N9Wv/f+fDUjXSstP7v1zbDKfHNkQd+tLxx/rPli5cuv7F+fvXc4NzgkzeP99/qnzh98uTp5eJZybInJgAAADyaXtnS+r+1ELEztv5/OIljwvr/82/7X6ZjtWe5/v8Xe4t+TWcCAAAw25575Y/fs/scz3q9+GJ1Y+NCf7Td3T8+2jaQ6kM7VLa0/m8vNJ0VAAAAUIedzeye9f8zSRwTrv8/88OLP6XXbEfEXLn+f3Tt0+GZ+qbTkD8nOquOXyd+4lMFAABgqs2VLV3/7xbv/7d2X3loRcTrrxZhVv4ZwInq//a7X/2YjpW+/3+ixjlOo9bi6H4U/WJEZ7HpjAAAADjInipbXuz/1t1e+ejnw+/3vP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAULe/AwAA///lFT7r") 800.08907ms ago: executing program 3 (id=3788): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) futex(0x0, 0x5, 0x0, 0x0, 0x0, 0x42fffffe) 799.645871ms ago: executing program 2 (id=3789): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r2, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='ex+\x88\xfe\xf7\x01') 799.11866ms ago: executing program 0 (id=3790): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000008000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000a1ffffff850000000600000095"], &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000"], 0xb0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',posixacl']) 701.72253ms ago: executing program 3 (id=3791): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_int(r2, 0x0, 0x22, &(0x7f00000002c0), 0x4) 701.05128ms ago: executing program 4 (id=3792): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r2, 0x891a, &(0x7f0000000080)={'veth0\x00', {0x2, 0x4e20, @rand_addr=0x64010101}}) 609.289569ms ago: executing program 2 (id=3793): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, 0x0, 0x0) 600.84959ms ago: executing program 3 (id=3794): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) listen(r2, 0x3) 561.060354ms ago: executing program 2 (id=3795): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x149830, 0xffffffffffffffff, 0x0) 535.473567ms ago: executing program 4 (id=3796): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0xa13ca8e5839881a2, 0xc}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 477.267252ms ago: executing program 0 (id=3797): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) add_key$fscrypt_provisioning(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)={0x1, 0x0, @a}, 0x48, 0xfffffffffffffffe) 476.188063ms ago: executing program 3 (id=3798): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000200), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") 427.731148ms ago: executing program 4 (id=3799): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) personality(0xbe4e602dc9e6c1d3) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) 342.856956ms ago: executing program 2 (id=3800): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2800000011143dcf0000000000000000080001000000000008004b0028"], 0x28}, 0x1, 0x0, 0x0, 0x41}, 0x0) 321.204838ms ago: executing program 0 (id=3801): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r1}, 0x66) r2 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r2, &(0x7f0000000440), 0x10) listen(r2, 0x0) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) write(r3, &(0x7f00000004c0)="d259bc8b870f", 0x6) 315.509738ms ago: executing program 4 (id=3802): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd000000000000000800034000010000050001"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 164.249794ms ago: executing program 4 (id=3803): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x4]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x100080, 0x0) ioctl$TIOCSSOFTCAR(r2, 0x5453, 0x0) 162.891103ms ago: executing program 0 (id=3804): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x5, 0x0, &(0x7f0000000080)=[@release={0x40046306, 0x2}], 0x0, 0x0, 0x0}) 74.331542ms ago: executing program 3 (id=3805): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) fsync(0xffffffffffffffff) 0s ago: executing program 2 (id=3806): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket(0x28, 0x5, 0x28) kernel console output (not intermixed with test programs): SSID 50:50:50:50:50:50 [ 58.846411][ T4289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.856897][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 58.865133][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.878378][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.887572][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.896229][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.917267][ T4182] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.926588][ T4182] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.936496][ T4182] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.953662][ T4182] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.992529][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.016589][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.049182][ T4289] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 59.114482][ T4289] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.149537][ T4289] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.189943][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 59.212008][ T4289] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.212570][ T1231] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.220017][ T4289] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.260807][ T1231] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.293016][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 59.313666][ T4289] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.321011][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 59.371719][ T4289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.401577][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 59.476647][ T4315] loop4: detected capacity change from 0 to 128 [ 59.756324][ T4315] EXT4-fs (loop4): Test dummy encryption mode enabled [ 59.869188][ T4315] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 59.883808][ T4348] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 59.909780][ T4315] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 60.133783][ T4361] overlayfs: overlapping lowerdir path [ 60.312998][ T4294] Bluetooth: hci3: command 0x0419 tx timeout [ 60.321409][ T4294] Bluetooth: hci2: command 0x0419 tx timeout [ 60.358012][ T4294] Bluetooth: hci1: command 0x0419 tx timeout [ 60.376891][ T4294] Bluetooth: hci0: command 0x0419 tx timeout [ 60.408317][ T4293] Bluetooth: hci4: command 0x0419 tx timeout [ 60.601861][ T4393] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 61.028669][ T4424] netlink: 12 bytes leftover after parsing attributes in process `syz.1.55'. [ 61.171092][ T4436] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 61.559438][ T4461] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 61.835660][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 61.862169][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #20a!!! [ 62.139591][ T4482] netlink: 4 bytes leftover after parsing attributes in process `syz.3.82'. [ 62.470791][ T4482] team0 (unregistering): Port device team_slave_0 removed [ 62.577108][ T4482] team0 (unregistering): Port device team_slave_1 removed [ 63.001612][ T4504] netlink: 16 bytes leftover after parsing attributes in process `syz.3.91'. [ 63.037524][ T4505] 9pnet: p9_fd_create_tcp (4505): problem connecting socket to 127.0.0.1 [ 63.051930][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #142!!! [ 63.211443][ T4509] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard [ 63.252823][ T4509] exFAT-fs (nullb0): invalid boot record signature [ 63.280539][ T4509] exFAT-fs (nullb0): failed to read boot sector [ 63.320007][ T4509] exFAT-fs (nullb0): failed to recognize exfat type [ 63.399917][ T4484] loop4: detected capacity change from 0 to 32768 [ 64.887665][ T26] audit: type=1326 audit(1763512433.343:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4596 comm="syz.0.133" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x0 [ 65.176773][ T4606] netlink: 'syz.1.136': attribute type 12 has an invalid length. [ 65.310235][ T4612] netlink: 12 bytes leftover after parsing attributes in process `syz.4.139'. [ 65.581697][ T4586] loop2: detected capacity change from 0 to 32768 [ 65.767762][ T4586] XFS (loop2): Mounting V5 Filesystem [ 65.913384][ T4586] XFS (loop2): Ending clean mount [ 65.980783][ T4586] XFS (loop2): Quotacheck needed: Please wait. [ 66.143837][ T4586] XFS (loop2): Quotacheck: Done. [ 66.191567][ T4615] loop3: detected capacity change from 0 to 32768 [ 66.336961][ T4615] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.141 (4615) [ 66.449877][ T4182] XFS (loop2): Unmounting Filesystem [ 66.487267][ T4615] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 66.531087][ T4615] BTRFS info (device loop3): enabling auto defrag [ 66.556722][ T4615] BTRFS info (device loop3): use no compression [ 66.597983][ T4615] BTRFS info (device loop3): force clearing of disk cache [ 66.617094][ T4615] BTRFS info (device loop3): max_inline at 4096 [ 66.633768][ T4615] BTRFS info (device loop3): disabling free space tree [ 66.681820][ T4615] BTRFS info (device loop3): has skinny extents [ 67.011217][ T4653] loop0: detected capacity change from 0 to 40427 [ 67.066050][ T4252] libceph: connect (1)[c::]:6789 error -101 [ 67.077962][ T4615] BTRFS info (device loop3): enabling ssd optimizations [ 67.081222][ T4252] libceph: mon0 (1)[c::]:6789 connect error [ 67.098603][ T4653] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x35f7 [ 67.151160][ T4692] ceph: No mds server is up or the cluster is laggy [ 67.172184][ T4653] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1ffff [ 67.198092][ T4615] BTRFS info (device loop3): clearing free space tree [ 67.218128][ T4653] F2FS-fs (loop0): invalid crc value [ 67.272546][ T4615] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 67.294414][ T4615] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 67.329664][ T4653] F2FS-fs (loop0): Found nat_bits in checkpoint [ 67.403773][ T4252] libceph: connect (1)[c::]:6789 error -101 [ 67.409765][ T4252] libceph: mon0 (1)[c::]:6789 connect error [ 67.568654][ T4653] F2FS-fs (loop0): Start checkpoint disabled! [ 67.676146][ T4653] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 67.856802][ T4653] F2FS-fs (loop0) : inject checkpoint error in f2fs_balance_fs of __f2fs_tmpfile+0x2d2/0x300 [ 68.444729][ T4731] x_tables: unsorted entry at hook 2 [ 69.577458][ T4762] x_tables: duplicate underflow at hook 1 [ 70.143529][ T4788] 9pnet: Insufficient options for proto=fd [ 70.223026][ T4792] netlink: 104 bytes leftover after parsing attributes in process `syz.2.201'. [ 70.395966][ T4804] netlink: 'syz.3.205': attribute type 4 has an invalid length. [ 70.425656][ T4804] netlink: 3581 bytes leftover after parsing attributes in process `syz.3.205'. [ 70.456579][ T4810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.208'. [ 70.525361][ T4810] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 70.827917][ T4835] netlink: 8 bytes leftover after parsing attributes in process `syz.3.218'. [ 70.898152][ T4842] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.221'. [ 70.940039][ T4842] netlink: 20 bytes leftover after parsing attributes in process `syz.2.221'. [ 71.107804][ T4850] netlink: 12 bytes leftover after parsing attributes in process `syz.1.225'. [ 71.110798][ T4852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.226'. [ 71.197534][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.204605][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.752615][ T4892] netlink: 12 bytes leftover after parsing attributes in process `syz.2.246'. [ 72.950070][ T4969] netlink: 92 bytes leftover after parsing attributes in process `syz.3.282'. [ 73.022097][ T4784] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 73.149277][ T26] audit: type=1326 audit(1763512441.603:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.237081][ T26] audit: type=1326 audit(1763512441.643:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.311047][ T26] audit: type=1326 audit(1763512441.643:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.428069][ T26] audit: type=1326 audit(1763512441.673:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.512117][ T26] audit: type=1326 audit(1763512441.673:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.542207][ T4784] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 73.569300][ T4784] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.587991][ T26] audit: type=1326 audit(1763512441.673:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.602938][ T4784] usb 3-1: Product: syz [ 73.649692][ T4784] usb 3-1: Manufacturer: syz [ 73.659782][ T4784] usb 3-1: SerialNumber: syz [ 73.671840][ T26] audit: type=1326 audit(1763512441.673:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.695290][ T4784] usb 3-1: config 0 descriptor?? [ 73.769232][ T26] audit: type=1326 audit(1763512441.673:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.872780][ T26] audit: type=1326 audit(1763512441.673:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.961967][ T26] audit: type=1326 audit(1763512441.673:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4978 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 73.992164][ T4784] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 74.080086][ T5018] x_tables: duplicate underflow at hook 2 [ 75.330249][ T5077] 8021q: VLANs not supported on xfrm0 [ 75.600254][ T5091] __nla_validate_parse: 1 callbacks suppressed [ 75.600270][ T5091] netlink: 12 bytes leftover after parsing attributes in process `syz.4.342'. [ 75.792313][ T4784] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71 [ 75.847067][ T4784] usb 3-1: USB disconnect, device number 2 [ 75.849925][ T5105] netlink: 8 bytes leftover after parsing attributes in process `syz.3.350'. [ 76.018892][ T5113] netlink: 8 bytes leftover after parsing attributes in process `syz.1.353'. [ 76.329438][ T1335] cfg80211: failed to load regulatory.db [ 76.529783][ T5145] netlink: 20 bytes leftover after parsing attributes in process `syz.2.369'. [ 76.819627][ T5162] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 76.975808][ T5162] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 77.004614][ T5162] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 77.023814][ T5162] device bridge_slave_0 left promiscuous mode [ 77.041976][ T5162] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.075887][ T5162] device bridge_slave_1 left promiscuous mode [ 77.083454][ T5162] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.103733][ T5162] bond0: (slave bond_slave_0): Releasing backup interface [ 77.128770][ T5162] bond0: (slave bond_slave_1): Releasing backup interface [ 77.173108][ T5162] team0: Port device team_slave_0 removed [ 77.197683][ T5162] team0: Port device team_slave_1 removed [ 77.204894][ T5162] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.214671][ T5162] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 77.228453][ T5162] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.239634][ T5162] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 77.481061][ T5185] netlink: 4 bytes leftover after parsing attributes in process `syz.3.387'. [ 77.547523][ T5187] netlink: 20 bytes leftover after parsing attributes in process `syz.4.389'. [ 77.654974][ T5193] netlink: 'syz.4.392': attribute type 1 has an invalid length. [ 77.729708][ T5199] device macvlan2 entered promiscuous mode [ 77.816313][ T5199] device bond1 entered promiscuous mode [ 77.828025][ T5199] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 77.854834][ T5199] device bond1 left promiscuous mode [ 78.898607][ T5233] netlink: 'syz.0.409': attribute type 12 has an invalid length. [ 79.175405][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #48!!! [ 79.281027][ T5250] ptrace attach of "./syz-executor exec"[5251] was attempted by "./syz-executor exec"[5250] [ 79.333636][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 79.436190][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 79.743391][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 80.312799][ T26] kauditd_printk_skb: 25 callbacks suppressed [ 80.312813][ T26] audit: type=1326 audit(1763512448.773:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5275 comm="syz.1.426" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x0 [ 80.940445][ T5316] netlink: 8 bytes leftover after parsing attributes in process `syz.0.444'. [ 80.959601][ T5316] netlink: 32 bytes leftover after parsing attributes in process `syz.0.444'. [ 81.094915][ T26] audit: type=1326 audit(1763512449.553:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.1.448" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x0 [ 81.342059][ T5340] netlink: 'syz.4.455': attribute type 6 has an invalid length. [ 81.374151][ T5340] IPv6: NLM_F_CREATE should be specified when creating new route [ 82.100351][ T5380] veth0_to_team: mtu greater than device maximum [ 82.613526][ T5407] loop2: detected capacity change from 0 to 512 [ 82.680792][ T5411] loop3: detected capacity change from 0 to 2048 [ 82.686318][ T5407] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 82.893730][ T5411] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable=0x0000000000000001,errors=remount-ro,dioread_lock,barrier,bsdgroups,inode_readahead_blks=0x0000000000002000,. Quota mode: none. [ 82.962165][ T5411] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.977222][ T5407] EXT4-fs (loop2): 1 orphan inode deleted [ 82.986066][ T5407] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 82.998619][ T5407] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.062153][ T5411] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.484: bg 0: block 345: padding at end of block bitmap is not set [ 83.128175][ T5411] EXT4-fs (loop3): Remounting filesystem read-only [ 83.176161][ T5434] 9pnet: Insufficient options for proto=fd [ 83.450639][ T26] audit: type=1326 audit(1763512451.903:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.0.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x7ff00000 [ 83.547029][ T26] audit: type=1326 audit(1763512451.903:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.0.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x7ff00000 [ 83.642096][ T4253] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 83.651663][ T26] audit: type=1326 audit(1763512451.903:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.0.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x7ff00000 [ 83.749702][ T26] audit: type=1326 audit(1763512451.903:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.0.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x7ff00000 [ 83.862012][ T26] audit: type=1326 audit(1763512451.903:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.0.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x7ff00000 [ 83.902682][ T5467] veth0_to_team: mtu greater than device maximum [ 83.943944][ T26] audit: type=1326 audit(1763512451.903:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.0.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x7ff00000 [ 84.012029][ T26] audit: type=1326 audit(1763512451.913:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.0.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x7ff00000 [ 84.012222][ T4253] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 84.078180][ T5477] netlink: 68 bytes leftover after parsing attributes in process `syz.3.509'. [ 84.122298][ T26] audit: type=1326 audit(1763512451.923:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.0.499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x7ff00000 [ 84.132301][ T4253] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 84.210816][ T4253] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 84.253824][ T5484] loop3: detected capacity change from 0 to 512 [ 84.261007][ T4253] usb 2-1: config 220 has no interface number 2 [ 84.280290][ T5487] netlink: 76 bytes leftover after parsing attributes in process `syz.0.516'. [ 84.283419][ T4253] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 84.307866][ T5489] overlayfs: conflicting options: userxattr,redirect_dir=follow [ 84.308727][ T4253] usb 2-1: config 220 interface 0 has no altsetting 0 [ 84.328119][ T4253] usb 2-1: config 220 interface 76 has no altsetting 0 [ 84.365166][ T4253] usb 2-1: config 220 interface 1 has no altsetting 0 [ 84.409793][ T5484] EXT4-fs (loop3): 1 orphan inode deleted [ 84.439842][ T5484] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 84.530376][ T5484] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.582401][ T4253] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 84.600986][ T4253] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.633583][ T5505] veth0_to_team: mtu greater than device maximum [ 84.649944][ T4253] usb 2-1: Product: syz [ 84.667015][ T4253] usb 2-1: Manufacturer: syz [ 84.696764][ T4253] usb 2-1: SerialNumber: syz [ 84.846731][ T5514] kAFS: No cell specified [ 85.004322][ T5520] loop2: detected capacity change from 0 to 2048 [ 85.083383][ T4253] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 85.106276][ T4253] usb 2-1: No valid video chain found. [ 85.131113][ T5520] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000001,errors=remount-ro,dioread_lock,barrier,bsdgroups,inode_readahead_blks=0x0000000000002000,. Quota mode: none. [ 85.139516][ T4253] usb 2-1: selecting invalid altsetting 0 [ 85.162226][ T5520] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.307209][ T5520] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.531: bg 0: block 345: padding at end of block bitmap is not set [ 85.338061][ T5520] EXT4-fs (loop2): Remounting filesystem read-only [ 85.402128][ T4253] usb 2-1: selecting invalid altsetting 0 [ 85.411252][ T4253] usbtest: probe of 2-1:220.1 failed with error -22 [ 85.450435][ T4253] usb 2-1: USB disconnect, device number 2 [ 85.467371][ T5546] loop4: detected capacity change from 0 to 512 [ 85.654627][ T5557] overlayfs: conflicting options: userxattr,redirect_dir=follow [ 85.723299][ T5546] EXT4-fs (loop4): 1 orphan inode deleted [ 85.729112][ T5546] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 85.790766][ T5546] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.999278][ T5578] binder: 5577:5578 ioctl c0306201 200000000280 returned -14 [ 86.227241][ T5591] overlayfs: conflicting options: userxattr,redirect_dir=follow [ 86.268300][ T5593] netlink: 32 bytes leftover after parsing attributes in process `syz.1.562'. [ 86.322735][ T4255] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 86.529764][ T5611] loop1: detected capacity change from 0 to 512 [ 86.645149][ T5611] EXT4-fs (loop1): 1 orphan inode deleted [ 86.678203][ T5611] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 86.712296][ T4255] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 86.725293][ T4255] usb 4-1: config 0 has no interface number 0 [ 86.740462][ T4255] usb 4-1: config 0 interface 251 altsetting 8 has an invalid endpoint with address 0x80, skipping [ 86.749689][ T5611] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.771703][ T4255] usb 4-1: config 0 interface 251 has no altsetting 0 [ 86.887794][ T5623] netlink: 20 bytes leftover after parsing attributes in process `syz.2.576'. [ 86.962217][ T4255] usb 4-1: New USB device found, idVendor=1b3d, idProduct=4701, bcdDevice=53.f1 [ 86.981406][ T4255] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.010762][ T4255] usb 4-1: Product: syz [ 87.015927][ T4255] usb 4-1: Manufacturer: syz [ 87.020723][ T4255] usb 4-1: SerialNumber: syz [ 87.088769][ T4255] usb 4-1: config 0 descriptor?? [ 87.186860][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 87.222004][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!! [ 87.516865][ T4255] ftdi_sio 4-1:0.251: FTDI USB Serial Device converter detected [ 87.628315][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 87.740781][ T4255] usb 4-1: Detected FT-X [ 87.792242][ T4255] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 87.833240][ T4783] Bluetooth: hci3: command 0x0401 tx timeout [ 87.842727][ T4255] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 87.882918][ T4255] ftdi_sio 4-1:0.251: GPIO initialisation failed: -71 [ 87.975068][ T5652] ptrace attach of "./syz-executor exec"[5653] was attempted by "./syz-executor exec"[5652] [ 88.836002][ T5656] kAFS: No cell specified [ 88.839464][ T4255] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 88.860627][ T26] kauditd_printk_skb: 65 callbacks suppressed [ 88.860642][ T26] audit: type=1326 audit(1763512457.313:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5648 comm="syz.0.586" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x0 [ 88.992098][ T4255] usb 4-1: USB disconnect, device number 2 [ 89.043477][ T4255] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 89.084932][ T4255] ftdi_sio 4-1:0.251: device disconnected [ 89.124979][ T5669] netlink: 8 bytes leftover after parsing attributes in process `syz.4.593'. [ 89.173201][ T5669] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 89.239881][ T5664] Zero length message leads to an empty skb [ 89.290029][ T5684] netlink: 32 bytes leftover after parsing attributes in process `syz.0.600'. [ 89.503243][ T5694] ptrace attach of "./syz-executor exec"[5695] was attempted by "./syz-executor exec"[5694] [ 90.567613][ T5721] netlink: 104 bytes leftover after parsing attributes in process `syz.2.616'. [ 90.713761][ T5729] netlink: 5 bytes leftover after parsing attributes in process `syz.2.618'. [ 90.843644][ T5735] netlink: 'syz.3.621': attribute type 29 has an invalid length. [ 92.703654][ T5788] input: syz1 as /devices/virtual/input/input8 [ 93.303202][ T5813] netlink: 'syz.0.656': attribute type 12 has an invalid length. [ 94.991006][ T5912] loop0: detected capacity change from 0 to 512 [ 95.119433][ T5914] bridge0: port 3(bond0) entered blocking state [ 95.132153][ T5914] bridge0: port 3(bond0) entered disabled state [ 95.147837][ T5914] device bond0 entered promiscuous mode [ 95.189366][ T5912] EXT4-fs (loop0): mounted filesystem without journal. Opts: stripe=0x0000000000000001,nolazytime,delalloc,i_version,lazytime,nodiscard,grpjquota=,block_validity,errors=remount-ro,. Quota mode: writeback. [ 95.190040][ T5914] device bond_slave_0 entered promiscuous mode [ 95.226000][ T5914] device bond_slave_1 entered promiscuous mode [ 95.233307][ T5914] bridge0: port 3(bond0) entered blocking state [ 95.239675][ T5914] bridge0: port 3(bond0) entered forwarding state [ 95.262211][ T5912] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.375042][ T5912] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.701: corrupted inode contents [ 95.428013][ T5912] EXT4-fs (loop0): Remounting filesystem read-only [ 95.462098][ T5912] EXT4-fs error (device loop0): ext4_dirty_inode:6054: inode #2: comm syz.0.701: mark_inode_dirty error [ 95.500609][ T5912] EXT4-fs (loop0): Remounting filesystem read-only [ 95.599468][ T5912] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.701: corrupted inode contents [ 95.647509][ T5912] EXT4-fs (loop0): Remounting filesystem read-only [ 95.671835][ T5912] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz.0.701: mark_inode_dirty error [ 95.697791][ T5912] EXT4-fs (loop0): Remounting filesystem read-only [ 95.738362][ T5931] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.701: corrupted inode contents [ 95.765700][ T5931] EXT4-fs (loop0): Remounting filesystem read-only [ 95.772662][ T5931] EXT4-fs error (device loop0): ext4_dirty_inode:6054: inode #2: comm syz.0.701: mark_inode_dirty error [ 95.784907][ T26] audit: type=1326 audit(1763512464.243:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5944 comm="syz.2.715" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd4818ec6c9 code=0x0 [ 95.803283][ T5931] EXT4-fs (loop0): Remounting filesystem read-only [ 95.842799][ T5931] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.701: corrupted inode contents [ 95.858036][ T5931] EXT4-fs (loop0): Remounting filesystem read-only [ 95.872878][ T5937] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.701: corrupted inode contents [ 95.927720][ T5937] EXT4-fs (loop0): Remounting filesystem read-only [ 95.940346][ T5937] EXT4-fs error (device loop0): ext4_append:88: inode #2: comm syz.0.701: mark_inode_dirty error [ 95.985367][ T5937] EXT4-fs (loop0): Remounting filesystem read-only [ 95.997573][ T5937] EXT4-fs error (device loop0) in ext4_append:100: Corrupt filesystem [ 96.000812][ T5954] netlink: 24 bytes leftover after parsing attributes in process `syz.4.719'. [ 96.009576][ T5937] EXT4-fs (loop0): Remounting filesystem read-only [ 96.234549][ T5962] netlink: 964 bytes leftover after parsing attributes in process `syz.0.721'. [ 96.359976][ T5968] netlink: 12 bytes leftover after parsing attributes in process `syz.4.726'. [ 96.631432][ T4783] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 96.684760][ T4783] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 96.891616][ T5987] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 96.914239][ T5987] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 96.948011][ T26] audit: type=1326 audit(1763512465.403:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 96.998163][ T5987] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 97.022264][ T26] audit: type=1326 audit(1763512465.433:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 97.063811][ T5987] device bridge_slave_0 left promiscuous mode [ 97.102718][ T26] audit: type=1326 audit(1763512465.433:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 97.125682][ T5987] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.153276][ T5987] device bridge_slave_1 left promiscuous mode [ 97.162786][ T26] audit: type=1326 audit(1763512465.433:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 97.191854][ T5987] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.219940][ T5987] bond0: (slave bond_slave_0): Releasing backup interface [ 97.234283][ T26] audit: type=1326 audit(1763512465.433:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 97.277429][ T5987] bond0: (slave bond_slave_1): Releasing backup interface [ 97.309391][ T26] audit: type=1326 audit(1763512465.433:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 97.368601][ T26] audit: type=1326 audit(1763512465.433:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 97.400518][ T5987] team0: Port device team_slave_0 removed [ 97.431232][ T5987] team0: Port device team_slave_1 removed [ 97.437768][ T26] audit: type=1326 audit(1763512465.433:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 97.461754][ T5987] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.474685][ T5987] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.484626][ T26] audit: type=1326 audit(1763512465.433:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.2.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x50000 [ 97.526012][ T5987] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.539929][ T5987] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.557051][ T5987] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 97.575539][ T6000] netlink: 12 bytes leftover after parsing attributes in process `syz.3.740'. [ 99.189011][ T6028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.754'. [ 99.363728][ T6038] sch_fq: defrate 53322 ignored. [ 99.845744][ T6068] input: syz1 as /devices/virtual/input/input9 [ 101.080972][ T6136] netlink: 44 bytes leftover after parsing attributes in process `syz.2.807'. [ 101.120627][ T6136] netlink: 51 bytes leftover after parsing attributes in process `syz.2.807'. [ 101.135372][ T6140] loop2: detected capacity change from 0 to 7 [ 101.155854][ T6136] netlink: 'syz.2.807': attribute type 4 has an invalid length. [ 101.215557][ T6140] Dev loop2: unable to read RDB block 7 [ 101.230120][ T6140] loop2: unable to read partition table [ 101.242132][ T6140] loop2: partition table beyond EOD, truncated [ 101.269078][ T6140] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 101.308243][ T3561] Dev loop2: unable to read RDB block 7 [ 101.319857][ T3561] loop2: unable to read partition table [ 101.361696][ T3561] loop2: partition table beyond EOD, truncated [ 101.557527][ T6162] 8021q: VLANs not supported on lo [ 101.711516][ T6171] input: syz1 as /devices/virtual/input/input10 [ 101.722713][ T6165] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 101.775142][ T6165] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 101.801646][ T6165] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 101.849597][ T6165] device bridge_slave_0 left promiscuous mode [ 101.871666][ T6165] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.088652][ T6165] device bridge_slave_1 left promiscuous mode [ 102.100132][ T6165] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.121056][ T6165] bond0: (slave bond_slave_0): Releasing backup interface [ 102.170821][ T6165] bond0: (slave bond_slave_1): Releasing backup interface [ 102.228574][ T6165] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.262015][ T6165] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 102.312707][ T6165] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.341194][ T6165] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.794336][ T6216] loop1: detected capacity change from 0 to 1024 [ 103.893475][ T6216] hfsplus: invalid btree flag [ 103.898806][ T6216] hfsplus: failed to load attributes file [ 103.949115][ T13] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 104.161346][ T6230] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 104.170730][ T6230] device bond0 left promiscuous mode [ 104.177646][ T6230] device bond_slave_0 left promiscuous mode [ 104.185380][ T6230] device bond_slave_1 left promiscuous mode [ 104.191625][ T6230] bridge0: port 3(bond0) entered disabled state [ 104.264585][ T6230] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 104.296192][ T6230] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 104.323720][ T6230] device bridge_slave_0 left promiscuous mode [ 104.329981][ T6230] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.350412][ T6230] device bridge_slave_1 left promiscuous mode [ 104.361346][ T6230] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.372141][ T13] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 104.395864][ T6230] bond0: (slave bond_slave_0): Releasing backup interface [ 104.398421][ T13] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 104.442439][ T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.461247][ T6230] bond0: (slave bond_slave_1): Releasing backup interface [ 104.474765][ T13] usb 4-1: config 0 descriptor?? [ 104.517315][ T13] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 104.581419][ T6230] team0: Port device team_slave_0 removed [ 104.619647][ T6230] team0: Port device team_slave_1 removed [ 104.635230][ T6230] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.647506][ T6230] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.668468][ T6230] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.689738][ T6230] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.718577][ T13] usb 4-1: USB disconnect, device number 3 [ 104.736565][ T6230] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 105.127905][ T6246] loop1: detected capacity change from 0 to 40427 [ 105.172949][ T6246] ======================================================= [ 105.172949][ T6246] WARNING: The mand mount option has been deprecated and [ 105.172949][ T6246] and is ignored by this kernel. Remove the mand [ 105.172949][ T6246] option from the mount to silence this warning. [ 105.172949][ T6246] ======================================================= [ 105.255684][ T6246] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 105.270520][ T6246] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 105.327095][ T6269] loop2: detected capacity change from 0 to 2048 [ 105.330269][ T6246] F2FS-fs (loop1): invalid crc value [ 105.404736][ T4593] Alternate GPT is invalid, using primary GPT. [ 105.433106][ T6246] F2FS-fs (loop1): Found nat_bits in checkpoint [ 105.464228][ T4593] loop2: p1 p2 p3 [ 105.576818][ T6280] loop0: detected capacity change from 0 to 128 [ 105.599210][ T6269] Alternate GPT is invalid, using primary GPT. [ 105.622092][ T6269] loop2: p1 p2 p3 [ 105.636209][ T6246] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 105.661078][ T6246] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 106.047481][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 106.075563][ T4346] udevd[4346]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 106.123776][ T4593] udevd[4593]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 106.197227][ T4346] udevd[4346]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 106.207994][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 106.210084][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 106.356711][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 106.375674][ T4346] udevd[4346]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 106.376838][ T4593] udevd[4593]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 107.314826][ T6349] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 107.352347][ T6349] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 107.481482][ T6369] syz.1.908 uses obsolete (PF_INET,SOCK_PACKET) [ 107.584260][ T6372] loop0: detected capacity change from 0 to 2048 [ 107.709473][ T6372] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 107.741943][ T6372] UDF-fs: Scanning with blocksize 512 failed [ 107.786275][ T6372] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 108.735011][ T6428] netlink: 12 bytes leftover after parsing attributes in process `syz.0.937'. [ 108.751233][ T6429] netlink: 4 bytes leftover after parsing attributes in process `syz.3.936'. [ 108.808079][ T6429] netlink: 12 bytes leftover after parsing attributes in process `syz.3.936'. [ 108.960488][ T6433] netlink: 156 bytes leftover after parsing attributes in process `syz.3.936'. [ 109.289897][ T6451] netlink: 20 bytes leftover after parsing attributes in process `syz.1.947'. [ 109.319859][ T6451] netlink: 20 bytes leftover after parsing attributes in process `syz.1.947'. [ 109.431275][ T6457] veth0_virt_wifi: mtu less than device minimum [ 109.491446][ T6459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.951'. [ 109.552381][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.951'. [ 109.590608][ T6461] mmap: syz.3.952 (6461) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 109.948432][ T6475] x_tables: unsorted underflow at hook 2 [ 110.171585][ T6441] loop0: detected capacity change from 0 to 40427 [ 110.210619][ T6489] netlink: 'syz.1.966': attribute type 29 has an invalid length. [ 110.237452][ T6441] F2FS-fs (loop0): invalid crc value [ 110.283418][ T6441] F2FS-fs (loop0): Found nat_bits in checkpoint [ 110.421230][ T6455] loop4: detected capacity change from 0 to 32768 [ 110.480680][ T6441] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 110.628239][ T6455] XFS (loop4): Mounting V5 Filesystem [ 110.701327][ T6455] XFS (loop4): Ending clean mount [ 110.756913][ T6455] XFS (loop4): Quotacheck needed: Please wait. [ 110.802958][ T1335] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 110.855239][ T6455] XFS (loop4): Quotacheck: Done. [ 110.951711][ T4184] attempt to access beyond end of device [ 110.951711][ T4184] loop0: rw=2049, want=45104, limit=40427 [ 111.212066][ T1335] usb 4-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config [ 111.237306][ T1335] usb 4-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 111.238008][ T4183] XFS (loop4): Unmounting Filesystem [ 111.269301][ T1335] usb 4-1: config 253 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 111.392166][ T1335] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 111.408122][ T1335] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 111.416611][ T1335] usb 4-1: SerialNumber: syz [ 111.541455][ T6540] netlink: 92 bytes leftover after parsing attributes in process `syz.0.985'. [ 111.720892][ T1335] rndis_wlan: probe of 4-1:253.0 failed with error -22 [ 111.744318][ T1335] rndis_host: probe of 4-1:253.0 failed with error -22 [ 111.783009][ T1335] usb 4-1: USB disconnect, device number 4 [ 111.787550][ T6556] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 111.991380][ T6566] loop1: detected capacity change from 0 to 1024 [ 112.063847][ T6566] EXT4-fs (loop1): Ignoring removed nobh option [ 112.070146][ T6566] EXT4-fs (loop1): Ignoring removed bh option [ 112.127401][ T6566] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 112.260617][ T6566] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,data_err=abort,barrier=0x0000000000000001,dioread_nolock,grpjquota=,quota,data_err=ignore,grpquota,nobh,user_xattr,bh,minixdf,,errors=continue. Quota mode: writeback. [ 112.521056][ T6601] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 112.956971][ T6638] netlink: 'syz.3.1028': attribute type 10 has an invalid length. [ 113.103443][ T6638] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1028'. [ 113.193448][ T6653] loop1: detected capacity change from 0 to 512 [ 113.280130][ T6653] EXT4-fs (loop1): Ignoring removed bh option [ 113.302294][ T6661] mip6: mip6_rthdr_init_state: spi is not 0: 3557031936 [ 113.383796][ T6653] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,usrquota,bh,,errors=continue. Quota mode: writeback. [ 113.445182][ T6653] ext4 filesystem being mounted at /205/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 113.721677][ T6691] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 113.856363][ T6701] overlayfs: missing 'lowerdir' [ 114.060101][ T6717] fuseblk: Bad value for 'user_id' [ 114.093773][ T6711] tc_dump_action: action bad kind [ 114.373838][ T6740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1076'. [ 114.423963][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 114.499928][ T6744] device ip6tnl1 entered promiscuous mode [ 115.439974][ T6797] netlink: 'syz.4.1098': attribute type 7 has an invalid length. [ 115.444594][ T6779] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 115.513663][ T6779] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 115.780252][ T6816] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1108'. [ 115.887572][ T6822] x_tables: duplicate entry at hook 2 [ 115.960110][ T6830] loop4: detected capacity change from 0 to 512 [ 116.060468][ T6830] EXT4-fs (loop4): orphan cleanup on readonly fs [ 116.112677][ T6830] __quota_error: 24 callbacks suppressed [ 116.112691][ T6830] Quota error (device loop4): v2_read_file_info: Number of blocks too big for quota file size (2048 > 1024). [ 116.222324][ T6830] EXT4-fs warning (device loop4): ext4_enable_quotas:6461: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 116.266901][ T6830] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 116.349781][ T6830] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1115: bg 0: block 67: padding at end of block bitmap is not set [ 116.389170][ T6847] netlink: 'syz.1.1121': attribute type 15 has an invalid length. [ 116.432135][ T6847] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1121'. [ 116.452089][ T6830] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 116.501240][ T6830] EXT4-fs (loop4): 1 truncate cleaned up [ 116.553171][ T6830] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 116.882322][ T6874] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1135'. [ 117.404158][ T6905] netlink: 'syz.2.1150': attribute type 4 has an invalid length. [ 117.452048][ T6905] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1150'. [ 117.506734][ T6911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1153'. [ 117.676412][ T6920] overlayfs: missing 'lowerdir' [ 118.188981][ T6944] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1168'. [ 118.304236][ T6949] capability: warning: `syz.3.1171' uses 32-bit capabilities (legacy support in use) [ 119.441757][ T6981] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1186'. [ 119.825669][ T26] audit: type=1326 audit(1763512488.283:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7002 comm="syz.2.1198" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd4818ec6c9 code=0x0 [ 120.171359][ T7022] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1206'. [ 120.218101][ T7027] device sit0 entered promiscuous mode [ 120.263369][ T7027] netlink: 'syz.1.1210': attribute type 1 has an invalid length. [ 120.295372][ T7031] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1212'. [ 120.341137][ T7027] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1210'. [ 120.414196][ T7027] syz.1.1210 (7027) used greatest stack depth: 21184 bytes left [ 120.503592][ T7034] XFS (nullb0): Invalid superblock magic number [ 120.710483][ T26] audit: type=1326 audit(1763512489.163:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.3.1217" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ea209b6c9 code=0x0 [ 120.732684][ T7051] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 120.884045][ T7059] loop3: detected capacity change from 0 to 512 [ 120.970767][ T7059] EXT4-fs (loop3): Ignoring removed bh option [ 120.997434][ T7063] netlink: 'syz.1.1224': attribute type 4 has an invalid length. [ 121.035972][ T7063] netlink: 'syz.1.1224': attribute type 21 has an invalid length. [ 121.045358][ T7063] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.1224'. [ 121.084520][ T7059] EXT4-fs (loop3): mounted filesystem without journal. Opts: i_version,usrquota,bh,,errors=continue. Quota mode: writeback. [ 121.105019][ T7059] ext4 filesystem being mounted at /244/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 121.290971][ T7081] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1231'. [ 121.341738][ T7079] loop2: detected capacity change from 0 to 256 [ 121.469479][ T7079] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 121.533376][ T7096] overlayfs: overlapping lowerdir path [ 121.796420][ T7108] netlink: 'syz.4.1244': attribute type 1 has an invalid length. [ 121.830343][ T7108] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1244'. [ 122.082201][ T4253] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 122.169476][ T7124] loop3: detected capacity change from 0 to 2048 [ 122.237539][ T7124] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 122.247337][ T7128] IPv6: NLM_F_CREATE should be specified when creating new route [ 122.265777][ T7124] UDF-fs: Scanning with blocksize 512 failed [ 122.295166][ T7124] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 122.482077][ T4253] usb 1-1: unable to get BOS descriptor or descriptor too short [ 122.527899][ T4253] usb 1-1: not running at top speed; connect to a high speed hub [ 122.640549][ T7141] loop4: detected capacity change from 0 to 2048 [ 122.642280][ T4253] usb 1-1: config 1 has an invalid descriptor of length 72, skipping remainder of the config [ 122.683510][ T4253] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 122.701382][ T7143] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1258'. [ 122.716872][ T4253] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 122.737474][ T4176] Alternate GPT is invalid, using primary GPT. [ 122.752503][ T4176] loop4: p1 p2 p3 [ 122.781857][ T7141] Alternate GPT is invalid, using primary GPT. [ 122.795478][ T7141] loop4: p1 p2 p3 [ 122.854009][ T3561] Alternate GPT is invalid, using primary GPT. [ 122.860821][ T3561] loop4: p1 p2 p3 [ 122.922380][ T4253] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 122.931487][ T4253] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.972198][ T4253] usb 1-1: Product: syz [ 122.976492][ T4253] usb 1-1: Manufacturer: syz [ 122.981111][ T4253] usb 1-1: SerialNumber: syz [ 123.047760][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 123.059207][ T7110] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 123.070726][ T4593] udevd[4593]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 123.084797][ T4346] udevd[4346]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 123.197948][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 123.223880][ T4346] udevd[4346]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 123.235126][ T4593] udevd[4593]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 123.329105][ T7171] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1274'. [ 123.366622][ T4593] udevd[4593]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 123.366703][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 123.384488][ T7171] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 123.396292][ T4346] udevd[4346]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 123.422296][ T4253] usb 1-1: 0:2 : does not exist [ 123.469162][ T7171] netlink: 236 bytes leftover after parsing attributes in process `syz.4.1274'. [ 123.504572][ T4253] usb 1-1: USB disconnect, device number 2 [ 123.823762][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 124.036434][ T7163] loop1: detected capacity change from 0 to 40427 [ 124.143442][ T7163] F2FS-fs (loop1): invalid crc value [ 124.166442][ T7163] F2FS-fs (loop1): Found nat_bits in checkpoint [ 124.262093][ T4784] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 124.279567][ T7163] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 124.652313][ T4784] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 124.692002][ T4784] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 124.722560][ T4784] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.760024][ T4784] usb 3-1: config 0 descriptor?? [ 124.838086][ T4784] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 124.919292][ T7249] __nla_validate_parse: 2 callbacks suppressed [ 124.919306][ T7249] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1308'. [ 125.057490][ T4196] attempt to access beyond end of device [ 125.057490][ T4196] loop1: rw=2049, want=45104, limit=40427 [ 125.082007][ T4784] usb 3-1: USB disconnect, device number 3 [ 125.172367][ T7259] loop0: detected capacity change from 0 to 1024 [ 125.215752][ T7259] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 125.242436][ T7259] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 125.321862][ T7259] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 125.342186][ T7259] System zones: 0-1, 3-36 [ 125.365326][ T7259] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 125.655845][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1312'. [ 126.310455][ T7310] xt_hashlimit: max too large, truncated to 1048576 [ 126.479572][ T7316] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 127.060175][ T7356] netlink: 220 bytes leftover after parsing attributes in process `syz.0.1358'. [ 127.312381][ T7367] loop0: detected capacity change from 0 to 256 [ 127.397819][ T7367] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 127.957141][ T7416] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1387'. [ 128.114813][ T7425] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1390'. [ 128.430332][ T7451] loop4: detected capacity change from 0 to 512 [ 128.569526][ T7455] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 128.602631][ T7451] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 128.617214][ T7451] EXT4-fs (loop4): orphan cleanup on readonly fs [ 128.625556][ T7455] overlayfs: missing 'lowerdir' [ 128.626024][ T7451] EXT4-fs warning (device loop4): ext4_enable_quotas:6461: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 128.687825][ T7451] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 128.805901][ T7451] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #13: comm syz.4.1400: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 128.867050][ T7451] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1400: couldn't read orphan inode 13 (err -117) [ 128.915141][ T7451] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,noblock_validity,min_batch_time=0x000000000000082f,grpquota,debug,journal_dev=0x0000000000000001,grpid,inode_readahead_blks=0x0000000000002000,,errors=continue. Quota mode: writeback. [ 128.985355][ T7472] loop1: detected capacity change from 0 to 256 [ 129.025089][ T7474] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 129.069611][ T7472] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 129.079760][ T7474] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 129.098941][ T7474] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 129.649882][ T7503] trusted_key: encrypted_key: insufficient parameters specified [ 129.882309][ T7517] loop2: detected capacity change from 0 to 7 [ 129.898352][ T4176] Dev loop2: unable to read RDB block 7 [ 129.906832][ T4176] loop2: unable to read partition table [ 129.917344][ T4176] loop2: partition table beyond EOD, truncated [ 129.933008][ T7517] Dev loop2: unable to read RDB block 7 [ 129.938929][ T7517] loop2: unable to read partition table [ 129.945996][ T7517] loop2: partition table beyond EOD, truncated [ 129.966686][ T7517] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 130.192178][ T13] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 130.662897][ T13] usb 4-1: unable to get BOS descriptor or descriptor too short [ 130.709926][ T13] usb 4-1: not running at top speed; connect to a high speed hub [ 130.763446][ T26] audit: type=1326 audit(1763512499.223:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.0.1447" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a992266c9 code=0x0 [ 130.823393][ T13] usb 4-1: config 1 has an invalid descriptor of length 72, skipping remainder of the config [ 130.845198][ T13] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 130.891314][ T13] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 131.050134][ T7559] usb usb7: usbfs: process 7559 (syz.0.1452) did not claim interface 0 before use [ 131.117256][ T13] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 131.136384][ T13] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.160261][ T13] usb 4-1: Product: syz [ 131.173773][ T13] usb 4-1: Manufacturer: syz [ 131.178408][ T13] usb 4-1: SerialNumber: syz [ 131.227421][ T7518] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 131.343890][ T7536] loop2: detected capacity change from 0 to 40427 [ 131.402545][ T7536] F2FS-fs (loop2): invalid crc value [ 131.426824][ T7575] cgroup: Unknown subsys name 'favordynmods' [ 131.467882][ T7536] F2FS-fs (loop2): Found nat_bits in checkpoint [ 131.520849][ T7580] loop4: detected capacity change from 0 to 256 [ 131.588394][ T7536] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 131.596325][ T13] usb 4-1: 0:2 : does not exist [ 131.617117][ T13] usb 4-1: USB disconnect, device number 5 [ 131.662017][ T7580] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 131.947868][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 131.972708][ T7604] netlink: 'syz.4.1473': attribute type 4 has an invalid length. [ 132.246166][ T26] audit: type=1326 audit(1763512500.703:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz.1.1479" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x0 [ 132.460497][ T7624] tmpfs: Bad value for 'mpol' [ 132.568265][ T4182] attempt to access beyond end of device [ 132.568265][ T4182] loop2: rw=2049, want=45104, limit=40427 [ 132.644173][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.650500][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.862476][ T7649] loop3: detected capacity change from 0 to 256 [ 132.969021][ T7649] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 133.263774][ T7665] cgroup: subsys name conflicts with all [ 133.554688][ T7681] binder: 7680:7681 ioctl c0306201 2000000001c0 returned -14 [ 134.539553][ T7756] loop4: detected capacity change from 0 to 256 [ 134.633304][ T7756] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 134.907485][ T7778] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1550'. [ 134.924989][ T7781] syz.1.1552 sent an empty control message without MSG_MORE. [ 135.060429][ T7787] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1554'. [ 135.140418][ T26] audit: type=1326 audit(1763512503.593:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.3.1556" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ea209b6c9 code=0x0 [ 135.390254][ T7809] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 136.114043][ T7852] loop2: detected capacity change from 0 to 256 [ 136.150694][ T7855] loop1: detected capacity change from 0 to 512 [ 136.167940][ T7856] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1587'. [ 136.374624][ T7855] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,journal_ioprio=0x0000000000000004,barrier,. Quota mode: writeback. [ 136.432131][ T7855] ext4 filesystem being mounted at /311/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 136.466606][ T7864] loop3: detected capacity change from 0 to 512 [ 136.602000][ T7864] EXT4-fs (loop3): Ignoring removed bh option [ 136.670896][ T7870] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1593'. [ 136.695401][ T7864] EXT4-fs (loop3): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 136.739156][ T7864] ext4 filesystem being mounted at /327/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 136.783849][ T7870] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready [ 136.802140][ T4784] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 137.202288][ T4784] usb 5-1: unable to get BOS descriptor or descriptor too short [ 137.242181][ T4784] usb 5-1: not running at top speed; connect to a high speed hub [ 137.322184][ T4784] usb 5-1: config 1 has an invalid descriptor of length 72, skipping remainder of the config [ 137.358041][ T4784] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 137.386414][ T4784] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 137.573472][ T4784] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 137.597095][ T4784] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.614055][ T4189] Bluetooth: Wrong link type (-57) [ 137.641338][ T4784] usb 5-1: Product: syz [ 137.645725][ T4784] usb 5-1: Manufacturer: syz [ 137.650578][ T4784] usb 5-1: SerialNumber: syz [ 137.682268][ T7867] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 137.925272][ T7930] loop0: detected capacity change from 0 to 1024 [ 137.968818][ T7932] process 'syz.2.1621' launched './file0' with NULL argv: empty string added [ 137.986141][ T7930] EXT4-fs (loop0): Ignoring removed nobh option [ 138.025099][ T4784] usb 5-1: 0:2 : does not exist [ 138.069103][ T7930] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 138.093457][ T4784] usb 5-1: USB disconnect, device number 2 [ 138.339075][ T7930] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,jqfmt=vfsv1,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,dioread_nolock,dioread_nolock,,errors=continue. Quota mode: writeback. [ 138.368052][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 138.578554][ T7952] loop4: detected capacity change from 0 to 256 [ 138.645622][ T7952] exfat: Unknown parameter '§' [ 139.381663][ T7984] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1644'. [ 139.468919][ T7990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1647'. [ 139.497873][ T7990] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 139.816913][ T8011] netlink: 'syz.2.1654': attribute type 12 has an invalid length. [ 140.268064][ T8031] syz.1.1662[8031] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.268163][ T8031] syz.1.1662[8031] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.436745][ T8040] tmpfs: Unknown parameter 'no' [ 141.162034][ T8076] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1683'. [ 141.301486][ T8088] loop2: detected capacity change from 0 to 512 [ 141.317417][ T8084] loop4: detected capacity change from 0 to 8192 [ 141.372211][ T8088] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 141.402936][ T8088] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 not in group (block 3)! [ 141.468073][ T8088] EXT4-fs (loop2): group descriptors corrupted! [ 141.750600][ T8098] tipc: Can't bind to reserved service type 2 [ 141.772618][ T8104] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1696'. [ 141.850019][ T8106] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1698'. [ 142.442569][ T8127] loop1: detected capacity change from 0 to 32768 [ 144.051906][ C1] sched: RT throttling activated [ 145.533982][ T8169] tc_dump_action: action bad kind [ 145.780634][ T8183] syz.0.1732 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 145.805307][ T8182] overlayfs: missing 'lowerdir' [ 146.347135][ T13] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 146.786656][ T13] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 146.818565][ T13] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 146.942259][ T13] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 146.961670][ T13] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 146.977991][ T13] usb 4-1: Manufacturer: syz [ 146.998657][ T13] usb 4-1: config 0 descriptor?? [ 147.753770][ T4185] Bluetooth: hci0: command 0x0c20 tx timeout [ 148.143188][ T13] uclogic 0003:256C:006D.0002: interface is invalid, ignoring [ 148.780830][ T8333] loop2: detected capacity change from 0 to 32768 [ 149.650359][ T4253] usb 4-1: USB disconnect, device number 6 [ 150.101702][ T26] audit: type=1326 audit(1763512518.553:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.3.1807" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ea209b6c9 code=0x0 [ 150.125112][ T8342] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1808'. [ 150.704367][ T8360] Illegal XDP return value 4294967282, expect packet loss! [ 150.794114][ T8316] loop4: detected capacity change from 0 to 40427 [ 150.849344][ T8365] bridge_slave_0: default FDB implementation only supports local addresses [ 150.882954][ T8365] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1821'. [ 150.898417][ T8316] F2FS-fs (loop4): invalid crc value [ 150.956835][ T8365] bridge_slave_0: default FDB implementation only supports local addresses [ 150.976596][ T8316] F2FS-fs (loop4): Found nat_bits in checkpoint [ 151.143094][ T8382] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1827'. [ 151.307692][ T8390] netlink: 'syz.1.1829': attribute type 33 has an invalid length. [ 151.339710][ T8390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1829'. [ 151.679046][ T8411] netlink: 37 bytes leftover after parsing attributes in process `syz.1.1838'. [ 151.978819][ T8433] overlayfs: conflicting options: userxattr,redirect_dir=follow [ 151.992094][ T8426] ptrace attach of "./syz-executor exec"[8432] was attempted by "./syz-executor exec"[8426] [ 152.481978][ T4253] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 152.495045][ T8462] netlink: 'syz.3.1857': attribute type 10 has an invalid length. [ 152.551647][ T8465] netlink: 'syz.3.1857': attribute type 10 has an invalid length. [ 152.578951][ T8465] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 152.633981][ T8465] syz.3.1857 (8465) used greatest stack depth: 20704 bytes left [ 152.728424][ T4253] usb 3-1: Using ep0 maxpacket: 16 [ 152.882263][ T4253] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 153.006418][ T8490] netlink: 'syz.3.1869': attribute type 6 has an invalid length. [ 153.063153][ T4253] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 153.080148][ T4253] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.105885][ T4253] usb 3-1: Product: syz [ 153.115698][ T4253] usb 3-1: Manufacturer: syz [ 153.129433][ T4253] usb 3-1: SerialNumber: syz [ 153.151532][ T4253] usb 3-1: config 0 descriptor?? [ 153.204505][ T4253] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 153.228528][ T4253] em28xx 3-1:0.0: DVB interface 0 found: bulk [ 153.459589][ T8511] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1880'. [ 153.626207][ T8522] capability: warning: `syz.1.1885' uses deprecated v2 capabilities in a way that may be insecure [ 153.852172][ T4253] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 154.439855][ T8571] netlink: 'syz.1.1907': attribute type 6 has an invalid length. [ 154.583100][ T4253] em28xx 3-1:0.0: read from i2c device at 0xa0 failed with unknown error (status=65) [ 154.599383][ T4253] em28xx 3-1:0.0: board has no eeprom [ 154.742011][ T13] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 154.890084][ T4253] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 154.905561][ T4253] em28xx 3-1:0.0: dvb set to bulk mode. [ 154.933091][ T4253] usb 3-1: USB disconnect, device number 4 [ 154.939578][ T4253] em28xx 3-1:0.0: Disconnecting em28xx [ 154.967496][ T8600] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 154.974094][ T4784] em28xx 3-1:0.0: Binding DVB extension [ 155.012009][ T13] usb 4-1: Using ep0 maxpacket: 16 [ 155.087795][ T4784] em28xx 3-1:0.0: Registering input extension [ 155.096837][ T4253] em28xx 3-1:0.0: Closing input extension [ 155.135199][ T4294] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 155.147540][ T4253] em28xx 3-1:0.0: Freeing device [ 155.181949][ T13] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 155.195822][ T13] usb 4-1: config 0 has no interface number 0 [ 155.372372][ T13] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 155.391782][ T13] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.412046][ T4294] usb 5-1: Using ep0 maxpacket: 8 [ 155.417767][ T13] usb 4-1: Product: syz [ 155.427168][ T13] usb 4-1: Manufacturer: syz [ 155.452121][ T13] usb 4-1: SerialNumber: syz [ 155.469951][ T13] usb 4-1: config 0 descriptor?? [ 155.545473][ T13] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 155.552413][ T4294] usb 5-1: config 0 has an invalid interface number: 31 but max is 0 [ 155.573661][ T4294] usb 5-1: config 0 has no interface number 0 [ 155.792486][ T4294] usb 5-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=be.68 [ 155.810174][ T4294] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.818740][ T4294] usb 5-1: Product: syz [ 155.830166][ T4294] usb 5-1: Manufacturer: syz [ 155.835242][ T4294] usb 5-1: SerialNumber: syz [ 155.848324][ T4294] usb 5-1: config 0 descriptor?? [ 155.894052][ T4294] redrat3 5-1:0.31: Couldn't find all endpoints [ 155.960822][ T8639] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1941'. [ 156.095502][ T4784] usb 5-1: USB disconnect, device number 3 [ 156.143580][ T8448] Set syz1 is full, maxelem 65536 reached [ 156.228354][ T8653] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1948'. [ 156.291701][ T8657] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1950'. [ 156.560728][ T8678] netlink: 'syz.0.1961': attribute type 4 has an invalid length. [ 156.589196][ T8678] netlink: 'syz.0.1961': attribute type 5 has an invalid length. [ 156.606917][ T8678] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1961'. [ 156.616929][ T8681] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1963'. [ 156.828777][ T8694] netlink: 'syz.4.1968': attribute type 32 has an invalid length. [ 157.144486][ T8719] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1980'. [ 157.516128][ T13] gspca_spca1528: reg_r err -71 [ 157.524046][ T13] spca1528: probe of 4-1:0.1 failed with error -71 [ 157.553393][ T13] usb 4-1: USB disconnect, device number 7 [ 157.676037][ T8754] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2000'. [ 157.698094][ T8754] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 157.717350][ T8754] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 157.734822][ T8754] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 157.752148][ T8754] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 157.925157][ T8764] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2003'. [ 158.418890][ T8783] loop3: detected capacity change from 0 to 32768 [ 158.445792][ T8789] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 158.629221][ T8783] XFS (loop3): Mounting V5 Filesystem [ 159.728389][ T8811] loop0: detected capacity change from 0 to 32768 [ 160.105655][ T8783] XFS (loop3): Ending clean mount [ 160.143554][ T8783] XFS (loop3): Quotacheck needed: Please wait. [ 160.728074][ T8783] XFS (loop3): Quotacheck: Done. [ 161.817587][ T4190] XFS (loop3): Unmounting Filesystem [ 161.851778][ T8847] APIC base relocation is unsupported by KVM [ 162.008983][ T8852] loop0: detected capacity change from 0 to 256 [ 162.515058][ T8871] netlink: 6 bytes leftover after parsing attributes in process `syz.3.2047'. [ 162.524206][ T8871] netlink: 6 bytes leftover after parsing attributes in process `syz.3.2047'. [ 162.689727][ T8879] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2049'. [ 163.082390][ T8899] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2060'. [ 163.529260][ T8923] syz.4.2072 (8923): /proc/8922/oom_adj is deprecated, please use /proc/8922/oom_score_adj instead. [ 163.758391][ T8934] netlink: 'syz.4.2077': attribute type 1 has an invalid length. [ 163.821460][ T8934] bond2: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 163.912094][ T8934] bond2: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 163.995703][ T8934] bond2: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode [ 164.483761][ T8976] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2095'. [ 164.542497][ T8976] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2095'. [ 164.588510][ T8976] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2095'. [ 164.627955][ T8976] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2095'. [ 164.750140][ T4294] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 164.770303][ T4294] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 165.054678][ T13] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 165.139768][ T9019] netlink: 'syz.0.2114': attribute type 39 has an invalid length. [ 165.179270][ T9019] device veth0_macvtap left promiscuous mode [ 165.432391][ T13] usb 2-1: config 0 has no interfaces? [ 165.522153][ T13] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 165.531233][ T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 165.577405][ T13] usb 2-1: SerialNumber: syz [ 165.594681][ T13] usb 2-1: config 0 descriptor?? [ 165.682024][ T4784] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 165.837468][ T9058] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2132'. [ 165.919064][ T4294] usb 2-1: USB disconnect, device number 3 [ 166.042219][ T13] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 166.055138][ T4784] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 166.079644][ T4784] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.103257][ T4784] usb 4-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 166.164893][ T9082] netlink: 'syz.4.2144': attribute type 4 has an invalid length. [ 166.173851][ T9082] netlink: 'syz.4.2144': attribute type 6 has an invalid length. [ 166.181637][ T9082] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.2144'. [ 166.292335][ T4784] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 166.302142][ T13] usb 3-1: Using ep0 maxpacket: 8 [ 166.311691][ T4784] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.320408][ T4784] usb 4-1: Product: syz [ 166.331010][ T4784] usb 4-1: Manufacturer: syz [ 166.346789][ T4784] usb 4-1: SerialNumber: syz [ 166.394007][ T4784] usb 4-1: selecting invalid altsetting 1 [ 166.422417][ T13] usb 3-1: config 0 has an invalid interface number: 75 but max is 0 [ 166.430557][ T13] usb 3-1: config 0 has no interface number 0 [ 166.477625][ T13] usb 3-1: config 0 interface 75 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 166.662344][ T13] usb 3-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=df.29 [ 166.692403][ T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.705736][ T13] usb 3-1: Product: syz [ 166.722131][ T13] usb 3-1: Manufacturer: syz [ 166.726769][ T13] usb 3-1: SerialNumber: syz [ 166.752944][ T13] usb 3-1: config 0 descriptor?? [ 166.825189][ T4784] cdc_ncm 4-1:1.0: failed GET_NTB_PARAMETERS [ 166.841588][ T4784] cdc_ncm 4-1:1.0: bind() failure [ 166.874279][ T4784] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 166.888932][ T4784] cdc_ncm 4-1:1.1: bind() failure [ 166.911597][ T4784] usb 4-1: USB disconnect, device number 8 [ 166.994062][ T26] audit: type=1326 audit(1763512535.453:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.048738][ T13] usb 3-1: USB disconnect, device number 5 [ 167.051175][ T26] audit: type=1326 audit(1763512535.483:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.116431][ T26] audit: type=1326 audit(1763512535.483:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.179214][ T26] audit: type=1326 audit(1763512535.483:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.218024][ T26] audit: type=1326 audit(1763512535.483:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.258850][ T26] audit: type=1326 audit(1763512535.483:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.298587][ T26] audit: type=1326 audit(1763512535.483:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.337283][ T26] audit: type=1326 audit(1763512535.483:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.405432][ T26] audit: type=1326 audit(1763512535.543:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.498759][ T26] audit: type=1326 audit(1763512535.543:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9134 comm="syz.1.2170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x7ffc0000 [ 167.730044][ T9184] netlink: 'syz.0.2193': attribute type 6 has an invalid length. [ 168.085718][ T4294] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 168.190468][ T9225] __nla_validate_parse: 1 callbacks suppressed [ 168.190484][ T9225] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2211'. [ 168.250599][ T9225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2211'. [ 168.264355][ T9230] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 168.271401][ T9230] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 168.310095][ T9230] vhci_hcd vhci_hcd.0: Device attached [ 168.320420][ T9231] vhci_hcd: connection closed [ 168.329778][ T5224] vhci_hcd: stop threads [ 168.366514][ T5224] vhci_hcd: release socket [ 168.371013][ T5224] vhci_hcd: disconnect device [ 168.382767][ T4294] usb 3-1: Using ep0 maxpacket: 16 [ 168.506115][ T4294] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 168.723503][ T4294] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 168.752019][ T4294] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 168.790548][ T4294] usb 3-1: Product: syz [ 168.800720][ T4294] usb 3-1: Manufacturer: syz [ 168.810845][ T4294] usb 3-1: SerialNumber: syz [ 168.848282][ T4294] usb 3-1: config 0 descriptor?? [ 168.897490][ T4294] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 168.931931][ T4294] em28xx 3-1:0.0: DVB interface 0 found: bulk [ 169.011101][ T9270] netlink: 5308 bytes leftover after parsing attributes in process `syz.1.2234'. [ 169.032738][ T9267] loop4: detected capacity change from 0 to 32768 [ 169.215788][ T9267] XFS (loop4): Mounting V5 Filesystem [ 169.232803][ T9277] loop1: detected capacity change from 0 to 4096 [ 169.274607][ T9277] EXT4-fs (loop1): Test dummy encryption mode enabled [ 169.315239][ T9267] XFS (loop4): Ending clean mount [ 169.324021][ T9267] XFS (loop4): Quotacheck needed: Please wait. [ 169.414407][ T9277] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption=v1,dioread_nolock,,errors=continue. Quota mode: writeback. [ 169.460358][ T9277] EXT4-fs (loop1): Test dummy encryption mode enabled [ 169.468063][ T9267] XFS (loop4): Quotacheck: Done. [ 169.513168][ T9277] EXT4-fs (loop1): re-mounted. Opts: test_dummy_encryption=v1,dioread_nolock,. Quota mode: writeback. [ 169.554982][ T4294] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 169.895796][ T9302] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2244'. [ 170.137787][ T4183] XFS (loop4): Unmounting Filesystem [ 170.282347][ T4294] em28xx 3-1:0.0: board has no eeprom [ 170.602043][ T4294] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 170.613334][ T4294] em28xx 3-1:0.0: dvb set to bulk mode. [ 170.653072][ T4294] usb 3-1: USB disconnect, device number 6 [ 170.692876][ T4294] em28xx 3-1:0.0: Disconnecting em28xx [ 170.737609][ T13] em28xx 3-1:0.0: Binding DVB extension [ 170.819790][ T13] em28xx 3-1:0.0: Registering input extension [ 170.832201][ T4294] em28xx 3-1:0.0: Closing input extension [ 170.859085][ T4294] em28xx 3-1:0.0: Freeing device [ 170.908215][ T9333] bpf: Bad value for 'mode' [ 170.959117][ T9335] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2260'. [ 171.090898][ T9345] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2264'. [ 171.128822][ T9345] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2264'. [ 171.677353][ T9377] loop0: detected capacity change from 0 to 2048 [ 171.726062][ T9377] loop0: p1 < > p4 < > [ 171.843544][ T4593] udevd[4593]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 171.847410][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 171.903877][ T9379] 9pnet: Could not find request transport: 0xffffffffffffffff [ 172.397354][ T1335] Bluetooth: hci4: command 0x0405 tx timeout [ 172.427877][ T9357] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.437159][ T9357] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.446230][ T9357] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.455125][ T9357] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.548620][ T9357] device ip6tnl1 left promiscuous mode [ 172.577247][ T9383] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2283'. [ 172.612121][ T9383] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2283'. [ 172.763053][ T9395] netlink: 'syz.3.2289': attribute type 12 has an invalid length. [ 172.848547][ T9402] overlayfs: missing 'lowerdir' [ 173.262250][ T4185] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 173.616323][ T9460] netlink: 37 bytes leftover after parsing attributes in process `syz.0.2320'. [ 173.625832][ T4185] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 173.662071][ T4185] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.715389][ T4185] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 173.853602][ T9476] xt_bpf: check failed: parse error [ 173.862599][ T9478] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2328'. [ 173.914229][ T4185] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 173.950336][ T4185] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.981264][ T4185] usb 5-1: Product: syz [ 173.986017][ T4185] usb 5-1: Manufacturer: syz [ 173.990627][ T4185] usb 5-1: SerialNumber: syz [ 174.053186][ T4185] usb 5-1: selecting invalid altsetting 1 [ 174.291789][ T9508] netlink: 680 bytes leftover after parsing attributes in process `syz.3.2343'. [ 174.414787][ T9514] loop2: detected capacity change from 0 to 512 [ 174.492311][ T4185] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS [ 174.498411][ T4185] cdc_ncm 5-1:1.0: bind() failure [ 174.514211][ T4185] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 174.544917][ T9514] EXT4-fs (loop2): Ignoring removed oldalloc option [ 174.546864][ T4185] cdc_ncm 5-1:1.1: bind() failure [ 174.556861][ T9514] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 174.595171][ T4185] usb 5-1: USB disconnect, device number 4 [ 174.620741][ T9514] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2826: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 174.639273][ T9514] EXT4-fs (loop2): 1 truncate cleaned up [ 174.645163][ T9514] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,oldalloc,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback. [ 174.721766][ T9536] loop1: detected capacity change from 0 to 512 [ 174.793779][ T9540] netlink: 9 bytes leftover after parsing attributes in process `syz.3.2359'. [ 174.795612][ T9536] EXT4-fs (loop1): Ignoring removed oldalloc option [ 174.811401][ T9536] EXT4-fs (loop1): inline encryption not supported [ 174.825595][ T9540] device gretap0 entered promiscuous mode [ 174.852154][ T9536] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 174.922728][ T9536] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2356: bg 0: block 64: padding at end of block bitmap is not set [ 174.960146][ T9536] __quota_error: 1 callbacks suppressed [ 174.960161][ T9536] Quota error (device loop1): write_blk: dquota write failed [ 174.974352][ T9536] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 174.985673][ T9536] EXT4-fs error (device loop1): ext4_acquire_dquot:6209: comm syz.1.2356: Failed to acquire dquot type 0 [ 175.008641][ T9536] EXT4-fs (loop1): 1 truncate cleaned up [ 175.018423][ T9536] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,oldalloc,inlinecrypt,nombcache,noload,delalloc,noload,resuid=0x0000000000000000,lazytime,,errors=continue. Quota mode: writeback. [ 175.085495][ T9536] Quota error (device loop1): write_blk: dquota write failed [ 175.141375][ T9536] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 175.170704][ T9536] EXT4-fs error (device loop1): ext4_acquire_dquot:6209: comm syz.1.2356: Failed to acquire dquot type 0 [ 175.682249][ T1106] Bluetooth: hci2: command 0x0406 tx timeout [ 175.689157][ T1106] Bluetooth: hci3: command 0x0406 tx timeout [ 175.719618][ T1106] Bluetooth: hci0: command 0x0406 tx timeout [ 175.731979][ T1106] Bluetooth: hci4: command 0x0406 tx timeout [ 175.738093][ T1106] Bluetooth: hci1: command 0x0406 tx timeout [ 176.126312][ T9622] loop3: detected capacity change from 0 to 256 [ 176.147626][ T9623] loop4: detected capacity change from 0 to 512 [ 176.277489][ T9620] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 176.292218][ T9620] FAT-fs (loop3): Filesystem has been set read-only [ 176.302261][ T9623] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 176.372499][ T9623] ext4 filesystem being mounted at /498/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 176.838859][ T9649] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2406'. [ 176.908155][ T9655] netlink: 'syz.3.2409': attribute type 29 has an invalid length. [ 177.178333][ T9675] binder: 9673:9675 ioctl c0306201 200000000080 returned -14 [ 177.581382][ T9705] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2435'. [ 178.758111][ T9763] loop2: detected capacity change from 0 to 512 [ 178.928133][ T9763] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 179.005337][ T9763] ext4 filesystem being mounted at /456/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 179.316897][ T9809] netlink: 'syz.1.2481': attribute type 4 has an invalid length. [ 179.331645][ T9809] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2481'. [ 179.567068][ T9827] loop3: detected capacity change from 0 to 512 [ 179.671693][ T9827] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 179.708029][ T9827] ext4 filesystem being mounted at /497/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 179.934297][ T9852] netlink: 220 bytes leftover after parsing attributes in process `syz.1.2500'. [ 180.752703][ T4294] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 180.816948][ T9921] overlayfs: failed to resolve './bus': -2 [ 181.000925][ T9927] loop4: detected capacity change from 0 to 512 [ 181.080813][ T9927] EXT4-fs (loop4): Ignoring removed oldalloc option [ 181.092010][ T9927] EXT4-fs (loop4): old and new quota format mixing [ 181.162341][ T4294] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.195024][ T4294] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 181.230104][ T9937] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2542'. [ 181.231434][ T4294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.283736][ T4294] usb 1-1: config 0 descriptor?? [ 181.854990][ T4294] usbhid 1-1:0.0: can't add hid device: -71 [ 181.862161][ T4294] usbhid: probe of 1-1:0.0 failed with error -71 [ 181.903363][ T4294] usb 1-1: USB disconnect, device number 3 [ 182.585193][T10013] netlink: 'syz.3.2577': attribute type 27 has an invalid length. [ 182.622242][T10003] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2571'. [ 182.678420][T10017] cgroup: Bad value for 'name' [ 183.332242][ T4294] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 183.365643][T10058] loop0: detected capacity change from 0 to 512 [ 183.424819][T10058] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities [ 183.635063][ T4294] usb 2-1: Using ep0 maxpacket: 32 [ 183.635140][T10068] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2602'. [ 183.786185][T10075] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2605'. [ 183.996341][ T4294] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 184.016277][ T4294] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.047441][ T4294] usb 2-1: Product: syz [ 184.061969][ T4294] usb 2-1: Manufacturer: syz [ 184.076819][ T4294] usb 2-1: SerialNumber: syz [ 184.098034][ T4294] usb 2-1: config 0 descriptor?? [ 184.103332][T10091] ERROR: device name not specified. [ 184.157101][T10092] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2612'. [ 184.237025][T10096] loop3: detected capacity change from 0 to 1024 [ 184.395193][ T4294] snd-usb-6fire 2-1:0.0: unknown device firmware state received from device: [ 184.426352][ T4294] eb 9a 47 80 9b f8 7a f0 [ 184.427062][T10096] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 184.430866][ T4294] snd-usb-6fire: probe of 2-1:0.0 failed with error -5 [ 184.634101][ T4294] usb 2-1: USB disconnect, device number 4 [ 184.662303][ T4190] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5850: Out of memory [ 184.688882][ T4190] EXT4-fs error (device loop3): ext4_dirty_inode:6054: inode #15: comm syz-executor: mark_inode_dirty error [ 184.730370][T10122] cgroup: Bad value for 'name' [ 184.831847][T10126] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2627'. [ 185.143000][ T4255] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 185.219954][T10146] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2638'. [ 185.239116][ T26] audit: type=1326 audit(2000000016.549:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10148 comm="syz.3.2640" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ea209b6c9 code=0x0 [ 185.418533][T10159] device bridge2 entered promiscuous mode [ 185.438959][ T4255] usb 5-1: Using ep0 maxpacket: 8 [ 185.572359][ T4255] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 185.601448][ T4255] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 185.632329][ T4255] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.665885][ T4255] usb 5-1: config 0 descriptor?? [ 185.746128][ T4255] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 185.909679][T10186] netlink: 'syz.3.2657': attribute type 1 has an invalid length. [ 186.457462][T10219] loop0: detected capacity change from 0 to 512 [ 186.596771][T10219] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 186.608225][T10219] ext4 filesystem being mounted at /512/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 186.626169][T10219] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.2672: corrupted inode contents [ 186.643116][T10219] EXT4-fs error (device loop0): ext4_dirty_inode:6054: inode #2: comm syz.0.2672: mark_inode_dirty error [ 186.656420][T10219] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.2672: corrupted inode contents [ 186.670232][T10219] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz.0.2672: mark_inode_dirty error [ 187.173240][T10258] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2688'. [ 187.242093][ T4255] gspca_vc032x: reg_w err -71 [ 187.246885][ T4255] vc032x: probe of 5-1:0.0 failed with error -71 [ 187.279565][ T4255] usb 5-1: USB disconnect, device number 5 [ 187.325807][T10264] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.2691' sets config #0 [ 187.395919][T10269] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2692'. [ 187.772760][T10295] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.2705' sets config #0 [ 187.892085][ T4185] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 188.027655][T10316] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2715'. [ 188.083786][T10316] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 188.091563][T10316] IPv6: NLM_F_CREATE should be set when creating new route [ 188.123125][T10316] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 188.130426][T10316] IPv6: NLM_F_CREATE should be set when creating new route [ 188.197672][T10329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2721'. [ 188.274752][ T4185] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.301002][T10331] loop4: detected capacity change from 0 to 512 [ 188.306170][ T4185] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 188.353854][ T4185] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.371532][T10337] 9pnet: Insufficient options for proto=fd [ 188.373283][T10341] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2726'. [ 188.390502][T10331] EXT4-fs (loop4): error: journal path ./file0 is not a block device [ 188.391175][ T4185] usb 4-1: config 0 descriptor?? [ 188.407076][T10341] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2726'. [ 188.417475][T10341] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2726'. [ 188.429711][T10341] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2726'. [ 188.575275][T10350] netlink: 'syz.4.2732': attribute type 1 has an invalid length. [ 188.953622][ T4185] usbhid 4-1:0.0: can't add hid device: -71 [ 188.960512][ T4185] usbhid: probe of 4-1:0.0 failed with error -71 [ 188.997162][ T4185] usb 4-1: USB disconnect, device number 9 [ 189.582073][ T26] audit: type=1800 audit(2000000020.889:166): pid=10369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2739" name="file1" dev="fuse" ino=0 res=0 errno=0 [ 189.808986][T10413] Error parsing options; rc = [-22] [ 190.258004][T10440] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 190.788848][T10467] netlink: 'syz.3.2788': attribute type 4 has an invalid length. [ 191.464940][T10504] __nla_validate_parse: 1 callbacks suppressed [ 191.464955][T10504] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2804'. [ 192.794337][T10579] netlink: 'syz.4.2840': attribute type 10 has an invalid length. [ 192.854859][T10579] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 192.903241][T10584] loop3: detected capacity change from 0 to 1024 [ 193.534141][T10618] IPv6: NLM_F_CREATE should be specified when creating new route [ 193.589292][T10623] loop0: detected capacity change from 0 to 8 [ 193.661689][T10623] SQUASHFS error: lzo decompression failed, data probably corrupt [ 193.678849][T10623] SQUASHFS error: Failed to read block 0x144: -5 [ 193.696102][T10623] SQUASHFS error: Unable to read metadata cache entry [142] [ 193.704129][T10623] SQUASHFS error: Unable to read inode 0x11f [ 194.076767][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.083162][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.592241][T10749] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 195.839385][T10765] netlink: 288 bytes leftover after parsing attributes in process `syz.0.2923'. [ 196.516482][T10808] sctp: [Deprecated]: syz.1.2946 (pid 10808) Use of struct sctp_assoc_value in delayed_ack socket option. [ 196.516482][T10808] Use struct sctp_sack_info instead [ 196.543088][T10812] netlink: 'syz.4.2947': attribute type 4 has an invalid length. [ 196.586968][T10815] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2948'. [ 196.873672][T10839] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2960'. [ 197.040836][T10856] tmpfs: Bad value for 'mpol' [ 197.325124][T10884] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2981'. [ 197.407052][T10888] tmpfs: Bad value for 'mpol' [ 197.446664][T10893] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2986'. [ 197.475611][T10895] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2987'. [ 197.831185][T10923] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3000'. [ 197.872669][ T1106] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 198.282333][ T1106] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xB3, skipping [ 198.303731][ T1106] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 198.345382][ T1106] usb 3-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 198.374897][ T1106] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.403556][ T1106] usb 3-1: config 0 descriptor?? [ 198.467430][ T1106] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 198.668493][ T4294] usb 3-1: USB disconnect, device number 7 [ 198.748056][T10968] netlink: 'syz.1.3019': attribute type 6 has an invalid length. [ 198.766691][T10968] IPv6: NLM_F_CREATE should be specified when creating new route [ 198.981995][ T4252] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 199.027578][T10986] x_tables: duplicate underflow at hook 1 [ 199.137949][T10993] IPv6: A: Disabled Multicast RS [ 199.352150][ T4252] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.385721][ T4252] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 199.408341][ T4252] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.479791][ T4252] usb 5-1: config 0 descriptor?? [ 199.859423][T11025] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3047'. [ 200.042127][ T4252] usbhid 5-1:0.0: can't add hid device: -71 [ 200.048241][ T4252] usbhid: probe of 5-1:0.0 failed with error -71 [ 200.098922][ T4252] usb 5-1: USB disconnect, device number 6 [ 200.187079][T11040] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3054'. [ 200.218766][T11040] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3054'. [ 200.731736][T11071] netlink: 'syz.3.3069': attribute type 4 has an invalid length. [ 200.759788][T11077] netlink: 'syz.0.3071': attribute type 29 has an invalid length. [ 200.764202][T11071] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 200.807130][T11077] netlink: 'syz.0.3071': attribute type 29 has an invalid length. [ 200.830345][T11082] netlink: 'syz.0.3071': attribute type 29 has an invalid length. [ 200.869890][T11077] netlink: 'syz.0.3071': attribute type 29 has an invalid length. [ 200.923383][T11077] netlink: 'syz.0.3071': attribute type 29 has an invalid length. [ 200.956196][T11077] netlink: 'syz.0.3071': attribute type 29 has an invalid length. [ 201.018798][ T26] audit: type=1326 audit(2000000032.329:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz.1.3080" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7ec4fd6c9 code=0x0 [ 201.056169][T11096] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3081'. [ 201.540903][T11133] netlink: 'syz.1.3096': attribute type 29 has an invalid length. [ 201.600068][T11133] netlink: 'syz.1.3096': attribute type 29 has an invalid length. [ 201.668714][T11144] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3099'. [ 201.688449][T11144] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3099'. [ 201.731239][T11144] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3099'. [ 201.751063][T11144] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3099'. [ 201.962588][T11168] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3108'. [ 203.101082][T11240] loop3: detected capacity change from 0 to 736 [ 203.553477][T11254] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 203.560026][T11254] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 203.579942][T11254] vhci_hcd vhci_hcd.0: Device attached [ 203.594435][T11255] vhci_hcd: connection closed [ 203.597855][ T4490] vhci_hcd: stop threads [ 203.620660][ T4490] vhci_hcd: release socket [ 203.628686][ T4490] vhci_hcd: disconnect device [ 203.750633][T11208] loop2: detected capacity change from 0 to 32768 [ 203.984209][T11252] loop3: detected capacity change from 0 to 32768 [ 204.010462][T11208] XFS (loop2): Mounting V5 Filesystem [ 204.018084][T11269] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3150'. [ 204.055410][T11269] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3150'. [ 204.274681][T11208] XFS (loop2): Ending clean mount [ 204.328528][T11208] XFS (loop2): Quotacheck needed: Please wait. [ 204.517244][T11208] XFS (loop2): Quotacheck: Done. [ 204.846466][ T4182] XFS (loop2): Unmounting Filesystem [ 205.238225][T11319] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3171'. [ 205.276606][T11319] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3171'. [ 206.562185][ T4784] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 206.935109][ T4784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.971575][ T4784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 206.996371][ T4784] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 207.016145][ T4784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.038536][ T4784] usb 5-1: config 0 descriptor?? [ 207.466619][T11396] overlayfs: empty lowerdir [ 207.544083][ T4784] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 207.551088][ T4784] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 207.592136][ T4784] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 207.633460][ T4784] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 207.640468][ T4784] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 207.682883][ T4784] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 207.689971][ T4784] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 207.753443][ T4784] cp2112 0003:10C4:EA90.0004: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0 [ 207.922125][ T4784] cp2112 0003:10C4:EA90.0004: Part Number: 0x00 Device Version: 0x00 [ 208.168322][T11431] netlink: 188 bytes leftover after parsing attributes in process `syz.2.3223'. [ 208.256752][T11436] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3224'. [ 208.496122][T11443] loop2: detected capacity change from 0 to 2048 [ 208.527303][T11443] EXT4-fs (loop2): Ignoring removed bh option [ 208.555889][T11341] cp2112 0003:10C4:EA90.0004: Multi-message I2C transactions not supported [ 208.602322][ T4784] cp2112 0003:10C4:EA90.0004: error reading lock byte: -71 [ 208.648629][ T4784] usb 5-1: USB disconnect, device number 7 [ 208.655679][T11443] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 208.893210][T11455] fido_id[11455]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory [ 208.918629][T11459] loop3: detected capacity change from 0 to 512 [ 209.027043][T11459] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.3234: inode has both inline data and extents flags [ 209.113975][T11462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3235'. [ 209.152293][T11459] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.3234: couldn't read orphan inode 15 (err -117) [ 209.213547][T11459] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 209.364679][T11467] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (aio_iiro_16) [ 209.593993][T11476] loop3: detected capacity change from 0 to 512 [ 209.645492][T11476] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 209.690327][T11476] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 209.772417][T11476] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002] [ 209.780630][T11476] System zones: 0-1, 15-15, 18-18, 34-34 [ 209.787925][T11476] EXT4-fs (loop3): orphan cleanup on readonly fs [ 209.842130][T11476] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #16: comm syz.3.3238: inode has both inline data and extents flags [ 209.993975][T11476] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.3238: couldn't read orphan inode 16 (err -117) [ 210.052443][T11476] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,nomblk_io_submit,,errors=continue. Quota mode: writeback. [ 211.152166][T11528] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3264'. [ 212.206911][T11576] loop0: detected capacity change from 0 to 2048 [ 212.462204][T11576] EXT4-fs (loop0): Ignoring removed bh option [ 212.633347][T11576] EXT4-fs (loop0): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 212.926517][T11613] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3301'. [ 213.264715][T11627] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (aio_iiro_16) [ 213.325187][ T1106] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 213.365625][T11632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3310'. [ 213.722482][ T1106] usb 2-1: config 0 has an invalid interface number: 231 but max is 0 [ 213.730685][ T1106] usb 2-1: config 0 has no interface number 0 [ 213.752424][ T1106] usb 2-1: config 0 interface 231 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 213.783197][ T1106] usb 2-1: config 0 interface 231 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 214.012347][ T1106] usb 2-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b [ 214.036291][ T1106] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.054773][ T1106] usb 2-1: Product: syz [ 214.065401][ T1106] usb 2-1: Manufacturer: syz [ 214.070040][ T1106] usb 2-1: SerialNumber: syz [ 214.085038][T11661] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 214.091576][ T1106] usb 2-1: config 0 descriptor?? [ 214.132347][T11619] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 214.197046][ T1106] plusb: probe of 2-1:0.231 failed with error -22 [ 214.455874][ T13] usb 2-1: USB disconnect, device number 5 [ 216.166324][T11737] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3359'. [ 216.234275][T11741] loop2: detected capacity change from 0 to 8 [ 216.253142][T11739] validate_nla: 4 callbacks suppressed [ 216.253158][T11739] netlink: 'syz.3.3361': attribute type 13 has an invalid length. [ 216.306126][T11739] erspan0: refused to change device tx_queue_len [ 216.354984][T11741] SQUASHFS error: zlib decompression failed, data probably corrupt [ 216.392073][T11741] SQUASHFS error: Failed to read block 0x9b: -5 [ 216.413623][T11741] SQUASHFS error: Unable to read metadata cache entry [99] [ 216.437539][T11741] SQUASHFS error: Unable to read inode 0x127 [ 216.589861][ T26] audit: type=1326 audit(2000000047.899:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11740 comm="syz.2.3362" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd4818ec6c9 code=0x0 [ 216.699609][T11756] loop2: detected capacity change from 0 to 2048 [ 216.809587][T11756] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 217.074935][T11774] netlink: 'syz.0.3374': attribute type 3 has an invalid length. [ 217.159306][T11774] netlink: 944 bytes leftover after parsing attributes in process `syz.0.3374'. [ 217.403657][T11793] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 217.766376][T11813] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3393'. [ 217.779468][T11813] batman_adv: batadv0: Adding interface: ipvlan2 [ 217.786078][T11813] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.801571][T11816] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3390'. [ 217.812832][T11813] batman_adv: batadv0: Not using interface ipvlan2 (retrying later): interface not active [ 218.466279][T11850] trusted_key: encrypted_key: insufficient parameters specified [ 218.520543][T11846] loop3: detected capacity change from 0 to 2048 [ 218.640057][T11846] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 218.735199][T11846] ext4 filesystem being mounted at /683/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 218.857449][T11846] fs-verity: sha512 using implementation "sha512-avx2" [ 218.922509][T11878] loop1: detected capacity change from 0 to 64 [ 220.387462][T11948] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 220.468070][T11956] netlink: 180 bytes leftover after parsing attributes in process `syz.2.3459'. [ 220.842513][T11979] tc_dump_action: action bad kind [ 221.290834][T12014] netlink: 196 bytes leftover after parsing attributes in process `syz.2.3487'. [ 221.810437][T12044] netlink: 'syz.3.3502': attribute type 12 has an invalid length. [ 222.484239][T12089] netlink: 'syz.4.3520': attribute type 4 has an invalid length. [ 222.524672][T12089] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.3520'. [ 222.960130][T12110] tc_dump_action: action bad kind [ 223.168582][T12119] IPv6: NLM_F_CREATE should be specified when creating new route [ 223.191510][T12119] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 223.198827][T12119] IPv6: NLM_F_CREATE should be set when creating new route [ 223.206128][T12119] IPv6: NLM_F_CREATE should be set when creating new route [ 223.338454][T12127] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3539'. [ 223.411193][ T4784] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 223.443105][T12138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3544'. [ 223.665529][ T4784] usb 1-1: Using ep0 maxpacket: 16 [ 223.785237][ T4784] usb 1-1: config 0 has an invalid interface number: 126 but max is 0 [ 223.805707][ T4784] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 223.825039][ T4784] usb 1-1: config 0 has no interface number 0 [ 223.831177][ T4784] usb 1-1: config 0 interface 126 altsetting 0 has an invalid endpoint with address 0xB7, skipping [ 223.853040][T12162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3556'. [ 223.865032][ T4784] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 223.891946][ T4784] usb 1-1: config 0 interface 126 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 4 [ 223.917426][ T4784] usb 1-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 223.941993][ T4784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.966708][ T4784] usb 1-1: config 0 descriptor?? [ 223.982386][T12117] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 224.118072][ T4784] snd-usb-audio: probe of 1-1:0.126 failed with error -2 [ 224.189678][ T4472] udevd[4472]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.126/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 224.223424][ T4784] usb 1-1: USB disconnect, device number 4 [ 224.365492][T12186] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3567'. [ 224.430295][T12186] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready [ 224.793440][T12196] overlayfs: unrecognized mount option "defcontext=system_u" or missing value [ 225.175111][ T4252] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 225.563518][ T4252] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 225.594822][ T4252] usb 4-1: config 0 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 7 [ 225.610424][ T4252] usb 4-1: config 0 interface 0 has no altsetting 0 [ 225.617287][T12224] loop4: detected capacity change from 0 to 40427 [ 225.624797][ T4252] usb 4-1: New USB device found, idVendor=047f, idProduct=c055, bcdDevice= 0.00 [ 225.634544][ T4252] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.646105][ T4252] usb 4-1: config 0 descriptor?? [ 225.648501][T12248] tc_dump_action: action bad kind [ 225.663574][T12208] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 225.720099][T12224] F2FS-fs (loop4): Found nat_bits in checkpoint [ 225.730236][T12254] 9pnet: Unknown protocol version 9 [ 225.832828][T12255] loop2: detected capacity change from 0 to 4096 [ 225.841188][T12224] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 225.909889][T12208] udc-core: couldn't find an available UDC or it's busy [ 225.924946][T12208] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 226.050347][T12255] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 226.062236][ T4252] usbhid 4-1:0.0: can't add hid device: -71 [ 226.068228][ T4252] usbhid: probe of 4-1:0.0 failed with error -71 [ 226.082441][T12265] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 226.122865][ T4252] usb 4-1: USB disconnect, device number 10 [ 226.157801][T12255] Remounting filesystem read-only [ 226.443551][T12283] netlink: 240 bytes leftover after parsing attributes in process `syz.0.3614'. [ 226.622111][ T4252] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 226.711547][T12296] loop4: detected capacity change from 0 to 2048 [ 226.754646][T12298] VFS: Lookup of 'file0' in fuse fuse would have caused loop [ 226.822347][T12310] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3624'. [ 226.826478][T12311] overlayfs: empty lowerdir [ 226.862198][ T4252] usb 4-1: Using ep0 maxpacket: 32 [ 226.984894][ T4252] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x2 has an invalid bInterval 129, changing to 11 [ 227.011081][ T4252] usb 4-1: config 0 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 7 [ 227.033886][ T4252] usb 4-1: config 0 interface 0 has no altsetting 0 [ 227.040657][ T4252] usb 4-1: New USB device found, idVendor=047f, idProduct=c055, bcdDevice= 0.00 [ 227.057314][ T4252] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.078510][ T4252] usb 4-1: config 0 descriptor?? [ 227.086823][T12324] netlink: 'syz.4.3631': attribute type 27 has an invalid length. [ 227.136109][ T4252] hub 4-1:0.0: bad descriptor, ignoring hub [ 227.142855][ T4252] hub: probe of 4-1:0.0 failed with error -5 [ 227.575259][ T4252] plantronics 0003:047F:C055.0005: No inputs registered, leaving [ 227.656427][ T4252] plantronics 0003:047F:C055.0005: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:c055] on usb-dummy_hcd.3-1/input0 [ 227.872251][ T13] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 227.930020][ T4255] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 228.142190][ T13] usb 2-1: Using ep0 maxpacket: 16 [ 228.192074][ T4255] usb 3-1: Using ep0 maxpacket: 16 [ 228.282594][ T13] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 228.297344][ T13] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 228.322165][ T4255] usb 3-1: config 0 has no interfaces? [ 228.512299][ T4255] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 228.521586][ T13] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 228.548355][ T4255] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.556446][ T13] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.570483][ T4255] usb 3-1: Product: syz [ 228.575294][ T13] usb 2-1: Product: syz [ 228.580896][ T4255] usb 3-1: Manufacturer: syz [ 228.589167][ T13] usb 2-1: Manufacturer: syz [ 228.594080][ T4255] usb 3-1: SerialNumber: syz [ 228.599306][ T13] usb 2-1: SerialNumber: syz [ 228.613663][ T4255] usb 3-1: config 0 descriptor?? [ 228.660737][T12417] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3671'. [ 228.936957][ T4255] usb 3-1: USB disconnect, device number 8 [ 228.976105][ T13] usb 2-1: 0:2 : does not exist [ 228.998102][T12426] loop0: detected capacity change from 0 to 512 [ 229.001381][ T13] usb 2-1: USB disconnect, device number 6 [ 229.112589][T12426] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 229.124278][T12426] ext4 filesystem being mounted at /717/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 229.246297][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 229.809723][T12471] loop2: detected capacity change from 0 to 2048 [ 229.986370][T12482] netlink: 104 bytes leftover after parsing attributes in process `syz.0.3699'. [ 229.996425][T12482] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3699'. [ 230.006496][T12482] tc_dump_action: action bad kind [ 230.169089][T12493] loop2: detected capacity change from 0 to 2048 [ 230.255622][T12499] netlink: 'syz.2.3707': attribute type 27 has an invalid length. [ 230.335099][T12505] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3710'. [ 230.727871][T12530] netlink: 7 bytes leftover after parsing attributes in process `syz.1.3722'. [ 230.841663][T12537] netlink: 300 bytes leftover after parsing attributes in process `syz.2.3724'. [ 231.245891][T12536] loop4: detected capacity change from 0 to 32768 [ 231.273921][T12536] XFS: noikeep mount option is deprecated. [ 231.348991][T12536] XFS (loop4): Mounting V5 Filesystem [ 231.435931][T12536] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 231.582238][T12536] XFS (loop4): Starting recovery (logdev: internal) [ 231.624712][T12536] XFS (loop4): Ending recovery (logdev: internal) [ 231.635908][T12536] XFS (loop4): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 231.655718][T12536] XFS (loop4): Failed to initialize disk quotas. [ 231.811538][T12536] XFS (loop4): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 231.867460][T12536] XFS (loop4): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 231.908489][T12536] XFS (loop4): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 232.199431][ T4183] XFS (loop4): Unmounting Filesystem [ 232.296825][ T1106] usb 4-1: USB disconnect, device number 11 [ 233.578272][T12673] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3781'. [ 233.735192][T12680] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3786'. [ 234.277944][T12705] loop3: detected capacity change from 0 to 512 [ 234.429708][T12713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3800'. [ 234.447335][T12705] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 234.458483][T12705] ext4 filesystem being mounted at /730/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 234.559020][T12683] loop1: detected capacity change from 0 to 40427 [ 234.613851][T12720] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (aio_iiro_16) [ 234.658011][ C0] divide error: 0000 [#1] PREEMPT SMP KASAN [ 234.658129][T12720] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (aio_iiro_16) [ 234.663907][ C0] CPU: 0 PID: 4593 Comm: udevd Not tainted syzkaller #0 [ 234.679470][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 234.689537][ C0] RIP: 0010:comedi_inc_scan_progress+0x19e/0x430 [ 234.695871][ C0] Code: b6 0c 19 84 c9 0f 85 b8 01 00 00 03 45 34 4c 8d a5 88 00 00 00 4c 89 e1 48 c1 e9 03 0f b6 0c 19 84 c9 0f 85 c7 01 00 00 31 d2 <41> f7 34 24 41 89 17 45 89 ec eb 0f e8 a1 b1 07 fa 48 bb 00 00 00 [ 234.715578][ C0] RSP: 0018:ffffc90000007c68 EFLAGS: 00010046 [ 234.721643][ C0] RAX: 0000000000000001 RBX: dffffc0000000000 RCX: 0000000000000000 [ 234.729610][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 234.737580][ C0] RBP: ffff88802b009200 R08: ffff88802b009200 R09: fffff52000a4b201 [ 234.745537][ C0] R10: fffff52000a4b201 R11: 1ffff92000a4b200 R12: ffff88802b009288 [ 234.753487][ C0] R13: 0000000000000004 R14: 0000000000000000 R15: ffff88802b009234 [ 234.761432][ C0] FS: 00007f865d461880(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 234.770337][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.776898][ C0] CR2: 00007fd481b14cc0 CR3: 000000001f837000 CR4: 00000000003506f0 [ 234.784857][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 234.792806][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 234.800751][ C0] Call Trace: [ 234.804011][ C0] [ 234.806836][ C0] comedi_buf_write_samples+0x371/0x5e0 [ 234.812368][ C0] aio_iiro_16_cos+0x160/0x1b0 [ 234.817109][ C0] ? aio_iiro_16_attach+0x760/0x760 [ 234.822283][ C0] ? seqcount_lockdep_reader_access+0x15c/0x1c0 [ 234.828500][ C0] ? aio_iiro_16_attach+0x760/0x760 [ 234.833672][ C0] __handle_irq_event_percpu+0x291/0x9b0 [ 234.839285][ C0] ? __irq_wake_thread+0x150/0x150 [ 234.844370][ C0] ? do_raw_spin_lock+0x11d/0x280 [ 234.849373][ C0] ? do_raw_spin_unlock+0x11d/0x230 [ 234.854554][ C0] handle_irq_event+0xa5/0x220 [ 234.859400][ C0] handle_edge_irq+0x243/0xb20 [ 234.864157][ C0] __common_interrupt+0xd7/0x1e0 [ 234.869083][ C0] common_interrupt+0xb0/0xd0 [ 234.873743][ C0] [ 234.876657][ C0] [ 234.879569][ C0] asm_common_interrupt+0x22/0x40 [ 234.884577][ C0] RIP: 0010:rcu_is_watching+0x18/0xa0 [ 234.889931][ C0] Code: 00 00 75 b8 eb b7 e8 a7 bc 45 08 0f 1f 80 00 00 00 00 41 57 41 56 53 65 ff 05 8c be 9e 7e e8 9f cc 45 08 89 c3 83 f8 08 73 5c <49> bf 00 00 00 00 00 fc ff df 4c 8d 34 dd 20 c8 bc 8b 4c 89 f0 48 [ 234.909513][ C0] RSP: 0018:ffffc900033efaa0 EFLAGS: 00000293 [ 234.915560][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 07f472488a995700 [ 234.923611][ C0] RDX: 0000000000000000 RSI: ffffffff8a59e560 RDI: ffffffff8a59e520 [ 234.931560][ C0] RBP: ffffc900033efbd0 R08: dffffc0000000000 R09: fffffbfff1ad33a6 [ 234.939508][ C0] R10: fffffbfff1ad33a6 R11: 1ffffffff1ad33a5 R12: ffff8880169cd2b0 [ 234.947458][ C0] R13: dffffc0000000000 R14: ffff8880169cd2f0 R15: 1ffff9200067df64 [ 234.955503][ C0] lock_release+0xba/0x870 [ 234.959901][ C0] ? rcu_lock_release+0x5/0x20 [ 234.964668][ C0] ? read_lock_is_recursive+0x10/0x10 [ 234.970020][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 234.975053][ C0] aa_file_perm+0x3a3/0xe20 [ 234.979534][ C0] ? __fdget_pos+0x2bf/0x370 [ 234.984103][ C0] ? __fdget_pos+0x2bf/0x370 [ 234.988672][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 234.993694][ C0] ? aa_path_link+0x850/0x850 [ 234.998351][ C0] ? mutex_lock_io_nested+0x60/0x60 [ 235.003530][ C0] common_file_perm+0x167/0x1c0 [ 235.008364][ C0] ? scan_positives+0x4a0/0x4a0 [ 235.013201][ C0] security_file_permission+0x65/0xa0 [ 235.018554][ C0] iterate_dir+0x94/0x560 [ 235.022873][ C0] ? scan_positives+0x4a0/0x4a0 [ 235.027699][ C0] ? __fdget_pos+0x2bf/0x370 [ 235.032267][ C0] __se_sys_getdents64+0xe5/0x260 [ 235.037278][ C0] ? __x64_sys_getdents64+0x80/0x80 [ 235.042458][ C0] ? filldir+0x720/0x720 [ 235.046680][ C0] ? vtime_user_exit+0x2dc/0x400 [ 235.051594][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 235.056978][ C0] do_syscall_64+0x4c/0xa0 [ 235.061370][ C0] ? clear_bhb_loop+0x30/0x80 [ 235.066021][ C0] ? clear_bhb_loop+0x30/0x80 [ 235.070673][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 235.076541][ C0] RIP: 0033:0x7f865d598d23 [ 235.080933][ C0] Code: 8b 05 d9 00 10 00 64 c7 00 16 00 00 00 31 c0 eb b0 66 0f 1f 44 00 00 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 a1 00 10 00 f7 d8 [ 235.100520][ C0] RSP: 002b:00007ffd21031348 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 235.108911][ C0] RAX: ffffffffffffffda RBX: 000055c8e17be220 RCX: 00007f865d598d23 [ 235.116859][ C0] RDX: 0000000000008000 RSI: 000055c8e17be250 RDI: 0000000000000009 [ 235.124806][ C0] RBP: 000055c8e17be224 R08: 00007f865d699ac0 R09: 0000000000000000 [ 235.132752][ C0] R10: 0000000000000003 R11: 0000000000000293 R12: 000055c8e17be250 [ 235.140698][ C0] R13: fffffffffffffe68 R14: 0000000000000002 R15: 00007ffd210317a0 [ 235.148662][ C0] [ 235.151669][ C0] Modules linked in: [ 235.155555][ C0] ---[ end trace a445fa34e6de5172 ]--- [ 235.160990][ C0] RIP: 0010:comedi_inc_scan_progress+0x19e/0x430 [ 235.167300][ C0] Code: b6 0c 19 84 c9 0f 85 b8 01 00 00 03 45 34 4c 8d a5 88 00 00 00 4c 89 e1 48 c1 e9 03 0f b6 0c 19 84 c9 0f 85 c7 01 00 00 31 d2 <41> f7 34 24 41 89 17 45 89 ec eb 0f e8 a1 b1 07 fa 48 bb 00 00 00 [ 235.186883][ C0] RSP: 0018:ffffc90000007c68 EFLAGS: 00010046 [ 235.192926][ C0] RAX: 0000000000000001 RBX: dffffc0000000000 RCX: 0000000000000000 [ 235.200874][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 235.208818][ C0] RBP: ffff88802b009200 R08: ffff88802b009200 R09: fffff52000a4b201 [ 235.216764][ C0] R10: fffff52000a4b201 R11: 1ffff92000a4b200 R12: ffff88802b009288 [ 235.224713][ C0] R13: 0000000000000004 R14: 0000000000000000 R15: ffff88802b009234 [ 235.232660][ C0] FS: 00007f865d461880(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 235.241561][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.248121][ C0] CR2: 00007fd481b14cc0 CR3: 000000001f837000 CR4: 00000000003506f0 [ 235.256077][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 235.264022][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 235.271988][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 235.279479][ C0] Kernel Offset: disabled [ 235.283790][ C0] Rebooting in 86400 seconds..