last executing test programs: 2m46.337904738s ago: executing program 1 (id=684): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000000)={[{@nojournal_checksum}, {@orlov}, {@i_version}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) connect$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0) prlimit64(r1, 0xe, &(0x7f0000000240)={0xb, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000ac0)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0) ioprio_set$pid(0x1, r2, 0x4004) ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f00000000c0)={{{0x1, 0x1}}, 0x0, 0x180000, 0x0}) 2m45.359710654s ago: executing program 1 (id=689): pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0x1, 0x8000c61) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x1, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0}) 2m45.251391579s ago: executing program 1 (id=690): ioctl$XFS_IOC_GOINGDOWN(0xffffffffffffffff, 0x8004587d, &(0x7f00000000c0)=0x2) r0 = openat$vcsu(0xffffffffffffff9c, 0x0, 0x0, 0x0) readv(r0, &(0x7f0000001e40)=[{&(0x7f0000001a00)=""/108, 0x6c}, {&(0x7f0000001a80)=""/202, 0xca}], 0x2) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x6}, 0x1c) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x2000}, 0x4) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_SET_OP_VERSION(r0, 0x1, 0x53, &(0x7f0000000080), 0x0) bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) syz_emit_ethernet(0x3a, &(0x7f00000006c0)={@local, @empty, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0xdd, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xfffe, 0x0, 0x8000}}}}}}, 0x0) syz_usb_connect$uac1(0x0, 0x8a, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x78, 0x3, 0x1, 0x10, 0x10, 0x6}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0}) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@bridge_newneigh={0x28, 0x1c, 0x401, 0x70bd25, 0x25dfdbff, {0x7, 0x0, 0x0, r6, 0x0, 0x0, 0x7}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048861}, 0x840) lseek(0xffffffffffffffff, 0x1000, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000711819000000"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$binfmt_format(r0, 0x0, 0x0) 2m42.194805589s ago: executing program 1 (id=701): mount$fuse(0x0, 0x0, 0x0, 0x80, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000280)={0x1, 0x0, [{0x1, 0x0, 0x5, 0x7, 0x800, 0x4, 0x8002}]}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x486, 0x0, 0x4f2}]}) 2m42.105973608s ago: executing program 1 (id=702): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@getnexthop={0x18, 0x6a, 0x501, 0xfffffd7e, 0x25dfdbff}, 0x18}, 0x1, 0x0, 0x0, 0x4000040}, 0x24008084) 2m42.079274671s ago: executing program 1 (id=704): open(0x0, 0xedc3, 0x10) socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0xa, 0x3, 0x3a) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0x1}, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x4800) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) setpgid(0x0, 0x0) setpgid(0x0, 0x0) tkill(0x0, 0x7) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0}, 0x20) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000140)={0x8001, 0x2, 0x62d, 0x3a6b}, 0x10) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000040)=0xd, 0x4) 2m26.957820333s ago: executing program 32 (id=704): open(0x0, 0xedc3, 0x10) socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0xa, 0x3, 0x3a) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0x1}, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x4800) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) setpgid(0x0, 0x0) setpgid(0x0, 0x0) tkill(0x0, 0x7) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0}, 0x20) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000140)={0x8001, 0x2, 0x62d, 0x3a6b}, 0x10) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000040)=0xd, 0x4) 15.554326931s ago: executing program 4 (id=1139): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c250000"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_extract_tcp_res$synack(0x0, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xe, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x20}}, {0x2, 0x4e23, @rand_addr=0x64010102}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) preadv(r4, &(0x7f0000000600)=[{&(0x7f0000000280)=""/215, 0xd7}], 0x1, 0x1006c, 0x0) 14.485805046s ago: executing program 4 (id=1140): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_audit(0x10, 0x3, 0x9) bind$netlink(r1, 0x0, 0x0) r2 = socket$nl_audit(0x10, 0x3, 0x9) bind$netlink(r2, &(0x7f00000007c0)={0x10, 0x0, 0x25dfdbfd, 0x1ffffffd}, 0xc) close_range(r0, 0xffffffffffffffff, 0x0) 14.299072262s ago: executing program 4 (id=1142): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f00000000c0)={0x0, 0x0}) ioctl$KVM_RUN(r3, 0xae80, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_emit_ethernet(0x2a, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r7, 0xf) 10.848225998s ago: executing program 4 (id=1151): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x759, &(0x7f0000000280)={[{@noinit_itable}, {@jqfmt_vfsv1}, {@user_xattr}, {@debug}, {@barrier, 0x0}, {@minixdf}, {@usrquota}, {@block_validity}, {@noinit_itable}, {@acl}, {@commit}, {@jqfmt_vfsold}], [], 0x2c}, 0x0, 0x500, &(0x7f0000000b40)="$eJzs3EtvVFUcAPD/TF9UwFZ88lBG0dhopLQ8Fy6AaMLGxERjcFnbQpAChtYESCPFGEhcaPgEPnYmfgJXujFqXGjcStwaE2K6AV2Qa+7MnTLt7bTTMtNa+vsl055z77lzzrn3ns55zG0A61Yp/VGI2BQRv0dETyU6O0Gp8uv29OTwP9OTw4VIkjf+LpTT3ZqeHK4mrR63MYv0FSOKHxViez7brvGLl04PjY2Nns829E8Us9CZoZOjJ0fPDh46tG9v98EDg/ubUs+0TLe2fXBux9Zjb19/bfj49Xd+/Dotb5Ltr61HRW9E7IrOhnNoy20pRWn2uazx3FIKvwZsrgkX2tOfxdUrDA1L79r0cnWU239PtJVjFT3x6oerWjigpZIkSbpyW2c+y6aSWoVC5YAkuZIA94FCLC39nVYVBFhh1Q/6W9PpSHVyOD8Ovr/dPBLlEVBa79vZq7KnvTyCLfVWxkYdLcr/kYg4PvXvZ+kr5p2HAABorm+PRFw7Wul3VF+VPcV4rCbdg9naUG9EPBQRWyLi4az/8mhEOe3jEfFEzTGbGlgFKM2J5/s/v3ZngdruatOk/b+Xs7Wt2f2/mZL3tmWxzeX6dxROnBob3ZOdk77o6ErjA/m3nplW++6V3z6tl3+ppv+XvtL8q33BrBx/tc+ZoBsZmhi613pX3bxSPrGXc/XvuLugl/7aGhHblvH+6Tk79cJXO+rtn1X/tJ65+n9S/83bl1GgOZIvIp6vXP+pmHX9K5XvzEL9E2fe6x+/eOmlU7XrkwMHDwzu798QY6N7+qt3Rd5Pv1x9PQvmhhELXP9q02jpQlp6/R+Y9/6fWbnsTUMz67XjS8/j6o1rdcc0y73/OwtvlsPV9dkLQxMT5wciOgtT+e2Dd4+9MNQ9K31a/75d87f/LRF3Ps+O2x4R6U38ZEQ8FRE7s7I/HRHPlFeK6/vh6LPv1htCLl7/1krrP7Kk618vcPjniPl3tZ3+/ptcxh+XcvXviHrXf1851JdtGRma2LBYvRYqaW3gnk8gAAAArAE7y/O0heLubKJpUxSLu3dHbJyZQRmfePHEuffPjlTmc3ujo1id6eqpmQ8dyOaG03h61GBNPN2/tzxvnCRJ0p3G0/H72ObVrTqsexvrtP/Un/lHWoD7zZLW0eo90QasSXPb/42Gj2z+FzKAldWE79EAa5T2D+tXw+2/VU/BAatmvvZ/OeL2KhQFWGHztf+3clsOr0hZgJVl/A/r12Ltv/4X9XwZANY6n/+wLjX0kPwyAluOLZCm0N6aTOsHirHwfwHojahuqfZpFn7DP4oRC2Xa3vD/IGhrak27Z13T4rxpNkQz8oriomkaPwkrHSj+P4pRCXRFxCJ378zNdrkauNTqgpUbwZer+9cJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3v0XAAD//7bT0mo=") r0 = syz_clone(0x1a2400, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_usb_connect$cdc_ecm(0x1, 0x4d, &(0x7f0000000140)={{0x12, 0x1, 0x101, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0xfe, 0x90}}]}}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r2 = syz_open_procfs(r0, &(0x7f0000000100)='pagemap\x00') pread64(r2, 0x0, 0x0, 0x1000000000) 10.534052194s ago: executing program 0 (id=1152): r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x7, 0x8a142) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000100)=0x7) r2 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x4e23, 0x2, @mcast1={0xff, 0x7}, 0x3ff}}, {{0xa, 0x4e21, 0xfffffffd, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001b40), 0x20341, 0x0) ioctl$TIOCSPTLCK(r5, 0x40045431, &(0x7f0000000040)) writev(r5, &(0x7f0000000300)=[{&(0x7f0000000140)="d0db9fa66bba5aee56607af18ee734f37a28c8c8d0897e9a20f1011e00"/43, 0x2b}, {&(0x7f00000004c0)="2704b0a7a74ec383d300"/22, 0x16}], 0x2) r6 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x12) r7 = dup(r6) read$FUSE(r7, &(0x7f0000001b80)={0x2020}, 0x2020) ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000040)=0x4) unshare(0x60000600) r8 = socket$unix(0x1, 0x2, 0x0) bind$unix(r8, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e) socket$unix(0x1, 0x2, 0x0) 8.114024526s ago: executing program 0 (id=1155): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000000)={[{@nojournal_checksum}, {@orlov}, {@i_version}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) connect$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0) prlimit64(r1, 0xe, &(0x7f0000000240)={0xb, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000ac0)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0) ioprio_set$pid(0x1, 0x0, 0x4004) ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f00000000c0)={{{0x1, 0x1}}, 0x0, 0x180000, 0x0}) 7.801367781s ago: executing program 5 (id=1157): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x101001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00000ce000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x8, 0x0, 0x0) r3 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r5, 0xae80, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x30, 0x10, 0x1, 0x865, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1, 0x1b}, {}, {0xe, 0xd}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x80}, @TCA_STAB={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, &(0x7f00000005c0)}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7.799047321s ago: executing program 2 (id=1158): syz_usb_connect(0x0, 0x5b, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002ffa94008191513000001025f0109024900000000000009047f00022513bf000a24010000"], 0x0) syz_emit_ethernet(0xfdef, &(0x7f0000000140)={@random="5b1a033f2511", @remote, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x4578, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x10, 0x0, 0x0, "fdcdae25a7a296872a8a5290e48e30acf8afc7e67d70a62c979cefa10a0028bd", "ae0000000000000000e400", {"35f3c07eeca4a20a9858ac1500", "63081fe8fe001a08ed082ad7121d696f"}}}}}}}, 0x0) syz_open_dev$hidraw(&(0x7f0000000240), 0x8, 0x40100) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/current\x00') preadv(r0, &(0x7f00000003c0)=[{0x0}], 0x1, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0x8, 0x4) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xc70}, 0x1c) sendto$inet6(r1, 0x0, 0x30, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @private0, 0x409}, 0x1c) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)={0xa, 0x4e20, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="280000000000000029000000050000002f02020100000000fe8000000000000000000000000000bb180000000000000029000000360000008900000000000000bdba870330374f8dc5e57d143ed27f5a0b4538646a7d548a8c94d32db3717c49b49e9a6b05956101f4fcc3b9a22516a35b79525bbcd901995e42eb7a7eb6d852c48134e3e63d03609337ec30a336d918f841c9ca3f5aad2c83956c6a"], 0x40}, 0x0) tgkill(r2, 0x0, 0x11) socketpair$unix(0x1, 0x2, 0x0, 0x0) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) close(0x4) 7.689776755s ago: executing program 4 (id=1159): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1833c1, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2042, 0x1) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x1000000000000) 7.570865066s ago: executing program 5 (id=1160): madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xa2ed0000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x80) r5 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f0000001c00), 0x12) r6 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x1c) 5.734372399s ago: executing program 5 (id=1163): syz_open_dev$loop(&(0x7f0000000dc0), 0xe1f, 0x200) socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt(r0, 0xff, 0x1, &(0x7f0000000100)='O', 0x1) syz_emit_ethernet(0x3e, &(0x7f00000007c0)={@link_local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x0, 0x3f18, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty}}}}}}, 0x0) 5.631734994s ago: executing program 5 (id=1164): syz_open_procfs(0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, 0x0, 0x20040850) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x40000dc, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140)) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) openat$tun(0xffffffffffffff9c, 0x0, 0xa2f01, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) 5.107294209s ago: executing program 4 (id=1165): r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x7, 0x8a142) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000100)=0x7) r2 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x4e23, 0x2, @mcast1={0xff, 0x7}, 0x3ff}}, {{0xa, 0x4e21, 0xfffffffd, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001b40), 0x20341, 0x0) ioctl$TIOCSPTLCK(r5, 0x40045431, &(0x7f0000000040)) writev(r5, &(0x7f0000000300)=[{&(0x7f0000000140)="d0db9fa66bba5aee56607af18ee734f37a28c8c8d0897e9a20f1011e00"/43, 0x2b}, {&(0x7f00000004c0)="2704b0a7a74ec383d300"/22, 0x16}], 0x2) r6 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x12) r7 = dup(r6) read$FUSE(r7, &(0x7f0000001b80)={0x2020}, 0x2020) ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000040)=0x4) unshare(0x60000600) r8 = socket$unix(0x1, 0x2, 0x0) bind$unix(r8, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e) socket$unix(0x1, 0x2, 0x0) 5.103349508s ago: executing program 3 (id=1166): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000075000000180100"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_extract_tcp_res$synack(0x0, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xe, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x20}}, {0x2, 0x4e23, @rand_addr=0x64010102}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000}) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) preadv(r5, &(0x7f0000000600)=[{&(0x7f0000000280)=""/215, 0xd7}], 0x1, 0x1006c, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x48) socketpair$unix(0x1, 0x1, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r6}, &(0x7f0000000500), &(0x7f0000000540)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) 4.981098758s ago: executing program 33 (id=1165): r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x7, 0x8a142) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000100)=0x7) r2 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x4e23, 0x2, @mcast1={0xff, 0x7}, 0x3ff}}, {{0xa, 0x4e21, 0xfffffffd, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001b40), 0x20341, 0x0) ioctl$TIOCSPTLCK(r5, 0x40045431, &(0x7f0000000040)) writev(r5, &(0x7f0000000300)=[{&(0x7f0000000140)="d0db9fa66bba5aee56607af18ee734f37a28c8c8d0897e9a20f1011e00"/43, 0x2b}, {&(0x7f00000004c0)="2704b0a7a74ec383d300"/22, 0x16}], 0x2) r6 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x12) r7 = dup(r6) read$FUSE(r7, &(0x7f0000001b80)={0x2020}, 0x2020) ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000040)=0x4) unshare(0x60000600) r8 = socket$unix(0x1, 0x2, 0x0) bind$unix(r8, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e) socket$unix(0x1, 0x2, 0x0) 4.549103295s ago: executing program 2 (id=1168): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x480, @broadcast}}) 4.327320862s ago: executing program 2 (id=1169): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000300)={[{@grpquota}, {@quota}, {@quota}, {}, {@dioread_lock}]}, 0xff, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") setresuid(0xee01, 0xee01, 0x0) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) 4.300681466s ago: executing program 3 (id=1170): r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x265}, 0x8) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x2, 0x6, 0x0, @private=0xa210104, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0x8}}}}}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50) r4 = socket(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e22, 0x13, @local, 0x2}, 0x1c) listen(r4, 0x7f) syz_emit_ethernet(0x4e, &(0x7f0000000040)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @mcast1, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0xff6f}}}}}}}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x82, 0xfffffffffffffffe, &(0x7f00000000c0)=0x95) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[@ANYBLOB="211d000000000000"], 0xf0) listen(r0, 0xd9) sendto$inet6(r0, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c) 4.162140503s ago: executing program 0 (id=1171): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(r1, 0x0, 0x20004804) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r7) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r8, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4) 3.358353012s ago: executing program 3 (id=1172): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f00000000c0)={0x0, 0x0}) ioctl$KVM_RUN(r3, 0xae80, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_emit_ethernet(0x2a, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r5, 0xf) 3.329154574s ago: executing program 2 (id=1173): madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xa2ed0000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x80) r5 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f0000001c00), 0x12) r6 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x1c) 3.110154712s ago: executing program 0 (id=1174): syz_emit_ethernet(0x3e, &(0x7f00000007c0)={@link_local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x0, 0x3f18, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty}}}}}}, 0x0) 2.937891991s ago: executing program 0 (id=1175): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x6c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x3, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x30, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x6c}}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$pptp(0x18, 0x1, 0x2) keyctl$set_reqkey_keyring(0xe, 0x2) request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)='q\xa9', 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file3\x00', 0x56f000, 0x1a1) ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000000)={0xd3f0, 0x2000, 0x8, 0xadeb}) renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x4) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001340)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc040) r5 = socket(0x10, 0x80000000000802, 0x0) sendmsg(r5, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) 2.910308455s ago: executing program 3 (id=1176): r0 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'veth1_to_bridge\x00', 0x0}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', r4, 0x0, 0x0, 0x0, 0x4}, 0x50) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r5, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000000)={0x44, r6, 0x1, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x10004000) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x501, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x6001}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PMTUDISC={0x5, 0xa, 0x1}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}}]}, 0x44}}, 0x40848c0) 2.106757303s ago: executing program 2 (id=1177): r0 = socket$netlink(0x10, 0x3, 0xa) r1 = dup(r0) r2 = open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x5c) ftruncate(r2, 0x200004) sendfile(r1, r2, 0x0, 0x80001d00c0d1) read$FUSE(0xffffffffffffffff, 0x0, 0x0) read$FUSE(r1, &(0x7f00000014c0)={0x2020}, 0x2020) 1.664153477s ago: executing program 5 (id=1178): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==") r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x68) fallocate(r0, 0x0, 0x0, 0x1001ed) fallocate(0xffffffffffffffff, 0x77, 0x3, 0x10000) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffff9c, 0x0, 0x400, 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) open(&(0x7f0000000100)='.\x00', 0x591002, 0x50f) 1.266006872s ago: executing program 3 (id=1179): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c25"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_extract_tcp_res$synack(0x0, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xe, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x20}}, {0x2, 0x4e23, @rand_addr=0x64010102}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000}) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) preadv(r5, &(0x7f0000000600)=[{&(0x7f0000000280)=""/215, 0xd7}], 0x1, 0x1006c, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x48) socketpair$unix(0x1, 0x1, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r6}, &(0x7f0000000500), &(0x7f0000000540)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) 1.072199676s ago: executing program 2 (id=1180): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000000)={[{@nojournal_checksum}, {@orlov}, {@i_version}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) connect$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0) prlimit64(r1, 0xe, &(0x7f0000000240)={0xb, 0x8b}, 0x0) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000ac0)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0) ioprio_set$pid(0x1, r2, 0x4004) ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f00000000c0)={{{0x1, 0x1}}, 0x0, 0x180000, 0x0}) 110.074336ms ago: executing program 0 (id=1181): r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x265}, 0x8) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x2, 0x6, 0x0, @private=0xa210104, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0x8}}}}}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50) r4 = socket(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e22, 0x13, @local, 0x2}, 0x1c) listen(r4, 0x7f) syz_emit_ethernet(0x4e, &(0x7f0000000040)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @mcast1, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0xff6f}}}}}}}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x82, 0xfffffffffffffffe, &(0x7f00000000c0)=0x95) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[@ANYBLOB="211d000000000000"], 0xf0) listen(r0, 0xd9) sendto$inet6(r0, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c) 43.46711ms ago: executing program 3 (id=1182): open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x800718, &(0x7f00000003c0)={[{@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x60}}, {@nobh}, {@resgid}, {@resuid}, {@nombcache}, {@noblock_validity}, {@usrquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}]}, 0x2, 0x4a3, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nz2M3n79v1orRotQlBMmrRqF24UBZGKgi7qMk6mJXTaSBPBfmCjiCtBCroWl6J/gbgRQdSV4Epw5UoKRbNp6ypyZ+5NMpNM2iSTTO38fjCZc+aemXueOffce+45kwA61lD2J4nYHRG/RsRALVtfYKj2dHP+cunW/OVSEgsLr/6RVMvdmL9cKooW79uVZ4bTiPT9JN9JvZkLF89MVCrl83l+dPZsX56cOF0+XT43fvz4saNjTz05/kRL4sziunHwnelDB154/epLpZNX3/jhy6y+u/Pty+NYp19Gm2wYygL/c6GqcdsjG9zZ3WrPsnTS3caKsC5dEZE1V0+1/w9EVyw13kA8/15bKwdsqeza1Nd889wCcA9Lot01ANqjuNDvnO8qZffAK++DB7Zy+NF215+p3QBlcd/MH7Ut3ZHmZXoa7m9baSgiTs799Wn2iM3NQwAA3JEPS5+c6I2IS7e+eDEbeyyN9tLu/1aff6v+3ZuPBAcj4l8RsS8i/h0R+yPiPxGRlf1fRPx/k/VZOf5Jr23yI9eUjf+ezte26sd/xegvBrvy3J5q/D3JqalK+Uj+nQxHT1+WH1tjH9889/NHzbYtH/9lj2z/xVgwr8e17oYJusmJ2YnqoLQFrr8bcbA7SVbGnyyuBCQRcSAiDq7vo/cWialHPz/UrNDt419DC9aZFj7LwpvL2n8uGuIvJLX1yTdHZy5cfHzqbOP65Gh/VMpHRoujYqUff/rglWb7r8Xfn+dWj3/H5sNs6nq59rys/ZdtXewDS+u1M63d/waP/7Q3ea26ztybv/b2xOzs+bGI3uRENV/3+vjSe4t8UT47/ocPr97/9+Xvydr/vojIDuL7I+KBiHgwr/tDEfFwRBxeI8bvn719/JFu4PhvgSz+yVXPf4vH/2BS1/7rT3Sd+e6rZvu/s/Y/Vk0N569Uz38Nkob8atXpjuhrrOBmvz8AAAD4J0irv4FP0pHFdJqOjNR+w78/dqaV6ZnZx05Nv3VusvZb+cHoSYuZroF8PrQyVSmPJXP5J9bmR8fzueJivvRoPm/8cdeOan6kNF2ZbHPs0Ol2Nen/md+72l07YIvVLy8VC8DjvW2pDLDNGtfR0/rslZfDyQDuVf5fGzrXbfp/ul31ALaf6z90rtX6/5WGvLUAuDe5/kPn0v+hQ6Xfrvry19teEaAdXP+hI23m//q3MNF/d1SjPYntbpRYV+EoEmnbv6hWJfrjrqjGxhOX8t7cyk9u84kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgRf4OAAD//+Nr2uw=") 0s ago: executing program 5 (id=1183): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r7) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r8, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4) kernel console output (not intermixed with test programs): system using the ext4 subsystem [ 200.035173][ T5914] EXT4-fs error (device loop0): ext4_iget_extra_inode:4566: inode #15: comm syz.0.451: corrupted in-inode xattr [ 200.060764][ T5914] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.451: couldn't read orphan inode 15 (err -117) [ 200.112343][ T5914] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000002,grpid,bh,grpid,noauto_da_alloc,max_dir_size_kb=0x0000000000000005,init_itable=0x0000000000000009,init_itable,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none. [ 200.996813][ T7] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 201.107888][ T5929] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.451: Unrecognised inode hash code 4 [ 201.120760][ T5929] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.451: Corrupt directory, running e2fsck is recommended [ 201.140127][ T5929] EXT4-fs warning (device loop0): dx_probe:833: inode #2: comm syz.0.451: Unrecognised inode hash code 4 [ 201.152713][ T5929] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.451: Corrupt directory, running e2fsck is recommended [ 202.166694][ T7] usb 2-1: unable to get BOS descriptor or descriptor too short [ 202.296614][ T7] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 202.313280][ T7] usb 2-1: can't read configurations, error -71 [ 202.529853][ T5945] ODEBUG: Out of memory. ODEBUG disabled [ 203.564126][ T5955] netlink: 28 bytes leftover after parsing attributes in process `syz.0.464'. [ 203.629722][ T5959] device syzkaller0 entered promiscuous mode [ 203.702899][ T5965] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 203.814979][ T5966] tipc: Started in network mode [ 203.822508][ T5966] tipc: Node identity 4, cluster identity 4711 [ 203.832668][ T5966] tipc: Node number set to 4 [ 204.910021][ T5982] loop0: detected capacity change from 0 to 512 [ 204.965241][ T5982] EXT4-fs (loop0): Ignoring removed orlov option [ 205.058218][ T5982] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 205.133702][ T5982] ext4 filesystem being mounted at /104/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 205.276589][ T7] usb 2-1: new full-speed USB device number 14 using dummy_hcd [ 205.526219][ T5996] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.473: iget: bad i_size value: 2533274857506816 [ 206.381882][ T6002] loop3: detected capacity change from 0 to 512 [ 206.446542][ T7] usb 2-1: unable to get BOS descriptor or descriptor too short [ 206.576576][ T7] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 206.607064][ T7] usb 2-1: can't read configurations, error -71 [ 206.671101][ T6002] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 206.711316][ T6002] ext4 filesystem being mounted at /103/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 207.783154][ T6015] device syzkaller0 entered promiscuous mode [ 208.124755][ T6023] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 208.153311][ T6023] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 208.412076][ T6038] loop2: detected capacity change from 0 to 512 [ 208.676148][ T6038] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 1024: comm syz.2.491: invalid block [ 209.806561][ T6038] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.491: invalid indirect mapped block 1024 (level 0) [ 209.913732][ T6038] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.491: bg 0: block 35: padding at end of block bitmap is not set [ 210.009464][ T6038] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 210.067822][ T6038] EXT4-fs (loop2): 1 truncate cleaned up [ 210.075190][ T6038] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 210.111553][ T6053] device syzkaller0 entered promiscuous mode [ 210.283573][ T6058] loop0: detected capacity change from 0 to 4096 [ 210.378540][ T6058] EXT4-fs (loop0): inline encryption not supported [ 210.385387][ T6058] EXT4-fs (loop0): Test dummy encryption mode enabled [ 210.471658][ T6064] netlink: 'syz.3.500': attribute type 12 has an invalid length. [ 210.497959][ T6058] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 210.511192][ T6058] System zones: 0-5 [ 210.516596][ T6064] netlink: 'syz.3.500': attribute type 29 has an invalid length. [ 210.527593][ T6064] netlink: 148 bytes leftover after parsing attributes in process `syz.3.500'. [ 210.614417][ T6058] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,delalloc,inlinecrypt,test_dummy_encryption,errors=continue,errors=continue,delalloc,barrier,,errors=continue. Quota mode: writeback. [ 210.676573][ T6064] netlink: 'syz.3.500': attribute type 3 has an invalid length. [ 211.667194][ T6078] loop3: detected capacity change from 0 to 512 [ 211.792831][ T6078] EXT4-fs (loop3): Ignoring removed bh option [ 211.837320][ T6081] loop4: detected capacity change from 0 to 512 [ 211.949041][ T6087] netlink: 4 bytes leftover after parsing attributes in process `syz.1.504'. [ 211.969669][ T6087] netlink: 24 bytes leftover after parsing attributes in process `syz.1.504'. [ 212.054099][ T6081] EXT4-fs (loop4): Ignoring removed bh option [ 212.096887][ T6081] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 212.144633][ T6078] EXT4-fs (loop3): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 212.351632][ T6078] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 212.557425][ T6081] EXT4-fs error (device loop4): ext4_iget_extra_inode:4566: inode #15: comm syz.4.506: corrupted in-inode xattr [ 212.647402][ T6081] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.506: couldn't read orphan inode 15 (err -117) [ 212.726982][ T6081] EXT4-fs (loop4): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000002,grpid,bh,grpid,noauto_da_alloc,max_dir_size_kb=0x0000000000000005,init_itable=0x0000000000000009,init_itable,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none. [ 213.091197][ T6104] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 213.114984][ T6104] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 213.167846][ T2304] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 213.586568][ T2304] usb 2-1: Using ep0 maxpacket: 32 [ 213.728378][ T2304] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 213.747249][ T2304] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 214.076881][ T2304] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 214.086096][ T2304] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.354898][ T2304] usb 2-1: Product: syz [ 214.374781][ T2304] usb 2-1: Manufacturer: syz [ 214.402353][ T2304] usb 2-1: SerialNumber: syz [ 214.437174][ T2304] usb 2-1: config 0 descriptor?? [ 214.644453][ T6109] loop0: detected capacity change from 0 to 40427 [ 214.734707][ T1111] usb 2-1: USB disconnect, device number 16 [ 214.758303][ T6126] loop4: detected capacity change from 0 to 1024 [ 215.340805][ T6109] F2FS-fs (loop0): Found nat_bits in checkpoint [ 215.777601][ T6109] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 215.841622][ T6129] attempt to access beyond end of device [ 215.841622][ T6129] loop0: rw=2049, want=45104, limit=40427 [ 216.106725][ T6143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.520'. [ 216.126346][ T6143] netlink: 24 bytes leftover after parsing attributes in process `syz.2.520'. [ 216.768601][ T6145] loop3: detected capacity change from 0 to 1024 [ 216.902819][ T6145] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 216.965724][ T6145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.522'. [ 216.974672][ T6145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.522'. [ 219.271050][ T6148] loop4: detected capacity change from 0 to 40427 [ 219.329260][ T6148] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 219.361192][ T6148] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 219.450017][ T6148] F2FS-fs (loop4): invalid crc value [ 219.515020][ T6171] process 'syz.0.530' launched './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' with NULL argv: empty string added [ 219.555525][ T6148] F2FS-fs (loop4): Found nat_bits in checkpoint [ 219.689035][ T6148] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 219.706515][ T6148] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 220.588451][ T6199] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 223.177102][ T6219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.539'. [ 223.186038][ T6219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.539'. [ 224.454666][ T6230] loop3: detected capacity change from 0 to 4096 [ 224.543782][ T6230] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 226.633994][ T26] audit: type=1326 audit(1772268422.240:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.3.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340e0e7799 code=0x7ffc0000 [ 226.795412][ T26] audit: type=1326 audit(1772268422.240:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.3.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340e0e7799 code=0x7ffc0000 [ 226.915674][ T26] audit: type=1326 audit(1772268422.270:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.3.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f340e0e7799 code=0x7ffc0000 [ 226.983218][ T26] audit: type=1326 audit(1772268422.270:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.3.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340e0e7799 code=0x7ffc0000 [ 227.005979][ T26] audit: type=1326 audit(1772268422.270:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.3.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340e0e7799 code=0x7ffc0000 [ 227.056463][ T26] audit: type=1326 audit(1772268422.310:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.3.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f340e0e7799 code=0x7ffc0000 [ 227.779733][ T26] audit: type=1326 audit(1772268422.310:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.3.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340e0e7799 code=0x7ffc0000 [ 227.928259][ T26] audit: type=1326 audit(1772268422.310:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.3.552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340e0e7799 code=0x7ffc0000 [ 227.995279][ T6277] loop2: detected capacity change from 0 to 1024 [ 228.085336][ T6277] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 228.142225][ T6277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.555'. [ 228.151129][ T6277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.555'. [ 228.503677][ T1111] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 228.776608][ T1111] usb 2-1: Using ep0 maxpacket: 8 [ 229.101945][ T6269] loop3: detected capacity change from 0 to 40427 [ 229.150000][ T6269] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 229.166551][ T1111] usb 2-1: unable to get BOS descriptor or descriptor too short [ 229.179966][ T6269] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 229.264134][ T6269] F2FS-fs (loop3): invalid crc value [ 229.349958][ T6269] F2FS-fs (loop3): Found nat_bits in checkpoint [ 229.386565][ T1111] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 229.394363][ T1111] usb 2-1: can't read configurations, error -71 [ 229.545159][ T6269] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 229.572898][ T6269] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 233.307191][ T6345] binder: BINDER_SET_CONTEXT_MGR already set [ 233.313627][ T6345] binder: 6344:6345 ioctl 4018620d 200000004a80 returned -16 [ 235.308518][ T7] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 235.351335][ T6373] loop2: detected capacity change from 0 to 512 [ 235.503577][ T6373] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ec01c, mo2=0003] [ 235.598831][ T6373] System zones: 1-2, 4-12, 8-8 [ 235.841496][ T6373] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.581: iget: bad i_size value: 38620345925642 [ 236.064887][ T6373] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.581: couldn't read orphan inode 15 (err -117) [ 236.446948][ T7] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 236.457273][ T6373] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,delalloc,data_err=ignore,debug,usrjquota=,bsdgroups,,errors=continue. Quota mode: writeback. [ 236.492319][ T7] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 236.606583][ T6380] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 236.716717][ T7] usb 2-1: New USB device found, idVendor=0b49, idProduct=064f, bcdDevice=d4.fd [ 236.735990][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.767534][ T7] usb 2-1: Product: syz [ 236.788096][ T7] usb 2-1: Manufacturer: syz [ 236.792759][ T7] usb 2-1: SerialNumber: syz [ 236.849777][ T7] usb 2-1: config 0 descriptor?? [ 238.137604][ T6392] loop3: detected capacity change from 0 to 40427 [ 238.216103][ T6392] F2FS-fs (loop3): invalid crc value [ 238.276556][ T6392] F2FS-fs (loop3): Found nat_bits in checkpoint [ 238.463707][ T2304] usb 2-1: USB disconnect, device number 19 [ 238.522978][ T6392] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 238.976456][ T2304] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 239.391900][ T2304] usb 2-1: Using ep0 maxpacket: 32 [ 239.421685][ T6411] loop4: detected capacity change from 0 to 256 [ 239.485042][ T6411] FAT-fs (loop4): Directory bread(block 64) failed [ 239.517810][ T6411] FAT-fs (loop4): Directory bread(block 65) failed [ 239.534643][ T6411] FAT-fs (loop4): Directory bread(block 66) failed [ 239.541508][ T2304] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 239.561942][ T2304] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 239.581568][ T6411] FAT-fs (loop4): Directory bread(block 67) failed [ 239.591740][ T6411] FAT-fs (loop4): Directory bread(block 68) failed [ 239.608758][ T6411] FAT-fs (loop4): Directory bread(block 69) failed [ 239.615420][ T6411] FAT-fs (loop4): Directory bread(block 70) failed [ 239.642839][ T6411] FAT-fs (loop4): Directory bread(block 71) failed [ 239.666237][ T6411] FAT-fs (loop4): Directory bread(block 72) failed [ 239.693559][ T6411] FAT-fs (loop4): Directory bread(block 73) failed [ 239.764004][ T6408] loop3: detected capacity change from 0 to 40427 [ 239.771029][ T2304] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 239.780437][ T2304] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.806449][ T2304] usb 2-1: Product: syz [ 239.814199][ T2304] usb 2-1: Manufacturer: syz [ 239.825612][ T6408] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 239.848504][ T2304] usb 2-1: SerialNumber: syz [ 239.856746][ T6408] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 239.934244][ T6408] F2FS-fs (loop3): invalid crc value [ 239.943625][ T6411] attempt to access beyond end of device [ 239.943625][ T6411] loop4: rw=2051, want=1256, limit=256 [ 240.125374][ T2304] usb 2-1: config 0 descriptor?? [ 240.149664][ T6408] F2FS-fs (loop3): Found nat_bits in checkpoint [ 241.043369][ T6408] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 241.076884][ T6408] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 241.181902][ T2304] usb 5-1: new full-speed USB device number 14 using dummy_hcd [ 241.366475][ T4230] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 241.621844][ T4230] usb 3-1: Using ep0 maxpacket: 32 [ 241.632279][ T5373] usb 2-1: USB disconnect, device number 20 [ 241.656648][ T2304] usb 5-1: unable to get BOS descriptor or descriptor too short [ 241.746677][ T4230] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 241.760952][ T4230] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 241.772000][ T4230] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 241.787773][ T4230] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.796554][ T2304] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 241.804541][ T2304] usb 5-1: can't read configurations, error -71 [ 241.837119][ T4230] usb 3-1: config 0 descriptor?? [ 241.887745][ T4230] hub 3-1:0.0: USB hub found [ 242.106660][ T4230] hub 3-1:0.0: 1 port detected [ 242.902630][ T26] audit: type=1326 audit(1772268438.340:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6440 comm="syz.0.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 243.056433][ T26] audit: type=1326 audit(1772268438.340:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6440 comm="syz.0.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 243.488518][ T7] hub 3-1:0.0: activate --> -90 [ 243.677629][ T6466] netlink: 8 bytes leftover after parsing attributes in process `syz.1.604'. [ 243.686613][ T6466] netlink: 8 bytes leftover after parsing attributes in process `syz.1.604'. [ 243.909016][ T4230] usb 3-1: USB disconnect, device number 17 [ 243.926645][ T7] usb 3-1-port1: cannot reset (err = -71) [ 243.934886][ T7] usb 3-1-port1: attempt power cycle [ 244.796023][ T6471] netlink: 4 bytes leftover after parsing attributes in process `syz.3.603'. [ 244.806792][ T6471] netlink: 24 bytes leftover after parsing attributes in process `syz.3.603'. [ 246.336494][ T4230] usb 5-1: new full-speed USB device number 16 using dummy_hcd [ 247.338738][ T6482] loop0: detected capacity change from 0 to 40427 [ 247.354099][ T6482] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 247.362010][ T6482] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 247.449374][ T6482] F2FS-fs (loop0): invalid crc value [ 247.515693][ T6482] F2FS-fs (loop0): Found nat_bits in checkpoint [ 247.546566][ T4230] usb 5-1: unable to get BOS descriptor or descriptor too short [ 247.766812][ T26] audit: type=1326 audit(1772268443.270:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 248.091521][ T6482] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 248.282722][ T26] audit: type=1326 audit(1772268443.270:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 248.326548][ T6482] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 248.366969][ T4230] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 248.374650][ T4230] usb 5-1: can't read configurations, error -71 [ 248.384771][ T26] audit: type=1326 audit(1772268443.270:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 248.542923][ T26] audit: type=1326 audit(1772268443.280:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 248.614256][ T26] audit: type=1326 audit(1772268443.280:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 248.647380][ T26] audit: type=1326 audit(1772268443.280:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 248.815238][ T26] audit: type=1326 audit(1772268443.280:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 248.871564][ T26] audit: type=1326 audit(1772268443.280:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 248.913315][ T26] audit: type=1326 audit(1772268443.280:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 249.074068][ T26] audit: type=1326 audit(1772268443.280:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 249.223118][ T6517] netlink: 28 bytes leftover after parsing attributes in process `syz.1.616'. [ 249.243035][ T26] audit: type=1326 audit(1772268443.280:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6494 comm="syz.1.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa8799799 code=0x7ffc0000 [ 249.394578][ T6522] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 249.510419][ T6516] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 249.776475][ T4230] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 250.010718][ T6533] loop3: detected capacity change from 0 to 512 [ 250.101646][ T6533] EXT4-fs (loop3): Ignoring removed orlov option [ 250.182022][ T6533] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 250.205556][ T6533] ext4 filesystem being mounted at /130/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 250.216626][ T4230] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 250.774986][ T4230] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 251.024963][ T6542] usb usb8: usbfs: process 6542 (syz.3.621) did not claim interface 0 before use [ 251.226821][ T6539] usb usb8: usbfs: process 6539 (syz.1.622) did not claim interface 0 before use [ 251.936635][ T23] usb 3-1: new full-speed USB device number 22 using dummy_hcd [ 252.107186][ T4230] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 252.285058][ T4230] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.293432][ T4230] usb 5-1: Product: syz [ 252.297631][ T4230] usb 5-1: Manufacturer: syz [ 252.302239][ T4230] usb 5-1: SerialNumber: syz [ 252.446761][ T4230] usb 5-1: can't set config #1, error -71 [ 252.560846][ T23] usb 3-1: unable to get BOS descriptor or descriptor too short [ 252.826946][ T23] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 252.868613][ T23] usb 3-1: can't read configurations, error -71 [ 253.044998][ T4230] usb 5-1: USB disconnect, device number 18 [ 253.455569][ T6578] tipc: Started in network mode [ 253.494355][ T6578] tipc: Node identity e6f3d028b19f, cluster identity 4711 [ 253.525783][ T6578] tipc: Enabled bearer , priority 0 [ 253.560942][ T6580] tipc: Enabling of bearer rejected, already enabled [ 253.683730][ T6578] loop2: detected capacity change from 0 to 512 [ 253.694053][ T6582] device syzkaller0 entered promiscuous mode [ 253.729904][ T6582] 0: reclassify loop, rule prio 0, protocol 800 [ 253.826494][ T6578] loop2: detected capacity change from 0 to 1024 [ 253.847576][ T6578] EXT4-fs (loop2): Ignoring removed orlov option [ 253.967711][ T6578] EXT4-fs (loop2): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 254.152670][ T6577] tipc: Disabling bearer [ 254.281403][ T6563] loop4: detected capacity change from 0 to 40427 [ 254.299651][ T6594] loop0: detected capacity change from 0 to 512 [ 254.346689][ T6594] EXT4-fs (loop0): Ignoring removed orlov option [ 254.427872][ T6563] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 254.435644][ T6563] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 254.453780][ T6594] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 254.556233][ T6563] F2FS-fs (loop4): invalid crc value [ 254.566692][ T6594] ext4 filesystem being mounted at /142/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 254.585090][ T6598] loop2: detected capacity change from 0 to 512 [ 254.620210][ T6563] F2FS-fs (loop4): Found nat_bits in checkpoint [ 254.786547][ T6598] EXT4-fs (loop2): Ignoring removed orlov option [ 254.865091][ T6563] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 254.880378][ T6563] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 254.888321][ T6603] usb usb8: usbfs: process 6603 (syz.0.635) did not claim interface 0 before use [ 254.917870][ T6598] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 254.933527][ T6598] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 255.349157][ T6607] usb usb8: usbfs: process 6607 (syz.2.636) did not claim interface 0 before use [ 255.534987][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.541482][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.825315][ T6610] Illegal XDP return value 4294967274, expect packet loss! [ 256.306695][ T26] kauditd_printk_skb: 29 callbacks suppressed [ 256.306887][ T26] audit: type=1326 audit(1772268451.890:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.026601][ T26] audit: type=1326 audit(1772268451.890:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.097748][ T6624] loop0: detected capacity change from 0 to 1024 [ 257.144041][ T26] audit: type=1326 audit(1772268451.890:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.174463][ T26] audit: type=1326 audit(1772268451.890:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.233433][ T26] audit: type=1326 audit(1772268451.890:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.259312][ T26] audit: type=1326 audit(1772268451.900:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.282196][ T26] audit: type=1326 audit(1772268451.900:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.304834][ T26] audit: type=1326 audit(1772268451.900:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.327678][ T26] audit: type=1326 audit(1772268451.900:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.350931][ T26] audit: type=1326 audit(1772268451.900:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.0.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892bffd799 code=0x7ffc0000 [ 257.414897][ T6624] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.642: bad orphan inode 65536 [ 257.445805][ T6624] EXT4-fs (loop0): mounted filesystem without journal. Opts: barrier,i_version,nodioread_nolock,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none. [ 257.496671][ T6624] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.676675][ T6632] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 257.958456][ T6638] device syzkaller0 entered promiscuous mode [ 258.024576][ T6638] 0: reclassify loop, rule prio 0, protocol 800 [ 258.582689][ T6627] netlink: 4 bytes leftover after parsing attributes in process `syz.1.643'. [ 258.766599][ T7] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 258.852700][ T6652] loop2: detected capacity change from 0 to 512 [ 258.889658][ T6652] EXT4-fs (loop2): Ignoring removed orlov option [ 259.003644][ T6652] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 259.023612][ T6652] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 259.176616][ T7] usb 4-1: unable to get BOS descriptor or descriptor too short [ 259.257226][ T6662] usb usb8: usbfs: process 6662 (syz.1.649) did not claim interface 0 before use [ 259.986656][ T7] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 260.001980][ T7] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 260.015873][ T7] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 260.039374][ T7] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 260.088176][ T6666] loop4: detected capacity change from 0 to 512 [ 260.194488][ T6666] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 260.226670][ T7] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 260.235746][ T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.297129][ T6666] ext4 filesystem being mounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 260.424495][ T6659] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz.2.648: iget: bad i_size value: 2533274857506816 [ 260.669998][ T6666] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback. [ 260.903393][ T6661] loop0: detected capacity change from 0 to 40427 [ 260.922091][ T7] usb 4-1: Product: syz [ 260.926324][ T7] usb 4-1: Manufacturer: syz [ 260.931427][ T7] usb 4-1: SerialNumber: syz [ 260.985880][ T6661] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 261.016526][ T6661] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 261.063843][ T6661] F2FS-fs (loop0): invalid crc value [ 261.108362][ T6661] F2FS-fs (loop0): Found nat_bits in checkpoint [ 261.336506][ T7] usb 4-1: 0:2 : does not exist [ 261.361181][ T6661] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 261.393113][ T6661] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 261.975219][ T7] usb 4-1: USB disconnect, device number 12 [ 262.536329][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 263.059347][ T6714] loop3: detected capacity change from 0 to 512 [ 263.099750][ T6714] EXT4-fs (loop3): Ignoring removed orlov option [ 263.238014][ T6721] capability: warning: `syz.4.666' uses deprecated v2 capabilities in a way that may be insecure [ 263.314524][ T6714] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 263.339297][ T6727] netlink: 76 bytes leftover after parsing attributes in process `syz.1.665'. [ 263.358711][ T6714] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 263.591023][ T6734] loop0: detected capacity change from 0 to 512 [ 263.850476][ T6735] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.664: iget: bad i_size value: 2533274857506816 [ 264.202887][ T6734] EXT4-fs (loop0): Ignoring removed orlov option [ 265.072530][ T6734] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 265.146541][ T6734] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 265.246570][ T7] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 265.646836][ T7] usb 2-1: unable to get BOS descriptor or descriptor too short [ 265.736550][ T7] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 265.766176][ T7] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 265.792405][ T7] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 265.821251][ T7] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 266.676695][ T7] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 266.706176][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.723144][ T7] usb 2-1: Product: syz [ 266.727599][ T7] usb 2-1: Manufacturer: syz [ 266.732211][ T7] usb 2-1: SerialNumber: syz [ 266.863094][ T6752] loop3: detected capacity change from 0 to 40427 [ 268.013131][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 268.049360][ T26] audit: type=1326 audit(1772268463.610:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 268.441996][ T26] audit: type=1326 audit(1772268463.610:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 268.504958][ T6777] netlink: 'syz.4.678': attribute type 4 has an invalid length. [ 268.515072][ T7] usb 2-1: 0:2 : does not exist [ 268.535853][ T7] usb 2-1: USB disconnect, device number 21 [ 268.550078][ T26] audit: type=1326 audit(1772268463.610:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 268.629200][ T26] audit: type=1326 audit(1772268463.610:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 268.654545][ T26] audit: type=1326 audit(1772268463.620:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 268.823741][ T4179] udevd[4179]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 268.847241][ T26] audit: type=1326 audit(1772268463.620:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 269.071899][ T26] audit: type=1326 audit(1772268463.620:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 269.094383][ T26] audit: type=1326 audit(1772268463.620:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 269.119507][ T26] audit: type=1326 audit(1772268463.620:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 269.195922][ T26] audit: type=1326 audit(1772268463.620:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6764 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 269.243256][ T6790] usb usb8: usbfs: process 6790 (syz.3.681) did not claim interface 0 before use [ 270.157280][ T6810] usb usb8: usbfs: process 6810 (syz.1.684) did not claim interface 0 before use [ 270.435273][ T4206] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 270.755580][ T4232] usb 4-1: new full-speed USB device number 13 using dummy_hcd [ 270.806729][ T4206] usb 3-1: Using ep0 maxpacket: 8 [ 271.049446][ T4206] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 271.059654][ T4206] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 271.069081][ T4206] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 271.081109][ T4206] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 271.140552][ T6817] loop0: detected capacity change from 0 to 40427 [ 271.168893][ T6817] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 271.193716][ T6817] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 271.202615][ T4232] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 271.223918][ T4232] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 271.248772][ T4206] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 271.268854][ T6817] F2FS-fs (loop0): invalid crc value [ 271.276197][ T4206] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.290006][ T4232] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.312237][ T4206] usb 3-1: Product: syz [ 271.317481][ T1111] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 271.336086][ T4232] usb 4-1: config 0 descriptor?? [ 271.341386][ T4206] usb 3-1: Manufacturer: syz [ 271.346020][ T4206] usb 3-1: SerialNumber: syz [ 271.349790][ T6817] F2FS-fs (loop0): Found nat_bits in checkpoint [ 271.592624][ T6817] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 271.620568][ T6817] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 271.817387][ T1111] usb 2-1: unable to get BOS descriptor or descriptor too short [ 272.074463][ T1111] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 272.178083][ T4232] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 272.272326][ T1111] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 272.281438][ T1111] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 272.293485][ T1111] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 272.336552][ T4206] usb 3-1: 0:2 : does not exist [ 272.347053][ T4206] usb 3-1: USB disconnect, device number 24 [ 272.557351][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 272.622385][ T1111] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 272.631756][ T1111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.639845][ T1111] usb 2-1: Product: syz [ 272.644022][ T1111] usb 2-1: Manufacturer: syz [ 272.648664][ T1111] usb 2-1: SerialNumber: syz [ 272.948994][ T6815] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 273.224058][ T4390] usb 4-1: USB disconnect, device number 13 [ 273.286687][ T1111] usb 2-1: 0:2 : does not exist [ 273.344657][ T1111] usb 2-1: USB disconnect, device number 22 [ 273.394238][ T6850] loop3: detected capacity change from 0 to 512 [ 273.441253][ T6852] loop0: detected capacity change from 0 to 512 [ 273.482739][ T6850] EXT4-fs (loop3): Ignoring removed orlov option [ 273.541781][ T6852] EXT4-fs (loop0): Ignoring removed orlov option [ 273.596550][ T6850] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 273.617421][ T6850] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 273.618799][ T6852] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 273.655597][ T6852] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 273.677323][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 274.023105][ T6873] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.699: iget: bad i_size value: 2533274857506816 [ 274.747836][ T6878] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.697: iget: bad i_size value: 2533274857506816 [ 275.341619][ T26] kauditd_printk_skb: 30 callbacks suppressed [ 275.341652][ T26] audit: type=1326 audit(1772268470.920:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 276.006437][ T26] audit: type=1326 audit(1772268470.920:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 276.030352][ T26] audit: type=1326 audit(1772268470.930:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 276.052828][ T26] audit: type=1326 audit(1772268470.930:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 276.114791][ T6890] loop2: detected capacity change from 0 to 128 [ 276.139005][ T26] audit: type=1326 audit(1772268470.930:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 276.393621][ T6890] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 276.498404][ T6890] ext4 filesystem being mounted at /135/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 276.593401][ T26] audit: type=1326 audit(1772268470.930:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 276.706313][ T6890] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 276.766994][ T26] audit: type=1326 audit(1772268470.930:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 277.223617][ T26] audit: type=1326 audit(1772268470.930:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 277.496492][ T26] audit: type=1326 audit(1772268470.930:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 277.585039][ T6890] fscrypt (loop2): Missing crypto API support for AES-128-CBC-ESSIV (API name: "essiv(cbc(aes),sha256)") [ 277.594229][ T26] audit: type=1326 audit(1772268470.930:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 277.672691][ T6910] loop3: detected capacity change from 0 to 256 [ 278.365643][ T6888] loop0: detected capacity change from 0 to 40427 [ 278.581287][ T6888] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 278.614089][ T6888] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 278.670620][ T6888] F2FS-fs (loop0): invalid crc value [ 278.746896][ T2304] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 278.980382][ T6888] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-4) [ 279.086783][ T2304] usb 3-1: Using ep0 maxpacket: 32 [ 279.404581][ T2304] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 279.426430][ T2304] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 279.476178][ T6929] loop3: detected capacity change from 0 to 512 [ 279.621276][ T6929] EXT4-fs (loop3): Ignoring removed orlov option [ 279.719190][ T6929] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 279.737451][ T2304] usb 3-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=70.f8 [ 279.767651][ T2304] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.792569][ T6933] usb usb8: usbfs: process 6933 (syz.0.717) did not claim interface 0 before use [ 279.878831][ T2304] usb 3-1: Product: syz [ 279.902446][ T2304] usb 3-1: Manufacturer: syz [ 279.929402][ T6929] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 279.997436][ T2304] usb 3-1: SerialNumber: syz [ 280.348053][ T2304] usb 3-1: config 0 descriptor?? [ 280.595188][ T6929] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.718: iget: bad i_size value: 2533274857506816 [ 280.615114][ T6929] usb usb8: usbfs: process 6929 (syz.3.718) did not claim interface 0 before use [ 280.664820][ T2304] usb 3-1: USB disconnect, device number 25 [ 282.911569][ T6967] loop2: detected capacity change from 0 to 256 [ 283.172390][ T6967] FAT-fs (loop2): Directory bread(block 64) failed [ 283.179149][ T6967] FAT-fs (loop2): Directory bread(block 65) failed [ 283.186360][ T6967] FAT-fs (loop2): Directory bread(block 66) failed [ 283.193126][ T6967] FAT-fs (loop2): Directory bread(block 67) failed [ 283.200179][ T6967] FAT-fs (loop2): Directory bread(block 68) failed [ 283.206878][ T6967] FAT-fs (loop2): Directory bread(block 69) failed [ 283.213834][ T6967] FAT-fs (loop2): Directory bread(block 70) failed [ 283.220528][ T6967] FAT-fs (loop2): Directory bread(block 71) failed [ 283.227447][ T6967] FAT-fs (loop2): Directory bread(block 72) failed [ 283.234098][ T6967] FAT-fs (loop2): Directory bread(block 73) failed [ 284.251987][ T6976] netlink: 4 bytes leftover after parsing attributes in process `syz.2.728'. [ 284.559109][ T6974] loop3: detected capacity change from 0 to 512 [ 284.927507][ T6974] EXT4-fs (loop3): Ignoring removed orlov option [ 285.037278][ T6978] loop2: detected capacity change from 0 to 1024 [ 285.047818][ T6974] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 285.086578][ T6974] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 285.350159][ T6978] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 285.362669][ T6982] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.729: iget: bad i_size value: 2533274857506816 [ 285.387493][ T6982] usb usb8: usbfs: process 6982 (syz.3.729) did not claim interface 0 before use [ 285.400422][ T6978] netlink: 8 bytes leftover after parsing attributes in process `syz.2.730'. [ 285.409639][ T6978] netlink: 8 bytes leftover after parsing attributes in process `syz.2.730'. [ 286.683803][ T6990] loop0: detected capacity change from 0 to 512 [ 286.742288][ T6990] EXT4-fs (loop0): Ignoring removed orlov option [ 286.836049][ T6990] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 286.963380][ T6990] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 287.126533][ T13] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 287.263821][ T7000] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.733: iget: bad i_size value: 2533274857506816 [ 287.277931][ T7000] usb usb8: usbfs: process 7000 (syz.0.733) did not claim interface 0 before use [ 287.376475][ T13] usb 3-1: Using ep0 maxpacket: 32 [ 288.806345][ T13] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 288.823228][ T13] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 288.986631][ T13] usb 3-1: New USB device found, idVendor=1546, idProduct=1010, bcdDevice=3a.be [ 289.006076][ T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.852298][ T13] usb 3-1: Product: syz [ 289.884611][ T7021] loop3: detected capacity change from 0 to 512 [ 289.902686][ T13] usb 3-1: Manufacturer: syz [ 289.923612][ T13] usb 3-1: SerialNumber: syz [ 289.961214][ T13] usb 3-1: config 0 descriptor?? [ 289.979520][ T13] usb 3-1: can't set config #0, error -71 [ 290.006733][ T13] usb 3-1: USB disconnect, device number 26 [ 290.197032][ T7021] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.742: inode has both inline data and extents flags [ 290.197269][ T7021] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.742: couldn't read orphan inode 15 (err -117) [ 290.197435][ T7021] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 291.185751][ T7016] chnl_net:caif_netlink_parms(): no params data found [ 291.312013][ T7041] 9pnet: Insufficient options for proto=fd [ 291.493255][ T7016] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.510814][ T7016] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.592659][ T7016] device bridge_slave_0 entered promiscuous mode [ 291.773567][ T7016] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.785177][ T7016] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.793341][ T4307] Bluetooth: hci5: command 0x0409 tx timeout [ 291.826144][ T7016] device bridge_slave_1 entered promiscuous mode [ 291.869756][ T7016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.919796][ T4232] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 291.943263][ T4389] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.984920][ T7016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.031310][ T7016] team0: Port device team_slave_0 added [ 292.056251][ T4389] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.111924][ T7016] team0: Port device team_slave_1 added [ 292.177239][ T4389] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.225249][ T7016] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.241223][ T7016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.334848][ T7016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.366726][ T4232] usb 1-1: unable to get BOS descriptor or descriptor too short [ 292.387835][ T7016] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.394808][ T7016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.463206][ T4232] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 292.484377][ T4232] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 292.505353][ T4232] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 292.516544][ T7016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 292.529372][ T7049] loop4: detected capacity change from 0 to 40427 [ 292.537423][ T4232] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 292.556431][ T7049] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 292.579098][ T4389] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.593920][ T7049] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 292.624949][ T7049] F2FS-fs (loop4): invalid crc value [ 292.665695][ T7016] device hsr_slave_0 entered promiscuous mode [ 292.674252][ T7049] F2FS-fs (loop4): Found nat_bits in checkpoint [ 292.701447][ T7016] device hsr_slave_1 entered promiscuous mode [ 292.708072][ T4232] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 292.717479][ T4232] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.725489][ T4232] usb 1-1: Product: syz [ 292.730762][ T4232] usb 1-1: Manufacturer: syz [ 292.735406][ T4232] usb 1-1: SerialNumber: syz [ 292.755946][ T7016] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 292.764943][ T7016] Cannot create hsr debugfs directory [ 292.815712][ T7049] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 292.830969][ T7049] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 292.999875][ T7053] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 293.137738][ T4389] tipc: Left network mode [ 293.226620][ T4232] usb 1-1: 0:2 : does not exist [ 293.281561][ T4232] usb 1-1: USB disconnect, device number 18 [ 293.353612][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 293.405764][ T7016] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 293.460124][ T7016] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 293.518810][ T7016] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 293.562739][ T7016] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 293.806819][ T4390] Bluetooth: hci5: command 0x041b tx timeout [ 294.134471][ T7016] 8021q: adding VLAN 0 to HW filter on device bond0 [ 294.695469][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 294.706993][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 294.763286][ T7016] 8021q: adding VLAN 0 to HW filter on device team0 [ 294.809943][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 294.838174][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 294.867111][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.874195][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 294.905842][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 294.930832][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 294.968641][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.975804][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 295.019905][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 295.068135][ T7090] loop3: detected capacity change from 0 to 512 [ 295.084747][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 295.127212][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 295.186024][ T7090] EXT4-fs (loop3): Ignoring removed orlov option [ 295.305338][ T7090] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 295.396324][ T7090] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 295.544079][ T7097] loop0: detected capacity change from 0 to 512 [ 295.605102][ T7097] EXT4-fs (loop0): Ignoring removed orlov option [ 295.628720][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 295.673296][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 295.707336][ T7097] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 295.737802][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 295.774276][ T7101] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.754: iget: bad i_size value: 2533274857506816 [ 295.788228][ T7101] usb usb8: usbfs: process 7101 (syz.3.754) did not claim interface 0 before use [ 295.799483][ T7097] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 295.813009][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 295.852458][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 295.909686][ T4390] Bluetooth: hci5: command 0x040f tx timeout [ 296.313965][ T7106] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.755: iget: bad i_size value: 2533274857506816 [ 296.340745][ T7106] usb usb8: usbfs: process 7106 (syz.0.755) did not claim interface 0 before use [ 296.361048][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 296.397836][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 296.426031][ T7016] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 296.564707][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 296.637006][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 296.958575][ T7121] 9pnet: Insufficient options for proto=fd [ 297.041624][ T4389] device hsr_slave_0 left promiscuous mode [ 297.074505][ T4389] device hsr_slave_1 left promiscuous mode [ 297.283522][ T4389] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 297.329204][ T4389] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 297.530072][ T4389] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 297.720646][ T4389] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 298.057735][ T4389] device bridge_slave_1 left promiscuous mode [ 298.065554][ T4389] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.160327][ T4389] device bridge_slave_0 left promiscuous mode [ 298.167352][ T4389] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.293561][ T4389] device veth1_macvtap left promiscuous mode [ 298.320599][ T4389] device veth0_macvtap left promiscuous mode [ 298.342459][ T4389] device veth1_vlan left promiscuous mode [ 298.373472][ T1111] Bluetooth: hci5: command 0x0419 tx timeout [ 298.396285][ T4389] device veth0_vlan left promiscuous mode [ 298.536577][ T4307] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 298.976766][ T4307] usb 5-1: unable to get BOS descriptor or descriptor too short [ 299.000141][ T4389] team0 (unregistering): Port device team_slave_1 removed [ 299.015536][ T4389] team0 (unregistering): Port device team_slave_0 removed [ 299.039772][ T4389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 299.066643][ T4307] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 299.088369][ T4307] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 299.106513][ T4307] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 299.126508][ T4307] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 299.148681][ T4389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 299.353200][ T4307] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 299.366461][ T4307] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.394993][ T4307] usb 5-1: Product: syz [ 299.405701][ T4307] usb 5-1: Manufacturer: syz [ 299.415140][ T4307] usb 5-1: SerialNumber: syz [ 299.497106][ T4389] bond0 (unregistering): Released all slaves [ 300.348924][ T7169] loop3: detected capacity change from 0 to 512 [ 300.401034][ T7169] EXT4-fs (loop3): Ignoring removed orlov option [ 300.482218][ T7169] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 300.506900][ T7169] ext4 filesystem being mounted at /157/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 300.546891][ T7137] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 300.561472][ T4642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 300.601640][ T4642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 300.635315][ T7016] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 300.797339][ T7176] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.767: iget: bad i_size value: 2533274857506816 [ 300.811274][ T7176] usb usb8: usbfs: process 7176 (syz.3.767) did not claim interface 0 before use [ 300.856612][ T4307] usb 5-1: 0:2 : does not exist [ 300.886001][ T4307] usb 5-1: USB disconnect, device number 19 [ 301.368416][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 301.403611][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 301.468632][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 301.488656][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 301.555828][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 301.610380][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 301.662934][ T7016] device veth0_vlan entered promiscuous mode [ 301.733006][ T7016] device veth1_vlan entered promiscuous mode [ 302.153755][ T7016] device veth0_macvtap entered promiscuous mode [ 302.316087][ T7016] device veth1_macvtap entered promiscuous mode [ 302.492223][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 302.517409][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 302.536657][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 302.569234][ T7178] loop0: detected capacity change from 0 to 40427 [ 302.590744][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 302.671992][ T7178] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 302.698879][ T7178] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 302.760437][ T7178] F2FS-fs (loop0): invalid crc value [ 302.788859][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.802848][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.812738][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.823551][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.833415][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.927008][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 302.927218][ T26] audit: type=1326 audit(1772268498.510:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 303.051410][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.213091][ T7178] F2FS-fs (loop0): Found nat_bits in checkpoint [ 303.366338][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 303.696543][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.706504][ T26] audit: type=1326 audit(1772268498.510:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 303.728949][ T26] audit: type=1326 audit(1772268498.510:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 303.748255][ T7016] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 303.753320][ T26] audit: type=1326 audit(1772268498.510:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 303.869685][ T26] audit: type=1326 audit(1772268498.510:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 303.892021][ T26] audit: type=1326 audit(1772268498.510:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 303.914203][ T26] audit: type=1326 audit(1772268498.510:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 303.955343][ T26] audit: type=1326 audit(1772268498.510:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 304.014922][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 304.025583][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.035457][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 304.056483][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.153880][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 304.182018][ T26] audit: type=1326 audit(1772268498.510:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 304.223737][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.253441][ T26] audit: type=1326 audit(1772268498.510:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7210 comm="syz.2.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542ff2f799 code=0x7ffc0000 [ 304.280804][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 304.291553][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 304.303848][ T7016] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 305.160758][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 305.197241][ T4206] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 305.222398][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 305.271704][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 305.290890][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 305.313438][ T7016] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.343640][ T7016] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.386279][ T7016] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.405902][ T7016] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.486868][ T4232] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 305.538698][ T3082] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.556741][ T4206] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 127 [ 305.566483][ T3082] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.590591][ T4206] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 305.602134][ T4410] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 305.621375][ T4206] usb 5-1: config 0 has no interfaces? [ 305.686078][ T7076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.703832][ T7076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.734386][ T7076] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 305.787687][ T4206] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 305.825677][ T4206] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=95 [ 305.850988][ T4206] usb 5-1: Product: syz [ 306.139129][ T4206] usb 5-1: Manufacturer: syz [ 306.143851][ T4206] usb 5-1: SerialNumber: syz [ 306.156623][ T4232] usb 3-1: unable to get BOS descriptor or descriptor too short [ 306.174562][ T4206] usb 5-1: config 0 descriptor?? [ 306.355178][ T7248] loop3: detected capacity change from 0 to 512 [ 306.369466][ T4232] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 306.404137][ T4232] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 306.413577][ T4232] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 306.424634][ T4232] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 306.500392][ T7248] EXT4-fs (loop3): Ignoring removed orlov option [ 306.606686][ T4232] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 306.677846][ T7248] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 306.695111][ T4232] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.726052][ T4232] usb 3-1: Product: syz [ 306.743496][ T7248] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 306.766855][ T4232] usb 3-1: Manufacturer: syz [ 306.783643][ T4232] usb 3-1: SerialNumber: syz [ 307.362130][ T7268] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.781: iget: bad i_size value: 2533274857506816 [ 307.414812][ T7269] usb usb8: usbfs: process 7269 (syz.3.781) did not claim interface 0 before use [ 307.753129][ T7230] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 307.896769][ T4232] usb 3-1: 0:2 : does not exist [ 307.928989][ T4232] usb 3-1: USB disconnect, device number 27 [ 308.194428][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 309.009555][ T4390] usb 5-1: USB disconnect, device number 20 [ 310.538220][ T4307] usb 5-1: new full-speed USB device number 21 using dummy_hcd [ 310.926745][ T4307] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 310.952847][ T7290] loop3: detected capacity change from 0 to 40427 [ 310.966210][ T4307] usb 5-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 311.015351][ T7290] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 311.031008][ T4307] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.069597][ T7290] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 311.115145][ T4307] usb 5-1: config 0 descriptor?? [ 311.152880][ T7290] F2FS-fs (loop3): invalid crc value [ 311.214124][ T4307] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 311.256099][ T7290] F2FS-fs (loop3): Found nat_bits in checkpoint [ 311.646636][ T7303] udc-core: couldn't find an available UDC or it's busy [ 311.776495][ T7290] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 311.793314][ T7303] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 311.851465][ T7328] loop2: detected capacity change from 0 to 512 [ 311.879598][ T7290] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 312.158716][ T4232] usb 5-1: USB disconnect, device number 21 [ 312.167574][ T7328] EXT4-fs (loop2): Ignoring removed orlov option [ 312.333902][ T7328] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 312.425700][ T7328] ext4 filesystem being mounted at /157/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 313.806533][ T4307] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 314.306924][ T4307] usb 5-1: unable to get BOS descriptor or descriptor too short [ 314.556690][ T4307] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 314.630769][ T4307] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 314.803925][ T4307] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 315.308536][ T4307] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 315.572335][ T4307] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 315.747641][ T4307] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.756053][ T4307] usb 5-1: Product: syz [ 315.765806][ T4307] usb 5-1: Manufacturer: syz [ 315.786402][ T4307] usb 5-1: SerialNumber: syz [ 316.266056][ T7356] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 316.596570][ T4307] usb 5-1: 0:2 : does not exist [ 316.633854][ T4307] usb 5-1: USB disconnect, device number 22 [ 316.941176][ T21] usb 4-1: new full-speed USB device number 14 using dummy_hcd [ 317.381242][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.387657][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.535968][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 317.577660][ T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 317.603084][ T21] usb 4-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 317.780116][ T21] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.798265][ T21] usb 4-1: config 0 descriptor?? [ 317.839159][ T21] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 318.042019][ T7399] udc-core: couldn't find an available UDC or it's busy [ 318.054400][ T7396] loop2: detected capacity change from 0 to 40427 [ 318.061713][ T7399] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 318.104270][ T7396] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 318.114842][ T4230] usb 4-1: USB disconnect, device number 14 [ 318.158330][ T7396] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 318.203693][ T7396] F2FS-fs (loop2): invalid crc value [ 318.267941][ T7396] F2FS-fs (loop2): Found nat_bits in checkpoint [ 318.358591][ T7396] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 318.369963][ T7396] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 319.644437][ T7438] loop3: detected capacity change from 0 to 512 [ 319.749742][ T7438] EXT4-fs (loop3): Ignoring removed orlov option [ 319.887122][ T7438] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 319.919204][ T7438] ext4 filesystem being mounted at /170/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 321.041464][ T7458] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.812: iget: bad i_size value: 2533274857506816 [ 321.077337][ T7458] usb usb8: usbfs: process 7458 (syz.3.812) did not claim interface 0 before use [ 322.843309][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 322.866555][ T4230] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 323.266658][ T4230] usb 4-1: unable to get BOS descriptor or descriptor too short [ 323.326441][ T4232] usb 1-1: new full-speed USB device number 19 using dummy_hcd [ 323.356620][ T4230] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 323.376149][ T4230] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 323.406267][ T4230] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 323.446716][ T4230] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 323.636656][ T4230] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 323.661534][ T4230] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 323.687338][ T4232] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 323.707819][ T4232] usb 1-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 323.728017][ T4230] usb 4-1: Product: syz [ 323.732290][ T4230] usb 4-1: Manufacturer: syz [ 323.748240][ T4230] usb 4-1: SerialNumber: syz [ 323.758342][ T4232] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.794200][ T4232] usb 1-1: config 0 descriptor?? [ 323.839130][ T4232] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 324.028494][ T7473] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 324.046697][ T7487] udc-core: couldn't find an available UDC or it's busy [ 324.053782][ T7487] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 324.102592][ T4232] usb 1-1: USB disconnect, device number 19 [ 324.207918][ T4230] usb 4-1: 0:2 : does not exist [ 324.242133][ T4230] usb 4-1: USB disconnect, device number 15 [ 324.508333][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 327.227182][ T7546] loop3: detected capacity change from 0 to 512 [ 327.308802][ T7546] EXT4-fs (loop3): Ignoring removed orlov option [ 327.413087][ T7546] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 327.480675][ T7546] ext4 filesystem being mounted at /175/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 327.850578][ T7556] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.835: iget: bad i_size value: 2533274857506816 [ 327.871090][ T7556] usb usb8: usbfs: process 7556 (syz.3.835) did not claim interface 0 before use [ 328.646513][ T4390] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 328.676656][ T4307] usb 5-1: new full-speed USB device number 23 using dummy_hcd [ 329.056712][ T4307] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 329.076597][ T4390] usb 4-1: unable to get BOS descriptor or descriptor too short [ 329.094615][ T4307] usb 5-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 329.116497][ T4307] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.148312][ T4307] usb 5-1: config 0 descriptor?? [ 329.186753][ T4390] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 329.199781][ T4307] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 329.216072][ T4390] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 329.246042][ T4390] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 329.266399][ T4390] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 329.607555][ T7565] udc-core: couldn't find an available UDC or it's busy [ 329.770671][ T7565] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 329.982653][ T4206] usb 5-1: USB disconnect, device number 23 [ 330.296503][ T4390] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 330.305605][ T4390] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.322200][ T4390] usb 4-1: Product: syz [ 330.326458][ T4390] usb 4-1: Manufacturer: syz [ 330.331067][ T4390] usb 4-1: SerialNumber: syz [ 330.592798][ T7563] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 330.957012][ T4390] usb 4-1: 0:2 : does not exist [ 331.150500][ T4390] usb 4-1: USB disconnect, device number 16 [ 332.139490][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 332.910423][ T7619] netlink: 16 bytes leftover after parsing attributes in process `syz.5.852'. [ 332.920157][ T7619] netlink: 28 bytes leftover after parsing attributes in process `syz.5.852'. [ 334.786734][ T21] usb 1-1: new full-speed USB device number 20 using dummy_hcd [ 335.306643][ T21] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 335.335984][ T21] usb 1-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 335.386981][ T21] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.430972][ T4206] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 335.443637][ T21] usb 1-1: config 0 descriptor?? [ 335.530032][ T21] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 335.732170][ T7626] udc-core: couldn't find an available UDC or it's busy [ 335.746645][ T7626] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 335.788475][ T21] usb 1-1: USB disconnect, device number 20 [ 335.846584][ T4206] usb 6-1: unable to get BOS descriptor or descriptor too short [ 335.936637][ T4206] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 335.955767][ T4206] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 335.981713][ T4206] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 336.019161][ T4206] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 336.206647][ T4206] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 336.231076][ T4206] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 336.256452][ T4206] usb 6-1: Product: syz [ 336.269566][ T4206] usb 6-1: Manufacturer: syz [ 336.294529][ T4206] usb 6-1: SerialNumber: syz [ 336.571305][ T7640] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 337.536466][ T4206] usb 6-1: 0:2 : does not exist [ 337.592036][ T4206] usb 6-1: USB disconnect, device number 2 [ 338.763573][ T7714] loop0: detected capacity change from 0 to 512 [ 338.830372][ T7714] EXT4-fs (loop0): Ignoring removed orlov option [ 338.847150][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 338.949032][ T7714] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 338.996766][ T7714] ext4 filesystem being mounted at /191/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 339.172501][ T7714] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.871: iget: bad i_size value: 2533274857506816 [ 339.186054][ T7714] usb usb8: usbfs: process 7714 (syz.0.871) did not claim interface 0 before use [ 339.187762][ T4228] usb 4-1: new full-speed USB device number 17 using dummy_hcd [ 340.283825][ T4228] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 340.386466][ T4228] usb 4-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 340.396256][ T4228] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.434238][ T4228] usb 4-1: config 0 descriptor?? [ 340.508965][ T4228] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 340.597880][ T7] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 341.351096][ T7726] udc-core: couldn't find an available UDC or it's busy [ 341.523360][ T7726] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 341.555299][ T4228] usb 4-1: USB disconnect, device number 17 [ 341.786714][ T7] usb 1-1: unable to get BOS descriptor or descriptor too short [ 342.686794][ T7] usb 1-1: unable to read config index 0 descriptor/all [ 342.693850][ T7] usb 1-1: can't read configurations, error -71 [ 342.982905][ T7790] loop2: detected capacity change from 0 to 512 [ 343.000322][ T7792] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 343.108873][ T7790] EXT4-fs (loop2): Ignoring removed orlov option [ 343.324230][ T7790] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 343.467423][ T7790] ext4 filesystem being mounted at /173/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 343.937456][ T7790] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz.2.886: iget: bad i_size value: 2533274857506816 [ 343.952439][ T7790] usb usb8: usbfs: process 7790 (syz.2.886) did not claim interface 0 before use [ 346.751548][ T4307] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 346.776669][ T7859] 9pnet: Insufficient options for proto=fd [ 346.879535][ T7863] loop5: detected capacity change from 0 to 512 [ 346.924605][ T7863] EXT4-fs (loop5): Ignoring removed orlov option [ 347.013687][ T7863] EXT4-fs (loop5): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 347.058459][ T7863] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 347.096606][ T4390] usb 1-1: new full-speed USB device number 23 using dummy_hcd [ 347.265580][ T7863] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.900: iget: bad i_size value: 2533274857506816 [ 347.284310][ T7863] usb usb8: usbfs: process 7863 (syz.5.900) did not claim interface 0 before use [ 347.406543][ T4307] usb 4-1: unable to get BOS descriptor or descriptor too short [ 347.497011][ T4307] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 347.661420][ T4307] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 347.671557][ T4307] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 347.682625][ T4307] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 347.747083][ T4390] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 348.206409][ T4390] usb 1-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 348.245964][ T4390] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 348.254615][ T4307] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 348.288711][ T4307] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.327597][ T4307] usb 4-1: Product: syz [ 348.331807][ T4307] usb 4-1: Manufacturer: syz [ 348.351025][ T4390] usb 1-1: config 0 descriptor?? [ 348.390874][ T4307] usb 4-1: SerialNumber: syz [ 348.417261][ T4390] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 348.713191][ T7861] udc-core: couldn't find an available UDC or it's busy [ 348.818260][ T7844] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 348.876298][ T7861] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 349.137999][ T4206] usb 1-1: USB disconnect, device number 23 [ 349.541540][ T4307] usb 4-1: 0:2 : does not exist [ 349.578022][ T4307] usb 4-1: USB disconnect, device number 18 [ 350.128497][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 350.495130][ T7925] loop5: detected capacity change from 0 to 512 [ 350.586552][ T7925] EXT4-fs (loop5): Ignoring removed orlov option [ 351.070211][ T7925] EXT4-fs (loop5): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 351.091785][ T7925] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 351.208482][ T7939] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.911: iget: bad i_size value: 2533274857506816 [ 351.265628][ T7941] usb usb8: usbfs: process 7941 (syz.5.911) did not claim interface 0 before use [ 352.945988][ T7960] 9pnet: Insufficient options for proto=fd [ 353.066651][ T23] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 353.336865][ T2304] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 353.546821][ T23] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 353.718900][ T23] usb 6-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 353.756720][ T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.974552][ T23] usb 6-1: config 0 descriptor?? [ 354.016588][ T2304] usb 4-1: unable to get BOS descriptor or descriptor too short [ 354.026954][ T23] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 354.148568][ T2304] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 354.367438][ T7959] udc-core: couldn't find an available UDC or it's busy [ 354.412798][ T2304] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 354.573386][ T7959] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 354.766407][ T2304] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 354.827402][ T2304] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 354.905291][ T23] usb 6-1: USB disconnect, device number 3 [ 355.077575][ T2304] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 355.097754][ T2304] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.136222][ T2304] usb 4-1: Product: syz [ 355.151235][ T2304] usb 4-1: Manufacturer: syz [ 355.156033][ T2304] usb 4-1: SerialNumber: syz [ 355.421619][ T7983] loop4: detected capacity change from 0 to 512 [ 355.430796][ T7963] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 355.453071][ T7983] EXT4-fs (loop4): Ignoring removed orlov option [ 355.515210][ T7983] EXT4-fs (loop4): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 355.536708][ T7983] ext4 filesystem being mounted at /186/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 355.566440][ T4228] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 355.607745][ T2304] usb 4-1: 0:2 : does not exist [ 355.678466][ T7991] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.926: iget: bad i_size value: 2533274857506816 [ 355.698089][ T2304] usb 4-1: USB disconnect, device number 19 [ 355.706888][ T7991] usb usb8: usbfs: process 7991 (syz.4.926) did not claim interface 0 before use [ 355.816691][ T4228] usb 1-1: Using ep0 maxpacket: 32 [ 355.956817][ T4228] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 356.007314][ T4228] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 356.098847][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 356.337428][ T4228] usb 1-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=70.f8 [ 356.417929][ T4228] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 356.660078][ T4228] usb 1-1: Product: syz [ 356.664299][ T4228] usb 1-1: Manufacturer: syz [ 356.686611][ T4228] usb 1-1: SerialNumber: syz [ 356.698572][ T4228] usb 1-1: config 0 descriptor?? [ 358.259705][ T4390] usb 1-1: USB disconnect, device number 24 [ 358.736442][ T7] usb 3-1: new full-speed USB device number 28 using dummy_hcd [ 358.963339][ T8030] loop0: detected capacity change from 0 to 512 [ 359.000677][ T8030] EXT4-fs (loop0): Ignoring removed orlov option [ 359.039332][ T8030] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 359.059407][ T8030] ext4 filesystem being mounted at /198/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 359.096561][ T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 359.228583][ T8035] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.940: iget: bad i_size value: 2533274857506816 [ 359.258296][ T8035] usb usb8: usbfs: process 8035 (syz.0.940) did not claim interface 0 before use [ 359.413372][ T8037] 9pnet: Insufficient options for proto=fd [ 359.422332][ T7] usb 3-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 359.431478][ T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.441966][ T7] usb 3-1: config 0 descriptor?? [ 359.488958][ T7] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 359.692293][ T8025] udc-core: couldn't find an available UDC or it's busy [ 359.709492][ T8025] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 359.728628][ T4390] usb 3-1: USB disconnect, device number 28 [ 359.817908][ T23] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 360.346932][ T23] usb 5-1: unable to get BOS descriptor or descriptor too short [ 360.497537][ T23] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 360.842366][ T23] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 360.896576][ T23] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 361.603252][ T23] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 361.838325][ T23] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 361.849115][ T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 361.857381][ T23] usb 5-1: Product: syz [ 361.861567][ T23] usb 5-1: Manufacturer: syz [ 361.866178][ T23] usb 5-1: SerialNumber: syz [ 362.060027][ T8069] netlink: 28 bytes leftover after parsing attributes in process `syz.5.949'. [ 362.132795][ T8039] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 362.588264][ T23] usb 5-1: 0:2 : does not exist [ 362.914055][ T23] usb 5-1: USB disconnect, device number 24 [ 363.546508][ T23] usb 5-1: new full-speed USB device number 25 using dummy_hcd [ 364.515564][ T8109] 9pnet: Insufficient options for proto=fd [ 364.706889][ T23] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 364.789812][ T23] usb 5-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 365.006049][ T23] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 365.053528][ T23] usb 5-1: config 0 descriptor?? [ 365.119894][ T23] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 365.324362][ T8096] udc-core: couldn't find an available UDC or it's busy [ 365.348000][ T8096] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 365.363317][ T7] usb 5-1: USB disconnect, device number 25 [ 366.090490][ T8128] device syzkaller0 entered promiscuous mode [ 366.993428][ T8138] netlink: 28 bytes leftover after parsing attributes in process `syz.3.965'. [ 367.184798][ T8144] binder_alloc: 8140: binder_alloc_buf, no vma [ 367.255774][ T8138] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 367.657854][ T8151] 9pnet: Insufficient options for proto=fd [ 367.716778][ T23] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 368.186754][ T23] usb 3-1: unable to get BOS descriptor or descriptor too short [ 368.337904][ T23] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 368.367086][ T23] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 368.436979][ T23] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 368.476404][ T23] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 369.505267][ T23] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 369.597510][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 369.605536][ T23] usb 3-1: Product: syz [ 370.642179][ T23] usb 3-1: Manufacturer: syz [ 370.655813][ T23] usb 3-1: SerialNumber: syz [ 371.026682][ T23] usb 3-1: can't set config #1, error -71 [ 371.066207][ T23] usb 3-1: USB disconnect, device number 29 [ 371.181576][ T8185] device syzkaller0 entered promiscuous mode [ 371.265192][ T8187] netlink: 28 bytes leftover after parsing attributes in process `syz.3.979'. [ 371.700041][ T8203] loop5: detected capacity change from 0 to 512 [ 371.810848][ T8203] EXT4-fs (loop5): Ignoring removed orlov option [ 372.470507][ T8203] EXT4-fs (loop5): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 372.726996][ T8203] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 373.325635][ T8223] usb usb8: usbfs: process 8223 (syz.5.983) did not claim interface 0 before use [ 374.196538][ T4378] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 374.822335][ T8241] device syzkaller0 entered promiscuous mode [ 374.862392][ T8247] netlink: 28 bytes leftover after parsing attributes in process `syz.0.995'. [ 374.876514][ T4378] usb 5-1: unable to get BOS descriptor or descriptor too short [ 375.056919][ T4378] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 375.137226][ T4378] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 375.289088][ T4378] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 375.474645][ T4378] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 376.094508][ T4378] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 376.108555][ T4378] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 376.122588][ T4378] usb 5-1: Product: syz [ 376.130056][ T4378] usb 5-1: Manufacturer: syz [ 376.136011][ T4378] usb 5-1: SerialNumber: syz [ 376.928518][ T8229] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 377.021234][ T8270] loop3: detected capacity change from 0 to 512 [ 377.173057][ T8270] EXT4-fs (loop3): Ignoring removed orlov option [ 377.313563][ T8270] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 377.372585][ T8270] ext4 filesystem being mounted at /219/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 377.726498][ T4378] usb 5-1: 0:2 : does not exist [ 377.766316][ T4378] usb 5-1: USB disconnect, device number 26 [ 377.789830][ T8285] usb usb8: usbfs: process 8285 (syz.3.1002) did not claim interface 0 before use [ 378.155863][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 378.397125][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.404113][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.893446][ T8275] loop2: detected capacity change from 0 to 40427 [ 378.958147][ T8291] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1008'. [ 378.990131][ T8275] F2FS-fs (loop2): invalid crc value [ 379.022507][ T8275] F2FS-fs (loop2): Found nat_bits in checkpoint [ 379.112550][ T8291] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 379.161866][ T8275] F2FS-fs (loop2): Inconsistent segment (8) type [1, 0] in SSA and SIT [ 382.046449][ T7] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 383.012708][ T8326] device syzkaller0 entered promiscuous mode [ 383.275596][ T7] usb 6-1: unable to get BOS descriptor or descriptor too short [ 383.376601][ T7] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 383.466202][ T7] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 383.629592][ T7] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 383.870471][ T7] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 384.054471][ T8340] loop3: detected capacity change from 0 to 256 [ 384.061171][ T7] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 384.070440][ T7] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 384.092487][ T7] usb 6-1: Product: syz [ 384.109523][ T8340] exfat: Deprecated parameter 'utf8' [ 384.114861][ T8340] exfat: Deprecated parameter 'utf8' [ 384.121985][ T8340] exfat: Deprecated parameter 'utf8' [ 384.129213][ T8340] exfat: Deprecated parameter 'utf8' [ 384.132807][ T7] usb 6-1: Manufacturer: syz [ 384.146491][ T8340] exFAT-fs (loop3): Invalid exboot-signature(sector = 2): 0x00550000 [ 384.149843][ T7] usb 6-1: SerialNumber: syz [ 384.181667][ T8340] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x1119ab28) [ 384.195260][ T8340] exFAT-fs (loop3): invalid boot region [ 384.202244][ T8340] exFAT-fs (loop3): failed to recognize exfat type [ 384.283217][ T8346] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 384.552396][ T8342] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1024'. [ 384.721517][ T8341] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 384.786545][ T7] usb 6-1: 0:2 : does not exist [ 384.869318][ T7] usb 6-1: USB disconnect, device number 4 [ 384.932111][ T4175] udevd[4175]: setting owner of /dev/snd/controlC3 to uid=0, gid=29 failed: No such file or directory [ 386.516734][ T8367] 9pnet: Insufficient options for proto=fd [ 387.386590][ T7] usb 3-1: new full-speed USB device number 30 using dummy_hcd [ 387.746549][ T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 387.766925][ T7] usb 3-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 387.796259][ T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 387.831396][ T4206] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 387.839724][ T7] usb 3-1: config 0 descriptor?? [ 387.879200][ T7] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 388.091868][ T8382] udc-core: couldn't find an available UDC or it's busy [ 388.124238][ T8382] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 388.180731][ T4378] usb 3-1: USB disconnect, device number 30 [ 388.236490][ T8183] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 388.656600][ T4206] usb 6-1: unable to get BOS descriptor or descriptor too short [ 388.666903][ T8183] usb 5-1: Using ep0 maxpacket: 32 [ 388.796710][ T8183] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 388.927040][ T8183] usb 5-1: config 0 has no interfaces? [ 389.042964][ T8183] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 389.216465][ T8183] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.486919][ T8183] usb 5-1: config 0 descriptor?? [ 389.537145][ T4206] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 389.556604][ T4206] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 389.565735][ T4206] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 389.583059][ T4206] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 389.786149][ T8407] device syzkaller0 entered promiscuous mode [ 389.806957][ T4206] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 389.826432][ T4206] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.954982][ T4206] usb 6-1: Product: syz [ 389.960163][ T4206] usb 6-1: Manufacturer: syz [ 389.964878][ T4206] usb 6-1: SerialNumber: syz [ 390.176119][ T8392] udc-core: couldn't find an available UDC or it's busy [ 390.255228][ T8392] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 390.280450][ T8389] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 390.395706][ T8183] usb 5-1: USB disconnect, device number 27 [ 390.716439][ T4206] usb 6-1: 0:2 : does not exist [ 390.961164][ T4206] usb 6-1: USB disconnect, device number 5 [ 392.050149][ T8428] loop3: detected capacity change from 0 to 512 [ 392.149304][ T8428] EXT4-fs (loop3): Ignoring removed orlov option [ 392.236293][ T8428] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 392.285743][ T8428] ext4 filesystem being mounted at /227/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 392.622516][ T8437] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.1050: iget: bad i_size value: 2533274857506816 [ 392.909907][ T8440] 9pnet: Insufficient options for proto=fd [ 393.526429][ T8183] usb 4-1: new full-speed USB device number 20 using dummy_hcd [ 394.047152][ T8183] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 394.133636][ T8183] usb 4-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 394.299586][ T8183] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.647671][ T8183] usb 4-1: config 0 descriptor?? [ 394.699973][ T8183] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 394.902651][ T8442] udc-core: couldn't find an available UDC or it's busy [ 394.922525][ T8442] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 394.948684][ T4230] usb 4-1: USB disconnect, device number 20 [ 395.904889][ T8462] device syzkaller0 entered promiscuous mode [ 397.016496][ T4232] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 397.029811][ T8476] device syzkaller0 entered promiscuous mode [ 397.039150][ T8476] 0: reclassify loop, rule prio 0, protocol 800 [ 397.111467][ T8473] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 397.119976][ T8473] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 397.280954][ T8485] loop4: detected capacity change from 0 to 256 [ 397.436623][ T4232] usb 3-1: unable to get BOS descriptor or descriptor too short [ 397.516550][ T4232] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 397.549867][ T4232] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 397.578234][ T4232] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 397.629299][ T4232] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 399.226431][ T4232] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 399.283761][ T4232] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 399.308151][ T8498] 9pnet: Insufficient options for proto=fd [ 399.356509][ T4232] usb 3-1: can't set config #1, error -71 [ 399.388923][ T4232] usb 3-1: USB disconnect, device number 31 [ 400.604936][ T8508] device syzkaller0 entered promiscuous mode [ 400.903209][ T8515] loop0: detected capacity change from 0 to 128 [ 400.978152][ T4232] usb 4-1: new full-speed USB device number 21 using dummy_hcd [ 401.040129][ T8515] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 401.056441][ T8515] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 402.076457][ T4232] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 402.096425][ T4232] usb 4-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 402.125786][ T4232] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.164363][ T4232] usb 4-1: config 0 descriptor?? [ 402.221869][ T8533] loop0: detected capacity change from 0 to 4096 [ 402.226289][ T4232] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 402.509633][ T8511] udc-core: couldn't find an available UDC or it's busy [ 402.529388][ T8533] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 402.540575][ T8511] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 402.568542][ T4307] usb 4-1: USB disconnect, device number 21 [ 403.037620][ T8547] 9pnet: Insufficient options for proto=fd [ 403.935725][ T8564] device syzkaller0 entered promiscuous mode [ 403.952943][ T8565] loop3: detected capacity change from 0 to 2048 [ 403.955029][ T8564] 0: reclassify loop, rule prio 0, protocol 800 [ 404.017914][ T8565] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 404.026602][ T4230] usb 5-1: new full-speed USB device number 28 using dummy_hcd [ 404.041727][ T8565] ext4 filesystem being mounted at /234/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 404.325281][ T8565] overlayfs: failed to create directory ./bus/index (errno: 28); mounting read-only [ 404.372173][ T8565] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 404.396547][ T4230] usb 5-1: config 0 has no interfaces? [ 404.476538][ T4230] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 404.495885][ T4230] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 404.567563][ T8573] loop2: detected capacity change from 0 to 512 [ 404.582324][ T4230] usb 5-1: SerialNumber: syz [ 404.592354][ T4230] usb 5-1: config 0 descriptor?? [ 404.675918][ T8573] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003) [ 404.721535][ T8573] FAT-fs (loop2): Filesystem has been set read-only [ 404.735876][ T8577] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003) [ 405.029972][ T4307] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 405.085994][ T4230] usb 5-1: USB disconnect, device number 28 [ 405.436613][ T4307] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 405.472406][ T4307] usb 6-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 405.482278][ T4307] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.504974][ T4307] usb 6-1: config 0 descriptor?? [ 405.550150][ T8589] 9pnet: Insufficient options for proto=fd [ 405.561266][ T4307] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 405.765938][ T4307] usb 6-1: USB disconnect, device number 6 [ 405.897261][ T8585] loop3: detected capacity change from 0 to 40427 [ 405.918017][ T8585] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 405.925772][ T8585] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 405.982546][ T8585] F2FS-fs (loop3): invalid crc value [ 406.034071][ T8585] F2FS-fs (loop3): Found nat_bits in checkpoint [ 406.153308][ T8585] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 406.165161][ T8585] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 406.356925][ T8604] loop2: detected capacity change from 0 to 512 [ 406.414602][ T8604] EXT4-fs (loop2): Test dummy encryption mode enabled [ 406.449870][ T8604] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 406.495096][ T8604] EXT4-fs error (device loop2): xattr_find_entry:297: inode #15: comm syz.2.1102: corrupted xattr entries [ 406.512308][ T8608] device syzkaller0 entered promiscuous mode [ 406.529586][ T8608] 0: reclassify loop, rule prio 0, protocol 800 [ 406.578780][ T8604] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 406.592319][ T8604] EXT4-fs (loop2): 1 orphan inode deleted [ 406.598426][ T8604] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,test_dummy_encryption,,errors=continue. Quota mode: none. [ 407.439044][ T4307] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 407.856814][ T4307] usb 6-1: unable to get BOS descriptor or descriptor too short [ 407.984089][ T4307] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 408.077322][ T4307] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 408.231419][ T4307] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 408.281500][ T4307] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 409.566734][ T4307] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 409.580209][ T4307] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 409.900541][ T4307] usb 6-1: Product: syz [ 409.975300][ T4307] usb 6-1: Manufacturer: syz [ 410.131401][ T4307] usb 6-1: SerialNumber: syz [ 410.506578][ T4307] usb 6-1: can't set config #1, error -71 [ 410.577691][ T8639] 9pnet: Insufficient options for proto=fd [ 411.275308][ T4307] usb 6-1: USB disconnect, device number 7 [ 411.486040][ T8655] loop2: detected capacity change from 0 to 512 [ 411.589421][ T8655] EXT4-fs (loop2): Ignoring removed orlov option [ 412.133542][ T8655] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 412.349841][ T8655] ext4 filesystem being mounted at /220/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 412.779185][ T8671] autofs4:pid:8671:autofs_fill_super: called with bogus options [ 413.839939][ T8683] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz.2.1117: iget: bad i_size value: 2533274857506816 [ 413.865670][ T8682] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1125'. [ 414.121061][ T8689] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 414.314684][ T4206] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 415.396497][ T4206] usb 4-1: unable to get BOS descriptor or descriptor too short [ 415.499611][ T4206] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 415.530221][ T4206] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 416.541005][ T4307] Bluetooth: hci5: command 0x0406 tx timeout [ 416.576378][ T4206] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 416.596396][ T4206] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 416.696419][ T4206] usb 4-1: string descriptor 0 read error: -71 [ 416.709404][ T4206] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 416.757245][ T4206] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.896569][ T4206] usb 4-1: can't set config #1, error -71 [ 416.912125][ T4206] usb 4-1: USB disconnect, device number 22 [ 416.982652][ T8721] netlink: 'syz.0.1132': attribute type 4 has an invalid length. [ 420.094941][ T8748] loop2: detected capacity change from 0 to 256 [ 420.145385][ T8748] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 420.216471][ T8748] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 420.251262][ T8748] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 421.469968][ T8743] loop3: detected capacity change from 0 to 40427 [ 421.582738][ T8743] F2FS-fs (loop3): invalid crc value [ 421.593587][ T8743] F2FS-fs (loop3): Found nat_bits in checkpoint [ 421.674780][ T8764] loop2: detected capacity change from 0 to 1024 [ 421.795998][ T8764] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 421.844446][ T8743] F2FS-fs (loop3): Inconsistent segment (8) type [1, 0] in SSA and SIT [ 423.106438][ T21] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 423.611872][ T8786] loop2: detected capacity change from 0 to 1024 [ 423.776481][ T21] usb 6-1: unable to get BOS descriptor or descriptor too short [ 423.784417][ T8786] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 423.863313][ T21] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 423.993793][ T8786] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - no `..' [ 424.022055][ T21] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 424.227867][ T21] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 424.522959][ T21] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 424.736600][ T21] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 424.749279][ T21] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.789444][ T8793] loop0: detected capacity change from 0 to 512 [ 424.803847][ T21] usb 6-1: Product: syz [ 424.815984][ T21] usb 6-1: Manufacturer: syz [ 424.838455][ T21] usb 6-1: SerialNumber: syz [ 424.904617][ T8793] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 424.940811][ T8793] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1150: invalid indirect mapped block 256 (level 2) [ 424.983517][ T8793] EXT4-fs (loop0): 2 truncates cleaned up [ 424.989423][ T8793] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,auto_da_alloc,lazytime,dioread_nolock,,errors=continue. Quota mode: writeback. [ 425.050490][ T8799] loop4: detected capacity change from 0 to 512 [ 425.092821][ T8799] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 425.107103][ T8793] EXT4-fs error (device loop0): ext4_inlinedir_to_tree:1457: inode #12: block 7: comm syz.0.1150: path /241/file1/bus: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0 [ 425.153771][ T8799] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e01c, mo2=0002] [ 425.161473][ T8773] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 425.176513][ T8799] System zones: 1-12 [ 425.182028][ T8799] EXT4-fs (loop4): orphan cleanup on readonly fs [ 425.236610][ T8799] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1151: invalid indirect mapped block 12 (level 1) [ 425.281689][ T8799] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1151: invalid indirect mapped block 2 (level 2) [ 425.322622][ T8799] EXT4-fs (loop4): 1 truncate cleaned up [ 425.375364][ T21] usb 6-1: 0:2 : does not exist [ 425.390908][ T8799] EXT4-fs (loop4): mounted filesystem without journal. Opts: noinit_itable,jqfmt=vfsv1,user_xattr,debug,barrier,errors=continue. Quota mode: none. [ 425.426556][ T21] usb 6-1: USB disconnect, device number 8 [ 428.056756][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 428.086440][ T13] usb 5-1: new low-speed USB device number 29 using dummy_hcd [ 428.124242][ T8825] loop0: detected capacity change from 0 to 512 [ 428.141739][ T8822] device syzkaller0 entered promiscuous mode [ 428.167100][ T4192] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #2: block 5: comm syz-executor: lblock 0 mapped to illegal pblock 5 (length 1) [ 428.220004][ T8825] EXT4-fs (loop0): Ignoring removed orlov option [ 428.223792][ T4192] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz-executor: error -117 reading directory block [ 428.406473][ T21] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 428.441114][ T8825] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 428.499224][ T8825] ext4 filesystem being mounted at /243/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 430.201416][ T8844] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.1155: iget: bad i_size value: 2533274857506816 [ 430.566539][ T21] usb 3-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 127 [ 430.586901][ T21] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 430.605891][ T4379] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 430.624813][ T21] usb 3-1: config 0 has no interfaces? [ 430.692420][ T4379] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 430.746429][ T4192] syz-executor (4192) used greatest stack depth: 20912 bytes left [ 430.806616][ T21] usb 3-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 430.853034][ T4379] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 430.982831][ T21] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=95 [ 430.991417][ T21] usb 3-1: Product: syz [ 430.995599][ T21] usb 3-1: Manufacturer: syz [ 431.000287][ T21] usb 3-1: SerialNumber: syz [ 431.012083][ T21] usb 3-1: config 0 descriptor?? [ 431.022055][ T4379] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.316082][ T21] usb 3-1: USB disconnect, device number 32 [ 431.682615][ T8866] loop2: detected capacity change from 0 to 512 [ 432.378856][ T8866] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,quota,quota,bsddf,dioread_lock,,errors=continue. Quota mode: writeback. [ 432.471502][ T8866] ext4 filesystem being mounted at /234/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 433.726516][ T21] Bluetooth: hci1: command 0x0409 tx timeout [ 433.751504][ T8893] loop0: detected capacity change from 0 to 1024 [ 433.787542][ T8861] chnl_net:caif_netlink_parms(): no params data found [ 434.125975][ T8893] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 434.626487][ T8893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1175'. [ 434.635410][ T8893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1175'. [ 434.696162][ T8909] loop5: detected capacity change from 0 to 512 [ 435.005263][ T8914] loop2: detected capacity change from 0 to 512 [ 435.374758][ T8909] EXT4-fs (loop5): Ignoring removed bh option [ 435.443033][ T8861] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.458303][ T8861] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.508119][ T8909] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 435.527463][ T8861] device bridge_slave_0 entered promiscuous mode [ 435.558922][ T8909] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 435.576957][ T8861] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.602695][ T8861] bridge0: port 2(bridge_slave_1) entered disabled state [ 435.645829][ T8861] device bridge_slave_1 entered promiscuous mode [ 435.666924][ T8861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 435.729260][ T8861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 435.772634][ T8914] EXT4-fs (loop2): Ignoring removed orlov option [ 435.806441][ T23] Bluetooth: hci1: command 0x041b tx timeout [ 435.886535][ T8933] loop3: detected capacity change from 0 to 512 [ 435.899054][ T8861] team0: Port device team_slave_0 added [ 435.958112][ T8914] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,orlov,i_version,,errors=continue. Quota mode: writeback. [ 436.089362][ T8933] EXT4-fs (loop3): Ignoring removed nobh option [ 436.367729][ T8861] team0: Port device team_slave_1 added [ 436.411598][ T8914] ext4 filesystem being mounted at /237/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 436.606497][ T8933] [ 436.608955][ T8933] ====================================================== [ 436.615975][ T8933] WARNING: possible circular locking dependency detected [ 436.623008][ T8933] syzkaller #0 Not tainted [ 436.627430][ T8933] ------------------------------------------------------ [ 436.634449][ T8933] syz.3.1182/8933 is trying to acquire lock: [ 436.640440][ T8933] ffff8880223b0bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x20f/0x2df0 [ 436.650591][ T8933] [ 436.650591][ T8933] but task is already holding lock: [ 436.657969][ T8933] ffff88805fb528a8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 436.667978][ T8933] [ 436.667978][ T8933] which lock already depends on the new lock. [ 436.667978][ T8933] [ 436.678391][ T8933] [ 436.678391][ T8933] the existing dependency chain (in reverse order) is: [ 436.687414][ T8933] [ 436.687414][ T8933] -> #1 (&ei->xattr_sem){++++}-{3:3}: [ 436.694993][ T8933] down_write+0x38/0x60 [ 436.699695][ T8933] ext4_destroy_inline_data+0x24/0xe0 [ 436.705621][ T8933] ext4_writepages+0x670/0x2df0 [ 436.711041][ T8933] do_writepages+0x476/0x6e0 [ 436.716168][ T8933] filemap_fdatawrite_wbc+0x1eb/0x240 [ 436.722077][ T8933] filemap_flush+0xd4/0x130 [ 436.727120][ T8933] ext4_rename2+0x100c/0x30e0 [ 436.732337][ T8933] vfs_rename+0xbe1/0x1100 [ 436.737294][ T8933] do_renameat2+0x8b7/0xf60 [ 436.742331][ T8933] __x64_sys_renameat2+0xce/0xe0 [ 436.747805][ T8933] do_syscall_64+0x4c/0xa0 [ 436.752757][ T8933] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 436.759190][ T8933] [ 436.759190][ T8933] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 436.767636][ T8933] __lock_acquire+0x2c42/0x7d10 [ 436.773036][ T8933] lock_acquire+0x19e/0x400 [ 436.778091][ T8933] percpu_down_read+0x46/0x1b0 [ 436.783404][ T8933] ext4_writepages+0x20f/0x2df0 [ 436.788875][ T8933] do_writepages+0x476/0x6e0 [ 436.794009][ T8933] __writeback_single_inode+0x153/0xda0 [ 436.800101][ T8933] writeback_single_inode+0x3cb/0x8e0 [ 436.806018][ T8933] write_inode_now+0x23b/0x2c0 [ 436.811323][ T8933] iput+0x5ab/0x8a0 [ 436.815660][ T8933] ext4_xattr_set_entry+0x34f4/0x3ea0 [ 436.821557][ T8933] ext4_xattr_block_set+0x4fd/0x2d20 [ 436.827377][ T8933] ext4_expand_extra_isize_ea+0xf3f/0x19b0 [ 436.833745][ T8933] __ext4_expand_extra_isize+0x301/0x3e0 [ 436.839920][ T8933] __ext4_mark_inode_dirty+0x469/0x700 [ 436.845906][ T8933] ext4_evict_inode+0xa8d/0x1090 [ 436.851372][ T8933] evict+0x4c9/0x8d0 [ 436.855791][ T8933] ext4_orphan_cleanup+0xad2/0x1320 [ 436.861524][ T8933] ext4_fill_super+0x8e25/0x95a0 [ 436.866986][ T8933] mount_bdev+0x287/0x3c0 [ 436.871835][ T8933] legacy_get_tree+0xe6/0x180 [ 436.877119][ T8933] vfs_get_tree+0x88/0x270 [ 436.882056][ T8933] do_new_mount+0x24a/0xa40 [ 436.887077][ T8933] __se_sys_mount+0x2e3/0x3d0 [ 436.892277][ T8933] do_syscall_64+0x4c/0xa0 [ 436.897209][ T8933] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 436.903620][ T8933] [ 436.903620][ T8933] other info that might help us debug this: [ 436.903620][ T8933] [ 436.913842][ T8933] Possible unsafe locking scenario: [ 436.913842][ T8933] [ 436.921300][ T8933] CPU0 CPU1 [ 436.926660][ T8933] ---- ---- [ 436.932017][ T8933] lock(&ei->xattr_sem); [ 436.936349][ T8933] lock(&sbi->s_writepages_rwsem); [ 436.944161][ T8933] lock(&ei->xattr_sem); [ 436.951012][ T8933] lock(&sbi->s_writepages_rwsem); [ 436.956221][ T8933] [ 436.956221][ T8933] *** DEADLOCK *** [ 436.956221][ T8933] [ 436.964373][ T8933] 3 locks held by syz.3.1182/8933: [ 436.969479][ T8933] #0: ffff8880253000e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 436.979576][ T8933] #1: ffff888025300650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x44a/0x1090 [ 436.989059][ T8933] #2: ffff88805fb528a8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 436.999342][ T8933] [ 436.999342][ T8933] stack backtrace: [ 437.005252][ T8933] CPU: 1 PID: 8933 Comm: syz.3.1182 Not tainted syzkaller #0 [ 437.012631][ T8933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 437.022686][ T8933] Call Trace: [ 437.025970][ T8933] [ 437.028942][ T8933] dump_stack_lvl+0x188/0x250 [ 437.033751][ T8933] ? load_image+0x400/0x400 [ 437.038269][ T8933] ? show_regs_print_info+0x20/0x20 [ 437.043481][ T8933] ? print_circular_bug+0x12b/0x1a0 [ 437.048701][ T8933] check_noncircular+0x296/0x330 [ 437.053728][ T8933] ? look_up_lock_class+0x71/0x110 [ 437.058848][ T8933] ? add_chain_block+0x940/0x940 [ 437.063813][ T8933] ? lockdep_lock+0xf1/0x1f0 [ 437.068407][ T8933] ? mark_lock+0x94/0x320 [ 437.072733][ T8933] __lock_acquire+0x2c42/0x7d10 [ 437.077590][ T8933] ? verify_lock_unused+0x140/0x140 [ 437.082809][ T8933] ? verify_lock_unused+0x140/0x140 [ 437.088021][ T8933] ? verify_lock_unused+0x140/0x140 [ 437.093221][ T8933] ? psi_task_switch+0x499/0x7d0 [ 437.098164][ T8933] lock_acquire+0x19e/0x400 [ 437.102677][ T8933] ? ext4_writepages+0x20f/0x2df0 [ 437.107700][ T8933] ? __might_sleep+0xf0/0xf0 [ 437.112291][ T8933] ? read_lock_is_recursive+0x10/0x10 [ 437.117664][ T8933] ? finish_lock_switch+0x12f/0x280 [ 437.122869][ T8933] ? lockdep_hardirqs_on+0x94/0x140 [ 437.128083][ T8933] percpu_down_read+0x46/0x1b0 [ 437.132853][ T8933] ? ext4_writepages+0x20f/0x2df0 [ 437.137878][ T8933] ext4_writepages+0x20f/0x2df0 [ 437.142727][ T8933] ? __switch_to_asm+0x34/0x60 [ 437.147514][ T8933] ? __schedule+0x11f7/0x43c0 [ 437.152200][ T8933] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 437.158182][ T8933] ? lock_chain_count+0x20/0x20 [ 437.163036][ T8933] ? ext4_readpage+0x2e0/0x2e0 [ 437.167799][ T8933] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 437.173434][ T8933] ? release_firmware_map_entry+0x190/0x190 [ 437.179328][ T8933] ? preempt_schedule+0xbc/0xd0 [ 437.184183][ T8933] ? __lock_acquire+0x7d10/0x7d10 [ 437.189217][ T8933] ? do_raw_spin_lock+0x128/0x2f0 [ 437.194239][ T8933] ? preempt_schedule_thunk+0x16/0x18 [ 437.199609][ T8933] ? ext4_readpage+0x2e0/0x2e0 [ 437.204378][ T8933] do_writepages+0x476/0x6e0 [ 437.209007][ T8933] ? __writepage+0x130/0x130 [ 437.213600][ T8933] ? writeback_single_inode+0x3c0/0x8e0 [ 437.219147][ T8933] ? __lock_acquire+0x7d10/0x7d10 [ 437.224169][ T8933] ? do_raw_spin_lock+0x128/0x2f0 [ 437.229197][ T8933] __writeback_single_inode+0x153/0xda0 [ 437.234742][ T8933] writeback_single_inode+0x3cb/0x8e0 [ 437.240116][ T8933] ? write_inode_now+0x2c0/0x2c0 [ 437.245097][ T8933] ? preempt_schedule+0xbc/0xd0 [ 437.249958][ T8933] write_inode_now+0x23b/0x2c0 [ 437.254731][ T8933] ? bdi_split_work_to_wbs+0x8a0/0x8a0 [ 437.260198][ T8933] ? preempt_schedule_thunk+0x16/0x18 [ 437.265582][ T8933] iput+0x5ab/0x8a0 [ 437.269394][ T8933] ext4_xattr_set_entry+0x34f4/0x3ea0 [ 437.274783][ T8933] ? ext4_xattr_ibody_set+0x330/0x330 [ 437.280168][ T8933] ? __ext4_journal_get_write_access+0x2ea/0x6e0 [ 437.286503][ T8933] ? __might_sleep+0xf0/0xf0 [ 437.291100][ T8933] ? ext4_xattr_block_set+0xc2/0x2d20 [ 437.296476][ T8933] ext4_xattr_block_set+0x4fd/0x2d20 [ 437.301766][ T8933] ? ext4_get_inode_loc+0x120/0x120 [ 437.306996][ T8933] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 437.312734][ T8933] ? ext4_xattr_block_find+0x500/0x500 [ 437.318188][ T8933] ? ext4_xattr_block_find+0x433/0x500 [ 437.323654][ T8933] ext4_expand_extra_isize_ea+0xf3f/0x19b0 [ 437.329473][ T8933] __ext4_expand_extra_isize+0x301/0x3e0 [ 437.335116][ T8933] __ext4_mark_inode_dirty+0x469/0x700 [ 437.340584][ T8933] ext4_evict_inode+0xa8d/0x1090 [ 437.345527][ T8933] ? _raw_spin_unlock+0x24/0x40 [ 437.350384][ T8933] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 437.356289][ T8933] ? do_raw_spin_unlock+0x11d/0x230 [ 437.361495][ T8933] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 437.367388][ T8933] evict+0x4c9/0x8d0 [ 437.371285][ T8933] ? proc_nr_inodes+0x320/0x320 [ 437.376143][ T8933] ? _raw_spin_unlock+0x36/0x40 [ 437.381005][ T8933] ? iput+0x706/0x8a0 [ 437.384987][ T8933] ext4_orphan_cleanup+0xad2/0x1320 [ 437.390193][ T8933] ? ext4_orphan_del+0xbf0/0xbf0 [ 437.395158][ T8933] ? errseq_check_and_advance+0x62/0x120 [ 437.400791][ T8933] ext4_fill_super+0x8e25/0x95a0 [ 437.405748][ T8933] ? ext4_mount+0x40/0x40 [ 437.410087][ T8933] ? set_blocksize+0x1f3/0x370 [ 437.414855][ T8933] ? sb_set_blocksize+0xa5/0xe0 [ 437.419703][ T8933] mount_bdev+0x287/0x3c0 [ 437.424028][ T8933] ? ext4_mount+0x40/0x40 [ 437.428353][ T8933] legacy_get_tree+0xe6/0x180 [ 437.433029][ T8933] ? ext4_errno_to_code+0x160/0x160 [ 437.438227][ T8933] vfs_get_tree+0x88/0x270 [ 437.442640][ T8933] do_new_mount+0x24a/0xa40 [ 437.447165][ T8933] __se_sys_mount+0x2e3/0x3d0 [ 437.451847][ T8933] ? __x64_sys_mount+0xc0/0xc0 [ 437.456615][ T8933] ? syscall_enter_from_user_mode+0x2a/0x70 [ 437.462502][ T8933] ? __x64_sys_mount+0x1c/0xc0 [ 437.467268][ T8933] do_syscall_64+0x4c/0xa0 [ 437.471678][ T8933] ? clear_bhb_loop+0x30/0x80 [ 437.476351][ T8933] ? clear_bhb_loop+0x30/0x80 [ 437.481035][ T8933] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 437.486934][ T8933] RIP: 0033:0x7f340e0e8a0a [ 437.491348][ T8933] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 437.510951][ T8933] RSP: 002b:00007f340c340e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 437.519372][ T8933] RAX: ffffffffffffffda RBX: 00007f340c340ee0 RCX: 00007f340e0e8a0a [ 437.527345][ T8933] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f340c340ea0 [ 437.535313][ T8933] RBP: 0000200000000180 R08: 00007f340c340ee0 R09: 0000000000800718 [ 437.543286][ T8933] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140 [ 437.551249][ T8933] R13: 00007f340c340ea0 R14: 00000000000004a3 R15: 00002000000003c0 [ 437.559221][ T8933] [ 437.579343][ T8933] ------------[ cut here ]------------ [ 437.584896][ T8933] EA inode 11 i_nlink=1026 [ 437.585128][ T8933] WARNING: CPU: 1 PID: 8933 at fs/ext4/xattr.c:1006 ext4_xattr_inode_update_ref+0x4e7/0x540 [ 437.645832][ T8933] Modules linked in: [ 437.650581][ T8933] CPU: 0 PID: 8933 Comm: syz.3.1182 Not tainted syzkaller #0 [ 437.667215][ T8933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 437.683362][ T8861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 437.690407][ T8861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 437.716607][ T8933] RIP: 0010:ext4_xattr_inode_update_ref+0x4e7/0x540 [ 437.723244][ T8933] Code: 7c 24 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 da e6 a1 ff 49 8b 37 48 c7 c7 00 9b 3d 8a 89 da e8 09 f2 94 07 <0f> 0b 4c 8b 64 24 08 4c 8b 7c 24 10 e9 a9 fe ff ff e8 53 e1 9f 07 [ 437.749520][ T8861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 437.760283][ T8933] RSP: 0018:ffffc90002eff160 EFLAGS: 00010246 [ 437.766548][ T8933] RAX: 26a27bf743efe800 RBX: 0000000000000402 RCX: 0000000000080000 [ 437.775900][ T8861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 437.786693][ T8933] RDX: ffffc9000cb89000 RSI: 000000000007ffff RDI: 0000000000080000 [ 437.794846][ T8861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 437.823883][ T8933] RBP: ffffc90002eff250 R08: ffffc90002efec87 R09: 1ffff920005dfd90 [ 437.832308][ T8933] R10: dffffc0000000000 R11: fffff520005dfd91 R12: ffff88805fb51690 [ 437.842886][ T8933] R13: 1ffff1100bf6a311 R14: dffffc0000000000 R15: ffff88805fb516d0 [ 437.852568][ T8861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 437.863376][ T8933] FS: 00007f340c3416c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 437.872835][ T8933] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 437.881348][ T8933] CR2: 0000200000002280 CR3: 0000000024940000 CR4: 00000000003506f0 [ 437.889544][ T8933] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 437.896610][ T4307] Bluetooth: hci1: command 0x040f tx timeout [ 437.898217][ T8933] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 437.911735][ T8933] Call Trace: [ 437.915068][ T8933] [ 437.918236][ T8933] ? ext4_xattr_block_csum+0x560/0x560 [ 437.923841][ T8933] ? ext4_xattr_inode_iget+0x3f0/0x600 [ 437.929532][ T8933] ? bit_wait+0xc0/0xc0 [ 437.933745][ T8933] ext4_xattr_set_entry+0xed9/0x3ea0 [ 437.954773][ T8933] ? __sync_dirty_buffer+0x32d/0x370 [ 437.966363][ T8933] ? __ext4_handle_dirty_metadata+0x39d/0x800 [ 437.973094][ T8940] device syzkaller0 entered promiscuous mode [ 437.979337][ T8933] ? ext4_xattr_block_set+0xda0/0x2d20 [ 437.995992][ T8933] ? ext4_xattr_ibody_set+0x330/0x330 [ 438.001713][ T8933] ? ext4_get_inode_loc+0x120/0x120 [ 438.007122][ T8933] ext4_xattr_ibody_set+0x112/0x330 [ 438.012406][ T8933] ext4_expand_extra_isize_ea+0x10d3/0x19b0 [ 438.018719][ T8933] __ext4_expand_extra_isize+0x301/0x3e0 [ 438.024440][ T8933] __ext4_mark_inode_dirty+0x469/0x700 [ 438.036574][ T8933] ext4_evict_inode+0xa8d/0x1090 [ 438.053955][ T8933] ? _raw_spin_unlock+0x24/0x40 [ 438.064517][ T8933] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 438.074142][ T8933] ? do_raw_spin_unlock+0x11d/0x230 [ 438.080206][ T8933] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 438.089344][ T8933] evict+0x4c9/0x8d0 [ 438.093324][ T8933] ? proc_nr_inodes+0x320/0x320 [ 438.099332][ T8933] ? _raw_spin_unlock+0x36/0x40 [ 438.104257][ T8933] ? iput+0x706/0x8a0 [ 438.108540][ T8933] ext4_orphan_cleanup+0xad2/0x1320 [ 438.113798][ T8933] ? ext4_orphan_del+0xbf0/0xbf0 [ 438.118990][ T8933] ? errseq_check_and_advance+0x62/0x120 [ 438.124692][ T8933] ext4_fill_super+0x8e25/0x95a0 [ 438.130011][ T8933] ? ext4_mount+0x40/0x40 [ 438.134369][ T8933] ? set_blocksize+0x1f3/0x370 [ 438.139394][ T8933] ? sb_set_blocksize+0xa5/0xe0 [ 438.144321][ T8933] mount_bdev+0x287/0x3c0 [ 438.158852][ T8933] ? ext4_mount+0x40/0x40 [ 438.161578][ T8861] device hsr_slave_0 entered promiscuous mode [ 438.163208][ T8933] legacy_get_tree+0xe6/0x180 [ 438.174293][ T8933] ? ext4_errno_to_code+0x160/0x160 [ 438.181063][ T8933] vfs_get_tree+0x88/0x270 [ 438.185552][ T8933] do_new_mount+0x24a/0xa40 [ 438.191469][ T8861] device hsr_slave_1 entered promiscuous mode [ 438.198030][ T8933] __se_sys_mount+0x2e3/0x3d0 [ 438.202735][ T8933] ? __x64_sys_mount+0xc0/0xc0 [ 438.208154][ T8861] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 438.215718][ T8861] Cannot create hsr debugfs directory [ 438.221315][ T8933] ? syscall_enter_from_user_mode+0x2a/0x70 [ 438.239864][ T8933] ? __x64_sys_mount+0x1c/0xc0 [ 438.244665][ T8933] do_syscall_64+0x4c/0xa0 [ 438.266451][ T8933] ? clear_bhb_loop+0x30/0x80 [ 438.271152][ T8933] ? clear_bhb_loop+0x30/0x80 [ 438.275852][ T8933] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 438.295685][ T8933] RIP: 0033:0x7f340e0e8a0a [ 438.300338][ T8933] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 438.361221][ T8951] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz.2.1180: iget: bad i_size value: 2533274857506816 [ 438.376678][ T8933] RSP: 002b:00007f340c340e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 438.385876][ T8951] usb usb8: usbfs: process 8951 (syz.2.1180) did not claim interface 0 before use [ 438.405222][ T8933] RAX: ffffffffffffffda RBX: 00007f340c340ee0 RCX: 00007f340e0e8a0a [ 438.419757][ T4379] device hsr_slave_0 left promiscuous mode [ 438.427049][ T4379] device hsr_slave_1 left promiscuous mode [ 438.433279][ T4379] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 438.443237][ T8933] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f340c340ea0 [ 438.473806][ T4379] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 438.490978][ T8933] RBP: 0000200000000180 R08: 00007f340c340ee0 R09: 0000000000800718 [ 438.531038][ T4379] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 438.541920][ T8933] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140 [ 438.570402][ T4379] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 438.582112][ T8933] R13: 00007f340c340ea0 R14: 00000000000004a3 R15: 00002000000003c0 [ 438.602038][ T4379] device bridge_slave_1 left promiscuous mode [ 438.610511][ T8933] [ 438.613634][ T8933] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 438.620921][ T8933] CPU: 0 PID: 8933 Comm: syz.3.1182 Not tainted syzkaller #0 [ 438.628323][ T8933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 438.638471][ T8933] Call Trace: [ 438.641758][ T8933] [ 438.644697][ T8933] dump_stack_lvl+0x188/0x250 [ 438.649392][ T8933] ? show_regs_print_info+0x20/0x20 [ 438.654604][ T8933] ? load_image+0x400/0x400 [ 438.659117][ T8933] panic+0x2e5/0x810 [ 438.663031][ T8933] ? bpf_jit_dump+0xd0/0xd0 [ 438.666906][ T4379] bridge0: port 2(bridge_slave_1) entered disabled state [ 438.667555][ T8933] ? ext4_xattr_inode_update_ref+0x4e7/0x540 [ 438.680547][ T8933] __warn+0x248/0x2b0 [ 438.684552][ T8933] ? ext4_xattr_inode_update_ref+0x4e7/0x540 [ 438.690555][ T8933] report_bug+0x1b7/0x2e0 [ 438.694917][ T8933] handle_bug+0x3a/0x70 [ 438.699084][ T8933] exc_invalid_op+0x16/0x40 [ 438.703599][ T8933] asm_exc_invalid_op+0x16/0x20 [ 438.708467][ T8933] RIP: 0010:ext4_xattr_inode_update_ref+0x4e7/0x540 [ 438.715080][ T8933] Code: 7c 24 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 da e6 a1 ff 49 8b 37 48 c7 c7 00 9b 3d 8a 89 da e8 09 f2 94 07 <0f> 0b 4c 8b 64 24 08 4c 8b 7c 24 10 e9 a9 fe ff ff e8 53 e1 9f 07 [ 438.734696][ T8933] RSP: 0018:ffffc90002eff160 EFLAGS: 00010246 [ 438.740778][ T8933] RAX: 26a27bf743efe800 RBX: 0000000000000402 RCX: 0000000000080000 [ 438.748757][ T8933] RDX: ffffc9000cb89000 RSI: 000000000007ffff RDI: 0000000000080000 [ 438.756730][ T8933] RBP: ffffc90002eff250 R08: ffffc90002efec87 R09: 1ffff920005dfd90 [ 438.764703][ T8933] R10: dffffc0000000000 R11: fffff520005dfd91 R12: ffff88805fb51690 [ 438.772679][ T8933] R13: 1ffff1100bf6a311 R14: dffffc0000000000 R15: ffff88805fb516d0 [ 438.780662][ T8933] ? ext4_xattr_block_csum+0x560/0x560 [ 438.786138][ T8933] ? ext4_xattr_inode_iget+0x3f0/0x600 [ 438.791596][ T8933] ? bit_wait+0xc0/0xc0 [ 438.795751][ T8933] ext4_xattr_set_entry+0xed9/0x3ea0 [ 438.801042][ T8933] ? __sync_dirty_buffer+0x32d/0x370 [ 438.806333][ T8933] ? __ext4_handle_dirty_metadata+0x39d/0x800 [ 438.812415][ T8933] ? ext4_xattr_block_set+0xda0/0x2d20 [ 438.817876][ T8933] ? ext4_xattr_ibody_set+0x330/0x330 [ 438.823272][ T8933] ? ext4_get_inode_loc+0x120/0x120 [ 438.828500][ T8933] ext4_xattr_ibody_set+0x112/0x330 [ 438.833736][ T8933] ext4_expand_extra_isize_ea+0x10d3/0x19b0 [ 438.839643][ T8933] __ext4_expand_extra_isize+0x301/0x3e0 [ 438.845286][ T8933] __ext4_mark_inode_dirty+0x469/0x700 [ 438.850777][ T8933] ext4_evict_inode+0xa8d/0x1090 [ 438.855720][ T8933] ? _raw_spin_unlock+0x24/0x40 [ 438.860596][ T8933] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 438.866502][ T8933] ? do_raw_spin_unlock+0x11d/0x230 [ 438.871710][ T8933] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 438.877603][ T8933] evict+0x4c9/0x8d0 [ 438.881625][ T8933] ? proc_nr_inodes+0x320/0x320 [ 438.886498][ T8933] ? _raw_spin_unlock+0x36/0x40 [ 438.891350][ T8933] ? iput+0x706/0x8a0 [ 438.895331][ T8933] ext4_orphan_cleanup+0xad2/0x1320 [ 438.900535][ T8933] ? ext4_orphan_del+0xbf0/0xbf0 [ 438.905482][ T8933] ? errseq_check_and_advance+0x62/0x120 [ 438.911127][ T8933] ext4_fill_super+0x8e25/0x95a0 [ 438.916076][ T8933] ? ext4_mount+0x40/0x40 [ 438.920411][ T8933] ? set_blocksize+0x1f3/0x370 [ 438.925204][ T8933] ? sb_set_blocksize+0xa5/0xe0 [ 438.930058][ T8933] mount_bdev+0x287/0x3c0 [ 438.934486][ T8933] ? ext4_mount+0x40/0x40 [ 438.938825][ T8933] legacy_get_tree+0xe6/0x180 [ 438.943512][ T8933] ? ext4_errno_to_code+0x160/0x160 [ 438.948711][ T8933] vfs_get_tree+0x88/0x270 [ 438.953126][ T8933] do_new_mount+0x24a/0xa40 [ 438.957640][ T8933] __se_sys_mount+0x2e3/0x3d0 [ 438.962317][ T8933] ? __x64_sys_mount+0xc0/0xc0 [ 438.967090][ T8933] ? syscall_enter_from_user_mode+0x2a/0x70 [ 438.972984][ T8933] ? __x64_sys_mount+0x1c/0xc0 [ 438.977760][ T8933] do_syscall_64+0x4c/0xa0 [ 438.982182][ T8933] ? clear_bhb_loop+0x30/0x80 [ 438.986859][ T8933] ? clear_bhb_loop+0x30/0x80 [ 438.991570][ T8933] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 438.997472][ T8933] RIP: 0033:0x7f340e0e8a0a [ 439.001896][ T8933] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 439.021514][ T8933] RSP: 002b:00007f340c340e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 439.029947][ T8933] RAX: ffffffffffffffda RBX: 00007f340c340ee0 RCX: 00007f340e0e8a0a [ 439.037929][ T8933] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f340c340ea0 [ 439.045939][ T8933] RBP: 0000200000000180 R08: 00007f340c340ee0 R09: 0000000000800718 [ 439.053921][ T8933] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140 [ 439.061900][ T8933] R13: 00007f340c340ea0 R14: 00000000000004a3 R15: 00002000000003c0 [ 439.069891][ T8933] [ 439.073259][ T8933] Kernel Offset: disabled [ 439.077595][ T8933] Rebooting in 86400 seconds..