last executing test programs: 7m51.056387517s ago: executing program 4 (id=1626): r0 = syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x800, &(0x7f0000000240), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR") ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000080)=0x2) ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f0000000340)={{}, 0x0, 0x0, 0x9, 0x13}) 7m48.767416551s ago: executing program 4 (id=1641): unshare(0x22020600) r0 = socket(0x2000000015, 0x80005, 0x0) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x1, 0x0, @loopback, 0xfffffffd}, 0x18) 7m48.223003537s ago: executing program 4 (id=1647): munmap(&(0x7f0000001000/0x1000)=nil, 0x1000) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000004080)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x9, @mcast2, 0x6}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000c40)="86d2479155dab8be5feacd2efb8f209c38bb52897e053b1215ac292652ac434e4a022f3b61e613e346fedfb0e8a126cd33e97cd99c11ed359533848da887ee43411ce6082d1c1a196f60d02c7f5dd384d730d175e35bf43dd517f446c53e7c084db56e193bed64bbc1371cbe52c16de99f19933c133906a76f48c245641b426d53a490bbd57aad020e671713ae1bcfcd35967ad12309050e6e2f3c1eadfb08c2685ad35a95edbbe20f8c3887e816318110828ed8e9be854769921894d61de3e26510373cae80ffd74aa8af00748fc37a12958e4580cacdca487156b1e920797f56b9104813ec8bec0e36204a8890b8a9dd6790dc4adc972208465214d6b1a53be7f744db167d0445d316d95fd739c1eebaa0ef3f8a5ffa0ce0c81946f7a5072d842bcc9cbb0a6ea78cef5d4c257b6487e3cfe49d93ec5e88e6ed93eca0b52e905a684657f4ad8d24a1e2313b15d8cc5e000854365db09dfb9a434504629c816b00790ce44d79838a36ebbe4ff73004d7248e479d5a3d124fba8222498e9c4844a7f0c3808520ea1d707adcc20f8ea86022828f4330bb3729fda11c633e10c390da94aad668adbb05aeea83edfc1dad1432cfd3e8ef5d848a93fb6d3298736721ea966df0a7a3d0e124ba4a7599928c84f06e4407e0afb9d098959a396499d888eacc6200864c80d2cf64611731f7184de65caeda4c89e710001f8e01f4c235fd3166d463833e528d445689c1fd58e2283b08da92ff0951d593e89a89561cf0d2413a42c5d0f992d54005f4974a379b1d8dce1b4a41bcdbe0b22eab0691775de55858f8aab574322f2d5f9718334338b8ac2d917ab49e9067b47117bf001b4753314799a910166efde5687154938239ba2652028aea888c98365f1211fc3b7f4fd953c9a9836d20594d99330beab56a7b2d23c9609273568051f508854afed2ea7c088abd604ad4a689cdcd9cc011959bc1ab0a8e315dea9019a231482c7925fbcaa0e80fd6541846c2afb9c0f3055d073a7ed38029ae4a3f29e7ffaf90db00e029802a19818eb2c738b0a9495434670d1f649d850a8c5bef010b820f1339ba81a7bab744c8086bf69d39a7771725434680c03ebe220885bc205dea60dee03b473972458913ffe19c7e43e80f181a960267d07fc28f9ec3db4797b6deb8c4b7f1d79d172e37cca9ea17d37933974a213b4ce83443874c973a757f736ec9d97e1fb0f008a7f7b9e4647e8ed1eff8c10902f3218723090a234fc5ffae69e79bafbee5f2efbe945930188794ab378c60c2631ebef15c96e2f60646e086d4c01945c4e3747bbe0e1f97f76282301d5d165dd2f2d03ee86dfe466eeacfd22f38427c9515", 0x3c1}], 0x1}}], 0x1, 0x840) 7m47.860411053s ago: executing program 4 (id=1652): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noquota}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 7m47.384659485s ago: executing program 4 (id=1658): r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0) ioctl$FIONREAD(r0, 0x7041, 0x0) read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020) 7m46.212414958s ago: executing program 4 (id=1672): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000001c0)={0x0, "0092938eda08a5513db99d08fdae429e4ae4c5bac9dd8259be4ee64b32c65e0a", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r1, 0xc0383e04, 0x0) 7m45.764335139s ago: executing program 32 (id=1672): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000001c0)={0x0, "0092938eda08a5513db99d08fdae429e4ae4c5bac9dd8259be4ee64b32c65e0a", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r1, 0xc0383e04, 0x0) 4m17.567758897s ago: executing program 5 (id=3995): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) wait4(r0, 0x0, 0x8, 0x0) wait4(r0, 0x0, 0x40000000, 0x0) 4m16.924378817s ago: executing program 5 (id=4000): r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d000009040101"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000008c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x20, 0x80, 0x1c, {0xa, 0x402, 0x6, 0x0, 0xf4c4, 0x5, 0x0, 0x1, 0x800, 0x999, 0x5, 0x9}}, 0x0, 0x0, 0x0, 0x0}) 4m14.797989383s ago: executing program 5 (id=4020): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}}) write$FUSE_DIRENTPLUS(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="10000000", @ANYRES64=r0], 0x10) 4m14.700319458s ago: executing program 5 (id=4022): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg(r1, &(0x7f0000002280)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x10}}], 0x2, 0xc000) 4m14.630910911s ago: executing program 5 (id=4023): bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 4m14.471458919s ago: executing program 5 (id=4025): mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='tran']) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$TIOCOUTQ(r0, 0x4bfb, &(0x7f0000000000)) 3m59.373745488s ago: executing program 33 (id=4025): mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='tran']) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$TIOCOUTQ(r0, 0x4bfb, &(0x7f0000000000)) 48.965773365s ago: executing program 3 (id=6121): syz_mount_image$hfs(&(0x7f0000000840), &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f0000000040)=ANY=[@ANYBLOB='codepage=macgaelic,iocharset=cp950,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6469725f756d61736b3d3030303030303030303000000000170000"], 0x1, 0x2de, &(0x7f0000000500)="$eJzs3T9v00AYx/HfOUmb/lExbRFSF1ChEiwVBQYEQxDKys6EgCaVKqIi2iIBCwUxIl4AO2+BF8EC4g3AxMQL6GZ0l4vrNLbTlsZp6PcjNbLPd+fndHZ8jyWIAJxa9+o/P9/4bf+MVFJJ0m0pkFSVypLO6Xz1xcb2+nar2cjrqORa2D+jdkvTU2d1o5nW1LZzLbzQ7pU1nSxLMr0944iiKLr7a9hBYOjc3Z8ikMb9feiOVwuOa1B2pAvDjqFoyQk2u9rVS80MMRwAwAngn/+Bf0xMuyKjIJCW/GN/dJ7/dxb6VtktJJDC3Gz1FEW5DRLPf7e6i4yd3zPu0F6+5xItezzoZIkHCaayb39M7Sura4Fp+mWVLpZgYm29rOXVt2oEeqeal6g27z4b7Uu3o0+0iym5aY7s3iq6P9kejVtR7tcJaW291Ry3G4n4OxHMHe6M/858Nd/NQxPqkxrx+q8cGTtNbqbCfTMVVGz817J7nHKtbC35gdVqtaCryll3kgV/Bq/PKKvpGUmyz84Lgp04grw43bln1f1aoT26lT6t5tJahfFeRqv5rlYlfyUsrz5r5b5KGYzOEM1H88As6o++qJ5Y/wc2viUl7sy8r3rjavoroz2esfSaZVcz7Hly7N0uF+MIvPFDjw1S1tuyDB/0RLc0s/Xq9dNSq9XctBuPUzaeT28aX1J5L6XWGfxGSTl1tLNXEllvouigPUeDDP7qsXZovz/iEnv7pFW2d1lcEhQ9Tadlo/5NeRfk6GxEkZRxaGDfUzhBtkxn0t1uWRPDjggFs+su087/3Erer+pcgmI/wpx1en6Sqa4eV+IMrnspOOs+Jw+VwU1lZ3CJM17PyBldznXpinQ5UWiUe8bQx/mfMHX90CPe/wMAAAAAAAAAAAAAAAAAAIyaIv6lwbDHCAAAAAAAAAAAAAAAAAAAAADAqDvS7/+m/R/x7vd/w0J+/xfA8fgbAAD//+uCeSM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) setresuid(0x0, 0xee01, 0x0) utimensat(r0, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0) 48.731900305s ago: executing program 3 (id=6126): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 48.508404305s ago: executing program 3 (id=6130): syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000080)='./file0\x00', 0x40, &(0x7f0000000cc0)=ANY=[], 0x4, 0xfbd, &(0x7f0000006d00)="$eJzs3U+MG+XZAPB3vPb+yS5ZL/DBAh8hH3wVgcJuSCI1vQWBeqmEuPQOCgmNWChqaCUiIJseEJUQRUKcKg4gLpRKKVKRQJUq1FPbU6v21F5QL1SqUimohxYpcZXdd7z2rCf2ztpje/37SY/ffecdz/OM19nMjO3XAZhYlY3bY8eWkxDe/vStR19+Kvn42rK7mmsc3LhNYq8eQqi19JPM9j6PC65cfulkpzYJRzZu03547FLzvvMhhPVwMHwW6uHD1bUvP3jnkUMfvTp7yxvnnnllQLvflN0PAADYiy7+fu0v9/39dw8sfXXxwIkw01yeHp/XY38+HvcfjgfK6fFyJbT3k5ZoNZ1ZbypGJbPeVGa9aiZPNSdfLbOdWs56013yTbUs67SfAAAAMI7S89p6SCorbf1KZWVl87z/ms8Xp5OV586snT47pEIBAACAwv51fuNNt2McsyNQg8jGXPoE29n9Pvz2zu+zq6iUnK9acr6JiWLPNyGEEEKI/oXjETEG0Vgs8WIDAAAAQIf5wrZZ7+9MXc2t1XvLf+nhSuf7Qx9knn/bp53o8/P/+vlnt69Qav4OBp+/NuT8193/9y/4iwMAQHF79Wgy3a/0ODqdxyA7j+BU273mp3Z6/lHJbKe6wzrz5hUcl/kG8+qcKrmOovLq3+nvcVjy6s/Ohzmq8urPztM5qvLqnym5jqLy6u9w5SeM4j/rvPrnSq6jqLz695VcR1F59c+XXEdRefUvlFxHUXn131ByHUXl1b+/5DqKyqt/XN5Wm1d/veQ6isqrf2mzGfnDiLz6byy5jqLy6r+p5DqKyqv/5pLrGJY7Y5s+Dgdy1pvvcPA3cgeDAAAAQEf/Gfv5//ZkJF3XqQ69xomPjdfYh5h/agQeg0HHfP+3+fTCCOyXGKW4sPmfYfvy2Q7LxK6iMgI1DCrmOj2HhBBCiJGM88O79AAAAACMiPRzAemn3htROj61bfyv7127TcerreOzWxtIx2tdtj/dZXymyzgAAAAQwq9eO33bm8nWfHfZz/TvdD68dN6oufDx1VBgHqPsfIQ7zb/bec92m7/zhCPjMhsbAAAAe1Xyrc+u3v/ouy8sfXXxwImWs9+r8Xw3nQe0Gq8NfBL76fsCFjL9JD2HPtGep5KzXvb6wA1523t8lzsKAAAAEyw9f6+HpLLSct5dD5XKysrW+fhyqCWnz6ydOhz76fez/HaxNnNt+UMl1w0AAAD0but8v/P5f/o9vsthOll57sza6bOb/YXm8lql9brA4tbypPW6QD2z/EjO8qOxH7+/M3x3cW5j+crJ76091e+dBwAAgAlx9sVzzzy5tnbq+5PzQzWEsKvthFHYCz/4YaA/DPsvEwAA0G9ffPFW7QdHF369+fn/rfnvrsYfDsZ+Pc7t94e4PH2fQPo5gG2f13+iPc9i3nrPt69Xz6w3FWMmU/dsy3bCxnyD7fdbystXb9/OdE6++Uy+hUy+7DwF1cz6SYe5BEOHmQDT9RYzy7PzMFYzOZJM/rs75AIAAIDU6gvPPr969sVzD5559smnTz196rmjR45/8/jxww9946HVjff1r7a+ux8AAAAYR1tv+h12JQAAAAAAAAAAAAAAAAAAADC5yvg6sWHvIwAAAEy6f54PIawLkRPpFwwOu45xj2QEahhcNGaGX8PejuDfoRCiQ/z5jeHXMAJR8fdRiN5iuOd9s+UeyzQajcYIPOYjGI1G9pvmAQAAAAbryuWXTra226wnfc3X3Fp9s7ka86btwoN/WroW6WqXHm6/XrKvr9Uw6cp+/ss/qvlnOo6/f6G/+TcuxNe3+t3//lXaN3Bi47Yae3O95r139WfLzfwhhNurPeZv2/8LITzea8Z2hzL57w295W+8m3n8n2jrVXrNf18m/74e81/K/v6fz8swe93898f8y7F/6J5e87fv4kwmW69PgK9n9v+p0Gv+zP7Xe0yY8UDMDwCTqPm/eeP8cAvps/QoIT2eno/9dH/TA9bsux92evxfyWynuuvK27ebHgfdGvvNo7r19rypndafPi4Lsb2hYJ1Z4/Kukrz6+/V7HLS8+msl11FUXv3TJddRVF79nc/ei6w0WHn1X//scXTk1d/zhYghy6t/XK4r59U/X3IdReXVv1ByHUXl1b/T/8eHJa/+/SXXUVRe/Ysl11FUXv0FL6uVLq/+pZLrKCqv/htLrqOovPpvKrmOovLqv7nkOobljtjmnQ+n55+LcSzt1zP9mQ6PZc8vhgAAAAAD9Y+RnP+v5crB0GsRQghRdtT8/RcFYmoEahBinOPfjU3DrkP0IRqLw69BjGRszIvIxErG6L3iAPTPYGezYNT5/U82v//J5vfP9aSvxCeZfmqqy3i1y3ity/h0ZjzJ3HEmbzy6KbPdRnpdM7q5y/j/xD3IG9+fuf8PM+O3dtn+cpfx27qM395l/I4u4wAAAEyGW2Lr/BAAAAD2rpd//snrv7z3ictLX108cCJMb5t3/nDsz8TX1l+L/ey896lafM3/R7H/Xmx/E9u/Zdb3/hMAAAAYvPR7Yrz+DwAAAHtX+j2lzv8BAABg71qKrfN/AAAA2LtujK3zfwAAANjDktnOi2ObXhe4O7a9zusHAIy+/43tnbE9ENu7Yvt/sU2PA+6J7f+XVB8A0D8//c6Pj7+ZbM33fzQzfiUuT9tt1jevFCSV9pn852K7L7Zf67Ge7PcB9Jo/tb/HPIPKv7jL/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3lHZuD12bDkJ4e1P33r0J9Ov//HasruaaxzcuE1irx5CqDXvl45u9X8RV7xy+aWTre3V2CbhSEhC0lweHrvUzDQfQlgPB8NnoR4+XF378oN3Hjn00auzt7xx7plXBvgQtO0fAAAA7EX/DQAA//8Q4Bqg") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x8010, 0x0, 0x0, 0x0, &(0x7f0000000000)) syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000)) rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00') 48.024184147s ago: executing program 3 (id=6134): prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) sendfile(r0, r0, 0x0, 0x3fffff) 47.250183903s ago: executing program 3 (id=6138): sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040090}, 0x2400c8c1) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x183) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) mknodat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x1000, 0xfffffff7) 47.010568823s ago: executing program 3 (id=6141): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000480)) 31.933366122s ago: executing program 34 (id=6141): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000480)) 3.440457943s ago: executing program 0 (id=6566): r0 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41) ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r0, 0x40146f2c, &(0x7f00000000c0)={0x1, 0x0, 0x3, 0x13, 0x4}) ioctl$DVB_DEMUX_DMX_REMOVE_PID(r0, 0x40026f34, &(0x7f0000000040)=0x1) ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r0, 0x40146f2c, &(0x7f0000000000)={0xc, 0x1, 0x2, 0x1, 0x4}) 3.254844622s ago: executing program 0 (id=6567): creat(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f00000005c0)='#mS\xb2j\xcb\xa18:.)\xc7\xcb\xc5\xd8\x91\xa1\"\xd5\r\x89M;\x99\xd6\x8e?K\x82\xd5\xd7\xab\x10\xea\x14\n\xea\xe9\xcc\xdc\xf3\xc0\xf8\x89\xd0\x0ep\xb1I\x04T[\r&\xf0z\xde\xc0\xf3\xcd\x9a\xae\xa8*v_(\x94]\xdf\xf1\x95!\xb3+\x1aD\xda\xa1G\x06M\xdaz2\xe9\xe6\xda\x92U\xaaN\xff\xca\xb37-<3\xb28\xb8:UQ\x95|\xe5\xaa\x0e\xe7{\xd4T\x84\x83\x86\x9d', 0x0) mount$afs(&(0x7f0000000040)=@cell={0x23, 'syz1:', 'syz0', '.backup'}, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={[{@dyn}]}) 2.983042874s ago: executing program 0 (id=6572): r0 = socket$tipc(0x1e, 0x2, 0x0) connect$tipc(r0, &(0x7f0000003100)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10) sendmmsg$inet(r0, &(0x7f0000002f40)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000002c0)="91199893b794f675ec88239fef317c764ee3a8ecbdc2a8c32d46f77944d1de9f924d05d3566b8eb8f5750393c669559d05543efa2927ef0d2b10e3d4f8541f34e1c7c8ca2d1e811f67f3dc50fdd469af72a49e684e28a364f5da124dff2b55a5536aa670b82da70bf0f19cd420371848ddc41d65649fde307c1971599f2fec84845e32bb2b6ebda099de12e8b64842024389524a1c5a97608000d1030d99e2a6e23a0bc8", 0xa4}, {&(0x7f0000000380)="11a68683394e1541cc444dff7adf30f079408cb066a6f8f4d33c4f11850de78c586d1a2ccff92e8e83fb82e447d9b88de42182e9e8c97415f41ef8a504215a2b2fdb1404c9659fdb988d0f527c3675cf2b", 0x51}, {&(0x7f0000000400)="875ad17d55c11f1ea6ec6cd17661afc73209e32142961e4660591bf3ca40d05a507ac0b0e71f7ed4c63f52a003cc8102f20dc6e33b5dc6de64ac815cf87867507cc072f0cb762aa5deb8731a699d3c7c69f85266ba51eb244f20129de491adaeb0c2d2eb13c1f215ddff92b05148f0ad513018b14798e45e55ecb916d4dd89f2df7e33c470998f325bf453f929d86196", 0x90}, {&(0x7f00000004c0)="1273dd9951adeaefffe3c4957c86dbff8693adf2202b620b3aec000cf330bb7249", 0x21}, {&(0x7f0000000500)="4167c4fd9ea8b423c01e798bbd631e888a04e31e6865a2d55b31833b82989759c0f3241bb5ebe979636a5f22244112d95d11a07cb172724ec37ef9faaf227d64f5190c9d82dfe194b2cf6d77e917e513170fa1e8e4c82dd9898b4ad23e677261595ec62844104d7ca15aa7eec90685ad92f2cd5b745910e47d703315a0d1d3a6d143575da2604e54bb1ddb295e590a1392770befa52aaf1651d375682bcf94e5da4ea37e1cde1d2a80890d896cfe4d08801bc50d9bc08480de2b2710b694ff7fb5bda12cd8a8cb8dc18bf0c265b71aef50ec0ee22e1968a4f3487d8487026bc2b721692064dcfdd1b6b6aec3e8da3d0ab7d3cc51e2db33c169e6354ea425fbfc1bc39057e64d3aff3749d60edcf0a50fe0e973b5ee3a7cd45ad967564fdbc9832869346037dabe420448b5089ab553c2c87e94befac8d3a0c2a56ca2ab778c2f34f571217c837580e8a524db35baea8024482bb32306182faaf39bb1c4e992c4440889e274952ed3d17d5e87224fec8048e6b7344270e046ab2fdda270ad4e5f651fd6eede5d42d9599265520d45d6f500fd733372a62ab4f496b56839b0d6418961a3b6016c26409daba4f2beeceeb38cc6ba75f57e8ee45d8a6c2ecc031c9469d937b9d7db91ded158ebd7f7d512d445f4104130a429ce7fce52d3fec37df953fc6e6adaa781b820b4bb6d4ffd2c10a16f9583890118793bae09157d3ac5625ad8e66a367488e2722bb82161661711d91a5540a92e3de7506861875575d40465cda28989cbc46fb3d80c2bc7e96afbde1cbd2e89103c55bde669c77b774ea570b26e93a1be5e50269ea5f3355869ac5a9701ac0e7d8f69b0a3186e118c6e2ce8e946c95bd729d94d237e5915e2711cc82826f147176a8a0555b9e11fb9a8ad736d016d202cea43b10a5102e48387ab70069b876051ac0557528c14748aa9cc0e0d9bf512533bdc83610d9f801ec4ed512a4a877e2f45b0cbe87ee25a314d481153eefe8643fb2f3e0478353552b0ae863635ab12e7bf0e4f046e8ba9cb7ce3189d52b2a27ff9e4eb5bf8b12d09d610705eec149589bdd38c951de63de4e3065e45eeb261a72c980349387514cb42467e1fe5812abaf4670e993c6fb561e5cccf7a472ee874bbfe73412bc63f706424f174afd1a3f16fb8b8305d932d33ab211d473d210b87e2f20b6ba951a2b98206793c04516fd57fc7365cec4a1831548470ebefe7f9487cc7b287b2f45eb69b4e165b9f3404d8ac84b2b57ace34de669a85fd885ecb055a6fd2ba5d5396737c702c082bfb35f3ccace91eacfc7a71b2bca1e228170ad6d194aa7c2dc2cf5f0bce153ac1befb2b82e6cf1f12d28812e309f5da0dbe1cad03172d296fa13247b1952ec988316f668aa65e1ca7e9e383b115ce5c25130955c118a0b4567bd180c07ce18bd0c459cc33ed7ba1c43262034a60711315ed81bbc95b7e3088dbd22b976fcd18bae330f08c89236f770478305fac20b5d9bd5cbc98c5c0f9713345c7362bc0e0bc78d212433bcdc6142989bc6ab82160df897825aa906d739dac905a434c90b2cbc72223011ea11480278b681cdcdf5fa63ac5f8b8f1f3ef7d4eb02f422e9fc52b98163630cd2f130f076a33bb011bb8e42800c9475f5cbee042b79fda44b6432b126f085a17553b82d9cae519ec239a9cccb99444f24b8f11e255e31e0d53a28e36949a3f8238c2ea3f4e3d8cf3b85b031c962504d00a4e7928b5fa2fab311bcc54d68738086ce70a8e5bdaf425033036a85e59aa3bb1b01f8b6c6a2e221c69e48565b55a196b2dc9cb067b4ccf8a7c81e31795a8b74e8940455126f19c8bbb9b941cc66c9443fd13e20c2074a9c3bc1740262c1fcb8e9ca5ac5729dfe6e25561eba41ccae8ca2e851affc1ab4ec912925ef7ccf72e97c577413260ccda170d75741336f837258a59da907460a2917f652c6e4ebc0467da8a95f2ceae9afcc4e0d1f4b95fc68b2f5e32af96fb12a8e7f3140dd235a30e5ad94e78cf58ad75ca8a871a70820090ba510e7563c0f78cf364369a51fa6683ff8d24924ceb922927eb0ba1395b7a4f37d92913a9688ef8428a887f1161f10aeab749f5ea8ca24e579008f542a9b785841dae071b94b5a8ba79985930f60ac2c93aa002d84b212e2e2b6c9c2a0694595dad99fd1f27d0044481ef5b364a059599ef982a114a61094b3b7d0f9a7b78d7615cc8573430e676987ab7421fde9abeb29e4529beb6a2724bed86a7b1d27ee73585892f083fad4307696a4166356b9c20a9579bbf3e8cda9ad7ec2b2bb973d05cf8d9457dc03eee2cfbf630dd917768ae652c0627e32ebb4c62951dfbd8e074dfdf02c5517ace50d5813c8d8d7f1fc0fc63a4fae5c2bcf26560c627500e03692384630be287790d545403adc500ef732d66e269b8b051aa57bb865a9b709c7a0426188daf29caf1d062b104592b4f6acc86895956d8085424dba0bfafdf900419f2227db1eca75b338091d23da2067566c6d54de1604bf8d4cce8a0b4484c4645a305861bc46ebccafbe500e01d51236b40027d1b2c7a72937b15899bb982c880d83ed6b70502bd0d68d2a2146a85c6518a11c386df610243ec513e7a284a81c841f9201ee3b9d3a8f44cdf52ec842e07c1f2f35e2a5b17278dce1f9b7fa09866ecb0d2e78fc8095b7dee81d3e308fd10a1490036194bfa89c118bd9c72d4747b90724d7bd0a7ead28c89c23cc6667c1a8b362ca5385d24b2c1265957764a4e46176365a5348bcf85c457921e7fa6c9e165b6c4d8bd9e8782c96839a5fd2679cd08f656ca5b41d00f8429d517a0d776049918e73b4a258fd2a1576b6420b67fc9ff3520556881ef4838e973f552edebde686af1d55e6172e5bb9b01543d32c0c7753b380dd9ed3f5c0b663a9b1bcb4bd36a365172aeee96a8d69c1e5c5b6c88fc9453ace6aa24bdfc1cfa27ea8cc36c80cace296259545a4e155d154ccbf00ae4ff912c583c871b7cdb46813584ea14bb6943d16b3f12e8fe149076e5e646e1dca0bf121a2e2fa09816e9056aa1143988ff17c21c49981445d98d88fd4bba6a59d9f97d301d90e3754103389b36308713c1ba31031e42f2d759343a95bbae9c01a3bb3e6b537b658d1c028c8ec3126bf79db223a3320e25a671ef834c924f02c1bbab338517accb8378f945cb1d65d4dff90f1e3af8168e33a5a124aef715b656075f6a62099afa110f2fe5eb83e0b3e36df91be2125be6500e5f3a81f8bc116f42734c784f6bb6c7e968610243b06026a9def4e85f8344fae36602aa3795cf71ecf7e57a3da0bef859daf649abc6390e86edaa84eefe48999ddba9067b90dd5ea2477f150ab588dadfe79ab7524157d1b94c738ca3345ce8657bfac981cb30b7c0f05f96dafcdce3e41471943609b121de1eda3e95a1c31bada084beec699512c7d5cec71e06a57c177ca1f383120bf46a9c805c9220d3d0c6807d60e6b7f9c80de1d815bdf1ebe62338862719eab55ef4971a69c76aa2f25c3c9d0c2e5c7857a86f9ab26c3c6aa395f2c366548f60a40abbe14dd011358d9b3695b8a091e16552478aeee1e2e91abd67deeb15732f428c3304a2bf2e4cbb3768875b35d126ca46d29e506ee1e0aba7a17eba27c19d7626064c0a17d7ee7f2f220e5e28bd7d691dffa84f2a2f92c924b87da382ae9a688ad4322fa0cc72604fc43e17002b8f3844a7431205de46818310d0fcf4676f45c9941dde767c9a4376e13cd7e91308cc0df25a4c79e390674fa0161695cc9e9bee12620d8571a4b3800370cd01bf0546758a048563539edf15d58b108159ea5fe0f038281c7855bbd92cc86de38df60b8597f4bce4ae9cae1647b5024bfb73630cdf4d1827a5f0ff779a1e6c6efbc6561d06b249986703b9dc61a63e2068e4786e6a8be34a808143301ef00f21bee8399d88ecffddb4867790d4d1cbe827a5a220834ba831d3ba424ff8fc9a99b175d2feca9f581e24bb69bdc4f64a6ea0c9c37d6976d15e9388519a2bed100a2a8358215a8b63b6e25a677875ee2bc3fd9c77783b39a166b863376b496775b83804a2c7f5363cca9ade819034afc2f7b40ffc316089556dec2e55e1bd92c9b905d6b1b9160d6c492d4384acd7e380874939b1ab02dbbacfbedd74cd524b4eab643e8b92d38d9fae446afd8d774d1c933bce8c341f0ff283acec3bbbbfdb06a15eb88ca6600542dda45334a374e31bae", 0xba7}], 0x5}}], 0x300, 0x0) getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000001100), &(0x7f0000001140)=0x4) 2.836000231s ago: executing program 2 (id=6574): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x40045b0a, &(0x7f0000000040)) 2.784854783s ago: executing program 7 (id=6575): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r1}) 2.588468122s ago: executing program 7 (id=6577): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) io_uring_enter(0xffffffffffffffff, 0x0, 0xa9e7, 0x3, 0x0, 0x0) 2.231980409s ago: executing program 0 (id=6579): r0 = semget$private(0x0, 0x5, 0x0) semop(r0, &(0x7f0000000000)=[{0x3, 0xfff7, 0x1000}], 0x1) semop(r0, &(0x7f00000000c0)=[{0x3, 0xa78d, 0x1000}], 0x1) semtimedop(r0, &(0x7f0000000040)=[{0x0, 0x8}, {0x2, 0xff2e}], 0x2, &(0x7f0000000100)) 1.668427194s ago: executing program 1 (id=6583): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x180c8, &(0x7f00000006c0)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c73055fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x242, &(0x7f0000000800)="$eJzs3bFqFFEUBuBjskmWNKYWiwEbq0WtbBeJIA4IK1No5UC0SUSYNKPVPIbP4CP5GKnSjZhZsklcbczm7s58Hyz3wM/Cuc3eLc6d+fDw8/HRl9NP7c/vMR5nMYpo2jbiILZiOzr35uvWRb0bVzUBAGya2aycpu6B1aqqabkTEXt/JMWPJA0BAAAAAAAAAADw35bN/8e5+X8A6DPz//1XVdNyf/7/7Trz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA65217v/3HJ3V/AMDtc/4DwPA4/wFgeJz/ADA8b9+9fz3N88NZlo0jzpq6qItu7fKXr/LDJ9mFg8W3zuq62L7Mn3Z5dj3fif15/mxpvhuPH3X57+zFm/xGvhdHq98+AAAAAAAAAAAAAAAAAAAArIVJdmnp/f7J5G95V115PsCN+/ujeDC6s20AAAAAAAAAAAAAAAAAAADARjv9+u24PDn5WCl6U8TztWjjrouItWijL0XqXyYAAAAAAAAAAAAAAAAAABiexaXf1J0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDqL9/+vroiIpu2k3i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQY78CAAD//139ms4=") keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB=':s'], 0x2a, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x39) 1.484896203s ago: executing program 1 (id=6585): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000002c0)={0x0, 0xfec5, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fcdbdf254400000008000300", @ANYRES32=r2, @ANYBLOB="0a001800030303030303000004005a8020005a8018000080140005"], 0x4c}}, 0x4040810) 1.366957298s ago: executing program 7 (id=6587): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file1\x00', 0x200000, &(0x7f0000000000), 0x1, 0xbc7, &(0x7f00000017c0)="$eJzs3M1rHOUfAPDvTDbv+TXpD1FbBANSFcVt2pQKPbWeRQU9eGxMNiVk+2ISwYQc0npXDyIeCtI/QfBuL54ED/Wg9S8oYpGil7aHldmXZO2+JE03GVs/H3gyzzPPZL/fb6e78wzsJID/rMnsRxpxKCLOJhHj9f1pRAxUe0MRG7Xj7t1Zn81aEpXKu38kkUTE3Tvrs43XSurb0fpgKCJuvJHE/z9pjbu8urY4Uy6XlurjoyvnLx1dXl17beH8zLnSudKFE9Ovn5g+OT3dw1pvXfrgq+d+euvFK9c+nXr7ywM/JHE6xupzzXX0ymRMbv6bNCtExEyvg+Wkr15Pc51JIceEAADoKm1awz0d49EXW4u38fj+51yTAwAAAHqi0hdRAQAAAJ5wSdf7/+H9SwQAAADYI43vAdy9sz7baPl+I2F/3T4TERO1+hvPN9dmCrFR3Q5Ff0SM/JlE82OtSe3XHtlkFunbH0tZiz16DrmbjcsR8WwMRcv5T6r1T1Sf4m6tP42IqR7En3xgnFP9bf7/b1//6R7Ef7j6B3sQEQAirp+pXchar3/p5von2lz/Cm2uXbuR9/W/sf6717L+26q/r8P6750dxjh8/5Ubneaa13/vf/brXBY/2z5SUQ/h9uWIw4V29Seb9Scd6j+7wxijs7eudprL6s/qbbR29a/376aynalcizhSXc211t+QdPv7REfnF8qlqdrPNq+/erJ7/Obzn7UsfuNeYMtGL0ptKzv/I7G7839phzEmnvn9UKe57etPfxtI3qv2Bup7Pp5ZWVk6FjGQvNm6/3j3XBrHNF4jq//lF7q//9vV31c/K0n9XuByfZuNrzwQc/TI8W92X//eyuqf2+X5/3yHMb7+7uqHnebyrh8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0MaEWORpMXNfpoWixGjEfFUjKTli8srr85f/OjCXDYXMRH96fxCuTQVEeO1cZKNj1X7W+PjD4ynI+JgRHwxPlwdF2cvlufyLh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBNoxExFklajIg0Iv4aT9NiMe+sAAAAgJ6byDsBAAAAYM+5/wcAAIAnX8v9f+Efo6H9zAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAn0sHnr99MImLj1HC1ZQbqc/25ZgbstXRnh43sdR7A/uvLOwEgN4WmfqVSqeSYCrDPhvJOAMhdss1858+JwZ7nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC/10uHrt9MImLj1HC1ZQbqc/25ZgbstTTvBIDc9HWbTLbdATzGCnknAOTGPT5QW9nfr9S0zg91/M3BR44KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwONjrNqStBgRabWfpsVixP8iYiL6k/mFcmkqIg5ExC/j/YPZ+FjeSQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBzy6trizPlcmlJR0enh53h2LdYw/U3c4djBjtPdenk/MEEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAullfXFmfK5dLSct6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHlbXl1bnCmXS0u77kRsd0zeNQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkJ+/AwAA//86SAgK") chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x2) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3f00, 0x0, 0x0}) 1.248293114s ago: executing program 1 (id=6588): prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) syz_init_net_socket$bt_cmtp(0x1f, 0x3, 0x5) 1.199539616s ago: executing program 0 (id=6589): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) munlock(&(0x7f00004a8000/0x2000)=nil, 0x2000) 1.158128487s ago: executing program 6 (id=6590): syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x0) r0 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x100, 0x1}, &(0x7f00000029c0)=0x0, &(0x7f0000002a00)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0) 1.035852453s ago: executing program 2 (id=6591): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r0, &(0x7f0000000340)={&(0x7f00000008c0)={0xa, 0x4e20, 0x80000, @dev={0xfe, 0x80, '\x00', 0x23}, 0xfffffffe}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}, 0x40c0) 1.018039044s ago: executing program 1 (id=6592): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r0, &(0x7f0000000000)={&(0x7f00000001c0)={0xa, 0x4e20, 0x80000, @dev={0xfe, 0x80, '\x00', 0x20}}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[@dstopts={{0x18, 0x29, 0x37, {0x2f}}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x29}}}], 0x30}, 0x40440c0) 938.014878ms ago: executing program 6 (id=6593): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x24, &(0x7f0000000040)=0x1, 0x17) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000000780)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/27, 0x1b}, 0x2a4}], 0x39, 0x100, 0x0) 925.031248ms ago: executing program 7 (id=6594): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000300), 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x9}, 0x8) sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f00000001c0)={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000340)='\x00', 0x1}], 0x1, 0x0, 0x0, 0x80fe}, 0x0) 847.823242ms ago: executing program 1 (id=6595): r0 = socket$tipc(0x1e, 0x2, 0x0) connect$tipc(r0, &(0x7f0000003100)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10) sendmmsg$inet(r0, &(0x7f0000002f40)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000002c0)="91199893b794f675ec88239fef317c764ee3a8ecbdc2a8c32d46f77944d1de9f924d05d3566b8eb8f5750393c669559d05543efa2927ef0d2b10e3d4f8541f34e1c7c8ca2d1e811f67f3dc50fdd469af72a49e684e28a364f5da124dff2b55a5536aa670b82da70bf0f19cd420371848ddc41d65649fde307c1971599f2fec84845e32bb2b6ebda099de12e8b64842024389524a1c5a97608000d1030d99e2a6e23a0bc8", 0xa4}, {&(0x7f0000000380)="11a68683394e1541cc444dff7adf30f079408cb066a6f8f4d33c4f11850de78c586d1a2ccff92e8e83fb82e447d9b88de42182e9e8c97415f41ef8a504215a2b2fdb1404c9659fdb988d0f527c3675cf2b", 0x51}, {&(0x7f0000000400)="875ad17d55c11f1ea6ec6cd17661afc73209e32142961e4660591bf3ca40d05a507ac0b0e71f7ed4c63f52a003cc8102f20dc6e33b5dc6de64ac815cf87867507cc072f0cb762aa5deb8731a699d3c7c69f85266ba51eb244f20129de491adaeb0c2d2eb13c1f215ddff92b05148f0ad513018b14798e45e55ecb916d4dd89f2df7e33c470998f325bf453f929d86196", 0x90}, {&(0x7f00000004c0)="1273dd9951adeaefffe3c4957c86dbff8693adf2202b620b3aec000cf330bb7249", 0x21}, {&(0x7f0000000500)="4167c4fd9ea8b423c01e798bbd631e888a04e31e6865a2d55b31833b82989759c0f3241bb5ebe979636a5f22244112d95d11a07cb172724ec37ef9faaf227d64f5190c9d82dfe194b2cf6d77e917e513170fa1e8e4c82dd9898b4ad23e677261595ec62844104d7ca15aa7eec90685ad92f2cd5b745910e47d703315a0d1d3a6d143575da2604e54bb1ddb295e590a1392770befa52aaf1651d375682bcf94e5da4ea37e1cde1d2a80890d896cfe4d08801bc50d9bc08480de2b2710b694ff7fb5bda12cd8a8cb8dc18bf0c265b71aef50ec0ee22e1968a4f3487d8487026bc2b721692064dcfdd1b6b6aec3e8da3d0ab7d3cc51e2db33c169e6354ea425fbfc1bc39057e64d3aff3749d60edcf0a50fe0e973b5ee3a7cd45ad967564fdbc9832869346037dabe420448b5089ab553c2c87e94befac8d3a0c2a56ca2ab778c2f34f571217c837580e8a524db35baea8024482bb32306182faaf39bb1c4e992c4440889e274952ed3d17d5e87224fec8048e6b7344270e046ab2fdda270ad4e5f651fd6eede5d42d9599265520d45d6f500fd733372a62ab4f496b56839b0d6418961a3b6016c26409daba4f2beeceeb38cc6ba75f57e8ee45d8a6c2ecc031c9469d937b9d7db91ded158ebd7f7d512d445f4104130a429ce7fce52d3fec37df953fc6e6adaa781b820b4bb6d4ffd2c10a16f9583890118793bae09157d3ac5625ad8e66a367488e2722bb82161661711d91a5540a92e3de7506861875575d40465cda28989cbc46fb3d80c2bc7e96afbde1cbd2e89103c55bde669c77b774ea570b26e93a1be5e50269ea5f3355869ac5a9701ac0e7d8f69b0a3186e118c6e2ce8e946c95bd729d94d237e5915e2711cc82826f147176a8a0555b9e11fb9a8ad736d016d202cea43b10a5102e48387ab70069b876051ac0557528c14748aa9cc0e0d9bf512533bdc83610d9f801ec4ed512a4a877e2f45b0cbe87ee25a314d481153eefe8643fb2f3e0478353552b0ae863635ab12e7bf0e4f046e8ba9cb7ce3189d52b2a27ff9e4eb5bf8b12d09d610705eec149589bdd38c951de63de4e3065e45eeb261a72c980349387514cb42467e1fe5812abaf4670e993c6fb561e5cccf7a472ee874bbfe73412bc63f706424f174afd1a3f16fb8b8305d932d33ab211d473d210b87e2f20b6ba951a2b98206793c04516fd57fc7365cec4a1831548470ebefe7f9487cc7b287b2f45eb69b4e165b9f3404d8ac84b2b57ace34de669a85fd885ecb055a6fd2ba5d5396737c702c082bfb35f3ccace91eacfc7a71b2bca1e228170ad6d194aa7c2dc2cf5f0bce153ac1befb2b82e6cf1f12d28812e309f5da0dbe1cad03172d296fa13247b1952ec988316f668aa65e1ca7e9e383b115ce5c25130955c118a0b4567bd180c07ce18bd0c459cc33ed7ba1c43262034a60711315ed81bbc95b7e3088dbd22b976fcd18bae330f08c89236f770478305fac20b5d9bd5cbc98c5c0f9713345c7362bc0e0bc78d212433bcdc6142989bc6ab82160df897825aa906d739dac905a434c90b2cbc72223011ea11480278b681cdcdf5fa63ac5f8b8f1f3ef7d4eb02f422e9fc52b98163630cd2f130f076a33bb011bb8e42800c9475f5cbee042b79fda44b6432b126f085a17553b82d9cae519ec239a9cccb99444f24b8f11e255e31e0d53a28e36949a3f8238c2ea3f4e3d8cf3b85b031c962504d00a4e7928b5fa2fab311bcc54d68738086ce70a8e5bdaf425033036a85e59aa3bb1b01f8b6c6a2e221c69e48565b55a196b2dc9cb067b4ccf8a7c81e31795a8b74e8940455126f19c8bbb9b941cc66c9443fd13e20c2074a9c3bc1740262c1fcb8e9ca5ac5729dfe6e25561eba41ccae8ca2e851affc1ab4ec912925ef7ccf72e97c577413260ccda170d75741336f837258a59da907460a2917f652c6e4ebc0467da8a95f2ceae9afcc4e0d1f4b95fc68b2f5e32af96fb12a8e7f3140dd235a30e5ad94e78cf58ad75ca8a871a70820090ba510e7563c0f78cf364369a51fa6683ff8d24924ceb922927eb0ba1395b7a4f37d92913a9688ef8428a887f1161f10aeab749f5ea8ca24e579008f542a9b785841dae071b94b5a8ba79985930f60ac2c93aa002d84b212e2e2b6c9c2a0694595dad99fd1f27d0044481ef5b364a059599ef982a114a61094b3b7d0f9a7b78d7615cc8573430e676987ab7421fde9abeb29e4529beb6a2724bed86a7b1d27ee73585892f083fad4307696a4166356b9c20a9579bbf3e8cda9ad7ec2b2bb973d05cf8d9457dc03eee2cfbf630dd917768ae652c0627e32ebb4c62951dfbd8e074dfdf02c5517ace50d5813c8d8d7f1fc0fc63a4fae5c2bcf26560c627500e03692384630be287790d545403adc500ef732d66e269b8b051aa57bb865a9b709c7a0426188daf29caf1d062b104592b4f6acc86895956d8085424dba0bfafdf900419f2227db1eca75b338091d23da2067566c6d54de1604bf8d4cce8a0b4484c4645a305861bc46ebccafbe500e01d51236b40027d1b2c7a72937b15899bb982c880d83ed6b70502bd0d68d2a2146a85c6518a11c386df610243ec513e7a284a81c841f9201ee3b9d3a8f44cdf52ec842e07c1f2f35e2a5b17278dce1f9b7fa09866ecb0d2e78fc8095b7dee81d3e308fd10a1490036194bfa89c118bd9c72d4747b90724d7bd0a7ead28c89c23cc6667c1a8b362ca5385d24b2c1265957764a4e46176365a5348bcf85c457921e7fa6c9e165b6c4d8bd9e8782c96839a5fd2679cd08f656ca5b41d00f8429d517a0d776049918e73b4a258fd2a1576b6420b67fc9ff3520556881ef4838e973f552edebde686af1d55e6172e5bb9b01543d32c0c7753b380dd9ed3f5c0b663a9b1bcb4bd36a365172aeee96a8d69c1e5c5b6c88fc9453ace6aa24bdfc1cfa27ea8cc36c80cace296259545a4e155d154ccbf00ae4ff912c583c871b7cdb46813584ea14bb6943d16b3f12e8fe149076e5e646e1dca0bf121a2e2fa09816e9056aa1143988ff17c21c49981445d98d88fd4bba6a59d9f97d301d90e3754103389b36308713c1ba31031e42f2d759343a95bbae9c01a3bb3e6b537b658d1c028c8ec3126bf79db223a3320e25a671ef834c924f02c1bbab338517accb8378f945cb1d65d4dff90f1e3af8168e33a5a124aef715b656075f6a62099afa110f2fe5eb83e0b3e36df91be2125be6500e5f3a81f8bc116f42734c784f6bb6c7e968610243b06026a9def4e85f8344fae36602aa3795cf71ecf7e57a3da0bef859daf649abc6390e86edaa84eefe48999ddba9067b90dd5ea2477f150ab588dadfe79ab7524157d1b94c738ca3345ce8657bfac981cb30b7c0f05f96dafcdce3e41471943609b121de1eda3e95a1c31bada084beec699512c7d5cec71e06a57c177ca1f383120bf46a9c805c9220d3d0c6807d60e6b7f9c80de1d815bdf1ebe62338862719eab55ef4971a69c76aa2f25c3c9d0c2e5c7857a86f9ab26c3c6aa395f2c366548f60a40abbe14dd011358d9b3695b8a091e16552478aeee1e2e91abd67deeb15732f428c3304a2bf2e4cbb3768875b35d126ca46d29e506ee1e0aba7a17eba27c19d7626064c0a17d7ee7f2f220e5e28bd7d691dffa84f2a2f92c924b87da382ae9a688ad4322fa0cc72604fc43e17002b8f3844a7431205de46818310d0fcf4676f45c9941dde767c9a4376e13cd7e91308cc0df25a4c79e390674fa0161695cc9e9bee12620d8571a4b3800370cd01bf0546758a048563539edf15d58b108159ea5fe0f038281c7855bbd92cc86de38df60b8597f4bce4ae9cae1647b5024bfb73630cdf4d1827a5f0ff779a1e6c6efbc6561d06b249986703b9dc61a63e2068e4786e6a8be34a808143301ef00f21bee8399d88ecffddb4867790d4d1cbe827a5a220834ba831d3ba424ff8fc9a99b175d2feca9f581e24bb69bdc4f64a6ea0c9c37d6976d15e9388519a2bed100a2a8358215a8b63b6e25a677875ee2bc3fd9c77783b39a166b863376b496775b83804a2c7f5363cca9ade819034afc2f7b40ffc316089556dec2e55e1bd92c9b905d6b1b9160d6c492d4384acd7e380874939b1ab02dbbacfbedd74cd524b4eab643e8b92d38d9fae446afd8d774d1c933bce8c341f0ff283acec3bbbbfdb06a15eb88ca6600542dda45334a374e31bae", 0xba7}], 0x5}}], 0x300, 0x0) getsockopt$TIPC_SOCK_RECVQ_DEPTH(r0, 0x10f, 0x84, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 717.194988ms ago: executing program 2 (id=6596): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000580)={0x1, @pix_mp={0xfffffffc, 0x2, 0x59455247, 0x4, 0x2, [{}, {0x277c}, {}, {}, {}, {0xd360}, {0x7, 0xfffffffd}, {0x0, 0x80000}], 0x10, 0xfc, 0x0, 0x0, 0x5}}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000240)=0x1) 716.756868ms ago: executing program 6 (id=6597): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001580)={0x2c, r0, 0x1, 0x71bd25, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc0}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x405c000}, 0x0) 566.912854ms ago: executing program 7 (id=6598): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0) fcntl$notify(r0, 0x402, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='loginuid\x00') preadv(r1, &(0x7f0000000280)=[{&(0x7f0000001a00)=""/4107, 0x100b}], 0x1, 0x14a, 0x0) 535.703146ms ago: executing program 2 (id=6599): ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="03009000"}) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xffffffffffffff67) ioctl$sock_netdev_private(r0, 0x8924, &(0x7f0000000000)) 456.424569ms ago: executing program 6 (id=6600): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x400) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x29d, 0x0, 0x3}]}) 346.249324ms ago: executing program 7 (id=6601): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)={0x1c0, 0x39, 0x0, 0x70bd2b, 0xfffffffc, {0x9}, [@generic="5c4f8c4c65a0068025236291dca6c1719ef6443dad14ce9f76c9f1266adf8584baf58367a76ecf79a6e5d71c06c54ee2b26841f25262bcfc572c485a5c7e9f54a912191df3afa7eab4ee087a28d000d6a8f5620880420cfcb467", @nested={0x85, 0x13e, 0x0, 0x1, [@nested={0x18, 0xb9, 0x0, 0x1, [@typed={0x4, 0xff}, @typed={0x4, 0x4c, 0x0, 0x0, @binary}, @typed={0xc, 0x90, 0x0, 0x0, @u64=0xfffffffffffffff5}]}, @typed={0x8, 0xc0, 0x0, 0x0, @uid}, @nested={0x29, 0x6b, 0x0, 0x1, [@nested={0x4, 0x68}, @nested={0x4, 0x80}, @generic="1fb3d829fe91b751038a72451c7f5611e9", @nested={0x4, 0x73}, @typed={0x8, 0x1b, 0x0, 0x0, @pid}]}, @generic="41707a8ae0fcab09b6cbc43f261417087248303050de94f5121fba08ad3d99ee09cae821c3a4f627f91177090b42a081a5a3a1bbfe"]}, @nested={0xc8, 0xde, 0x0, 0x1, [@generic="91d1b4d1da451be3a63bec9202e4abac3494813d064f4fc872a9be7b9d84cbf52193a1cb0a30091daa56d473785408f1cb2b6c9fb6da7a556342a79b032681aa5dc77592bb3585d0b34ca058876f05a2c7e63cef528b09e4c48773494fc8a829bef20a28a2fad00e56880ae5c905ba07833354e41468ae0a71c427605c8d251f27aff47c04993153eef92365c03f6bf6a17f7e5643217757afd1a7b588d2370083352ad469b4f9c344726cbfdcc607ae4261567596cae9b1da37176459f95988ee3c90fe"]}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x448d3}, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xffffffffffffff85, &(0x7f00000000c0)=ANY=[]) 330.191435ms ago: executing program 2 (id=6602): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) listxattr(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0) 247.206819ms ago: executing program 6 (id=6603): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010100000000000000002b00000008000300", @ANYRES32=r2, @ANYBLOB="1e00940000401effffffffffffff7f000003001300000001000500000009000005003400c4000000080026006c09000008006b00"], 0x74}, 0x1, 0x0, 0x0, 0x4010}, 0x0) 156.313853ms ago: executing program 2 (id=6604): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket(0x10, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xb, "000b000000000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) 142.306954ms ago: executing program 1 (id=6605): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe, 0x0, &(0x7f0000000180)="3d25ff005b19c4cbe601709b0800", 0x0, 0xda, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 29.163399ms ago: executing program 6 (id=6606): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe3a) 0s ago: executing program 0 (id=6607): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x100]}}, 0x5c) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000240)=0xa, 0x4) kernel console output (not intermixed with test programs): vice number 11 [ 557.260992][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 557.371194][T18077] netlink: 'syz.2.5341': attribute type 1 has an invalid length. [ 557.378962][T18077] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5341'. [ 557.972944][ T4415] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 558.155430][T18098] netlink: 'syz.0.5350': attribute type 3 has an invalid length. [ 558.175597][ T4415] usb 4-1: Using ep0 maxpacket: 16 [ 558.189808][T18098] netlink: 72 bytes leftover after parsing attributes in process `syz.0.5350'. [ 558.209560][ T4415] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 558.228774][ T4415] usb 4-1: config 0 interface 0 has no altsetting 0 [ 558.266541][ T4415] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 558.298458][ T4415] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 558.331154][ T4415] usb 4-1: config 0 descriptor?? [ 558.347240][T18100] loop1: detected capacity change from 0 to 4096 [ 558.365957][T18100] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 558.367087][T18102] netlink: 7 bytes leftover after parsing attributes in process `syz.2.5352'. [ 558.406974][T18100] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 558.414790][T18104] hugetlbfs: syz.0.5353 (18104): Using mlock ulimits for SHM_HUGETLB is obsolete [ 558.423718][T18100] ntfs3: loop1: Failed to load $Extend. [ 558.518255][T18084] loop6: detected capacity change from 0 to 40427 [ 558.588992][T18084] F2FS-fs (loop6): build fault injection attr: rate: 684, type: 0x3ffff [ 558.617741][T18084] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x35f7 [ 558.648238][T18105] ntfs3: loop1: ino=21, "freezer.parent_freezing" failed to extend initialized size to 208e24b. [ 558.659720][T18084] F2FS-fs (loop6): invalid crc value [ 558.681511][T18084] F2FS-fs (loop6): Found nat_bits in checkpoint [ 558.760297][ T4415] nzxt-smart2 0003:1E71:2009.0030: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0 [ 558.798316][ T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 558.871289][ T35] net_ratelimit: 1 callbacks suppressed [ 558.871304][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 558.905599][T18084] F2FS-fs (loop6): Start checkpoint disabled! [ 558.951181][T18084] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 559.080647][ T4415] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 559.115318][T18116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5357'. [ 559.169558][ T4312] usb 4-1: USB disconnect, device number 30 [ 559.272042][ T4415] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 559.311410][ T4415] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16648, setting to 1024 [ 559.340754][ T4415] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 559.349996][T18122] input: syz1 as /devices/virtual/input/input45 [ 559.365032][ T4415] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 559.396404][ T4415] usb 3-1: config 0 descriptor?? [ 559.444931][T18124] loop1: detected capacity change from 0 to 64 [ 559.501474][ T4637] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.509889][ T4637] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.530995][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.539595][ T4311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.551239][ T4321] kworker/u4:6: attempt to access beyond end of device [ 559.551239][ T4321] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 559.820055][ T4415] keytouch 0003:0926:3333.0031: fixing up Keytouch IEC report descriptor [ 559.848609][ T4415] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0031/input/input46 [ 559.985911][ T4415] keytouch 0003:0926:3333.0031: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 560.019504][ C0] usb 3-1: input irq status -75 received [ 560.128723][T18139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 560.255735][ T7498] usb 3-1: USB disconnect, device number 35 [ 560.310417][ T4415] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 560.414809][T18140] fido_id[18140]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 560.453819][T18151] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 560.653169][T18153] loop0: detected capacity change from 0 to 8192 [ 560.674552][T18153] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 560.707417][T18153] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 560.744436][T18153] REISERFS (device loop0): using ordered data mode [ 560.781189][ T4321] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 560.807866][T18153] reiserfs: using flush barriers [ 560.817989][T18153] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 560.848881][T18153] REISERFS (device loop0): checking transaction log (loop0) [ 560.943747][T18166] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5378'. [ 560.955299][T18153] REISERFS (device loop0): Using r5 hash to sort names [ 560.979927][T18153] REISERFS (device loop0): using 3.5.x disk format [ 561.005338][T18153] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 561.185917][ T4311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 561.209612][T18173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5382'. [ 561.422796][ T6517] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 562.357676][T18220] loop2: detected capacity change from 0 to 512 [ 562.435120][T18217] loop1: detected capacity change from 0 to 4096 [ 562.507146][T18220] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.5403: inode has both inline data and extents flags [ 562.561946][T18220] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.5403: couldn't read orphan inode 15 (err -117) [ 562.584566][T18220] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 562.706629][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.713006][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.844890][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 563.090651][ T27] audit: type=1326 audit(1774664787.074:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18239 comm="syz.2.5411" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc433f9c799 code=0x0 [ 563.988871][ T9] net_ratelimit: 3 callbacks suppressed [ 563.988888][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 564.178999][T18279] input: syz1 as /devices/virtual/input/input47 [ 564.230719][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 564.736122][T18289] program syz.1.5434 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 564.931484][T18292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 564.959666][T18292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 564.981162][T18292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 564.999974][T18291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 565.009039][T18291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 565.248228][T18299] loop6: detected capacity change from 0 to 8192 [ 565.262567][ T4637] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 566.094176][T18327] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 566.150659][ T126] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 566.340828][ T126] usb 7-1: Using ep0 maxpacket: 16 [ 566.348315][ T126] usb 7-1: config 0 has an invalid interface number: 4 but max is 0 [ 566.383390][ T126] usb 7-1: config 0 has no interface number 0 [ 566.410871][ T126] usb 7-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 566.426149][ T126] usb 7-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 566.436309][ T126] usb 7-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 566.445984][ T126] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 566.481415][ T126] usb 7-1: config 0 descriptor?? [ 566.501110][ T4311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 566.514750][T18339] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5456'. [ 566.916805][T18319] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 566.960954][T18319] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 566.974833][ T126] hid (null): unknown global tag 0xc [ 566.980167][ T126] hid (null): unknown global tag 0xc [ 567.023823][ T126] hid (null): unknown global tag 0xd [ 567.209531][ T4415] usb 7-1: USB disconnect, device number 12 [ 568.604372][T18397] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5483'. [ 569.193222][T18415] input: syz0 as /devices/virtual/input/input48 [ 569.570211][ T126] kernel read not supported for file /video7 (pid: 126 comm: kworker/1:2) [ 569.581021][ T4312] net_ratelimit: 3 callbacks suppressed [ 569.581035][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 569.839269][T18438] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5500'. [ 569.939157][T18440] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 569.993463][T18440] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.022515][T18440] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.036342][T18442] loop2: detected capacity change from 0 to 4096 [ 570.051111][T18440] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.082060][T18447] loop6: detected capacity change from 0 to 1024 [ 570.100940][T18440] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.144962][T18439] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.179277][T18452] input: syz0 as /devices/virtual/input/input49 [ 570.188895][T18451] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 570.289662][ T47] hfsplus: bad catalog file entry [ 570.308511][ T47] hfsplus: b-tree write err: -5, ino 3 [ 571.021423][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 571.185972][T18488] loop6: detected capacity change from 0 to 512 [ 571.207903][T18488] EXT4-fs: inline encryption not supported [ 571.222997][T18488] EXT4-fs: Ignoring removed bh option [ 571.263866][T18488] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 571.291159][T18488] EXT4-fs (loop6): Test dummy encryption mode enabled [ 571.337033][T18488] EXT4-fs (loop6): orphan cleanup on readonly fs [ 571.383473][T18488] EXT4-fs error (device loop6): ext4_orphan_get:1399: comm syz.6.5521: inode #13: comm syz.6.5521: iget: illegal inode # [ 571.457278][T18488] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.5521: couldn't read orphan inode 13 (err -117) [ 571.489829][T18488] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 571.637767][T14900] EXT4-fs (loop6): unmounting filesystem. [ 571.848089][T18494] loop6: detected capacity change from 0 to 512 [ 571.918451][T18494] EXT4-fs (loop6): 1 truncate cleaned up [ 571.965923][T18494] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 572.125185][T18491] loop1: detected capacity change from 0 to 32768 [ 572.167176][T18491] XFS: attr2 mount option is deprecated. [ 572.193402][T14900] EXT4-fs (loop6): unmounting filesystem. [ 572.306509][T18491] XFS (loop1): Mounting V5 Filesystem [ 572.396806][T18491] XFS (loop1): Ending clean mount [ 572.406671][T18491] XFS (loop1): Quotacheck needed: Please wait. [ 572.488451][T18491] XFS (loop1): Quotacheck: Done. [ 572.541751][T18491] XFS (loop1): User initiated shutdown received. [ 572.548825][T18491] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499). Shutting down filesystem. [ 572.621432][ T4311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 572.650987][T18491] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 572.715585][T18530] loop6: detected capacity change from 0 to 256 [ 572.755659][T18530] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 572.788140][ T4266] XFS (loop1): Unmounting Filesystem [ 572.886858][ T27] audit: type=1800 audit(1774664796.874:296): pid=18530 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5535" name="file2" dev="loop6" ino=1048884 res=0 errno=0 [ 572.950581][ T4637] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 573.491110][T18551] loop1: detected capacity change from 0 to 256 [ 573.587884][T18545] loop0: detected capacity change from 0 to 128 [ 573.846933][ T27] audit: type=1326 audit(1774664797.834:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18559 comm="syz.0.5547" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff86ad9c799 code=0x0 [ 573.899254][T18562] loop1: detected capacity change from 0 to 8 [ 573.988094][T18562] SQUASHFS error: Failed to read block 0x6de: -5 [ 574.028219][T18562] SQUASHFS error: Unable to read metadata cache entry [6dc] [ 574.054850][T18562] SQUASHFS error: Unable to read directory block [26067d:ffff] [ 574.740574][ T4311] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 574.942042][ T4311] usb 2-1: Using ep0 maxpacket: 8 [ 574.955188][ T4311] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 574.997539][ T4311] usb 2-1: config 0 has no interface number 0 [ 575.015605][ T4311] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 575.056758][ T4311] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 575.087357][ T4311] usb 2-1: New USB device strings: Mfr=0, Product=128, SerialNumber=0 [ 575.117698][ T4311] usb 2-1: Product: syz [ 575.138159][ T4311] usb 2-1: config 0 descriptor?? [ 575.168932][ T4311] iowarrior 2-1:0.8: IOWarrior product=0x1512, serial= interface=8 now attached to iowarrior0 [ 575.189984][T18585] loop6: detected capacity change from 0 to 32768 [ 575.286328][T18585] XFS (loop6): Mounting V5 Filesystem [ 575.340670][ T4311] usb 3-1: new low-speed USB device number 36 using dummy_hcd [ 575.381545][ T4312] usb 2-1: USB disconnect, device number 37 [ 575.387500][ C0] iowarrior 2-1:0.8: iowarrior_callback - usb_submit_urb failed with result -19 [ 575.448717][T18585] XFS (loop6): Ending clean mount [ 575.576260][ T4311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 575.603243][ T4311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 73, setting to 8 [ 575.618365][ T4311] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 575.630185][ T4311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 575.659528][ T4311] usb 3-1: config 0 descriptor?? [ 575.673018][ T1169] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 575.690469][T18601] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 575.703596][T14900] XFS (loop6): Unmounting Filesystem [ 575.920428][ T4311] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 576.138879][ T4312] usb 3-1: USB disconnect, device number 36 [ 576.145542][ T4637] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 576.230113][T18627] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5573'. [ 576.250992][ T4311] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 576.269760][T18627] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5573'. [ 576.442845][ T4311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 576.456823][ T4311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 576.470347][ T4311] usb 4-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00 [ 576.480371][ T4311] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 576.511321][ T4311] usb 4-1: config 0 descriptor?? [ 576.946596][ T4311] logitech-djreceiver 0003:046D:C71F.0033: unknown main item tag 0x7 [ 576.967716][ T4311] logitech-djreceiver 0003:046D:C71F.0033: hidraw0: USB HID v0.00 Device [HID 046d:c71f] on usb-dummy_hcd.3-1/input0 [ 577.111447][T18656] syzkaller1: tun_chr_ioctl cmd 1074025675 [ 577.141576][T18656] syzkaller1: persist disabled [ 577.186153][ T4312] usb 4-1: USB disconnect, device number 31 [ 577.192546][ T4411] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 577.322422][T18657] fido_id[18657]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 577.390758][ T4411] usb 1-1: Using ep0 maxpacket: 16 [ 577.401005][ T4411] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 577.431358][ T4411] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 577.469652][ T4411] usb 1-1: config 0 descriptor?? [ 577.486567][ T4411] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 577.548342][T18672] ALSA: mixer_oss: invalid OSS volume '' [ 578.287141][ T4411] gspca_sonixj: reg_r err -71 [ 578.300800][ T4411] sonixj: probe of 1-1:0.0 failed with error -71 [ 578.342669][ T4411] usb 1-1: USB disconnect, device number 39 [ 578.702481][ T4637] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 578.711194][ T4411] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 578.863384][T18702] netlink: 148 bytes leftover after parsing attributes in process `syz.3.5606'. [ 579.021194][ T7497] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 579.042897][T18704] program syz.0.5607 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 579.246806][ T7497] usb 3-1: Using ep0 maxpacket: 8 [ 579.254319][ T7497] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 579.254882][T18694] loop6: detected capacity change from 0 to 32768 [ 579.282631][ T7497] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 579.316057][ T7497] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.339397][ T7497] usb 3-1: config 0 descriptor?? [ 579.387979][T18694] XFS (loop6): Mounting V5 Filesystem [ 579.561166][ T7497] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 579.561918][T18694] XFS (loop6): Ending clean mount [ 579.690634][ T27] audit: type=1800 audit(1774665059.743:298): pid=18694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5602" name="file1" dev="loop6" ino=6150 res=0 errno=0 [ 579.696864][T18694] XFS (loop6): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair. [ 579.711312][ C0] vkms_vblank_simulate: vblank timer overrun [ 579.787636][ T4411] usb 3-1: USB disconnect, device number 37 [ 580.039995][T14900] XFS (loop6): Unmounting Filesystem [ 580.560086][T18737] loop0: detected capacity change from 0 to 64 [ 580.630396][T18737] Trying to free block not in datazone [ 580.767158][T18741] device syz_tun entered promiscuous mode [ 580.847460][T18741] device syz_tun left promiscuous mode [ 581.281654][ T27] audit: type=1326 audit(1774665061.343:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18753 comm="syz.1.5623" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f76ed39c799 code=0x0 [ 581.741066][ T4411] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 581.906983][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 582.357543][T18787] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5633'. [ 582.867480][T18798] loop0: detected capacity change from 0 to 2048 [ 582.934053][T18798] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 582.959563][T18804] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5639'. [ 583.006230][ T27] audit: type=1800 audit(1774665063.063:300): pid=18798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5637" name="file1" dev="loop0" ino=1367 res=0 errno=0 [ 583.032321][T18806] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5639'. [ 583.185403][ T4411] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 583.337108][T18816] loop1: detected capacity change from 0 to 128 [ 583.392282][T18816] syz.1.5643: attempt to access beyond end of device [ 583.392282][T18816] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 583.930455][T18839] loop2: detected capacity change from 0 to 64 [ 583.978619][T18839] Trying to free block not in datazone [ 584.202452][ T27] audit: type=1326 audit(1774665064.263:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18844 comm="syz.1.5652" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f76ed39c799 code=0x0 [ 584.264714][T18847] loop2: detected capacity change from 0 to 2048 [ 584.300071][T18847] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 584.322255][ T27] audit: type=1800 audit(1774665064.383:302): pid=18847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5653" name="file1" dev="loop2" ino=1367 res=0 errno=0 [ 584.903647][T18867] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5660'. [ 584.932626][T18867] bridge0: port 2(bridge_slave_1) entered disabled state [ 584.939896][T18867] bridge0: port 1(bridge_slave_0) entered disabled state [ 585.171189][T18876] loop0: detected capacity change from 0 to 512 [ 585.741206][ T4321] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 585.770282][T18895] wireguard: wg1: Could not create IPv4 socket [ 586.220850][ T4311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 586.642828][T18926] netlink: 92 bytes leftover after parsing attributes in process `syz.6.5682'. [ 586.710668][T18926] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5682'. [ 587.001203][T18947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 587.082036][T18947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 587.131515][T18947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 587.160387][T18947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 587.230320][T18947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 587.275070][T18946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 587.660942][ T4637] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 588.065428][ T27] audit: type=1326 audit(1774665068.123:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18979 comm="syz.0.5698" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff86ad9c799 code=0x0 [ 588.290735][ T4411] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 588.446263][T18999] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5705'. [ 588.457216][T18999] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5705'. [ 588.480601][ T4411] usb 4-1: Using ep0 maxpacket: 16 [ 588.481189][T19001] program syz.2.5707 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 588.489121][ T4411] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 588.511048][T18998] tap0: tun_chr_ioctl cmd 1074025677 [ 588.516581][T18998] tap0: linktype set to 513 [ 588.528334][ T4411] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 588.549939][ T4411] usb 4-1: config 0 interface 0 has no altsetting 0 [ 588.559811][ T4411] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 588.575777][ T4411] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 588.587327][ T4411] usb 4-1: config 0 descriptor?? [ 588.910663][ T7498] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 589.011313][ T4411] hid (null): report_id 2053684552 is invalid [ 589.029722][ T4411] hid (null): unknown global tag 0xd [ 589.043608][ T4411] hid (null): unknown global tag 0xe [ 589.054553][ T4411] hid (null): bogus close delimiter [ 589.065485][ T4411] hid (null): unknown global tag 0xc [ 589.077855][ T4411] hid (null): unknown global tag 0xc [ 589.089267][ T4411] hid (null): nested delimiters [ 589.100658][ T7498] usb 3-1: Using ep0 maxpacket: 8 [ 589.110895][ T4411] hid (null): unknown global tag 0xc [ 589.122155][ T4411] hid (null): unknown global tag 0xc [ 589.128175][ T4411] hid (null): report_id 44986 is invalid [ 589.132280][ T7498] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 589.158558][ T7498] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 589.201125][ T7498] usb 3-1: Product: syz [ 589.205317][ T7498] usb 3-1: Manufacturer: syz [ 589.254840][ T7498] usb 3-1: SerialNumber: syz [ 589.260961][ T4411] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 589.282508][ T7498] usb 3-1: config 0 descriptor?? [ 589.301487][ T126] usb 4-1: USB disconnect, device number 32 [ 589.313390][ T7498] gspca_main: se401-2.14.0 probing 047d:5003 [ 589.662541][T19036] loop0: detected capacity change from 0 to 512 [ 589.691093][T19036] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 589.743480][T19036] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.5722: invalid indirect mapped block 9 (level 0) [ 589.796484][T19036] EXT4-fs (loop0): 1 truncate cleaned up [ 589.802945][T19036] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 589.821279][ T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 589.925969][ T7498] input: se401 as /devices/platform/dummy_hcd.2/usb3/3-1/input/input50 [ 589.989171][T19043] loop6: detected capacity change from 0 to 4096 [ 590.091914][T19043] ntfs3: Cannot use different iocharset when remounting! [ 590.136447][ T7498] usb 3-1: USB disconnect, device number 38 [ 590.147504][ T4271] EXT4-fs (loop0): unmounting filesystem. [ 590.234099][T19050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 590.271388][T19050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 590.498265][T19059] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5730'. [ 591.467827][T19083] loop2: detected capacity change from 0 to 128 [ 591.521578][T19083] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 591.573955][T19083] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 591.740774][ T4283] Bluetooth: hci2: command 0x0411 tx timeout [ 592.236101][T19112] MPI: mpi too large (16392 bits) [ 592.300877][ T4311] net_ratelimit: 9 callbacks suppressed [ 592.300891][ T4311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 592.364245][ T4637] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 592.373026][ T126] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 592.387182][ T4311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 593.311226][ T4311] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 593.423081][ T47] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 593.510663][ T4311] usb 4-1: Using ep0 maxpacket: 16 [ 593.518481][ T4311] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 593.571211][ T4311] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 593.630446][ T4311] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 593.670974][ T4311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 593.679014][ T4311] usb 4-1: Product: syz [ 593.741033][ T4311] usb 4-1: Manufacturer: syz [ 593.751127][ T4311] usb 4-1: SerialNumber: syz [ 594.178896][ T4311] usb 4-1: 0:2 : does not exist [ 594.585090][ T4311] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 594.626903][ T4311] usb 4-1: USB disconnect, device number 33 [ 594.820754][ T7497] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 594.851758][ T5080] udevd[5080]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 595.000618][ T7497] usb 2-1: Using ep0 maxpacket: 8 [ 595.008629][ T7497] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 595.018125][ T7497] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 595.026581][ T7497] usb 2-1: Product: syz [ 595.030860][ T7497] usb 2-1: Manufacturer: syz [ 595.035567][ T7497] usb 2-1: SerialNumber: syz [ 595.042242][ T7497] usb 2-1: config 0 descriptor?? [ 595.049143][ T7497] gspca_main: se401-2.14.0 probing 047d:5003 [ 595.148820][T19180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 595.157174][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 595.165713][T19180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 595.174068][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 595.183206][T19180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 595.630836][ T7497] usb 2-1: reset high-speed USB device number 38 using dummy_hcd [ 596.241671][ T7497] gspca_se401: write req failed req 0x57 val 0x00 error -71 [ 596.269447][ T7497] se401: probe of 2-1:0.0 failed with error -71 [ 596.284918][ T7497] usb 2-1: USB disconnect, device number 38 [ 596.461958][ T4274] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 596.461993][ T4283] Bluetooth: hci5: command 0xfc11 tx timeout [ 596.782274][ T47] Bluetooth: hci5: Frame reassembly failed (-84) [ 596.790048][T19225] Bluetooth: hci5: Frame reassembly failed (-84) [ 596.853526][T19227] program syz.6.5803 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 597.062185][T19233] netlink: 'syz.6.5806': attribute type 3 has an invalid length. [ 597.481280][T19247] loop2: detected capacity change from 0 to 8 [ 597.504637][ T7498] kernel read not supported for file /dsp1 (pid: 7498 comm: kworker/1:16) [ 597.901307][ T6517] net_ratelimit: 2045 callbacks suppressed [ 597.901324][ T6517] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 597.917833][ T4311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 597.926645][ T4312] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 598.501519][T19279] serio: Serial port pty24 [ 598.780891][ T4275] Bluetooth: hci5: command 0x1003 tx timeout [ 598.781079][T19217] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 599.538201][T19304] loop2: detected capacity change from 0 to 32768 [ 599.564067][T19304] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 599.572922][T19304] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 599.637783][T19304] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 599.656599][ T7497] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 599.664863][ T7497] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 599.742501][ T7497] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 77ms [ 599.762985][ T7497] gfs2: fsid=syz:syz.0: jid=0: Done [ 599.771134][T19304] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 600.329189][T19304] gfs2: fsid=syz:syz.0: fatal: invalid metadata block [ 600.329189][T19304] bh = 68 (type: exp=2, found=65534) [ 600.329189][T19304] function = gfs2_rgrp_go_instantiate, file = fs/gfs2/rgrp.c, line = 1224 [ 600.350604][T19304] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 600.366833][T19304] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 600.375655][T19304] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 600.386218][T19304] gfs2: fsid=syz:syz.0: File system withdrawn [ 600.392334][T19304] CPU: 1 PID: 19304 Comm: syz.2.5838 Not tainted syzkaller #0 [ 600.399808][T19304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 600.409888][T19304] Call Trace: [ 600.413184][T19304] [ 600.416133][T19304] dump_stack_lvl+0x188/0x24e [ 600.420843][T19304] ? kobject_uevent_env+0x35f/0x8a0 [ 600.426065][T19304] ? show_regs_print_info+0x12/0x12 [ 600.431295][T19304] ? load_image+0x400/0x400 [ 600.435821][T19304] ? kobject_uevent_env+0x35f/0x8a0 [ 600.441064][T19304] gfs2_withdraw+0xde6/0x15d0 [ 600.445793][T19304] ? gfs2_lm+0x240/0x240 [ 600.450058][T19304] ? bit_waitqueue+0x30/0x30 [ 600.454692][T19304] ? gfs2_meta_new+0x160/0x160 [ 600.459501][T19304] gfs2_metatype_check_ii+0x74/0x90 [ 600.464722][T19304] gfs2_rgrp_go_instantiate+0x397/0x12f0 [ 600.470389][T19304] ? gfs2_glock_nq+0xcf0/0x14e0 [ 600.475269][T19304] gfs2_instantiate+0x15e/0x210 [ 600.480124][T19304] gfs2_glock_wait+0x1d0/0x2a0 [ 600.484897][T19304] gfs2_inplace_reserve+0xd04/0x3460 [ 600.490185][T19304] ? is_bpf_text_address+0x22/0x2a0 [ 600.495395][T19304] ? gfs2_rgrp_out+0x700/0x700 [ 600.500156][T19304] ? apparmor_capable+0x12c/0x190 [ 600.505180][T19304] ? bpf_lsm_capable+0x5/0x10 [ 600.509855][T19304] ? security_capable+0x85/0xb0 [ 600.514707][T19304] ea_alloc_skeleton+0x297/0x560 [ 600.519649][T19304] ? ea_alloc_skeleton+0x560/0x560 [ 600.524768][T19304] ? ea_find_i+0x250/0x250 [ 600.529180][T19304] ? stack_trace_save+0xa6/0xf0 [ 600.534042][T19304] ? __stack_depot_save+0x421/0x460 [ 600.539250][T19304] ea_init+0x179/0x1f0 [ 600.543324][T19304] ? __gfs2_xattr_set+0xc60/0xc60 [ 600.548382][T19304] ? __vfs_setxattr_noperm+0x129/0x5e0 [ 600.553842][T19304] ? do_syscall_64+0x4c/0xa0 [ 600.558433][T19304] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 600.564507][T19304] __gfs2_xattr_set+0x628/0xc60 [ 600.569364][T19304] ? gfs2_ea_get_copy+0x8c0/0x8c0 [ 600.574401][T19304] ? __kmem_cache_alloc_node+0x140/0x260 [ 600.580044][T19304] ? posix_acl_to_xattr+0x31b/0x3a0 [ 600.585249][T19304] __gfs2_set_acl+0x102/0x180 [ 600.589939][T19304] gfs2_set_acl+0x507/0x790 [ 600.594459][T19304] ? __gfs2_set_acl+0x180/0x180 [ 600.599315][T19304] ? __kmem_cache_alloc_node+0x140/0x260 [ 600.604949][T19304] ? posix_acl_xattr_set+0x387/0x3f0 [ 600.610237][T19304] ? vfs_set_acl_prepare+0x105/0x6c0 [ 600.615518][T19304] ? __kmalloc+0xe1/0x240 [ 600.619861][T19304] ? lockdep_hardirqs_on+0x94/0x140 [ 600.625063][T19304] ? posix_acl_valid+0x320/0x3a0 [ 600.630001][T19304] posix_acl_xattr_set+0x387/0x3f0 [ 600.635122][T19304] ? posix_acl_xattr_get+0x550/0x550 [ 600.640418][T19304] __vfs_setxattr+0x3e0/0x420 [ 600.645117][T19304] __vfs_setxattr_noperm+0x129/0x5e0 [ 600.650407][T19304] vfs_setxattr+0x167/0x2e0 [ 600.654913][T19304] ? xattr_permission+0x500/0x500 [ 600.659938][T19304] ? _copy_from_user+0x10b/0x170 [ 600.664877][T19304] ? setxattr+0x2ce/0x360 [ 600.669211][T19304] setxattr+0x346/0x360 [ 600.673369][T19304] ? path_setxattr+0x290/0x290 [ 600.678150][T19304] ? __mnt_want_write+0x21f/0x2a0 [ 600.683187][T19304] path_setxattr+0x147/0x290 [ 600.687777][T19304] ? simple_xattr_list_add+0xf0/0xf0 [ 600.693061][T19304] ? lock_chain_count+0x20/0x20 [ 600.697918][T19304] __x64_sys_setxattr+0xb7/0xd0 [ 600.702769][T19304] do_syscall_64+0x4c/0xa0 [ 600.707185][T19304] ? clear_bhb_loop+0x60/0xb0 [ 600.711857][T19304] ? clear_bhb_loop+0x60/0xb0 [ 600.716531][T19304] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 600.722421][T19304] RIP: 0033:0x7fc433f9c799 [ 600.726832][T19304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 600.746433][T19304] RSP: 002b:00007fc434f1a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 600.754841][T19304] RAX: ffffffffffffffda RBX: 00007fc434215fa0 RCX: 00007fc433f9c799 [ 600.762841][T19304] RDX: 0000200000000140 RSI: 0000200000000000 RDI: 0000200000002a00 [ 600.770823][T19304] RBP: 00007fc434032c99 R08: 0000000000000000 R09: 0000000000000000 [ 600.778797][T19304] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000000 [ 600.786759][T19304] R13: 00007fc434216038 R14: 00007fc434215fa0 R15: 00007ffe498a7118 [ 600.794735][T19304] [ 601.098450][T19323] loop0: detected capacity change from 0 to 32768 [ 601.239476][T19323] XFS (loop0): Mounting V5 Filesystem [ 601.453004][T19323] XFS (loop0): Starting recovery (logdev: internal) [ 601.533715][T19323] XFS (loop0): Ending recovery (logdev: internal) [ 601.546939][T19346] loop6: detected capacity change from 0 to 8 [ 601.652779][ T27] audit: type=1800 audit(1774665081.713:304): pid=19323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5846" name="file1" dev="loop0" ino=7430 res=0 errno=0 [ 601.758560][ T4271] XFS (loop0): Unmounting Filesystem [ 601.801208][T19346] SQUASHFS error: Failed to read block 0x6de: -5 [ 601.838648][T19346] SQUASHFS error: Unable to read metadata cache entry [6dc] [ 601.882402][T19346] SQUASHFS error: Unable to read directory block [26067d:ffff] [ 602.095913][T19350] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5856'. [ 602.220865][ T35] tipc: Disabling bearer [ 602.227637][ T35] tipc: Disabling bearer [ 602.258759][ T35] tipc: Disabling bearer [ 602.271406][ T35] tipc: Left network mode [ 602.352448][ T4275] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 602.365948][ T4275] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 602.374584][ T4275] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 602.383517][ T4275] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 602.431718][ T4275] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 602.438982][ T4275] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 602.600816][T19364] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5855'. [ 603.222830][T19354] chnl_net:caif_netlink_parms(): no params data found [ 603.700349][T19354] bridge0: port 1(bridge_slave_0) entered blocking state [ 603.710959][T19354] bridge0: port 1(bridge_slave_0) entered disabled state [ 603.737527][T19354] device bridge_slave_0 entered promiscuous mode [ 603.881073][T19354] bridge0: port 2(bridge_slave_1) entered blocking state [ 603.888194][T19354] bridge0: port 2(bridge_slave_1) entered disabled state [ 603.892785][T19415] loop0: detected capacity change from 0 to 512 [ 603.910239][T19415] EXT4-fs: Ignoring removed bh option [ 603.950191][T19354] device bridge_slave_1 entered promiscuous mode [ 603.982084][T19415] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 604.117097][T19415] EXT4-fs (loop0): 1 truncate cleaned up [ 604.170988][T19415] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 604.223960][T19418] loop2: detected capacity change from 0 to 4096 [ 604.234069][T19415] EXT4-fs (loop0): shut down requested (2) [ 604.263846][T19354] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 604.320803][T19418] ntfs: volume version 3.1. [ 604.336986][ T4271] EXT4-fs (loop0): unmounting filesystem. [ 604.543524][T19217] Bluetooth: hci3: command 0x0409 tx timeout [ 604.685299][T19430] loop6: detected capacity change from 0 to 16 [ 604.708337][T19428] loop1: detected capacity change from 0 to 32768 [ 604.714590][T19430] erofs: (device loop6): mounted with root inode @ nid 36. [ 604.723930][T19354] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 604.747424][T19428] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 604.755882][T19428] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 604.867175][T19428] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 604.874751][T19430] erofs: (device loop6): erofs_find_target_block: corrupted dir block 8200 @ nid 36 [ 604.888285][ T4311] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 604.899717][ T4311] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 604.921685][T19430] erofs: (device loop6): z_erofs_readahead: readahead error at page 12 @ nid 36 [ 604.951012][T19430] syz.6.5884: attempt to access beyond end of device [ 604.951012][T19430] loop6: rw=524288, sector=67108872, nr_sectors = 16 limit=16 [ 605.003148][ T4311] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 103ms [ 605.014524][T19430] syz.6.5884: attempt to access beyond end of device [ 605.014524][T19430] loop6: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 605.051120][ T4311] gfs2: fsid=syz:syz.0: jid=0: Done [ 605.056377][T19428] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 605.070929][T19430] syz.6.5884: attempt to access beyond end of device [ 605.070929][T19430] loop6: rw=524288, sector=525144, nr_sectors = 8 limit=16 [ 605.150012][T19354] team0: Port device team_slave_0 added [ 605.643619][T19354] team0: Port device team_slave_1 added [ 605.691588][T19450] netlink: 'syz.2.5889': attribute type 12 has an invalid length. [ 605.719855][T19450] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5889'. [ 605.758626][T19428] gfs2: fsid=syz:syz.0: fatal: invalid metadata block [ 605.758626][T19428] bh = 68 (type: exp=2, found=65534) [ 605.758626][T19428] function = gfs2_rgrp_go_instantiate, file = fs/gfs2/rgrp.c, line = 1224 [ 605.779227][ C0] vkms_vblank_simulate: vblank timer overrun [ 605.786389][T19428] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 605.802745][T19428] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 605.811666][T19428] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 605.818245][T19428] gfs2: fsid=syz:syz.0: File system withdrawn [ 605.824642][T19428] CPU: 0 PID: 19428 Comm: syz.1.5881 Not tainted syzkaller #0 [ 605.832120][T19428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 605.842182][T19428] Call Trace: [ 605.845461][T19428] [ 605.848398][T19428] dump_stack_lvl+0x188/0x24e [ 605.853087][T19428] ? kobject_uevent_env+0x35f/0x8a0 [ 605.858290][T19428] ? show_regs_print_info+0x12/0x12 [ 605.863489][T19428] ? load_image+0x400/0x400 [ 605.868010][T19428] ? kobject_uevent_env+0x35f/0x8a0 [ 605.873228][T19428] gfs2_withdraw+0xde6/0x15d0 [ 605.877930][T19428] ? gfs2_lm+0x240/0x240 [ 605.882192][T19428] ? bit_waitqueue+0x30/0x30 [ 605.886794][T19428] ? gfs2_meta_new+0x160/0x160 [ 605.891569][T19428] gfs2_metatype_check_ii+0x74/0x90 [ 605.896774][T19428] gfs2_rgrp_go_instantiate+0x397/0x12f0 [ 605.902432][T19428] ? gfs2_glock_nq+0xcf0/0x14e0 [ 605.907287][T19428] gfs2_instantiate+0x15e/0x210 [ 605.912135][T19428] gfs2_glock_wait+0x1d0/0x2a0 [ 605.916905][T19428] gfs2_inplace_reserve+0xd04/0x3460 [ 605.922204][T19428] ? is_bpf_text_address+0x22/0x2a0 [ 605.927412][T19428] ? gfs2_rgrp_out+0x700/0x700 [ 605.932176][T19428] ? apparmor_capable+0x12c/0x190 [ 605.937206][T19428] ? bpf_lsm_capable+0x5/0x10 [ 605.941890][T19428] ? security_capable+0x85/0xb0 [ 605.946754][T19428] ea_alloc_skeleton+0x297/0x560 [ 605.951700][T19428] ? ea_alloc_skeleton+0x560/0x560 [ 605.956822][T19428] ? ea_find_i+0x250/0x250 [ 605.961255][T19428] ? stack_trace_save+0xa6/0xf0 [ 605.966112][T19428] ? __stack_depot_save+0x35/0x460 [ 605.971232][T19428] ea_init+0x179/0x1f0 [ 605.975306][T19428] ? __gfs2_xattr_set+0xc60/0xc60 [ 605.980339][T19428] ? __vfs_setxattr_noperm+0x129/0x5e0 [ 605.985801][T19428] ? do_syscall_64+0x4c/0xa0 [ 605.990394][T19428] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 605.996467][T19428] __gfs2_xattr_set+0x628/0xc60 [ 606.001331][T19428] ? gfs2_ea_get_copy+0x8c0/0x8c0 [ 606.006373][T19428] ? __kmem_cache_alloc_node+0x140/0x260 [ 606.012007][T19428] ? posix_acl_to_xattr+0x31b/0x3a0 [ 606.017210][T19428] __gfs2_set_acl+0x102/0x180 [ 606.021889][T19428] gfs2_set_acl+0x507/0x790 [ 606.026395][T19428] ? __gfs2_set_acl+0x180/0x180 [ 606.031250][T19428] ? __kmem_cache_alloc_node+0x140/0x260 [ 606.036882][T19428] ? posix_acl_xattr_set+0x387/0x3f0 [ 606.042183][T19428] ? vfs_set_acl_prepare+0x105/0x6c0 [ 606.047469][T19428] ? __kmalloc+0xe1/0x240 [ 606.051805][T19428] ? posix_acl_valid+0x320/0x3a0 [ 606.056741][T19428] posix_acl_xattr_set+0x387/0x3f0 [ 606.061854][T19428] ? posix_acl_xattr_get+0x550/0x550 [ 606.067141][T19428] __vfs_setxattr+0x3e0/0x420 [ 606.071829][T19428] __vfs_setxattr_noperm+0x129/0x5e0 [ 606.077120][T19428] vfs_setxattr+0x167/0x2e0 [ 606.081632][T19428] ? xattr_permission+0x500/0x500 [ 606.086687][T19428] ? _copy_from_user+0x10b/0x170 [ 606.091632][T19428] ? setxattr+0x2ce/0x360 [ 606.095972][T19428] setxattr+0x346/0x360 [ 606.100143][T19428] ? path_setxattr+0x290/0x290 [ 606.104927][T19428] ? __mnt_want_write+0x21f/0x2a0 [ 606.109963][T19428] path_setxattr+0x147/0x290 [ 606.114559][T19428] ? simple_xattr_list_add+0xf0/0xf0 [ 606.119846][T19428] ? lock_chain_count+0x20/0x20 [ 606.124703][T19428] __x64_sys_setxattr+0xb7/0xd0 [ 606.129557][T19428] do_syscall_64+0x4c/0xa0 [ 606.133984][T19428] ? clear_bhb_loop+0x60/0xb0 [ 606.138659][T19428] ? clear_bhb_loop+0x60/0xb0 [ 606.143337][T19428] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 606.149229][T19428] RIP: 0033:0x7f76ed39c799 [ 606.153638][T19428] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 606.173246][T19428] RSP: 002b:00007f76ee240028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 606.181659][T19428] RAX: ffffffffffffffda RBX: 00007f76ed615fa0 RCX: 00007f76ed39c799 [ 606.189648][T19428] RDX: 0000200000000140 RSI: 0000200000000000 RDI: 0000200000002a00 [ 606.197614][T19428] RBP: 00007f76ed432c99 R08: 0000000000000000 R09: 0000000000000000 [ 606.205591][T19428] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000000 [ 606.213567][T19428] R13: 00007f76ed616038 R14: 00007f76ed615fa0 R15: 00007ffd3cb252a8 [ 606.221557][T19428] [ 606.224585][ C0] vkms_vblank_simulate: vblank timer overrun [ 606.246019][T19354] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 606.253082][T19354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 606.278957][ C0] vkms_vblank_simulate: vblank timer overrun [ 606.290378][T19354] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 606.366740][T19354] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 606.387653][T19354] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 606.413584][ C0] vkms_vblank_simulate: vblank timer overrun [ 606.436022][T19457] input: syz1 as /devices/virtual/input/input51 [ 606.540855][T19354] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 606.630666][ T4275] Bluetooth: hci3: command 0x041b tx timeout [ 606.885724][T19471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5895'. [ 607.042619][ T35] device hsr_slave_0 left promiscuous mode [ 607.049469][T19475] program syz.6.5896 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 607.082730][ T35] device hsr_slave_1 left promiscuous mode [ 607.107282][T19477] loop2: detected capacity change from 0 to 512 [ 607.125342][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 607.139464][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 607.151695][T19477] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 607.177903][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 607.206106][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 607.212059][T19477] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 607.278261][ T35] device bridge_slave_1 left promiscuous mode [ 607.305692][T19477] ext4 filesystem being mounted at /1208/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 607.320441][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 607.329032][ T35] device bridge_slave_0 left promiscuous mode [ 607.383284][T19466] loop0: detected capacity change from 0 to 32768 [ 607.385644][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 607.391074][T19466] XFS: attr2 mount option is deprecated. [ 607.512466][T19466] XFS (loop0): Mounting V5 Filesystem [ 607.644130][T19466] XFS (loop0): Ending clean mount [ 607.652294][T19466] XFS (loop0): Quotacheck needed: Please wait. [ 607.662350][ T35] device veth1_macvtap left promiscuous mode [ 607.668409][ T35] device veth0_macvtap left promiscuous mode [ 607.712646][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 607.720872][ T35] device veth1_vlan left promiscuous mode [ 607.729022][ T35] device veth0_vlan left promiscuous mode [ 607.733188][T19466] XFS (loop0): Quotacheck: Done. [ 607.865021][T19466] XFS (loop0): User initiated shutdown received. [ 607.896981][T19466] XFS (loop0): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499). Shutting down filesystem. [ 607.903032][T19501] loop6: detected capacity change from 0 to 64 [ 607.949330][T19466] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 608.107452][ T4271] XFS (loop0): Unmounting Filesystem [ 608.120789][ T4411] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 608.323976][ T4411] usb 3-1: Using ep0 maxpacket: 32 [ 608.330924][ T4411] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 608.344652][ T4411] usb 3-1: config 0 has no interface number 0 [ 608.361430][T19494] loop1: detected capacity change from 0 to 32768 [ 608.368048][ T4411] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 608.397024][ T4411] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 608.410764][ T4411] usb 3-1: Product: syz [ 608.414944][ T4411] usb 3-1: Manufacturer: syz [ 608.419656][ T4411] usb 3-1: SerialNumber: syz [ 608.434139][ T4411] usb 3-1: config 0 descriptor?? [ 608.473942][ T4411] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 608.530400][T19494] XFS (loop1): Mounting V5 Filesystem [ 608.643419][T19494] XFS (loop1): Ending clean mount [ 608.665795][T19500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 608.700587][ T4275] Bluetooth: hci3: command 0x040f tx timeout [ 608.705444][T19500] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 608.754767][ T4266] XFS (loop1): Unmounting Filesystem [ 609.224955][ T4411] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 609.321529][ T4411] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 609.407616][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 609.408230][ T7498] usb 3-1: USB disconnect, device number 39 [ 609.469587][ T7498] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 609.513468][T19525] loop6: detected capacity change from 0 to 256 [ 609.526896][T19526] loop0: detected capacity change from 0 to 16 [ 609.534918][ T7498] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 609.574741][ T7498] quatech2 3-1:0.51: device disconnected [ 609.607788][T19526] erofs: (device loop0): mounted with root inode @ nid 36. [ 609.678829][T19526] erofs: (device loop0): erofs_find_target_block: corrupted dir block 8200 @ nid 36 [ 609.800107][T19527] erofs: (device loop0): z_erofs_readahead: readahead error at page 12 @ nid 36 [ 609.806227][T19529] netlink: 64 bytes leftover after parsing attributes in process `syz.6.5910'. [ 609.841461][T19527] syz.0.5909: attempt to access beyond end of device [ 609.841461][T19527] loop0: rw=524288, sector=67108872, nr_sectors = 16 limit=16 [ 609.870817][T19527] syz.0.5909: attempt to access beyond end of device [ 609.870817][T19527] loop0: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 609.899562][T19527] syz.0.5909: attempt to access beyond end of device [ 609.899562][T19527] loop0: rw=524288, sector=525144, nr_sectors = 8 limit=16 [ 610.123699][T19522] loop1: detected capacity change from 0 to 32768 [ 610.413951][ T35] team0 (unregistering): Port device team_slave_1 removed [ 610.682920][ T35] team0 (unregistering): Port device team_slave_0 removed [ 610.705201][T19545] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5917'. [ 610.780615][ T4275] Bluetooth: hci3: command 0x0419 tx timeout [ 610.900819][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 610.990116][T19547] loop0: detected capacity change from 0 to 8192 [ 610.992967][T19541] loop2: detected capacity change from 0 to 32768 [ 611.022149][T19547] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 611.023509][T19541] XFS: attr2 mount option is deprecated. [ 611.061469][T19547] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 611.087411][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 611.108347][T19547] REISERFS (device loop0): using ordered data mode [ 611.140597][T19547] reiserfs: using flush barriers [ 611.159765][T19547] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 7, max trans age 7 [ 611.188964][T19541] XFS (loop2): Mounting V5 Filesystem [ 611.300925][T19547] REISERFS (device loop0): checking transaction log (loop0) [ 611.316771][T19541] XFS (loop2): Ending clean mount [ 611.325602][T19547] REISERFS (device loop0): Using r5 hash to sort names [ 611.338506][T19541] XFS (loop2): Quotacheck needed: Please wait. [ 611.364834][T19547] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 611.371947][T19562] loop1: detected capacity change from 0 to 256 [ 611.384722][T19547] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 611.463974][T19541] XFS (loop2): Quotacheck: Done. [ 611.531852][T19547] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 611.580798][T19562] FAT-fs (loop1): Directory bread(block 64) failed [ 611.605350][T19563] REISERFS warning (device loop0): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 611.610531][T19562] FAT-fs (loop1): Directory bread(block 65) failed [ 611.631950][T19562] FAT-fs (loop1): Directory bread(block 66) failed [ 611.638614][T19541] XFS (loop2): User initiated shutdown received. [ 611.676486][T19563] overlayfs: upper fs needs to support d_type. [ 611.687776][T19541] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499). Shutting down filesystem. [ 611.688391][T19562] FAT-fs (loop1): Directory bread(block 67) failed [ 611.730681][T19563] overlayfs: upper fs does not support tmpfile. [ 611.755283][T19541] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 611.760626][T19562] FAT-fs (loop1): Directory bread(block 68) failed [ 611.785574][T19563] REISERFS warning (device loop0): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 611.800161][T19562] FAT-fs (loop1): Directory bread(block 69) failed [ 611.814378][T19562] FAT-fs (loop1): Directory bread(block 70) failed [ 611.822060][T19562] FAT-fs (loop1): Directory bread(block 71) failed [ 611.840764][T19562] FAT-fs (loop1): Directory bread(block 72) failed [ 611.847358][T19562] FAT-fs (loop1): Directory bread(block 73) failed [ 611.928341][T19563] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 611.937168][ T4279] XFS (loop2): Unmounting Filesystem [ 611.944310][T19563] REISERFS warning (device loop0): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 612.008493][T19563] REISERFS warning (device loop0): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 612.084825][T19563] REISERFS warning (device loop0): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 612.174215][T19563] overlayfs: failed to set xattr on upper [ 612.196089][T19563] overlayfs: ...falling back to index=off,metacopy=off. [ 612.249059][ T4271] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 612.265944][ T4271] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 612.698627][ T35] bond0 (unregistering): Released all slaves [ 612.866668][T19579] comedi comedi3: comedi_test: 38 microvolt, 2047 microsecond waveform attached [ 612.961726][T19354] device hsr_slave_0 entered promiscuous mode [ 612.975773][T19354] device hsr_slave_1 entered promiscuous mode [ 612.986179][T19354] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 612.998322][T19354] Cannot create hsr debugfs directory [ 613.993401][T19615] comedi comedi3: 8255: I/O port conflict (0x4f27,4) [ 614.000141][T19615] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 614.077381][T19618] loop6: detected capacity change from 0 to 128 [ 614.091517][T19615] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 614.129952][T19615] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 614.170119][T19615] comedi comedi3: 8255: I/O port conflict (0xc9,4) [ 614.202085][T19615] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 614.210024][T19618] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 614.221057][T19615] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 614.227594][T19615] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 614.234344][T19618] ext4 filesystem being mounted at /309/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 614.305352][T19615] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 614.329747][T19623] loop0: detected capacity change from 0 to 128 [ 614.340554][T19615] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 614.347001][T19615] comedi comedi3: 8255: I/O port conflict (0x81,4) [ 614.421330][T19615] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 614.427795][T19615] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 614.440618][T19618] fscrypt (loop6, inode 12): Mutually exclusive encryption flags (0x18) [ 614.502508][T19615] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 614.508980][T19615] comedi comedi3: 8255: I/O port conflict (0x8,4) [ 614.570634][T19615] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4) [ 614.578638][T19615] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4) [ 614.600837][T19354] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 614.620113][T14900] EXT4-fs (loop6): unmounting filesystem. [ 614.629784][T19354] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 614.634980][T19604] loop1: detected capacity change from 0 to 32768 [ 614.666292][T19615] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff5,4) [ 614.701357][T19354] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 614.724992][T19354] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 614.741994][ T35] kworker/u4:2: attempt to access beyond end of device [ 614.741994][ T35] loop0: rw=1, sector=145, nr_sectors = 640 limit=128 [ 614.771596][T19615] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 614.778986][T19604] find_entry called with index >= next_index [ 614.792385][ T35] kworker/u4:2: attempt to access beyond end of device [ 614.792385][ T35] loop0: rw=1, sector=793, nr_sectors = 248 limit=128 [ 614.809681][T19604] find_entry called with index >= next_index [ 614.820150][T19615] comedi comedi3: 8255: I/O port conflict (0x10002,4) [ 614.843669][T19615] comedi comedi3: 8255: I/O port conflict (0x8,4) [ 614.860644][T19604] find_entry called with index >= next_index [ 614.866763][T19604] find_entry called with index >= next_index [ 614.871259][ T35] kworker/u4:2: attempt to access beyond end of device [ 614.871259][ T35] loop0: rw=1, sector=785, nr_sectors = 8 limit=128 [ 614.920603][T19604] find_entry called with index >= next_index [ 614.928020][T19604] add_index: next_index = 0. Resetting! [ 614.970529][T19604] find_entry called with index >= next_index [ 614.976568][T19604] find_entry called with index >= next_index [ 615.046682][T19604] find_entry called with index >= next_index [ 615.070369][T19354] 8021q: adding VLAN 0 to HW filter on device bond0 [ 615.111732][T19604] non-latin1 character 0x3ff found in JFS file name [ 615.127571][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 615.150113][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 615.150667][T19604] mount with iocharset=utf8 to access [ 615.169007][T19354] 8021q: adding VLAN 0 to HW filter on device team0 [ 615.191994][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 615.207314][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 615.219515][ T4637] bridge0: port 1(bridge_slave_0) entered blocking state [ 615.226703][ T4637] bridge0: port 1(bridge_slave_0) entered forwarding state [ 615.309583][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 615.356212][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 615.381410][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 615.405650][ T4637] bridge0: port 2(bridge_slave_1) entered blocking state [ 615.412811][ T4637] bridge0: port 2(bridge_slave_1) entered forwarding state [ 615.468160][T19636] syz.0.5946 (19636): drop_caches: 2 [ 615.515743][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 615.528308][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 615.553545][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 615.632701][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 615.661570][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 615.672485][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 615.701437][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 615.726629][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 615.752100][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 615.763006][T19652] loop0: detected capacity change from 0 to 1024 [ 615.793236][T19354] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 615.819360][T19354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 615.839631][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 615.864836][T19652] hfsplus: invalid length 65281 has been corrected to 255 [ 615.876161][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 615.893077][T19652] hfsplus: invalid length 65281 has been corrected to 255 [ 616.617934][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 616.626666][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 616.663430][T19688] loop2: detected capacity change from 0 to 128 [ 616.674476][T19354] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 616.731717][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 616.750968][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 616.823285][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 616.838757][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 616.867372][T19354] device veth0_vlan entered promiscuous mode [ 616.876952][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 616.892846][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 616.913899][T19354] device veth1_vlan entered promiscuous mode [ 616.991382][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 616.999482][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 617.037259][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 617.060046][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 617.094437][T19354] device veth0_macvtap entered promiscuous mode [ 617.105227][T19701] loop2: detected capacity change from 0 to 256 [ 617.117366][T19354] device veth1_macvtap entered promiscuous mode [ 617.174200][T19701] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d) [ 617.178523][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 617.211206][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.245847][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 617.290269][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.320572][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 617.341810][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.352087][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 617.363616][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.379811][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: macsec4 [ 617.412058][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.461995][T19354] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 617.479621][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 617.501335][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 617.523708][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 617.546504][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 617.579113][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 617.603873][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.620308][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 617.634604][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.650910][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 617.670576][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.693905][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 617.750970][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.770824][T19354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2 [ 617.789538][T19721] comedi comedi3: 8255: I/O port conflict (0x4f27,4) [ 617.790740][T19354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 617.816903][T19721] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 617.836551][T19354] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 617.841151][T19721] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 617.860570][T19721] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 617.881691][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 617.901844][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 617.920799][T19721] comedi comedi3: 8255: I/O port conflict (0xc9,4) [ 617.941790][T19354] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 617.959219][T19721] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 617.967352][T19354] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 617.985947][T19721] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 617.992929][T19354] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.002255][T19721] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 618.009170][T19354] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.019364][T19721] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 618.028129][T19727] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5978'. [ 618.038745][T19721] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 618.056105][T19727] netlink: 'syz.2.5978': attribute type 6 has an invalid length. [ 618.061157][T19721] comedi comedi3: 8255: I/O port conflict (0x81,4) [ 618.077098][T19727] netlink: 140 bytes leftover after parsing attributes in process `syz.2.5978'. [ 618.097338][T19721] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 618.171855][T19721] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 618.240614][T19721] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 618.286872][T19721] comedi comedi3: 8255: I/O port conflict (0x8,4) [ 618.306659][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 618.310632][T19721] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4) [ 618.344918][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 618.361322][T19721] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4) [ 618.373022][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 618.400612][T19721] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff5,4) [ 618.426881][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 618.459246][T19721] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 618.465993][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 618.473349][T19721] comedi comedi3: 8255: I/O port conflict (0x10002,4) [ 618.473395][T19721] comedi comedi3: 8255: I/O port conflict (0x8,4) [ 618.546522][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 618.809394][T19750] loop1: detected capacity change from 0 to 8 [ 618.930351][T19750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5984'. [ 619.000800][T19750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5984'. [ 620.445836][T19809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6006'. [ 620.465969][T19809] device bond0 entered promiscuous mode [ 620.498059][T19809] device bond_slave_0 entered promiscuous mode [ 620.510971][T19773] loop3: detected capacity change from 0 to 32768 [ 620.520020][T19809] device bond_slave_1 entered promiscuous mode [ 620.540595][T19809] device bond0 left promiscuous mode [ 620.556674][T19809] device bond_slave_0 left promiscuous mode [ 620.576074][T19809] device bond_slave_1 left promiscuous mode [ 620.580136][T19797] syz.6.6003 (19797): drop_caches: 2 [ 620.670028][T19773] XFS (loop3): Mounting V5 Filesystem [ 620.820584][T19773] XFS (loop3): Ending clean mount [ 620.836244][ T4637] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 621.009465][T19354] XFS (loop3): Unmounting Filesystem [ 621.765337][T19857] loop6: detected capacity change from 0 to 64 [ 623.259698][T19915] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0 [ 623.865397][T19932] loop2: detected capacity change from 0 to 128 [ 624.016920][ T27] audit: type=1326 audit(1774665104.073:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19938 comm="syz.0.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 624.021509][T19937] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6049'. [ 624.043312][ T27] audit: type=1326 audit(1774665104.103:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19938 comm="syz.0.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 624.095193][T19937] netem: invalid attributes len -19 [ 624.107613][T19937] netem: change failed [ 624.120796][ T27] audit: type=1326 audit(1774665104.103:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19938 comm="syz.0.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 624.143119][ C0] vkms_vblank_simulate: vblank timer overrun [ 624.154319][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.160677][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.162532][ T11] kworker/u4:1: attempt to access beyond end of device [ 624.162532][ T11] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 624.265434][ T27] audit: type=1326 audit(1774665104.103:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19938 comm="syz.0.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 624.328427][ T27] audit: type=1326 audit(1774665104.103:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19938 comm="syz.0.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 624.414533][ T27] audit: type=1326 audit(1774665104.153:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19938 comm="syz.0.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 624.526585][ T27] audit: type=1326 audit(1774665104.153:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19938 comm="syz.0.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 624.554084][T19956] loop6: detected capacity change from 0 to 64 [ 624.585104][T19956] hfs: unable to locate alternate MDB [ 624.613193][T19958] loop0: detected capacity change from 0 to 256 [ 624.614377][T19956] hfs: continuing without an alternate MDB [ 624.762899][T19956] hfs: walked past end of dir [ 624.982130][T19969] device syz_tun entered promiscuous mode [ 625.008835][T19969] device macvtap1 entered promiscuous mode [ 625.020404][T19969] device syz_tun left promiscuous mode [ 625.301078][T19981] loop6: detected capacity change from 0 to 64 [ 625.585245][T19996] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6076'. [ 625.601289][T19997] binder: BINDER_SET_CONTEXT_MGR bad uid 0 != 60928 [ 625.618193][T19997] binder: 19994:19997 ioctl 4018620d 200000000100 returned -1 [ 625.859372][T20008] kvm [20007]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010003) = 0x10000 [ 626.280598][ T4312] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 626.304047][T20028] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 626.370594][ T4311] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 626.481783][ T4312] usb 3-1: Using ep0 maxpacket: 8 [ 626.498799][ T4312] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 176, changing to 11 [ 626.540565][ T4312] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 626.560772][ T4311] usb 1-1: Using ep0 maxpacket: 8 [ 626.568215][ T4312] usb 3-1: config 0 interface 0 has no altsetting 0 [ 626.577423][ T4311] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 626.600799][ T4312] usb 3-1: New USB device found, idVendor=057e, idProduct=2019, bcdDevice= 0.00 [ 626.609936][ T4311] usb 1-1: config 179 has no interface number 0 [ 626.620072][ T4311] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 626.634753][ T4312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 626.644756][ T4312] usb 3-1: config 0 descriptor?? [ 626.649857][ T4311] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 626.665422][ T4311] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 626.677282][ T4311] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 626.698511][ T4311] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 626.712569][ T4311] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 626.730602][ T4311] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 626.742853][T20024] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 626.794008][T20041] loop6: detected capacity change from 0 to 4096 [ 626.871587][ T4312] usbhid 3-1:0.0: can't add hid device: -71 [ 626.899722][ T4312] usbhid: probe of 3-1:0.0 failed with error -71 [ 626.926065][ T4312] usb 3-1: USB disconnect, device number 40 [ 626.938699][T20044] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 627.061514][ T4311] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input52 [ 627.218721][ T7497] usb 1-1: USB disconnect, device number 40 [ 627.218764][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 627.233496][ C0] dummy_hcd dummy_hcd.0: timer fired with no URBs pending? [ 627.233639][ T7497] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 627.866781][T20064] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6106'. [ 627.917383][T20064] netem: unknown loss type 13 [ 627.940763][T20064] netem: change failed [ 627.984061][T20068] loop1: detected capacity change from 0 to 1024 [ 628.041316][T20068] EXT4-fs: Ignoring removed orlov option [ 628.120044][T20070] loop6: detected capacity change from 0 to 4096 [ 628.133124][T20068] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 628.230652][T20080] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 628.287237][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 628.325366][T20070] NILFS (loop6): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 628.406560][T20070] NILFS error (device loop6): nilfs_bmap_truncate: broken bmap (inode number=12) [ 628.480844][T20070] Remounting filesystem read-only [ 628.485909][T20070] NILFS (loop6): error -5 truncating bmap (ino=12) [ 628.527325][T20088] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6116'. [ 628.536883][T20088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6116'. [ 628.660965][T14900] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer [ 628.825602][T20099] loop3: detected capacity change from 0 to 64 [ 629.353413][T20118] loop3: detected capacity change from 0 to 4096 [ 629.412434][T20123] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 629.480329][T20118] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 629.521833][T20118] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=12) [ 629.549342][T20118] Remounting filesystem read-only [ 629.569945][T20118] NILFS (loop3): error -5 truncating bmap (ino=12) [ 630.190842][T19354] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 630.314222][T20132] loop1: detected capacity change from 0 to 128 [ 630.568443][T20127] loop6: detected capacity change from 0 to 32768 [ 630.688498][T20127] (syz.6.6133,20127,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 630.737389][T20127] (syz.6.6133,20127,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 630.857384][T20127] JBD2: Ignoring recovery information on journal [ 631.014739][T20127] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 631.052877][T20151] loop2: detected capacity change from 0 to 256 [ 631.521999][T14900] ocfs2: Unmounting device (7,6) on (node local) [ 631.676215][T20157] netlink: 104 bytes leftover after parsing attributes in process `syz.2.6147'. [ 632.309031][T20171] loop0: detected capacity change from 0 to 1024 [ 632.371561][T20171] EXT4-fs: Ignoring removed orlov option [ 632.441051][T20171] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 632.667171][T20183] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6157'. [ 632.752070][ T4271] EXT4-fs (loop0): unmounting filesystem. [ 632.907765][T20193] loop0: detected capacity change from 0 to 512 [ 632.962005][T20193] EXT4-fs (loop0): Test dummy encryption mode enabled [ 632.985908][T20193] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 633.019316][T20193] EXT4-fs (loop0): ea_inode feature is not supported for Hurd [ 633.364129][T20206] netlink: 'syz.6.6167': attribute type 9 has an invalid length. [ 633.592724][ T1169] kernel write not supported for file /amidi2 (pid: 1169 comm: kworker/0:2) [ 633.757831][T20218] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6172'. [ 633.786948][T20222] netlink: 212 bytes leftover after parsing attributes in process `syz.1.6173'. [ 634.675851][T20249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6187'. [ 634.873684][T20254] input: syz1 as /devices/virtual/input/input54 [ 635.923822][T20256] loop0: detected capacity change from 0 to 32768 [ 636.001262][T20278] syz.2.6199 sent an empty control message without MSG_MORE. [ 636.020907][T20256] XFS (loop0): Mounting V5 Filesystem [ 636.086882][T20256] XFS (loop0): Ending clean mount [ 636.116051][T20256] XFS (loop0): Quotacheck needed: Please wait. [ 636.256282][T20256] XFS (loop0): Quotacheck: Done. [ 636.436257][ T4271] XFS (loop0): Unmounting Filesystem [ 636.513254][T20287] loop2: detected capacity change from 0 to 256 [ 636.541392][T20287] exfat: Deprecated parameter 'namecase' [ 636.570644][T20287] exfat: Deprecated parameter 'namecase' [ 636.598426][T20287] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 636.926152][T20292] loop2: detected capacity change from 0 to 1024 [ 637.038438][T20292] hfsplus: bad catalog folder thread [ 637.960617][ T4311] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 638.157745][ T4311] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 638.169191][ T4311] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 638.189358][ T4311] usb 2-1: New USB device found, idVendor=0f3d, idProduct=68aa, bcdDevice=b4.ca [ 638.222896][ T4311] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 638.248491][ T4311] usb 2-1: Product: syz [ 638.264725][ T4311] usb 2-1: Manufacturer: syz [ 638.270348][ T4311] usb 2-1: SerialNumber: syz [ 638.277425][ T4311] usb 2-1: config 0 descriptor?? [ 638.492180][ T4311] usb 2-1: USB disconnect, device number 39 [ 638.710908][ T126] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 638.910535][ T126] usb 3-1: Using ep0 maxpacket: 8 [ 638.934874][ T126] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 638.951082][ T126] usb 3-1: config 179 has no interface number 0 [ 638.957398][ T126] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 638.980526][ T126] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 639.004011][T20351] netlink: 'syz.6.6230': attribute type 2 has an invalid length. [ 639.011142][ T126] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 639.041058][ T126] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 639.080540][ T126] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 639.119432][ T126] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 639.148743][ T126] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 639.187806][T20334] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 639.439905][ T126] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input55 [ 639.671846][ T4312] usb 3-1: USB disconnect, device number 41 [ 639.671962][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 639.686307][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 639.709050][ T4312] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 639.765681][T20366] loop0: detected capacity change from 0 to 512 [ 639.871759][ T5080] blk_print_req_error: 23 callbacks suppressed [ 639.871775][ T5080] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 640.196626][T20377] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6242'. [ 640.980399][T20393] nbd: must specify a size in bytes for the device [ 641.448327][T20401] netlink: 'syz.0.6253': attribute type 2 has an invalid length. [ 641.486636][T20401] netlink: 'syz.0.6253': attribute type 1 has an invalid length. [ 641.517133][T20401] netlink: 170140 bytes leftover after parsing attributes in process `syz.0.6253'. [ 641.975522][T20395] loop1: detected capacity change from 0 to 40427 [ 642.024638][T20415] loop0: detected capacity change from 0 to 256 [ 642.053214][T20395] F2FS-fs (loop1): invalid crc value [ 642.064995][T20417] loop2: detected capacity change from 0 to 512 [ 642.083047][T20395] F2FS-fs (loop1): Found nat_bits in checkpoint [ 642.116594][T20415] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 642.156457][T20417] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.6261: inode has both inline data and extents flags [ 642.201606][T20417] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.6261: couldn't read orphan inode 15 (err -117) [ 642.250730][T20417] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 642.269904][T20395] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 642.340867][T20415] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 642.534340][ T4266] syz-executor: attempt to access beyond end of device [ 642.534340][ T4266] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 642.599792][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 642.639983][T20427] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 643.080627][ T1169] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 643.270571][ T1169] usb 3-1: Using ep0 maxpacket: 16 [ 643.278206][ T1169] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 643.309727][ T1169] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 643.336456][ T1169] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 643.365027][ T1169] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 643.386092][ T1169] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 643.408902][ T1169] usb 3-1: config 0 descriptor?? [ 643.626762][T20430] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 643.640848][T20430] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 643.853265][ T1169] hid-generic 0003:0955:7214.0035: unknown main item tag 0x0 [ 643.870972][ T1169] hid-generic 0003:0955:7214.0035: unknown main item tag 0x4 [ 643.887249][ T1169] hid-generic 0003:0955:7214.0035: hidraw0: USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0 [ 644.053972][ T1169] usb 3-1: USB disconnect, device number 42 [ 644.123905][T20451] fido_id[20451]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 644.928018][T20470] loop0: detected capacity change from 0 to 4096 [ 644.987681][T20470] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 645.019078][T20470] ntfs3: loop0: Failed to load $Extend. [ 646.086448][T20510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6299'. [ 646.102181][T20510] netlink: 58 bytes leftover after parsing attributes in process `syz.1.6299'. [ 646.349183][T19217] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 646.362179][T19217] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 646.373380][T19217] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 646.382531][T19217] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 646.390042][T19217] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 646.398622][T19217] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 646.649728][ T4317] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.818235][ T4317] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 647.070391][ T4317] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 647.178034][ T4317] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 647.205179][T20513] chnl_net:caif_netlink_parms(): no params data found [ 647.357512][T20513] bridge0: port 1(bridge_slave_0) entered blocking state [ 647.389160][T20513] bridge0: port 1(bridge_slave_0) entered disabled state [ 647.410845][T20513] device bridge_slave_0 entered promiscuous mode [ 647.486217][T20513] bridge0: port 2(bridge_slave_1) entered blocking state [ 647.496013][T20513] bridge0: port 2(bridge_slave_1) entered disabled state [ 647.512158][T20513] device bridge_slave_1 entered promiscuous mode [ 647.633994][T20513] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 647.678595][T20513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 647.944816][T20557] loop0: detected capacity change from 0 to 128 [ 647.965316][T20557] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙˙˙˙˙18446744073709551615˙˙˙˙" or missing value [ 647.973491][T20513] team0: Port device team_slave_0 added [ 648.103714][T20513] team0: Port device team_slave_1 added [ 648.215078][T20513] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 648.222710][T20513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 648.248595][ C0] vkms_vblank_simulate: vblank timer overrun [ 648.264486][T20513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 648.349740][T20513] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 648.362049][T20513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 648.460810][ T4275] Bluetooth: hci3: command 0x0409 tx timeout [ 648.505125][T20513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 648.641376][T20573] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6319'. [ 648.759503][T20513] device hsr_slave_0 entered promiscuous mode [ 648.782304][T20513] device hsr_slave_1 entered promiscuous mode [ 648.849863][T20513] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 648.858008][T20513] Cannot create hsr debugfs directory [ 649.328436][T20598] ax25_connect(): syz.0.6328 uses autobind, please contact jreuter@yaina.de [ 649.422470][ T22] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 649.610879][ T22] usb 3-1: Using ep0 maxpacket: 8 [ 649.628784][ T22] usb 3-1: too many endpoints for config 0 interface 0 altsetting 33: 193, using maximum allowed: 30 [ 649.657666][T20604] Attempt to restore checkpoint with obsolete wellknown handles [ 649.667524][T20602] loop0: detected capacity change from 0 to 2048 [ 649.686955][ T22] usb 3-1: config 0 interface 0 altsetting 33 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 649.719637][ T22] usb 3-1: config 0 interface 0 altsetting 33 endpoint 0x81 has invalid wMaxPacketSize 0 [ 649.729923][ T22] usb 3-1: config 0 interface 0 altsetting 33 has 1 endpoint descriptor, different from the interface descriptor's value: 193 [ 649.749197][ T22] usb 3-1: config 0 interface 0 has no altsetting 0 [ 649.759871][ T22] usb 3-1: New USB device found, idVendor=056a, idProduct=010e, bcdDevice= 0.00 [ 649.787508][ T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 649.798963][T20602] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 649.817852][ T22] usb 3-1: config 0 descriptor?? [ 650.163768][T20616] loop1: detected capacity change from 0 to 8 [ 650.253105][ T22] wacom 0003:056A:010E.0036: unbalanced collection at end of report description [ 650.294425][ T22] wacom 0003:056A:010E.0036: parse failed [ 650.300211][ T22] wacom: probe of 0003:056A:010E.0036 failed with error -22 [ 650.487240][ T126] usb 3-1: USB disconnect, device number 43 [ 650.540665][ T4275] Bluetooth: hci3: command 0x041b tx timeout [ 650.706877][T20513] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 650.759614][T20513] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 650.806176][ T4317] device hsr_slave_0 left promiscuous mode [ 650.831935][ T4317] device hsr_slave_1 left promiscuous mode [ 650.858663][ T4317] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 650.875249][ T4317] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 650.903731][ T4317] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 650.920358][ T4317] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 650.948743][ T4317] device bridge_slave_1 left promiscuous mode [ 650.960922][ T4317] bridge0: port 2(bridge_slave_1) entered disabled state [ 650.987599][ T4317] device bridge_slave_0 left promiscuous mode [ 650.998608][ T4317] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.136879][ T4317] device veth1_macvtap left promiscuous mode [ 651.154945][ T4317] device veth0_macvtap left promiscuous mode [ 651.178852][ T4317] device veth1_vlan left promiscuous mode [ 651.200412][ T4317] device veth0_vlan left promiscuous mode [ 651.207672][T20642] loop0: detected capacity change from 0 to 2048 [ 651.388920][T20642] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 651.402819][T20642] ext4 filesystem being mounted at /1282/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 651.605753][ T4271] EXT4-fs (loop0): unmounting filesystem. [ 651.760768][ T1169] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 651.864019][ T9] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 651.980750][ T1169] usb 2-1: Using ep0 maxpacket: 8 [ 651.987924][ T1169] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 652.022402][ T1169] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.046770][ T1169] pvrusb2: Hardware description: Terratec Grabster AV400 [ 652.054107][ T1169] pvrusb2: ********** [ 652.058186][ T1169] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 652.070901][ T1169] pvrusb2: Important functionality might not be entirely working. [ 652.079218][ T1169] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 652.091776][ T1169] pvrusb2: ********** [ 652.253509][ T2305] pvrusb2: Invalid write control endpoint [ 652.374557][T20675] program syz.0.6355 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 652.449223][ T2305] pvrusb2: Invalid write control endpoint [ 652.463418][ T2305] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 652.517440][ T2305] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 652.528054][ T4411] usb 2-1: USB disconnect, device number 40 [ 652.543481][ T2305] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 652.563104][ T2305] pvrusb2: Device being rendered inoperable [ 652.599839][ T2305] cx25840 4-0044: Unable to detect h/w, assuming cx23887 [ 652.620604][ T4275] Bluetooth: hci3: command 0x040f tx timeout [ 652.626739][ T2305] cx25840 4-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 652.658270][T20677] loop0: detected capacity change from 0 to 8192 [ 652.679012][ T2305] pvrusb2: Attached sub-driver cx25840 [ 652.685675][ T2305] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 652.686029][T20677] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 652.702475][ T2305] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 652.716397][T20677] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 652.728196][T20677] REISERFS (device loop0): using journaled data mode [ 652.735356][T20677] reiserfs: using flush barriers [ 652.759570][T20677] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 652.792576][T20677] REISERFS (device loop0): checking transaction log (loop0) [ 652.817795][T20677] REISERFS (device loop0): Using r5 hash to sort names [ 652.828698][T20677] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 652.869426][T20677] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 652.916759][T20677] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 652.989295][ T4317] team0 (unregistering): Port device team_slave_1 removed [ 653.153494][ T4317] team0 (unregistering): Port device team_slave_0 removed [ 653.299695][ T4317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 653.378747][ T4317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 653.908484][ T4317] bond0 (unregistering): Released all slaves [ 654.036681][T20513] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 654.073386][T20691] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6361'. [ 654.100785][T20691] netlink: 'syz.1.6361': attribute type 21 has an invalid length. [ 654.126791][T20513] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 654.464982][T20513] 8021q: adding VLAN 0 to HW filter on device bond0 [ 654.518924][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 654.531189][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 654.573815][T20513] 8021q: adding VLAN 0 to HW filter on device team0 [ 654.627954][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 654.647888][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 654.681508][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 654.688647][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 654.700982][ T4275] Bluetooth: hci3: command 0x0419 tx timeout [ 654.702422][ T27] audit: type=1326 audit(1774665134.763:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20707 comm="syz.0.6368" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x0 [ 654.809592][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 654.841248][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 654.854691][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 654.881173][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 654.888310][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 654.916553][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 654.926107][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 654.952478][T20717] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6371'. [ 654.990580][ T4411] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 655.106258][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 655.135255][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 655.170226][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 655.180643][ T4411] usb 2-1: Using ep0 maxpacket: 16 [ 655.202179][ T4411] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 655.202252][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 655.250053][ T4411] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 655.251918][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 655.283954][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 655.292867][ T4411] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 655.309262][T20712] loop2: detected capacity change from 0 to 32768 [ 655.335013][ T4411] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 655.337286][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 655.360599][ T4411] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 655.385373][ T4411] usb 2-1: config 0 descriptor?? [ 655.407390][T20513] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 655.439125][T20712] XFS (loop2): Mounting V5 Filesystem [ 655.477718][T20513] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 655.527137][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 655.552288][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 655.613857][T20712] XFS (loop2): Ending clean mount [ 655.777505][ T4279] XFS (loop2): Unmounting Filesystem [ 655.851841][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 655.864546][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 655.914487][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 655.951356][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 655.958630][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 655.996549][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.016416][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.022102][T20747] loop0: detected capacity change from 0 to 512 [ 656.030340][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.050325][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.087601][T20747] FAT-fs (loop0): Directory bread(block 199916) failed [ 656.095308][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.112925][T20747] FAT-fs (loop0): Directory bread(block 199917) failed [ 656.119821][T20747] FAT-fs (loop0): Directory bread(block 199918) failed [ 656.132979][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.140239][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.149252][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.157243][T20747] FAT-fs (loop0): Directory bread(block 199919) failed [ 656.164976][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.172501][T20747] FAT-fs (loop0): Directory bread(block 199920) failed [ 656.179415][T20747] FAT-fs (loop0): Directory bread(block 199921) failed [ 656.186776][ T4411] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 656.203612][ T4411] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0037/input/input56 [ 656.219248][T20747] FAT-fs (loop0): Directory bread(block 199922) failed [ 656.228521][T20747] FAT-fs (loop0): Directory bread(block 199923) failed [ 656.250834][ T4411] microsoft 0003:045E:07DA.0037: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 656.311538][T20513] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 656.314423][ T4411] usb 2-1: USB disconnect, device number 41 [ 656.318689][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 656.347471][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 656.434550][T20747] FAT-fs (loop0): FAT read failed (blocknr 128) [ 656.661736][T20756] fido_id[20756]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 657.483723][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 657.509564][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 657.597365][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 657.627089][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 657.657804][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 657.706665][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 657.729381][T20513] device veth0_vlan entered promiscuous mode [ 657.792207][T20513] device veth1_vlan entered promiscuous mode [ 657.889980][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 657.908750][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 657.932200][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 657.951171][ T6517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 657.976335][T20802] device hsr0 entered promiscuous mode [ 658.061037][T20513] device veth0_macvtap entered promiscuous mode [ 658.099261][T20513] device veth1_macvtap entered promiscuous mode [ 658.142831][ T7497] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 658.238630][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.259784][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.278935][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.300821][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.331073][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.344527][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.364978][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.367358][ T7497] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 658.384469][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.400564][ T1169] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 658.415732][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: macsec4 [ 658.430432][ T7497] usb 2-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00 [ 658.439852][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.460158][ T7497] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 658.488558][T20513] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 658.491218][ T7497] usb 2-1: config 0 descriptor?? [ 658.509548][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 658.525982][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 658.537829][ T7497] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 658.555640][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 658.590933][ T1169] usb 1-1: Using ep0 maxpacket: 16 [ 658.600170][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 658.611568][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.626301][ T1169] usb 1-1: config 0 has no interfaces? [ 658.634055][ T1169] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 658.649230][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.660951][ T1169] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 658.668973][ T1169] usb 1-1: Manufacturer: syz [ 658.674690][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.686469][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.698188][ T1169] usb 1-1: config 0 descriptor?? [ 658.724947][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.736343][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.746767][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.763221][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.773603][T20513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2 [ 658.783906][T20513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.790395][T20798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 658.797445][T20513] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 658.820930][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 658.836322][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 658.858184][T20798] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 658.858728][T20513] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 658.879411][ T22] usb 2-1: USB disconnect, device number 42 [ 658.879863][T20513] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 658.950723][T20513] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 658.959500][T20513] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 658.993561][ T4311] usb 1-1: USB disconnect, device number 41 [ 659.145628][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 659.172275][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 659.211591][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 659.276431][ T47] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 659.305023][ T47] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 659.328041][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 659.409237][T20838] loop2: detected capacity change from 0 to 512 [ 659.430422][T20838] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.6402: inode has both inline data and extents flags [ 659.474727][T20838] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.6402: couldn't read orphan inode 15 (err -117) [ 659.510339][T20838] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 659.530703][ T22] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 659.730819][ T22] usb 2-1: Using ep0 maxpacket: 8 [ 659.750280][ T22] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 659.779708][ T22] usb 2-1: config 0 has no interface number 0 [ 659.793952][ T22] usb 2-1: config 0 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 659.833695][ T22] usb 2-1: config 0 interface 1 altsetting 1 bulk endpoint 0x1 has invalid maxpacket 0 [ 659.866293][ T22] usb 2-1: config 0 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 659.886702][ T22] usb 2-1: config 0 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 659.906901][ T22] usb 2-1: config 0 interface 1 has no altsetting 0 [ 659.920738][ T22] usb 2-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 659.940017][ T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 659.990911][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 660.018063][ T22] usb 2-1: config 0 descriptor?? [ 660.150142][T20859] loop6: detected capacity change from 0 to 1024 [ 660.303385][ T22] usb 2-1: USB disconnect, device number 43 [ 660.595570][T20876] loop2: detected capacity change from 0 to 512 [ 660.798779][T20876] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8840c01c, mo2=0002] [ 660.845093][T20876] EXT4-fs (loop2): orphan cleanup on readonly fs [ 660.927592][T20876] EXT4-fs warning (device loop2): ext4_enable_quotas:7087: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 661.011528][T20876] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 661.051087][T20876] EXT4-fs error (device loop2): ext4_ext_check_inode:530: inode #13: comm syz.2.6411: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 661.110892][T20876] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.6411: couldn't read orphan inode 13 (err -117) [ 661.171823][T20876] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 661.237904][T20888] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6415'. [ 661.277397][T20876] EXT4-fs (loop2): shut down requested (1) [ 661.326622][T20892] loop0: detected capacity change from 0 to 512 [ 661.449126][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 661.476067][T20892] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 661.510895][T20897] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6419'. [ 661.621864][T20892] EXT4-fs (loop0): 1 truncate cleaned up [ 661.627575][T20892] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 661.700156][T20899] loop1: detected capacity change from 0 to 4096 [ 661.744953][ T27] audit: type=1800 audit(1774665141.803:313): pid=20892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.6416" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 661.859165][T20910] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 661.934668][ T4271] EXT4-fs (loop0): unmounting filesystem. [ 662.480371][T20933] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 662.664083][T20941] loop7: detected capacity change from 0 to 256 [ 662.691542][T20941] exfat: Deprecated parameter 'namecase' [ 662.723529][T20941] exfat: Deprecated parameter 'utf8' [ 662.800292][T20941] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d) [ 663.245250][T20962] netlink: 27 bytes leftover after parsing attributes in process `syz.7.6442'. [ 663.493304][T20974] loop2: detected capacity change from 0 to 128 [ 663.530978][T20977] loop6: detected capacity change from 0 to 64 [ 663.568540][T20977] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 663.662931][T20974] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 663.708202][T20974] ext4 filesystem being mounted at /1338/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 663.715747][T20986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6452'. [ 663.733074][T20986] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6452'. [ 663.742389][T20986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6452'. [ 663.969492][T20991] lo speed is unknown, defaulting to 1000 [ 664.018571][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 664.101209][T20991] lo speed is unknown, defaulting to 1000 [ 664.172422][T20991] lo speed is unknown, defaulting to 1000 [ 664.674535][ T4411] lo speed is unknown, defaulting to 1000 [ 664.713961][T20991] infiniband syU×: set active [ 664.767103][T20991] infiniband syU×: added lo [ 664.991286][T21029] misc userio: Can't change port type on an already running userio instance [ 665.077883][T20991] RDS/IB: syU×: added [ 665.108160][T20991] smc: adding ib device syU× with port count 1 [ 665.140370][T20991] smc: ib device syU× port 1 has pnetid [ 665.162730][ T4311] lo speed is unknown, defaulting to 1000 [ 665.192570][T20991] lo speed is unknown, defaulting to 1000 [ 665.442838][T21048] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 665.613218][T20991] lo speed is unknown, defaulting to 1000 [ 665.998419][T20991] lo speed is unknown, defaulting to 1000 [ 666.340128][T21046] loop0: detected capacity change from 0 to 32768 [ 666.509330][T20991] lo speed is unknown, defaulting to 1000 [ 666.565242][T21053] loop1: detected capacity change from 0 to 32768 [ 666.642358][ T27] audit: type=1800 audit(1774665146.703:314): pid=21053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.6475" name="file1" dev="loop1" ino=4 res=0 errno=0 [ 667.004224][T20991] lo speed is unknown, defaulting to 1000 [ 667.183777][T21084] dvmrp1: tun_chr_ioctl cmd 1074025681 [ 667.929088][T21108] program syz.6.6494 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 668.027018][T21110] netlink: 148 bytes leftover after parsing attributes in process `syz.0.6495'. [ 668.340734][ T4311] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 668.375029][ T27] audit: type=1326 audit(1774665148.433:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21127 comm="syz.0.6503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 668.398798][ T27] audit: type=1326 audit(1774665148.433:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21127 comm="syz.0.6503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 668.422067][ T27] audit: type=1326 audit(1774665148.433:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21127 comm="syz.0.6503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 668.446278][ T27] audit: type=1326 audit(1774665148.433:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21127 comm="syz.0.6503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86ad9c799 code=0x7ffc0000 [ 668.540626][ T4311] usb 2-1: Using ep0 maxpacket: 32 [ 668.547623][ T4311] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 668.577224][ T4311] usb 2-1: config 0 has no interface number 0 [ 668.583930][ T4311] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 668.602324][ T4311] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 668.612454][ T4311] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 668.626252][ T4311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 668.648795][ T4311] usb 2-1: config 0 descriptor?? [ 669.277363][ T4311] uclogic 0003:28BD:0094.0038: pen parameters not found [ 669.291695][ T4311] uclogic 0003:28BD:0094.0038: interface is invalid, ignoring [ 669.517084][ T4311] usb 2-1: USB disconnect, device number 44 [ 669.772783][T21139] loop2: detected capacity change from 0 to 131072 [ 669.793164][T21139] F2FS-fs (loop2): invalid crc value [ 669.862804][T21139] F2FS-fs (loop2): Found nat_bits in checkpoint [ 669.937767][T21139] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 670.508919][T21175] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.676892][T21175] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.780357][T21186] loop2: detected capacity change from 0 to 512 [ 670.805178][T21186] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 670.829595][T21175] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.857964][T21186] EXT4-fs (loop2): 1 truncate cleaned up [ 670.874334][T21186] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 670.907613][ T27] audit: type=1800 audit(1774665150.963:319): pid=21186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6524" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 670.979942][T21175] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.099883][T21195] syzkaller1: tun_chr_ioctl cmd 1074025676 [ 671.112084][T21195] syzkaller1: owner set to 0 [ 671.313841][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 671.439435][T21175] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 671.479129][T21204] netlink: 27 bytes leftover after parsing attributes in process `syz.2.6529'. [ 671.709261][T21175] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 671.791846][T21175] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 671.816393][T21175] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 672.087314][T21225] netlink: 'syz.2.6537': attribute type 2 has an invalid length. [ 672.325246][T21238] misc userio: Can't change port type on an already running userio instance [ 673.471048][ T4311] hid-generic 0005:10CF:0080.0039: unknown main item tag 0x2 [ 673.512624][ T4311] hid-generic 0005:10CF:0080.0039: hidraw0: BLUETOOTH HID v0.8b Device [syz0] on aa:aa:aa:aa:aa:aa [ 673.643712][T21254] loop2: detected capacity change from 0 to 32768 [ 673.685512][T21289] loop0: detected capacity change from 0 to 1024 [ 673.808786][T21254] XFS (loop2): Mounting V5 Filesystem [ 673.921622][T21254] XFS (loop2): Ending clean mount [ 674.101480][ T4279] XFS (loop2): Unmounting Filesystem [ 674.280734][ T126] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 674.484170][ T126] usb 2-1: unable to get BOS descriptor or descriptor too short [ 674.522539][ T126] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 674.530129][ T126] usb 2-1: can't read configurations, error -71 [ 675.081404][T21331] loop6: detected capacity change from 0 to 4096 [ 675.126531][T21331] ntfs: (device loop6): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 675.181672][T21331] ntfs: (device loop6): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 675.220826][ T22] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 675.242794][T21331] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 675.270591][T21331] ntfs: (device loop6): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 675.347173][T21331] ntfs: volume version 3.1. [ 675.419054][T21331] ntfs: (device loop6): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set iso8859-9. You might want to try to use the mount option nls=utf8. [ 675.439017][ T22] usb 3-1: Using ep0 maxpacket: 8 [ 675.448698][ T22] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 675.499123][ T22] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 675.520872][T21331] ntfs: (device loop6): ntfs_filldir(): Skipping unrepresentable inode 0x4. [ 675.529558][ T22] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 675.529587][ T22] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 675.529627][ T22] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 675.653594][ T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 675.749795][T14900] ntfs: (device loop6): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 675.901469][ T22] usb 3-1: GET_CAPABILITIES returned 0 [ 675.907095][ T22] usbtmc 3-1:16.0: can't read capabilities [ 676.103460][T21365] loop1: detected capacity change from 0 to 512 [ 676.112722][ T4411] usb 3-1: USB disconnect, device number 44 [ 676.523021][T21374] loop7: detected capacity change from 0 to 4096 [ 676.629739][T21374] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 676.828039][T20513] EXT4-fs (loop7): unmounting filesystem. [ 677.573974][T21414] netlink: 32 bytes leftover after parsing attributes in process `syz.6.6603'. [ 677.660733][ T4317] wlan1: Trigger new scan to find an IBSS to join [ 677.710756][ T11] ------------[ cut here ]------------ [ 677.717320][ T11] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0xffffffff with flags 0x40 [ 677.728527][ T11] WARNING: CPU: 1 PID: 11 at net/mac80211/rate.c:385 __rate_control_send_low+0x635/0x880 [ 677.738394][ T11] Modules linked in: [ 677.742357][ T11] CPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted syzkaller #0 [ 677.749744][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 677.759842][ T11] Workqueue: events_unbound cfg80211_wiphy_work [ 677.766142][ T11] RIP: 0010:__rate_control_send_low+0x635/0x880 [ 677.772469][ T11] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 20 a9 a6 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 fb ef a4 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff [ 677.792119][ T11] RSP: 0018:ffffc90000107400 EFLAGS: 00010246 [ 677.798220][ T11] RAX: 7752f08e29a3ea00 RBX: 000000000000000c RCX: ffff88813feb3b80 [ 677.806235][ T11] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 677.814258][ T11] RBP: 0000000000000084 R08: ffffc90000107087 R09: 1ffff92000020e10 [ 677.822276][ T11] R10: dffffc0000000000 R11: fffff52000020e11 R12: 0000000000000040 [ 677.830263][ T11] R13: dffffc0000000000 R14: ffff888056783358 R15: ffff88801d647a28 [ 677.838273][ T11] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 677.847249][ T11] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 677.853912][ T11] CR2: 0000001b2f920ff8 CR3: 000000007fd34000 CR4: 00000000003506e0 [ 677.861928][ T11] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 677.869922][ T11] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 677.877951][ T11] Call Trace: [ 677.881287][ T11] [ 677.884245][ T11] rate_control_send_low+0x194/0x790 [ 677.889554][ T11] rate_control_get_rate+0x207/0x5c0 [ 677.894891][ T11] ieee80211_tx_h_rate_ctrl+0xb1a/0x1750 [ 677.900583][ T11] ? ieee80211_tx_h_select_key+0x17b0/0x17b0 [ 677.906632][ T11] ? ieee80211_queue_skb+0xc2/0x21c0 [ 677.911966][ T11] invoke_tx_handlers_late+0xb6/0x1810 [ 677.917437][ T11] ? ieee80211_tx_h_select_key+0x126d/0x17b0 [ 677.923444][ T11] ? sta_info_get+0x289/0x2a0 [ 677.928144][ T11] ? invoke_tx_handlers_early+0xa11/0x1d40 [ 677.934013][ T11] ieee80211_tx+0x2d4/0x460 [ 677.938657][ T11] ? ieee80211_skb_resize+0x630/0x630 [ 677.944071][ T11] ? ieee80211_set_qos_hdr+0x1c6/0x510 [ 677.949524][ T11] ? __bpf_trace_tasklet+0x10/0x10 [ 677.954644][ T11] ? ieee80211_xmit+0x30c/0x3f0 [ 677.959482][ T11] ? __ieee80211_tx_skb_tid_band+0x48c/0x610 [ 677.965469][ T11] __ieee80211_tx_skb_tid_band+0x4d1/0x610 [ 677.971323][ T11] ? ieee80211_scan_state_send_probe+0x4b4/0x930 [ 677.977660][ T11] ieee80211_scan_state_send_probe+0x560/0x930 [ 677.983853][ T11] ieee80211_scan_work+0x4d3/0x1bc0 [ 677.989057][ T11] ? _raw_spin_lock_irq+0xb7/0xf0 [ 677.994091][ T11] ? _raw_spin_lock_irqsave+0x100/0x100 [ 677.999633][ T11] cfg80211_wiphy_work+0x221/0x260 [ 678.004769][ T11] ? process_one_work+0x7b0/0x1160 [ 678.009885][ T11] process_one_work+0x8a2/0x1160 [ 678.014864][ T11] ? worker_detach_from_pool+0x240/0x240 [ 678.020541][ T11] ? _raw_spin_lock_irq+0xb7/0xf0 [ 678.025558][ T11] ? _raw_spin_lock_irqsave+0x100/0x100 [ 678.031136][ T11] ? kthread_data+0x4b/0xc0 [ 678.035653][ T11] worker_thread+0xaa2/0x1270 [ 678.040334][ T11] kthread+0x29d/0x330 [ 678.044424][ T11] ? worker_clr_flags+0x1a0/0x1a0 [ 678.049460][ T11] ? kthread_blkcg+0xd0/0xd0 [ 678.054071][ T11] ret_from_fork+0x1f/0x30 [ 678.058511][ T11] [ 678.061568][ T11] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 678.068849][ T11] CPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted syzkaller #0 [ 678.076201][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 678.086241][ T11] Workqueue: events_unbound cfg80211_wiphy_work [ 678.092496][ T11] Call Trace: [ 678.095771][ T11] [ 678.098687][ T11] dump_stack_lvl+0x188/0x24e [ 678.103370][ T11] ? memcpy+0x3c/0x60 [ 678.107337][ T11] ? show_regs_print_info+0x12/0x12 [ 678.112552][ T11] ? load_image+0x400/0x400 [ 678.117062][ T11] panic+0x2e5/0x730 [ 678.120944][ T11] ? bpf_jit_dump+0xd0/0xd0 [ 678.125445][ T11] ? ret_from_fork+0x1f/0x30 [ 678.130023][ T11] __warn+0x2f8/0x4f0 [ 678.133994][ T11] ? __rate_control_send_low+0x635/0x880 [ 678.139621][ T11] ? __rate_control_send_low+0x635/0x880 [ 678.145255][ T11] report_bug+0x2ba/0x4f0 [ 678.149580][ T11] ? __rate_control_send_low+0x635/0x880 [ 678.155212][ T11] handle_bug+0x3a/0x70 [ 678.159354][ T11] exc_invalid_op+0x16/0x40 [ 678.163862][ T11] asm_exc_invalid_op+0x16/0x20 [ 678.168696][ T11] RIP: 0010:__rate_control_send_low+0x635/0x880 [ 678.174922][ T11] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 20 a9 a6 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 fb ef a4 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff [ 678.194522][ T11] RSP: 0018:ffffc90000107400 EFLAGS: 00010246 [ 678.200598][ T11] RAX: 7752f08e29a3ea00 RBX: 000000000000000c RCX: ffff88813feb3b80 [ 678.208567][ T11] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 678.216533][ T11] RBP: 0000000000000084 R08: ffffc90000107087 R09: 1ffff92000020e10 [ 678.224498][ T11] R10: dffffc0000000000 R11: fffff52000020e11 R12: 0000000000000040 [ 678.232478][ T11] R13: dffffc0000000000 R14: ffff888056783358 R15: ffff88801d647a28 [ 678.240503][ T11] rate_control_send_low+0x194/0x790 [ 678.245791][ T11] rate_control_get_rate+0x207/0x5c0 [ 678.251076][ T11] ieee80211_tx_h_rate_ctrl+0xb1a/0x1750 [ 678.256717][ T11] ? ieee80211_tx_h_select_key+0x17b0/0x17b0 [ 678.262687][ T11] ? ieee80211_queue_skb+0xc2/0x21c0 [ 678.267966][ T11] invoke_tx_handlers_late+0xb6/0x1810 [ 678.273441][ T11] ? ieee80211_tx_h_select_key+0x126d/0x17b0 [ 678.279425][ T11] ? sta_info_get+0x289/0x2a0 [ 678.284090][ T11] ? invoke_tx_handlers_early+0xa11/0x1d40 [ 678.289895][ T11] ieee80211_tx+0x2d4/0x460 [ 678.294400][ T11] ? ieee80211_skb_resize+0x630/0x630 [ 678.299798][ T11] ? ieee80211_set_qos_hdr+0x1c6/0x510 [ 678.305248][ T11] ? __bpf_trace_tasklet+0x10/0x10 [ 678.310360][ T11] ? ieee80211_xmit+0x30c/0x3f0 [ 678.315204][ T11] ? __ieee80211_tx_skb_tid_band+0x48c/0x610 [ 678.321177][ T11] __ieee80211_tx_skb_tid_band+0x4d1/0x610 [ 678.326988][ T11] ? ieee80211_scan_state_send_probe+0x4b4/0x930 [ 678.333307][ T11] ieee80211_scan_state_send_probe+0x560/0x930 [ 678.339482][ T11] ieee80211_scan_work+0x4d3/0x1bc0 [ 678.344672][ T11] ? _raw_spin_lock_irq+0xb7/0xf0 [ 678.349692][ T11] ? _raw_spin_lock_irqsave+0x100/0x100 [ 678.355243][ T11] cfg80211_wiphy_work+0x221/0x260 [ 678.360343][ T11] ? process_one_work+0x7b0/0x1160 [ 678.365436][ T11] process_one_work+0x8a2/0x1160 [ 678.370367][ T11] ? worker_detach_from_pool+0x240/0x240 [ 678.375987][ T11] ? _raw_spin_lock_irq+0xb7/0xf0 [ 678.381008][ T11] ? _raw_spin_lock_irqsave+0x100/0x100 [ 678.386562][ T11] ? kthread_data+0x4b/0xc0 [ 678.391072][ T11] worker_thread+0xaa2/0x1270 [ 678.395763][ T11] kthread+0x29d/0x330 [ 678.399815][ T11] ? worker_clr_flags+0x1a0/0x1a0 [ 678.404822][ T11] ? kthread_blkcg+0xd0/0xd0 [ 678.409392][ T11] ret_from_fork+0x1f/0x30 [ 678.413824][ T11] [ 678.417162][ T11] Kernel Offset: disabled [ 678.421624][ T11] Rebooting in 86400 seconds..