last executing test programs: 9m51.615878895s ago: executing program 4 (id=9254): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) 9m50.567466948s ago: executing program 4 (id=9261): openat$autofs(0xffffffffffffff9c, 0x0, 0x200, 0x0) syz_mount_image$iso9660(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x21488b, &(0x7f00000004c0)=ANY=[@ANYBLOB='map=acorn,sbsector=0x0000000000000000,uid=', @ANYRESDEC=0x0, @ANYBLOB="0000b18eb07a9dbec07d91edf772ce16e8f4545927e1e38533740c5b1da10b839e273fa468d364205a63adda5262cda8e690d1049c884d79e243210c733da8adfb6db6f3b3464aca805a08f3cacf9bce83fd7888eb1f09a8a7f55959926a7fd5ac27fd519bccdcfda872f503656169", @ANYRES16, @ANYRESDEC, @ANYRESOCT], 0x1, 0x65c, &(0x7f0000000e40)="$eJzs3V1rG+n5x/HfyLKs+A/hT1uWEPJwJ+mCQ1NFkjcOIoV2OhrZs5U0YkZubSgs6cZeQuRsm6TQ+GTJSR9g+wb2bE+W0hdR6HHfRQ8LS3tW6MmUebJsS7LkRLF3t9+PiefWzDVzX/eMMhdjSSMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABZTrNarVlqe93NLTOZ0wz8zgnL060t6nbauD2mqy+O9CtZ8T+Vy7qUzrr0neHid+JfN3UlfXRF5XhS1v7/vfP/D75dLOTrn5DQ61AkzbDNUpakMc9f7j95OBjsPJtzIl8BKswQtO52vdD3Ova6a7zQN421terdjVZoWl5J4XbYdzvGCdxC3w/MinPb1BqNVeNWtv3N7nrTbrv5zPvfr1era+b9pWzP3n2/EjobXrvtddeTmHhxHHPffPrzNMS1O8bsPh7srE5LMg6qzRJUnxZUr9brtVq9Xlu717h3v1otjsyoHqORiLk/afE1M7+TN/CGCnH9/7sltVVWV5vakhn746ipQL46E5Zn8vr/7l33xH4P1/+8yl8aLr6spP5fSx9dm1T/J+RiZJIVxi2xJsx/vZ/neql9PdFDDTTQjp7NZ7vX55fh2/1Zl4qSp1C+PHVka12uTDbHqKE1ramqD7ShlkIZteSpLVehthWqL1ed5JgEcmUnrdiKHN2WUU0NNbQqI1cVbcvXprpaV1O2/h1F0a4eJ/t99YQclQfVZgmqnxA0qf7/4pM066n13xL1/xstP3/NEgOcuyi7/j+l628nGwAAAAAA8DZYyV/freS1+6uSIrW8tls977QAAAAAAMAcJa/8X4kni3HrqqwJ1//R2ecGAAAAAADmw0o+Y2dJWk7e1G8NPwk1y5sAFs4gRQAAAAAA8IaS1/+vlaQouffadVmnuv4HAAAAAABfA78/dI/9Yn6P3Sh/Wb8gKewtWX/555KCRetVb+u71p4dL7H3spiRdwD0W5eti9mNepNJSVLyyHGvWFfToOwmmFa++pe70+71bwXHEigt5H++mJbAWjF7pE91I425UU6nj/YLSpakvSy3vLZbcfz2g5ps+2Kh7271f/308W+k4GCcu48HO5UPPx48SnJ5Fc96tRfn8cmRdArTcnmhbF9cHTviC2rlXf6h21m2kn6r+fgXZO8VDnc02/h/q5tpzM3ldLq8r2xPJOMvx+OvVZJDNhx9PKrP/jQcfe34yMcdiAlZlJMsbqUxt1ZupZM8vyyL7y1I9crxY1CKn4LDfVE/nMX0fWH9a2RfTMki3hercRZ/jTc0fCYcyWL1dFmMHBEAOC+7wyqU3MR89B77x+vu65zlplf3Hx3t5cVnUfqBwwWpmL02cWIvZcVn9JVk2yopObEWLx+cZfdu5Gf0alZXyppwRq++QXWL+/rz8DuQsrRH6sp/oih6UEv6/eNBv2lV/Txe4fOJ/Ybt+kI8wrsv9n6Z3AA/9tHORztP6/XVtep71eq9uhaTYWQTag8AYIzp37EzNcJ67+Cq+tE/3k1bRyretw7eUlDRh/pYAz3SnfwrBK6P3+ryobch3Bm9ao1jL0jHY2u6szTpqi6ppWnsz7ZLP0yDkt+Lylc5WqmH2119q8cAAICzdrORNSbU4Vnq/53kulvSyuVD190H1+zHavnxbwieVHNrZ7YPAAD4X+MGX1rL/d9ZQeD1Pqg1GjW7v+GawHd+YgKvue4ar9t3A2fD7q67phf4fd/x26YXaMlruqEJN3s9P+iblh+Ynh96W6bltV2TffV76Hbsbt9zwl7btUPXOH63bzt90/RCx/Q2f9z2wg03SFYOe67jtTzH7nt+14T+ZuC4FWNC1z0U6DXdbt9reXGza3qB17GDbfNTv73ZcU3TDZ3A6/X9dIN5X1635QedZLMVRaf+okMAAL6Jnr/cf/JwMNh5NqmRXNFPiRk2SuM2mPfFK84AAHw1jFbpicpnkhAAAAAAAAAAAAAAAAAAAAAAABgx/SN9p2wsjvuwoHQw51cXZ9qOpXkndppG4fVX/9sJMRcO5uS7/3DMq3MYqdJGcf5bvnCaj43OofGD3XSPToyJF45dtHRwLIrz/+8QN55+MWFRFEXRyasvHd2HpZMGeLRRlPSs9AaH4HzORwDOzn8DAAD//z8MQI8=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) 9m50.131955653s ago: executing program 4 (id=9263): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4000, &(0x7f00000001c0)={[{@part={'part', 0x3d, 0x8000}}, {@file_umask={'file_umask', 0x3d, 0x40000007}}, {@codepage={'codepage', 0x3d, 'cp950'}}, {@iocharset={'iocharset', 0x3d, 'cp852'}}]}, 0x9, 0x344, &(0x7f0000000980)="$eJzs3U9r1EwcB/DvJLvb7LOlT2wrBU9SLXgqbT0oHrRI8eIb8CDF2m6hNFbQCloQq2cRb4Lg0Ztn0begF/ENKB4Kiie9FA9GZjLJJutMNk233db9fsDd7Gb+/CaZSWZaakBEfevi3KeXp7fkP1EF4AI4BzgAPKAC4CjGvDtr6x0LcpMtgSin+CvN4lrTlNWDzqH58lMFg+nvaG+EYRh+tu/+cl69/di/gKgnRHoEpzjAABw1EtV+b98j2xubsl39JnWGxTa2cRdDvQyHiIh6T9//HX2XGNTzd8cBJvQ8/LDf/zPzm+3exXEgJPd/J/ocCnl8/le75HpvZT1oLkVLOHn2nXiVaCrL2CdCFzW9qd4dwG2kplypWsxULE59eSVoTm6qAh7hgpZKNqpelxA3RCaFLVod0bhhbZojr+35GqoNVdmGGUv8I3k1GhfAb7/hmbm6+fcFYhLvxAcxL3w8x1Iy/6uEQh4cdXz8tqESxT9lL1G10o9SZVrZCv+IquRYfAbevGq1sm47rh5cGYuJLEW0z9/9OM6nNXsuDCP7Y4WoddP21qlcI0BF6M7VyjWTJPplzDXaXld9uRo0JxdvBrZO313GFZ14Iq6IcXzHa8yl5v+OTD0B+8jMjHKhUuqekdueikppOY8ZagDfKD4yq4VT/usuGU90m6/Zj49xHWcxdPvexupCEDRv9X4jHiolsx/vcjxRR9TdUX4j31Np4MkN2Qm7VunvMAyNuyooWI4cpKXDiAbUmRetJm+sLgh9zdtdA+WVs23XrD0xgFkA+pv4ilCm9gdJrgFdoF8w+095ttU35g4ZR7UPAySuKrPLxUChkVIvUenl+6sLQemrER0irZOOsavJBFnijwb7hJx3iWj9l1qvTKmrjnzxc9Y/YafCUyVOW1ZAw+r1v2QFp3RYczXsK7hGvNFhzXXiFHCylq3RQVzjw/ZifR0nDuJvJXf+qwwxh4+4xkFORERERERERERERERERERERERERHTY7PSvEcr8OUG2xq0+/I83iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIh2p/X83+T5LjXT83/zntSkuNETYrxuPP/XLfD8X7FZrIFEZPUnAAD//2/CX5Q=") ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f00000004c0)="c7ba5eb00caa9ab4ac5a6bdbe0fa681c5a9f2e2141d04da32a70ea6c51d0f6d914d781885d52f42dbd61e081c8994c78a3c68f62caeeb9a96118761d8ddde84bac6ce8fb384e66171b0e2f358dcdf6de00cec324f74a1ad2f98aa11518474437d913d19ea7c17e1820d7b2d7160d56afc7b0f190acfa3c8c3824e085aba99c0d018283ebf045a17b4b74a33aea654ec322e274e226ce1c1c6c5ed48b5c56eda8b76d55106f41ebce3580763bef22214a7527c5f47cde06ee2b5f1463e9c716e9001aeafaebe4cb2a59d7c9dee42cf8ef4e988b88e0cd240326020a820f1d113fc2ecc3e471cb97f3008c604ceb55b19ba3ba7fee9e8a6eea574d8d43c7e08e36") openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt', 0x0, 0x0) 9m48.8490041s ago: executing program 4 (id=9270): capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd}) r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x1, @buffer={0x300, 0x0, 0x0}, &(0x7f0000000140)="8f13bf89a6d2", 0x0, 0x1, 0x14, 0x0, 0x0}) 9m47.516339725s ago: executing program 4 (id=9284): r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000002240)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000d80)=[@sndrcv={0x30, 0x84, 0x1, {0x3, 0xff, 0x4, 0x75, 0x8b, 0x1, 0x1, 0x8}}], 0x30, 0x800}], 0x1, 0x800) sendmmsg$inet(r0, &(0x7f0000002c80)=[{{&(0x7f0000000940)={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000380)="00dd41dc115d27cf850a782da28375b561df298712d56b", 0x2}], 0x1}}, {{&(0x7f0000000c40)={0x2, 0x4e20, @local}, 0x10, 0x0, 0x0, &(0x7f0000000d80), 0x30}}], 0x2, 0x41) 9m47.221684124s ago: executing program 4 (id=9286): r0 = syz_open_dev$evdev(&(0x7f0000000400), 0x200, 0x1a1800) syz_clone(0x6800c000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000480)=""/10) 9m31.978472347s ago: executing program 32 (id=9286): r0 = syz_open_dev$evdev(&(0x7f0000000400), 0x200, 0x1a1800) syz_clone(0x6800c000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000480)=""/10) 5m40.539017347s ago: executing program 1 (id=11452): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0x101}}, {@errors_remount}]}, 0x1, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==") lsetxattr$trusted_overlay_redirect(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x1) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000080)) llistxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) 5m40.416042706s ago: executing program 1 (id=11454): syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000140)={[{@nossd_spread}, {@nodatasum}, {@compress_force}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@flushoncommit}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x30, 0x37, 0x65]}}, {@nodiscard}]}, 0xfb, 0x510a, &(0x7f000000d000)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h795j5Lrqw4Gf2dd4H97dBH4i5IfAQB3jgtdrOzzUpmKdpioKpaxLSlQhio29Dos32NhOwREgxwalKIKmJRL80SiOEKrzR1KLBAWaRHEjYRQ1D5SqEUmUiLROEFFoGkChEIlUs/ee2Tvn7jw23nW84fORvHNmvud55+E59945FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfjcc/9Jn/rZV/N7fXvToE5dOfPLQ5kuf/fxFZz8YwuTs45UsXBm4+vqJn9984S2H7th4w20nL357X14uj4fB2p+u/M4XY60nV4ZweyWEnjSwbigL9Ob3h2J9bxgK4awwF6iXmBrISqQNh+/3h3AkzAXqVX2vP4ShQuCSh+65+yu1xHX9IawOIVTTNh6vZm30p4Hz+rLAQBrY3ZMFfvVSph74blcWgFMW3wz1F/2xycYMo/OXa/L66120jr2y0uF1x8Ro83w/27zEnSroSx+YPKWnrVQdS6L09jju3bYM3m2l7Xytp634RSr/hvLSXKgaunZM7dx2xcz++EhXGBvrblbTEj3Pjzz/ue0LSS+b12HswOiivA6/+sDqm7vXfuD+29atfvroOw4/c6rd/FFhkxbTS60a8tfcsnkeowmfJ8vg7Vf6lrTKl64Qws5P/N4HW8VL8//R1vP/+HKOt10NuWOtLw5nc/P4yFBMPDeczc1b6VnoGAEAAGDxdRVSZ/5e091jd72nUHykmtRXmv+v6uz4f9wK+WQ+G+3xECZmE4dHQjhn9vEscFNs7uMjIbx5NjXZGNicBI6H8PrZxNp6VUmJFbHEqiTwk+E8MJEETsTAZBL4VgxcmwS+GAPHksD2GDieBC6MgTDdOI7fH87H0XGgPwa2ZhvxWDwL4RfDsbVkWz1WrwoAAGCR5LPD3sa7hXMdTjVDnF4e62+XIZ6B3TRDNakhncHWp1VNa+hpV0NXuxrq4z7Yevilmivtai6dhlFpzHD9L//mQ6GF0vx/vPX8vzpPRyql4/8hbJn9G3N35ZGZenzrZEMGAAAA4BQM/u+T32wVL83/Jzo7/z/uE+kuZA73xd0Qu0ZCGG8MZNX+YTmQHfUezAMAAACwHNSPx9ePhU/nt9kp2ul8upx/coH544H/iXnz9x2/c2ur/pbm/5Odnf8/0HibdeJE7MXXRkJYUQj8IPayFpi1KgZ+/N7GQD7+E3EDXBOryk9MqFd1TSyxNQbGk8CRZiV+WC9xTmMgf7LqjR+uj2M6L1EIAAAAwGkXdwfE4/Lx/P+3/GbjZ1qVK83/ty7s/P/ZeXDp9P6ZwRDW94TQnf4w4L6BbGHAGBiq5Im7BrK6utOqrhoI4YLawNKqnszX/+9J1xh8qD+rKgbOecvR58+rJb7ZH8L6YuDhj9z4zlpifxKoN/6X/SG8qTbatPHvrMga700b//qKEN5YCNSr+viKEGqN9aVV3VPNr2OQVvXP1RBeUwjUq3pXNYQDAYBlKv5XuqP44L4DV+7aNjMztXcJE3Effn/YOT0zNbZ998yOapM+7Uj63LCM0VXlMXV65ZvH8iWKPnzrlqFO0vXfCY4X28r345dOHMzvx+9CvbPj3NjbcHdTOuS3vbXcRGhY72n+IXct8ZAHipXMPYml+mP+vjAYVlyxb2rv2Ge37d+/d0P2t9PsG7O/8TBTtq02pNtqYL6+dfDyaLpaVuLlbqs1xUrW7798z/p9B65cN335tsumLpv61IZ3bRw/f3zT+LvPX18b1Xj2t81Q18xXdTLUl27scFyLONRzi8tkn45PDQkJieWW2D24puX/yaX5/57W8//4qRM/+fP1GZod/x+Nh/mzx+cO82+NgSOdHv8fbXY0v35iwKokcDAGDjrMDwAAwKtDnOTHvZlxr/RP137n6VblSvP/g539/n+R1v+vL11/cbNl/tfGEuPN1v9Pl/mvr/9/sNn6/+ky//X1/4+8Auv/X1EPJJvkF9b/BwAAXg1O3/r/bZf3Ty8QUMrQdnn/9AIBpQxtl/Hv9AIBC17///H//Kv/Di2U5v/Xdjb/t3A/AAAAnDm+8Gef+X+t4qX5/5HO5v+nf/2/0Oz8/1XNApPNFga0/h8AAADLVLP1/0avHvhYq3Kl+f+xzub/8bSLrobcsdYXh7M17UK6pt1zw/WfDAAAAMDy0BXGxno7zNuwMurml9/mI/lSoK3SRU/+ycmFnf9/vLP5f8PvMr76wOqbu9d+4P4Xb1u3+umj7zj8zNzxfwAAAGDpdLpfAgAAAAAAAAAAAAAAeOU9+R+HNrWKl37/H7bMPt7s9//xun/x9wWvbcgda22//l9+/5L333JgdsnC+4ZDeGsxsOvQrrNCfm3+NcXA3R9d+7pa4lBa4s4nLnyqlvhYGnjfurNfqCUuSAJb4yKJr08D8aqKL6xMAnF5xX9PA3F7HEsDfXngyyuzcVTSbfXToWxbVdJt9ehQCCOFQH1b3T6UtVFJB3hdEqgP8NNpIA7wz/NAV9qrWwazXsXAUCx6w2DWKwAAzljxW2Bv2Dk9MzUev8LH23N7Gm+jhiXLripXW+mw+cfypck+fOuWoU7S3el30blrjfeGam0IG0pfV4tZKrOjXJxa2my61zYZcrvV3rqalEstdNP1NR9Rfzaise27Z3b0th34pvZZNva0zbKhNNkpZuma3aQd1NJBXzoYUYfbpoMux/tdYWysO8n1BzE4Ghq0e0V0+nv94jp/zV4FxTyfOnn4V63qK83/Rzub/1eL43ohvxjAwXhlvb8bscw/AAAALK0vb/71N+K/D11978Ot8pbm/6s6m//HPVj5oeBsb8fxeP3/wyMhzF5afzQL3BSb+/hICG+eTU3GEtkF9S+OJcazwE1xh8naWGLrZGNVK2LgWBL4yXAeOJ4ETsRAvpfiaMh35fz9cAjvnE1taSyxJ5YYTQIfjIFVSWAsBsaTwMoYmEgCz67MA5NJ4N9iIEw3bqtbV+bbCgAAYCHyeVZv492QzvOO9bTLUGmXYaBdhq52GartMjQbRbz/7ZihNzl5pVLI1JvW2p/UUsoQL4a/4H6VMoQfNuZMC5aajucf1M83qDRmuOM9PdXQQmn+P97Z/H+g8TZr/USc/89d/y8L/CB272vx1PFVMfDj9zYG8h0DJ+Jk95p6VZN5iXzSfk0sMREDq5LAnhiYSAJbt+SBI69rDOQz7Xrjh+uNT+clCgEAAAA47eIOgribJs7/b9j3pcFW5Urz/4nO5v+xvcFiY1+MtZ5cGcLtlbne1APrhrJA3I8xFH8e/4ahEM4q7OCol5gayEr0JQ2H7/dnv1DvS6v6Xn/244N4/5KH7rn7K7XEdf0hrC7sfam38Xg1a6M/DZzXlwUG0sDuniwQ9/zUA9/tygJwyup7BeMLKj/VpW50/nJNXn+vlmuCpsMr7QOdJ998v7laKqUdrvk+1bqFPW0t99+yaEpvj+Pebcvx3Tbq3Vb8IpV/Q3lpLlQNXTumdm67YmZ/fKT4S9aSJXqei79S7SS9CK/Dgy+/t+1V0w6MJx8f4/OXm/91WInVffWB1Td3r/3A/betW/300XccfqbjbjQRfyh8z+f/dehHhc271Kohf80tu8+TSZ8ny+K/gYOFTs2dmV33u/m0bXn269e0ipfm/5Odzf97kttZv44bc99ICG8rbNz74ub/45Hsc7AQyD4lX1MOZIfc/2u46ScnAAAALLb6noX6/oLp/DY7ITydJ5fzTy4wf9xfMTFv/k77PfDXH13dKl6a/29tPf9fkXTT8X/H/1kijv/P60zfFb0ifeDgKe2KLlXHknD8f15n+rvN8f95Of7v+P98HP9vw/H/eZ3pT1vpW9IeX7pCCE//0V2PtoqX5v97Opv/W/9v/kX76uv/bW22/t+eZuv/HbT+HwAAsKSaLDSXzvNKq/eVMqSr95UytF0gsO0Sg9b/W/D6f0+d+/hvQgul+f/Bzub/8eUwWGx9uaz/t2pLk6qujYE9FgYEAADgTNRsBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACvrDv+4X92tIrf+9uLHn3i0olPHtp86bOfv+jsB0OYnn28koUrA1dfP/Hzmy+85dAdG2+47eTFb6/m5Xrz2//fkDvW+uJwCEcKjwzFxHPDtTtzgUvef8uBnlrivuEQ3loM7Dq066xa4lvDIawpBu7+6NrX1RKH0hJ3PnHhU7XEx9LA+9ad/UItcUEeqKTd/ceVWXcraXe/sjKEkUKg3t1Prmysqt7Gn+aBrrSNfxrK2oiBoVj0G0NZGzEwE0tMrwhhfU8I3WlV91azqrrTqv6lmlXVnVb1hWoIF4QQetKqnujLqupJR/5gX1ZVDJzzlqPPn1dLHOkLYX0x8PBHbnxnLfHpJFBv/C/6QnhT7SWTNv7t3qzx3rTx63pDeGMIoS8t8cuerERfWuLJnhBeUwjUG/9ETwgHAq8K8cOn4RNt34Erd22bmZnau4SJvryt/rBzemZqbPvumR3VpE/NVArpl656+WN/7PnPba/dfvjWLUOdpHvycr2zXd7Y23B305ne+9ivgWIlc89Hqf6Yvy8MhhVX7JvaO/bZbfv3792Q/e00+8bsb3cezbbVhuWyrdYUK1m///I96/cduHLd9OXbLpu6bOpTG961cfz88U3j7z5/fW1U49nfxRjqjad/qOf2FCo5HR8AEhISyy3R1fDpNn6mf5CXvujPdbQ3VGc/oAvTir5SlsrsKBdj0JtP36BLU5LCiPoa+zbvdqlkX2/KWa5qzLKpNJmYq6U/yzL7va40OSw21jW7SeP9rjA21t1sO4w23i1u3p+dwuZ9JN90naYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6PHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W4fRswEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAoAAP//PTUiXg==") r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 5m39.487211675s ago: executing program 1 (id=11471): getrandom(0xfffffffffffffffe, 0x0, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000380)={{0x80}, 'port1\x00', 0x72, 0x0, 0x0, 0x80000000, 0x4, 0x2, 0x1, 0x0, 0x7cce8c743ee810df, 0xa5}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000000c0)={0x80, 0x80, 0x8, 0x7, 0x0, 0x55a}) 5m39.408534148s ago: executing program 1 (id=11473): unshare(0x8040600) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000d62b00006110600000000000c6000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x8}, 0x50) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="05"], 0x10) 5m39.226950682s ago: executing program 1 (id=11478): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000), 0x1, 0x7eb, &(0x7f0000001fc0)="$eJzs3ctrG9sdAODfyA/ZTlq7UGiTlaHQGkLkOnWTFrpI6aIUGgi06yZGVkxq2QqWHGJjiLModFNoSxeFdpN1H+mi0G0f2/afKHdxSQj3Oubmri66zEjyU1L8loO/D8ZzzsyZOefMOTNzrBmkAC6s8fRPLuJKRPw6iRhtLk8iYiAL9UfcbqR7u7FWTKck6vWffJRkaf5+aXtfSXN+qRn5akT8+xcR13J7cx1uzsulpWZosrbwaLK6snr94cLMXGmutHhzanr6xq1v37q5f6uj+uR/q5df/eaH3/jr7f74yotf/SeJ23G5uW5zY614zN3vMx7jzWMykB7CXX5w0pn1WNLrAnAk6anZ1zjL40qMRl8W6uC4JyAAcC48jYg6AHDBJO7/AHDBtD4H2NxYK7am3n4icbZefz8ihhr1bz3fbKzpbz6zG8qeg45sJruejCQRMXYC+Y9HxB//8bM/p1Mc8jlk4qkbcAzrzyLi/tj45kZ+z/U/Sa9/g+/eQ77jmm9226ze2G58z+KLdv+BXvpnOv75zv7x39WtocVQ9nfP+Gco3+bcPYp3n/+5lx02PcC16d3S8d/3drzbtj3+23ppbayvGftCNuYbSB48LJfSa9sXI2IiBvJpfCpL2n48NvHmszed8t85/vv4tz//U5p/Ot9OkXvZn4964728RlvMztRmTqLuqdfPIq72t6t/sjX+TTqMf+923OvupvnRd3/5h04p0/qn9W1N++t/uurPI77etv232zLp+n7iZNYdJludoo2/ffD7kU75b7d/Ppun+bf+FzgLafuPdK//WBqqrqzOz5TLpaXq4fP47/PRf3Vat7P/t69/1v93Sfv/YPLTLNzqaU9marWlqYjB5Mf7l9/Y3rYVb6VP6z/xtfbnf6f+n2u+G3t/K9Zd/6vBvzR31bb+mfVO9e82wjq+tP6zh2r/VqB1NLaXVOvNbfYkfvF2vq9T/gdr/+ksNNFccpDr386Sdgsc6aABAAAAAAAAAAAAAAAAAAAAAAAAwCHlIuJyJLnCVjiXKxQav+H95RjJlSvV2rUHleXF2ch+K3ssBnKtr7oc3fF9qFPN78NvxW/siX8rIr4UEb/LD2fxQrFSnu115QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dLu3/9/ms4Khca6D/O9Lh0AcGqGel0AAODMuf8DwMVzuPv/8KmVAwA4O4f+/7+enE5BAIAzc+D7//3TLQcAcHY8/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCU3b1zJ53qn26sFdP47OOV5fnK4+uzpep8YWG5WChWlh4V5iqVuXKpUKwsdNzRemNWrlQeTcfi8pPJWqlam6yurN5bqCwv1u49XJiZK90rDZxZzQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg4Korq/Mz5XJpSaBLYLg0fB6KcY4C/XEuirEvsP7/gaxfd00cY+9N5x/skiY5ybyG9y7ZeZUY7sm1CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB98HkAAAD//yofFO0=") r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) fstat(r0, &(0x7f00000007c0)) 5m38.910727628s ago: executing program 1 (id=11484): syz_usb_connect$uac2(0x5, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000d40)=ANY=[@ANYBLOB="6000000010000104a0518fd50000000000000000", @ANYRES32=0x0, @ANYBLOB="096b0200000000002c00128009000100626f6e64000000001c00028006001900ff0300000800090001000000080007000000000014003500626f6e6430"], 0x60}, 0x1, 0x0, 0x0, 0x200040c0}, 0x4000054) r0 = socket(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0) 5m23.791704057s ago: executing program 33 (id=11484): syz_usb_connect$uac2(0x5, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000d40)=ANY=[@ANYBLOB="6000000010000104a0518fd50000000000000000", @ANYRES32=0x0, @ANYBLOB="096b0200000000002c00128009000100626f6e64000000001c00028006001900ff0300000800090001000000080007000000000014003500626f6e6430"], 0x60}, 0x1, 0x0, 0x0, 0x200040c0}, 0x4000054) r0 = socket(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0) 33.705387995s ago: executing program 5 (id=15758): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r2, 0x112, 0x13, 0x0, 0x2) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x101}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6bb}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x100}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x20004000) 33.298570569s ago: executing program 5 (id=15762): r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e) r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x69cd42, 0x74) openat$cgroup_ro(r1, &(0x7f0000000180)='cpuset.effective_cpus\x00', 0x275a, 0xb) read$FUSE(r0, &(0x7f0000001fc0)={0x2020}, 0x2020) 32.491344659s ago: executing program 5 (id=15771): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904430002317d5500090502020002020000090582020002"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$uac3(r0, 0x0, &(0x7f0000000a00)={0x44, &(0x7f0000000000)=ANY=[@ANYBLOB="201004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000005c0)={0x2c, &(0x7f0000000300)={0x0, 0x17, 0x4, "5a261e94"}, 0x0, 0x0, 0x0, 0x0}) 30.231645055s ago: executing program 5 (id=15810): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x9e, &(0x7f00000000c0)={[{@orlov}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@mblk_io_submit}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2e}, 0x84, 0x450, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLYgv2xF/MEPtYrGxh8tLagcvGg04WJiogc81lIIslBDayKESDUGj4a/QD2a+Bd40otRTxqvejcmxHARPZgxszsDS7tbd7tbtrCfTzLtezNv973vzLzdN/N2AhhYY/mfJGJ7RPwaESP17M0Fxur/rl29MPv31QuzSWTZG38mtXJ/Xb0wWxYtX7etyIynEenHSextUu/CufOnZqrVubNFfnLx9LuTC+fOP3vy9MyJuRNzZ6YPHz50cOqF56ef60mcO/K27vlgft/uI29dfm326OW3f/gqb+/2YntjHHWjXdc5FmM378sGT3T97hvLjoZ0MtTHhtCRSkTkh2u41v9HohI3Dt5IvPpRXxsHrKssy7LNK9ZWysRSBtzBkuh3C4D+KL/o8+vfcrmFw4++u/JS/QIoj/tasdS3DEValBledn3bS2MRcXTpn8/yJZrehwAA6K1v8vHPM83Gf2nc31Du7mJuaDQi7omInRFxb0Tsioj7ImplH4iIBzusf2xZfuX45+ctawqsTfn478Vibuvm8V85+ovRSpHbUYt/ODl+sjp3oNgn4zG8Oc9PrVLHt6/88mmrbY3jv3zJ6y/HgkU7/hhadoPu2MziTDcxN7ryYcSeoWbxJ9fnrvL/uyNizxreP99nJ5/6cl+r7f8f/yp6MM+UfRHxZP34L8Wy+EvJ6vOTk3dFde7AZHlWrPTjT5deb1V/V/H3QH78tzY9/6/HP5o0ztcudF7Hpd8+aXlNs9bzf1PyZi29qVj3/szi4tmpiE3J0sr10zdeW+bL8nn84/ub9/+dEf9+Xrxub0TkJ/FDEfFwRDxStP3RiHgsIvavEv/3Lz/+ztrjX195/Mc6Ov6dJyqnvvu6Vf3tHf9DtdR4saadz792G9jNvgMAAIDbRVr7DXySTlxPp+nERP03/Ltia1qdX1h8+vj8e2eO1X8rPxrDaXmna6ThfuhUcW+4zE8vyx+s3TfOsizbUstPzM5X12tOHWjPthb9P/d7pd+tA9ZdR/NorZ5oA25LnteEwaX/w+DS/2Fw6f8wuJr1/4sR1/rQFOAW8/0Pg0v/h8Gl/8Pg0v9hIHXzXP9qiZ1H1uud77REZWM0o+NEpBuiGWtLpBujGfXE5ohot/DFuFUN6/cnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FwAA//8Hl+jb") mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000000)='./file0\x00') 29.567729171s ago: executing program 5 (id=15823): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 27.333057176s ago: executing program 5 (id=15850): r0 = socket(0x2, 0x80805, 0x0) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000001080)=0x8) 26.919948755s ago: executing program 34 (id=15850): r0 = socket(0x2, 0x80805, 0x0) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000001080)=0x8) 4.251323269s ago: executing program 2 (id=16108): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000039c0)=@newtaction={0x14, 0x30, 0x0, 0x70bd2a, 0x25dfdbfd}, 0x14}}, 0x44004) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x2, 0xfffff010}, {0x20, 0x0, 0x20, 0xfffff034}, {0x6}]}, 0x10) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x200800, &(0x7f0000000300)=ANY=[@ANYBLOB='iocharset=cp857,time_offset=0x0000000000000003,errors=remount-ro,fmask=00000000000000000000006,iocharset=cp862,allow_utime=00000000000000000077777,namecase=1,dmask=00000000000000000000201,utf8,dmask=000000000000\x00'/224, @ANYRES64, @ANYRES16, @ANYRES16], 0x9, 0x155d, &(0x7f0000002640)="$eJzs3AucjdX6OPDnWWu9Y0jsJrmvtZ6XnVwWSZJLklySpBKS3BKSJEcSEkNI0pCE5J7EkFsuE5PG/X6/JDRJmiQJyS1Z/89gjs6p/nXO6Rznd+b5fj77Yz2z9lrv8+5nv/td7ztmf9NlSI1GNavWJyL4l+DFf+IBIBYABgBATgAIAKBsXNm49P6sEuP/tY2wP1eDxCudAbuSuP6ZG9c/c+P6Z25c/8yN65+5cf0zN65/5sb1Zywz2zwt3zX8yLwPvv+f6aSO/muTz///Q9JKjvlibcnrugLEXDgE/4CYf3dO7L8aH///s4Lf7Dkj/9rk+mduXP/M6g8uENj/ND7+M4Msv9nD9c/cuP6MZWZX+v7zn/zIONX94TEQ+S97DY5kvbgH/6HtXcn3HmOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxzOO0v0wBQEb7SufFGGOMMcYYY4yxP4/PcqUzYIwxxhhjjDHG2L8fggAJCgKIgSwQC1khGwgAuBpyQE6IwDUQB9dCLrgOckMeyAv5ID8UgIKgwYAFghAKQWGIwvVQBG6AolAMikMJcFASSsGNUBpugjJwM5SFW6Ac3ArloQJUhEpwG1SG26EK3AFV4U6oBtWhBtSEu6AW3A214R6oA/dCXbgP7ocHoB48CPWhATSEh6ARPAyN4RFoAk2hGTSHFv/U+OehB7wAPaEXxENv6AMvQl/oB/3hJRgAL8NAeAUGwauQAINhCLwGQ+F1GAZvwHAYASPhTRgFb8FoGANjYRyMhwkwEd6GSfAOTIZ3YQpMhUSYBtPhPZgBM2EWzIY58D7MhXkwHxZAEnwAC2ERJMOHsBg+ghRYAkthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW2EbbIcdsBM+hl3wCeyGPbAXPoVU+OwfHH/q78Z3RUBAgQIVKozBGIzFWMyG2TA7ZsccmAMjGME4jMNcmAtzY27Mi3kxP+bHglgQDRokJCyEhTCKUSyCRbAoFsXiWBwdOiyFpbA03oRlsAyWxbJYDstheayAFbASVsLKWBmrYBWsilWxGlbDGlgD78K7sDfWxtpYB+tgXaybcXsK62N9bIgNsRE2wsbYGJtgE2yGzbAFtsCW2BJbYStsg22wLbbFdtgO22N77IAdsCN2xE7YCTtjZ+yCXbArdsNuac9nAXwBX8BeWE30xj7YB/tiQpb++BK+hC/jQHwFX8FXMQEH4xB8DV/D13EYnsThOAJH4kisLN7C0TgGSYzD8TgeJ+JEnISTMD3Rd3EqJuI0nI7TcQbOxJk4G+fg+/g+zsN5uACTMAkX4iJMxmRcjKcwBZfgUlyGy3EFLsdVuBpX4Vpch2txA27ATbgJt+AW3IbbcAfuwI9RAeAnuAf3YAKmYiruw324H/fjATyAaZiGB/EgHsJDeBgP4xE8gkfxGB7HY3gCT+BJPIWn8TSexbN4Dp/N/1XDj4utSQCRTgklYkSMiBWxIpvIJrKL7CKHyCEiIiLiRJzIJXKJ3CK3yCvyivwivygoCgojjCARxgCAiIqoKCKKiKKiqCguigsnnCglSonSorQoI8qIsuIWUU7cKsqLCqK1qyQqicqijasi7hBVRVVRTVQXNURNUVPUErVEbVFb1BF1RF1RV9wvHhD1RG/sjw1EemUaicHYWAzBJqKpkJc+wVqKYdhKtBZtxONiBA7HdqKlay+eEh3EaOwo/iLG4DOisxiHXcRzoqvoJrqL50UP0cr1FL3EZOwt+oip2Ff0E/3FS2IGVhezcU7WGuJVkSAGiyHiNbEAXxfDxBtiuBghRoo3xSjxlhgtxoixYpwYLyaIieJtMUm8I4R4V0wRU0WimCami/fEDDFTzBKzxRzxvpgr5on5YoFIEh+IhWKRSBYfisXiI5EiloilYplYLlaIlWKVWC3WiLVinVgvNoiNYpPYLLaIrSIWtosdYqf4WOwSn4jdYo/YKz4VqeIzsU98LvaLL8QB8aVIE1+Jg+JrcUh8Iw6Lb8UR8Z04Ko6J4+J7cUL8IE6KU+K0OCPOih/FOfGTOC+8AIlSSCmVDGSMzCJjZVaZTV4ls8vg0qt7jYyT18pc8jqZW+aReWU+mV8WkAWllkZaSTKUhWRhGZXXyyLyBllUFpPFZQnpZElZSt4oS8ubZBl5sywrb5Hl5K2yvKwgK8pK8jZZWd4uIXJxG9VkdVlD1pR3yXi4W9aW98g68l5ZV94n75cPyHryQVlfNpAN5UOykXxYNpaPyCayqWwmm8sW8lHZUj4mW8nWso18XLaVT8h28knZXj4lO0h/6S3yjOwsn5Vd5HOyq+wmu8uf5HnpZU/ZS0JvkH3ki7Kv7Cf7xwKAfFkOlK/IQfJVmSAHyyHyNTlUvi6HyTfkcDlCjpRvylHyLTlajpFj5Tg5Xk6QE+XbcpJ8R06W78opcqpMlNNkfzngwkyzpPzd8W//yvhBF7a+SW6WW+RWuU1ulzvkTvmx3CV3yd1yt9wr98pUmSr3yX1yv9wvD8gDMk2myYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz116DUChEkoqpQIVo7KoWJVVZVNXqezqapVD5VQRdY2KU9eqXOo6lVvlUXlVPpVfFVAFlVZGWUUqVIVUYRVV1+OlN4wqrkoop0qqUurGC+MzfsXwO+NVEXWDKqqK/Xy8x0v5xf9Gfi1UC9VStVStVCvVRrVRbVVb1U61U+1Ve9VBdVAdVUfVSXVSnVVn1UV1UV1VV9VddVc9VA/VU/VU8Spe9VEvqr6qn+qvXlID1MtqoBqoBqlBKkElqCFqiBqqhqphapgaroarkWqkGqVGqdFqtBqrxqrxaryaqCaqSWqSmqwmqylqikpUiWq6mq5mqBlqlpql5qg5aq6aq+ar+SpJJamFaqFKVslqsVqsUtQStUQtU8vUCrVCrVKr1Bq1Rq1T69QGtUGlqM1qs9qqtqrtarvaqXaqXWqX2i12q71qr0pVqWqf2qf2q/3qgDqg0lSaOqgOqkPqkDqsDqsj6og6qo6q4+q4OqFOqJPqpDqtTquz6qw6p86p8+p8+rIvEIEIVKCCmCAmiA1ig2xBtiB7kD3IEeQIIkEkiAviglzBdUHuIE+QN8gX5A8KBAUDHZjABuJSbaPB9UGR4IagaFAsKB6UCFxQMigV3BiUDm4KygQ3B2WDW4Jywa1B+aBCUDGoFNwWVA5uD6oEdwRVgzuDakH1oEZQM7grqBXcHdSOhaBOcG9QN7gvuD94IKgXPBjUDxoEDYOHgkbBw0Hj4JGgSdA0aBY0D1r8M/MH9/zG/N6fzPOY66l76XjdW/fRL+q+up/ur1/SA/TLeqB+RQ/Sr+oEPVgP0a/pofp1PUy/oYfrEXqkflOP0m/p0XqMHqvH6fF6gp6o39aT9Dt6sn5XT9FTdaKepqfr9/QMPVPP0rP1HP2+nqvn6fl6gU7SH+iFepFO1h/qxfojnaKX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpjvUt/onfrPXqv/lSn6s/0Pv253q+/0Af0lzpNf6UP6q/1If2NPqy/1Uf0d/qoPqaP6+/1Cf2DPqlP6dP6jD6rf9Tn9E/6vPbpi/v007tRRpkYE2NiTazJZrKZMpDd5DA5TMRETJyJM7lMLpPb5DZ5TV6T3+Q3BU1Bk44MmUKmkImaqCliipiipqgpboobZ5wpZUqZ0qa0KWPKmLKmrClnypnyprypaCqa28xt5nZzu7nD3GHuNHea6qa6qWlqmlqmlqltaps6po6pa+qa+839pp6pZ+qb+qahaWgamUamsWlsmpgmpplpZlqYFqalaWlamVamjWlj2pq2pp1pZ9qb9qaD6WA6mo6mk+lkOpvOpovpYrqarqa76W56mB6mp+lp4k286WP6mL6mr+lv+psBZoAZaAaaQWaQSTAJZogZYoaaoWaYGWaGmxFmZPqHnHnLjDZjzFgzzow3481EM9FMMpPMZDPZTDFTTKJJNNPNdDPDzDCzzCwzx8wxc81cM9/MN0kmySw0C02ySTaLzWKTYlLMUrPULDfLzUqz0qw2q81as9ash/Vmo9loNpvNZqvZarab7Wan2Wl2mV1mt9lt9pq9JtWkmn1mn9lv9psD5oBJM2nmoDloDplD5rA5bI6YI+aoOWqOm+PmhDlhTpqT5rQ5bc6aPJfOl95kfJhnt1fbHDanjbVZbTZ7lb0YZ6y8CtiCVtvcNo/Na/PZ/PZibKy1RW0xW9yWsM6WtKXsjb+Iy9sKtqKtZG+zle3ttsov4lr2blvb3mPr2HttTXvX38R17X02fXVSDxHANrUNbXPbyD5sG9tHbBPb1DazzW1b+4RtZ5+07e1TtoN9+hfxQrvIrrZr7Fq7zu62e+xpe8Yest/Ys/ZH29P2sgPsy3agfcUOsq/aBDv4F/FI+6YdZd+yo+0YO9aO+0U8xU61iXaanW7fszPszF/ESfYDO8cm27l2np1vF1yI03NKth/axfYjm2IDWGqX2eV2hV1pV2Xk6nPaDXaj3WR32U/sVrvNbrc77M6Mctg9dq/91Kbaz+xB+7Xdb7+wB+xhm2a/uhCn799h+609Yr+zR+0xe9x+b0/YH1TG6PR9/97+ZM9bb4GQgCQpCiiGslAsZaVsdBVlp6spB+WkCF1DcXQt5aLrKDflobyUj/JTASpImgxZIgqpEBWmKF1PGekVpxLkqCSVohupNN1EZehmKku3UDm6lcpTBapIleg2qky3UxW6g6rSnVSNqlMNqkl3US26m2rTPVSH7qW6dB/dTw9QPXqQ6lMDakgPUSN6mBrTI9SEmlIzak4t6FFqSY9RK2pNbehxaktPUDt6ktrTU9SBnqaO9BfqRM9QZ3qWutBz1JW6UXd6nnrQC9STelE89aY+9CL1pX7Un16iAfQyDaRXaBC9Sgk0mIbQazSUXqdh9AYNpxE0kt6kUfQWjaYxNJbG0XiaQBPpbZpE79Bkepem0FRKpGk0nd6jGTSTZtFsmkPv01yaR/NpASXRB7SQFlEyfUiL6SNKoSW0lJbRclpBK2kVraY1tJbW0XraQBtpE22mLbSVttF22kE76WPaRZ/QbtpDe+lTSqXPCOlz2k9f0AH6ktLoKzpIX9Mh+oYO07e+F31HR+kYHafv6QT9QCfpFJ2mM3SWfqRz9BOdJ08QYihCGaowCGPCLGFsmDXMFl4VZg+vDnOEOcNIeE0YF14b5gqvC3OHecK8Yb4wf1ggLBjq0IQ2pDAMC4WFw2h4fVgkvCEsGhYLi4clQheWDEuFN4alw5vCMuHNYdnwlrBceGtYPqwQPnxvpfC2sHJ4e1glvCOsGt4ZVgurhzXCmuFdYa3w7rB2eE9YJ7w3LBPeF94fPhDWCx8M64cNwobhQ2Gj8OGwcfhI2CRsGjYLm4ctwkfDluFjYauwddgmfDxsGz4RtgufDNuHT4Udwqcv9N+36Lf748PeYZ/wxfDF0Pt75PzogmhS9IPowuiiaHL0w+ji6EfRlOiS6NLosujy6Iroyuiq6Oromuja6Lro+uiG6Mbopqj3NbOAQyecdMoFLsZlcbEuq8vmrnLZ3dUuh8vpIu4aF+eudbncdS63y+PyunwuvyvgCjrtjLOOXOgKucIu6q53RdwNrqgr5oq7Es65kq6Ua+5auBaupXvMtXKtXRv3uHvcPeGecE+6J91TroN72nV0f3Gd3DOus3vWPeuec11dN9fdPe96uAk5Lh6T8a6P81n6ur6uv+vvBrgBbqAb6Aa5QS7BJbghbogb6oa6YW6YG+6Gu5FupBvlRrnRbrQb68a68W68m+gmuklukpvsJrspbopLdIluupvuZrgZrvLMi1uZ6+a6+W6+S3JJbqFLXzMmu8VusUtxKW6pW+qWu+VupVvpVrvVbq1b69a79W6j2+g2u81uq9vqtrvtbqfb6Xa5XW63z3lxUpfq9rl9br/b7w64L12a+8oddF+7Q+4bd9h9646479xRd8wdd9+7E+4Hd9KdcqfdGXfW/ejOuZ/ceefd+MiEyMTI25FJkXcikyPvRqZEpkYSI9Mi0yPvRWZEZkZmRWZH5kTej8yNzIvMjyyIJEU+iCyMLIokRz6MLI58FEmJLIksjSyL/BhZEfG+wNbQF/KFfdRf74v4G3xRX8wX9yW88yV9KX+jL+1v8mX8zb6sv8WX87f68r6Cr+gf8U18U9/MN/ct/KO+pX/Mt/KtfRv/uG/rn/Dt/JO+vX/Kd/BP+47+L77Thb/SetZ38c/5rr6b7+6f9z38C76n7+XjfW/fx7/o+/p+vr9/yQ/wL/uB/hU/yL/qE/xgP8S/5of61/0w/4Yf7kf4kTFv+lEZl8gwzo/3E/xE/7af5N/xk/27foqf6hP9ND/dv+dn+Jl+lp/t5/j3/Vw/z8/3C3yS/8Av9It8sv/QL/Yf+RS/JOOmsl/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/ntfoff6T/2u/wnfrff4/f6T32q/8zv85/7/f4Lf8B/6dP8V/6g/9of8t/4w/5bf8R/54/6Y/64/96f8D/4k/6UP+3P+LP+R3/O/+TP89+sMcYYY4z9IRMuN8Xf9ly8A9T7V8aInz25DwBcvS1f2s/701eU63NfbPeb3evCwuypXl0aZDyqVYuPj7/03BQJQeF5ABm/CUoXA5fjJdAGnoD20BpK/2r+/US3s/Q780dvAcj2szGxcDm+PP/nABj/K/M/+vjIheXC03H/n/nnARQtfHlMVrgcL4E2F+6vtIYyv5F/npa/k3/WL8YDtPrZmOxwOb6cfyl4DJ6G9n/zTMYYY4wxxhhj7KJ+omKnjOvPjP/x+WvX5/nV5TFZ4HL8e9fnjDHGGGOMMcYYu/Ke6db9yUfbt2/d6R9vVPn956jLP8n+j26iMfyzif2xxuefNqB/z8z/RxveA/y1cADwL04IkN6Q/8m92PIf2VbCpUPn77uWn/EB/HeU8s9oXOEPJsYYY4wxxtif7vKi/29/rq5UQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWCb0r37HG/yBb+m70vvIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/LwAA//9nj/bJ") sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0) 4.021139279s ago: executing program 2 (id=16112): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2b, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x9, 0x1d, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x4e20, 0x9, 0x0, @opaque="a8"}}}}}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) splice(r0, 0x0, r1, 0x0, 0xffff, 0x4) 2.836028294s ago: executing program 0 (id=16136): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x48400, 0x0) open$dir(&(0x7f0000000140)='./file0\x00', 0x100800, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r0, 0xffffffffffffffff, 0x200000000000000) 2.54158272s ago: executing program 7 (id=16144): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000480)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r2 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r2, &(0x7f0000001180)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="e1", 0x1}], 0x1}}], 0x1, 0x4) setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r1, 0xfa}, 0x8) 2.426425585s ago: executing program 7 (id=16147): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103000000000000000005000000080001005d00000008000300", @ANYRES64=r2], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x20048040) recvmsg(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 2.321927561s ago: executing program 7 (id=16150): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)=ANY=[@ANYBLOB='+'], 0x10) 2.139113825s ago: executing program 7 (id=16154): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xfff1, 0x4}, {0xb, 0xe}}, [@TCA_STAB={0x4}]}, 0x28}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a310000000014"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd0002800800"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0) 2.00896882s ago: executing program 7 (id=16155): syz_open_procfs(0x0, 0x0) capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000014ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a"], 0x54}}, 0x4800) 1.933147974s ago: executing program 0 (id=16158): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000a40)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000a80)={0x1c, r0, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0xa3f9418976ca6fb2}, 0x80) 1.733520809s ago: executing program 7 (id=16161): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_control_io$lan78xx(r0, 0x0, 0x0) ioctl$EVIOCGMASK(r1, 0x5b02, 0x0) 1.646741169s ago: executing program 0 (id=16163): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x7}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", '\x00\x00=*', "1202000000040030"}, 0x58) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e21, 0x10000, @loopback, 0x982}}, 0x0, 0x0, 0x44, 0x0, "5d9ed5ab7ede1bcf73742bc36c0ea13d3dec33e0b7cc1ff724fe1906cf9f7945230bc5d9dfea4ffd1e48aaf9a42d97f58da594d5eb926f70f03d01000000a6b62ee9d04ac1bf0bef969bcbd8e4700616"}, 0xd8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) 912.275269ms ago: executing program 2 (id=16176): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x4d, 0x1, 0x3, 0x106}, {0x60, 0x8}, {0x0, 0x0, 0xfe, 0x3ff}, {0x0, 0x0, 0x0, 0xffffffff}, {0x6, 0x4, 0x4, 0x10000000}]}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) 846.236665ms ago: executing program 6 (id=16177): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x510, 0x0, 0xd0, 0x5a0, 0x0, 0x1b8, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11, 0x0, 0x0, 0x70}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$inet(0x2, 0x2, 0x1) setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000340)=0x6, 0x4) sendmsg$inet(r0, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000001c0)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000830b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20008024) 671.964552ms ago: executing program 6 (id=16180): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x30, r1, 0x1, 0x70bd29, 0x65dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040045}, 0x20000080) 667.14787ms ago: executing program 0 (id=16182): sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000006d80)=[{{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000000640)="d32faa1be731fba998504b357a5f8b817e3e948eeb5c4b330aa7afb7b5c0f6c84fd57f0549d89a619fcd2b7fa99ab33a143b131469ac8f2e181e6ae9fcad886238339e8ed3c199dfc238bb10a38d483535122596ac9500ab1491300672dbf5c6f947de8874ac3ee35a8b2c4b69932b49dde3ff93cd9cbb65e7cfb1d1dfd97c309051b460d974437a93bfcb08183ec3499bd0cad0cc448026cd2816ade50dc75ac4ea6696a83776d87aee6d8cb0337dcd7a25beee40af6b476a920939e14b9fc5ad5f9781a6634e0878ad59a6e7b95a47da655203e041bad696b4244ee507c41f9dd5a3979092490bb9e28e8961715788fa709c5a33bab45585ab041dbba4fa55c0e0819ca5a76af13783e3d024b0857db664616ae57aea736bc5e8b890f6fb771297178c3e3913b446e26c815eec81f2ff3cb16c345da57c2846f965d6977206b7c09056d5e087d51884d114f371b2036b01eb9c9c6bfbe9ba6f08d7f33943608557f71b48573f3accb121febd09ebf19e00297b1db3918a8796b3752ba1c83863a003133a9dc2ad6e97f46d36e899ebbd7ccb7f43e73a751b634eb8d412101f421250eccb0777a19b5be64d3e8b6f4cae0ceb772fcb072c323b014b5a9646c48a1a5a374bcc3c3a62d7003ab02c59f7e9af2b6ff5a0a0b32766804c849b2505e9679f7e73f63a0950d944b51e0db504a314fd1039a806597d9700181c9db05d55da9ec3e407ccb95ceb5faff370d68da751702f87180cc298f1c98294e3701f2b1b66e05bd7dc9b2dbb88e3e4d0eeb0fcb468e7ba476d52cf73954471b72f9fd634a2c27660f0f7aa1dd80efb2b1b54e234730bca191af9620deb3449d0b98632151cd2cd9815933a05a583377ebbc29e19e6e378948a49e17c68d6beb3d23bc61d057254b8153158b3165c0fdedbdd7376b56dc0caccdbcbd980f11bbe4ad21f5c0a9e40dcc6fcaed674f2461d474532", 0x2b1}], 0x1}}], 0x1, 0x20048808) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 648.238019ms ago: executing program 2 (id=16183): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x2c, 0x17, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x8094) 512.127487ms ago: executing program 6 (id=16184): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x2c, r2, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040887}, 0x0) 511.908069ms ago: executing program 3 (id=16185): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@minixdf}, {@grpquota}, {@auto_da_alloc}, {@grpquota}]}, 0x2, 0x572, &(0x7f0000000240)="$eJzs3U1rVFcfAPD/nSS+JD4aQeRpFyXgohbrxCR9sdCFXZZWKrR7OyTXIJk4kpmISYXqom66KVIopdLSD9B9l9Iv0E8htIIUCe2imyl3cieO40wS42hG5/eDq+fcc6/nnrn3fzxnzgwTwMCayP4oRLwSEd8kEYdayoYjL5xYP27twbXZbEuiXv/0rySSfF/z+CT/eyzP/D8ifvsq4kTh8XqrK6sLpXI5Xcrzk7XFy5PVldWTFxdL8+l8eml6Zub02zPT7737zuMn791ZW98498/3n9z58PTXx9a+++Xe4VtJnIkDeVlrO57C9dbMREzkr8lInGk7cKoHlfWTZLcvgB0ZyuN8JLI+4FAM5VEPvPy+jIg6MKAS8Q8Dan0GkFmf2286D66/fLO8+x+sT4CabX/Y/mT9vZHY15gbja4lj8yMsldivAf1Z3X8+uftW9kWvXsfAmBL129ExKnh4Uf6v4PR0v/t3KltHNNeh/4Pnp872fjnzb0dxj+FjfFPdBj/jHWI3Z3YOv4L9zqfucNFoDbZ+O/96DT+21i0Gh/Kc/9rjPlGkgsXy2nWt2Xd5PEY2ZvlN1vPOb12t96trHX8l21Z/c2xYH4d94bbmjpXqpWeps2t7t+IeHWL8W/S4f5nr8e5bdZxNL39Wreyrdv/bNV/jni94/1/ONdJNl+fnGw8D5PNp+Jxf988+nu3+ne7/dn9H928/eNJ63pt9cnr+Gnfv2m3sokkXzR9wud/T/JZI70n33e1VKstTUXsST5u379x3o/N46YfHp+1//ixzvG/2fO/PyI+32b7bx652fXQfrj/c090/7sk6knXorsfffFDt/q31/+91Ugdz/dsp//rfKWjeenTPM0AAAAAAADQvwoRcSCSQnEjXSgUi+uf7zgSo4VypVo7caGyfGkuGt+VHY+RQnOle6zl8xBT+edhm/nptvxMRByOiG+H9jfyxdlKeW63Gw8AAAAAAAAAAAAAAAAAAAB9YqzL9/8zfwzt9tUBz5yf/IbBtWX89+KXnoC+5P9/GFziHwaX+IfBJf5hcIl/GFziHwaX+IfBJf4BAAAAAAAAAAAAAAAAAAAAAAAAAACgp86dPZtt9bUH12az/NyVleWFypWTc2l1obi4PFucrSxdLs5XKvPltDhbWdzq3ytXKpenpmP56mQtTWqT1ZXV84uV5Uu18xcXS/Pp+XTkubQKAAAAAAAAAAAAAAAAAAAAXizVldWFUrmcLr1ciULevG2fdTA/oR8u/sVKDPfHZUj0OLGLnRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtPkvAAD//++oKfg=") ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000800)={0xcbf0, 0xc, 0x40, 0x0, 0x2000000000006}) 487.215547ms ago: executing program 0 (id=16186): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18050000000004000000000000000000850000007a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000080)=r0, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) 475.486759ms ago: executing program 6 (id=16187): setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) socket$kcm(0x11, 0xa, 0x300) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r0 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x47}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000080)="513b5a9c0c0000fb4c4241fc", 0xc}, {&(0x7f00000000c0)="0508", 0x2}], 0x2}, 0x40080) 415.982881ms ago: executing program 3 (id=16188): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005fc0), 0xffffffffffffffff) r2 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000068c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000006b40)={0x0, 0x0, &(0x7f0000006b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="90010000", @ANYRES16=r1, @ANYBLOB="010028bd7000fcdbdf254f00000008000300", @ANYRES32=r3, @ANYBLOB="34007a8014000200186d0f4328373454195b37c640f683cf1400020097452e6f24a5e86528841b0da28769f9080004000400000058007a8014000200b487f9f5844be5748e247e325028af3a0c0003007cb17843be8fd4d40c000300e9c19378fcc088d514000100396a2b5e847e298eb87b92efc9beee4508000400060000000c000300242d002279da003c64007a80080004006c430000240001007047f0e2793bb4543e9d208434360a0e21eb656463e591b2e24ef1b6056dec850c0003009ee4030f7a091ff9140002002e6c4a134f273a9e4b7a87661aeb19b5140001003df974fdd388819eaaaa67d0d63c2e7c84007a8008000400af000000080004000800000014000100b5d632fd8f245c9a1eb4d8fdba4411b40c0003"], 0x190}, 0x1, 0x0, 0x0, 0x4044014}, 0x4000000) 379.542114ms ago: executing program 3 (id=16189): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0xa, 0x300) read(r1, &(0x7f00000001c0)=""/75, 0x4b) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000002c0)=0x3995, 0x4) ioctl$SIOCGSTAMP(r0, 0x8906, 0x0) 335.26561ms ago: executing program 3 (id=16190): syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x40, 0x19, 0x2, "8303"}, 0x0, 0x0, 0x0, 0x0}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$TCSETS(r0, 0x40204706, &(0x7f0000000040)={0x1, 0x0, 0x5, 0x0, 0x0, "3eccd8f9d20000000000001000000200000500"}) 257.527899ms ago: executing program 2 (id=16191): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000600)="f78d9c73", 0x4}], 0x1, &(0x7f0000000940)=[@iv={0x10}], 0x10}], 0x1, 0x40800) 232.668735ms ago: executing program 6 (id=16192): rt_sigprocmask(0x0, &(0x7f0000001480)={[0xffffffffffffffff]}, 0x0, 0x8) r0 = getpgrp(0x0) r1 = gettid() rt_tgsigqueueinfo(r0, r1, 0x15, &(0x7f0000000180)={0x40a, 0x8}) ppoll(0x0, 0x0, &(0x7f0000002d00), &(0x7f0000002d40)={[0x100000001]}, 0x8) 187.532036ms ago: executing program 0 (id=16193): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0x39000, 0x0) 187.323205ms ago: executing program 3 (id=16194): openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x181000, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_usb_connect(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="120141014813442024040075ee69010203010902240001000010000904b8070259d1ca000905060200020d0006090582020002"], 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x80080, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) 79.947021ms ago: executing program 6 (id=16195): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}, 0x1, 0x0, 0x0, 0x14}, 0x40) close_range(r0, 0xffffffffffffffff, 0x0) 15.947982ms ago: executing program 3 (id=16196): r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r1, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f00000004c0)={r2, 0x0, 0x4, 0x0, 0x2, [0x0], [0x0, 0x0, 0x0, 0x10000], [0x0, 0x0, 0xfffffffc], [0x1]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c64d2, &(0x7f0000000100)={r3, 0x80000}) 0s ago: executing program 2 (id=16197): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000180), 0x1, 0x795, &(0x7f00000017c0)="$eJzs3d1rW+UfAPDvSdt17fb7tYKg86ogaGEstbNuCl5MvBDBwUCv3Uqaldm0GU061tKLDRG8EVS8EPRm177MO299udX/wgvZmNoNJ15I5OSly9ZkS7cmKfbzgdM8zzmn+T7fPOflSc4hCWDPmkj/ZCIORcSHScRYfX4SEUPV0mDEidp6tzfWc+mURKXy5u9JdZ1bG+u5aPqf1IF65cmI+OG9iMOZrXFLq2sLs4VCfrlenyovnp8qra4dObc4O5+fzy8dm56ZOXr8hePHdi7XP39eO3j9o9ee/frE3+8+cfWDH5M4EQfry5rz2CkTMVF/TYbSl/Aur+50sD5L+t0AHkq6aw7U9vI4FGMxUC21MdLLlgEA3VIBAPagxBgAAPaYxucAtzbWc42pv59I9NaNVyJify3/xvXN2pLB+jW7/dXroKO3kruujCQRMb4D8Sci4vNv3/4ynaLeD66lAb1w6XJEnBmf2Hr8T7bcs9CsMvbg537ufgsrw9WHiVorNmfvtfMP9NN36fjnxVbjv8zm+CdajH+GN/fdR3Pvc2zd/zPXdiBMW+n47+Wme9tuN+VfNz5Qr/2vOuYbSs6eK+TTY9v/I2IyhobT+nR11dYjt8mb/9xsF795/PfHx+98kcZPH++skbk2OHz3/8zNlmcfNe+GG5cjnhpslX+y2f9Jm/HvqQ5jvP7S+5+1W5bmn+bbmLbm312VKxHPtOz/ZHMTSO57f+JUdXOYamwULXzzy6ej7eI39386pfEb7wV6Ie3/0Xb514wnzfdrlrYf46crY9+3W/bg/Ftv//uSt6rlffV5F2fL5eXpiH3JG1vnN2241frRO+un+U8+3Xr/r4Vtvf2n7wnPdJj/4PXfvnr4/LsrzX9uW/2//cLV2wsD7eJ31v8z1dJkfU4nx79OG/gorx0AAAAAAAAAAAAAAAAAAAAAAAAAdCoTEQcjyWQ3y5lMNlv7De/HYzRTKJbKh88WV5bmovpb2eMxlGl81eVY0/ehTte/D79RP3pP/fmIeCwiPhkeqdazuWJhrt/JAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdgTa//5/6dbjfrQMAumZ/vxsAAPSc8z8A7D3bO/+PdK0dAEDveP8PAHtPx+f/M91tBwDQO52d/4e63g4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+s06dPJlOlb821nNpfe7C6spC8cKRuXxpIbu4ksvmisvns/PF4nwhn80VF9s+0aXaQ6FYPD8TSysXp8r5UnmqtLp2erG4slQ+fW5xdj5/Oj/Us8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoHOl1bWF2UIhv6xw38LI7mjGrikMxq5ohkLXCs1HiZH+HaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdrl/AwAA//9p3y+F") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x143041, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f0000000140)={0x17c04, 0xffffffffffffffff, 0x84, 0x75ea, 0x800004}) kernel console output (not intermixed with test programs): 38.689639][ T1340] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.689743][ T1340] ieee802154 phy1 wpan1: encryption failed: -22 [ 1238.961819][T32551] loop5: detected capacity change from 0 to 4096 [ 1238.999075][T32551] NILFS (loop5): invalid segment: Checksum error in segment payload [ 1238.999104][T32551] NILFS (loop5): trying rollback from an earlier position [ 1239.040538][T32551] NILFS (loop5): recovery complete [ 1239.065964][T32556] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1239.470559][T15532] hid-generic 0000:0004:261D.0048: hidraw0: HID v0.03 Device [syz1] on syz0 [ 1239.640383][T32566] fido_id[32566]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1240.016359][T32572] loop0: detected capacity change from 0 to 32768 [ 1240.017503][T32572] btrfs: Deprecated parameter 'usebackuproot' [ 1240.017522][T32572] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 1240.024571][T32572] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.12011 (32572) [ 1240.029293][T32572] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1240.029335][T32572] BTRFS info (device loop0): using crc32c checksum algorithm [ 1240.168475][ T1311] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 1240.168632][T32572] BTRFS error (device loop0): failed to load root extent [ 1240.168672][T32572] BTRFS warning (device loop0): try to load backup roots slot 1 [ 1240.179741][T26911] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 1240.337506][T32572] BTRFS warning (device loop0): couldn't read tree root [ 1240.337536][T32572] BTRFS warning (device loop0): try to load backup roots slot 2 [ 1240.337898][T31489] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 1240.338026][T32572] BTRFS warning (device loop0): couldn't read tree root [ 1240.338048][T32572] BTRFS warning (device loop0): try to load backup roots slot 3 [ 1240.427194][T32572] BTRFS info (device loop0): rebuilding free space tree [ 1240.524157][T15532] usb 6-1: new low-speed USB device number 21 using dummy_hcd [ 1240.688714][T15532] usb 6-1: config 0 has no interfaces? [ 1240.688751][T15532] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 1240.688774][T15532] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1240.715776][T15532] usb 6-1: config 0 descriptor?? [ 1240.946176][ T5741] usb 6-1: USB disconnect, device number 21 [ 1241.446672][T32572] BTRFS info (device loop0): checking UUID tree [ 1241.450619][T32572] BTRFS info (device loop0): enabling ssd optimizations [ 1241.450644][T32572] BTRFS info (device loop0): turning on async discard [ 1241.450661][T32572] BTRFS info (device loop0): enabling free space tree [ 1241.450677][T32572] BTRFS info (device loop0): force clearing of disk cache [ 1241.450694][T32572] BTRFS info (device loop0): enabling auto defrag [ 1241.450719][T32572] BTRFS info (device loop0): trying to use backup root at mount time [ 1241.450808][T32572] BTRFS info (device loop0): use zstd compression, level 3 [ 1241.663886][ T5617] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1242.166233][T32652] program syz.6.12033 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1243.196838][T32685] loop5: detected capacity change from 0 to 16 [ 1243.237673][T32685] erofs (device loop5): mounted with root inode @ nid 36. [ 1243.918007][T32706] 9p: Bad value for 'wfdno' [ 1246.208914][T32745] binder: 32743:32745 unknown command 0 [ 1246.208944][T32745] binder: 32743:32745 ioctl c0306201 2000000003c0 returned -22 [ 1246.292233][T32715] syz.2.12055 (32715) used greatest stack depth: 18152 bytes left [ 1246.625184][T32760] bond0: entered promiscuous mode [ 1246.625209][T32760] bond_slave_0: entered promiscuous mode [ 1246.625447][T32760] bond_slave_1: entered promiscuous mode [ 1246.659845][T32760] batadv0: entered promiscuous mode [ 1246.665394][T32760] debugfs: 'hsr1' already exists in 'hsr' [ 1246.665421][T32760] Cannot create hsr debugfs directory [ 1246.754231][T32760] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 1248.167297][ T340] loop2: detected capacity change from 0 to 128 [ 1248.502821][ T50] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 1248.654948][ T50] usb 6-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 1248.654975][ T50] usb 6-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 1248.692850][ T50] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 1248.692882][ T50] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1248.692902][ T50] usb 6-1: Product: syz [ 1248.692918][ T50] usb 6-1: Manufacturer: syz [ 1248.692932][ T50] usb 6-1: SerialNumber: syz [ 1248.913374][ T360] cgroup: Invalid name [ 1248.949248][ T5741] usb 6-1: USB disconnect, device number 22 [ 1249.462674][ T5748] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 1249.616616][ T5748] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 242, changing to 11 [ 1249.616654][ T5748] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1249.616696][ T5748] usb 3-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00 [ 1249.616720][ T5748] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1249.655395][ T5748] usb 3-1: config 0 descriptor?? [ 1249.697791][ T377] loop0: detected capacity change from 0 to 512 [ 1249.700535][ T377] EXT4-fs: Ignoring removed bh option [ 1249.794869][ T377] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 1249.822581][ T377] EXT4-fs (loop0): 1 truncate cleaned up [ 1249.829591][ T377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1249.939289][ T377] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.12109: bg 0: block 465: padding at end of block bitmap is not set [ 1250.074109][ T377] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28 [ 1250.074133][ T377] EXT4-fs (loop0): This should not happen!! Data will be lost [ 1250.074133][ T377] [ 1250.074142][ T377] EXT4-fs (loop0): Total free blocks count 0 [ 1250.074149][ T377] EXT4-fs (loop0): Free/Dirty block details [ 1250.074248][ T377] EXT4-fs (loop0): free_blocks=0 [ 1250.074277][ T377] EXT4-fs (loop0): dirty_blocks=2 [ 1250.074284][ T377] EXT4-fs (loop0): Block reservation details [ 1250.074292][ T377] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 1250.121019][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121058][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121086][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121113][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121139][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121165][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121191][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121218][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121244][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.121269][ T5748] megaworld 0003:07B5:0312.0049: unknown main item tag 0x0 [ 1250.154790][ T5748] megaworld 0003:07B5:0312.0049: item 0 2 0 8 parsing failed [ 1250.155490][ T5748] megaworld 0003:07B5:0312.0049: parse failed [ 1250.155559][ T5748] megaworld 0003:07B5:0312.0049: probe with driver megaworld failed with error -22 [ 1250.353824][ T5741] usb 3-1: USB disconnect, device number 72 [ 1250.566093][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1250.580609][ T371] loop5: detected capacity change from 0 to 32768 [ 1250.676084][ T388] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12113'. [ 1250.676107][ T388] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12113'. [ 1250.676133][ T388] netlink: 'syz.6.12113': attribute type 15 has an invalid length. [ 1250.676146][ T388] netlink: 'syz.6.12113': attribute type 18 has an invalid length. [ 1250.790106][ T371] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1251.080869][ T371] XFS (loop5): Ending clean mount [ 1251.212170][ T50] usb 3-1: new high-speed USB device number 73 using dummy_hcd [ 1251.368742][ T50] usb 3-1: Using ep0 maxpacket: 32 [ 1251.392861][ T50] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 1251.392892][ T50] usb 3-1: config 0 has no interface number 0 [ 1251.392935][ T50] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1251.392962][ T50] usb 3-1: config 0 interface 85 has no altsetting 0 [ 1251.427327][ T420] netlink: 92 bytes leftover after parsing attributes in process `syz.0.12128'. [ 1251.437402][ T50] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 1251.437434][ T50] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1251.437454][ T50] usb 3-1: Product: syz [ 1251.437470][ T50] usb 3-1: Manufacturer: syz [ 1251.437485][ T50] usb 3-1: SerialNumber: syz [ 1251.513496][ T50] usb 3-1: config 0 descriptor?? [ 1251.579458][ T422] loop0: detected capacity change from 0 to 128 [ 1251.748181][ T426] netlink: 36 bytes leftover after parsing attributes in process `syz.6.12130'. [ 1252.126868][T26472] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1252.140920][ T50] appletouch 3-1:0.85: Geyser mode initialized. [ 1252.159636][ T50] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input44 [ 1252.595052][ T442] netlink: 80 bytes leftover after parsing attributes in process `syz.6.12137'. [ 1252.619310][ T50] usb 3-1: USB disconnect, device number 73 [ 1252.785164][ T50] appletouch 3-1:0.85: input: appletouch disconnected [ 1253.226204][ T460] loop5: detected capacity change from 0 to 512 [ 1253.227423][ T460] EXT4-fs: Ignoring removed bh option [ 1253.243861][ T460] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 1253.250909][ T460] EXT4-fs (loop5): 1 truncate cleaned up [ 1253.254386][ T460] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1253.284156][ T460] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.12135: bg 0: block 465: padding at end of block bitmap is not set [ 1253.284894][ T460] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 117 [ 1253.284924][ T460] EXT4-fs (loop5): This should not happen!! Data will be lost [ 1253.284924][ T460] [ 1253.509666][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1253.627801][ T472] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12150'. [ 1253.627824][ T472] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12150'. [ 1253.627850][ T472] netlink: 'syz.5.12150': attribute type 15 has an invalid length. [ 1253.627864][ T472] netlink: 'syz.5.12150': attribute type 18 has an invalid length. [ 1253.879303][ T482] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1254.373989][ T499] netlink: 92 bytes leftover after parsing attributes in process `syz.2.12159'. [ 1255.613275][ T519] wg1 speed is unknown, defaulting to 1000 [ 1255.615739][ T519] wg1 speed is unknown, defaulting to 1000 [ 1255.768315][ T519] wg1 speed is unknown, defaulting to 1000 [ 1255.806539][ T519] smbdirect: ib_dev[syz0]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 1255.806581][ T519] smbdirect: ib_dev[syz0]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 1255.806625][ T519] smbdirect: ib_dev[syz0]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 1256.148699][ T519] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 1256.221911][T15532] usb 6-1: new full-speed USB device number 23 using dummy_hcd [ 1256.427390][T15532] usb 6-1: config 150 has an invalid interface number: 204 but max is 2 [ 1256.427421][T15532] usb 6-1: config 150 has 2 interfaces, different from the descriptor's value: 3 [ 1256.427444][T15532] usb 6-1: config 150 has no interface number 0 [ 1256.427488][T15532] usb 6-1: config 150 interface 204 has no altsetting 0 [ 1256.429818][T15532] usb 6-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 1256.429850][T15532] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1256.429870][T15532] usb 6-1: Product: syz [ 1256.429885][T15532] usb 6-1: Manufacturer: syz [ 1256.429899][T15532] usb 6-1: SerialNumber: syz [ 1256.575761][ T519] wg1 speed is unknown, defaulting to 1000 [ 1256.751173][ T519] wg1 speed is unknown, defaulting to 1000 [ 1256.758987][ T519] wg1 speed is unknown, defaulting to 1000 [ 1256.775681][ T519] wg1 speed is unknown, defaulting to 1000 [ 1256.808216][ T519] wg1 speed is unknown, defaulting to 1000 [ 1256.811186][T15532] xr_serial 6-1:150.204: skipping garbage [ 1256.811238][T15532] xr_serial 6-1:150.204: xr_serial converter detected [ 1256.819998][ T519] wg1 speed is unknown, defaulting to 1000 [ 1257.334041][T15532] xr_serial ttyUSB0: Failed to set reg 0x0d: -71 [ 1257.334099][T15532] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 1257.394075][T15532] usb 6-1: USB disconnect, device number 23 [ 1257.398597][T15532] xr_serial 6-1:150.204: device disconnected [ 1257.550940][ T600] bond0: entered promiscuous mode [ 1257.550963][ T600] bond_slave_0: entered promiscuous mode [ 1257.551194][ T600] bond_slave_1: entered promiscuous mode [ 1257.575606][ T600] batadv0: entered promiscuous mode [ 1257.577862][ T600] debugfs: 'hsr1' already exists in 'hsr' [ 1257.577890][ T600] Cannot create hsr debugfs directory [ 1257.603063][ T600] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 1257.713562][T24286] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 1257.868138][T24286] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 1257.868170][T24286] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1257.868191][T24286] usb 3-1: Product: syz [ 1257.868206][T24286] usb 3-1: Manufacturer: syz [ 1257.868221][T24286] usb 3-1: SerialNumber: syz [ 1257.934677][T24286] usb 3-1: config 0 descriptor?? [ 1257.939750][T24286] ch341 3-1:0.0: ch341-uart converter detected [ 1258.078314][ T623] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12220'. [ 1258.078391][ T623] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12220'. [ 1258.078429][ T623] netlink: 'syz.6.12220': attribute type 32 has an invalid length. [ 1258.752300][ T652] loop0: detected capacity change from 0 to 256 [ 1258.757769][T24286] usb 3-1: failed to send control message: -71 [ 1258.757825][T24286] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 1258.791400][T24286] usb 3-1: USB disconnect, device number 74 [ 1258.798504][T24286] ch341 3-1:0.0: device disconnected [ 1258.968799][ T657] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12235'. [ 1259.811061][ T696] loop5: detected capacity change from 0 to 16 [ 1259.975259][ T696] erofs (device loop5): mounted with root inode @ nid 36. [ 1260.795475][ T734] trusted_key: encrypted_key: keyword 'ew' not recognized [ 1261.302093][ T747] ip6gre3: entered allmulticast mode [ 1261.311597][ T747] team0: Device ip6gre3 is of different type [ 1261.647016][ T765] loop2: detected capacity change from 0 to 512 [ 1261.771007][ T765] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1261.805388][ T765] EXT4-fs (loop2): 1 truncate cleaned up [ 1261.819314][ T765] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1262.018122][ T780] netlink: 20 bytes leftover after parsing attributes in process `syz.6.12294'. [ 1262.068490][ T5616] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1265.369206][ T940] loop5: detected capacity change from 0 to 1024 [ 1266.291208][ T5634] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 1266.977300][ T1018] netlink: 48 bytes leftover after parsing attributes in process `syz.0.12396'. [ 1267.144897][ T1020] [U] ^@y [ 1267.149293][ T1025] loop5: detected capacity change from 0 to 64 [ 1267.520064][ T1031] loop0: detected capacity change from 0 to 4096 [ 1268.510374][ T5907] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 1268.666296][ T5907] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00 [ 1268.666329][ T5907] usb 6-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 1268.666350][ T5907] usb 6-1: Product: syz [ 1268.666365][ T5907] usb 6-1: SerialNumber: syz [ 1268.708284][ T5907] usb 6-1: config 0 descriptor?? [ 1269.046194][ T1103] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12428'. [ 1269.119591][ T5907] usb 6-1: USB disconnect, device number 24 [ 1269.888814][T24286] hid-generic 0000:0004:261D.004A: hidraw0: HID v0.03 Device [syz1] on syz0 [ 1269.997600][ T1144] fido_id[1144]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1270.317125][ T1156] loop5: detected capacity change from 0 to 256 [ 1270.354848][ T1156] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1270.355202][ T1156] exFAT-fs (loop5): failed to load alloc-bitmap [ 1270.355214][ T1156] exFAT-fs (loop5): failed to recognize exfat type [ 1270.500831][ T1160] program syz.6.12455 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1270.895560][ T1178] loop9: detected capacity change from 0 to 524287999 [ 1271.017951][ T1185] netdevsim netdevsim6 netdevsim0: IPsec offload requires 128 bit authentication [ 1271.101320][ T1188] loop0: detected capacity change from 0 to 16 [ 1271.105306][ T1188] erofs (device loop0): mounted with root inode @ nid 36. [ 1271.153601][ T1190] bridge0: port 2(bridge_slave_1) entered disabled state [ 1271.820638][ T1178] Dev loop9: unable to read RDB block 8 [ 1271.820853][ T1178] loop9: unable to read partition table [ 1271.821074][ T1178] loop_reread_partitions: partition scan of loop9 (3 ) failed (rc=-5) [ 1271.879220][ T1213] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12477'. [ 1272.024976][ T5885] Buffer I/O error on dev loop9, logical block 65535999, async page read [ 1272.230233][ T1224] loop2: detected capacity change from 0 to 2048 [ 1272.258340][ T1224] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1272.501896][ T1233] loop5: detected capacity change from 0 to 512 [ 1272.699061][ T1233] netlink: 268 bytes leftover after parsing attributes in process `syz.5.12487'. [ 1272.699122][ T1233] netlink: 136 bytes leftover after parsing attributes in process `syz.5.12487'. [ 1272.699138][ T1233] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12487'. [ 1275.718106][ T1318] netlink: 'syz.0.12522': attribute type 3 has an invalid length. [ 1275.718128][ T1318] netlink: 'syz.0.12522': attribute type 1 has an invalid length. [ 1275.718142][ T1318] netlink: 224 bytes leftover after parsing attributes in process `syz.0.12522'. [ 1276.289199][ T1339] netlink: 436 bytes leftover after parsing attributes in process `syz.0.12532'. [ 1276.306893][ T1339] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12532'. [ 1278.306077][ T1374] loop5: detected capacity change from 0 to 128 [ 1282.979086][ T5741] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 1283.131503][ T5741] usb 6-1: config 0 has no interfaces? [ 1283.140976][ T5741] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 1283.141006][ T5741] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=2 [ 1283.141026][ T5741] usb 6-1: Product: syz [ 1283.141041][ T5741] usb 6-1: Manufacturer: syz [ 1283.141056][ T5741] usb 6-1: SerialNumber: syz [ 1283.200152][ T5741] usb 6-1: config 0 descriptor?? [ 1283.430893][ T5634] Bluetooth: hci5: unknown advertising packet type: 0x17 [ 1283.430923][ T5634] Bluetooth: hci5: Dropping invalid advertising data [ 1283.430945][ T5634] Bluetooth: hci5: Malformed LE Event: 0x02 [ 1283.433665][ T50] usb 6-1: USB disconnect, device number 25 [ 1283.477630][ T1445] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12579'. [ 1283.637656][ T1453] siw: device registration error -23 [ 1283.844015][ T1459] loop9: detected capacity change from 0 to 524287999 [ 1284.136331][ T1468] loop5: detected capacity change from 0 to 2048 [ 1284.192656][ T1471] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1284.244396][ T5885] Buffer I/O error on dev loop9, logical block 65535999, async page read [ 1284.689601][ T1471] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 1284.689632][ T1471] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4) [ 1284.690448][ T1471] Remounting filesystem read-only [ 1284.691279][T26472] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer [ 1285.448753][ T1508] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12607'. [ 1285.448775][ T1508] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12607'. [ 1285.448799][ T1508] netlink: 'syz.5.12607': attribute type 32 has an invalid length. [ 1286.343457][ T1531] loop0: detected capacity change from 0 to 32768 [ 1286.353891][ T1531] (syz.0.12618,1531,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1286.361547][ T1531] (syz.0.12618,1531,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1286.415762][ T1531] (syz.0.12618,1531,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 1286.419403][ T1531] (syz.0.12618,1531,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 1286.421619][ T1531] JBD2: Ignoring recovery information on journal [ 1286.496921][ T1531] (syz.0.12618,1531,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 1286.497472][ T1531] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1286.532973][ T1531] (syz.0.12618,1531,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 1286.579722][ T1531] (syz.0.12618,1531,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 1286.847853][ T1531] (syz.0.12618,1531,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 1286.922776][ T1531] (syz.0.12618,1531,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x4d558a87. Applying ECC. [ 1286.922813][ T1531] (syz.0.12618,1531,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x5d2751af [ 1286.922842][ T1531] (syz.0.12618,1531,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 1286.922953][ T1531] (syz.0.12618,1531,1):ocfs2_quota_read:201 ERROR: status = -5 [ 1286.922978][ T1531] Quota error (device loop0): find_tree_dqentry: Can't read quota tree block 5 [ 1286.927792][ T1531] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 1286.927842][ T1531] (syz.0.12618,1531,1):ocfs2_acquire_dquot:904 ERROR: status = -5 [ 1286.932067][ T1531] (syz.0.12618,1531,1):ocfs2_mknod:318 ERROR: status = -5 [ 1286.932209][ T1531] (syz.0.12618,1531,1):ocfs2_mknod:506 ERROR: status = -5 [ 1286.932232][ T1531] (syz.0.12618,1531,1):ocfs2_create:679 ERROR: status = -5 [ 1287.082603][ T50] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 1287.329831][ T50] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 1287.329891][ T50] usb 6-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00 [ 1287.329915][ T50] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1287.352032][ T50] usb 6-1: config 0 descriptor?? [ 1287.353080][ T1538] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1287.405615][ T1544] netlink: 16 bytes leftover after parsing attributes in process `syz.6.12635'. [ 1287.813666][ T1538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1287.817435][ T1538] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1287.889247][ T50] hid_parser_main: 83 callbacks suppressed [ 1287.889263][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889283][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889299][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889315][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889331][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889348][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889364][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889379][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889394][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.889408][ T50] asus 0003:0B05:1ABE.004B: unknown main item tag 0x0 [ 1287.900521][ T50] asus 0003:0B05:1ABE.004B: item 0 2 0 8 parsing failed [ 1287.901273][ T50] asus 0003:0B05:1ABE.004B: Asus hid parse failed: -22 [ 1287.901377][ T50] asus 0003:0B05:1ABE.004B: probe with driver asus failed with error -22 [ 1288.065714][ T5748] usb 6-1: USB disconnect, device number 26 [ 1288.344993][ T1575] loop2: detected capacity change from 0 to 16 [ 1288.460546][ T1575] erofs (device loop2): mounted with root inode @ nid 36. [ 1288.647282][ T5617] ocfs2: Unmounting device (7,0) on (node local) [ 1289.217584][ T1599] loop5: detected capacity change from 0 to 256 [ 1289.222521][ T1599] exfat: Deprecated parameter 'utf8' [ 1289.222576][ T1599] exfat: Deprecated parameter 'namecase' [ 1289.222672][ T1599] exfat: Deprecated parameter 'namecase' [ 1289.222695][ T1599] exfat: Deprecated parameter 'utf8' [ 1289.235370][ T1599] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d) [ 1289.235698][ T1599] exFAT-fs (loop5): failed to test first cluster bit of root dir(5) [ 1289.550761][ T1599] exfat: Deprecated parameter 'utf8' [ 1289.550785][ T1599] exfat: Deprecated parameter 'utf8' [ 1289.550911][ T1599] exfat: Deprecated parameter 'utf8' [ 1290.007399][ T1617] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12659'. [ 1290.007428][ T1617] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12659'. [ 1291.182124][ T1665] vxcan0: tx address claim with different name [ 1291.696639][ T1684] program syz.6.12689 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1291.928407][ T1690] netlink: 24 bytes leftover after parsing attributes in process `syz.6.12702'. [ 1291.928475][ T1690] netlink: 40 bytes leftover after parsing attributes in process `syz.6.12702'. [ 1291.996585][ T1694] program syz.0.12693 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1292.113752][ T1700] loop0: detected capacity change from 0 to 256 [ 1292.114968][ T1700] exfat: Deprecated parameter 'namecase' [ 1292.210886][ T1700] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001fe89, chksum : 0x84f53455, utbl_chksum : 0xe619d30d) [ 1292.587271][ T1707] loop5: detected capacity change from 0 to 32768 [ 1292.613072][ T1707] (syz.5.12699,1707,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1292.613821][ T1707] (syz.5.12699,1707,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1292.641100][ T1707] (syz.5.12699,1707,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 1292.642125][ T1707] (syz.5.12699,1707,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 1292.643486][ T1707] JBD2: Ignoring recovery information on journal [ 1292.721052][ T1707] (syz.5.12699,1707,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 1292.721447][ T1707] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1292.737633][ T1707] (syz.5.12699,1707,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 1292.775293][ T1707] (syz.5.12699,1707,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 1292.958694][ T1707] (syz.5.12699,1707,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 1292.993805][ T1707] (syz.5.12699,1707,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x4d558a87. Applying ECC. [ 1292.993845][ T1707] (syz.5.12699,1707,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x5d2751af [ 1292.993875][ T1707] (syz.5.12699,1707,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 1292.993896][ T1707] (syz.5.12699,1707,1):ocfs2_quota_read:201 ERROR: status = -5 [ 1292.993919][ T1707] Quota error (device loop5): find_tree_dqentry: Can't read quota tree block 5 [ 1292.994021][ T1707] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 1292.994057][ T1707] (syz.5.12699,1707,1):ocfs2_acquire_dquot:904 ERROR: status = -5 [ 1292.994190][ T1707] (syz.5.12699,1707,1):ocfs2_mknod:318 ERROR: status = -5 [ 1292.994233][ T1707] (syz.5.12699,1707,1):ocfs2_mknod:506 ERROR: status = -5 [ 1292.994254][ T1707] (syz.5.12699,1707,1):ocfs2_create:679 ERROR: status = -5 [ 1293.801457][ T1734] TCP: tcp_parse_options: Illegal window scaling value 215 > 14 received [ 1294.007962][ T5907] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 1294.034993][T26472] ocfs2: Unmounting device (7,5) on (node local) [ 1294.157738][ T5907] usb 3-1: Using ep0 maxpacket: 32 [ 1294.162453][ T5907] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 1294.162484][ T5907] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1294.162498][ T5907] usb 3-1: Product: syz [ 1294.162506][ T5907] usb 3-1: Manufacturer: syz [ 1294.162513][ T5907] usb 3-1: SerialNumber: syz [ 1294.165520][ T5907] usb 3-1: config 0 descriptor?? [ 1294.212309][ T5907] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 1294.513813][ T1746] siw: device registration error -23 [ 1294.991953][ T5907] gspca_ov534_9: reg_w failed -71 [ 1295.277466][ T5907] gspca_ov534_9: Unknown sensor 0000 [ 1295.277560][ T5907] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22 [ 1295.281593][ T5907] usb 3-1: USB disconnect, device number 75 [ 1297.241057][ T1799] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1298.187204][T15532] usb 3-1: new full-speed USB device number 76 using dummy_hcd [ 1298.190590][ T1836] loop5: detected capacity change from 0 to 8 [ 1298.349591][T15532] usb 3-1: config 0 has an invalid interface number: 133 but max is 0 [ 1298.349621][T15532] usb 3-1: config 0 has no interface number 0 [ 1298.352074][T15532] usb 3-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 1298.352104][T15532] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1298.352121][T15532] usb 3-1: Product: syz [ 1298.352129][T15532] usb 3-1: Manufacturer: syz [ 1298.352205][T15532] usb 3-1: SerialNumber: syz [ 1298.355538][T15532] usb 3-1: config 0 descriptor?? [ 1298.580911][T15532] keyspan 3-1:0.133: Keyspan 1 port adapter converter detected [ 1298.592515][T15532] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 81 [ 1298.592655][T15532] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 1 [ 1298.592740][T15532] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 2 [ 1298.654543][T15532] usb 3-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 1298.995331][ T5907] usb 3-1: USB disconnect, device number 76 [ 1299.046381][ T5907] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 1299.058800][ T5907] keyspan 3-1:0.133: device disconnected [ 1299.151826][ T1859] loop5: detected capacity change from 0 to 256 [ 1299.216196][ T1859] FAT-fs (loop5): Directory bread(block 64) failed [ 1299.216229][ T1859] FAT-fs (loop5): Directory bread(block 65) failed [ 1299.216320][ T1859] FAT-fs (loop5): Directory bread(block 66) failed [ 1299.216342][ T1859] FAT-fs (loop5): Directory bread(block 67) failed [ 1299.216439][ T1859] FAT-fs (loop5): Directory bread(block 68) failed [ 1299.216458][ T1859] FAT-fs (loop5): Directory bread(block 69) failed [ 1299.216546][ T1859] FAT-fs (loop5): Directory bread(block 70) failed [ 1299.216567][ T1859] FAT-fs (loop5): Directory bread(block 71) failed [ 1299.216723][ T1859] FAT-fs (loop5): Directory bread(block 72) failed [ 1299.216746][ T1859] FAT-fs (loop5): Directory bread(block 73) failed [ 1300.137415][ T1340] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.137522][ T1340] ieee802154 phy1 wpan1: encryption failed: -22 [ 1300.299560][ T1888] loop5: detected capacity change from 0 to 1024 [ 1300.322559][ T1888] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 1300.338020][ T1888] EXT4-fs (loop5): Errors on filesystem, clearing orphan list. [ 1300.349107][ T1888] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1300.410469][T24286] usb 3-1: new high-speed USB device number 77 using dummy_hcd [ 1300.636876][T24286] usb 3-1: Using ep0 maxpacket: 16 [ 1300.639522][T24286] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 1300.639548][T24286] usb 3-1: config 0 has no interface number 0 [ 1300.639591][T24286] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 1300.639616][T24286] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 1300.642943][T24286] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 1300.642971][T24286] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1300.642991][T24286] usb 3-1: Product: syz [ 1300.643006][T24286] usb 3-1: Manufacturer: syz [ 1300.643020][T24286] usb 3-1: SerialNumber: syz [ 1300.705781][T24286] usb 3-1: config 0 descriptor?? [ 1300.707446][ T1883] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1300.707750][ T1883] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1300.747892][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1300.922589][ T1883] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1300.922690][ T1883] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1301.542957][T24286] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1301.542989][T24286] asix 3-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1301.543294][T24286] asix 3-1:0.251: probe with driver asix failed with error -71 [ 1301.552632][T24286] usb 3-1: USB disconnect, device number 77 [ 1303.049505][ T1959] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12816'. [ 1303.575306][ T1976] loop5: detected capacity change from 0 to 128 [ 1303.871582][ T1985] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12837'. [ 1306.357229][ T2020] trusted_key: encrypted_key: keylen parameter is missing [ 1307.578907][ T2031] loop0: detected capacity change from 0 to 32768 [ 1309.336612][ T2136] loop5: detected capacity change from 0 to 256 [ 1309.337668][ T2136] exfat: Deprecated parameter 'utf8' [ 1309.337770][ T2136] exfat: Deprecated parameter 'utf8' [ 1309.394844][ T2136] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1309.935725][ T37] audit: type=1326 audit(2000000001.050:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2157 comm="syz.5.12905" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f09b2e5ce59 code=0x0 [ 1310.172539][ T2168] loop0: detected capacity change from 0 to 64 [ 1310.320236][ T2168] UBIFS error (pid: 2168): cannot open "c:::", error -22 [ 1310.745707][ T2186] loop0: detected capacity change from 0 to 64 [ 1310.838178][ T2186] hfs: request for non-existent node 131072 in B*Tree [ 1310.838197][ T2186] hfs: request for non-existent node 131072 in B*Tree [ 1310.988578][ T2191] loop2: detected capacity change from 0 to 128 [ 1311.009762][ T2191] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 1311.013667][ T2191] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1311.438273][ T2210] bpf: Bad value for 'gid' [ 1312.482460][ T2250] loop0: detected capacity change from 0 to 4096 [ 1312.545688][ T2250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1312.635000][ T2250] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 1312.635026][ T2250] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1312.798659][ T2250] EXT4-fs (loop0): changing journal_checksum during remount not supported; ignoring [ 1312.857603][ T2250] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 1313.102032][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1313.244991][ T2272] smc: net device vcan0 applied user defined pnetid SYZ1 [ 1313.998424][ T2301] loop0: detected capacity change from 0 to 128 [ 1314.022725][ T2296] lo speed is unknown, defaulting to 1000 [ 1314.180404][ T2296] wg1 speed is unknown, defaulting to 1000 [ 1316.935225][ T2369] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 1316.935513][ T2369] pim6reg0: linktype set to 778 [ 1317.755272][ T2404] loop2: detected capacity change from 0 to 1024 [ 1318.125259][ T2417] loop5: detected capacity change from 0 to 1024 [ 1318.134969][ T2417] EXT4-fs: Ignoring removed bh option [ 1318.168689][ T2417] EXT4-fs (loop5): blocks per group (133743) and clusters per group (8192) inconsistent [ 1318.786691][ T2445] TCP: tcp_parse_options: Illegal window scaling value 215 > 14 received [ 1319.581533][ T2488] loop5: detected capacity change from 0 to 64 [ 1320.915699][ T2523] loop0: detected capacity change from 0 to 64 [ 1321.347084][ T2545] 9p: Bad value for 'rfdno' [ 1321.521186][ T2552] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13078'. [ 1322.081413][ T2588] netlink: 16 bytes leftover after parsing attributes in process `syz.5.13089'. [ 1322.677615][ T5634] Bluetooth: hci3: command 0x0406 tx timeout [ 1322.734637][ T2618] loop5: detected capacity change from 0 to 64 [ 1323.242745][ T2640] loop2: detected capacity change from 0 to 512 [ 1323.247386][ T2640] EXT4-fs: Ignoring removed bh option [ 1323.283166][ T2640] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 1323.293538][ T2640] EXT4-fs (loop2): 1 truncate cleaned up [ 1323.318546][ T2640] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1323.363677][ T2640] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.13111: bg 0: block 465: padding at end of block bitmap is not set [ 1323.364412][ T2640] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 117 [ 1323.364443][ T2640] EXT4-fs (loop2): This should not happen!! Data will be lost [ 1323.364443][ T2640] [ 1323.399759][ T2650] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13115'. [ 1323.774629][ T5616] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1324.163169][ T2682] loop0: detected capacity change from 0 to 256 [ 1324.173652][ T2682] exfat: Deprecated parameter 'utf8' [ 1324.173708][ T2682] exfat: Deprecated parameter 'namecase' [ 1324.173810][ T2682] exfat: Deprecated parameter 'namecase' [ 1324.173833][ T2682] exfat: Deprecated parameter 'utf8' [ 1324.341897][ T2682] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d) [ 1324.342225][ T2682] exFAT-fs (loop0): failed to test first cluster bit of root dir(5) [ 1324.451739][ T2655] loop5: detected capacity change from 0 to 32768 [ 1324.481237][ T2682] exfat: Deprecated parameter 'utf8' [ 1324.481262][ T2682] exfat: Deprecated parameter 'utf8' [ 1324.481375][ T2682] exfat: Deprecated parameter 'utf8' [ 1324.653538][ T2655] dmapctl: leaf value 127 too large at index 344 [ 1324.653558][ T2655] ERROR: (device loop5): dbFindCtl: Corrupt dmapctl page [ 1324.653558][ T2655] [ 1324.714589][ T2655] jfs_create: dtInsert returned -EIO [ 1324.714692][ T2655] ERROR: (device loop5): jfs_create: [ 1324.714692][ T2655] [ 1325.702497][ T2748] loop5: detected capacity change from 0 to 128 [ 1329.933014][ T2865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13196'. [ 1330.150642][ T2873] loop5: detected capacity change from 0 to 1024 [ 1330.702942][ T2908] netlink: 20 bytes leftover after parsing attributes in process `syz.0.13212'. [ 1331.185201][ T2926] netlink: 512 bytes leftover after parsing attributes in process `syz.5.13220'. [ 1331.936669][ T2959] loop5: detected capacity change from 0 to 256 [ 1333.073550][ T3020] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13261'. [ 1333.073572][ T3020] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13261'. [ 1333.240880][ T3020] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13261'. [ 1333.240907][ T3020] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13261'. [ 1333.472390][ T3020] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13261'. [ 1333.472423][ T3020] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13261'. [ 1334.101712][ T3066] loop5: detected capacity change from 0 to 64 [ 1334.233942][ T3068] tipc: Started in network mode [ 1334.233959][ T3068] tipc: Node identity -, cluster identity 4711 [ 1334.241452][ T3068] loop0: detected capacity change from 0 to 256 [ 1334.303078][ T3068] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 1334.568574][ T3066] hfs: request for non-existent node 65538 in B*Tree [ 1334.568596][ T3066] hfs: request for non-existent node 65538 in B*Tree [ 1334.568608][ T3066] hfs: fail to find leaf node: node ID 65538 [ 1334.761958][ T3081] loop2: detected capacity change from 0 to 512 [ 1334.765009][ T3081] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1334.903561][ T3088] vcan0: tx drop: invalid da for name 0x00000000000000c7 [ 1334.959559][ T3081] EXT4-fs (loop2): 1 truncate cleaned up [ 1334.969881][ T3081] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1335.195117][ T5616] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1335.583943][ T3115] ALSA: seq fatal error: cannot create timer (-22) [ 1336.694584][ T3143] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 1336.703559][ T50] team_slave_0: entered promiscuous mode [ 1336.703602][ T50] team_slave_1: entered promiscuous mode [ 1337.472127][ T3170] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 1338.096907][ T3198] loop5: detected capacity change from 0 to 256 [ 1338.347516][ T3198] exFAT-fs (loop5): error, no upcase table entry. Please run fsck [ 1338.347539][ T3198] exFAT-fs (loop5): Filesystem has been set read-only [ 1338.347792][ T3198] exFAT-fs (loop5): failed to test first cluster bit of root dir(5) [ 1338.415607][ T50] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 1338.416615][ T50] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 1338.416886][ T50] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 1338.417138][ T50] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 1338.417154][ T50] rtc rtc0: __rtc_set_alarm: err=-22 [ 1339.260900][ T3253] loop0: detected capacity change from 0 to 2048 [ 1339.284085][ T3253] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1339.284616][ T3253] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 1339.299825][ T3253] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1339.859849][ T3274] netlink: 'syz.2.13371': attribute type 1 has an invalid length. [ 1339.975423][ T3274] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1340.063300][ T3282] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13374'. [ 1340.122980][ T3282] gretap0: entered promiscuous mode [ 1340.130912][ T3282] macvlan2: entered allmulticast mode [ 1340.130932][ T3282] gretap0: entered allmulticast mode [ 1340.285703][ T3288] sg_write: data in/out 352340/136 bytes for SCSI command 0x0-- guessing data in; [ 1340.285703][ T3288] program syz.2.13377 not setting count and/or reply_len properly [ 1340.523819][ T5632] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 1341.560682][ T3338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1341.624233][ T3303] loop5: detected capacity change from 0 to 32768 [ 1341.753045][ T3303] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1341.923350][ T3303] XFS (loop5): Ending clean mount [ 1342.928666][T15532] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 1343.036429][T26472] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1343.096916][ T3391] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1343.150064][T15532] usb 3-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1343.150099][T15532] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1343.150133][T15532] usb 3-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.00 [ 1343.150157][T15532] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1343.163746][T15532] usb 3-1: config 0 descriptor?? [ 1343.626655][T15532] hid_parser_main: 87 callbacks suppressed [ 1343.626678][T15532] hid-generic 0003:0EEF:0001.004C: unknown main item tag 0x7 [ 1343.626711][T15532] hid-generic 0003:0EEF:0001.004C: unknown main item tag 0x0 [ 1343.626788][T15532] hid-generic 0003:0EEF:0001.004C: unknown main item tag 0x1 [ 1343.627151][T15532] hid-generic 0003:0EEF:0001.004C: reserved main item tag 0xd [ 1343.627181][T15532] hid-generic 0003:0EEF:0001.004C: item fetching failed at offset 38/39 [ 1343.627935][T15532] hid-generic 0003:0EEF:0001.004C: probe with driver hid-generic failed with error -22 [ 1343.846781][ T5741] usb 3-1: USB disconnect, device number 78 [ 1344.612882][ T3434] netlink: 96 bytes leftover after parsing attributes in process `syz.6.13441'. [ 1345.761787][ T3483] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1346.463551][ T3509] loop2: detected capacity change from 0 to 256 [ 1346.503444][ T3509] exFAT-fs (loop2): error, The cluster chain has a loop [ 1346.503463][ T3509] exFAT-fs (loop2): Filesystem has been set read-only [ 1346.503474][ T3509] exFAT-fs (loop2): failed to count the number of clusters in root [ 1346.503485][ T3509] exFAT-fs (loop2): failed to recognize exfat type [ 1346.904151][ T3529] loop5: detected capacity change from 0 to 512 [ 1347.256866][ T3529] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.13484: invalid indirect mapped block 256 (level 2) [ 1347.256907][ T3529] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1347.259051][ T3529] EXT4-fs (loop5): 2 truncates cleaned up [ 1347.262428][ T3529] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1347.473507][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1348.207304][ T3565] netlink: 'syz.5.13501': attribute type 12 has an invalid length. [ 1348.394587][ T3573] loop5: detected capacity change from 0 to 128 [ 1348.493539][ T3573] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1348.507684][ T3573] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042] [ 1348.507800][ T3573] System zones: 1-3, 19-19, 35-36 [ 1348.527158][ T3573] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 1348.529378][ T3573] ext4 filesystem being mounted at /566/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1348.816595][ T5907] usb 3-1: new high-speed USB device number 79 using dummy_hcd [ 1349.011387][ T5907] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1349.011415][ T5907] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1349.047366][ T5907] usb 3-1: config 0 descriptor?? [ 1349.061503][ T5907] cp210x 3-1:0.0: cp210x converter detected [ 1349.465021][ T5907] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1349.480026][ T3610] tap0: tun_chr_ioctl cmd 1074025677 [ 1349.480312][ T3610] tap0: linktype set to 805 [ 1349.551816][ T5907] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1349.684550][T15532] usb 3-1: USB disconnect, device number 79 [ 1349.770837][T15532] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1350.058639][ T3631] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.13531'. [ 1350.126275][T15532] cp210x 3-1:0.0: device disconnected [ 1350.469517][ T3587] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 1350.757467][T15532] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 1350.936173][T15532] usb 3-1: Using ep0 maxpacket: 16 [ 1350.940928][T15532] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1080, setting to 1024 [ 1350.961523][T15532] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1350.961554][T15532] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1350.961575][T15532] usb 3-1: Product: syz [ 1350.961590][T15532] usb 3-1: Manufacturer: syz [ 1350.961606][T15532] usb 3-1: SerialNumber: syz [ 1351.052746][ T3664] loop0: detected capacity change from 0 to 1024 [ 1351.063463][ T3664] EXT4-fs: inline encryption not supported [ 1351.150910][ T3664] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1351.267540][T15532] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 1351.283516][ T3664] EXT4-fs error (device loop0): ext4_map_blocks:791: inode #3: block 2: comm syz.0.13546: lblock 2 mapped to illegal pblock 2 (length 1) [ 1351.283560][ T3664] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1351.283966][ T3664] EXT4-fs (loop0): Remounting filesystem read-only [ 1351.283987][ T3664] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 1351.284052][ T3664] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 1351.284174][ T3664] EXT4-fs (loop0): 1 orphan inode deleted [ 1351.295541][ T3664] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1351.302223][ T3664] EXT4-fs (loop0): shut down requested (2) [ 1351.463984][T15532] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1351.464458][T15532] usb 3-1: unit 5 not found! [ 1351.517115][T26472] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1351.896676][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1352.154625][T15532] usb 3-1: USB disconnect, device number 80 [ 1352.196417][ T3679] loop5: detected capacity change from 0 to 512 [ 1352.232284][ T3679] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 1352.232544][ T3679] EXT4-fs error (device loop5): ext4_iget_extra_inode:5128: inode #15: comm syz.5.13548: corrupted in-inode xattr: e_value size too large [ 1352.232571][ T3679] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1352.241735][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 1352.241758][ C1] EXT4-fs (loop5): initial error at time 2000000299: ext4_iget_extra_inode:5128: inode 15 [ 1352.241778][ C1] EXT4-fs (loop5): last error at time 2000000299: ext4_iget_extra_inode:5128: inode 15 [ 1352.452695][ T3679] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.13548: couldn't read orphan inode 15 (err -117) [ 1352.452730][ T3679] loop5: lost filesystem error report for type 5 error -117 [ 1352.475387][ T3679] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1352.760834][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1353.661133][ T3724] batman_adv: batadv0: Adding interface: vlan2 [ 1353.661152][ T3724] batman_adv: batadv0: The MTU of interface vlan2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1353.661181][ T3724] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active [ 1354.786948][ T3770] netlink: 24598 bytes leftover after parsing attributes in process `syz.5.13595'. [ 1355.032937][ T3769] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 1355.032974][ T3769] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 1355.033013][ T3769] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 1355.102498][ T3769] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 1355.987657][ T3810] loop5: detected capacity change from 0 to 128 [ 1356.294759][ T3820] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13619'. [ 1356.679333][ T3837] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13629'. [ 1356.679361][ T3837] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13629'. [ 1356.836355][T30379] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 1356.991667][T30379] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1356.991700][T30379] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1356.999025][T30379] usb 6-1: config 0 descriptor?? [ 1357.086486][T30379] cp210x 6-1:0.0: cp210x converter detected [ 1357.390119][ T3861] netlink: 'syz.6.13640': attribute type 1 has an invalid length. [ 1357.587808][T30379] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1357.810050][T30379] usb 6-1: cp210x converter now attached to ttyUSB0 [ 1357.891434][T30379] usb 6-1: USB disconnect, device number 27 [ 1358.170853][T30379] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1358.388703][T30379] cp210x 6-1:0.0: device disconnected [ 1358.406023][ T5741] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 1358.500651][ T3895] sctp: [Deprecated]: syz.0.13657 (pid 3895) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1358.500651][ T3895] Use struct sctp_sack_info instead [ 1358.560691][ T5741] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1358.560746][ T5741] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 1358.560789][ T5741] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1358.560812][ T5741] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1358.623764][ T5741] usb 3-1: config 0 descriptor?? [ 1358.635578][ T5741] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 1358.692102][ T3902] loop0: detected capacity change from 0 to 16 [ 1358.743806][ T3902] erofs (device loop0): mounted with root inode @ nid 36. [ 1359.269150][ T5741] usb 3-1: USB disconnect, device number 81 [ 1359.442341][ T3924] netlink: 'syz.0.13669': attribute type 4 has an invalid length. [ 1359.442364][ T3924] netlink: 'syz.0.13669': attribute type 4 has an invalid length. [ 1360.355079][ T3959] bridge0: port 2(bridge_slave_1) entered disabled state [ 1360.947692][ T3983] loop0: detected capacity change from 0 to 512 [ 1360.950297][ T3983] ext4: Unknown parameter 'fsname' [ 1361.602605][ T1340] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.602719][ T1340] ieee802154 phy1 wpan1: encryption failed: -22 [ 1362.113997][ T4022] loop0: detected capacity change from 0 to 1024 [ 1362.125762][ T4022] hfsplus: failed to load extents file [ 1362.606362][T30379] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 1362.778896][T30379] usb 6-1: Using ep0 maxpacket: 32 [ 1362.788223][T30379] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 1362.810101][T30379] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 1362.810133][T30379] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 1362.810155][T30379] usb 6-1: Product: syz [ 1362.810170][T30379] usb 6-1: Manufacturer: syz [ 1362.810184][T30379] usb 6-1: SerialNumber: syz [ 1362.830785][T30379] usb 6-1: config 0 descriptor?? [ 1362.831925][ T4030] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1362.850935][T30379] hub 6-1:0.0: bad descriptor, ignoring hub [ 1362.850973][T30379] hub 6-1:0.0: probe with driver hub failed with error -5 [ 1363.031085][ T4054] sctp: [Deprecated]: syz.6.13728 (pid 4054) Use of int in max_burst socket option deprecated. [ 1363.031085][ T4054] Use struct sctp_assoc_value instead [ 1363.206671][T30379] usb 6-1: USB disconnect, device number 28 [ 1363.558791][T30379] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 1363.707394][T30379] usb 6-1: Using ep0 maxpacket: 32 [ 1363.709734][T30379] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 1363.718505][T30379] usb 6-1: string descriptor 0 read error: -22 [ 1363.718638][T30379] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 1363.718661][T30379] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 1363.775598][T30379] usb 6-1: config 0 descriptor?? [ 1363.776575][ T4030] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1363.788693][T30379] hub 6-1:0.0: bad descriptor, ignoring hub [ 1363.788732][T30379] hub 6-1:0.0: probe with driver hub failed with error -5 [ 1364.048770][T30379] usb 6-1: USB disconnect, device number 29 [ 1366.436099][ T5634] Bluetooth: hci1: command 0x1003 tx timeout [ 1366.444347][ T5632] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 1366.751647][ T4152] loop5: detected capacity change from 0 to 256 [ 1366.786716][ T4152] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1366.788347][ T4152] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1366.845741][ T4159] mac80211_hwsim hwsim16 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 1366.859851][ T4156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1367.693295][ T4190] loop2: detected capacity change from 0 to 4096 [ 1367.788179][ T4195] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1368.743323][ T4228] loop0: detected capacity change from 0 to 4096 [ 1368.829779][ T4233] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1370.759677][T31486] wlan1: Trigger new scan to find an IBSS to join [ 1370.879487][ T4311] loop0: detected capacity change from 0 to 2048 [ 1370.918260][ T4311] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1370.918282][ T4311] NILFS (loop0): mounting unchecked fs [ 1370.964804][ T4314] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1370.969716][ T4311] NILFS (loop0): recovery complete [ 1371.015719][ T5885] udevd[5885]: incorrect nilfs2 checksum on /dev/loop0 [ 1371.016210][ T4316] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1371.637736][ T4341] loop0: detected capacity change from 0 to 256 [ 1371.667597][ T4341] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d) [ 1372.580639][ T4370] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13877'. [ 1373.801425][T31485] wlan1: Trigger new scan to find an IBSS to join [ 1374.425521][ T4428] loop2: detected capacity change from 0 to 32768 [ 1374.433254][ T4428] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.13904 (4428) [ 1374.449415][ T4455] loop0: detected capacity change from 0 to 256 [ 1374.579630][ T4428] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1374.579665][ T4428] BTRFS info (device loop2): using crc32c checksum algorithm [ 1374.920317][ T4428] BTRFS info (device loop2): enabling ssd optimizations [ 1374.920345][ T4428] BTRFS info (device loop2): turning on flush-on-commit [ 1374.920362][ T4428] BTRFS info (device loop2): enabling free space tree [ 1374.920380][ T4428] BTRFS info (device loop2): enabling auto defrag [ 1374.920398][ T4428] BTRFS info (device loop2): use lzo compression, level 1 [ 1374.920418][ T4428] BTRFS info (device loop2): max_inline set to 4096 [ 1375.033043][T31486] wlan1: Creating new IBSS network, BSSID 66:b8:9a:67:92:77 [ 1375.478298][ T4486] loop0: detected capacity change from 0 to 32768 [ 1375.498332][ T4486] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.13920 (4486) [ 1375.556438][ T4486] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1375.556473][ T4486] BTRFS info (device loop0): using sha256 checksum algorithm [ 1375.763731][ T5616] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1375.805238][T31483] wlan1: Trigger new scan to find an IBSS to join [ 1375.815503][ T4486] BTRFS info (device loop0): rebuilding free space tree [ 1376.201038][ T4486] BTRFS info (device loop0): enabling ssd optimizations [ 1376.201065][ T4486] BTRFS info (device loop0): using spread ssd allocation scheme [ 1376.201083][ T4486] BTRFS info (device loop0): enabling free space tree [ 1376.201100][ T4486] BTRFS info (device loop0): force clearing of disk cache [ 1376.201115][ T4486] BTRFS info (device loop0): enabling auto defrag [ 1376.201132][ T4486] BTRFS info (device loop0): max_inline set to 0 [ 1376.581921][ T5617] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1376.609373][ T4529] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13940'. [ 1377.390240][ T4543] loop5: detected capacity change from 0 to 4096 [ 1377.421536][ T4543] ntfs3(loop5): ino=3, Correct links count -> 2. [ 1378.189756][ T4561] program syz.2.13952 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1378.911519][ T4593] loop2: detected capacity change from 0 to 512 [ 1379.042756][ T4593] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 1379.042867][ T4593] System zones: 0-2, 18-18, 34-35 [ 1379.048472][ T4593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1379.048601][ T4593] ext4 filesystem being mounted at /2357/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1379.311215][ T5616] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1380.776445][T31483] wlan1: Trigger new scan to find an IBSS to join [ 1380.944493][ T4665] loop5: detected capacity change from 0 to 2048 [ 1381.090671][ T4665] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1381.935584][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1382.168985][T31485] wlan1: Creating new IBSS network, BSSID 3e:04:45:45:d2:6b [ 1382.600718][ T4715] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14019'. [ 1384.141236][ T4753] loop5: detected capacity change from 0 to 32768 [ 1384.156471][ T4779] program syz.6.14048 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1384.211693][ T4753] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1384.323982][ T4753] XFS (loop5): Ending clean mount [ 1384.509526][T26472] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1385.599704][ T4829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14069'. [ 1385.713329][ T4833] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.14073'. [ 1385.786573][ T4839] netlink: 52 bytes leftover after parsing attributes in process `syz.2.14074'. [ 1386.360123][ T4860] netlink: 'syz.5.14053': attribute type 1 has an invalid length. [ 1386.832414][ T5748] usb 6-1: new full-speed USB device number 30 using dummy_hcd [ 1387.108481][ T5748] usb 6-1: too many endpoints for config 0 interface 0 altsetting 15: 254, using maximum allowed: 30 [ 1387.108529][ T5748] usb 6-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid maxpacket 1056, setting to 64 [ 1387.108558][ T5748] usb 6-1: config 0 interface 0 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 1387.108585][ T5748] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1387.108617][ T5748] usb 6-1: New USB device found, idVendor=046d, idProduct=c227, bcdDevice= 0.00 [ 1387.108639][ T5748] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1387.113688][ T5748] usb 6-1: config 0 descriptor?? [ 1387.115763][ T4869] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1387.602045][ T5748] lg-g15 0003:046D:C227.004D: ignoring exceeding usage max [ 1387.671249][ T4902] @0: renamed from bond_slave_1 (while UP) [ 1387.692126][ T5748] lg-g15 0003:046D:C227.004D: hidraw0: USB HID v0.0c Device [HID 046d:c227] on usb-dummy_hcd.5-1/input0 [ 1387.909197][ T5748] usb 6-1: USB disconnect, device number 30 [ 1387.940990][ T4909] fido_id[4909]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory [ 1388.679943][ T4946] pimreg: entered allmulticast mode [ 1388.755416][ T4944] pimreg: left allmulticast mode [ 1389.447302][ T37] audit: type=1326 audit(2000000336.569:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.447773][ T37] audit: type=1326 audit(2000000336.569:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.447818][ T37] audit: type=1326 audit(2000000336.569:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.448412][ T37] audit: type=1326 audit(2000000336.569:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.448942][ T37] audit: type=1326 audit(2000000336.569:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.448986][ T37] audit: type=1326 audit(2000000336.569:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.449501][ T37] audit: type=1326 audit(2000000336.569:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.450121][ T37] audit: type=1326 audit(2000000336.569:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.450166][ T37] audit: type=1326 audit(2000000336.569:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1389.451547][ T37] audit: type=1326 audit(2000000336.569:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4986 comm="syz.2.14136" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a6ffce59 code=0x7ffc0000 [ 1391.800598][ T5078] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14180'. [ 1392.381162][ T5100] netlink: 'syz.6.14191': attribute type 2 has an invalid length. [ 1393.058040][ T5129] loop5: detected capacity change from 0 to 4096 [ 1393.122378][ T5129] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 1394.872541][ T5205] netlink: 72 bytes leftover after parsing attributes in process `syz.5.14240'. [ 1394.872558][ T5205] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14240'. [ 1394.872565][ T5205] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14240'. [ 1395.170809][ T5217] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14246'. [ 1395.170837][ T5217] block nbd1: Unsupported socket: should be TCP or UNIX. [ 1395.413856][ T5225] lo speed is unknown, defaulting to 1000 [ 1395.424206][ T5225] wg1 speed is unknown, defaulting to 1000 [ 1396.059534][ T5254] loop5: detected capacity change from 0 to 512 [ 1396.072592][ T5254] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 1398.876361][T16475] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 1399.026266][T16475] usb 6-1: Using ep0 maxpacket: 32 [ 1399.028390][T16475] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 1399.028415][T16475] usb 6-1: config 0 has no interface number 0 [ 1399.043896][T16475] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1399.043923][T16475] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1399.043943][T16475] usb 6-1: Product: syz [ 1399.043955][T16475] usb 6-1: Manufacturer: syz [ 1399.043969][T16475] usb 6-1: SerialNumber: syz [ 1399.070409][T16475] usb 6-1: config 0 descriptor?? [ 1399.922719][T16475] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 1399.922749][T16475] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1399.923337][T16475] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 1399.923627][T16475] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 1399.999967][T16475] usb 6-1: USB disconnect, device number 31 [ 1401.754351][ T5494] loop0: detected capacity change from 0 to 128 [ 1401.766827][ T5494] affs: Invalid blocksize (512, 1024, 2048, 4096 allowed) [ 1403.030151][ T5533] loop0: detected capacity change from 0 to 1024 [ 1403.040067][ T5533] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1403.072543][ T5533] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 1403.072996][ T5533] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1403.099463][ T5533] EXT4-fs error (device loop0): ext4_free_blocks:6718: comm syz.0.14385: Freeing blocks not in datazone - block = 0, count = 4096 [ 1403.099592][ T5533] loop0: lost filesystem error report for type 5 error -117 [ 1403.106624][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 1403.106649][ C0] EXT4-fs (loop0): initial error at time 2000000350: ext4_free_blocks:6718 [ 1403.106681][ C0] EXT4-fs (loop0): last error at time 2000000350: ext4_free_blocks:6718 [ 1403.110693][ T5533] EXT4-fs (loop0): Remounting filesystem read-only [ 1403.110798][ T5533] EXT4-fs (loop0): 1 orphan inode deleted [ 1403.113489][ T5533] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1403.252637][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1404.319117][ T5586] netlink: 72 bytes leftover after parsing attributes in process `syz.2.14409'. [ 1404.331614][ T5582] loop0: detected capacity change from 0 to 4096 [ 1404.332846][ T5582] EXT4-fs: Ignoring removed orlov option [ 1404.370792][ T5582] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1404.535258][ T5592] IPv6: NLM_F_CREATE should be specified when creating new route [ 1404.591853][ T5582] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1404.649454][ T5582] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.14405: bg 0: block 328: padding at end of block bitmap is not set [ 1404.794429][ T5610] netlink: 24 bytes leftover after parsing attributes in process `syz.2.14417'. [ 1404.794464][ T5610] netlink: 'syz.2.14417': attribute type 6 has an invalid length. [ 1404.885750][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1406.540614][ T5675] loop0: detected capacity change from 0 to 4096 [ 1406.612181][ T5675] NILFS (loop0): invalid segment: Checksum error in segment payload [ 1406.612209][ T5675] NILFS (loop0): trying rollback from an earlier position [ 1406.689069][ T5705] loop5: detected capacity change from 0 to 256 [ 1406.747959][ T5715] netlink: 'syz.6.14450': attribute type 3 has an invalid length. [ 1406.747981][ T5715] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14450'. [ 1406.869542][ T5705] FAT-fs (loop5): Directory bread(block 64) failed [ 1406.869573][ T5705] FAT-fs (loop5): Directory bread(block 65) failed [ 1406.869673][ T5705] FAT-fs (loop5): Directory bread(block 66) failed [ 1406.869696][ T5705] FAT-fs (loop5): Directory bread(block 67) failed [ 1406.869802][ T5705] FAT-fs (loop5): Directory bread(block 68) failed [ 1406.869825][ T5705] FAT-fs (loop5): Directory bread(block 69) failed [ 1406.869919][ T5705] FAT-fs (loop5): Directory bread(block 70) failed [ 1406.869941][ T5705] FAT-fs (loop5): Directory bread(block 71) failed [ 1406.870035][ T5705] FAT-fs (loop5): Directory bread(block 72) failed [ 1406.870056][ T5705] FAT-fs (loop5): Directory bread(block 73) failed [ 1406.893737][ T5675] NILFS (loop0): recovery complete [ 1406.949876][ T5724] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14452'. [ 1406.957314][ T5725] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1407.248590][ T5675] NILFS (loop0): nilfs_palloc_freev (ino=3): entry number 239 already freed [ 1407.318739][ T5675] NILFS (loop0): error -2 preparing GC: cannot delete virtual blocks from DAT file [ 1408.698124][ T5805] ip6tnl5: entered allmulticast mode [ 1409.380008][ T5839] loop0: detected capacity change from 0 to 256 [ 1409.649589][ T5839] FAT-fs (loop0): Directory bread(block 64) failed [ 1409.649624][ T5839] FAT-fs (loop0): Directory bread(block 65) failed [ 1409.649789][ T5839] FAT-fs (loop0): Directory bread(block 66) failed [ 1409.649810][ T5839] FAT-fs (loop0): Directory bread(block 67) failed [ 1409.649904][ T5839] FAT-fs (loop0): Directory bread(block 68) failed [ 1409.649925][ T5839] FAT-fs (loop0): Directory bread(block 69) failed [ 1409.650019][ T5839] FAT-fs (loop0): Directory bread(block 70) failed [ 1409.650040][ T5839] FAT-fs (loop0): Directory bread(block 71) failed [ 1409.650133][ T5839] FAT-fs (loop0): Directory bread(block 72) failed [ 1409.650154][ T5839] FAT-fs (loop0): Directory bread(block 73) failed [ 1410.211469][ T5864] loop0: detected capacity change from 0 to 512 [ 1410.259569][ T5864] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.14506: iget: bad i_size value: 38620345925642 [ 1410.259608][ T5864] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1410.265549][ T5864] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.14506: couldn't read orphan inode 15 (err -117) [ 1410.265583][ T5864] loop0: lost filesystem error report for type 5 error -117 [ 1410.265931][ C0] EXT4-fs (loop0): error count since last fsck: 2 [ 1410.265949][ C0] EXT4-fs (loop0): initial error at time 2000000357: ext4_orphan_get:1397: inode 15 [ 1410.265974][ C0] EXT4-fs (loop0): last error at time 2000000357: ext4_orphan_get:1402 [ 1410.358433][ T5864] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1410.558753][ T5864] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 1836366196 > max in inode 18 [ 1410.710242][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1411.624856][ T5921] loop5: detected capacity change from 0 to 64 [ 1411.912690][ T5927] hfs: request for non-existent node 131072 in B*Tree [ 1411.912710][ T5927] hfs: request for non-existent node 131072 in B*Tree [ 1412.192843][T31488] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1412.580532][ T5953] input: syz1 as /devices/virtual/input/input48 [ 1413.150844][ T5978] loop0: detected capacity change from 0 to 1024 [ 1413.157204][ T5978] EXT4-fs: Ignoring removed bh option [ 1413.207350][ T5978] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1413.273199][ T5978] EXT4-fs (loop0): shut down requested (2) [ 1413.461102][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1413.626829][T26911] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1413.703169][ T6000] loop5: detected capacity change from 0 to 1024 [ 1413.704351][ T6000] EXT4-fs: Ignoring removed bh option [ 1413.705444][ T6000] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1413.730686][ T6000] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1414.023218][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1414.137082][ T6015] loop0: detected capacity change from 0 to 256 [ 1414.138763][ T6015] exfat: Deprecated parameter 'namecase' [ 1414.173948][ T6015] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 1414.936691][ T6033] sctp: [Deprecated]: syz.2.14585 (pid 6033) Use of int in max_burst socket option. [ 1414.936691][ T6033] Use struct sctp_assoc_value instead [ 1415.141432][ T6044] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14590'. [ 1415.479440][ T37] kauditd_printk_skb: 3 callbacks suppressed [ 1415.479459][ T37] audit: type=1326 audit(2000000362.599:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6058 comm="syz.6.14597" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb9ee09ce59 code=0x0 [ 1415.713517][ T37] audit: type=1326 audit(2000000362.829:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1415.715600][ T37] audit: type=1326 audit(2000000362.829:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1415.715643][ T37] audit: type=1326 audit(2000000362.829:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1415.767718][ T37] audit: type=1326 audit(2000000362.869:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1415.767769][ T37] audit: type=1326 audit(2000000362.869:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1415.767800][ T37] audit: type=1326 audit(2000000362.869:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1415.767832][ T37] audit: type=1326 audit(2000000362.869:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1415.767865][ T37] audit: type=1326 audit(2000000362.869:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1415.767895][ T37] audit: type=1326 audit(2000000362.879:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.0.14601" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1416.900788][ T6116] loop0: detected capacity change from 0 to 256 [ 1417.844576][ T6153] netlink: 36 bytes leftover after parsing attributes in process `syz.6.14639'. [ 1418.487195][ T6185] loop5: detected capacity change from 0 to 512 [ 1418.490265][ T6185] EXT4-fs: Ignoring removed mblk_io_submit option [ 1418.509474][ T6185] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=885ec129, mo2=0006] [ 1418.510471][ T6185] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.14654: Invalid inode bitmap blk 4 in block_group 0 [ 1418.510504][ T6185] loop5: lost filesystem error report for type 5 error -117 [ 1418.516098][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 1418.516119][ C0] EXT4-fs (loop5): initial error at time 2000000365: ext4_read_inode_bitmap:139 [ 1418.516141][ C0] EXT4-fs (loop5): last error at time 2000000365: ext4_read_inode_bitmap:139 [ 1418.538373][ T6185] EXT4-fs (loop5): Remounting filesystem read-only [ 1418.547899][ T6185] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1418.749748][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1419.144253][ T6216] loop0: detected capacity change from 0 to 256 [ 1419.945130][ T6249] program syz.5.14683 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1420.834718][ T6302] sg_write: data in/out 373125/136 bytes for SCSI command 0x0-- guessing data in; [ 1420.834718][ T6302] program syz.6.14709 not setting count and/or reply_len properly [ 1421.132773][ T6316] loop5: detected capacity change from 0 to 24 [ 1421.605228][ T6336] loop5: detected capacity change from 0 to 164 [ 1421.618214][ T6336] iso9660: Unknown parameter '017777777777777777777770x0000000000000000' [ 1421.624098][ T6336] program syz.5.14722 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1421.881748][ T6348] netlink: 28 bytes leftover after parsing attributes in process `syz.2.14732'. [ 1423.013149][ T1340] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.013246][ T1340] ieee802154 phy1 wpan1: encryption failed: -22 [ 1425.356295][ T6543] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14826'. [ 1426.705006][ T37] kauditd_printk_skb: 35 callbacks suppressed [ 1426.705034][ T37] audit: type=1800 audit(2000000373.819:731): pid=6595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.14852" name="file1" dev="tmpfs" ino=3883 res=0 errno=0 [ 1427.687050][ T6632] pimreg: entered allmulticast mode [ 1427.687954][ T6638] pimreg: left allmulticast mode [ 1429.438612][ T6729] netlink: 28 bytes leftover after parsing attributes in process `syz.5.14914'. [ 1429.484000][ T6731] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1429.987350][T30379] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 1430.011483][ T6758] netlink: 20 bytes leftover after parsing attributes in process `syz.6.14929'. [ 1430.203203][T30379] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 1430.203253][T30379] usb 6-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 1430.203277][T30379] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1430.287787][T30379] usb 6-1: config 0 descriptor?? [ 1430.298362][ T6743] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1430.719209][ T6743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1430.719882][ T6743] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1430.745160][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745199][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745227][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745253][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745283][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745308][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745334][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745361][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745386][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.745414][T30379] uclogic 0003:5543:0064.004E: unknown main item tag 0x0 [ 1430.769396][T30379] uclogic 0003:5543:0064.004E: hidraw0: USB HID v7b.fd Device [HID 5543:0064] on usb-dummy_hcd.5-1/input0 [ 1430.970170][T30379] usb 6-1: USB disconnect, device number 32 [ 1431.475817][ T6804] loop0: detected capacity change from 0 to 16 [ 1431.479527][ T6804] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 1431.831437][ T37] audit: type=1326 audit(2000000378.939:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6813 comm="syz.6.14953" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ee09ce59 code=0x7ffc0000 [ 1431.831490][ T37] audit: type=1326 audit(2000000378.949:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6813 comm="syz.6.14953" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ee09ce59 code=0x7ffc0000 [ 1431.831531][ T37] audit: type=1326 audit(2000000378.949:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6813 comm="syz.6.14953" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fb9ee09ce59 code=0x7ffc0000 [ 1431.831571][ T37] audit: type=1326 audit(2000000378.949:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6813 comm="syz.6.14953" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ee09ce59 code=0x7ffc0000 [ 1432.566044][T30379] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 1432.728194][T30379] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1432.728221][T30379] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1432.728241][T30379] usb 6-1: config 1 has no interface number 0 [ 1432.728284][T30379] usb 6-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1432.730575][T30379] usb 6-1: New USB device found, idVendor=0525, idProduct=779d, bcdDevice= 0.40 [ 1432.730604][T30379] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1432.730624][T30379] usb 6-1: Product: syz [ 1432.730638][T30379] usb 6-1: Manufacturer: syz [ 1432.730653][T30379] usb 6-1: SerialNumber: syz [ 1433.151232][T30379] cdc_ncm 6-1:1.1: skipping garbage [ 1433.151257][T30379] usb 6-1: selecting invalid altsetting 1 [ 1434.055062][T30379] cdc_ncm 6-1:1.1: SET_CRC_MODE failed [ 1434.056435][T30379] cdc_ncm 6-1:1.1: SET_NTB_FORMAT failed [ 1434.075794][T30379] usb 6-1: selecting invalid altsetting 1 [ 1434.077832][T30379] cdc_ncm 6-1:1.1: bind() failure [ 1434.100676][T30379] usb 6-1: USB disconnect, device number 33 [ 1434.452461][ T6889] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.14989'. [ 1435.309104][T16475] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 1435.456519][T16475] usb 6-1: Using ep0 maxpacket: 16 [ 1435.458778][T16475] usb 6-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 1435.458806][T16475] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1435.517151][T16475] usb 6-1: config 0 descriptor?? [ 1435.522575][T16475] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 1436.598437][T16475] gspca_sonixj: reg_w1 err -71 [ 1436.616707][T16475] sonixj 6-1:0.0: probe with driver sonixj failed with error -71 [ 1436.632209][T16475] usb 6-1: USB disconnect, device number 34 [ 1436.815129][ T6965] sock: sock_set_timeout: `syz.6.15012' (pid 6965) tries to set negative timeout [ 1437.314387][ T6978] loop5: detected capacity change from 0 to 256 [ 1437.408299][ T6978] FAT-fs (loop5): Directory bread(block 64) failed [ 1437.408335][ T6978] FAT-fs (loop5): Directory bread(block 65) failed [ 1437.408433][ T6978] FAT-fs (loop5): Directory bread(block 66) failed [ 1437.408456][ T6978] FAT-fs (loop5): Directory bread(block 67) failed [ 1437.408549][ T6978] FAT-fs (loop5): Directory bread(block 68) failed [ 1437.408570][ T6978] FAT-fs (loop5): Directory bread(block 69) failed [ 1437.408666][ T6978] FAT-fs (loop5): Directory bread(block 70) failed [ 1437.408687][ T6978] FAT-fs (loop5): Directory bread(block 71) failed [ 1437.408787][ T6978] FAT-fs (loop5): Directory bread(block 72) failed [ 1437.408806][ T6978] FAT-fs (loop5): Directory bread(block 73) failed [ 1437.538603][ T6983] netlink: 20 bytes leftover after parsing attributes in process `syz.2.15021'. [ 1437.768224][ T6989] 9pnet: p9_errstr2errno: server reported unknown error 0x000 [ 1438.974186][ T7030] loop0: detected capacity change from 0 to 128 [ 1439.000390][ T7030] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1439.000462][ T7030] hpfs: filesystem error: improperly stopped [ 1439.000477][ T7030] hpfs: You really don't want any checks? You are crazy... [ 1439.000880][ T7030] hpfs: hpfs_map_sector(): read error [ 1439.000891][ T7030] hpfs: code page support is disabled [ 1439.104488][ T7030] hpfs: hpfs_map_4sectors(): unaligned read [ 1439.142361][ T7030] hpfs: hpfs_map_4sectors(): unaligned read [ 1439.142379][ T7030] hpfs: filesystem error: unable to find root dir [ 1439.458100][ T7030] hpfs: hpfs_map_4sectors(): unaligned read [ 1439.500440][ T7030] hpfs: hpfs_map_sector(): read error [ 1441.996881][ T7175] loop5: detected capacity change from 0 to 1024 [ 1442.977359][ T7226] loop5: detected capacity change from 0 to 4096 [ 1442.981154][ T7226] EXT4-fs: Ignoring removed orlov option [ 1443.052553][ T7226] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1443.075457][ T7226] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1443.117789][T31485] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1443.363933][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1444.657646][T31488] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1445.232087][ T7270] loop5: detected capacity change from 0 to 131072 [ 1445.251911][ T7270] F2FS-fs (loop5): invalid crc value [ 1445.432043][ T7270] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1445.469797][ T7270] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 1445.541709][ T37] audit: type=1800 audit(2000000392.659:736): pid=7270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.15156" name="file1" dev="loop5" ino=7 res=0 errno=0 [ 1445.543501][ T37] audit: type=1800 audit(2000000392.659:737): pid=7270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.15156" name="file1" dev="loop5" ino=7 res=0 errno=0 [ 1446.214511][ T7339] batman_adv: batadv0: Adding interface: macvtap1 [ 1446.214528][ T7339] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1446.214556][ T7339] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active [ 1447.030944][ T7369] batman_adv: batadv0: Adding interface: macvtap1 [ 1447.030959][ T7369] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1447.030986][ T7369] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active [ 1449.567170][ T7466] dlm: non-version read from control device 207 [ 1449.622992][ T7470] loop0: detected capacity change from 0 to 128 [ 1449.694092][ T7470] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1449.710123][ T7470] ext4 filesystem being mounted at /2884/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1449.961616][ T5617] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1451.462996][ T7555] loop8: detected capacity change from 0 to 1 [ 1451.529470][ T7555] Dev loop8: unable to read RDB block 1 [ 1451.529516][ T7555] loop8: unable to read partition table [ 1451.529751][ T7555] loop8: partition table beyond EOD, truncated [ 1451.529785][ T7555] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1451.878695][ T37] audit: type=1326 audit(2000000398.999:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1451.886296][ T37] audit: type=1326 audit(2000000399.009:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1451.887396][ T37] audit: type=1326 audit(2000000399.009:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1451.888683][ T37] audit: type=1326 audit(2000000399.009:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1451.891406][ T37] audit: type=1326 audit(2000000399.009:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1451.945167][ T37] audit: type=1326 audit(2000000399.059:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bdd2bce59 code=0x7ffc0000 [ 1451.945306][ T37] audit: type=1326 audit(2000000399.059:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4bdd2bcbc2 code=0x7ffc0000 [ 1451.948961][ T37] audit: type=1326 audit(2000000399.069:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f4bdd2bcc57 code=0x7ffc0000 [ 1451.949598][ T37] audit: type=1326 audit(2000000399.069:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f4bdd279b51 code=0x7ffc0000 [ 1451.955177][ T37] audit: type=1326 audit(2000000399.069:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.15296" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f4bdd2bdc49 code=0x7ffc0000 [ 1452.226332][ T5748] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 1452.396968][ T5748] usb 6-1: Using ep0 maxpacket: 16 [ 1452.399486][ T5748] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1452.399530][ T5748] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1452.399569][ T5748] usb 6-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00 [ 1452.399592][ T5748] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1452.410915][ T5748] usb 6-1: config 0 descriptor?? [ 1452.878212][ T5748] hid_parser_main: 402 callbacks suppressed [ 1452.878236][ T5748] wacom 0003:056A:0084.004F: unknown main item tag 0x6 [ 1452.878266][ T5748] wacom 0003:056A:0084.004F: item fetching failed at offset 10/11 [ 1452.880637][ T5748] wacom 0003:056A:0084.004F: parse failed [ 1452.880752][ T5748] wacom 0003:056A:0084.004F: probe with driver wacom failed with error -22 [ 1453.071783][T15532] usb 6-1: USB disconnect, device number 35 [ 1453.419943][ T7608] loop0: detected capacity change from 0 to 256 [ 1453.467727][ T7608] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 1453.686670][ T7608] exFAT-fs (loop0): start_clu is invalid cluster(0xffffffff) [ 1455.623202][ T7683] netlink: 'syz.6.15349': attribute type 1 has an invalid length. [ 1456.600060][ T7718] loop0: detected capacity change from 0 to 256 [ 1456.601207][ T7718] exfat: Deprecated parameter 'utf8' [ 1456.601250][ T7718] exfat: Deprecated parameter 'namecase' [ 1456.601325][ T7718] exfat: Deprecated parameter 'namecase' [ 1456.601346][ T7718] exfat: Deprecated parameter 'utf8' [ 1456.791952][ T7718] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d) [ 1456.792339][ T7718] exFAT-fs (loop0): failed to test first cluster bit of root dir(5) [ 1457.206548][ T7737] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1458.421061][ T7791] netlink: 'syz.5.15398': attribute type 6 has an invalid length. [ 1459.280873][ T7822] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15413'. [ 1459.735540][ T7841] netlink: 24 bytes leftover after parsing attributes in process `syz.6.15422'. [ 1460.263296][ T7858] netlink: 40 bytes leftover after parsing attributes in process `syz.2.15430'. [ 1460.370497][ T7837] loop5: detected capacity change from 0 to 32768 [ 1460.990096][ T7880] vivid-000: disconnect [ 1460.990943][ T7878] vivid-000: reconnect [ 1462.136808][ T7923] loop5: detected capacity change from 0 to 32768 [ 1462.137997][ T7923] btrfs: Deprecated parameter 'usebackuproot' [ 1462.138017][ T7923] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 1462.138800][ T7923] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.15460 (7923) [ 1462.180845][ T7923] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1462.180877][ T7923] BTRFS info (device loop5): using crc32c checksum algorithm [ 1462.322417][ T7948] netlink: 27 bytes leftover after parsing attributes in process `syz.2.15467'. [ 1462.376821][T31219] BTRFS warning (device loop5): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 1462.376914][ T7923] BTRFS error (device loop5): failed to load root extent [ 1462.376937][ T7923] BTRFS warning (device loop5): try to load backup roots slot 1 [ 1462.377786][T31219] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0xc092cdc2 level 0 [ 1462.377920][ T7923] BTRFS warning (device loop5): couldn't read tree root [ 1462.377940][ T7923] BTRFS warning (device loop5): try to load backup roots slot 2 [ 1462.378281][T31219] BTRFS error (device loop5): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 1462.378386][ T7923] BTRFS warning (device loop5): couldn't read tree root [ 1462.378404][ T7923] BTRFS warning (device loop5): try to load backup roots slot 3 [ 1462.450193][ T7923] BTRFS info (device loop5): rebuilding free space tree [ 1462.820873][ T7923] BTRFS info (device loop5): checking UUID tree [ 1462.826993][ T7923] BTRFS info (device loop5): enabling ssd optimizations [ 1462.827029][ T7923] BTRFS info (device loop5): turning on async discard [ 1462.827047][ T7923] BTRFS info (device loop5): enabling free space tree [ 1462.827064][ T7923] BTRFS info (device loop5): force clearing of disk cache [ 1462.827080][ T7923] BTRFS info (device loop5): enabling auto defrag [ 1462.827096][ T7923] BTRFS info (device loop5): trying to use backup root at mount time [ 1462.827115][ T7923] BTRFS info (device loop5): use zstd compression, level 3 [ 1462.921977][ T7961] tipc: Enabled bearer , priority 10 [ 1463.581179][T26472] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1463.628742][ T7975] netlink: 'syz.0.15478': attribute type 12 has an invalid length. [ 1463.628784][ T7975] netlink: 248 bytes leftover after parsing attributes in process `syz.0.15478'. [ 1463.632283][ T7975] netlink: 'syz.0.15478': attribute type 12 has an invalid length. [ 1463.632305][ T7975] netlink: 248 bytes leftover after parsing attributes in process `syz.0.15478'. [ 1464.974599][ T5907] tipc: Node number set to 53346304 [ 1466.417110][ T5907] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 1466.596355][ T5907] usb 6-1: Using ep0 maxpacket: 16 [ 1466.600286][ T5907] usb 6-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4 [ 1466.600316][ T5907] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1466.600335][ T5907] usb 6-1: Product: syz [ 1466.600350][ T5907] usb 6-1: Manufacturer: syz [ 1466.600362][ T5907] usb 6-1: SerialNumber: syz [ 1466.605716][ T5907] usb 6-1: config 0 descriptor?? [ 1466.611744][ T5907] gspca_main: spca508-2.14.0 probing 041e:4018 [ 1466.812757][ T5907] gspca_spca508: reg_read err -32 [ 1466.814929][ T5907] gspca_spca508: reg_read err -32 [ 1466.828722][ T5907] gspca_spca508: reg_read err -32 [ 1467.030852][ T5907] gspca_spca508: reg_read err -71 [ 1467.032137][ T5907] gspca_spca508: reg write: error -71 [ 1467.032232][ T5907] spca508 6-1:0.0: probe with driver spca508 failed with error -71 [ 1467.075459][ T5907] usb 6-1: USB disconnect, device number 36 [ 1467.480276][ T8074] lo speed is unknown, defaulting to 1000 [ 1467.606839][ T8079] lo speed is unknown, defaulting to 1000 [ 1467.608429][ T8074] wg1 speed is unknown, defaulting to 1000 [ 1467.643677][ T8079] wg1 speed is unknown, defaulting to 1000 [ 1467.675339][ T8090] loop5: detected capacity change from 0 to 512 [ 1467.707460][ T8090] EXT4-fs error (device loop5): ext4_iget_extra_inode:5128: inode #15: comm syz.5.15529: corrupted in-inode xattr: invalid ea_ino [ 1467.707495][ T8090] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1467.715922][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 1467.715945][ C0] EXT4-fs (loop5): initial error at time 2000000414: ext4_iget_extra_inode:5128: inode 15 [ 1467.715971][ C0] EXT4-fs (loop5): last error at time 2000000414: ext4_iget_extra_inode:5128: inode 15 [ 1467.756513][ T8090] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.15529: couldn't read orphan inode 15 (err -117) [ 1467.756549][ T8090] loop5: lost filesystem error report for type 5 error -117 [ 1467.774317][ T8090] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1467.816405][ T8090] EXT4-fs error (device loop5): ext4_find_dest_de:2050: inode #2: block 13: comm syz.5.15529: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 1468.254810][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1468.567883][ T8115] loop5: detected capacity change from 0 to 16 [ 1468.579234][ T8115] erofs (device loop5): mounted with root inode @ nid 36. [ 1469.128366][ T8133] loop5: detected capacity change from 0 to 1024 [ 1469.473198][ T8133] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1469.554791][ T8150] overlayfs: missing 'lowerdir' [ 1469.795798][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1471.298039][ T8219] netlink: 'syz.0.15585': attribute type 83 has an invalid length. [ 1472.236172][ T5907] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 1472.339831][ T8275] netlink: 20 bytes leftover after parsing attributes in process `syz.6.15613'. [ 1472.352519][ T8275] netlink: 20 bytes leftover after parsing attributes in process `syz.6.15613'. [ 1472.388676][ T5907] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1472.388705][ T5907] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1472.388742][ T5907] usb 6-1: too many endpoints for config 1 interface 0 altsetting 0: 105, using maximum allowed: 30 [ 1472.388780][ T5907] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 105 [ 1472.390047][ T5907] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1472.390076][ T5907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1472.390096][ T5907] usb 6-1: SerialNumber: syz [ 1472.767177][ T8285] input: syz0 as /devices/virtual/input/input49 [ 1474.127064][ T8257] loop5: detected capacity change from 0 to 1024 [ 1474.149322][T31488] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1474.183410][ T8257] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1474.225705][ T8257] netlink: 'syz.5.15602': attribute type 49 has an invalid length. [ 1475.185616][ T8257] ip6gretap0: entered promiscuous mode [ 1475.185709][ T8257] ip6gretap0: entered allmulticast mode [ 1475.407304][ T5907] usb 6-1: cannot find UAC_HEADER [ 1475.637988][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1475.999272][T31488] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1476.718329][ T5907] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1476.730945][ T5907] usb 6-1: USB disconnect, device number 37 [ 1477.580362][ T5885] udevd[5885]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1477.668135][ T8410] loop5: detected capacity change from 0 to 512 [ 1477.670832][ T8410] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1477.713293][ T8410] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1477.713469][ T8410] ext4 filesystem being mounted at /816/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1477.895077][T26472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1478.420256][ T8437] loop0: detected capacity change from 0 to 1024 [ 1478.427489][ T5907] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 1478.435035][ T8437] EXT4-fs (loop0): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 1478.470103][ T8437] EXT4-fs error (device loop0): ext4_map_blocks:791: inode #3: block 2: comm syz.0.15678: lblock 2 mapped to illegal pblock 2 (length 1) [ 1478.470144][ T8437] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1478.470463][ T8437] __quota_error: 41 callbacks suppressed [ 1478.470478][ T8437] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 1478.470524][ T8437] EXT4-fs error (device loop0): ext4_map_blocks:791: inode #3: block 48: comm syz.0.15678: lblock 0 mapped to illegal pblock 48 (length 1) [ 1478.470555][ T8437] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1478.470782][ T8437] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 1478.470802][ T8437] EXT4-fs error (device loop0): ext4_acquire_dquot:7034: comm syz.0.15678: Failed to acquire dquot type 0 [ 1478.470825][ T8437] loop0: lost filesystem error report for type 5 error -117 [ 1478.471131][ T8437] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 1478.471151][ T8437] loop0: lost filesystem error report for type 5 error -117 [ 1478.471520][ T8437] EXT4-fs error (device loop0): ext4_evict_inode:267: inode #11: comm syz.0.15678: mark_inode_dirty error [ 1478.471546][ T8437] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1478.471727][ T8437] EXT4-fs warning (device loop0): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 1478.471819][ T8437] EXT4-fs (loop0): 1 orphan inode deleted [ 1478.473823][ T8437] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1478.537310][ T144] EXT4-fs error (device loop0): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1) [ 1478.581317][ T5907] usb 6-1: Using ep0 maxpacket: 16 [ 1478.584023][ T5907] usb 6-1: config 0 has an invalid descriptor of length 55, skipping remainder of the config [ 1478.584076][ T5907] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81 [ 1478.584102][ T5907] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1478.584128][ T5907] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1478.587617][ T5907] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 1478.587646][ T5907] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1478.587667][ T5907] usb 6-1: Product: syz [ 1478.587682][ T5907] usb 6-1: Manufacturer: syz [ 1478.587696][ T5907] usb 6-1: SerialNumber: syz [ 1478.603088][ T144] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 1478.603134][ T144] EXT4-fs error (device loop0): ext4_release_dquot:7070: comm kworker/u8:5: Failed to release dquot type 0 [ 1478.766240][ T5907] usb 6-1: config 0 descriptor?? [ 1478.997224][ T5907] appledisplay: Apple Cinema Display connected [ 1479.072716][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1479.132993][ T5617] EXT4-fs error (device loop0): __ext4_get_inode_loc:4885: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 1479.133023][ T5617] loop0: lost filesystem error report for type 5 error -117 [ 1479.135579][ T5617] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 1479.135603][ T5617] loop0: lost filesystem error report for type 5 error -117 [ 1479.136517][ T5617] EXT4-fs error (device loop0): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 1479.136545][ T5617] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1479.214258][ T5907] usb 6-1: USB disconnect, device number 38 [ 1479.214347][ C0] usb 6-1: appledisplay_complete - usb_submit_urb failed with result -19 [ 1479.234367][ T5907] appledisplay: Apple Cinema Display disconnected [ 1479.320371][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1480.756378][ T5907] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 1480.897749][ T8480] overlayfs: failed to resolve './file0': -2 [ 1480.912251][ T5907] usb 6-1: Using ep0 maxpacket: 32 [ 1480.915003][ T5907] usb 6-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 1480.915033][ T5907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1480.946608][ T5907] usb 6-1: config 0 descriptor?? [ 1480.965789][ T5907] gspca_main: sunplus-2.14.0 probing 041e:400b [ 1481.784591][ T5907] gspca_sunplus: reg_r err -71 [ 1481.784682][ T5907] sunplus 6-1:0.0: probe with driver sunplus failed with error -71 [ 1481.801193][ T5907] usb 6-1: USB disconnect, device number 39 [ 1484.456018][ T1340] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.456123][ T1340] ieee802154 phy1 wpan1: encryption failed: -22 [ 1485.146651][T16475] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 1485.296421][T16475] usb 6-1: Using ep0 maxpacket: 32 [ 1485.298577][T16475] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 1485.298601][T16475] usb 6-1: config 0 has no interface number 0 [ 1485.300891][T16475] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1485.300917][T16475] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1485.300937][T16475] usb 6-1: Product: syz [ 1485.300950][T16475] usb 6-1: Manufacturer: syz [ 1485.300964][T16475] usb 6-1: SerialNumber: syz [ 1485.363774][T16475] usb 6-1: config 0 descriptor?? [ 1486.206536][T16475] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 1486.409146][T16475] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 1486.421974][T16475] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 1486.450441][T16475] usb 6-1: USB disconnect, device number 40 [ 1487.022083][ T8743] loop0: detected capacity change from 0 to 128 [ 1487.024401][ T8743] FAT-fs (loop0): bread failed, FSINFO block (sector = 18433) [ 1487.178769][T16475] kernel write not supported for file /uhid (pid: 16475 comm: kworker/0:0) [ 1487.199027][ T8753] loop5: detected capacity change from 0 to 512 [ 1487.205214][ T8753] EXT4-fs: Ignoring removed orlov option [ 1487.205266][ T8753] EXT4-fs: Ignoring removed mblk_io_submit option [ 1487.263128][ T8753] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13 [ 1487.273010][ T8753] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.15810: attempt to clear invalid blocks 2 len 1 [ 1487.273049][ T8753] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1487.275916][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 1487.275936][ C1] EXT4-fs (loop5): initial error at time 2000000434: ext4_clear_blocks:876: inode 13 [ 1487.275962][ C1] EXT4-fs (loop5): last error at time 2000000434: ext4_clear_blocks:876: inode 13 [ 1487.306258][ T8753] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1487.322083][ T8753] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.15810: invalid indirect mapped block 1819239214 (level 0) [ 1487.322121][ T8753] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1487.362771][ T8753] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.15810: invalid indirect mapped block 1819239214 (level 1) [ 1487.362810][ T8753] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1487.371529][ T8753] EXT4-fs (loop5): 1 truncate cleaned up [ 1487.387142][ T8753] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1487.669301][T26472] EXT4-fs error (device loop5): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: directory entry overrun - offset=108, inode=4294901777, rec_len=1024, size=1024 fake=0 [ 1487.832221][T26472] EXT4-fs error (device loop5): ext4_iget_extra_inode:5128: inode #15: comm syz-executor: corrupted in-inode xattr: e_value out of bounds [ 1487.833150][T26472] EXT4-fs error (device loop5): ext4_iget_extra_inode:5128: inode #15: comm syz-executor: corrupted in-inode xattr: e_value out of bounds [ 1488.093158][T28549] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1488.241102][ T8790] mac80211_hwsim hwsim3 ..c: renamed from wlan1 [ 1490.503119][ T8848] loop0: detected capacity change from 0 to 1024 [ 1490.504268][ T8848] EXT4-fs: Ignoring removed orlov option [ 1490.532685][ T8848] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 1490.591597][ T8848] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1491.664885][ T5634] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1491.761319][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1491.763036][ T5634] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1491.945312][ T8887] netlink: 8 bytes leftover after parsing attributes in process `syz.6.15867'. [ 1491.979016][ T5634] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1491.995057][ T5634] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1492.041581][ T5634] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1492.046626][ T8887] netlink: 'syz.6.15867': attribute type 2 has an invalid length. [ 1493.413358][ T8875] lo speed is unknown, defaulting to 1000 [ 1493.550323][ T8875] wg1 speed is unknown, defaulting to 1000 [ 1494.276093][ T5632] Bluetooth: hci1: command tx timeout [ 1494.358452][ T8961] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15892'. [ 1494.372609][ T8961] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15892'. [ 1495.669377][ T9003] lo: left allmulticast mode [ 1495.701619][T30379] lo speed is unknown, defaulting to 1000 [ 1495.701685][T30379] syz2: Port: 1 Link DOWN [ 1495.948837][ T8875] bridge0: port 1(bridge_slave_0) entered blocking state [ 1495.949224][ T8875] bridge0: port 1(bridge_slave_0) entered disabled state [ 1495.949568][ T8875] bridge_slave_0: entered allmulticast mode [ 1495.953015][ T8875] bridge_slave_0: entered promiscuous mode [ 1495.999266][ T8875] bridge0: port 2(bridge_slave_1) entered blocking state [ 1496.001171][ T8875] bridge0: port 2(bridge_slave_1) entered disabled state [ 1496.001525][ T8875] bridge_slave_1: entered allmulticast mode [ 1496.029036][ T8875] bridge_slave_1: entered promiscuous mode [ 1496.149514][ T8875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1496.154515][ T8875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1496.227705][ T8875] team0: Port device team_slave_0 added [ 1496.232775][ T8875] team0: Port device team_slave_1 added [ 1496.306347][ T8875] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1496.306364][ T8875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1496.306389][ T8875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1496.309876][ T8875] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1496.309891][ T8875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1496.309915][ T8875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1496.356771][ T5632] Bluetooth: hci1: command tx timeout [ 1496.514032][ T8875] hsr_slave_0: entered promiscuous mode [ 1496.518633][ T8875] hsr_slave_1: entered promiscuous mode [ 1496.537536][ T8875] debugfs: 'hsr0' already exists in 'hsr' [ 1496.537557][ T8875] Cannot create hsr debugfs directory [ 1498.007877][ T37] audit: type=1326 audit(2000000445.129:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.6.15949" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb9ee09ce59 code=0x0 [ 1498.093942][ T8875] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1498.158156][ T8875] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1498.160224][ T8875] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1498.430669][ T8875] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1498.432202][ T8875] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1498.436261][ T5632] Bluetooth: hci1: command tx timeout [ 1498.557621][ T8875] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1498.562852][ T8875] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1498.699209][ T8875] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1499.194622][ T9140] netlink: 12 bytes leftover after parsing attributes in process `syz.6.15964'. [ 1499.996146][ T8875] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1500.013549][ T9149] lo speed is unknown, defaulting to 1000 [ 1500.035095][ T9149] wg1 speed is unknown, defaulting to 1000 [ 1500.522065][ T5632] Bluetooth: hci1: command tx timeout [ 1500.768255][ T9183] sock: sock_set_timeout: `syz.2.15985' (pid 9183) tries to set negative timeout [ 1501.023111][ T8875] 8021q: adding VLAN 0 to HW filter on device team0 [ 1501.174659][T31488] bridge0: port 1(bridge_slave_0) entered blocking state [ 1501.174830][T31488] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1501.325818][T31220] bridge0: port 2(bridge_slave_1) entered blocking state [ 1501.326344][T31220] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1502.347458][ T9220] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 1502.347720][ T9220] overlayfs: overlapping lowerdir path [ 1502.508404][ T9220] 9pnet_fd: p9_fd_create_unix (9220): problem connecting socket: ./file0: -111 [ 1502.907464][ T9228] netlink: 320 bytes leftover after parsing attributes in process `syz.2.16005'. [ 1504.830977][ T8875] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1505.683936][ T144] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1505.964094][ T8875] veth0_vlan: entered promiscuous mode [ 1506.192774][ T8875] veth1_vlan: entered promiscuous mode [ 1506.830330][ T9334] loop0: detected capacity change from 0 to 2048 [ 1506.966389][ T9343] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1506.994499][ T8875] veth0_macvtap: entered promiscuous mode [ 1507.048762][ T8875] veth1_macvtap: entered promiscuous mode [ 1507.294645][ T8875] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1507.370621][ T8875] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1507.444967][T31219] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1507.445337][T31219] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1507.445377][T31219] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1507.445412][T31219] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1511.169815][T31223] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1511.169837][T31223] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1511.719863][T31486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1511.719883][T31486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1513.454336][ T9484] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16115'. [ 1514.864848][ T9550] netlink: 12 bytes leftover after parsing attributes in process `syz.7.16147'. [ 1515.183790][ T9565] netlink: 212344 bytes leftover after parsing attributes in process `syz.7.16154'. [ 1515.301064][ T9567] tipc: Started in network mode [ 1515.301083][ T9567] tipc: Node identity ac1414aa, cluster identity 4711 [ 1515.435803][ T9567] tipc: Enabling of bearer rejected, failed to enable media [ 1515.876551][T16475] usb 8-1: new full-speed USB device number 2 using dummy_hcd [ 1515.928973][ T9593] netlink: 16 bytes leftover after parsing attributes in process `syz.6.16167'. [ 1516.032789][T16475] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 1516.032859][T16475] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1516.032884][T16475] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1516.032990][T16475] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1516.033013][T16475] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1516.317278][T16475] usb 8-1: GET_CAPABILITIES returned 0 [ 1516.317333][T16475] usbtmc 8-1:16.0: can't read capabilities [ 1517.042847][ T9639] usbtmc 8-1:16.0: usb_control_msg returned -32 [ 1517.048459][ T5748] usb 8-1: USB disconnect, device number 2 [ 1517.191285][ T9649] [ 1517.191299][ T9649] ====================================================== [ 1517.191339][ T9649] WARNING: possible circular locking dependency detected [ 1517.191444][ T9649] syzkaller #0 Tainted: G L [ 1517.191455][ T9649] ------------------------------------------------------ [ 1517.191491][ T9649] syz.0.16193/9649 is trying to acquire lock: [ 1517.191535][ T9649] ffff88803f037950 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb8/0xe20 [ 1517.191617][ T9649] [ 1517.191617][ T9649] but task is already holding lock: [ 1517.191624][ T9649] ffff88803681b858 (&pipe->mutex){+.+.}-{4:4}, at: splice_file_to_pipe+0x40/0x6c0 [ 1517.191674][ T9649] [ 1517.191674][ T9649] which lock already depends on the new lock. [ 1517.191674][ T9649] [ 1517.191681][ T9649] [ 1517.191681][ T9649] the existing dependency chain (in reverse order) is: [ 1517.191688][ T9649] [ 1517.191688][ T9649] -> #9 (&pipe->mutex){+.+.}-{4:4}: [ 1517.191751][ T9649] mutex_lock_nested+0x5a/0x1d0 [ 1517.191779][ T9649] iter_file_splice_write+0x1f3/0x10f0 [ 1517.191807][ T9649] do_splice+0xef8/0x1940 [ 1517.191833][ T9649] __se_sys_splice+0x353/0x490 [ 1517.191862][ T9649] do_syscall_64+0x174/0x580 [ 1517.191881][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.191901][ T9649] [ 1517.191901][ T9649] -> #8 (sb_writers#5){.+.+}-{0:0}: [ 1517.191963][ T9649] lo_rw_aio+0xb1b/0xf00 [ 1517.191985][ T9649] loop_process_work+0x637/0x11b0 [ 1517.192005][ T9649] process_one_work+0x98b/0x1630 [ 1517.192034][ T9649] worker_thread+0xb49/0x1140 [ 1517.192051][ T9649] kthread+0x388/0x470 [ 1517.192075][ T9649] ret_from_fork+0x514/0xb70 [ 1517.192100][ T9649] ret_from_fork_asm+0x1a/0x30 [ 1517.192129][ T9649] [ 1517.192129][ T9649] -> #7 ((work_completion)(&lo->rootcg_work)){+.+.}-{0:0}: [ 1517.192157][ T9649] process_one_work+0x8d7/0x1630 [ 1517.192202][ T9649] worker_thread+0xb49/0x1140 [ 1517.192220][ T9649] kthread+0x388/0x470 [ 1517.192243][ T9649] ret_from_fork+0x514/0xb70 [ 1517.192268][ T9649] ret_from_fork_asm+0x1a/0x30 [ 1517.192295][ T9649] [ 1517.192295][ T9649] -> #6 ((wq_completion)loop2){+.+.}-{0:0}: [ 1517.192322][ T9649] touch_wq_lockdep_map+0xcb/0x180 [ 1517.192342][ T9649] __flush_workqueue+0x14b/0x14f0 [ 1517.192362][ T9649] drain_workqueue+0xd3/0x390 [ 1517.192383][ T9649] lo_release+0x287/0x8f0 [ 1517.192405][ T9649] bdev_release+0x541/0x660 [ 1517.192427][ T9649] blkdev_release+0x15/0x20 [ 1517.192450][ T9649] __fput+0x461/0xa70 [ 1517.192474][ T9649] fput_close_sync+0x11f/0x240 [ 1517.192499][ T9649] __x64_sys_close+0x7e/0x110 [ 1517.192525][ T9649] do_syscall_64+0x174/0x580 [ 1517.192544][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.192563][ T9649] [ 1517.192563][ T9649] -> #5 (&disk->open_mutex#4){+.+.}-{4:4}: [ 1517.192595][ T9649] mutex_lock_nested+0x5a/0x1d0 [ 1517.192620][ T9649] __del_gendisk+0x127/0x980 [ 1517.192646][ T9649] del_gendisk+0xe7/0x160 [ 1517.192671][ T9649] loop_remove+0x42/0xc0 [ 1517.192690][ T9649] loop_control_ioctl+0x4ba/0x5b0 [ 1517.192712][ T9649] __se_sys_ioctl+0xff/0x170 [ 1517.192729][ T9649] do_syscall_64+0x174/0x580 [ 1517.192748][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.192767][ T9649] [ 1517.192767][ T9649] -> #4 (&set->update_nr_hwq_lock){++++}-{4:4}: [ 1517.192794][ T9649] down_read+0x97/0x200 [ 1517.192810][ T9649] add_disk_fwnode+0xe7/0x480 [ 1517.192832][ T9649] loop_add+0x86e/0xb50 [ 1517.192850][ T9649] blk_request_module+0x27d/0x2a0 [ 1517.192884][ T9649] blkdev_get_no_open+0x3f/0xe0 [ 1517.192901][ T9649] blkdev_open+0x1f5/0x620 [ 1517.192921][ T9649] do_dentry_open+0x83d/0x13e0 [ 1517.192942][ T9649] vfs_open+0x3b/0x350 [ 1517.192962][ T9649] path_openat+0x2eea/0x3960 [ 1517.192988][ T9649] do_file_open+0x23e/0x4a0 [ 1517.193013][ T9649] do_sys_openat2+0x115/0x200 [ 1517.193035][ T9649] __x64_sys_creat+0x8f/0xc0 [ 1517.193057][ T9649] do_syscall_64+0x174/0x580 [ 1517.193073][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.193091][ T9649] [ 1517.193091][ T9649] -> #3 (major_names_lock){+.+.}-{4:4}: [ 1517.193117][ T9649] mutex_lock_nested+0x5a/0x1d0 [ 1517.193139][ T9649] blk_request_module+0x35/0x2a0 [ 1517.193163][ T9649] blkdev_get_no_open+0x3f/0xe0 [ 1517.193189][ T9649] bdev_file_open_by_dev+0xa0/0x240 [ 1517.193209][ T9649] swsusp_check+0x56/0x490 [ 1517.193232][ T9649] software_resume+0x51/0x4c0 [ 1517.193250][ T9649] resume_store+0x333/0x4f0 [ 1517.193267][ T9649] kernfs_fop_write_iter+0x3b0/0x540 [ 1517.193285][ T9649] vfs_write+0x629/0xba0 [ 1517.193312][ T9649] ksys_write+0x156/0x270 [ 1517.193339][ T9649] do_syscall_64+0x174/0x580 [ 1517.193356][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.193375][ T9649] [ 1517.193375][ T9649] -> #2 (system_transition_mutex){+.+.}-{4:4}: [ 1517.193402][ T9649] mutex_lock_nested+0x5a/0x1d0 [ 1517.193425][ T9649] lock_system_sleep+0x49/0x70 [ 1517.193448][ T9649] resume_store+0x2ff/0x4f0 [ 1517.193466][ T9649] kernfs_fop_write_iter+0x3b0/0x540 [ 1517.193483][ T9649] vfs_write+0x629/0xba0 [ 1517.193510][ T9649] ksys_write+0x156/0x270 [ 1517.193538][ T9649] do_syscall_64+0x174/0x580 [ 1517.193555][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.193574][ T9649] [ 1517.193574][ T9649] -> #1 (&of->mutex){+.+.}-{4:4}: [ 1517.193601][ T9649] mutex_lock_nested+0x5a/0x1d0 [ 1517.193625][ T9649] kernfs_seq_start+0x5c/0x420 [ 1517.193643][ T9649] seq_read_iter+0x3f8/0xe20 [ 1517.193662][ T9649] copy_splice_read+0x605/0xab0 [ 1517.193686][ T9649] splice_direct_to_actor+0x483/0xc80 [ 1517.193713][ T9649] do_splice_direct+0x19b/0x2a0 [ 1517.193739][ T9649] do_sendfile+0x547/0x7e0 [ 1517.193761][ T9649] __se_sys_sendfile64+0x144/0x1a0 [ 1517.193782][ T9649] do_syscall_64+0x174/0x580 [ 1517.193801][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.193819][ T9649] [ 1517.193819][ T9649] -> #0 (&p->lock){+.+.}-{4:4}: [ 1517.193846][ T9649] __lock_acquire+0x15a5/0x2d10 [ 1517.193871][ T9649] lock_acquire+0x106/0x350 [ 1517.193894][ T9649] mutex_lock_nested+0x5a/0x1d0 [ 1517.193918][ T9649] seq_read_iter+0xb8/0xe20 [ 1517.193937][ T9649] copy_splice_read+0x605/0xab0 [ 1517.193963][ T9649] splice_file_to_pipe+0x452/0x6c0 [ 1517.193990][ T9649] do_splice+0x1187/0x1940 [ 1517.194016][ T9649] __se_sys_splice+0x353/0x490 [ 1517.194044][ T9649] do_syscall_64+0x174/0x580 [ 1517.194062][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.194082][ T9649] [ 1517.194082][ T9649] other info that might help us debug this: [ 1517.194082][ T9649] [ 1517.194089][ T9649] Chain exists of: [ 1517.194089][ T9649] &p->lock --> sb_writers#5 --> &pipe->mutex [ 1517.194089][ T9649] [ 1517.194125][ T9649] Possible unsafe locking scenario: [ 1517.194125][ T9649] [ 1517.194133][ T9649] CPU0 CPU1 [ 1517.194203][ T9649] ---- ---- [ 1517.194240][ T9649] lock(&pipe->mutex); [ 1517.194256][ T9649] lock(sb_writers#5); [ 1517.194276][ T9649] lock(&pipe->mutex); [ 1517.194291][ T9649] lock(&p->lock); [ 1517.194304][ T9649] [ 1517.194304][ T9649] *** DEADLOCK *** [ 1517.194304][ T9649] [ 1517.194311][ T9649] 1 lock held by syz.0.16193/9649: [ 1517.194352][ T9649] #0: ffff88803681b858 (&pipe->mutex){+.+.}-{4:4}, at: splice_file_to_pipe+0x40/0x6c0 [ 1517.194433][ T9649] [ 1517.194433][ T9649] stack backtrace: [ 1517.194454][ T9649] CPU: 0 UID: 0 PID: 9649 Comm: syz.0.16193 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 1517.194480][ T9649] Tainted: [L]=SOFTLOCKUP [ 1517.194488][ T9649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1517.194503][ T9649] Call Trace: [ 1517.194515][ T9649] [ 1517.194578][ T9649] dump_stack_lvl+0xe8/0x150 [ 1517.194634][ T9649] print_circular_bug+0x2e1/0x300 [ 1517.194667][ T9649] check_noncircular+0x12e/0x150 [ 1517.194701][ T9649] __lock_acquire+0x15a5/0x2d10 [ 1517.194737][ T9649] ? rcu_is_watching+0x15/0xb0 [ 1517.194807][ T9649] ? seq_read_iter+0xb8/0xe20 [ 1517.194828][ T9649] lock_acquire+0x106/0x350 [ 1517.194854][ T9649] ? seq_read_iter+0xb8/0xe20 [ 1517.194877][ T9649] ? seq_read_iter+0xb8/0xe20 [ 1517.194902][ T9649] ? seq_read_iter+0xb8/0xe20 [ 1517.194922][ T9649] mutex_lock_nested+0x5a/0x1d0 [ 1517.194948][ T9649] ? seq_read_iter+0xb8/0xe20 [ 1517.194971][ T9649] seq_read_iter+0xb8/0xe20 [ 1517.194993][ T9649] ? alloc_pages_bulk_noprof+0x67e/0x890 [ 1517.195025][ T9649] ? trace_kmalloc+0x2a/0xf0 [ 1517.195053][ T9649] ? __asan_memset+0x22/0x50 [ 1517.195078][ T9649] copy_splice_read+0x605/0xab0 [ 1517.195111][ T9649] ? __pfx_copy_splice_read+0x10/0x10 [ 1517.195142][ T9649] ? lockdep_hardirqs_on+0x7a/0x110 [ 1517.195162][ T9649] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1517.195203][ T9649] ? mutex_lock_nested+0x152/0x1d0 [ 1517.195226][ T9649] ? splice_file_to_pipe+0x40/0x6c0 [ 1517.195256][ T9649] splice_file_to_pipe+0x452/0x6c0 [ 1517.195295][ T9649] do_splice+0x1187/0x1940 [ 1517.195335][ T9649] ? __pfx_do_splice+0x10/0x10 [ 1517.195367][ T9649] __se_sys_splice+0x353/0x490 [ 1517.195399][ T9649] ? __pfx___se_sys_splice+0x10/0x10 [ 1517.195431][ T9649] ? __x64_sys_splice+0x21/0xf0 [ 1517.195460][ T9649] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.195482][ T9649] do_syscall_64+0x174/0x580 [ 1517.195501][ T9649] ? trace_irq_disable+0x3b/0x140 [ 1517.195526][ T9649] ? clear_bhb_loop+0x40/0x90 [ 1517.195550][ T9649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1517.195571][ T9649] RIP: 0033:0x7f4bdd2bce59 [ 1517.195590][ T9649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1517.195609][ T9649] RSP: 002b:00007f4bdb50e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 1517.195631][ T9649] RAX: ffffffffffffffda RBX: 00007f4bdd535fa0 RCX: 00007f4bdd2bce59 [ 1517.195647][ T9649] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 1517.195660][ T9649] RBP: 00007f4bdd352d6f R08: 0000000000039000 R09: 0000000000000000 [ 1517.195673][ T9649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1517.195686][ T9649] R13: 00007f4bdd536038 R14: 00007f4bdd535fa0 R15: 00007ffc31e21848 [ 1517.195710][ T9649]