last executing test programs: 7m32.563857538s ago: executing program 4 (id=1535): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r2, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='ex+\x88\xfe\xf7\x01') 7m32.405796353s ago: executing program 4 (id=1539): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/profiling', 0x40001, 0x86) write$binfmt_misc(r3, &(0x7f0000000040)='-~', 0x2) 7m32.268901137s ago: executing program 4 (id=1543): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r2, 0x0, 0x22, 0x0, 0x0) 7m32.14080134s ago: executing program 4 (id=1547): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) 7m31.916819762s ago: executing program 4 (id=1551): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSTI(r2, 0x5412, 0x0) 7m31.396824715s ago: executing program 4 (id=1562): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="1100000052000100000000000000000002"], 0x20}}, 0x0) 7m31.236370841s ago: executing program 32 (id=1562): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="1100000052000100000000000000000002"], 0x20}}, 0x0) 6m28.715335777s ago: executing program 3 (id=2695): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000080), 0x10) sendmsg$can_bcm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB='\a'], 0x48}, 0x1, 0x0, 0x0, 0xc4}, 0x0) 6m28.594338019s ago: executing program 3 (id=2698): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r2, &(0x7f0000009740)=[{{&(0x7f00000032c0)={0xa, 0x4e22, 0x10000, @local, 0x101}, 0x1c, 0x0, 0x0, &(0x7f0000003840)=[@flowinfo={{0x14, 0x29, 0x37, 0xffff}}], 0x18}}], 0x1, 0x24008085) 6m28.509504868s ago: executing program 3 (id=2701): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) futex(&(0x7f0000000100), 0x6, 0x2, &(0x7f00000001c0), 0x0, 0x1) 6m27.316742337s ago: executing program 3 (id=2719): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3001009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]}) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x14a0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0) setxattr$security_capability(&(0x7f0000000140)='./file1\x00', &(0x7f0000000200), 0x0, 0x0, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8042, 0x0) 6m26.438360155s ago: executing program 3 (id=2732): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = getpgrp(0x0) tkill(r3, 0x0) 6m25.260532643s ago: executing program 3 (id=2749): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 6m25.073653402s ago: executing program 33 (id=2749): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 1.004585188s ago: executing program 2 (id=9668): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000ffff27bd", @ANYRES32=0x0, @ANYBLOB="715a0300231a05"], 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) 867.897922ms ago: executing program 2 (id=9674): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) 735.222226ms ago: executing program 2 (id=9678): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_SREGS2(r4, 0x4140aecd, &(0x7f0000000140)={{0xffff0000, 0x1000, 0xf000, 0x9, 0x80, 0xb, 0x81, 0xff, 0x0, 0x84, 0x0, 0xb}, {0x6002, 0x0, 0xa, 0x3, 0x3, 0x6, 0x6, 0x6, 0x1, 0x4, 0x0, 0x11}, {0x5000, 0x7fffffe, 0x4, 0x4, 0x10, 0x81, 0x4, 0x13, 0x5, 0x4, 0x92, 0x80}, {0xeeee0000, 0x4, 0xe, 0x7, 0x1, 0x40, 0x2, 0x0, 0xfd, 0x29, 0x9, 0x8}, {0x80a0000, 0xdddd0000, 0x9, 0x9, 0x80, 0xb, 0xfd, 0xf1, 0x2, 0x6e, 0x2, 0x8}, {0xf000, 0xd5d71000, 0x9, 0x2, 0xaa, 0x2, 0x5, 0x5, 0x1, 0xe, 0x6, 0x3}, {0xeeee8000, 0x10000, 0xc, 0x0, 0xcd, 0x6, 0x5, 0x26, 0x8, 0xcd, 0xff, 0x6}, {0x1, 0x1000, 0xd, 0xe, 0x13, 0x40, 0xff, 0xfd, 0x1, 0x1, 0xf, 0xa}, {0x100000, 0x5}, {0xeeef0000, 0xff81}, 0x80000003, 0x0, 0xd000, 0x1a1, 0x4, 0xd01, 0xeeee8000, 0x0, [0xb, 0x2, 0x0, 0x2003]}) 734.753835ms ago: executing program 6 (id=9679): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000100)={0x4, 0xe7, 0x6, 0xfffffbfe, 0x9, "ea7174ddb80fc7000002f7ffffffffd2a2d975", 0x4, 0x4}) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="020300091b0000000000000000000000040003000000000000000000000000000000000000000000000000000000000005000600000000000a00000000000000fe8000000000000000000000000000bb00000000000000000400040000000000000000000000000000000000000000000000000000000000020001000000000000000000000000ff05000500000000000a00000000000000fe8896380000000000000001000000010000000000000000030007000000000002004e24ac14141f0000000000000000020013"], 0xd8}}, 0x0) 730.944316ms ago: executing program 1 (id=9688): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) ioctl$USBDEVFS_RESET(r3, 0x5514) 632.666766ms ago: executing program 5 (id=9681): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) io_setup(0x9bb1, &(0x7f0000000040)=0x0) io_submit(r3, 0x1, &(0x7f0000000480)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x8, r2, 0x0, 0x0, 0x0, 0x0, 0x4}]) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r4, 0x0, 0x0, 0x200007fd, 0x0, 0x0) 631.948456ms ago: executing program 6 (id=9682): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x800) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) tee(r3, r4, 0xfffffffffffffc01, 0x0) 565.800582ms ago: executing program 0 (id=9683): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6(0xa, 0x80802, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x1) sendmmsg$inet6(r2, &(0x7f0000007240)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x3, @mcast2, 0x7}, 0x1c, 0x0}}], 0x1, 0x1c000) write(r2, 0x0, 0x0) 564.978973ms ago: executing program 1 (id=9684): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) signalfd(r2, &(0x7f0000000040)={[0x9]}, 0x8) 540.664055ms ago: executing program 2 (id=9685): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r2, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18004a58de4c6347c59000000000000071123200000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) 505.903939ms ago: executing program 6 (id=9686): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) 459.863233ms ago: executing program 0 (id=9687): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0xffffffff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c) 440.462915ms ago: executing program 1 (id=9689): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0x2, &(0x7f00000003c0)=0x2, 0x4) 416.672338ms ago: executing program 6 (id=9690): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0) poll(&(0x7f0000000040)=[{r3, 0x1040}], 0x1, 0x0) 416.365588ms ago: executing program 5 (id=9691): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) 415.877908ms ago: executing program 2 (id=9692): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat$null(0xffffffffffffff9c, 0x0, 0x1d4e, 0x103) 341.221035ms ago: executing program 5 (id=9693): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x8400, 0x0) ioctl$RNDADDTOENTCNT(r3, 0x40045201, 0x0) 340.558825ms ago: executing program 6 (id=9694): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) personality(0x8001a0ffffffff) 323.270877ms ago: executing program 0 (id=9695): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, 0x0, 0x0) 247.270725ms ago: executing program 1 (id=9696): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r2, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10) 247.047185ms ago: executing program 5 (id=9697): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioprio_get$pid(0x3, 0x0) 246.577085ms ago: executing program 2 (id=9698): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f00000027c0)=[{{&(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x20000001}}], 0x1, 0x0) 229.872837ms ago: executing program 0 (id=9699): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)=ANY=[@ANYBLOB="28000000130001"], 0x28}], 0x1}, 0x0) 184.091571ms ago: executing program 6 (id=9700): r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_MCAST_RATE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r6, 0x1, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x11}, 0x80) 163.412533ms ago: executing program 1 (id=9701): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x8, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 88.855891ms ago: executing program 5 (id=9702): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x5, 0x0, 0xff, 0x0, 0xffc0, 0x3}, &(0x7f0000000180)=0x20) 88.132361ms ago: executing program 0 (id=9703): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) 24.853527ms ago: executing program 1 (id=9704): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_pidfd_open(r2, 0x0) r4 = dup(r3) fsetxattr$trusted_overlay_upper(r4, &(0x7f0000000000), 0x0, 0xffffffee, 0x1) 24.368417ms ago: executing program 5 (id=9705): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000003c0)={'syz0\x00', {0x9, 0x0, 0x1, 0x400}, 0x36, [0xfffffffe, 0x0, 0x0, 0x0, 0x1, 0xfffffffc, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xa, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x9f1, 0x0, 0x0, 0x4, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x6, 0x0, 0x58, 0x0, 0x9, 0x0, 0xffffbffc, 0xfffffff8, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8, 0x6], [0x2, 0x1, 0x0, 0xffffbffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff57, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40, 0x400, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x6, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x55], [0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xbd8f, 0x0, 0x4, 0x0, 0xfffffffd, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x10001, 0x810, 0x0, 0x0, 0x0, 0x800040, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xfffffffe, 0x0, 0xc9d2, 0x0, 0x0, 0x0, 0x0, 0x1c00000, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x1, 0x0, 0x0, 0x1, 0x4, 0x2000000], [0x4, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x1, 0x0, 0xb1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x1000, 0xfffffffc, 0x8, 0x9, 0x0, 0x0, 0x80, 0x6a1, 0x0, 0x0, 0x0, 0x0, 0x8f4]}, 0x45c) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x852}, 0x94) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r1, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) 0s ago: executing program 0 (id=9706): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e) r3 = socket$unix(0x1, 0x1, 0x0) connect$unix(r3, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e21}, 0x6e) kernel console output (not intermixed with test programs): n on journal [ 318.940193][T15940] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 319.000922][ T1107] elecom 0003:056E:00FF.0004: item fetching failed at offset 0/3 [ 319.019108][ T1107] elecom: probe of 0003:056E:00FF.0004 failed with error -22 [ 319.175202][ T7880] ocfs2: Unmounting device (7,5) on (node local) [ 319.221539][ T4292] usb 3-1: USB disconnect, device number 9 [ 319.505756][ T26] audit: type=1326 audit(2000000118.626:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15960 comm="syz.0.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 319.588378][ T26] audit: type=1326 audit(2000000118.626:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15960 comm="syz.0.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 319.611840][ T26] audit: type=1326 audit(2000000118.656:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15960 comm="syz.0.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 319.653336][ T26] audit: type=1326 audit(2000000118.656:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15960 comm="syz.0.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 319.682460][ T26] audit: type=1326 audit(2000000118.656:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15960 comm="syz.0.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 319.744250][ T26] audit: type=1326 audit(2000000118.656:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15960 comm="syz.0.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 319.750184][T15971] syz.0.4917[15971] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.818176][T15971] syz.0.4917[15971] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 319.823181][ T26] audit: type=1326 audit(2000000118.656:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15960 comm="syz.0.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 319.866211][ T26] audit: type=1326 audit(2000000118.656:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15960 comm="syz.0.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 319.918966][ T8276] dvb_usb_rtl28xxu: probe of 7-1:0.0 failed with error -71 [ 319.957231][ T8276] usb 7-1: USB disconnect, device number 7 [ 320.048909][ T26] audit: type=1326 audit(2000000119.166:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15953 comm="syz.1.4910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1711d0d6c9 code=0x7fc00000 [ 320.133085][ T26] audit: type=1326 audit(2000000119.166:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15953 comm="syz.1.4910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1711d0d6c9 code=0x7fc00000 [ 320.288214][T15992] binder: BINDER_SET_CONTEXT_MGR already set [ 320.313629][T15992] binder: 15989:15992 ioctl 4018620d 200000004a80 returned -16 [ 320.717163][T16019] binder: Bad value for 'max' [ 320.728336][T16021] 9pnet: p9_fd_create_unix (16021): problem connecting socket: ./bus: -2 [ 321.010618][T16035] binder: 16029:16035 ioctl c0306201 2000000001c0 returned -14 [ 321.211552][T16044] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 321.281842][T16044] overlayfs: missing 'lowerdir' [ 323.507279][T16126] IPv6: syztnl0: Disabled Multicast RS [ 323.739105][T13007] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 324.009022][T13007] usb 7-1: Using ep0 maxpacket: 32 [ 324.085813][T16155] overlayfs: conflicting options: userxattr,redirect_dir=off [ 324.209082][T13007] usb 7-1: unable to get BOS descriptor or descriptor too short [ 324.339135][T13007] usb 7-1: config 7 has an invalid interface number: 128 but max is 0 [ 324.347376][T13007] usb 7-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 324.399090][T13007] usb 7-1: config 7 has no interface number 0 [ 324.405229][T13007] usb 7-1: config 7 interface 128 altsetting 2 has an invalid endpoint with address 0x17, skipping [ 324.449338][T13007] usb 7-1: config 7 interface 128 altsetting 2 endpoint 0x87 has invalid wMaxPacketSize 0 [ 324.464144][T13007] usb 7-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 324.488888][T13007] usb 7-1: config 7 interface 128 has no altsetting 0 [ 324.495925][ T1107] Bluetooth: hci1: command 0x0406 tx timeout [ 324.578599][ T26] kauditd_printk_skb: 67 callbacks suppressed [ 324.578614][ T26] audit: type=1326 audit(2000000123.696:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16177 comm="syz.5.5014" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9804aec6c9 code=0x0 [ 324.709361][T13007] usb 7-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13 [ 324.728657][T13007] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.744617][T16159] loop2: detected capacity change from 0 to 32768 [ 324.771437][T13007] usb 7-1: Product: syz [ 324.775640][T13007] usb 7-1: Manufacturer: syz [ 324.788845][T13007] usb 7-1: SerialNumber: syz [ 324.839428][T16121] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 324.856538][T16159] JBD2: Ignoring recovery information on journal [ 324.937659][T16159] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 325.052765][ T4638] ocfs2: Unmounting device (7,2) on (node local) [ 325.241429][T13007] usb 7-1: MIDIStreaming interface descriptor not found [ 325.298995][T13007] usb 7-1: USB disconnect, device number 8 [ 325.581893][ T5584] udevd[5584]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:7.128/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 326.250644][T16221] device batadv_slave_1 entered promiscuous mode [ 326.283789][T16220] device batadv_slave_1 left promiscuous mode [ 327.444217][T16242] overlayfs: conflicting options: userxattr,metacopy=on [ 327.775682][ T9] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 327.846225][T16264] overlayfs: missing 'workdir' [ 327.940023][T16276] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5060'. [ 328.233120][T16295] wireguard: wg2: Could not create IPv4 socket [ 328.250383][T16299] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5069'. [ 328.304712][T16299] netlink: 43 bytes leftover after parsing attributes in process `syz.2.5069'. [ 328.319070][T16299] netlink: 'syz.2.5069': attribute type 5 has an invalid length. [ 328.354296][T16299] netlink: 43 bytes leftover after parsing attributes in process `syz.2.5069'. [ 328.730746][ T26] audit: type=1326 audit(2000000127.856:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16323 comm="syz.6.5079" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x0 [ 328.812627][T16330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5083'. [ 329.224995][T16354] usb usb7: usbfs: process 16354 (syz.5.5094) did not claim interface 0 before use [ 329.320674][T16358] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 329.345801][T13007] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 329.355992][T16362] netlink: 'syz.0.5095': attribute type 11 has an invalid length. [ 329.614585][T13007] usb 2-1: Using ep0 maxpacket: 32 [ 329.781694][T13007] usb 2-1: unable to get BOS descriptor or descriptor too short [ 329.801492][T16378] overlayfs: failed to resolve '/ [ 329.801492][T16378] ': -2 [ 329.869430][T13007] usb 2-1: config 7 has an invalid interface number: 128 but max is 0 [ 329.881559][T13007] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 329.912848][T13007] usb 2-1: config 7 has no interface number 0 [ 329.926695][T13007] usb 2-1: config 7 interface 128 altsetting 2 has an invalid endpoint with address 0x17, skipping [ 329.951418][T13007] usb 2-1: config 7 interface 128 altsetting 2 endpoint 0x87 has invalid wMaxPacketSize 0 [ 329.976339][T13007] usb 2-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 330.017226][T13007] usb 2-1: config 7 interface 128 has no altsetting 0 [ 330.209462][T13007] usb 2-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13 [ 330.234511][T13007] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.252526][T13007] usb 2-1: Product: syz [ 330.264092][T13007] usb 2-1: Manufacturer: syz [ 330.285708][T13007] usb 2-1: SerialNumber: syz [ 330.339323][T16342] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 330.779037][T13007] usb 2-1: MIDIStreaming interface descriptor not found [ 330.858233][T13007] usb 2-1: USB disconnect, device number 12 [ 330.961989][T16388] loop2: detected capacity change from 0 to 32768 [ 331.024330][T16388] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.5108 (16388) [ 331.044957][ T5584] udevd[5584]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:7.128/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 331.105551][T16432] input: syz1 as /devices/virtual/input/input13 [ 331.121884][T16388] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 331.134739][T16432] input: failed to attach handler leds to device input13, error: -6 [ 331.154173][T16388] BTRFS info (device loop2): turning off barriers [ 331.198944][T16388] BTRFS info (device loop2): setting nodatasum [ 331.205158][T16388] BTRFS info (device loop2): enabling auto defrag [ 331.245970][T16388] BTRFS info (device loop2): disabling tree log [ 331.294286][T16388] BTRFS info (device loop2): using free space tree [ 331.304592][T16441] netlink: 'syz.6.5131': attribute type 12 has an invalid length. [ 331.318908][T16388] BTRFS info (device loop2): has skinny extents [ 331.752082][T16388] BTRFS info (device loop2): enabling ssd optimizations [ 331.835493][T16490] tap0: tun_chr_ioctl cmd 1074025675 [ 331.845267][T16490] tap0: persist enabled [ 332.102578][T16503] bridge0: port 2(bridge_slave_1) entered disabled state [ 334.132625][T16541] loop2: detected capacity change from 0 to 164 [ 334.204939][T16546] kvm [16544]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled wrmsr: 0x40000034 data 0x8 [ 334.614121][T16570] loop2: detected capacity change from 0 to 1024 [ 334.828623][T16570] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5178'. [ 335.017584][T16588] tipc: Enabling of bearer rejected, failed to enable media [ 335.386601][ T4276] Bluetooth: hci5: Frame reassembly failed (-84) [ 335.875721][T16615] loop6: detected capacity change from 0 to 4096 [ 335.945438][T16615] EXT4-fs (loop6): Test dummy encryption mode enabled [ 335.999608][T16615] EXT4-fs (loop6): mounted filesystem without journal. Opts: test_dummy_encryption=v1,dioread_nolock,,errors=continue. Quota mode: writeback. [ 336.593631][T16648] loop1: detected capacity change from 0 to 16 [ 336.658249][T16648] erofs: (device loop1): mounted with root inode @ nid 36. [ 336.714515][T16654] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5215'. [ 336.715035][T16626] infiniband syz1: set active [ 336.769718][T16626] infiniband syz1: added syz_tun [ 336.931954][T16626] RDS/IB: syz1: added [ 336.936476][T16626] smc: adding ib device syz1 with port count 1 [ 336.943713][T16626] smc: ib device syz1 port 1 has pnetid [ 337.099687][T16665] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5220'. [ 337.398980][T13007] Bluetooth: hci5: command 0x1003 tx timeout [ 337.405083][ T4193] Bluetooth: hci5: sending frame failed (-49) [ 337.675713][T16689] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5231'. [ 338.108920][ T4252] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 338.215883][T16712] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5242'. [ 338.294791][T16716] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5244'. [ 338.348934][ T4252] usb 2-1: Using ep0 maxpacket: 8 [ 338.469086][ T4252] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 338.518870][ T4252] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 338.530833][ T4252] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 338.541558][ T4252] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 338.555370][ T4252] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 338.569750][ T4252] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.660309][T16727] netlink: 104 bytes leftover after parsing attributes in process `syz.6.5249'. [ 338.859083][ T4252] usb 2-1: GET_CAPABILITIES returned 0 [ 338.864880][ T4252] usbtmc 2-1:16.0: can't read capabilities [ 339.259539][T16761] loop5: detected capacity change from 0 to 16 [ 339.312587][T16763] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 339.352068][T16761] erofs: (device loop5): mounted with root inode @ nid 36. [ 339.469608][T13007] Bluetooth: hci5: command 0x1001 tx timeout [ 339.475792][ T4193] Bluetooth: hci5: sending frame failed (-49) [ 339.608089][T16759] loop6: detected capacity change from 0 to 32768 [ 339.628031][T16759] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.5264 (16759) [ 339.682849][T16759] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm [ 339.699627][T16759] BTRFS info (device loop6): turning off barriers [ 339.706721][T16759] BTRFS info (device loop6): setting nodatasum [ 339.718887][T16759] BTRFS info (device loop6): enabling auto defrag [ 339.725460][T16759] BTRFS info (device loop6): disabling tree log [ 339.748845][T16759] BTRFS info (device loop6): using free space tree [ 339.755444][T16759] BTRFS info (device loop6): has skinny extents [ 339.815650][ T4252] usb 2-1: USB disconnect, device number 13 [ 339.957081][T16759] BTRFS info (device loop6): enabling ssd optimizations [ 340.277424][ T4641] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop6 scanned by udevd (4641) [ 340.611124][T16828] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5286'. [ 340.705107][T16830] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 341.225577][T16865] loop2: detected capacity change from 0 to 16 [ 341.280217][T16865] erofs: (device loop2): mounted with root inode @ nid 36. [ 341.529655][T16880] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5309'. [ 341.546251][T16882] netlink: 104 bytes leftover after parsing attributes in process `syz.1.5319'. [ 341.555597][ T1324] Bluetooth: hci5: command 0x1009 tx timeout [ 341.556395][T16882] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5319'. [ 341.570989][T16882] tc_dump_action: action bad kind [ 341.921011][T16905] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5321'. [ 342.091517][T16908] loop2: detected capacity change from 0 to 4096 [ 342.173265][T16908] EXT4-fs (loop2): Test dummy encryption mode enabled [ 342.219555][T16908] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption=v1,dioread_nolock,,errors=continue. Quota mode: writeback. [ 342.674836][T16938] loop6: detected capacity change from 0 to 256 [ 342.713504][T16938] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 342.790700][T16938] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 343.007460][T16949] loop5: detected capacity change from 0 to 4096 [ 343.095761][T16949] EXT4-fs (loop5): Test dummy encryption mode enabled [ 343.125443][T16949] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption=v1,dioread_nolock,,errors=continue. Quota mode: writeback. [ 343.237317][ T26] audit: type=1326 audit(2000000142.356:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16961 comm="syz.6.5346" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x0 [ 343.670939][T16984] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 343.807481][T16992] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5361'. [ 344.134538][T17018] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5374'. [ 344.437295][T17040] netlink: 528 bytes leftover after parsing attributes in process `syz.6.5382'. [ 344.781242][T17066] overlayfs: failed to resolve './file1': -2 [ 346.029388][T17072] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5399'. [ 346.152923][T17081] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5401'. [ 346.370339][T17089] rdma_rxe: rxe_register_device failed with error -23 [ 346.387160][T17089] rdma_rxe: failed to add syz_tun [ 346.466161][T17095] 9pnet: Insufficient options for proto=fd [ 346.501179][T17097] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5410'. [ 346.676782][T17102] loop6: detected capacity change from 0 to 2048 [ 346.832209][T17102] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 346.888011][T17102] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 347.017471][T17120] netlink: 'syz.2.5428': attribute type 6 has an invalid length. [ 347.447279][T17142] loop1: detected capacity change from 0 to 2048 [ 347.466165][T17150] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5434'. [ 347.585296][T17142] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 347.620571][T17142] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 347.866744][T17168] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5440'. [ 348.577776][T17208] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5459'. [ 348.617126][T17210] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5461'. [ 348.876897][T17222] loop1: detected capacity change from 0 to 512 [ 349.035296][T17222] EXT4-fs (loop1): Ignoring removed bh option [ 349.097830][T17222] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 349.137724][T17222] EXT4-fs (loop1): orphan cleanup on readonly fs [ 349.160689][T17222] EXT4-fs (loop1): 1 truncate cleaned up [ 349.167825][T17222] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,resgid=0x000000000000ee00,bh,noload,data_err=ignore,abort,,errors=continue. Quota mode: writeback. [ 349.488688][T17253] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5476'. [ 351.449519][T17326] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5510'. [ 351.501458][T17330] netlink: 104 bytes leftover after parsing attributes in process `syz.5.5512'. [ 351.683870][T17338] tmpfs: Bad value for 'huge' [ 351.747669][T17342] binder: 17341:17342 ioctl 80089418 0 returned -22 [ 351.942939][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 351.966134][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.149972][T17368] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5531'. [ 352.330215][T17380] netlink: 280 bytes leftover after parsing attributes in process `syz.0.5537'. [ 352.426681][T17385] loop6: detected capacity change from 0 to 64 [ 352.618175][T17385] hfs: get root inode failed [ 354.342755][T17415] netlink: 76 bytes leftover after parsing attributes in process `syz.0.5552'. [ 354.355696][T17415] unsupported nlmsg_type 40 [ 355.821021][T17514] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5596'. [ 356.290667][ T26] audit: type=1326 audit(2000000155.416:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 356.358808][ T26] audit: type=1326 audit(2000000155.416:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 356.469280][ T26] audit: type=1326 audit(2000000155.426:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 356.569826][ T26] audit: type=1326 audit(2000000155.426:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 356.696443][ T26] audit: type=1326 audit(2000000155.426:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 356.754775][T17566] netlink: 108 bytes leftover after parsing attributes in process `syz.5.5619'. [ 356.770360][ T26] audit: type=1326 audit(2000000155.426:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 356.864328][ T26] audit: type=1326 audit(2000000155.426:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 356.958585][ T26] audit: type=1326 audit(2000000155.426:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 356.966732][T17578] netlink: 120 bytes leftover after parsing attributes in process `syz.2.5626'. [ 357.065746][ T26] audit: type=1326 audit(2000000155.426:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 357.068697][T17578] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5626'. [ 357.154309][T17578] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5626'. [ 357.179708][ T26] audit: type=1326 audit(2000000155.426:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.0.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 357.191234][T17578] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5626'. [ 357.620600][T17604] loop6: detected capacity change from 0 to 1024 [ 357.654621][T17604] EXT4-fs (loop6): Ignoring removed orlov option [ 357.703895][T17604] EXT4-fs (loop6): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 358.097591][T17623] netlink: 84 bytes leftover after parsing attributes in process `syz.2.5644'. [ 358.328549][T17629] loop6: detected capacity change from 0 to 128 [ 358.424524][T17629] EXT4-fs (loop6): Test dummy encryption mode enabled [ 358.533842][T17629] EXT4-fs (loop6): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 358.559064][T17629] ext4 filesystem being mounted at /458/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 358.694890][T17652] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on. [ 359.936015][T17707] loop6: detected capacity change from 0 to 4096 [ 359.954666][T17707] ntfs3: Unknown parameter 'windows_names' [ 360.309002][T13007] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 360.313493][T17735] loop2: detected capacity change from 0 to 1024 [ 360.578969][T13007] usb 7-1: Using ep0 maxpacket: 16 [ 360.709342][T13007] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 360.899270][T13007] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 360.929908][T13007] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.938089][T13007] usb 7-1: Product: syz [ 360.970989][T17767] loop2: detected capacity change from 0 to 256 [ 360.983229][T13007] usb 7-1: Manufacturer: syz [ 360.988451][T13007] usb 7-1: SerialNumber: syz [ 360.996094][T17769] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on. [ 361.147637][T17767] FAT-fs (loop2): Directory bread(block 64) failed [ 361.160925][T17767] FAT-fs (loop2): Directory bread(block 65) failed [ 361.187602][T17767] FAT-fs (loop2): Directory bread(block 66) failed [ 361.207006][T17767] FAT-fs (loop2): Directory bread(block 67) failed [ 361.231302][T17767] FAT-fs (loop2): Directory bread(block 68) failed [ 361.272147][T17767] FAT-fs (loop2): Directory bread(block 69) failed [ 361.315660][T17767] FAT-fs (loop2): Directory bread(block 70) failed [ 361.339023][T13007] usb 7-1: 0:2 : does not exist [ 361.352965][T17767] FAT-fs (loop2): Directory bread(block 71) failed [ 361.372197][T17767] FAT-fs (loop2): Directory bread(block 72) failed [ 361.392864][T17767] FAT-fs (loop2): Directory bread(block 73) failed [ 361.417160][T13007] usb 7-1: USB disconnect, device number 9 [ 361.720179][ T4641] udevd[4641]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 362.622038][T17869] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5757'. [ 362.667151][T17871] loop0: detected capacity change from 0 to 128 [ 362.759652][T17871] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 362.774506][T17871] ext4 filesystem being mounted at /1166/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 363.002794][ T26] kauditd_printk_skb: 29 callbacks suppressed [ 363.002807][ T26] audit: type=1326 audit(2000000162.126:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.0.5764" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x0 [ 363.653190][T17906] loop5: detected capacity change from 0 to 256 [ 363.698448][T17898] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5771'. [ 363.820737][T17906] FAT-fs (loop5): Directory bread(block 64) failed [ 363.833621][T17906] FAT-fs (loop5): Directory bread(block 65) failed [ 363.857496][T17906] FAT-fs (loop5): Directory bread(block 66) failed [ 363.868463][T17906] FAT-fs (loop5): Directory bread(block 67) failed [ 363.896741][T17906] FAT-fs (loop5): Directory bread(block 68) failed [ 363.906626][T17906] FAT-fs (loop5): Directory bread(block 69) failed [ 363.919169][T17908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5775'. [ 363.933307][T17906] FAT-fs (loop5): Directory bread(block 70) failed [ 363.949032][T17906] FAT-fs (loop5): Directory bread(block 71) failed [ 363.956610][T17906] FAT-fs (loop5): Directory bread(block 72) failed [ 363.963542][T17906] FAT-fs (loop5): Directory bread(block 73) failed [ 364.288947][T17924] loop0: detected capacity change from 0 to 1024 [ 365.395416][T17935] loop1: detected capacity change from 0 to 8192 [ 365.525226][T17935] FAT-fs (loop1): bogus number of directory entries (9) [ 365.548024][T17935] FAT-fs (loop1): Can't find a valid FAT filesystem [ 365.560769][T17961] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5795'. [ 365.591821][T17961] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5795'. [ 365.623851][T17961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5795'. [ 365.652569][T17961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5795'. [ 365.669986][T17963] loop5: detected capacity change from 0 to 1024 [ 365.875149][T17976] netlink: 'syz.5.5802': attribute type 11 has an invalid length. [ 365.917035][T17976] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5802'. [ 366.205664][T17995] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5810'. [ 366.296534][T17997] netlink: 'syz.0.5811': attribute type 4 has an invalid length. [ 366.361088][T17997] netlink: 17 bytes leftover after parsing attributes in process `syz.0.5811'. [ 366.823913][T18024] loop2: detected capacity change from 0 to 256 [ 366.865816][T18032] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 366.937211][T18024] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 368.397051][T18065] tipc: Failed to remove unknown binding: 66,1,1/4269801488:1241809458/1241809460 [ 368.459057][T18065] tipc: Failed to remove unknown binding: 66,1,1/4269801488:1241809458/1241809460 [ 368.481215][T18073] fuse: Bad value for 'fd' [ 368.725324][T18076] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 368.771948][T18076] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 368.913409][ T26] audit: type=1326 audit(2000000168.036:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18095 comm="syz.2.5856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7fc00000 [ 369.699313][T18100] netlink: 'syz.6.5858': attribute type 4 has an invalid length. [ 369.707186][T18100] __nla_validate_parse: 2 callbacks suppressed [ 369.707205][T18100] netlink: 17 bytes leftover after parsing attributes in process `syz.6.5858'. [ 370.010897][T18119] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 370.206229][T18127] netlink: 'syz.0.5879': attribute type 4 has an invalid length. [ 370.244649][T18127] netlink: 'syz.0.5879': attribute type 21 has an invalid length. [ 370.288533][T18127] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.5879'. [ 370.340868][T18133] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5870'. [ 370.588474][T18141] netlink: 'syz.2.5875': attribute type 4 has an invalid length. [ 370.614901][T18141] netlink: 17 bytes leftover after parsing attributes in process `syz.2.5875'. [ 371.202190][T18168] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5886'. [ 371.436664][T18183] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 371.625827][T18195] overlayfs: workdir and upperdir must reside under the same mount [ 371.974411][T18213] loop0: detected capacity change from 0 to 256 [ 372.058277][T18213] FAT-fs (loop0): Directory bread(block 64) failed [ 372.076469][T18213] FAT-fs (loop0): Directory bread(block 65) failed [ 372.107543][T18213] FAT-fs (loop0): Directory bread(block 66) failed [ 372.126240][T18219] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 372.135294][T18213] FAT-fs (loop0): Directory bread(block 67) failed [ 372.152624][T18213] FAT-fs (loop0): Directory bread(block 68) failed [ 372.173759][T18213] FAT-fs (loop0): Directory bread(block 69) failed [ 372.199065][T18213] FAT-fs (loop0): Directory bread(block 70) failed [ 372.236565][T18213] FAT-fs (loop0): Directory bread(block 71) failed [ 372.248309][T18213] FAT-fs (loop0): Directory bread(block 72) failed [ 372.255444][T18213] FAT-fs (loop0): Directory bread(block 73) failed [ 372.450614][T18231] loop1: detected capacity change from 0 to 128 [ 372.950681][T18231] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 373.144076][T18231] ext4 filesystem being mounted at /1237/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 373.677741][T18271] loop1: detected capacity change from 0 to 164 [ 373.806205][T18278] loop2: detected capacity change from 0 to 128 [ 373.910396][T18278] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 373.923892][T18278] ext4 filesystem being mounted at /1108/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 374.061210][ T26] audit: type=1326 audit(2000000173.186:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18284 comm="syz.6.5941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7fc00000 [ 374.215986][T18293] overlayfs: statfs failed on './file0' [ 374.303172][ T26] audit: type=1326 audit(2000000173.426:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18297 comm="syz.5.5946" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9804aec6c9 code=0x0 [ 374.646609][T18314] loop5: detected capacity change from 0 to 128 [ 374.727539][ T26] audit: type=1326 audit(2000000173.846:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18318 comm="syz.0.5955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7fc00000 [ 374.826967][T18314] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 374.838971][T18314] ext4 filesystem being mounted at /913/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 374.926153][ T26] audit: type=1326 audit(2000000174.046:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18335 comm="syz.2.5962" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x0 [ 375.154543][T18346] loop2: detected capacity change from 0 to 128 [ 375.225439][T18346] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 375.318900][ T4264] usb 7-1: new full-speed USB device number 10 using dummy_hcd [ 375.335585][ T26] audit: type=1326 audit(2000000174.456:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18353 comm="syz.1.5972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1711d0d6c9 code=0x7fc00000 [ 376.474278][ T4264] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 376.494892][ T4264] usb 7-1: config 0 has no interfaces? [ 376.673296][T18350] loop5: detected capacity change from 0 to 40427 [ 376.687923][ T4264] usb 7-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 376.708137][T18350] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 376.722485][ T4264] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 376.732428][T18350] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 376.741096][ T4264] usb 7-1: Product: syz [ 376.745654][ T4264] usb 7-1: Manufacturer: syz [ 376.753383][T18350] F2FS-fs (loop5): invalid crc value [ 376.759095][ T4264] usb 7-1: SerialNumber: syz [ 376.776580][ T4264] usb 7-1: config 0 descriptor?? [ 376.801401][T18350] F2FS-fs (loop5): Found nat_bits in checkpoint [ 376.843489][T18350] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 376.856749][T18350] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 377.023385][ T4264] usb 7-1: USB disconnect, device number 10 [ 377.591903][T18380] loop6: detected capacity change from 0 to 128 [ 377.629601][ T26] audit: type=1326 audit(2000000176.756:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18375 comm="syz.1.5980" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1711d0d6c9 code=0x0 [ 377.876864][T18380] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 377.891079][T18380] ext4 filesystem being mounted at /512/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 378.639241][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.645593][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.788294][ T26] audit: type=1326 audit(2000000177.906:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.5.5985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9804aec6c9 code=0x7fc00000 [ 378.899675][T18409] loop0: detected capacity change from 0 to 256 [ 378.994290][T18414] loop6: detected capacity change from 0 to 512 [ 379.205950][T18414] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpid,lazytime,,errors=continue. Quota mode: writeback. [ 379.304423][T18414] ext4 filesystem being mounted at /514/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 380.408873][ T26] audit: type=1326 audit(2000000179.526:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18442 comm="syz.1.6005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1711d0d6c9 code=0x7fc00000 [ 380.500557][T18455] loop0: detected capacity change from 0 to 128 [ 380.598712][T18455] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,barrier=0x0000000000000de2,,errors=continue. Quota mode: none. [ 380.683124][T18455] ext4 filesystem being mounted at /1227/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 381.364915][ T26] audit: type=1326 audit(2000000180.486:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18467 comm="syz.6.6016" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x0 [ 381.508090][T18482] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6022'. [ 381.524278][T18478] loop0: detected capacity change from 0 to 512 [ 381.608504][T18480] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6021'. [ 381.672435][T18478] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 381.686818][T18478] EXT4-fs (loop0): 1 truncate cleaned up [ 381.692867][T18478] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,usrjquota="errors=continue,noinit_itable,noblock_validity,,errors=continue. Quota mode: writeback. [ 381.723268][T18488] device bond1 entered promiscuous mode [ 381.736760][T18478] EXT4-fs (loop0): re-mounted. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,usrjquota="errors=continue,noinit_itable,noblock_validity,. Quota mode: writeback. [ 381.819968][T18489] device macvlan2 entered promiscuous mode [ 381.827414][T18489] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 382.061700][T18479] device bond1 left promiscuous mode [ 382.752508][T18526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6041'. [ 382.915554][T18535] netlink: 224 bytes leftover after parsing attributes in process `syz.5.6045'. [ 383.620448][ T26] audit: type=1107 audit(2000000182.746:253): pid=18562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 383.731036][ T26] audit: type=1326 audit(2000000182.856:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18565 comm="syz.5.6061" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9804aec6c9 code=0x0 [ 384.487803][T18592] loop1: detected capacity change from 0 to 128 [ 384.659665][T18592] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 384.746878][T18592] ext4 filesystem being mounted at /1267/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 387.407925][T18678] loop6: detected capacity change from 0 to 128 [ 387.499852][T18678] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,barrier=0x0000000000000de2,,errors=continue. Quota mode: none. [ 387.516172][T18678] ext4 filesystem being mounted at /538/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 388.207240][T18715] loop1: detected capacity change from 0 to 128 [ 388.337697][T18715] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,barrier=0x0000000000000de2,,errors=continue. Quota mode: none. [ 389.956949][T18759] loop5: detected capacity change from 0 to 128 [ 390.824260][T18759] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,barrier=0x0000000000000de2,,errors=continue. Quota mode: none. [ 391.326927][T18790] cgroup: No subsys list or none specified [ 391.640332][T18761] loop2: detected capacity change from 0 to 40427 [ 391.708097][T18761] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 391.737728][T18761] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 391.756831][T18761] F2FS-fs (loop2): invalid crc value [ 391.768386][T18761] F2FS-fs (loop2): Found nat_bits in checkpoint [ 391.829789][T18761] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 391.837088][T18761] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 392.418255][T18829] loop2: detected capacity change from 0 to 128 [ 392.603985][T18829] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,barrier=0x0000000000000de2,,errors=continue. Quota mode: none. [ 393.856384][T18833] loop0: detected capacity change from 0 to 40427 [ 393.949230][T18833] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 393.984919][T18833] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 394.063980][T18876] loop6: detected capacity change from 0 to 128 [ 394.071178][T18833] F2FS-fs (loop0): invalid crc value [ 394.131583][T18833] F2FS-fs (loop0): Found nat_bits in checkpoint [ 394.172625][T18876] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,barrier=0x0000000000000de2,,errors=continue. Quota mode: none. [ 394.183338][T18887] netlink: 'syz.1.6196': attribute type 16 has an invalid length. [ 394.201983][T18887] netlink: 64122 bytes leftover after parsing attributes in process `syz.1.6196'. [ 394.243182][T18833] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 394.250309][T18833] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 394.275915][T18883] loop2: detected capacity change from 0 to 512 [ 394.519591][T18883] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,lazytime,,errors=continue. Quota mode: writeback. [ 395.392835][T18905] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6200'. [ 395.468028][T18899] Falling back ldisc for ttyS3. [ 395.813203][T18923] loop5: detected capacity change from 0 to 128 [ 396.322690][T18923] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,barrier=0x0000000000000de2,,errors=continue. Quota mode: none. [ 396.784267][T18936] netlink: 'syz.1.6213': attribute type 1 has an invalid length. [ 397.113654][T18958] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6224'. [ 397.176270][T18958] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6224'. [ 397.222781][T18958] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6224'. [ 397.270778][T18958] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6224'. [ 398.852102][ T26] audit: type=1326 audit(398.698:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18987 comm="syz.6.6237" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x0 [ 400.075706][T19010] netlink: 240 bytes leftover after parsing attributes in process `syz.6.6245'. [ 400.611615][T14037] Bluetooth: hci5: Frame reassembly failed (-84) [ 400.652303][T14037] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 401.131519][ T26] audit: type=1326 audit(400.978:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.6.6270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 401.218542][ T26] audit: type=1326 audit(401.018:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.6.6270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 401.301802][ T26] audit: type=1326 audit(401.018:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.6.6270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 401.403162][ T26] audit: type=1326 audit(401.018:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.6.6270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 401.507456][ T26] audit: type=1326 audit(401.018:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.6.6270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 401.804068][T19097] netlink: 'syz.1.6284': attribute type 13 has an invalid length. [ 401.822922][T19097] erspan0: refused to change device tx_queue_len [ 402.270244][T19117] netlink: 112 bytes leftover after parsing attributes in process `syz.2.6295'. [ 402.488441][ T26] audit: type=1326 audit(402.338:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19123 comm="syz.2.6298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 402.542712][ T26] audit: type=1326 audit(402.368:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19123 comm="syz.2.6298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 402.592723][ T7] Bluetooth: hci5: command 0x1003 tx timeout [ 402.598929][ T4193] Bluetooth: hci5: sending frame failed (-49) [ 402.610774][ T26] audit: type=1326 audit(402.368:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19123 comm="syz.2.6298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 402.658512][ T26] audit: type=1326 audit(402.368:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19123 comm="syz.2.6298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 402.676178][T19113] fuse: Invalid rootmode [ 402.729288][T19128] Falling back ldisc for ttyS3. [ 404.677781][T13007] Bluetooth: hci5: command 0x1001 tx timeout [ 404.689481][ T4193] Bluetooth: hci5: sending frame failed (-49) [ 404.973782][T19210] cgroup: Name too long [ 405.370005][T19241] binder: Bad value for 'stats' [ 406.050272][T19273] binder: 19271:19273 ioctl c0306201 200000000940 returned -14 [ 406.758075][T13007] Bluetooth: hci5: command 0x1009 tx timeout [ 407.874014][T19316] netlink: 'syz.5.6383': attribute type 13 has an invalid length. [ 407.908417][T19316] erspan0: refused to change device tx_queue_len [ 407.917495][T19320] netlink: 40 bytes leftover after parsing attributes in process `syz.6.6384'. [ 408.695817][T19364] cgroup: Name too long [ 409.288436][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 409.288449][ T26] audit: type=1326 audit(409.138:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.389603][ T26] audit: type=1326 audit(409.148:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.415992][ T26] audit: type=1326 audit(409.148:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.492275][ T26] audit: type=1326 audit(409.148:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.573366][ T26] audit: type=1326 audit(409.148:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.623588][ T26] audit: type=1326 audit(409.148:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.645806][ T26] audit: type=1326 audit(409.148:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.674829][ T26] audit: type=1326 audit(409.148:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.727102][ T26] audit: type=1326 audit(409.148:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.776001][ T26] audit: type=1326 audit(409.148:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19394 comm="syz.6.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 409.806450][T19420] loop2: detected capacity change from 0 to 512 [ 409.851224][T19414] netlink: 148 bytes leftover after parsing attributes in process `syz.5.6429'. [ 409.886203][T19414] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 409.950274][T19420] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 410.002125][T19420] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #2: comm syz.2.6432: corrupted inode contents [ 410.041024][T19420] EXT4-fs error (device loop2): ext4_dirty_inode:6054: inode #2: comm syz.2.6432: mark_inode_dirty error [ 410.060215][T19420] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #2: comm syz.2.6432: corrupted inode contents [ 410.074802][T19420] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz.2.6432: mark_inode_dirty error [ 412.420528][T19480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6456'. [ 412.485611][T19480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6456'. [ 412.782884][T19502] device syzkaller0 entered promiscuous mode [ 413.045545][T19519] 9pnet: Insufficient options for proto=fd [ 414.077640][T19588] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6506'. [ 415.446852][T19617] loop6: detected capacity change from 0 to 256 [ 415.543754][T19617] exfat: Deprecated parameter 'namecase' [ 415.564620][T19617] exfat: Bad value for 'uid' [ 416.587209][T19685] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6552'. [ 417.620986][T19747] netlink: 'syz.6.6580': attribute type 1 has an invalid length. [ 417.718903][T19752] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 417.774813][T19752] bond0: (slave batadv1): making interface the new active one [ 417.784981][T19752] bond0: (slave batadv1): Enslaving as an active interface with an up link [ 417.886599][T19747] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6580'. [ 417.970875][T19747] bond0 (unregistering): (slave batadv1): Releasing active interface [ 418.070244][T19747] bond0 (unregistering): Released all slaves [ 418.072144][T19774] loop2: detected capacity change from 0 to 512 [ 418.173217][T19774] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 418.239330][T19774] EXT4-fs (loop2): 1 truncate cleaned up [ 418.264096][T19774] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 418.301691][T19788] loop5: detected capacity change from 0 to 128 [ 418.327825][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 418.327839][ T26] audit: type=1800 audit(418.179:291): pid=19774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6592" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 418.406262][T19788] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,init_itable,,errors=continue. Quota mode: writeback. [ 418.562373][T19791] loop0: detected capacity change from 0 to 8 [ 419.267200][T19832] loop2: detected capacity change from 0 to 256 [ 419.293567][T19832] exfat: Deprecated parameter 'namecase' [ 419.309570][T19832] exfat: Bad value for 'uid' [ 419.998252][T19867] netlink: 'syz.5.6636': attribute type 4 has an invalid length. [ 420.040032][T19870] netlink: 76 bytes leftover after parsing attributes in process `syz.1.6638'. [ 420.060527][T19870] netlink: 56 bytes leftover after parsing attributes in process `syz.1.6638'. [ 420.436137][T19896] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6651'. [ 420.579282][T19902] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6654'. [ 420.916979][T19923] tipc: Enabling of bearer rejected, media not registered [ 420.982038][T19929] loop1: detected capacity change from 0 to 512 [ 421.138466][T19929] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 421.315253][T19945] netlink: 36 bytes leftover after parsing attributes in process `syz.6.6669'. [ 421.332552][T19945] netlink: 32 bytes leftover after parsing attributes in process `syz.6.6669'. [ 421.474702][T19950] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6673'. [ 421.532626][T19950] netlink: 17 bytes leftover after parsing attributes in process `syz.5.6673'. [ 421.569509][T19950] tipc: Invalid UDP bearer configuration [ 421.569549][T19950] tipc: Enabling of bearer rejected, failed to enable media [ 422.154631][T19990] loop5: detected capacity change from 0 to 512 [ 422.285355][T20005] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6699'. [ 422.370837][T19990] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 422.501164][T20013] loop6: detected capacity change from 0 to 8 [ 422.549832][T19990] EXT4-fs error (device loop5): ext4_do_update_inode:5218: inode #2: comm syz.5.6691: corrupted inode contents [ 422.583996][T19990] EXT4-fs error (device loop5): ext4_dirty_inode:6054: inode #2: comm syz.5.6691: mark_inode_dirty error [ 422.612737][T20013] /dev/loop6: Can't open blockdev [ 422.708590][T19990] EXT4-fs error (device loop5): ext4_do_update_inode:5218: inode #2: comm syz.5.6691: corrupted inode contents [ 422.804184][T19990] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #2: comm syz.5.6691: mark_inode_dirty error [ 422.917896][T20003] loop2: detected capacity change from 0 to 40427 [ 423.018190][T20003] F2FS-fs (loop2): Found nat_bits in checkpoint [ 423.166838][T20035] loop6: detected capacity change from 0 to 164 [ 423.192148][T20003] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 423.298685][ T26] audit: type=1326 audit(423.149:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20040 comm="syz.5.6714" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9804aec6c9 code=0x0 [ 423.367142][T20045] netlink: 3744 bytes leftover after parsing attributes in process `syz.1.6715'. [ 424.035965][T20077] netlink: 'syz.0.6731': attribute type 1 has an invalid length. [ 424.215243][T20081] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 424.301549][T20081] bond2: (slave batadv1): making interface the new active one [ 424.352830][T20081] bond2: (slave batadv1): Enslaving as an active interface with an up link [ 424.376167][T20077] bond2 (unregistering): (slave batadv1): Releasing active interface [ 424.474428][T20077] bond2 (unregistering): Released all slaves [ 424.619470][T20114] bridge0: port 3(erspan0) entered blocking state [ 424.652577][T20114] bridge0: port 3(erspan0) entered disabled state [ 424.671945][T20114] device erspan0 entered promiscuous mode [ 424.694926][T20114] bridge0: port 3(erspan0) entered blocking state [ 424.702375][T20114] bridge0: port 3(erspan0) entered forwarding state [ 425.201318][T20141] __nla_validate_parse: 2 callbacks suppressed [ 425.201334][T20141] netlink: 148 bytes leftover after parsing attributes in process `syz.2.6761'. [ 425.246933][T20141] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 425.334839][T20149] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 426.297944][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.308213][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.316285][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.330020][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.338237][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.353171][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.371536][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.388073][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.406038][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.422665][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.430178][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.457059][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.475160][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.500030][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.513177][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.521026][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.545067][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.569685][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.592799][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.600624][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.641529][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.655178][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.673257][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.693492][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.701018][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.738278][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.768905][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.784345][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.804959][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.832604][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.848941][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.860130][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.880365][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.895166][T20211] overlayfs: missing 'lowerdir' [ 426.920072][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.932546][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.940063][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.957190][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.965628][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.974765][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.982855][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 426.992881][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.015557][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.026109][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.037605][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.046389][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.055826][T20220] 9pnet: Could not find request transport: f [ 427.076542][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.092572][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.110296][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.129068][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.137773][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.149721][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.176626][T20231] netlink: 337 bytes leftover after parsing attributes in process `syz.2.6802'. [ 427.191362][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.202657][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.210162][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.240217][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.272383][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.297701][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.318711][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.341424][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.359493][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.387776][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.395721][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.411792][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.420128][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.433467][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.441365][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.449968][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.459372][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.473992][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.487138][T20251] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6812'. [ 427.492638][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.502175][T20251] tipc: Enabling of bearer rejected, already enabled [ 427.508642][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.522196][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.547325][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.563724][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.571532][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.593787][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.607548][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.626560][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.645232][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.660844][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.668742][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.684960][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.701680][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.712327][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.726553][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.741438][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.766717][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.786723][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.811020][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.820162][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.834792][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.849518][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.874136][T20281] x_tables: duplicate underflow at hook 1 [ 427.880983][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.888814][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.912036][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.927074][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.942824][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.962587][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.970223][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 427.999673][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.016667][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.030286][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.043956][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.061147][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.097851][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.129798][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.151858][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.173678][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.194376][T20298] user requested TSC rate below hardware speed [ 428.197158][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.217621][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.228463][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.247913][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.262216][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.283800][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.301119][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.317253][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.336844][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.350736][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.370852][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.379421][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.409055][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.451808][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.484443][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.491979][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.542638][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.550261][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.602604][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.616552][T13006] hid-generic 0000:10000:0007.0005: unknown main item tag 0x0 [ 428.676100][T13006] hid-generic 0000:10000:0007.0005: hidraw0: HID v9.40 Device [syz1] on syz1 [ 429.173164][T20355] netlink: 68 bytes leftover after parsing attributes in process `syz.6.6846'. [ 429.194977][T20358] binder: 20357:20358 ioctl c0306201 200000000300 returned -11 [ 429.248936][T20358] binder: 20357:20358 ioctl c0306201 2000000000c0 returned -11 [ 429.552226][T20380] overlayfs: missing 'lowerdir' [ 429.666248][T20323] loop0: detected capacity change from 0 to 40427 [ 429.770279][T20323] F2FS-fs (loop0): Found nat_bits in checkpoint [ 429.891895][T20323] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 430.407906][T20399] loop6: detected capacity change from 0 to 32768 [ 430.482677][T20399] /dev/loop6: Can't open blockdev [ 430.773475][T20434] fido_id[20434]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 430.799265][T20437] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6877'. [ 432.482667][T20478] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6896'. [ 432.987175][T20498] loop5: detected capacity change from 0 to 512 [ 433.248555][T20498] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 433.483234][T20526] loop0: detected capacity change from 0 to 1024 [ 433.617369][T20526] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000002,nombcache,,errors=continue. Quota mode: none. [ 433.857245][T20532] fuse: Bad value for 'fd' [ 434.398190][T20571] loop1: detected capacity change from 0 to 1024 [ 434.675011][T20571] EXT4-fs (loop1): test_dummy_encryption requires encrypt feature [ 435.492771][ T4253] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 435.732520][ T4253] usb 2-1: Using ep0 maxpacket: 16 [ 435.892755][ T4253] usb 2-1: unable to get BOS descriptor or descriptor too short [ 436.002641][ T4253] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 436.023761][ T4253] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 436.042285][ T4253] usb 2-1: config 1 has no interface number 1 [ 436.070670][ T4253] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 436.251971][T20655] binder: 20654:20655 ioctl c0306201 0 returned -14 [ 436.252816][ T4253] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 436.297347][ T4253] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 436.326012][ T4253] usb 2-1: Product: ช㘦鸚䭊敫倵嚀蓉㢩챵썺瓌㽍霹燜⶜☍但䐹楨굨෺ឈ抟ꂨ곥ﶡ谵생㹛膺′䵪┵ᄦ৴ﯕ茸워㋘ [ 436.400663][ T4253] usb 2-1: Manufacturer: 孟檠믭쪍﷼畸䭋⩙莢㟄끜ࣃ㔙ꊊ붔堓镀皒슉맒繆慬몬β튺ٜꦑ쏴初巕ⴘ⠜ꂍ [ 436.425136][ T4253] usb 2-1: SerialNumber: 㩠倐랔紀圙䶨迪䟊ᑦ읲袶ﻜু힓관驖ᬾ⽣襵ⳮ䙈믄ʸ叔统 [ 436.843613][ T4253] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 436.982822][ T4253] usb 2-1: USB disconnect, device number 14 [ 437.021941][T20694] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6995'. [ 437.310144][T20707] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7001'. [ 437.355281][ T8502] udevd[8502]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 437.496603][T20721] netlink: 156 bytes leftover after parsing attributes in process `syz.2.7009'. [ 437.542859][T20721] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7009'. [ 437.577021][T20721] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7009'. [ 437.607559][T20721] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7009'. [ 438.525221][T20797] netlink: 'syz.6.7043': attribute type 4 has an invalid length. [ 438.575961][T20797] netlink: 'syz.6.7043': attribute type 5 has an invalid length. [ 438.612831][T20797] netlink: 3657 bytes leftover after parsing attributes in process `syz.6.7043'. [ 439.582598][ T26] audit: type=1326 audit(439.429:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20872 comm="syz.1.7079" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1711d0d6c9 code=0x0 [ 440.035621][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.042030][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.258496][T20913] 9pnet_virtio: no channels available for device syz [ 442.381363][T20978] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 442.689373][T20976] fuse: Bad value for 'fd' [ 443.070580][T20980] loop5: detected capacity change from 0 to 512 [ 443.257824][T20989] batman_adv: batadv0: Adding interface: dummy0 [ 443.258126][T20980] EXT4-fs error (device loop5): ext4_orphan_get:1401: inode #15: comm syz.5.7128: inode has both inline data and extents flags [ 443.278469][T20989] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 443.308709][T20980] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.7128: couldn't read orphan inode 15 (err -117) [ 443.325979][T20980] EXT4-fs (loop5): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback. [ 443.412394][T20989] batman_adv: batadv0: Interface activated: dummy0 [ 443.475685][T20999] overlayfs: filesystem on './file0' not supported as upperdir [ 443.522714][ T4253] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 443.835671][ T4253] usb 3-1: Using ep0 maxpacket: 16 [ 443.952802][ T4253] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 443.980295][ T4253] usb 3-1: config 0 has no interfaces? [ 444.002096][ T4253] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 444.033811][ T4253] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.072191][ T4253] usb 3-1: config 0 descriptor?? [ 444.324136][T20995] udc-core: couldn't find an available UDC or it's busy [ 444.331345][T20995] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 444.341778][T21045] device syzkaller0 entered promiscuous mode [ 444.363666][ T4253] usb 3-1: USB disconnect, device number 10 [ 444.486819][T21053] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7161'. [ 444.828840][T21073] binder: 21072:21073 ioctl 4018620d 0 returned -22 [ 445.013000][T21082] device team_slave_0 entered promiscuous mode [ 445.020097][T21082] device team_slave_1 entered promiscuous mode [ 445.072072][T21082] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 445.129201][T21082] loop1: detected capacity change from 0 to 64 [ 445.144264][T21089] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 445.629749][T21112] loop5: detected capacity change from 0 to 1024 [ 445.689844][T21116] x_tables: duplicate underflow at hook 1 [ 445.741906][T21112] EXT4-fs (loop5): test_dummy_encryption requires encrypt feature [ 446.462678][ T3519] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 446.702664][ T3519] usb 6-1: Using ep0 maxpacket: 16 [ 446.882610][ T3519] usb 6-1: unable to get BOS descriptor or descriptor too short [ 446.962634][ T3519] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 446.983219][ T3519] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 447.021593][ T3519] usb 6-1: config 1 has no interface number 1 [ 447.043677][ T3519] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 447.061319][T21158] batman_adv: batadv0: Adding interface: dummy0 [ 447.088252][T21158] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 447.182057][T21166] loop1: detected capacity change from 0 to 128 [ 447.189623][T21158] batman_adv: batadv0: Interface activated: dummy0 [ 447.243402][T21167] batadv0: mtu less than device minimum [ 447.266669][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.279826][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.292204][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.304647][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.316980][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.329304][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.341677][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.354010][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.366284][T21167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 447.393463][T21166] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 447.412548][ T3519] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 447.421613][ T3519] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.443172][ T3519] usb 6-1: Product: ช㘦鸚䭊敫倵嚀蓉㢩챵썺瓌㽍霹燜⶜☍但䐹楨굨෺ឈ抟ꂨ곥ﶡ谵생㹛膺′䵪┵ᄦ৴ﯕ茸워㋘ [ 447.466097][ T3519] usb 6-1: Manufacturer: 孟檠믭쪍﷼畸䭋⩙莢㟄끜ࣃ㔙ꊊ붔堓镀皒슉맒繆慬몬β튺ٜꦑ쏴初巕ⴘ⠜ꂍ [ 447.490548][T21166] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 447.490815][ T3519] usb 6-1: SerialNumber: 㩠倐랔紀圙䶨迪䟊ᑦ읲袶ﻜু힓관驖ᬾ⽣襵ⳮ䙈믄ʸ叔统 [ 447.752120][ T26] audit: type=1326 audit(447.599:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21177 comm="syz.6.7218" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x0 [ 447.882745][ T3519] usb 6-1: 2:1 : no or invalid class specific endpoint descriptor [ 447.911713][T21184] loop0: detected capacity change from 0 to 256 [ 447.978385][T21184] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 448.016589][ T3519] usb 6-1: USB disconnect, device number 6 [ 448.309351][ T5584] udevd[5584]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 448.558169][ T151] tipc: Subscription rejected, illegal request [ 448.846282][T21221] 9pnet: Insufficient options for proto=fd [ 449.608450][T21263] infiniband syz1: set active [ 449.630620][T21263] batman_adv: batadv0: Interface deactivated: dummy0 [ 449.643552][T21263] batman_adv: batadv0: Removing interface: dummy0 [ 449.722196][T21263] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 449.797431][T21263] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 449.833192][T21263] bond0: (slave bond_slave_0): Releasing backup interface [ 449.866954][T21263] bond0: (slave bond_slave_1): Releasing backup interface [ 449.969991][T21263] team0: Port device team_slave_0 removed [ 450.059290][T21263] team0: Port device team_slave_1 removed [ 450.075065][T21263] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 450.091835][T21263] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 450.135304][T21263] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 450.150490][T21263] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 450.234725][T21261] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7252'. [ 450.274410][T21269] netlink: 'syz.2.7256': attribute type 10 has an invalid length. [ 450.366203][T21289] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 450.407053][T21269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 450.457531][T21269] team0: Port device bond0 added [ 450.480924][T21274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7256'. [ 450.545900][T21296] loop5: detected capacity change from 0 to 512 [ 450.614501][T21296] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c02c, mo2=0002] [ 450.639538][T21296] System zones: 1-12 [ 450.667271][T21274] team0 (unregistering): Port device bond0 removed [ 450.697640][T21296] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.7270: error while reading EA inode 32 err=-116 [ 450.787437][T21296] EXT4-fs (loop5): Remounting filesystem read-only [ 450.814416][T21296] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.7270: error while reading EA inode 32 err=-116 [ 450.924761][T21296] EXT4-fs (loop5): Remounting filesystem read-only [ 450.931683][T21296] EXT4-fs (loop5): 1 orphan inode deleted [ 450.992587][T21296] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,debug,debug_want_extra_isize=0x000000000000005e,noauto_da_alloc,bsddf,jqfmt=vfsv1,grpid,. Quota mode: none. [ 451.513713][T21329] netlink: 536 bytes leftover after parsing attributes in process `syz.5.7284'. [ 451.553168][T21329] netlink: 52 bytes leftover after parsing attributes in process `syz.5.7284'. [ 452.013487][T21357] netlink: 'syz.0.7298': attribute type 21 has an invalid length. [ 452.049107][T21362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7300'. [ 453.631448][T21449] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3897524436 (7795048872 ns) > initial count (2759807172 ns). Using initial count to start timer. [ 453.700993][T21461] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3996681224 (15986724896 ns) > initial count (3709615788 ns). Using initial count to start timer. [ 453.784667][T21464] binder: Bad value for 'stats' [ 453.831106][ T26] audit: type=1326 audit(453.679:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21465 comm="syz.6.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 453.937831][ T26] audit: type=1326 audit(453.679:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21465 comm="syz.6.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 454.068628][T21477] netlink: 72 bytes leftover after parsing attributes in process `syz.5.7356'. [ 454.078394][ T26] audit: type=1326 audit(453.779:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21465 comm="syz.6.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 454.143830][ T26] audit: type=1326 audit(453.779:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21465 comm="syz.6.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 454.943606][T21528] netlink: 96 bytes leftover after parsing attributes in process `syz.6.7377'. [ 455.222632][ T26] audit: type=1326 audit(455.069:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21534 comm="syz.1.7382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1711d0d6c9 code=0x7fc00000 [ 455.316110][ T26] audit: type=1326 audit(455.099:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21534 comm="syz.1.7382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1711d0d6c9 code=0x7fc00000 [ 456.024338][T21564] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 456.071593][T21564] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 457.249578][T21613] loop2: detected capacity change from 0 to 512 [ 457.356210][T21613] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c02c, mo2=0002] [ 457.392647][T21613] System zones: 1-12 [ 457.473191][T21613] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.7417: error while reading EA inode 32 err=-116 [ 457.562895][T21613] EXT4-fs (loop2): Remounting filesystem read-only [ 457.569628][T21613] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.7417: error while reading EA inode 32 err=-116 [ 457.603147][T21623] netlink: 'syz.0.7422': attribute type 1 has an invalid length. [ 457.642944][T21623] device bond2 entered promiscuous mode [ 457.642955][T21613] EXT4-fs (loop2): Remounting filesystem read-only [ 457.649822][T21623] 8021q: adding VLAN 0 to HW filter on device bond2 [ 457.675801][T21613] EXT4-fs (loop2): 1 orphan inode deleted [ 457.681834][T21613] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,debug,debug_want_extra_isize=0x000000000000005e,noauto_da_alloc,bsddf,jqfmt=vfsv1,grpid,. Quota mode: none. [ 457.756616][T21627] 8021q: adding VLAN 0 to HW filter on device bond2 [ 457.801161][T21627] bond2: (slave wireguard0): The slave device specified does not support setting the MAC address [ 457.813995][T21627] bond2: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 457.854171][T21627] bond2: (slave wireguard0): making interface the new active one [ 457.870511][T21627] device wireguard0 entered promiscuous mode [ 457.882062][T21627] bond2: (slave wireguard0): Enslaving as an active interface with an up link [ 457.902528][T21623] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 457.909812][T21623] IPv6: NLM_F_CREATE should be set when creating new route [ 457.917119][T21623] IPv6: NLM_F_CREATE should be set when creating new route [ 457.965485][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 457.997759][T21623] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 458.072333][T21623] bond2: (slave wireguard1): The slave device specified does not support setting the MAC address [ 458.102934][ T26] audit: type=1326 audit(457.949:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21534 comm="syz.1.7382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1711d0d6c9 code=0x7fc00000 [ 458.219051][T21623] bond2: (slave wireguard1): Enslaving as a backup interface with an up link [ 458.343828][T21659] loop6: detected capacity change from 0 to 512 [ 458.723718][ T26] audit: type=1326 audit(458.579:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21681 comm="syz.2.7446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7fc00000 [ 458.804440][ T26] audit: type=1326 audit(458.599:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21681 comm="syz.2.7446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa92ca066c9 code=0x7fc00000 [ 459.027055][T21702] netlink: 44 bytes leftover after parsing attributes in process `syz.6.7455'. [ 459.896482][T21708] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7457'. [ 460.052275][T21708] team0 (unregistering): Port device team_slave_0 removed [ 460.101690][T21708] team0 (unregistering): Port device team_slave_1 removed [ 460.482582][ T3519] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 460.732520][ T3519] usb 7-1: Using ep0 maxpacket: 8 [ 460.751815][T21754] binder: BINDER_SET_CONTEXT_MGR already set [ 460.762712][T21754] binder: 21753:21754 ioctl 4018620d 200000000040 returned -16 [ 460.852791][ T3519] usb 7-1: too many endpoints for config 0 interface 0 altsetting 250: 251, using maximum allowed: 30 [ 460.881914][ T3519] usb 7-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 251 [ 460.907480][ T3519] usb 7-1: config 0 interface 0 has no altsetting 0 [ 460.921264][ T3519] usb 7-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 460.940985][ T3519] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 461.018164][ T3519] usb 7-1: config 0 descriptor?? [ 461.392673][ T3519] usbhid 7-1:0.0: can't add hid device: -71 [ 461.399052][ T3519] usbhid: probe of 7-1:0.0 failed with error -71 [ 461.449688][ T3519] usb 7-1: USB disconnect, device number 11 [ 461.622641][ T26] audit: type=1326 audit(461.469:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21681 comm="syz.2.7446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7fc00000 [ 462.211471][T21825] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7507'. [ 462.317178][T21832] netlink: 196 bytes leftover after parsing attributes in process `syz.2.7511'. [ 463.282612][ T3519] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 463.491021][T21885] netlink: 188 bytes leftover after parsing attributes in process `syz.0.7534'. [ 463.532545][ T3519] usb 2-1: Using ep0 maxpacket: 16 [ 463.652751][ T3519] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 463.688601][ T3519] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 463.721565][ T3519] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 463.758775][ T3519] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.786405][ T3519] usb 2-1: config 0 descriptor?? [ 464.052339][T16539] usb 2-1: USB disconnect, device number 15 [ 464.281406][T21924] tipc: New replicast peer: 0.0.0.0 [ 464.313038][T21924] tipc: Enabled bearer , priority 10 [ 466.012193][T21967] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7570'. [ 466.655811][T22001] loop6: detected capacity change from 0 to 128 [ 466.841097][T22005] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7588'. [ 467.112550][ T3519] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 467.352636][ T3519] usb 2-1: Using ep0 maxpacket: 8 [ 467.472787][ T3519] usb 2-1: too many endpoints for config 0 interface 0 altsetting 250: 251, using maximum allowed: 30 [ 467.502648][ T3519] usb 2-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 251 [ 467.542481][ T3519] usb 2-1: config 0 interface 0 has no altsetting 0 [ 467.549138][ T3519] usb 2-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 467.610187][ T3519] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.651496][ T3519] usb 2-1: config 0 descriptor?? [ 468.012706][ T3519] usbhid 2-1:0.0: can't add hid device: -71 [ 468.019651][ T3519] usbhid: probe of 2-1:0.0 failed with error -71 [ 468.044935][ T3519] usb 2-1: USB disconnect, device number 16 [ 471.152549][T13006] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 471.425961][T22241] netlink: 96 bytes leftover after parsing attributes in process `syz.0.7697'. [ 471.444731][T13006] usb 6-1: Using ep0 maxpacket: 8 [ 471.579204][T13006] usb 6-1: too many endpoints for config 0 interface 0 altsetting 250: 251, using maximum allowed: 30 [ 471.611869][T13006] usb 6-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 251 [ 471.648988][T13006] usb 6-1: config 0 interface 0 has no altsetting 0 [ 471.656955][T13006] usb 6-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 471.678570][T13006] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 471.702790][T13006] usb 6-1: config 0 descriptor?? [ 472.062717][T13006] usbhid 6-1:0.0: can't add hid device: -71 [ 472.069566][T13006] usbhid: probe of 6-1:0.0 failed with error -71 [ 472.077838][T13006] usb 6-1: USB disconnect, device number 7 [ 472.663831][T22283] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7715'. [ 473.245439][T22321] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7733'. [ 474.264433][T22350] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7747'. [ 475.419581][T22415] loop1: detected capacity change from 0 to 512 [ 475.654181][T22415] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 475.744917][ T7] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 476.002573][ T7] usb 1-1: Using ep0 maxpacket: 32 [ 476.132702][ T7] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 476.150083][ T7] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 476.175592][ T7] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 476.205208][ T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 476.235414][ T7] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 476.266774][ T7] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 476.306995][ T7] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 476.336622][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.386608][ T7] usb 1-1: config 0 descriptor?? [ 476.762346][ T7] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 477.593790][ T7] usb 1-1: USB disconnect, device number 7 [ 477.620158][ T7] usblp0: removed [ 477.791207][T22462] binder: 22460:22462 unknown command 1074553620 [ 477.821846][T22462] binder: 22460:22462 ioctl c0306201 200000000640 returned -22 [ 478.032614][ T7] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 478.182744][T22448] fuse: Bad value for 'fd' [ 478.302674][ T7] usb 1-1: Using ep0 maxpacket: 32 [ 478.442617][ T7] usb 1-1: unable to read config index 0 descriptor/all [ 478.449853][ T7] usb 1-1: can't read configurations, error -71 [ 478.492009][T22483] loop1: detected capacity change from 0 to 1024 [ 478.638544][T22483] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 478.704153][T22483] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 478.762882][T22483] System zones: 0-1, 4-36, 102-102 [ 478.828728][T22483] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 478.861716][T22496] device sit0 entered promiscuous mode [ 478.923906][T22496] netlink: 'syz.5.7809': attribute type 1 has an invalid length. [ 478.989667][T22496] netlink: 1 bytes leftover after parsing attributes in process `syz.5.7809'. [ 479.820445][T22488] loop2: detected capacity change from 0 to 32768 [ 479.907415][T22488] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.7806 (22488) [ 479.950358][T22536] netlink: 'syz.0.7827': attribute type 16 has an invalid length. [ 479.964803][T22488] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 479.985247][T22536] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.7827'. [ 480.032772][T22488] BTRFS info (device loop2): force zlib compression, level 3 [ 480.042540][T22538] netlink: 36 bytes leftover after parsing attributes in process `syz.5.7829'. [ 480.062032][T22488] BTRFS info (device loop2): force clearing of disk cache [ 480.105251][T22488] BTRFS info (device loop2): setting nodatasum [ 480.142132][T22488] BTRFS info (device loop2): allowing degraded mounts [ 480.196957][T22488] BTRFS info (device loop2): enabling disk space caching [ 480.223481][T22488] BTRFS info (device loop2): disk space caching is enabled [ 480.250131][T22488] BTRFS info (device loop2): has skinny extents [ 480.623850][T22488] BTRFS info (device loop2): clearing free space tree [ 480.630877][T22488] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 480.795384][T22488] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 481.020110][T22590] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 481.099710][ T4276] Bluetooth: hci5: Frame reassembly failed (-84) [ 481.918116][T22618] netlink: 96 bytes leftover after parsing attributes in process `syz.6.7856'. [ 483.040031][T22625] netlink: 'syz.0.7858': attribute type 25 has an invalid length. [ 483.100194][ T8273] Bluetooth: hci5: command 0x1003 tx timeout [ 483.149870][ T4193] Bluetooth: hci5: sending frame failed (-49) [ 483.413917][T22640] device wlan1 left promiscuous mode [ 483.422029][T22640] bridge0: port 2(wlan1) entered disabled state [ 483.503428][T22640] bridge0: port 1(team0) entered disabled state [ 484.267227][T22614] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 484.291734][T22614] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 484.634458][ T144] tipc: Subscription rejected, illegal request [ 484.754272][T22704] netlink: 'syz.6.7896': attribute type 28 has an invalid length. [ 485.232517][ T4252] Bluetooth: hci5: command 0x1001 tx timeout [ 485.238784][ T4193] Bluetooth: hci5: sending frame failed (-49) [ 485.877197][ T26] audit: type=1326 audit(485.729:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 485.929384][ T26] audit: type=1326 audit(485.729:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.025343][ T26] audit: type=1326 audit(485.729:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.028736][T22770] cgroup: Unknown subsys name 'audit' [ 486.099463][ T26] audit: type=1326 audit(485.729:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.160404][ T26] audit: type=1326 audit(485.729:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.230519][ T26] audit: type=1326 audit(485.729:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.316882][ T26] audit: type=1326 audit(485.729:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.378247][ T26] audit: type=1326 audit(485.729:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.459777][ T26] audit: type=1326 audit(485.729:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.538862][ T26] audit: type=1326 audit(485.729:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22761 comm="syz.0.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6f5eab6c9 code=0x7ffc0000 [ 486.753135][T22794] netlink: 188 bytes leftover after parsing attributes in process `syz.5.7937'. [ 487.061919][T22809] device syzkaller1 entered promiscuous mode [ 487.332468][T22614] Bluetooth: hci5: command 0x1009 tx timeout [ 487.434238][T22837] netlink: 96 bytes leftover after parsing attributes in process `syz.5.7956'. [ 487.491587][T22839] netlink: 44 bytes leftover after parsing attributes in process `syz.6.7958'. [ 488.473492][T22884] netlink: 57 bytes leftover after parsing attributes in process `syz.6.7979'. [ 489.031292][T22912] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7987'. [ 489.371470][T22929] netlink: 'syz.0.7997': attribute type 4 has an invalid length. [ 489.658891][T22941] fuseblk: Bad value for 'user_id' [ 490.169484][T22971] cgroup: subsys name conflicts with all [ 491.354149][T23036] tipc: New replicast peer: 2001:0000:0000:0000:0000:0000:0000:0002 [ 494.049014][T23130] binder: BINDER_SET_CONTEXT_MGR already set [ 494.080248][T23130] binder: 23129:23130 ioctl 40046207 0 returned -16 [ 494.540499][T23149] overlayfs: overlapping lowerdir path [ 494.707407][T23155] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8103'. [ 496.901147][T23171] loop1: detected capacity change from 0 to 65536 [ 498.171525][T23260] binder: Binderfs stats mode cannot be changed during a remount [ 498.347005][T23269] netlink: 836 bytes leftover after parsing attributes in process `syz.1.8155'. [ 499.318230][T23331] netlink: 44 bytes leftover after parsing attributes in process `syz.0.8184'. [ 499.366761][T23331] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8184'. [ 499.400100][T23331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8184'. [ 499.452627][T23331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8184'. [ 499.674988][T23346] loop5: detected capacity change from 0 to 2048 [ 499.766198][ T4348] loop5: p1 < > p4 [ 499.771578][ T4348] loop5: p4 size 8388608 extends beyond EOD, truncated [ 499.842306][T23346] loop5: p1 < > p4 [ 499.888873][T23355] blk_update_request: I/O error, dev loop11, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0 [ 499.937862][T23346] loop5: p4 size 8388608 extends beyond EOD, truncated [ 499.966699][T23355] EXT4-fs (loop11): unable to read superblock [ 500.272142][ T4348] udevd[4348]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 500.272224][ T4641] udevd[4641]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 500.497914][ T4641] udevd[4641]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 500.515654][ T4348] udevd[4348]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 500.535675][T23383] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8208'. [ 500.861366][T23403] syz.5.8217[23403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 500.861463][T23403] syz.5.8217[23403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 501.474915][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.495985][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.870625][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 502.870639][ T26] audit: type=1326 audit(758.720:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23471 comm="syz.6.8245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 503.008027][ T26] audit: type=1326 audit(758.770:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23471 comm="syz.6.8245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 503.094433][ T26] audit: type=1326 audit(758.770:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23471 comm="syz.6.8245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 504.780536][T23555] picdev_write: 71 callbacks suppressed [ 504.780557][T23555] kvm: pic: non byte write [ 507.680750][T23637] device veth0_to_team entered promiscuous mode [ 508.487603][T23677] device veth0_to_team entered promiscuous mode [ 508.554988][T23680] tipc: Enabling of bearer rejected, already enabled [ 509.318335][T23719] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8355'. [ 512.537317][T23849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8410'. [ 512.627376][T23849] tc_dump_action: action bad kind [ 512.759500][T23864] netlink: 'syz.6.8419': attribute type 17 has an invalid length. [ 512.853991][T23871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8422'. [ 512.900064][T23871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8422'. [ 513.044503][T23881] netlink: 84 bytes leftover after parsing attributes in process `syz.0.8426'. [ 513.416515][T23905] binder: Bad value for 'stats' [ 513.593648][T23917] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8443'. [ 514.998410][T23992] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8481'. [ 515.096803][T23996] overlayfs: missing 'lowerdir' [ 515.311276][T24010] netlink: 104 bytes leftover after parsing attributes in process `syz.2.8490'. [ 515.409767][T24020] netlink: 44 bytes leftover after parsing attributes in process `syz.1.8496'. [ 515.735842][T24036] loop2: detected capacity change from 0 to 2048 [ 515.911593][T24036] loop2: p1 < > p4 < > [ 515.977953][T24051] netlink: 140 bytes leftover after parsing attributes in process `syz.0.8510'. [ 516.133176][ T4348] udevd[4348]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 516.133420][ T4641] udevd[4641]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 516.602204][T24084] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 516.978123][T24103] netlink: 'syz.6.8535': attribute type 28 has an invalid length. [ 517.131054][T24113] netlink: 252 bytes leftover after parsing attributes in process `syz.1.8539'. [ 517.956533][ T26] audit: type=1326 audit(773.810:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 518.015114][ T26] audit: type=1326 audit(773.840:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 518.115065][ T26] audit: type=1326 audit(773.840:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 518.195893][ T26] audit: type=1326 audit(773.840:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 518.947625][ T26] audit: type=1326 audit(773.840:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 518.983377][ T26] audit: type=1326 audit(773.840:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 519.039395][ T26] audit: type=1326 audit(773.850:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 519.160045][ T26] audit: type=1326 audit(773.850:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 519.259767][ T26] audit: type=1326 audit(773.850:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=191 compat=1 ip=0x200000000006 code=0x7ffc0000 [ 519.384600][ T26] audit: type=1326 audit(773.850:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24166 comm="syz.6.8566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 521.871556][T24314] netlink: 32 bytes leftover after parsing attributes in process `syz.6.8629'. [ 521.920983][T24318] overlayfs: failed to clone lowerpath [ 524.750244][T24406] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8669'. [ 524.817954][T24410] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8671'. [ 525.022547][T24426] xt_bpf: check failed: parse error [ 525.446944][T24447] 9pnet: Insufficient options for proto=fd [ 526.072852][T24475] netlink: 104 bytes leftover after parsing attributes in process `syz.0.8701'. [ 526.634660][T24506] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8716'. [ 529.190192][T24554] @0: renamed from bond_slave_1 [ 529.771894][T24583] netlink: 36 bytes leftover after parsing attributes in process `syz.2.8749'. [ 531.893642][T24631] netlink: 312 bytes leftover after parsing attributes in process `syz.2.8771'. [ 532.165094][T24645] sctp: [Deprecated]: syz.1.8777 (pid 24645) Use of int in max_burst socket option deprecated. [ 532.165094][T24645] Use struct sctp_assoc_value instead [ 532.701918][T24651] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 532.907143][T24651] CIFS mount error: No usable UNC path provided in device string! [ 532.907143][T24651] [ 532.928533][T24651] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 534.587598][T24728] loop5: detected capacity change from 0 to 512 [ 534.687615][T24728] EXT4-fs (loop5): Ignoring removed oldalloc option [ 534.722538][T24728] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 534.783532][T24728] EXT4-fs (loop5): 1 truncate cleaned up [ 534.789310][T24728] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,oldalloc,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback. [ 535.051006][T24750] x_tables: duplicate underflow at hook 2 [ 535.208138][T24760] netlink: 204 bytes leftover after parsing attributes in process `syz.1.8828'. [ 535.511201][T24778] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8836'. [ 535.828353][T24794] loop6: detected capacity change from 0 to 256 [ 535.915559][T24794] /dev/loop6: Can't open blockdev [ 536.955856][T24810] netlink: 'syz.0.8850': attribute type 1 has an invalid length. [ 536.992616][T24810] netlink: 'syz.0.8850': attribute type 4 has an invalid length. [ 537.106515][T24810] netlink: 15294 bytes leftover after parsing attributes in process `syz.0.8850'. [ 537.150204][T24813] netlink: 68 bytes leftover after parsing attributes in process `syz.2.8851'. [ 537.851338][T24841] netlink: 17 bytes leftover after parsing attributes in process `syz.0.8864'. [ 537.899947][T24843] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8865'. [ 538.592617][ T9102] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 539.452611][ T9102] usb 3-1: Using ep0 maxpacket: 16 [ 539.605724][ T9102] usb 3-1: config 0 has an invalid interface number: 64 but max is 0 [ 539.623812][ T9102] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 539.718909][ T9102] usb 3-1: config 0 has no interface number 0 [ 539.835186][ T9102] usb 3-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 539.982281][ T9102] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 540.354224][ T9102] usb 3-1: config 0 descriptor?? [ 540.394378][ T9102] usb 3-1: Found UVC 0.00 device (0bd3:0555) [ 540.408769][ T9102] usb 3-1: No valid video chain found. [ 540.611278][ T9102] usb 3-1: USB disconnect, device number 11 [ 541.397502][T24961] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 541.574503][T24971] loop5: detected capacity change from 0 to 256 [ 541.855814][T24971] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 256) [ 541.886358][T24971] exFAT-fs (loop5): failed to load alloc-bitmap [ 541.896683][T24971] exFAT-fs (loop5): failed to recognize exfat type [ 541.906458][T24972] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(9) [ 541.913809][T24972] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 541.930282][T24974] vhci_hcd: connection closed [ 541.939722][T24972] vhci_hcd vhci_hcd.0: Device attached [ 541.972139][ T151] vhci_hcd: stop threads [ 541.989389][ T151] vhci_hcd: release socket [ 542.009594][ T151] vhci_hcd: disconnect device [ 542.314305][T24993] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8929'. [ 542.812495][T13008] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 543.732574][T13008] usb 6-1: Using ep0 maxpacket: 8 [ 543.880973][T13008] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 543.901746][T13008] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 543.922282][T13008] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 543.949197][T13008] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 543.968320][T25054] netlink: 168 bytes leftover after parsing attributes in process `syz.6.8955'. [ 543.982741][T13008] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 544.022537][T13008] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 544.328756][T13008] usb 6-1: GET_CAPABILITIES returned 0 [ 544.334399][T13008] usbtmc 6-1:16.0: can't read capabilities [ 544.355703][T25074] netlink: 'syz.1.8965': attribute type 4 has an invalid length. [ 544.574057][T22614] usb 6-1: USB disconnect, device number 8 [ 544.750043][T25097] fuse: Bad value for 'fd' [ 545.095235][T25109] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8983'. [ 545.347586][T25123] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 546.893891][T25155] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8997'. [ 547.043371][T25166] netlink: 488 bytes leftover after parsing attributes in process `syz.0.9002'. [ 547.133133][T25168] netlink: 5 bytes leftover after parsing attributes in process `syz.1.9008'. [ 547.246863][T25174] cgroup: Need name or subsystem set [ 547.844883][T25201] binder: 25200:25201 ioctl c018620c 200000000000 returned -22 [ 548.282894][T25224] netlink: 9 bytes leftover after parsing attributes in process `syz.1.9033'. [ 548.361291][ T26] audit: type=1326 audit(804.210:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25227 comm="syz.2.9034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 548.450178][ T26] audit: type=1326 audit(804.240:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25227 comm="syz.2.9034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 548.551300][ T26] audit: type=1326 audit(804.240:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25227 comm="syz.2.9034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 548.649957][ T26] audit: type=1326 audit(804.240:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25227 comm="syz.2.9034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 548.667240][T25243] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9045'. [ 548.765492][T25246] netlink: 'syz.6.9045': attribute type 5 has an invalid length. [ 548.806639][T25246] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9045'. [ 548.870683][ T26] audit: type=1326 audit(804.240:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25227 comm="syz.2.9034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa92ca066c9 code=0x7ffc0000 [ 549.757427][T25259] netlink: 188 bytes leftover after parsing attributes in process `syz.6.9050'. [ 549.899722][T25262] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9051'. [ 550.148054][T25276] loop6: detected capacity change from 0 to 128 [ 551.648748][T25317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9077'. [ 551.661286][ T4253] usb 7-1: new low-speed USB device number 13 using dummy_hcd [ 552.058735][ T4253] usb 7-1: config 16 has an invalid interface number: 175 but max is 0 [ 552.073453][ T4253] usb 7-1: config 16 has no interface number 0 [ 552.086419][ T4253] usb 7-1: config 16 interface 175 altsetting 3 endpoint 0x1 has an invalid bInterval 201, changing to 4 [ 552.111181][ T4253] usb 7-1: config 16 interface 175 altsetting 3 endpoint 0x1 has invalid maxpacket 32, setting to 0 [ 552.135126][ T4253] usb 7-1: config 16 interface 175 has no altsetting 0 [ 552.422749][ T4253] usb 7-1: string descriptor 0 read error: -22 [ 552.432126][ T4253] usb 7-1: New USB device found, idVendor=2040, idProduct=c61a, bcdDevice=f4.96 [ 552.473527][ T4253] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 552.534750][ T4253] usb 7-1: bad CDC descriptors [ 552.749364][ T8276] usb 7-1: USB disconnect, device number 13 [ 552.776559][T25356] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9095'. [ 554.494189][T25397] loop2: detected capacity change from 0 to 512 [ 554.678757][T25397] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 554.690729][T25397] EXT4-fs (loop2): inline encryption not supported [ 554.727449][T25397] EXT4-fs (loop2): Test dummy encryption mode enabled [ 554.762536][T25397] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 554.769739][T25397] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 554.924488][T25397] EXT4-fs (loop2): 1 truncate cleaned up [ 554.930211][T25397] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 555.122838][T25429] loop6: detected capacity change from 0 to 256 [ 556.079094][T25457] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9137'. [ 557.578131][T25497] sch_fq: defrate 53322 ignored. [ 557.611549][T25494] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9153'. [ 557.811294][T25506] xt_CT: You must specify a L4 protocol and not use inversions on it [ 559.256299][T25524] overlayfs: failed to clone lowerpath [ 559.967230][T25531] loop6: detected capacity change from 0 to 2048 [ 560.222616][ T8273] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 560.293139][T25550] ptrace attach of "./syz-executor exec"[25553] was attempted by "./syz-executor exec"[25550] [ 560.318056][T25556] netlink: 'syz.6.9181': attribute type 4 has an invalid length. [ 560.345949][T25556] netlink: 'syz.6.9181': attribute type 5 has an invalid length. [ 560.372753][T25556] netlink: 3657 bytes leftover after parsing attributes in process `syz.6.9181'. [ 560.457620][T25563] overlayfs: failed to clone upperpath [ 560.592602][ T8273] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 560.642631][ T8273] usb 3-1: config 220 has 1 interface, different from the descriptor's value: 3 [ 560.651711][ T8273] usb 3-1: config 220 interface 0 has no altsetting 0 [ 560.775017][T25581] netlink: 'syz.6.9193': attribute type 27 has an invalid length. [ 560.803534][T25581] netlink: 'syz.6.9193': attribute type 4 has an invalid length. [ 560.836061][T25581] netlink: 144 bytes leftover after parsing attributes in process `syz.6.9193'. [ 560.843681][ T8273] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 560.884233][ T8273] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 560.902474][ T8273] usb 3-1: Product: syz [ 560.906691][ T8273] usb 3-1: Manufacturer: syz [ 560.911329][ T8273] usb 3-1: SerialNumber: syz [ 561.111013][T25594] device syzkaller0 entered promiscuous mode [ 561.352605][T25607] netlink: 140 bytes leftover after parsing attributes in process `syz.6.9204'. [ 561.547587][ T8273] usb 3-1: Found UVC 0.00 device syz (8086:0b07) [ 561.557621][ T8273] usb 3-1: No valid video chain found. [ 561.601702][ T8273] usb 3-1: USB disconnect, device number 12 [ 561.846416][T25627] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9214'. [ 561.960260][T25631] netlink: 4100 bytes leftover after parsing attributes in process `syz.0.9216'. [ 562.388057][T25659] netlink: 'syz.0.9230': attribute type 6 has an invalid length. [ 562.923767][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.930086][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.937082][T25670] netlink: 260 bytes leftover after parsing attributes in process `syz.0.9234'. [ 563.438264][T25683] 9p: Unknown Cache mode doo [ 563.875871][T25706] netlink: 'syz.0.9249': attribute type 4 has an invalid length. [ 563.914946][T25706] netlink: 'syz.0.9249': attribute type 5 has an invalid length. [ 563.942557][T25706] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.9249'. [ 564.343369][T25651] netlink: 76 bytes leftover after parsing attributes in process `syz.5.9223'. [ 565.001549][ T26] audit: type=1326 audit(820.850:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.085282][ T26] audit: type=1326 audit(820.850:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.146822][ T26] audit: type=1326 audit(820.850:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.234644][ T26] audit: type=1326 audit(820.880:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.338772][ T26] audit: type=1326 audit(820.910:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.444757][ T26] audit: type=1326 audit(820.970:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.526624][ T26] audit: type=1326 audit(820.970:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.612653][ T26] audit: type=1326 audit(820.970:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.704856][ T26] audit: type=1326 audit(820.970:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.770084][T25807] overlayfs: failed to clone upperpath [ 565.789041][ T26] audit: type=1326 audit(820.980:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25763 comm="syz.6.9279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df3926c9 code=0x7ffc0000 [ 565.817928][T25811] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9303'. [ 565.847438][T25811] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9303'. [ 565.881844][T25811] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9303'. [ 565.984319][T25821] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9307'. [ 566.046139][T25823] device syzkaller0 entered promiscuous mode [ 566.573020][T25849] 9p: Unknown Cache mode m [ 567.874889][T25876] netlink: 56 bytes leftover after parsing attributes in process `syz.0.9339'. [ 569.280534][T25961] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9376'. [ 571.264573][T26044] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9412'. [ 571.725450][T26075] netlink: 'syz.5.9427': attribute type 1 has an invalid length. [ 573.521936][T26178] netlink: 1004 bytes leftover after parsing attributes in process `syz.2.9477'. [ 573.948542][T26204] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9489'. [ 574.247449][T26224] xt_CT: You must specify a L4 protocol and not use inversions on it [ 576.695415][T26275] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 576.725009][T26275] overlayfs: missing 'lowerdir' [ 577.323804][T26303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9534'. [ 579.601505][T26385] loop5: detected capacity change from 0 to 40427 [ 579.647124][T26385] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 579.675435][T26385] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 579.725043][T26385] F2FS-fs (loop5): invalid crc value [ 579.764521][T26385] F2FS-fs (loop5): Found nat_bits in checkpoint [ 579.894040][T26385] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 579.944482][T26385] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 580.476320][T26441] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 580.541118][T26441] overlayfs: missing 'lowerdir' [ 580.621899][T26447] 9p: Unknown access argument a [ 580.660396][T26451] netlink: 'syz.1.9605': attribute type 21 has an invalid length. [ 581.988665][T26535] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 582.028172][T26535] overlayfs: missing 'lowerdir' [ 582.750166][T26570] IPv6: NLM_F_REPLACE set, but no existing node found! [ 583.004186][T26593] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9668'. [ 583.043473][T26595] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9670'. [ 583.820448][T26655] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9699'. [ 583.847694][T26659] ------------[ cut here ]------------ [ 583.885071][T26659] wlan1: Failed check-sdata-in-driver check, flags: 0x4 [ 583.906184][T26659] WARNING: CPU: 1 PID: 26659 at net/mac80211/driver-ops.h:172 ieee80211_bss_info_change_notify+0x37b/0x550 [ 583.977005][T26659] Modules linked in: [ 583.987104][T26659] CPU: 1 PID: 26659 Comm: syz.6.9700 Not tainted syzkaller #0 [ 583.998829][T26659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 584.011104][T26659] RIP: 0010:ieee80211_bss_info_change_notify+0x37b/0x550 [ 584.033403][T26659] Code: 7d 8d f8 49 8b 84 24 00 06 00 00 49 81 c4 20 06 00 00 48 85 c0 4c 0f 45 e0 48 c7 c7 40 14 19 8b 4c 89 e6 89 ea e8 95 f1 6f 00 <0f> 0b e9 07 fd ff ff e8 a9 15 49 f8 0f 0b e9 b1 fe ff ff e8 9d 15 [ 584.058474][T26659] RSP: 0018:ffffc9000393f248 EFLAGS: 00010246 [ 584.065063][T26659] RAX: 2e0f2751d3fa2a00 RBX: 0000000000400000 RCX: 0000000000080000 [ 584.073147][T26659] RDX: ffffc9000da72000 RSI: 00000000000064f8 RDI: 00000000000064f9 [ 584.081671][T26659] RBP: 0000000000000004 R08: dffffc0000000000 R09: ffffed10172267b0 [ 584.090135][T26659] R10: ffffed10172267b0 R11: 1ffff110172267af R12: ffff8880290f0000 [ 584.098979][T26659] R13: ffff8880290f1290 R14: ffff888063918da0 R15: ffff8880290f2298 [ 584.107536][T26659] FS: 00007f43dd5f96c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 584.117644][T26659] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 584.124520][T26659] CR2: 00007fe6f60cd2f8 CR3: 0000000065df0000 CR4: 00000000003506e0 [ 584.143835][T26659] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083 [ 584.152390][T26659] DR3: ffffffffefffff15 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 584.161357][T26659] Call Trace: [ 584.170976][T26659] [ 584.174170][T26659] ? netif_carrier_off+0x1/0xc0 [ 584.179488][T26659] ieee80211_ocb_leave+0x26f/0x320 [ 584.191321][T26659] __cfg80211_leave_ocb+0x219/0x3f0 [ 584.197002][T26659] cfg80211_leave_ocb+0x53/0x70 [ 584.202042][T26659] cfg80211_change_iface+0x4f1/0xeb0 [ 584.208020][T26659] nl80211_set_interface+0x598/0x7d0 [ 584.213484][T26659] ? nl80211_dump_interface+0x5c0/0x5c0 [ 584.219541][T26659] ? mutex_lock_nested+0x17/0x20 [ 584.224646][T26659] genl_rcv_msg+0xbc6/0xf40 [ 584.230312][T26659] ? genl_bind+0x370/0x370 [ 584.235147][T26659] ? verify_lock_unused+0x140/0x140 [ 584.240582][T26659] ? verify_lock_unused+0x140/0x140 [ 584.247418][T26659] ? nl80211_dump_interface+0x5c0/0x5c0 [ 584.253306][T26659] netlink_rcv_skb+0x1e0/0x430 [ 584.258657][T26659] ? genl_bind+0x370/0x370 [ 584.263234][T26659] ? netlink_ack+0xb60/0xb60 [ 584.268463][T26659] ? __lock_acquire+0x7c60/0x7c60 [ 584.273692][T26659] ? preempt_count_add+0x8d/0x190 [ 584.279345][T26659] ? down_read+0x1aa/0x2e0 [ 584.283951][T26659] genl_rcv+0x24/0x40 [ 584.288517][T26659] netlink_unicast+0x774/0x920 [ 584.293624][T26659] netlink_sendmsg+0x8ab/0xbc0 [ 584.298893][T26659] ? netlink_getsockopt+0x560/0x560 [ 584.304390][T26659] ? aa_sock_msg_perm+0x94/0x150 [ 584.309846][T26659] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 584.315561][T26659] ? security_socket_sendmsg+0x7c/0xa0 [ 584.321188][T26659] ? netlink_getsockopt+0x560/0x560 [ 584.326864][T26659] ____sys_sendmsg+0x5a2/0x8c0 [ 584.331756][T26659] ? memset+0x1e/0x40 [ 584.338588][T26659] ? __sys_sendmsg_sock+0x30/0x30 [ 584.343670][T26659] ? import_iovec+0x6f/0xa0 [ 584.348491][T26659] ___sys_sendmsg+0x1f0/0x260 [ 584.353364][T26659] ? __sys_sendmsg+0x250/0x250 [ 584.358211][T26659] ? sock_do_ioctl+0x27c/0x2f0 [ 584.362999][T26659] ? __fdget+0x18b/0x210 [ 584.367300][T26659] __se_sys_sendmsg+0x190/0x250 [ 584.372171][T26659] ? __x64_sys_sendmsg+0x80/0x80 [ 584.377449][T26659] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 584.383447][T26659] ? lockdep_hardirqs_on+0x94/0x140 [ 584.389030][T26659] do_syscall_64+0x4c/0xa0 [ 584.393478][T26659] ? clear_bhb_loop+0x30/0x80 [ 584.398466][T26659] ? clear_bhb_loop+0x30/0x80 [ 584.403159][T26659] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 584.409365][T26659] RIP: 0033:0x7f43df3926c9 [ 584.413800][T26659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.433876][T26659] RSP: 002b:00007f43dd5f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 584.442377][T26659] RAX: ffffffffffffffda RBX: 00007f43df5e8fa0 RCX: 00007f43df3926c9 [ 584.450952][T26659] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000005 [ 584.459849][T26659] RBP: 00007f43df414f91 R08: 0000000000000000 R09: 0000000000000000 [ 584.468922][T26659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.476979][T26659] R13: 00007f43df5e9038 R14: 00007f43df5e8fa0 R15: 00007ffded918fb8 [ 584.485140][T26659] [ 584.488189][T26659] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 584.495470][T26659] CPU: 1 PID: 26659 Comm: syz.6.9700 Not tainted syzkaller #0 [ 584.502938][T26659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 584.512984][T26659] Call Trace: [ 584.516272][T26659] [ 584.519190][T26659] dump_stack_lvl+0x168/0x230 [ 584.523953][T26659] ? show_regs_print_info+0x20/0x20 [ 584.529149][T26659] ? load_image+0x3b0/0x3b0 [ 584.533679][T26659] panic+0x2c9/0x7f0 [ 584.537575][T26659] ? bpf_jit_dump+0xd0/0xd0 [ 584.542076][T26659] ? ieee80211_bss_info_change_notify+0x37b/0x550 [ 584.548608][T26659] __warn+0x248/0x2b0 [ 584.552609][T26659] ? ieee80211_bss_info_change_notify+0x37b/0x550 [ 584.559042][T26659] report_bug+0x1b7/0x2e0 [ 584.563428][T26659] handle_bug+0x3a/0x70 [ 584.567591][T26659] exc_invalid_op+0x16/0x40 [ 584.572098][T26659] asm_exc_invalid_op+0x16/0x20 [ 584.577025][T26659] RIP: 0010:ieee80211_bss_info_change_notify+0x37b/0x550 [ 584.584042][T26659] Code: 7d 8d f8 49 8b 84 24 00 06 00 00 49 81 c4 20 06 00 00 48 85 c0 4c 0f 45 e0 48 c7 c7 40 14 19 8b 4c 89 e6 89 ea e8 95 f1 6f 00 <0f> 0b e9 07 fd ff ff e8 a9 15 49 f8 0f 0b e9 b1 fe ff ff e8 9d 15 [ 584.603735][T26659] RSP: 0018:ffffc9000393f248 EFLAGS: 00010246 [ 584.609828][T26659] RAX: 2e0f2751d3fa2a00 RBX: 0000000000400000 RCX: 0000000000080000 [ 584.618104][T26659] RDX: ffffc9000da72000 RSI: 00000000000064f8 RDI: 00000000000064f9 [ 584.626195][T26659] RBP: 0000000000000004 R08: dffffc0000000000 R09: ffffed10172267b0 [ 584.634340][T26659] R10: ffffed10172267b0 R11: 1ffff110172267af R12: ffff8880290f0000 [ 584.642338][T26659] R13: ffff8880290f1290 R14: ffff888063918da0 R15: ffff8880290f2298 [ 584.650437][T26659] ? ieee80211_bss_info_change_notify+0x37b/0x550 [ 584.656959][T26659] ? netif_carrier_off+0x1/0xc0 [ 584.661900][T26659] ieee80211_ocb_leave+0x26f/0x320 [ 584.667120][T26659] __cfg80211_leave_ocb+0x219/0x3f0 [ 584.672319][T26659] cfg80211_leave_ocb+0x53/0x70 [ 584.677188][T26659] cfg80211_change_iface+0x4f1/0xeb0 [ 584.682470][T26659] nl80211_set_interface+0x598/0x7d0 [ 584.687796][T26659] ? nl80211_dump_interface+0x5c0/0x5c0 [ 584.693440][T26659] ? mutex_lock_nested+0x17/0x20 [ 584.698387][T26659] genl_rcv_msg+0xbc6/0xf40 [ 584.703101][T26659] ? genl_bind+0x370/0x370 [ 584.707519][T26659] ? verify_lock_unused+0x140/0x140 [ 584.712715][T26659] ? verify_lock_unused+0x140/0x140 [ 584.718029][T26659] ? nl80211_dump_interface+0x5c0/0x5c0 [ 584.723692][T26659] netlink_rcv_skb+0x1e0/0x430 [ 584.728444][T26659] ? genl_bind+0x370/0x370 [ 584.733054][T26659] ? netlink_ack+0xb60/0xb60 [ 584.737731][T26659] ? __lock_acquire+0x7c60/0x7c60 [ 584.742757][T26659] ? preempt_count_add+0x8d/0x190 [ 584.747812][T26659] ? down_read+0x1aa/0x2e0 [ 584.752250][T26659] genl_rcv+0x24/0x40 [ 584.756238][T26659] netlink_unicast+0x774/0x920 [ 584.760999][T26659] netlink_sendmsg+0x8ab/0xbc0 [ 584.765937][T26659] ? netlink_getsockopt+0x560/0x560 [ 584.771319][T26659] ? aa_sock_msg_perm+0x94/0x150 [ 584.776254][T26659] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 584.781526][T26659] ? security_socket_sendmsg+0x7c/0xa0 [ 584.786974][T26659] ? netlink_getsockopt+0x560/0x560 [ 584.792259][T26659] ____sys_sendmsg+0x5a2/0x8c0 [ 584.797033][T26659] ? memset+0x1e/0x40 [ 584.801023][T26659] ? __sys_sendmsg_sock+0x30/0x30 [ 584.806047][T26659] ? import_iovec+0x6f/0xa0 [ 584.810625][T26659] ___sys_sendmsg+0x1f0/0x260 [ 584.815292][T26659] ? __sys_sendmsg+0x250/0x250 [ 584.820163][T26659] ? sock_do_ioctl+0x27c/0x2f0 [ 584.825015][T26659] ? __fdget+0x18b/0x210 [ 584.829250][T26659] __se_sys_sendmsg+0x190/0x250 [ 584.834110][T26659] ? __x64_sys_sendmsg+0x80/0x80 [ 584.839057][T26659] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 584.845040][T26659] ? lockdep_hardirqs_on+0x94/0x140 [ 584.850250][T26659] do_syscall_64+0x4c/0xa0 [ 584.854669][T26659] ? clear_bhb_loop+0x30/0x80 [ 584.859339][T26659] ? clear_bhb_loop+0x30/0x80 [ 584.864033][T26659] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 584.870016][T26659] RIP: 0033:0x7f43df3926c9 [ 584.874506][T26659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.894465][T26659] RSP: 002b:00007f43dd5f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 584.902987][T26659] RAX: ffffffffffffffda RBX: 00007f43df5e8fa0 RCX: 00007f43df3926c9 [ 584.911085][T26659] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000005 [ 584.919052][T26659] RBP: 00007f43df414f91 R08: 0000000000000000 R09: 0000000000000000 [ 584.927157][T26659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.935127][T26659] R13: 00007f43df5e9038 R14: 00007f43df5e8fa0 R15: 00007ffded918fb8 [ 584.943190][T26659] [ 584.946406][T26659] Kernel Offset: disabled [ 584.951228][T26659] Rebooting in 86400 seconds..