last executing test programs: 2m46.572461085s ago: executing program 0 (id=4843): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0) write$P9_RSTATu(r0, &(0x7f0000000080)={0x265, 0x2, 0xafd, {{0x500, 0x124, 0x28, 0x1f00, {}, 0x0, 0x0, 0xc, 0x401, 0xffffffffffffff7d, '\nnodev{evo\x03\xd3\x8b\x92\x00'/27, 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x99\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0xac, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4@\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x009\x86Ac\x1dD\xf4\xa3\x9b\x11\x91\x93z(\x0e\x8d\x88\x9f\xc2 \xd1\x15\xac\x8e/\x18K\x9aau\x8d&w*\xb0\xf2\x04M\x8e\xf0&=\xdd\x97\xd3\xc4\'\xb3\xa52\xef\xab\x1d\x1c\xe3,\xa7\xc1\xfc#\x1a\xf4\x84\b\xe0+%P(\xb7\xc9\xbb\x859oM\x8a\xf0\xeb\x95\xfc\x0e\xcc\x99\xf7\x80\xe2'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0xfd85) 2m46.138349054s ago: executing program 0 (id=4853): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000840)=@getlink={0x3c, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'batadv_slave_1\x00'}, @IFLA_EXT_MASK={0x8}]}, 0x3c}}, 0x0) 2m45.957031804s ago: executing program 0 (id=4855): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f00000005c0)={&(0x7f0000000400)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000880)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc9a406a1f", 0x6}], 0x2, &(0x7f0000000200)=[@ip_ttl={{0x14}}], 0x18}, 0x24008894) 2m45.854723363s ago: executing program 0 (id=4856): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4018aee3, 0x0) 2m45.703061643s ago: executing program 0 (id=4859): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m44.60920449s ago: executing program 0 (id=4877): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000780)={0x300, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1}) 2m28.414969198s ago: executing program 32 (id=4877): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000780)={0x300, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1}) 1m25.53773165s ago: executing program 2 (id=6078): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000580)="d8000000140081044e81f782db44b9040a1d08020a000000040000a118000200ff11000000000e1208000f0100810401a80016ea1f0008400304000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 1m25.272809809s ago: executing program 2 (id=6083): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="68000000000201040000000000000000020000002400028014000180080001000000000008000200ac1e01010c00028005000100000000002c000380140001800805000000000000000002000a0101020c00028005000100000000000600034000040000040001"], 0x68}}, 0x0) 1m25.038018828s ago: executing program 2 (id=6088): r0 = socket$inet(0x2, 0xa, 0x2) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) 1m24.865345468s ago: executing program 2 (id=6093): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x800414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2c2, &(0x7f0000000c40)="$eJzs3dFLU28cx/GPzp+bE91+EEFB9VA3dTN0/QE1QiEaFOakugiOeVZjp03OGcYicjfRbX9EV1J33QXVZTfeRDfddydB0I0X0Yl2Nt102nQ6l75fIOe7830+nEc9yneC28qtFw/zWS+RtUrqjxj1SxWtSvE/VU1f7dhfrQfVqKILwz++nLp5+861VDo9MWXMZGr6YtIYM3rm3aMnr85+KA3PvBl9G9Zy/O7K9+TX5ePLJ1Z+TT/IeSbnmUKxZCwzWyyWrFnHNnM5L58w5oZjW55tcgXPdpv6Wac4P182VmFuJDrv2p5nrELZ5O2yKRVNyS0b676VK5hYImFGojraBtpYk1mamrJSW7b9UKuzLU+iJwy1Oum6qUrrZmapC3sCAAA9Zvv5P5j1t57/0zPBcdv5P1Sb/1+/lNqb/6XO5v9E0/zf19UvaI+rND36y/yPQ8F1U1a09vPbjPkfAAAAAAAAAAAAAAAAAAAAAIB/warvx3zfj9WP9Y+wpIik+uOD3if2xy6//5cOaLvYYw3/uBeRnOcLmYVMcAz6qaxycmRrTDH9rN4PNUE9eTU9MWaq4nrvLNbyiwuZkML1fF28Vf70/+NB3jTn/1O08fpJxXSs9fWTLfODOn+uIZ9QTJ/uqShHc9X7ej3/dNyYK9fTG/JD1XUAAAAAABwGCbNm0/P3ar+6IKLN/SC/g78PbHh+PaCT7bxEJQAAAAAA6JhXfpy3HMd2d1GEJXUQ30Hh9+37JfauCKkntrGhuCypB7bRrSIiKThjdhP/thZvK+W3sWZAUqefV6SLt9ZB/2YCAAAAsNfWh/4dhD4/28cdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABw9LT7emD19Zta9cY28YbLhfRx7e0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCPndwAAAP//6bYmHA==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 1m24.564368407s ago: executing program 2 (id=6098): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000200)={0x16, 0x98, 0xfa00, {0x0, 0x2, 0xffffffffffffffff, 0x10, 0x1, @in6={0xa, 0x4e21, 0x5, @empty, 0x5}}}, 0xa0) 1m24.136309525s ago: executing program 2 (id=6105): syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000640)='./file0\x00', 0x2000040, &(0x7f0000000400)=ANY=[@ANYBLOB="00bc7811e943bbb3bc31a70c81525069e4320000000000"], 0x1, 0x1a2, &(0x7f0000000000)="$eJzs0L9r1GAcx/H390nul1DlVBwq2AOLMUe1yVUdnA6nEy7g4CJ46HGNvWKqXHODLS10kYJU+y/oIHVUQScRBefiIDhoXLpJbygO4iAnyT0V/Bt8XpB88v1Aki9PN+7FBeD33kqHOhmLg3xEsIEJGXVKjfK1nr/r3BwFl/S8ofOZzvF4afl2O4rCxcrFCuV/CuBH1v2t4hccU5SEOvJ5b6XTlpsBwzoLajag3KT6EKtFz33EuD3G0RtYDJ0NLit64jTh0HS/yHS8tHxmfqE9F86Fd2q1mQveOc87n+4fhd4rxH0gises4gYUAkruKrkW97ftA0wJ4nZVYkl1QL7F5rZ1+uTUAOXuMkR45wwofLW7FXWVUxSvp8s3OCI8wQqYbFJS2Nyaj0KvgVxRL8W3P9k/c4rimmWd7dyNZtevKfmV36rLblH8HXKOT63qM5MeDYd5z3rCZEIjYSth5xsT8ib9y/652mvp/bmejnOCp3nutfv9RT8PH8QJqKVXGcayz6lsrzK81e/o4Mv+g2EYhmEYhmEYhvEf+BMAAP//l8hh1g==") llistxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000500)=""/93, 0x5d) 1m23.816831024s ago: executing program 33 (id=6105): syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000640)='./file0\x00', 0x2000040, &(0x7f0000000400)=ANY=[@ANYBLOB="00bc7811e943bbb3bc31a70c81525069e4320000000000"], 0x1, 0x1a2, &(0x7f0000000000)="$eJzs0L9r1GAcx/H390nul1DlVBwq2AOLMUe1yVUdnA6nEy7g4CJ46HGNvWKqXHODLS10kYJU+y/oIHVUQScRBefiIDhoXLpJbygO4iAnyT0V/Bt8XpB88v1Aki9PN+7FBeD33kqHOhmLg3xEsIEJGXVKjfK1nr/r3BwFl/S8ofOZzvF4afl2O4rCxcrFCuV/CuBH1v2t4hccU5SEOvJ5b6XTlpsBwzoLajag3KT6EKtFz33EuD3G0RtYDJ0NLit64jTh0HS/yHS8tHxmfqE9F86Fd2q1mQveOc87n+4fhd4rxH0gises4gYUAkruKrkW97ftA0wJ4nZVYkl1QL7F5rZ1+uTUAOXuMkR45wwofLW7FXWVUxSvp8s3OCI8wQqYbFJS2Nyaj0KvgVxRL8W3P9k/c4rimmWd7dyNZtevKfmV36rLblH8HXKOT63qM5MeDYd5z3rCZEIjYSth5xsT8ib9y/652mvp/bmejnOCp3nutfv9RT8PH8QJqKVXGcayz6lsrzK81e/o4Mv+g2EYhmEYhmEYhvEf+BMAAP//l8hh1g==") llistxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000500)=""/93, 0x5d) 27.972403988s ago: executing program 6 (id=6998): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e22, 0x1, @mcast2, 0x7}}, 0x4, 0xff, 0x7, 0xa8e, 0x2, 0x0, 0x40}, &(0x7f0000000240)=0x9c) 27.784665688s ago: executing program 6 (id=7002): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x1) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000002c0)={0x0, 0x0, 0x0, &(0x7f0000000280)=[0x0, 0x0], 0x0, 0x0, 0x0, 0x2}) 27.431955997s ago: executing program 6 (id=7008): pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff}, 0x80) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r0, 0x5761, &(0x7f0000000040)={0x2, 0x0, [{0xc532}, {}]}) 27.234787706s ago: executing program 6 (id=7011): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x481, &(0x7f0000000140)=ANY=[@ANYBLOB='decompose,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c747970653d69759d7b2c6e6f6465636f6d706f73652c706172743d3078303030303030303030303030303030352c6e6c733d63703835322c0003cbc07ba0a1136d4473bd2732cc9433380cd22dec53d0a6f1102a4eea5601100a9ad8b17df114bc4794e98d59b6e930d8b8f9647652dc225a077d8726a372a270"], 0x1, 0x6f8, &(0x7f0000002440)="$eJzs3U9sW3cdAPDvc2wn7lDm/ek2EFKjVVSwQpvEjBYJiYIQymFClbjsatp0jeJkVeKhtELUYwyOcEI97FCEwmEntAPSEAfEOCMhcUW9V+JeccDoPT87tpM49po/Xfl8pJf3e+/9/nx/37z3Yj+3cgD/t5bejFIrklg6/8ZWuv1gu9Z4sF1b65YjYjoiChHFziqS9Yjkk4gr0Vni8+nOvLtsfX+PcV5/+PEH5+59WOtsFfMlq1/oaz9Cu2+EYa18ibmImMrXEyru19+1Pfq7O1HXSS/uNGFnu4mDk9bepTVJ8zGuW+BJdzdiqrTH/mrEqYiYyV8HRH53KBxzeIduorscAAAAPJmmDqrw7KN4FFsxezzhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNMh6XxnYJIvhW55LpLu9/+X832pcvmE4x3tqwccf//GMQUCAAAAAAAAAEfio/yD+zOP4lFsxWy+O2kl2Wf+r2ZbL2Y/n4l3YjOWYyMuxFbUoxnN2IiFiNJsX4flrXqzubGwu+VvIm3Zbrfv5i0XI6K6q+XiccwaAAAAAAAAAJ5aP4ulmD3pIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoF8SMdVZZcuL3XI1CsWImImIclqvFfHnbvmz7C8nHQAAAAAcvUq+nk3+2ym0k+w9/0vZ+/6ZeCfWoxkr0YxGLMf17FlA511/4R+tWuPBdm0tXXZ3/J1/TxRH1mNETMW7+4w8n9U43WuxFN+PH8b5mIursREr8eOoRzOWYy4q6SSiHklUK52nF9VunHvHe2Vg6+pwbGeGtl/JIqnEjVjJYrsQ18rReWySzSEd85W+0f5Yjhga8d00O8m3c2Pm6Hrf7+vX+XOZXPvZMfs4GtVs5qVeRubT3OfZeG507ic8T4ZHWohC7xnUizujpJvDI3Vz/qNJcn4qX6e5/sVgzg/bhI/ShjOxGIX87It4aTDnt7507/nBxl/551+v3iysr968sXn+CKd0pErdwnAman2ZeHn02ZdnopFmojV+JkrDO2YeYx6HqJxnI7sVjXm3/F5Wqserfafg23E9luNSzMdCXI75+GYsRm3gDDs9kNdibW0wJ9m1Vth9f6uMCP7sl/sq/fKAyscrzctzfXntv9NVs2P5niu/ivm+LD0/+uyb+K9AOv4X8nI6xnu9vzhPgoFMZPfm9z7XPfbC6Ez8tp3+3Gysr27crN8ac7xz+Tq9bN8fvDf/7hCm8xjS8yW94xazrSwnle75kh57oRftYL7K+ScunXaFXcdO945VYzZW4gf7Xqnl/DXc7p46x17uP/avnTtnOX990z028Con3o5G9ipkyNzxZBWAsZ167VS58rDy98r9ys8rNytvzHx3+vL0F8tR+lvxT1N/KPy+8K3ktbgfP43Zk44UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeBpu376zWG43ljV4hZob3PG6hvO9YowtROLDO9jPjdRjViNFjJXmhfLhzv31ntRiH3OFRFyoxduXud3WN1/NHETGiTvmxg08mPscmLqSzPZQOS/2pa09N0Lw4OuHF2JzZ7zc4vXMVRHW13vhPe6BOJfoumT1M+F2FwBPtYnPt1sXN23e+trJWf2v5reX1xcuXLl+qfWPh6xdvrDSW5zs/TzpK4Chs3r4zddIxAAAAAAAAAAAAAJPJ//V/81P/Z4biAXXKG5t7j3zmuKcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfEYtvRmlViSxMH9hPt1+sF1rpEu3vFOzGBGFiEh+EpF8EnElOktU+7pL9hvn9Ycff3Du3oe1nb6K3fqFUe3G08qXmIuIqXx9sOk9utnd37W+/lqfKrykN8M0YWe7iYOT9r8AAAD//4739gY=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 26.925217805s ago: executing program 6 (id=7016): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$sock_int(r0, 0x1, 0x1e, 0x0, &(0x7f0000000000)=0x25) 26.489959894s ago: executing program 6 (id=7025): r0 = openat$sequencer(0xffffff9c, &(0x7f00000025c0), 0x22000, 0x0) ioctl$SNDCTL_MIDI_INFO(r0, 0xc074510c, 0x0) 26.214055633s ago: executing program 34 (id=7025): r0 = openat$sequencer(0xffffff9c, &(0x7f00000025c0), 0x22000, 0x0) ioctl$SNDCTL_MIDI_INFO(r0, 0xc074510c, 0x0) 2.98980038s ago: executing program 5 (id=7341): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x218, 0x0, 0x0, 0x3e8, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0xff000000, 0x0, 0x0, 0x0, {}, {@mac=@local, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00', {}, {}, 0x0, 0x100}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@empty, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x1, 0xc, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@arp={@remote, @local, 0x0, 0xff, 0x1, 0xc, {@mac, {[0x0, 0x0, 0x0, 0xff, 0x0, 0xff]}}, {@mac=@broadcast, {[0x0, 0xff, 0xff, 0xff, 0xff]}}, 0x10, 0x7, 0xa, 0x0, 0x6, 0x3802, 'veth0_to_hsr\x00', 'rose0\x00', {0xff}, {0xff}, 0x0, 0x280}, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438) 2.732326229s ago: executing program 5 (id=7345): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x1402, 0x1}, 0x10}}, 0x0) 2.507675098s ago: executing program 5 (id=7350): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x23, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="48000000180001000000000000000000020000000000ff"], 0x48}}, 0x0) 2.279421477s ago: executing program 5 (id=7355): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) setresgid(0xee00, 0xee01, 0x0) 2.227058207s ago: executing program 4 (id=7356): r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000000180)={&(0x7f0000000300), 0x10, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="280000000000000000000000070000000703ec441414"], 0x28}, 0x800) 2.068902656s ago: executing program 5 (id=7360): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x2}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x240000}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xfd}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400d4}, 0x84) 2.047303856s ago: executing program 4 (id=7361): pipe(&(0x7f0000007e00)={0xffffffffffffffff, 0xffffffffffffffff}) finit_module(r0, 0x0, 0x2) 1.874247326s ago: executing program 4 (id=7365): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff000000000000000085000000530000008500000023000000950000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9092dc1b6dbe9ab5becdcc777", 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.669368015s ago: executing program 4 (id=7369): r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$notify(r0, 0x402, 0x8) 1.611633505s ago: executing program 5 (id=7372): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2818000, &(0x7f00000003c0)={[{@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@numtail}, {@shortname_winnt}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@shortname_win95}, {@shortname_mixed}, {@shortname_win95}, {@uni_xlateno}, {@shortname_mixed}, {@numtail}, {@uni_xlate}]}, 0x1, 0x2ac, &(0x7f0000000600)="$eJzs3c9qY1UcB/Bv/rWpCMnClQhe0IWrMp0nmCIVBrtSstCNitMBacJAA4GOYp2Ve8GVC9/Ad/AB3PgGLlwK7pyFeCXJTZO0t9VC7Ej5fDb93XPO7/y597SFwD35+LXR8aMn48fPvvgl3W4jzQd5kOeN9NPMwlcBAO6S52WZ38u5f2rbzlaSslddNW9hegDAf+Am//8BgLvh/Q8+fHf/8PDgvaLoJqOvJ4NGklFjMpjX7z/OZxnmKPfSy59JeW4ev/zw8CDtolh8GDDZySAZffRTdb3/WzLL30sv/cv57zw8PNgr5vLm6GwymI48/dnJS41kv2zMO7qfXl5Jyk6qTpb592vyM9jKW298V83/r6PsppefP82TDPNo1sUy/8u9oni7/PaPz+crGCSNs8lge9ZuqWzd2kMBAAAAAAAAAAAAAAAAAAAAAODO2y3O9VfPz1mcBri7W18/Ox+oVXM+UHXCz9nK+Tr3iqJYHOMzGXQyz2/n1XbaL3TxAAAAAAAAAAAAAAAAAAAA8D8xPn16/MlweHSyFvxYXiypCao3+lOVtFeq2utV1/dTExz/kNw8698EaVVTGzYuDbFY0CbG2r5J4526QdO86h62h5lP/pubT+z1TS3w2mCxu6ab5JrGrYxPu/WbZGVn7lSdnYxnD2jnqk27HpQ1t651ZdbWJtb+/fbm9k8VTFfcOb+Z622606FWSjrj06dpbu435YLGxv/2AAAAAAAAAAAAAAAAAAAA65Yv/ebXS5XPXsiUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODWLb///zxI/2LJxeCsSr6uzSLYPhnXDNsvb3mdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3G1/BwAA//93GVcG") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) 1.472088165s ago: executing program 4 (id=7374): r0 = openat$incfs(0xffffffffffffff9c, &(0x7f00000001c0)='.log\x00', 0x484c0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="0200000001"], 0xc, 0x0) 1.258879654s ago: executing program 4 (id=7378): syz_mount_image$ocfs2(&(0x7f0000000000), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000240)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@inode64}, {@nouser_xattr}, {@inode64}]}, 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") setxattr$incfs_metadata(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x2) 1.203437314s ago: executing program 3 (id=7379): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x7a, 0x0, &(0x7f0000000140)=0xf) 1.192891824s ago: executing program 1 (id=7380): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0x8, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xdc}}, 0x0) 1.107292694s ago: executing program 7 (id=7381): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x82000000003, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000040)={0x0, 0x47524247, 0x2, @discrete={0x7, 0x6}}) 1.043160863s ago: executing program 3 (id=7382): r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000001c0)='asymmetric\x00', &(0x7f0000000240)=@keyring={'key_or_keyring:', r0, 0x30}) 1.023850903s ago: executing program 1 (id=7383): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, 0x0, &(0x7f0000002080)=""/4096}, 0x20) 917.758133ms ago: executing program 7 (id=7384): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r0, 0x0, 0x20, &(0x7f0000000000)="ea0749f97f9248c1", 0x8) 788.301093ms ago: executing program 3 (id=7385): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x58, 0x0, 0x9, 0x3, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8}}, @NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_TUPLE={0x24, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0x5, 0x2, 0x0, 0x1, {0x5}}]}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x58}}, 0x0) 788.098833ms ago: executing program 1 (id=7386): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00') getdents(r0, 0xffffffffffffffff, 0x0) 727.726952ms ago: executing program 7 (id=7387): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtaction={0x6c, 0x30, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}, 0x1, 0x500}, 0x0) 649.492332ms ago: executing program 1 (id=7388): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={0x0}, 0x1, 0x0, 0x0, 0x44000}, 0x4044841) 543.603742ms ago: executing program 3 (id=7389): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000019280)=@ipv6_newrule={0x1c, 0x1a, 0x11, 0x0, 0x0, {0x81, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x18}}, 0x1c}, 0x1, 0x0, 0x0, 0x4018}, 0x4000040) 481.700531ms ago: executing program 7 (id=7390): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="780100003c000701fcffffff00000003047c000004003680600101"], 0x178}, 0x1, 0x0, 0x0, 0x4c040}, 0xc000) 407.779861ms ago: executing program 3 (id=7391): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100766574680000000004000280080029000ced0104"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x4008004) 340.353011ms ago: executing program 1 (id=7392): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000240)={0x3}) 256.485001ms ago: executing program 7 (id=7393): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000003c0)={'filter\x00', 0x7, 0x7ffffffc, 0x3c8, 0x0, 0x0, 0x1f8, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @empty, @multicast2}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}, {{@arp={@empty, @multicast1, 0x0, 0x0, 0x0, 0x0, {@mac=@multicast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'wg2\x00', 'ipvlan1\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) 200.21423ms ago: executing program 1 (id=7394): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)="1b00000018008103e00212ba0d81050423031000030f0600067c55", 0x1b}], 0x1}, 0x0) 143.179791ms ago: executing program 3 (id=7395): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x93}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x0) 0s ago: executing program 7 (id=7396): r0 = socket(0x1, 0x803, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000180)={'gre0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x1100, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @empty}}}}) kernel console output (not intermixed with test programs): d, -22. [ 656.099169][T18069] BTRFS info (device loop4): balance: start -sdevid=0,drange=9..255,vrange=2..1024,limit=9223372036854777855,stripes=3..2145695905 [ 656.145826][T16247] ntfs3: loop5: ntfs_sync_fs r=1a failed, -22. [ 656.162811][T16247] ntfs3: loop5: ntfs_evict_inode r=1a failed, -22. [ 656.180737][T18069] BTRFS info (device loop4): balance: ended with status: 0 [ 656.319685][ T4247] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 656.529714][T18139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5903'. [ 656.551712][T18140] netlink: 'syz.5.5901': attribute type 2 has an invalid length. [ 656.580413][T18139] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5903'. [ 656.617682][T18142] netlink: 'syz.2.5904': attribute type 95 has an invalid length. [ 656.842423][T18144] loop4: detected capacity change from 0 to 1024 [ 657.089543][T18156] binder: 18154:18156 unknown command 0 [ 657.095152][T18156] binder: 18154:18156 ioctl c0306201 20000100 returned -22 [ 657.146968][T18100] loop3: detected capacity change from 0 to 65536 [ 657.286733][T18100] XFS (loop3): Mounting V5 Filesystem [ 657.433915][T18100] XFS (loop3): Ending clean mount [ 657.501546][T18100] XFS (loop3): Quotacheck needed: Please wait. [ 657.606708][T18100] XFS (loop3): Quotacheck: Done. [ 657.669772][T18189] loop1: detected capacity change from 0 to 256 [ 657.725810][T18189] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 657.747256][ T4256] XFS (loop3): Unmounting Filesystem [ 657.889254][T18196] loop2: detected capacity change from 0 to 1024 [ 657.993109][T18200] tmpfs: Bad value for 'mpol' [ 658.872245][T18234] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5945'. [ 659.194122][T18220] loop4: detected capacity change from 0 to 32768 [ 659.271822][T18220] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.5939 (18220) [ 659.311178][T18220] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 659.334133][T18220] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 659.364499][T18220] BTRFS info (device loop4): using free space tree [ 659.464342][T18230] loop2: detected capacity change from 0 to 32768 [ 659.489110][T18230] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.5943 (18230) [ 659.625790][T18230] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 659.804733][T18230] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 659.814301][T18230] BTRFS info (device loop2): force zlib compression, level 3 [ 659.858303][T18230] BTRFS info (device loop2): force clearing of disk cache [ 659.918154][T18230] BTRFS info (device loop2): setting nodatasum [ 659.930467][T18220] BTRFS info (device loop4): enabling ssd optimizations [ 659.965382][T18230] BTRFS info (device loop2): doing ref verification [ 659.972028][T18230] BTRFS info (device loop2): allowing degraded mounts [ 660.069083][T18230] BTRFS info (device loop2): enabling disk space caching [ 660.091854][T18279] loop5: detected capacity change from 0 to 1024 [ 660.103745][T18230] BTRFS info (device loop2): disk space caching is enabled [ 660.158162][T18279] EXT4-fs: Ignoring removed nomblk_io_submit option [ 660.226755][T18296] netlink: 'syz.3.5959': attribute type 2 has an invalid length. [ 660.234670][T18296] netlink: 'syz.3.5959': attribute type 1 has an invalid length. [ 660.240303][ T4247] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 660.242395][T18296] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5959'. [ 660.286337][T18279] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 660.351189][T18279] EXT4-fs error (device loop5): __ext4_new_inode:1075: comm syz.5.5958: reserved inode found cleared - inode=18 [ 660.455397][T18230] BTRFS info (device loop2): enabling ssd optimizations [ 660.486885][T18230] BTRFS info (device loop2): rebuilding free space tree [ 660.576574][T18230] BTRFS info (device loop2): disabling free space tree [ 660.583844][T18230] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 660.632171][T18230] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 660.696092][T16247] EXT4-fs (loop5): unmounting filesystem. [ 660.919356][ T4248] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 660.937742][ T4412] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 661.008124][T18326] device netdevsim0 entered promiscuous mode [ 661.162290][ T4412] usb 2-1: Using ep0 maxpacket: 8 [ 661.175671][ T4412] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 661.192986][T18329] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead [ 661.233390][ T4412] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 661.251472][ T4412] usb 2-1: Product: syz [ 661.255689][ T4412] usb 2-1: Manufacturer: syz [ 661.258113][T18329] xt_CT: You must specify a L4 protocol and not use inversions on it [ 661.272844][T18331] nfs: Unknown parameter 'no' [ 661.281194][ T4412] usb 2-1: SerialNumber: syz [ 661.295819][ T4412] usb 2-1: config 0 descriptor?? [ 661.435836][T18337] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5976'. [ 661.457991][T18339] loop4: detected capacity change from 0 to 128 [ 661.487236][T18339] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 661.541905][ T4412] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 661.660440][ T9] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 661.764204][ T4412] usb write operation failed. (-71) [ 661.790360][ T4412] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 661.821040][ T4412] dvbdev: DVB: registering new adapter (Terratec H7) [ 661.838534][ T4412] usb 2-1: media controller created [ 661.844438][ T4412] usb read operation failed. (-71) [ 661.879083][ T4412] usb write operation failed. (-71) [ 661.917510][ T4412] dvb_usb_az6007: probe of 2-1:0.0 failed with error -5 [ 661.949676][ T4412] usb 2-1: USB disconnect, device number 14 [ 662.567076][T18377] netlink: 'syz.2.5996': attribute type 2 has an invalid length. [ 662.607841][T18377] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 662.651892][T18355] loop5: detected capacity change from 0 to 40427 [ 662.728975][T18355] F2FS-fs (loop5): Found nat_bits in checkpoint [ 662.840331][T18390] tmpfs: Bad value for 'mpol' [ 662.878789][T18355] F2FS-fs (loop5): Cannot turn on quotas: -2 on 2 [ 662.946950][T18355] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 662.967636][T18363] loop4: detected capacity change from 0 to 32768 [ 662.985844][T18363] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.5989 (18363) [ 663.005942][T18363] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 663.016346][T18363] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 663.029221][T18363] BTRFS info (device loop4): enabling auto defrag [ 663.036499][T18363] BTRFS info (device loop4): doing ref verification [ 663.043340][T18363] BTRFS info (device loop4): use no compression [ 663.075306][T18363] BTRFS info (device loop4): max_inline at 4096 [ 663.082400][T18363] BTRFS info (device loop4): enabling ssd optimizations [ 663.089813][T18363] BTRFS info (device loop4): using spread ssd allocation scheme [ 663.108134][T18363] BTRFS info (device loop4): using free space tree [ 663.541203][T18388] loop3: detected capacity change from 0 to 32768 [ 663.564658][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 663.564675][ T26] audit: type=1800 audit(1738206027.184:83): pid=18363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5989" name="file2" dev="loop4" ino=261 res=0 errno=0 [ 663.613928][T18388] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.5999 (18388) [ 663.727040][T18388] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 663.760057][T18388] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 663.781341][T18388] BTRFS info (device loop3): force zlib compression, level 3 [ 663.789507][T18388] BTRFS info (device loop3): force clearing of disk cache [ 663.845508][T18388] BTRFS info (device loop3): setting nodatasum [ 663.851722][T18388] BTRFS info (device loop3): disabling free space tree [ 663.877201][T18431] usb usb6: usbfs: process 18431 (syz.2.6013) did not claim interface 0 before use [ 663.901684][ T4247] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 663.919034][T18388] BTRFS info (device loop3): enabling disk space caching [ 663.948338][T18388] BTRFS info (device loop3): disk space caching is enabled [ 664.133668][T18442] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 664.372487][T18388] BTRFS info (device loop3): enabling ssd optimizations [ 664.431633][T18388] BTRFS info (device loop3): rebuilding free space tree [ 664.495989][T18464] loop5: detected capacity change from 0 to 64 [ 664.499676][T18388] BTRFS info (device loop3): disabling free space tree [ 664.551204][T18388] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 664.596131][T18388] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 664.789360][T18426] loop1: detected capacity change from 0 to 32768 [ 664.807176][T18388] BTRFS info (device loop3): balance: start -sdevid=0,drange=9..255,vrange=2..1024,limit=9223372036854777855,stripes=3..2145695905 [ 664.844504][T18426] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.6010 (18426) [ 664.867440][T18388] BTRFS info (device loop3): balance: ended with status: 0 [ 664.917924][T18426] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 664.948780][T18426] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 665.016467][T18426] BTRFS info (device loop1): using free space tree [ 665.038818][ T4256] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 665.327578][T18426] BTRFS info (device loop1): enabling ssd optimizations [ 665.478127][T18513] program syz.4.6033 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 665.567022][T18513] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 665.690861][ T4246] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 665.703252][T18517] xt_connbytes: Forcing CT accounting to be enabled [ 665.739642][T18517] set match dimension is over the limit! [ 666.312796][T18539] loop5: detected capacity change from 0 to 256 [ 666.397526][T18539] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 666.557423][T18544] loop2: detected capacity change from 0 to 4096 [ 666.586367][T18544] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 666.658559][T18544] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 666.810238][T18557] loop4: detected capacity change from 0 to 256 [ 666.932879][T18551] syz.1.6052 (18551): drop_caches: 2 [ 666.987638][T18557] FAT-fs (loop4): Directory bread(block 64) failed [ 667.009928][T18557] FAT-fs (loop4): Directory bread(block 65) failed [ 667.042132][T18557] FAT-fs (loop4): Directory bread(block 66) failed [ 667.048701][T18557] FAT-fs (loop4): Directory bread(block 67) failed [ 667.056356][T18561] device netdevsim0 entered promiscuous mode [ 667.063581][T18557] FAT-fs (loop4): Directory bread(block 68) failed [ 667.084839][T18557] FAT-fs (loop4): Directory bread(block 69) failed [ 667.091483][T18557] FAT-fs (loop4): Directory bread(block 70) failed [ 667.138197][T18557] FAT-fs (loop4): Directory bread(block 71) failed [ 667.144840][T18557] FAT-fs (loop4): Directory bread(block 72) failed [ 667.159601][T18557] FAT-fs (loop4): Directory bread(block 73) failed [ 667.222630][T18550] loop3: detected capacity change from 0 to 32768 [ 667.255259][T18550] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.6053 (18550) [ 667.303640][T18550] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 667.341995][T18550] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 667.350739][T18550] BTRFS info (device loop3): setting nodatasum [ 667.407515][T18550] BTRFS info (device loop3): force zlib compression, level 3 [ 667.429947][T18550] BTRFS info (device loop3): metadata ratio 1 [ 667.448542][T18550] BTRFS info (device loop3): enabling ssd optimizations [ 667.455530][T18550] BTRFS info (device loop3): allowing degraded mounts [ 667.517347][T18550] BTRFS info (device loop3): using free space tree [ 667.680907][T18582] xt_connbytes: Forcing CT accounting to be enabled [ 667.692434][T18559] loop5: detected capacity change from 0 to 32768 [ 667.715572][T18582] set match dimension is over the limit! [ 667.754911][T18559] ERROR: (device loop5): diAllocAG: nfreeinos = 0, but iag on freelist [ 667.754911][T18559] [ 667.812279][T18559] ERROR: (device loop5): remounting filesystem as read-only [ 667.884728][T18559] ialloc: diAlloc returned -5! [ 667.915806][ T1126] block nbd2: Attempted send on invalid socket [ 667.922120][ T1126] blk_print_req_error: 8 callbacks suppressed [ 667.922135][ T1126] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2 [ 667.990443][ T4256] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 668.458045][ T4323] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 668.476330][T18617] binder: 18616:18617 ioctl c018620c 20000180 returned -22 [ 668.620700][T18627] loop3: detected capacity change from 0 to 8 [ 668.690376][ T4323] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 668.717005][ T4323] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 668.746810][T18627] SQUASHFS error: zlib decompression failed, data probably corrupt [ 668.748505][T18629] loop4: detected capacity change from 0 to 256 [ 668.756540][ T4323] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.764922][T18631] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6078'. [ 668.778973][T18627] SQUASHFS error: Failed to read block 0x13e: -5 [ 668.802145][T18627] SQUASHFS error: Unable to read metadata cache entry [13c] [ 668.811167][ T4323] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 668.827298][T18627] SQUASHFS error: Unable to read directory block [13c:26] [ 668.834590][ T4323] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 668.859335][ T4323] usb 2-1: Product: syz [ 668.866522][ T4323] usb 2-1: Manufacturer: syz [ 668.887458][ T4323] usb 2-1: SerialNumber: syz [ 668.907184][ T4323] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found [ 668.934255][ T4323] cdc_ncm 2-1:1.0: bind() failure [ 669.051867][T18640] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6083'. [ 669.066909][T18640] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6083'. [ 669.121755][ T4323] usb 2-1: USB disconnect, device number 15 [ 669.233754][T18651] syz.2.6088 uses obsolete (PF_INET,SOCK_PACKET) [ 669.275867][T18653] netlink: 'syz.4.6089': attribute type 13 has an invalid length. [ 669.357246][T18655] loop3: detected capacity change from 0 to 1024 [ 669.378967][T18657] loop2: detected capacity change from 0 to 128 [ 669.409767][T18657] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 669.443882][T18657] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 669.532071][ T9] hfsplus: b-tree write err: -5, ino 4 [ 669.590625][ T4248] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 669.608446][ T4248] FAT-fs (loop2): Filesystem has been set read-only [ 669.628124][ T4248] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 669.698359][T18669] netlink: 'syz.5.6099': attribute type 10 has an invalid length. [ 669.815180][T18665] loop4: detected capacity change from 0 to 4096 [ 669.826718][T18669] team0: Port device vlan0 added [ 669.828452][T18671] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 669.853710][T18665] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 669.911340][T18665] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 670.165889][ T9] ntfs3: loop4: ntfs3_write_inode r=5 failed, -22. [ 670.178806][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.192202][ T4247] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22. [ 670.386350][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.560403][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.668851][T18692] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6112'. [ 670.691766][T18677] loop3: detected capacity change from 0 to 32768 [ 670.756484][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.786473][T18677] find_entry called with index = 0 [ 671.143946][ T4258] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 671.162523][ T4258] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 671.178441][ T4258] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 671.214990][ T4258] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 671.222695][ T4258] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 671.229952][ T4258] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 671.999308][T18706] loop4: detected capacity change from 0 to 32768 [ 672.021166][T18736] loop1: detected capacity change from 0 to 1024 [ 672.072580][T18736] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 672.208601][T18736] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 672.285893][T18736] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 672.307034][T18736] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.6126: Failed to acquire dquot type 1 [ 672.367420][T18748] netlink: 'syz.3.6131': attribute type 1 has an invalid length. [ 672.375415][T18748] netlink: 224 bytes leftover after parsing attributes in process `syz.3.6131'. [ 672.437484][ T4246] EXT4-fs (loop1): unmounting filesystem. [ 672.599074][T18754] loop1: detected capacity change from 0 to 16 [ 672.601973][T18703] chnl_net:caif_netlink_parms(): no params data found [ 672.642842][T18754] erofs: (device loop1): mounted with root inode @ nid 36. [ 672.730954][T18754] erofs: (device loop1): init_inode_xattrs: xattr_isize 12 of nid 86 is not supported yet [ 672.893545][T18741] loop5: detected capacity change from 0 to 32768 [ 673.028083][T18741] XFS (loop5): Mounting V5 Filesystem [ 673.228522][T18741] XFS (loop5): Ending clean mount [ 673.282492][T18741] XFS (loop5): Quotacheck needed: Please wait. [ 673.348201][T18741] XFS (loop5): Quotacheck: Done. [ 673.368625][T18703] bridge0: port 1(bridge_slave_0) entered blocking state [ 673.392514][ T4258] Bluetooth: hci2: command 0x0409 tx timeout [ 673.407703][T18703] bridge0: port 1(bridge_slave_0) entered disabled state [ 673.496305][T18703] device bridge_slave_0 entered promiscuous mode [ 673.546079][T16247] XFS (loop5): Unmounting Filesystem [ 673.559537][T18703] bridge0: port 2(bridge_slave_1) entered blocking state [ 673.591859][T18703] bridge0: port 2(bridge_slave_1) entered disabled state [ 673.645614][T18703] device bridge_slave_1 entered promiscuous mode [ 674.177096][T18703] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 674.215056][T18816] netlink: 'syz.4.6152': attribute type 7 has an invalid length. [ 674.392347][T18824] netlink: 'syz.4.6155': attribute type 1 has an invalid length. [ 674.408232][T18824] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6155'. [ 674.419729][T18703] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 674.468296][T18826] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6156'. [ 674.504124][ T4406] usb 2-1: new full-speed USB device number 16 using dummy_hcd [ 674.604681][T18703] team0: Port device team_slave_0 added [ 674.624272][T18703] team0: Port device team_slave_1 added [ 674.701387][ T11] device hsr_slave_0 left promiscuous mode [ 674.727328][ T11] device hsr_slave_1 left promiscuous mode [ 674.741277][ T4406] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 674.760600][ T4406] usb 2-1: config 0 has an invalid descriptor of length 55, skipping remainder of the config [ 674.783676][ T11] device veth1_macvtap left promiscuous mode [ 674.790521][ T11] device veth0_macvtap left promiscuous mode [ 674.792662][ T4406] usb 2-1: config 0 has no interface number 0 [ 674.797729][ T11] device veth1_vlan left promiscuous mode [ 674.809480][ T4406] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 14385, setting to 64 [ 674.810531][ T11] device veth0_vlan left promiscuous mode [ 674.846284][ T4406] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 674.873348][ T4406] usb 2-1: config 0 interface 52 has no altsetting 0 [ 674.888282][T18822] loop5: detected capacity change from 0 to 32768 [ 674.890226][ T4406] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00 [ 674.925873][ T4406] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=35 [ 674.944456][ T26] audit: type=1800 audit(1738206037.828:84): pid=18822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.6145" name="file1" dev="loop5" ino=4 res=0 errno=0 [ 674.963662][ T4406] usb 2-1: SerialNumber: syz [ 674.971828][ T4406] usb 2-1: config 0 descriptor?? [ 675.174969][T18828] loop4: detected capacity change from 0 to 32768 [ 675.183151][T18828] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.6157 (18828) [ 675.227646][ T4406] input: USB Synaptics Device 06cb:0003 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input63 [ 675.273542][T18828] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 675.284253][T18828] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 675.297446][T18828] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 675.307406][T18828] BTRFS info (device loop4): use zstd compression, level 3 [ 675.346856][T18828] BTRFS info (device loop4): using free space tree [ 675.562108][ T5412] usb 2-1: USB disconnect, device number 16 [ 675.562187][ C0] synaptics_usb 2-1:0.52: synusb_irq - usb_submit_urb failed with result: -19 [ 675.630824][ T4258] Bluetooth: hci2: command 0x041b tx timeout [ 675.690390][T18828] BTRFS info (device loop4): enabling ssd optimizations [ 675.812885][ T4247] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 676.398920][T18857] loop1: detected capacity change from 0 to 8192 [ 676.439325][T18857] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 676.458873][T18857] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 676.482248][T18857] REISERFS (device loop1): using ordered data mode [ 676.490130][T18857] reiserfs: using flush barriers [ 676.517034][T18857] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 676.533698][T18857] REISERFS (device loop1): checking transaction log (loop1) [ 676.566754][T18857] REISERFS (device loop1): Using r5 hash to sort names [ 676.616933][T18857] reiserfs: enabling write barrier flush mode [ 676.655626][T18857] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 676.673748][T18857] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 677.425213][ T11] bond0 (unregistering): Released all slaves [ 677.533064][T18703] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 677.541990][T18703] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 677.571950][T18703] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 677.584806][T18703] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 677.591861][T18703] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 677.619389][T18703] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 677.633445][T18832] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6159'. [ 677.662333][T18885] device bridge1 entered promiscuous mode [ 677.833964][T18703] device hsr_slave_0 entered promiscuous mode [ 677.840583][ T4258] Bluetooth: hci2: command 0x040f tx timeout [ 677.871114][T18703] device hsr_slave_1 entered promiscuous mode [ 677.890176][T18703] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 677.900343][T18703] Cannot create hsr debugfs directory [ 677.943797][T18893] loop3: detected capacity change from 0 to 256 [ 678.049899][T18893] FAT-fs (loop3): Directory bread(block 64) failed [ 678.080987][T18893] FAT-fs (loop3): Directory bread(block 65) failed [ 678.135893][T18893] FAT-fs (loop3): Directory bread(block 66) failed [ 678.144766][T18893] FAT-fs (loop3): Directory bread(block 67) failed [ 678.169757][T18893] FAT-fs (loop3): Directory bread(block 68) failed [ 678.196366][T18893] FAT-fs (loop3): Directory bread(block 69) failed [ 678.205755][T18893] FAT-fs (loop3): Directory bread(block 70) failed [ 678.212300][T18893] FAT-fs (loop3): Directory bread(block 71) failed [ 678.256712][T18893] FAT-fs (loop3): Directory bread(block 72) failed [ 678.263299][T18893] FAT-fs (loop3): Directory bread(block 73) failed [ 678.496521][T18703] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 678.546356][T18703] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 678.607864][T18703] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 678.654998][T18703] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 678.912643][T18930] loop3: detected capacity change from 0 to 128 [ 678.945212][T18930] VFS: Found a Xenix FS (block size = 1024) on device loop3 [ 678.960994][T18703] 8021q: adding VLAN 0 to HW filter on device bond0 [ 679.045505][ T4256] sysv_free_block: flc_count > flc_size [ 679.063097][T18703] 8021q: adding VLAN 0 to HW filter on device team0 [ 679.069752][ T4256] sysv_free_block: flc_count > flc_size [ 679.069765][ T4256] sysv_free_block: flc_count > flc_size [ 679.069772][ T4256] sysv_free_block: flc_count > flc_size [ 679.069780][ T4256] sysv_free_block: flc_count > flc_size [ 679.069787][ T4256] sysv_free_block: flc_count > flc_size [ 679.069795][ T4256] sysv_free_block: flc_count > flc_size [ 679.069802][ T4256] sysv_free_block: flc_count > flc_size [ 679.069809][ T4256] sysv_free_block: flc_count > flc_size [ 679.069817][ T4256] sysv_free_block: flc_count > flc_size [ 679.070316][ T4256] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 679.114494][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 679.144370][T18939] syz.4.6196[18939] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 679.144465][T18939] syz.4.6196[18939] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 679.180284][T18941] openvswitch: netlink: Flow actions attr not present in new flow. [ 679.202995][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 679.222682][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 679.273256][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 679.282094][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 679.289267][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 679.335698][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 679.387129][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 679.437010][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 679.444173][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 679.495616][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 679.515081][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 679.536084][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 679.582642][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 679.620905][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 679.647600][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 679.679100][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 679.710777][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 679.719949][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 679.781038][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 679.818772][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 679.821836][T18960] netlink: 'syz.4.6206': attribute type 2 has an invalid length. [ 679.837793][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 679.863998][T18960] netlink: 'syz.4.6206': attribute type 1 has an invalid length. [ 679.872513][T18703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 680.063502][ T4258] Bluetooth: hci2: command 0x0419 tx timeout [ 680.160642][T18948] loop5: detected capacity change from 0 to 32768 [ 680.203160][T18948] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.6200 (18948) [ 680.309218][T18948] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 680.319405][T18948] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 680.394673][T18948] BTRFS info (device loop5): enabling auto defrag [ 680.414988][T18954] loop1: detected capacity change from 0 to 32768 [ 680.423216][T18948] BTRFS info (device loop5): doing ref verification [ 680.445040][T18954] XFS: ikeep mount option is deprecated. [ 680.451394][T18948] BTRFS info (device loop5): use no compression [ 680.479409][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 680.501657][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 680.526305][T18948] BTRFS info (device loop5): max_inline at 4096 [ 680.532637][T18948] BTRFS info (device loop5): enabling ssd optimizations [ 680.541326][T18703] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 680.592280][T18948] BTRFS info (device loop5): using spread ssd allocation scheme [ 680.607013][T18990] loop4: detected capacity change from 0 to 512 [ 680.639529][T18948] BTRFS info (device loop5): using free space tree [ 680.670172][T18954] XFS (loop1): Mounting V5 Filesystem [ 680.679431][T18990] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 680.688370][T18990] System zones: 0-2, 18-18, 34-34 [ 680.719643][T18954] XFS (loop1): Ending clean mount [ 680.720283][T18990] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.6212: bg 0: block 248: padding at end of block bitmap is not set [ 680.744873][T18954] XFS (loop1): Quotacheck needed: Please wait. [ 680.852636][T18954] XFS (loop1): Quotacheck: Done. [ 680.864206][ T26] audit: type=1800 audit(1738206043.357:85): pid=18948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.6200" name="file2" dev="loop5" ino=261 res=0 errno=0 [ 680.907779][T18990] Quota error (device loop4): write_blk: dquota write failed [ 680.915381][T19023] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6214'. [ 680.937718][T18990] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 680.982544][T18990] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.6212: Failed to acquire dquot type 1 [ 681.025620][T18990] EXT4-fs (loop4): 1 truncate cleaned up [ 681.031312][T18990] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 681.057554][ T4246] XFS (loop1): Unmounting Filesystem [ 681.122188][T16247] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 681.143084][T18990] ext4 filesystem being mounted at /1255/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 681.181321][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 681.258207][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 681.422678][T19030] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 681.423882][ T4247] EXT4-fs (loop4): unmounting filesystem. [ 681.508016][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 681.516427][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 681.598540][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 681.635497][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 681.640411][T19034] loop5: detected capacity change from 0 to 512 [ 681.655070][T18703] device veth0_vlan entered promiscuous mode [ 681.711556][T19034] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 681.716831][T18703] device veth1_vlan entered promiscuous mode [ 681.773377][T19034] EXT4-fs (loop5): 1 truncate cleaned up [ 681.783701][T19034] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 681.904257][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 681.944169][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 681.955986][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 681.969095][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 682.003477][T16247] EXT4-fs (loop5): unmounting filesystem. [ 682.012979][T18703] device veth0_macvtap entered promiscuous mode [ 682.075471][T18703] device veth1_macvtap entered promiscuous mode [ 682.154427][T19054] loop5: detected capacity change from 0 to 128 [ 682.160282][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 682.182395][T19054] VFS: Found a Xenix FS (block size = 1024) on device loop5 [ 682.201443][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.245088][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 682.289353][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.332148][T18703] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 682.364429][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 682.378228][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 682.389287][T16247] sysv_free_block: flc_count > flc_size [ 682.396885][T16247] sysv_free_block: flc_count > flc_size [ 682.402468][T16247] sysv_free_block: flc_count > flc_size [ 682.437229][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 682.476404][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 682.486917][T16247] sysv_free_block: flc_count > flc_size [ 682.497703][T16247] sysv_free_block: flc_count > flc_size [ 682.503393][ T26] audit: type=1326 audit(1738206044.891:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19065 comm="syz.3.6228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 682.532022][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 682.557494][T19068] i2c i2c-0: Invalid block write size 34 [ 682.558986][T16247] sysv_free_block: flc_count > flc_size [ 682.576055][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.580774][T16247] sysv_free_block: flc_count > flc_size [ 682.596826][ T26] audit: type=1326 audit(1738206044.891:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19065 comm="syz.3.6228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 682.630290][T16247] sysv_free_block: flc_count > flc_size [ 682.634050][T18703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 682.649583][T16247] sysv_free_block: flc_count > flc_size [ 682.673703][T18703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.685934][ T26] audit: type=1326 audit(1738206044.909:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19065 comm="syz.3.6228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 682.693053][T16247] sysv_free_block: flc_count > flc_size [ 682.730522][T18703] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 682.769848][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 682.785237][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 682.793481][ T26] audit: type=1326 audit(1738206044.909:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19065 comm="syz.3.6228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 682.803593][T16247] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 682.845939][T18703] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.856482][T18703] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.881727][ T26] audit: type=1326 audit(1738206044.909:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19065 comm="syz.3.6228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 682.905456][T18703] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.940521][T18703] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 683.175557][ T1122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 683.183799][ T1122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 683.274481][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 683.327124][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 683.346950][T19094] netlink: 'syz.5.6238': attribute type 16 has an invalid length. [ 683.354877][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 683.416792][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 683.498842][T19099] netlink: 'syz.4.6241': attribute type 5 has an invalid length. [ 684.340220][T19144] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 684.393163][T19144] xt_bpf: check failed: parse error [ 684.586310][T19156] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6263'. [ 684.614831][T19156] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6263'. [ 684.909902][T19170] loop1: detected capacity change from 0 to 1764 [ 684.962472][T19166] loop3: detected capacity change from 0 to 4096 [ 685.027410][T19166] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 685.068559][T19179] loop4: detected capacity change from 0 to 64 [ 685.157618][T19166] ntfs3: loop3: failed to convert "c46c" to iso8859-9 [ 685.369432][T19186] loop5: detected capacity change from 0 to 2048 [ 685.434635][T19186] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 685.545350][T19197] loop3: detected capacity change from 0 to 512 [ 685.609941][T19197] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 685.703063][T19197] EXT4-fs (loop3): 1 truncate cleaned up [ 685.711275][T19197] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 685.772027][T14844] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 685.856838][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 685.985793][T14844] usb 6-1: Using ep0 maxpacket: 16 [ 685.994990][T14844] usb 6-1: config 0 has an invalid interface number: 105 but max is 0 [ 686.025930][T14844] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 686.070752][T14844] usb 6-1: config 0 has no interface number 0 [ 686.102856][T14844] usb 6-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 686.124958][T14844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 686.132990][T14844] usb 6-1: Product: syz [ 686.213722][T14844] usb 6-1: Manufacturer: syz [ 686.218364][T14844] usb 6-1: SerialNumber: syz [ 686.262317][T14844] usb 6-1: config 0 descriptor?? [ 686.280150][T14844] usb 6-1: Found UVC 0.00 device syz (046d:08f3) [ 686.327242][T14844] usb 6-1: No valid video chain found. [ 686.535950][T14844] usb 6-1: USB disconnect, device number 4 [ 687.093734][T19277] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 687.114437][T19277] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 687.134851][T19277] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 687.193952][T19277] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 687.205757][T19277] device geneve2 entered promiscuous mode [ 687.247988][T19277] netdevsim netdevsim6 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 687.268641][T19277] netdevsim netdevsim6 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 687.277637][T19277] netdevsim netdevsim6 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 687.360858][T19289] netlink: 56 bytes leftover after parsing attributes in process `syz.3.6310'. [ 687.384414][T19289] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6310'. [ 687.384866][T19277] netdevsim netdevsim6 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 687.408674][T19289] netlink: 35 bytes leftover after parsing attributes in process `syz.3.6310'. [ 687.435879][T19289] netlink: 'syz.3.6310': attribute type 3 has an invalid length. [ 687.461084][T19289] netlink: 'syz.3.6310': attribute type 2 has an invalid length. [ 687.632541][ T7063] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 687.707079][T14844] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 687.841093][ T7063] usb 6-1: config index 0 descriptor too short (expected 147, got 72) [ 687.862439][ T7063] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 687.911226][ T7063] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 687.923224][T14844] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 687.951626][T14844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 687.960951][ T7063] usb 6-1: Product: syz [ 687.966742][ T7063] usb 6-1: Manufacturer: syz [ 687.979084][T14844] usb 5-1: Product: syz [ 687.994208][ T7063] usb 6-1: SerialNumber: syz [ 688.002761][T19314] loop3: detected capacity change from 0 to 256 [ 688.009671][T14844] usb 5-1: Manufacturer: syz [ 688.014296][T14844] usb 5-1: SerialNumber: syz [ 688.023397][ T7063] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 688.053595][T14844] usb 5-1: config 0 descriptor?? [ 688.066641][ T5410] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 688.303047][T14844] usb 5-1: ignoring: probably an ADSL modem [ 688.410400][T19324] loop3: detected capacity change from 0 to 4096 [ 688.527362][T14844] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 688.577680][T14844] usb 5-1: USB disconnect, device number 15 [ 688.639642][ T7063] usb 6-1: USB disconnect, device number 5 [ 688.697553][T19330] netlink: 'syz.6.6325': attribute type 7 has an invalid length. [ 688.735112][T19330] netlink: 'syz.6.6325': attribute type 5 has an invalid length. [ 688.742890][T19330] netlink: 17 bytes leftover after parsing attributes in process `syz.6.6325'. [ 688.973391][T19317] loop1: detected capacity change from 0 to 40427 [ 688.990941][T19317] F2FS-fs (loop1): invalid crc value [ 688.998775][T19317] F2FS-fs (loop1): Found nat_bits in checkpoint [ 689.026628][T19317] F2FS-fs (loop1): Start checkpoint disabled! [ 689.034361][T19317] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 689.207141][T19347] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6331'. [ 689.216623][ T5410] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 689.234711][ T5410] ath9k_htc: Failed to initialize the device [ 689.241781][ T7063] usb 6-1: ath9k_htc: USB layer deinitialized [ 689.259875][T19347] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6331'. [ 689.456200][T19357] Unsupported ieee802154 address type: 0 [ 689.571548][T19349] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 689.578578][T19349] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 689.584840][T19349] Bluetooth: hci5: Suspend notifier action (1) failed: -4 [ 689.594784][T19349] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 689.600857][T19349] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 689.606805][T19349] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 690.304839][ T9583] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 690.529266][ T9583] usb 5-1: Using ep0 maxpacket: 16 [ 690.536143][ T9583] usb 5-1: config 1 interface 0 altsetting 235 endpoint 0x81 has an invalid bInterval 167, changing to 11 [ 690.569787][ T9583] usb 5-1: config 1 interface 0 altsetting 235 bulk endpoint 0x82 has invalid maxpacket 1023 [ 690.573099][T19409] netlink: 32 bytes leftover after parsing attributes in process `syz.5.6360'. [ 690.594659][ T9583] usb 5-1: config 1 interface 0 altsetting 235 endpoint 0x3 has invalid wMaxPacketSize 0 [ 690.632887][ T9583] usb 5-1: config 1 interface 0 has no altsetting 0 [ 690.650083][ T9583] usb 5-1: New USB device found, idVendor=0525, idProduct=0800, bcdDevice= 0.00 [ 690.668453][ T9583] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 690.687449][ T9583] usb 5-1: Product: syz [ 690.696820][ T9583] usb 5-1: Manufacturer: syz [ 690.723228][ T9583] usb 5-1: SerialNumber: syz [ 690.752854][T19383] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 690.789373][ T9583] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 691.020069][ T5415] usb 5-1: USB disconnect, device number 16 [ 691.062202][T19428] loop6: detected capacity change from 0 to 256 [ 691.083432][T19398] loop1: detected capacity change from 0 to 32768 [ 691.126444][T19398] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.6354 (19398) [ 691.167074][T19398] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 691.207404][T19398] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 691.245486][T19398] BTRFS info (device loop1): using free space tree [ 691.540779][T19458] loop3: detected capacity change from 0 to 256 [ 691.555570][T19398] BTRFS info (device loop1): enabling ssd optimizations [ 691.609093][ T4257] Bluetooth: hci5: command 0x0c1a tx timeout [ 691.651242][T19458] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 691.751177][T19467] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 691.757882][ T4246] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 691.779485][T19467] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 691.790913][ T4257] Bluetooth: hci2: command 0x0c1a tx timeout [ 691.832582][T19467] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 691.842433][T19467] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 691.853425][T19467] device geneve2 entered promiscuous mode [ 692.159710][T19467] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 692.197057][T19467] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 692.218405][T19467] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 692.227456][T19467] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 692.277838][T19477] loop1: detected capacity change from 0 to 1024 [ 692.294301][T19477] EXT4-fs: Ignoring removed nobh option [ 692.394802][T19477] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #11: comm syz.1.6380: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 692.425551][T19477] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.6380: couldn't read orphan inode 11 (err -117) [ 692.490011][T19477] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 692.566733][T19487] loop3: detected capacity change from 0 to 2048 [ 692.613232][T19477] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.6380: Invalid block bitmap block 0 in block_group 0 [ 692.684259][T19477] Quota error (device loop1): write_blk: dquota write failed [ 692.709998][T19477] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 692.746392][T19477] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.6380: Failed to acquire dquot type 0 [ 692.772125][T19499] loop5: detected capacity change from 0 to 64 [ 692.837237][T19487] loop3: unable to read partition table [ 692.859969][T19487] loop3: partition table beyond EOD, truncated [ 692.881341][T19487] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 692.921453][ T4246] EXT4-fs (loop1): unmounting filesystem. [ 693.030457][ T3623] loop3: unable to read partition table [ 693.052461][ T3623] loop3: partition table beyond EOD, truncated [ 693.566365][T19536] netlink: 'syz.1.6410': attribute type 14 has an invalid length. [ 693.586991][T19536] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (204) [ 693.768078][T19546] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6414'. [ 693.913153][T19549] loop4: detected capacity change from 0 to 2048 [ 693.932852][T19555] netlink: 'syz.3.6419': attribute type 21 has an invalid length. [ 693.942868][T19549] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 694.004116][ T4257] Bluetooth: hci2: command 0x0406 tx timeout [ 694.018950][T19549] Invalid option length (0) for dns_resolver key [ 694.061429][T19518] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 694.067688][T19518] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 694.105453][T19559] loop3: detected capacity change from 0 to 4096 [ 694.109753][T19518] Bluetooth: hci5: Suspend notifier action (1) failed: -4 [ 694.115113][T19559] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 694.137176][T19518] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 694.156743][T19559] ntfs: (device loop3): check_mft_mirror(): $MFTMirr location mismatch. Run chkdsk. [ 694.162014][T19518] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 694.175829][T19518] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 694.186725][T19559] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 694.207131][T19563] netlink: 192 bytes leftover after parsing attributes in process `syz.1.6422'. [ 694.290154][T19559] ntfs: volume version 3.1. [ 694.374976][T19559] ntfs: (device loop3): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 694.406316][T19571] loop6: detected capacity change from 0 to 256 [ 694.446993][T19559] ntfs: (device loop3): ntfs_read_locked_inode(): Failed to lookup $DATA attribute. [ 694.513307][T19559] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x44 as bad. Run chkdsk. [ 694.881640][T19592] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6434'. [ 694.917431][T19592] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6434'. [ 695.054696][T19602] netlink: 212 bytes leftover after parsing attributes in process `syz.6.6438'. [ 695.205013][T19608] loop5: detected capacity change from 0 to 256 [ 695.240507][T19610] usb usb1: usbfs: process 19610 (syz.3.6444) did not claim interface 0 before use [ 695.259820][T19608] FAT-fs (loop5): Directory bread(block 64) failed [ 695.267681][T19608] FAT-fs (loop5): Directory bread(block 65) failed [ 695.288337][T19608] FAT-fs (loop5): Directory bread(block 66) failed [ 695.294895][T19608] FAT-fs (loop5): Directory bread(block 67) failed [ 695.319116][T19608] FAT-fs (loop5): Directory bread(block 68) failed [ 695.332147][T19608] FAT-fs (loop5): Directory bread(block 69) failed [ 695.351232][T19608] FAT-fs (loop5): Directory bread(block 70) failed [ 695.357785][T19608] FAT-fs (loop5): Directory bread(block 71) failed [ 695.404620][T19608] FAT-fs (loop5): Directory bread(block 72) failed [ 695.414984][ T5410] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 695.420270][T19616] netlink: 'syz.6.6448': attribute type 10 has an invalid length. [ 695.435019][T19608] FAT-fs (loop5): Directory bread(block 73) failed [ 695.543377][ T4257] Bluetooth: hci5: command 0x0c1a tx timeout [ 695.603593][T19623] Cannot find map_set index 0 as target [ 695.619007][ T5410] usb 2-1: Using ep0 maxpacket: 16 [ 695.637040][ T5410] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 695.689821][ T5410] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 695.728190][ T5410] usb 2-1: Product: syz [ 695.732434][ T5410] usb 2-1: Manufacturer: syz [ 695.783727][ T5410] usb 2-1: SerialNumber: syz [ 695.804962][ T5410] r8152-cfgselector 2-1: config 0 descriptor?? [ 695.908149][T19639] loop6: detected capacity change from 0 to 8 [ 696.193352][T19649] netlink: 76 bytes leftover after parsing attributes in process `syz.3.6464'. [ 696.214481][T19649] netlink: 76 bytes leftover after parsing attributes in process `syz.3.6464'. [ 696.280077][ T5410] r8152-cfgselector 2-1: Unknown version 0x0000 [ 696.299823][ T5410] r8152-cfgselector 2-1: USB disconnect, device number 17 [ 696.312937][ T4257] Bluetooth: hci2: command 0x0c1a tx timeout [ 696.840655][T19679] xt_l2tp: invalid flags combination: 8 [ 697.233850][T19697] device netdevsim0 entered promiscuous mode [ 697.246994][T19699] program syz.6.6485 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 697.639357][T19720] loop4: detected capacity change from 0 to 64 [ 697.766808][ T4257] Bluetooth: hci5: command 0x0406 tx timeout [ 698.365569][ T4402] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 698.536875][ T4257] Bluetooth: hci2: command 0x0406 tx timeout [ 698.579260][ T4402] usb 6-1: Using ep0 maxpacket: 32 [ 698.586059][ T4402] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 698.626238][ T4402] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 698.669816][ T4402] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 698.700372][ T4402] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 698.718441][ T4402] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 698.758827][ T4402] usb 6-1: Product: syz [ 698.767659][ T4402] usb 6-1: Manufacturer: syz [ 698.792252][ T4402] usb 6-1: SerialNumber: syz [ 698.807287][ T4402] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input64 [ 698.826902][T19778] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 698.903071][ T26] audit: type=1326 audit(1738206060.241:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19781 comm="syz.3.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 698.932517][T14844] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 698.974811][ T26] audit: type=1326 audit(1738206060.287:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19781 comm="syz.3.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 699.118087][ T4402] usb 6-1: USB disconnect, device number 6 [ 699.128705][ T26] audit: type=1326 audit(1738206060.287:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19781 comm="syz.3.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 699.151631][T14844] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 699.177440][ T4402] appletouch 6-1:1.0: input: appletouch disconnected [ 699.184911][T14844] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 699.217420][ T26] audit: type=1326 audit(1738206060.287:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19781 comm="syz.3.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 699.228231][T14844] usb 7-1: Product: syz [ 699.255587][ T26] audit: type=1326 audit(1738206060.287:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19781 comm="syz.3.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc6718cda9 code=0x7ffc0000 [ 699.284144][T14844] usb 7-1: Manufacturer: syz [ 699.307494][T14844] usb 7-1: SerialNumber: syz [ 699.333570][T14844] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 699.403486][T14844] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 699.620826][ T5410] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 699.841060][ T5410] usb 4-1: Using ep0 maxpacket: 16 [ 699.849997][ T5410] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 699.887009][ T5410] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 699.929572][ T5410] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 699.949117][ T4402] usb 7-1: USB disconnect, device number 2 [ 699.960695][ T5410] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice=4f.14 [ 699.979734][ T5410] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 699.998892][ T5410] usb 4-1: Product: syz [ 700.003263][ T5410] usb 4-1: Manufacturer: syz [ 700.007873][ T5410] usb 4-1: SerialNumber: syz [ 700.037576][ T5410] usb 4-1: config 0 descriptor?? [ 700.043216][T19789] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 700.057774][T19792] loop4: detected capacity change from 0 to 32768 [ 700.081150][ T5410] mceusb 4-1:0.0: mceusb_dev_probe: device setup failed! [ 700.089454][ T5410] mceusb: probe of 4-1:0.0 failed with error -12 [ 700.109802][T19792] ERROR: (device loop4): dbAllocAG: Corrupt dmapctl page [ 700.109802][T19792] [ 700.148262][T19792] ERROR: (device loop4): remounting filesystem as read-only [ 700.329445][T19825] tmpfs: Bad value for 'mpol' [ 700.342837][ T5410] usb 4-1: USB disconnect, device number 10 [ 700.509868][T19832] netlink: 'syz.4.6529': attribute type 1 has an invalid length. [ 700.589198][T14844] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 700.599520][T14844] ath9k_htc: Failed to initialize the device [ 700.617354][T19836] netlink: 'syz.1.6534': attribute type 8 has an invalid length. [ 700.643613][ T4402] usb 7-1: ath9k_htc: USB layer deinitialized [ 701.269915][T19866] loop4: detected capacity change from 0 to 2048 [ 701.341876][T19866] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 701.438730][T19866] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 701.577772][T19866] EXT4-fs error (device loop4): __ext4_remount:6610: comm syz.4.6545: Abort forced by user [ 701.608976][T19866] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 701.797512][ T4247] EXT4-fs (loop4): unmounting filesystem. [ 701.907866][T19859] loop1: detected capacity change from 0 to 32768 [ 702.028391][T19859] XFS (loop1): Mounting V5 Filesystem [ 702.036602][T19904] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check. [ 702.101050][T19914] trusted_key: encrypted_key: keyword 'loéòSDœ¡Ûlt' not recognized [ 702.252904][T19859] XFS (loop1): Ending clean mount [ 702.268979][T19859] XFS (loop1): Quotacheck needed: Please wait. [ 702.337628][T19859] XFS (loop1): Quotacheck: Done. [ 702.552632][ T4246] XFS (loop1): Unmounting Filesystem [ 703.193603][T19959] loop3: detected capacity change from 0 to 1024 [ 703.654745][T19982] loop6: detected capacity change from 0 to 256 [ 703.734552][T19982] FAT-fs (loop6): Directory bread(block 64) failed [ 703.770787][T19982] FAT-fs (loop6): Directory bread(block 65) failed [ 703.807137][T19982] FAT-fs (loop6): Directory bread(block 66) failed [ 703.813701][T19982] FAT-fs (loop6): Directory bread(block 67) failed [ 703.870299][T19995] loop1: detected capacity change from 0 to 16 [ 703.885757][T19982] FAT-fs (loop6): Directory bread(block 68) failed [ 703.892336][T19982] FAT-fs (loop6): Directory bread(block 69) failed [ 703.894211][T19995] erofs: (device loop1): EXPERIMENTAL compressed fragments feature in use. Use at your own risk! [ 703.967476][T19982] FAT-fs (loop6): Directory bread(block 70) failed [ 703.969873][T19995] erofs: (device loop1): EXPERIMENTAL global deduplication feature in use. Use at your own risk! [ 703.974075][T19982] FAT-fs (loop6): Directory bread(block 71) failed [ 704.028814][T19995] erofs: (device loop1): mounted with root inode @ nid 36. [ 704.068598][T19982] FAT-fs (loop6): Directory bread(block 72) failed [ 704.102869][T19982] FAT-fs (loop6): Directory bread(block 73) failed [ 704.139162][T20008] netlink: 'syz.3.6594': attribute type 1 has an invalid length. [ 704.148491][T19995] syz.1.6590: attempt to access beyond end of device [ 704.148491][T19995] loop1: rw=0, sector=4294967295, nr_sectors = 1 limit=16 [ 704.156703][T20010] netlink: 'syz.5.6595': attribute type 1 has an invalid length. [ 704.217573][T20010] netlink: 244 bytes leftover after parsing attributes in process `syz.5.6595'. [ 704.520859][T20023] loop6: detected capacity change from 0 to 128 [ 704.585322][T20023] FAT-fs (loop6): Directory bread(block 3236) failed [ 704.625604][T20023] FAT-fs (loop6): Directory bread(block 3237) failed [ 704.648104][T20023] FAT-fs (loop6): Directory bread(block 3238) failed [ 704.663425][T20023] FAT-fs (loop6): Directory bread(block 3239) failed [ 704.694323][T20023] FAT-fs (loop6): Directory bread(block 3240) failed [ 704.705157][T20023] FAT-fs (loop6): Directory bread(block 3241) failed [ 704.711933][T20023] FAT-fs (loop6): Directory bread(block 3242) failed [ 704.799013][T20023] FAT-fs (loop6): Directory bread(block 3243) failed [ 704.864637][T20023] FAT-fs (loop6): Directory bread(block 3236) failed [ 704.918071][T20023] FAT-fs (loop6): Directory bread(block 3237) failed [ 705.887120][T20088] loop5: detected capacity change from 0 to 2048 [ 705.937882][T20088] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 706.411846][T20120] loop6: detected capacity change from 0 to 1024 [ 706.474392][T20120] hfsplus: failed to load root directory [ 706.561950][ T4263] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 706.873899][T20142] loop3: detected capacity change from 0 to 2048 [ 707.047474][T20142] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 707.135204][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 707.152872][T20145] loop4: detected capacity change from 0 to 8192 [ 707.188469][T20145] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 707.215491][T20145] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 707.225418][T20145] REISERFS (device loop4): using ordered data mode [ 707.242966][T20145] reiserfs: using flush barriers [ 707.251646][T20145] REISERFS warning (device loop4): sh-457 journal_init_dev: journal_init_dev: Cannot open './file0': -15 [ 707.268029][T20145] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [ 707.284399][T20145] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 707.402711][ T4263] I/O error, dev loop4, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 708.114003][T20203] netlink: 'syz.4.6671': attribute type 1 has an invalid length. [ 708.333829][T20210] [U] ^C [ 708.593088][T20217] loop6: detected capacity change from 0 to 4096 [ 708.639127][T20217] ntfs: (device loop6): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 708.688007][T20217] ntfs: (device loop6): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 708.723438][T20217] ntfs: (device loop6): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 708.773501][T20217] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 708.804877][T20217] ntfs: (device loop6): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 708.846542][T20179] loop3: detected capacity change from 0 to 40427 [ 708.855325][T20217] ntfs: volume version 3.1. [ 708.894269][T20179] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 708.915242][T20217] ntfs: (device loop6): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 708.949197][T20179] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 708.973433][T20217] ntfs: (device loop6): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 709.011318][T20217] ntfs: (device loop6): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 709.050950][T20179] F2FS-fs (loop3): Found nat_bits in checkpoint [ 709.099468][T20217] ntfs: (device loop6): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 709.180293][T20217] ntfs: (device loop6): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 709.224520][T20179] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 709.236168][T20179] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 709.313275][T20252] loop1: detected capacity change from 0 to 256 [ 709.358578][T20252] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 709.742483][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 709.748827][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 709.789633][T20270] Timeout policy `syz1' can only be used by L3 protocol number 3 [ 710.210232][T20288] loop1: detected capacity change from 0 to 256 [ 710.334285][T20288] FAT-fs (loop1): Directory bread(block 64) failed [ 710.383106][T20288] FAT-fs (loop1): Directory bread(block 65) failed [ 710.420390][T20288] FAT-fs (loop1): Directory bread(block 66) failed [ 710.444154][T20295] loop5: detected capacity change from 0 to 4096 [ 710.452114][T20288] FAT-fs (loop1): Directory bread(block 67) failed [ 710.467327][T20288] FAT-fs (loop1): Directory bread(block 68) failed [ 710.470598][T20302] loop3: detected capacity change from 0 to 256 [ 710.473866][T20288] FAT-fs (loop1): Directory bread(block 69) failed [ 710.473963][T20288] FAT-fs (loop1): Directory bread(block 70) failed [ 710.482816][T20301] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 710.515906][T20295] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 710.536202][T20288] FAT-fs (loop1): Directory bread(block 71) failed [ 710.542583][T20301] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 710.571789][T20302] FAT-fs (loop3): Directory bread(block 64) failed [ 710.578666][T20288] FAT-fs (loop1): Directory bread(block 72) failed [ 710.583932][T20301] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 710.597515][T20295] ntfs3: loop5: failed to convert "c46c" to macceltic [ 710.599309][T20302] FAT-fs (loop3): Directory bread(block 65) failed [ 710.627890][T20301] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 710.635543][T20302] FAT-fs (loop3): Directory bread(block 66) failed [ 710.645798][T20288] FAT-fs (loop1): Directory bread(block 73) failed [ 710.651953][T20301] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 710.681059][T20302] FAT-fs (loop3): Directory bread(block 67) failed [ 710.681585][T20301] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 710.687752][T20302] FAT-fs (loop3): Directory bread(block 68) failed [ 710.768361][T20302] FAT-fs (loop3): Directory bread(block 69) failed [ 710.775003][T20302] FAT-fs (loop3): Directory bread(block 70) failed [ 710.820220][T20302] FAT-fs (loop3): Directory bread(block 71) failed [ 710.841474][T20302] FAT-fs (loop3): Directory bread(block 72) failed [ 710.848054][T20302] FAT-fs (loop3): Directory bread(block 73) failed [ 710.949870][T20302] FAT-fs (loop3): Filesystem has been set read-only [ 710.995315][T20302] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006c61) [ 711.057968][T20310] netlink: 'syz.1.6711': attribute type 30 has an invalid length. [ 711.089434][T20310] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 711.119460][T20310] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 711.130913][T20312] CIFS: iocharset name too long [ 711.164395][T20308] loop4: detected capacity change from 0 to 4096 [ 711.227673][T20308] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 711.275054][T20297] loop6: detected capacity change from 0 to 32768 [ 711.375150][T20297] XFS (loop6): Mounting V5 Filesystem [ 711.531140][T20297] XFS (loop6): Ending clean mount [ 711.553210][T20297] XFS (loop6): Quotacheck needed: Please wait. [ 711.575956][T20333] loop3: detected capacity change from 0 to 512 [ 711.648588][T20297] XFS (loop6): Quotacheck: Done. [ 711.685378][T20333] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 711.714056][T20333] ext4 filesystem being mounted at /1360/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 711.791687][T20342] loop5: detected capacity change from 0 to 764 [ 711.884388][T20342] Symlink component flag not implemented [ 711.906295][T20342] Symlink component flag not implemented (129) [ 711.916827][T18703] XFS (loop6): Unmounting Filesystem [ 711.932856][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 711.957304][T20342] rock: directory entry would overflow storage [ 711.968567][T20342] rock: sig=0x4f50, size=4, remaining=3 [ 711.978838][T20342] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 712.087530][T20354] loop3: detected capacity change from 0 to 256 [ 712.192001][T20354] FAT-fs (loop3): Directory bread(block 64) failed [ 712.198594][T20354] FAT-fs (loop3): Directory bread(block 65) failed [ 712.233172][T20354] FAT-fs (loop3): Directory bread(block 66) failed [ 712.239750][T20354] FAT-fs (loop3): Directory bread(block 67) failed [ 712.267402][T20354] FAT-fs (loop3): Directory bread(block 68) failed [ 712.287665][T20354] FAT-fs (loop3): Directory bread(block 69) failed [ 712.292438][ T1126] block nbd1: Attempted send on invalid socket [ 712.294263][T20354] FAT-fs (loop3): Directory bread(block 70) failed [ 712.300778][ T1126] I/O error, dev nbd1, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 712.327504][T20360] qnx6: unable to read the first superblock [ 712.333725][ T52] block nbd1: Attempted send on invalid socket [ 712.340506][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 712.375074][T20360] qnx6: unable to read the first superblock [ 712.381906][T20360] qnx6: unable to read the first superblock [ 712.391637][T20354] FAT-fs (loop3): Directory bread(block 71) failed [ 712.398304][T20354] FAT-fs (loop3): Directory bread(block 72) failed [ 712.445111][T20354] FAT-fs (loop3): Directory bread(block 73) failed [ 712.563979][T20366] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6735'. [ 712.752456][T20373] loop5: detected capacity change from 0 to 1024 [ 712.768858][T20376] netlink: 'syz.1.6737': attribute type 8 has an invalid length. [ 712.798087][T20373] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (47942!=20869) [ 712.843671][T20373] EXT4-fs (loop5): orphan cleanup on readonly fs [ 712.851638][T20373] EXT4-fs warning (device loop5): ext4_enable_quotas:7029: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix. [ 712.944148][T20373] EXT4-fs (loop5): Cannot turn on quotas: error -13 [ 713.004076][T20373] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.6736: couldn't read orphan inode 12 (err -116) [ 713.068615][T20373] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 713.204805][T16247] EXT4-fs (loop5): unmounting filesystem. [ 713.367468][T20402] device bridge2 entered promiscuous mode [ 713.395981][T20405] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 713.404050][T20405] IPv6: NLM_F_CREATE should be set when creating new route [ 713.411390][T20405] IPv6: NLM_F_CREATE should be set when creating new route [ 713.945987][T20432] loop4: detected capacity change from 0 to 512 [ 714.009032][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 714.009049][ T26] audit: type=1326 audit(1738206074.374:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20435 comm="syz.6.6767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10d6b8cda9 code=0x7ffc0000 [ 714.042156][T20432] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 714.067350][T20432] EXT4-fs (loop4): orphan cleanup on readonly fs [ 714.106015][T20432] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 714.173935][T20432] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 714.201838][T20432] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.6766: Failed to acquire dquot type 1 [ 714.239276][T20432] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.6766: bg 0: block 40: padding at end of block bitmap is not set [ 714.266240][ T26] audit: type=1326 audit(1738206074.374:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20435 comm="syz.6.6767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f10d6b8cda9 code=0x7ffc0000 [ 714.311259][T20432] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 714.325339][T20432] EXT4-fs (loop4): 1 truncate cleaned up [ 714.337302][ T26] audit: type=1326 audit(1738206074.374:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20435 comm="syz.6.6767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10d6b8cda9 code=0x7ffc0000 [ 714.364676][T20432] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 714.408075][T20453] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 714.422759][ T26] audit: type=1326 audit(1738206074.374:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20435 comm="syz.6.6767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10d6b8cda9 code=0x7ffc0000 [ 714.475240][T20455] netlink: 'syz.6.6776': attribute type 25 has an invalid length. [ 714.484693][ T4247] EXT4-fs (loop4): unmounting filesystem. [ 715.729795][T20511] netlink: 'syz.6.6804': attribute type 3 has an invalid length. [ 716.183181][T20526] ieee802154 phy0 wpan0: encryption failed: -90 [ 716.821375][T20549] loop1: detected capacity change from 0 to 4096 [ 716.833064][T20549] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 716.913266][T20557] xt_CT: You must specify a L4 protocol and not use inversions on it [ 717.090892][T20563] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 717.160441][T20563] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 717.170121][T20563] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 717.195692][T20563] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 717.246289][T20563] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 717.272732][T20563] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 717.551719][T20583] netlink: 332 bytes leftover after parsing attributes in process `syz.5.6839'. [ 717.898243][T20598] loop3: detected capacity change from 0 to 64 [ 717.935633][T20598] UBIFS error (pid: 20598): cannot open "./file0", error -22 [ 718.077776][T20569] loop1: detected capacity change from 0 to 32768 [ 718.248774][T20569] XFS (loop1): Mounting V5 Filesystem [ 718.361630][T20569] XFS (loop1): Ending clean mount [ 718.372397][T20569] XFS (loop1): Quotacheck needed: Please wait. [ 718.399352][T20590] loop4: detected capacity change from 0 to 32768 [ 718.466299][T20590] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.6841 (20590) [ 718.507515][T20590] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 718.522607][T20569] XFS (loop1): Quotacheck: Done. [ 718.529034][T20590] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 718.538371][T20590] BTRFS info (device loop4): force zlib compression, level 3 [ 718.556306][T20590] BTRFS info (device loop4): force clearing of disk cache [ 718.566896][T20590] BTRFS info (device loop4): setting nodatasum [ 718.583572][T20590] BTRFS info (device loop4): allowing degraded mounts [ 718.597633][T20590] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 718.628305][T20629] loop6: detected capacity change from 0 to 256 [ 718.636659][T20590] BTRFS info (device loop4): trying to use backup root at mount time [ 718.648248][T20590] BTRFS info (device loop4): using free space tree [ 718.656356][ T4246] XFS (loop1): Unmounting Filesystem [ 718.672616][T20630] Cannot find del_set index 286 as target [ 718.746416][T20629] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 718.795476][T20640] loop3: detected capacity change from 0 to 16 [ 718.840056][T20640] erofs: (device loop3): EXPERIMENTAL compressed inline data feature in use. Use at your own risk! [ 718.938057][T20640] erofs: (device loop3): mounted with root inode @ nid 36. [ 718.975099][T20640] syz.3.6860: attempt to access beyond end of device [ 718.975099][T20640] loop3: rw=0, sector=1049256, nr_sectors = 128 limit=16 [ 719.172821][T20590] BTRFS info (device loop4): rebuilding free space tree [ 719.175378][ T26] audit: type=1326 audit(1738206079.201:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20656 comm="syz.5.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7c0d8cda9 code=0x7ffc0000 [ 719.202148][ C1] vkms_vblank_simulate: vblank timer overrun [ 719.284392][ T26] audit: type=1326 audit(1738206079.248:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20656 comm="syz.5.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fe7c0d8cda9 code=0x7ffc0000 [ 719.379049][ T4247] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 719.415628][ T26] audit: type=1326 audit(1738206079.248:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20656 comm="syz.5.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7c0d8cda9 code=0x7ffc0000 [ 719.465726][T20666] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6865'. [ 719.548018][ T26] audit: type=1326 audit(1738206079.248:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20656 comm="syz.5.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7c0d8cda9 code=0x7ffc0000 [ 719.686189][T20675] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6870'. [ 719.708526][T20674] netlink: 'syz.1.6868': attribute type 4 has an invalid length. [ 720.115580][T20687] loop1: detected capacity change from 0 to 64 [ 720.502944][T20707] loop3: detected capacity change from 0 to 1024 [ 720.553370][T20707] EXT4-fs: Ignoring removed orlov option [ 720.561050][T20707] EXT4-fs: Ignoring removed nomblk_io_submit option [ 720.611624][T20711] netlink: 'syz.4.6888': attribute type 10 has an invalid length. [ 720.623356][T20707] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002] [ 720.666315][T20707] System zones: 0-1, 3-36 [ 720.675685][T20717] netlink: 'syz.6.6890': attribute type 5 has an invalid length. [ 720.711752][T20707] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 720.952659][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 721.109131][T20737] loop4: detected capacity change from 0 to 256 [ 721.318791][T20747] loop5: detected capacity change from 0 to 22 [ 721.373379][T20747] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 721.382999][T20747] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 721.458859][T20753] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6907'. [ 721.511046][T20753] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6907'. [ 721.837605][T20771] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 721.887212][T20771] bond0: (slave team0): Releasing backup interface [ 721.941720][T20771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 721.942061][T20777] loop3: detected capacity change from 0 to 47 [ 721.960105][T20771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 721.980210][T20771] device bridge_slave_0 left promiscuous mode [ 722.000084][T20771] bridge0: port 1(bridge_slave_0) entered disabled state [ 722.025014][T20771] device bridge_slave_1 left promiscuous mode [ 722.032752][T20771] bridge0: port 2(bridge_slave_1) entered disabled state [ 722.058807][T20771] bond0: (slave bond_slave_0): Releasing backup interface [ 722.087109][T20771] bond0: (slave bond_slave_1): Releasing backup interface [ 722.172225][T20771] team0: Port device team_slave_0 removed [ 722.220050][T20771] team0: Port device team_slave_1 removed [ 722.226402][T20771] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 722.250749][T20771] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 722.283257][T20771] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 722.290707][T20771] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 722.322801][T20771] team0: Port device vlan0 removed [ 722.716535][T20806] loop5: detected capacity change from 0 to 16 [ 722.742591][T20806] erofs: (device loop5): mounted with root inode @ nid 36. [ 722.788426][T20806] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 722.827429][T20806] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -38 in[52, 4044] out[1851] [ 722.886897][T20806] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117] [ 723.198425][T20830] CIFS mount error: No usable UNC path provided in device string! [ 723.198425][T20830] [ 723.210625][ T126] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 723.227920][T20830] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 723.365103][T20836] loop4: detected capacity change from 0 to 4096 [ 723.397591][T20836] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 723.426205][ T126] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 723.450442][ T126] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 723.485604][ T126] usb 7-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 723.511226][ T126] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.554673][ T126] usb 7-1: config 0 descriptor?? [ 723.558773][T20842] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6950'. [ 723.792846][ T126] usb 7-1: USB disconnect, device number 3 [ 724.067272][ T4369] udevd[4369]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 724.168789][T20868] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 724.194574][T20868] bond0: (slave team0): Releasing backup interface [ 724.213311][T20868] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 724.227213][T20868] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 724.527076][T20880] loop1: detected capacity change from 0 to 64 [ 724.766858][T20889] loop6: detected capacity change from 0 to 8 [ 724.782171][T20892] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6974'. [ 724.788093][T20889] MTD: Attempt to mount non-MTD device "/dev/loop6" [ 724.823387][T20892] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6974'. [ 724.863361][T20889] cramfs: Error -3 while decompressing! [ 724.902349][T20889] cramfs: ffffffff974e8568(26)->ffff88805387e000(4096) [ 724.942348][T20889] cramfs: Error -5 while decompressing! [ 724.966921][T20889] cramfs: ffffffff974e8582(26)->ffff88804b8fb000(4096) [ 724.985336][T20889] cramfs: Error -3 while decompressing! [ 724.995766][T20889] cramfs: ffffffff974e859c(16)->ffff8880724dd000(4096) [ 725.042056][T20889] cramfs: Error -3 while decompressing! [ 725.060010][T20889] cramfs: ffffffff974e8568(26)->ffff88805387e000(4096) [ 725.094479][ T26] audit: type=1800 audit(1738206084.739:113): pid=20889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.6975" name="file2" dev="loop6" ino=348 res=0 errno=0 [ 725.185190][T20872] loop5: detected capacity change from 0 to 32768 [ 725.318951][T20872] XFS (loop5): Mounting V5 Filesystem [ 725.486469][T20872] XFS (loop5): Ending clean mount [ 725.682500][T16247] XFS (loop5): Unmounting Filesystem [ 725.735142][T20932] netlink: 'syz.6.6992': attribute type 33 has an invalid length. [ 725.927060][T20936] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6995'. [ 725.940509][T20901] loop4: detected capacity change from 0 to 32768 [ 725.965998][ T4263] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by udevd (4263) [ 726.005168][T20936] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 58816 - 0 [ 726.032714][T20901] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 726.054456][T20936] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 58816 - 0 [ 726.063278][T20936] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 58816 - 0 [ 726.073517][T20901] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 726.093391][T20901] BTRFS info (device loop4): using free space tree [ 726.107582][T20936] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 58816 - 0 [ 726.122093][T20936] device geneve3 entered promiscuous mode [ 726.139401][T20938] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 726.418554][T20901] BTRFS info (device loop4): enabling ssd optimizations [ 726.608552][T20975] loop1: detected capacity change from 0 to 1024 [ 726.634655][ T4247] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 726.747672][T20975] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 726.798936][T20975] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 40: comm syz.1.7003: bad entry in directory: rec_len is smaller than minimal - offset=8192, inode=589824, rec_len=0, size=1024 fake=0 [ 727.009098][ T4246] EXT4-fs (loop1): unmounting filesystem. [ 727.086345][T20989] loop6: detected capacity change from 0 to 1024 [ 727.253849][T18703] hfsplus: bad catalog entry type [ 727.425984][T20973] orangefs_mount: mount request failed with -4 [ 727.580414][T21012] netlink: 68 bytes leftover after parsing attributes in process `syz.5.7022'. [ 727.843172][ T9] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 727.950757][ T9] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 728.063341][ T9] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 728.205334][ T9] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 728.641274][ T4258] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 728.659051][ T4258] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 728.670403][ T4258] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 728.683720][ T4258] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 728.691336][ T4258] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 728.698921][ T4258] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 728.879585][T21052] netlink: 'syz.4.7041': attribute type 2 has an invalid length. [ 729.728004][T21090] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 729.813894][T21041] chnl_net:caif_netlink_parms(): no params data found [ 730.566094][T21041] bridge0: port 1(bridge_slave_0) entered blocking state [ 730.573260][T21041] bridge0: port 1(bridge_slave_0) entered disabled state [ 730.602715][T21041] device bridge_slave_0 entered promiscuous mode [ 730.635544][T21041] bridge0: port 2(bridge_slave_1) entered blocking state [ 730.643687][T21041] bridge0: port 2(bridge_slave_1) entered disabled state [ 730.682816][T21128] binfmt_misc: register: failed to install interpreter file ./file0/../file0 [ 730.695857][T21041] device bridge_slave_1 entered promiscuous mode [ 730.872610][T21130] netlink: 'syz.4.7071': attribute type 10 has an invalid length. [ 730.889039][T21130] bond0: (slave team0): Releasing backup interface [ 730.905404][T21130] team0: Cannot enslave team device to itself [ 730.950663][ T4257] Bluetooth: hci2: command 0x0409 tx timeout [ 731.022820][T21041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 731.303821][T21041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 731.382705][ T9] device hsr_slave_0 left promiscuous mode [ 731.404354][ T9] device hsr_slave_1 left promiscuous mode [ 731.428021][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 731.441428][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 731.450377][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 731.474736][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 731.487991][ T9] device bridge_slave_1 left promiscuous mode [ 731.525560][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 731.538877][ T5412] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 731.577891][ T9] device bridge_slave_0 left promiscuous mode [ 731.587084][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 731.653639][T21157] xt_CT: No such helper "pptp" [ 731.741512][ T5412] usb 5-1: Using ep0 maxpacket: 32 [ 731.764985][ T5412] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 731.802608][ T5412] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 731.830520][ T5412] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 731.854932][T21140] loop3: detected capacity change from 0 to 32768 [ 731.866122][ T5412] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 731.918535][T21140] ERROR: (device loop3): xtTruncate_pmap: XT_GETPAGE: xtree page corrupt [ 731.918535][T21140] [ 731.930974][ T5412] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 731.956010][ T5412] usb 5-1: SerialNumber: syz [ 731.968831][T21148] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 731.979771][T21140] ERROR: (device loop3): remounting filesystem as read-only [ 731.998095][T21140] ERROR: (device loop3): jfs_unlink: [ 731.998095][T21140] [ 732.005864][ T5412] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 732.058409][ T9] device veth1_macvtap left promiscuous mode [ 732.073580][ T9] device veth0_macvtap left promiscuous mode [ 732.095523][ T9] device veth1_vlan left promiscuous mode [ 732.101481][ T9] device veth0_vlan left promiscuous mode [ 732.101481][ T4256] ERROR: (device loop3): xtTruncate: XT_GETPAGE: xtree page corrupt [ 732.101481][ T4256] [ 732.249115][T21148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 732.276501][T21148] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 732.305202][ T5412] cdc_acm 5-1:1.0: ttyACM0: USB ACM device [ 732.330776][ T5412] usb 5-1: USB disconnect, device number 17 [ 732.482475][T21180] AppArmor: change_hat: Invalid input '' [ 732.973120][T21191] loop4: detected capacity change from 0 to 16 [ 732.998841][T21191] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 733.174220][ T4257] Bluetooth: hci2: command 0x041b tx timeout [ 733.220413][ T9] team0 (unregistering): Port device team_slave_1 removed [ 733.337876][ T9] team0 (unregistering): Port device team_slave_0 removed [ 733.404648][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 733.498873][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 734.051138][ T9] bond0 (unregistering): Released all slaves [ 734.237293][T21041] team0: Port device team_slave_0 added [ 734.271837][T21041] team0: Port device team_slave_1 added [ 734.313008][T21206] binfmt_misc: register: failed to install interpreter file ./file0 [ 734.408925][T21041] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 734.421717][T21208] loop1: detected capacity change from 0 to 1024 [ 734.430074][T21041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 734.518237][T21041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 734.536286][T21041] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 734.563127][T21041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 734.668460][T21041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 734.825439][T21222] netlink: 'syz.5.7108': attribute type 2 has an invalid length. [ 734.872886][T21041] device hsr_slave_0 entered promiscuous mode [ 734.921125][T21041] device hsr_slave_1 entered promiscuous mode [ 734.939666][T21041] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 734.963520][T21041] Cannot create hsr debugfs directory [ 735.179321][T21235] loop1: detected capacity change from 0 to 1024 [ 735.318466][T21235] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 735.366603][T21235] ext4 filesystem being mounted at /1425/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 735.397870][ T4257] Bluetooth: hci2: command 0x040f tx timeout [ 735.475704][T21235] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.7113: inode #458752: comm syz.1.7113: iget: illegal inode # [ 735.565983][T21235] EXT4-fs (loop1): Remounting filesystem read-only [ 735.615979][T21235] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.7113: error while reading EA inode 458752 err=-117 [ 735.616551][T21041] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 735.662513][T21041] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 735.686094][T21235] EXT4-fs (loop1): Remounting filesystem read-only [ 735.687944][T21041] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 735.737294][T21041] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 735.745363][T14844] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 735.882645][ T4246] EXT4-fs (loop1): unmounting filesystem. [ 735.953818][T14844] usb 4-1: Using ep0 maxpacket: 8 [ 735.967301][T14844] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 512, setting to 64 [ 736.014029][T14844] usb 4-1: config 0 interface 0 has no altsetting 0 [ 736.031492][T21041] 8021q: adding VLAN 0 to HW filter on device bond0 [ 736.048255][T14844] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76 [ 736.073407][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 736.080720][T14844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 736.089303][ T26] audit: type=1326 audit(1738206095.009:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21272 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b858cda9 code=0x7ffc0000 [ 736.117925][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 736.126888][T14844] usb 4-1: Product: syz [ 736.131843][T14844] usb 4-1: Manufacturer: syz [ 736.137363][T21041] 8021q: adding VLAN 0 to HW filter on device team0 [ 736.148960][ T26] audit: type=1326 audit(1738206095.028:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21272 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7ff4b858cda9 code=0x7ffc0000 [ 736.183558][T14844] usb 4-1: SerialNumber: syz [ 736.192309][T14844] usb 4-1: config 0 descriptor?? [ 736.210027][T14844] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found [ 736.218165][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 736.233512][ T26] audit: type=1326 audit(1738206095.028:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21272 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b858cda9 code=0x7ffc0000 [ 736.257652][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 736.267678][ T33] bridge0: port 1(bridge_slave_0) entered blocking state [ 736.274864][ T33] bridge0: port 1(bridge_slave_0) entered forwarding state [ 736.282108][T21278] loop4: detected capacity change from 0 to 512 [ 736.296604][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 736.314621][ T26] audit: type=1326 audit(1738206095.028:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21272 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b858cda9 code=0x7ffc0000 [ 736.361954][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 736.372636][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 736.382761][ T33] bridge0: port 2(bridge_slave_1) entered blocking state [ 736.387447][T21278] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 736.389843][ T33] bridge0: port 2(bridge_slave_1) entered forwarding state [ 736.426102][T14844] snd_usb_toneport 4-1:0.0: cannot get proper max packet size [ 736.433824][T14844] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected [ 736.442009][T21278] ext4 filesystem being mounted at /1444/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 736.458241][T14844] snd_usb_toneport: probe of 4-1:0.0 failed with error -22 [ 736.473516][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 736.506521][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 736.544388][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 736.578586][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 736.615650][ T4247] EXT4-fs (loop4): unmounting filesystem. [ 736.622648][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 736.655138][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 736.701084][ T4290] usb 4-1: USB disconnect, device number 11 [ 736.728310][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 736.745668][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 736.774569][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 736.794206][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 736.807700][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 736.832578][T21041] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 737.571386][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 737.588187][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 737.626871][ T4258] Bluetooth: hci2: command 0x0419 tx timeout [ 737.641731][T21041] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 737.702610][T21332] netlink: 'syz.3.7144': attribute type 1 has an invalid length. [ 737.745586][T21331] loop4: detected capacity change from 0 to 8192 [ 737.785883][T21331] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 737.850955][T21331] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 737.887330][T21331] REISERFS (device loop4): using ordered data mode [ 737.948592][T21331] reiserfs: using flush barriers [ 737.994718][T21331] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 738.081479][T21331] REISERFS (device loop4): checking transaction log (loop4) [ 738.117185][T21331] REISERFS (device loop4): Using tea hash to sort names [ 738.135730][T21331] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 738.464761][T21368] loop1: detected capacity change from 0 to 256 [ 738.588861][T21368] FAT-fs (loop1): Directory bread(block 64) failed [ 738.626397][T21368] FAT-fs (loop1): Directory bread(block 65) failed [ 738.653821][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 738.666248][T21368] FAT-fs (loop1): Directory bread(block 66) failed [ 738.676725][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 738.696313][T21368] FAT-fs (loop1): Directory bread(block 67) failed [ 738.717937][T21368] FAT-fs (loop1): Directory bread(block 68) failed [ 738.740424][T21368] FAT-fs (loop1): Directory bread(block 69) failed [ 738.751963][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 738.760412][T21368] FAT-fs (loop1): Directory bread(block 70) failed [ 738.771921][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 738.801682][T21368] FAT-fs (loop1): Directory bread(block 71) failed [ 738.831591][T21041] device veth0_vlan entered promiscuous mode [ 738.841262][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 738.850004][T21368] FAT-fs (loop1): Directory bread(block 72) failed [ 738.870593][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 738.874550][T21376] loop4: detected capacity change from 0 to 4096 [ 738.889021][T21368] FAT-fs (loop1): Directory bread(block 73) failed [ 738.905641][T21041] device veth1_vlan entered promiscuous mode [ 738.935545][T21376] ntfs: (device loop4): ntfs_external_attr_find(): Base inode 0x1 contains corrupt attribute list attribute. Unmount and run chkdsk. [ 738.994177][T21376] ntfs: (device loop4): ntfs_read_locked_inode(): Failed to lookup $DATA attribute. [ 739.017585][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 739.036765][T21376] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 739.065030][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 739.089409][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 739.098588][T21376] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 739.118404][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 739.148457][T21376] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 739.174321][T21376] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 739.185170][T21041] device veth0_macvtap entered promiscuous mode [ 739.208119][T21041] device veth1_macvtap entered promiscuous mode [ 739.234031][T21041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 739.254959][T21376] ntfs: volume version 3.1. [ 739.261700][T21041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.306330][T21041] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 739.332105][ T4258] Bluetooth: hci5: command 0x0406 tx timeout [ 739.340220][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 739.378065][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 739.429649][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 739.467277][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 739.525559][T21041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 739.556335][T21041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.595078][T21041] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 739.631999][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 739.640803][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 739.719882][T21041] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 739.738450][T21041] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 739.769371][T21041] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 739.783256][T21407] loop3: detected capacity change from 0 to 1024 [ 739.791176][T21041] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 739.829438][T21407] fuse: Bad value for 'fd' [ 739.837784][T21404] netlink: 'syz.5.7169': attribute type 10 has an invalid length. [ 739.875726][T21404] team0: Device veth1_macvtap failed to register rx_handler [ 739.974152][ T46] hfsplus: b-tree write err: -5, ino 4 [ 740.202659][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 740.251253][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 740.297718][T10535] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 740.318114][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 740.329230][T10535] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 740.346514][T21429] loop1: detected capacity change from 0 to 47 [ 740.376850][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 740.676576][T21442] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 740.740867][T21442] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 740.789014][T21442] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 740.817139][T21442] device bridge_slave_0 left promiscuous mode [ 740.835327][T21442] bridge0: port 1(bridge_slave_0) entered disabled state [ 740.858826][T21442] device bridge_slave_1 left promiscuous mode [ 740.878298][T21442] bridge0: port 2(bridge_slave_1) entered disabled state [ 740.931820][T21442] bond0: (slave bond_slave_0): Releasing backup interface [ 740.945780][T21453] loop5: detected capacity change from 0 to 256 [ 740.974230][T21453] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 740.990308][T21442] bond0: (slave bond_slave_1): Releasing backup interface [ 741.002123][T21453] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 741.047886][T21453] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 741.101673][T21442] team0: Port device team_slave_0 removed [ 741.146232][T21442] team0: Port device team_slave_1 removed [ 741.155639][T21442] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 741.163512][T21442] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 741.183446][T21442] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 741.198134][T21442] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 741.267052][ T4290] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 741.333802][T21461] xt_cgroup: xt_cgroup: no path or classid specified [ 741.471378][ T4290] usb 5-1: Using ep0 maxpacket: 16 [ 741.479339][ T4290] usb 5-1: config 0 has an invalid interface number: 115 but max is 0 [ 741.514552][ T4290] usb 5-1: config 0 has no interface number 0 [ 741.561339][ T4290] usb 5-1: config 0 interface 115 altsetting 0 endpoint 0x3 has invalid maxpacket 1024, setting to 64 [ 741.586829][ T4290] usb 5-1: config 0 interface 115 altsetting 0 has a duplicate endpoint with address 0xE, skipping [ 741.616586][ T4290] usb 5-1: New USB device found, idVendor=eb1a, idProduct=2875, bcdDevice=6f.3f [ 741.638393][ T4290] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 741.657720][ T4290] usb 5-1: Product: syz [ 741.689406][ T4290] usb 5-1: Manufacturer: syz [ 741.694078][ T4290] usb 5-1: SerialNumber: syz [ 741.704987][T21470] loop5: detected capacity change from 0 to 4096 [ 741.743757][ T4290] usb 5-1: config 0 descriptor?? [ 741.758797][T21470] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 741.995705][T16247] ntfs3: loop5: ntfs_sync_fs r=1a failed, -22. [ 742.009163][T14844] usb 5-1: USB disconnect, device number 18 [ 742.043532][T16247] ntfs3: loop5: ntfs_evict_inode r=1a failed, -22. [ 742.062433][T16247] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 742.460877][T21497] loop1: detected capacity change from 0 to 256 [ 742.741959][T21509] netlink: 'syz.1.7208': attribute type 1 has an invalid length. [ 743.176970][T21529] loop5: detected capacity change from 0 to 16 [ 743.218328][T21529] erofs: (device loop5): mounted with root inode @ nid 36. [ 743.249910][T21529] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117] [ 743.617303][T21545] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 743.648921][T21547] loop1: detected capacity change from 0 to 256 [ 743.658579][T21545] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 743.690113][T21545] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 743.704122][T21547] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 743.713708][T21550] loop7: detected capacity change from 0 to 64 [ 743.738283][T21545] device bridge_slave_0 left promiscuous mode [ 743.760562][T21545] bridge0: port 1(bridge_slave_0) entered disabled state [ 743.768599][T21547] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 743.814253][T21545] device bridge_slave_1 left promiscuous mode [ 743.828470][T21547] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 743.845721][T21545] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.852408][T21554] loop5: detected capacity change from 0 to 256 [ 743.909643][T21545] bond0: (slave bond_slave_0): Releasing backup interface [ 743.913236][T21554] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x3eebdab2, utbl_chksum : 0xe619d30d) [ 743.969718][T21545] bond0: (slave bond_slave_1): Releasing backup interface [ 744.063496][T21554] exFAT-fs (loop5): invalid start cluster (520) [ 744.175473][T21545] team0: Port device team_slave_0 removed [ 744.253332][T21545] team0: Port device team_slave_1 removed [ 744.495641][T14666] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 744.677289][T21516] loop3: detected capacity change from 0 to 32768 [ 744.701104][T14666] usb 2-1: Using ep0 maxpacket: 32 [ 744.714260][T14666] usb 2-1: config 0 interface 0 has no altsetting 0 [ 744.755672][T21516] ERROR: (device loop3): dbAlloc: the hint is outside the map [ 744.755672][T21516] [ 744.780783][T14666] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 744.813349][T14666] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 744.832573][T14666] usb 2-1: Product: syz [ 744.847703][T14666] usb 2-1: Manufacturer: syz [ 744.859438][T21516] ialloc: diAlloc returned -5! [ 744.869320][T14666] usb 2-1: SerialNumber: syz [ 744.902556][T14666] usb 2-1: config 0 descriptor?? [ 745.281133][T21593] loop7: detected capacity change from 0 to 1024 [ 745.346259][T14666] gs_usb 2-1:0.0: Couldn't get device config: (err=-71) [ 745.361171][T14666] gs_usb: probe of 2-1:0.0 failed with error -71 [ 745.368748][T21593] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 745.382037][T21593] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 745.396549][T14666] usb 2-1: USB disconnect, device number 18 [ 745.412302][T21593] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.7239: inode #458752: comm syz.7.7239: iget: illegal inode # [ 745.438577][T21593] EXT4-fs (loop7): Remounting filesystem read-only [ 745.449425][T21593] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.7239: error while reading EA inode 458752 err=-117 [ 745.480596][T21593] EXT4-fs (loop7): Remounting filesystem read-only [ 745.619605][T21597] loop4: detected capacity change from 0 to 4096 [ 745.628387][T21041] EXT4-fs (loop7): unmounting filesystem. [ 745.830031][T21607] affs: No valid root block on device nullb0 [ 746.060436][T21614] netlink: 'syz.5.7246': attribute type 1 has an invalid length. [ 746.085259][T21620] netlink: 76 bytes leftover after parsing attributes in process `syz.1.7247'. [ 746.097780][T21614] netlink: 220 bytes leftover after parsing attributes in process `syz.5.7246'. [ 746.583579][T21641] loop3: detected capacity change from 0 to 128 [ 746.634930][T21641] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 746.692755][T21641] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 746.716213][T21647] loop7: detected capacity change from 0 to 256 [ 746.771306][T21647] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe40551cd, utbl_chksum : 0xe619d30d) [ 746.915331][T21655] loop5: detected capacity change from 0 to 256 [ 746.968143][T21657] xt_TPROXY: Can be used only with -p tcp or -p udp [ 747.101967][T21662] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7267'. [ 747.140971][T21662] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7267'. [ 747.168738][T21664] loop3: detected capacity change from 0 to 16 [ 747.187984][T21662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7267'. [ 747.228119][T21664] erofs: (device loop3): mounted with root inode @ nid 36. [ 747.277232][T21670] netlink: 28 bytes leftover after parsing attributes in process `syz.7.7270'. [ 747.324000][T21664] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 747.487753][T21664] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -11 in[46, 4050] out[1851] [ 747.504189][T21680] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7274'. [ 747.547288][T21664] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 747.838320][T21685] loop5: detected capacity change from 0 to 8192 [ 747.886214][T21685] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 747.926802][T21685] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 747.940956][T21685] REISERFS (device loop5): using ordered data mode [ 747.947561][T21685] reiserfs: using flush barriers [ 747.954391][T21685] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 747.971328][T21685] REISERFS (device loop5): checking transaction log (loop5) [ 747.979707][T21685] REISERFS (device loop5): Using tea hash to sort names [ 747.989533][T21685] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 748.100370][T21699] vivid-000: disconnect [ 748.149647][T21698] vivid-000: reconnect [ 748.353329][T21704] loop5: detected capacity change from 0 to 256 [ 748.391398][T21704] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 748.475287][T21709] loop4: detected capacity change from 0 to 1764 [ 748.872671][T21690] loop7: detected capacity change from 0 to 32768 [ 748.960945][T21690] XFS (loop7): DAX unsupported by block device. Turning off DAX. [ 748.973700][T21690] XFS (loop7): Mounting V5 Filesystem [ 749.015103][T21720] loop5: detected capacity change from 0 to 8192 [ 749.045937][T21732] netlink: 32 bytes leftover after parsing attributes in process `syz.4.7297'. [ 749.092765][T21732] netlink: 32 bytes leftover after parsing attributes in process `syz.4.7297'. [ 749.169043][T21690] XFS (loop7): Ending clean mount [ 749.194419][T21690] XFS (loop7): Quotacheck needed: Please wait. [ 749.201011][T21731] loop3: detected capacity change from 0 to 2048 [ 749.331058][T21690] XFS (loop7): Quotacheck: Done. [ 749.367027][T21731] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 749.435689][T21731] cgroup: name respecified [ 749.461372][T21041] XFS (loop7): Unmounting Filesystem [ 749.555689][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 749.626936][T14666] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 749.834669][T14666] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 749.869156][T14666] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 749.902462][T14666] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 749.931403][T14666] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 749.957700][T21742] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 750.236096][T14844] usb 5-1: USB disconnect, device number 19 [ 750.970729][T21810] xt_hashlimit: max too large, truncated to 1048576 [ 751.300014][T21827] loop7: detected capacity change from 0 to 128 [ 751.791518][T21848] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7350'. [ 752.677381][T21895] loop5: detected capacity change from 0 to 256 [ 752.777053][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 752.817427][T21895] FAT-fs (loop5): Filesystem has been set read-only [ 752.842028][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 752.869370][T21903] xt_ipcomp: unknown flags B [ 752.881309][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 752.909095][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 752.946563][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 752.968186][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.019756][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.067477][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.101117][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.114976][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.125372][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.153311][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.163585][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.198087][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.206854][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.229660][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.243156][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.259612][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.290379][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.321917][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.340100][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.390106][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.416005][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.426220][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.448226][T21924] netlink: 'syz.3.7385': attribute type 1 has an invalid length. [ 753.460511][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.497218][T21924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7385'. [ 753.506316][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.515923][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.526436][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.572707][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.581317][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.593444][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.602136][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.611122][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.625526][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.634452][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.643802][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.653218][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.693987][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.743011][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.753785][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.762420][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.844725][T21934] netlink: 'syz.7.7390': attribute type 1 has an invalid length. [ 753.847605][T21935] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7391'. [ 753.871264][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.899156][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.939471][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 753.966277][T21911] loop4: detected capacity change from 0 to 32768 [ 753.978051][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.001414][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.029483][T21911] (syz.4.7378,21911,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 754.052892][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.061599][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.085144][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.093761][T21911] (syz.4.7378,21911,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 754.120026][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.138810][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.147558][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.158979][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.168206][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.177982][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.186433][T21911] JBD2: Ignoring recovery information on journal [ 754.187728][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.202020][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.210877][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.221458][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.225011][ T27] INFO: task syz-executor:4253 blocked for more than 143 seconds. [ 754.230361][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.247807][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.256888][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.259615][ T27] Not tainted 6.1.127-syzkaller #0 [ 754.265523][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.280011][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.288991][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.297672][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.306827][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.321800][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 754.331074][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.339612][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.348652][ T27] task:syz-executor state:D stack:20216 pid:4253 ppid:1 flags:0x00004004 [ 754.365177][ T27] Call Trace: [ 754.368490][ T27] [ 754.371432][ T27] __schedule+0x143f/0x4570 [ 754.376826][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.395150][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.403836][ T27] ? release_firmware_map_entry+0x186/0x186 [ 754.404841][T21911] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 754.414635][ T27] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 754.428085][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.443685][ T27] ? print_irqtrace_events+0x210/0x210 [ 754.460972][ T27] ? _raw_spin_lock_irq+0xdb/0x110 [ 754.466178][ T27] schedule+0xbf/0x180 [ 754.470451][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.479245][ T27] io_schedule+0x88/0x100 [ 754.483959][T21895] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 754.492904][ T27] folio_wait_bit_common+0x878/0x1290 [ 754.498324][ T27] ? folio_wait_bit+0x20/0x20 [ 754.503652][ T26] kauditd_printk_skb: 11 callbacks suppressed [ 754.503665][ T26] audit: type=1800 audit(1738206112.249:118): pid=21895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.7372" name="file2" dev="loop5" ino=1048650 res=0 errno=0 [ 754.544616][ T27] ? find_get_entries+0x188/0x710 [ 754.549705][ T27] ? migration_entry_wait_on_locked+0x1160/0x1160 [ 754.556604][ T27] ? __lock_acquire+0x125b/0x1f80 [ 754.561663][ T27] truncate_inode_pages_range+0xbb5/0x1340 [ 754.567622][ T27] ? read_lock_is_recursive+0x10/0x10 [ 754.573682][ T27] ? mapping_evict_folio+0x5b0/0x5b0 [ 754.579043][ T27] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 754.585046][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 754.590428][ T27] ? lockdep_hardirqs_on+0x94/0x130 [ 754.595643][ T27] evict+0x53c/0x930 [ 754.599672][ T27] ? proc_nr_inodes+0x310/0x310 [ 754.604551][ T27] ? do_raw_spin_unlock+0x137/0x8a0 [ 754.609909][ T27] evict_inodes+0x668/0x700 [ 754.614606][ T27] ? clear_inode+0x150/0x150 [ 754.619221][ T27] ? sync_filesystem+0x103/0x220 [ 754.624227][ T27] generic_shutdown_super+0x94/0x340 [ 754.629551][ T27] kill_block_super+0x7a/0xe0 [ 754.634358][ T27] deactivate_locked_super+0xa0/0x110 [ 754.639778][ T27] cleanup_mnt+0x490/0x520 [ 754.644412][ T27] ? lockdep_hardirqs_on+0x94/0x130 [ 754.649647][ T27] task_work_run+0x246/0x300 [ 754.654561][ T27] ? task_work_cancel+0x2e0/0x2e0 [ 754.659712][ T27] ? exit_to_user_mode_loop+0x39/0x100 [ 754.665260][ T27] exit_to_user_mode_loop+0xde/0x100 [ 754.670572][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 754.676208][ T27] syscall_exit_to_user_mode+0x60/0x270 [ 754.682038][ T27] do_syscall_64+0x47/0xb0 [ 754.686545][ T27] ? clear_bhb_loop+0x45/0xa0 [ 754.691232][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 754.698092][ T27] RIP: 0033:0x7f4895f8e0d7 [ 754.702509][ T27] RSP: 002b:00007fff7e5e1a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 754.711322][ T27] RAX: 0000000000000000 RBX: 00007f489600e08c RCX: 00007f4895f8e0d7 [ 754.719473][ T27] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff7e5e1ad0 [ 754.727981][ T27] RBP: 00007fff7e5e1ad0 R08: 0000000000000000 R09: 0000000000000000 [ 754.735992][ T27] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff7e5e2b60 [ 754.744030][ T27] R13: 00007f489600e08c R14: 000000000008befb R15: 00007fff7e5e2ba0 [ 754.752068][ T27] [ 754.755136][ T27] [ 754.755136][ T27] Showing all locks held in the system: [ 754.763311][ T27] 1 lock held by rcu_tasks_kthre/12: [ 754.768647][ T27] #0: ffffffff8d32b290 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 754.779205][ T27] 1 lock held by rcu_tasks_trace/13: [ 754.784650][ T27] #0: ffffffff8d32ba90 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 754.802268][ T27] 1 lock held by khungtaskd/27: [ 754.807177][ T27] #0: ffffffff8d32b0c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 754.816231][ T4247] ocfs2: Unmounting device (7,4) on (node local) [ 754.817224][ T27] 2 locks held by getty/4014: [ 754.828390][ T27] #0: ffff888031281098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 754.838639][ T27] #1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 754.848896][ T27] 1 lock held by syz-executor/4247: [ 754.854105][ T27] 1 lock held by syz-executor/4253: [ 754.859387][ T27] #0: ffff888059c180e0 (&type->s_umount_key#75){+.+.}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 754.890805][ T27] 3 locks held by kworker/0:8/4402: [ 754.896080][ T27] #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 754.907640][ T27] #1: ffffc9000548fd20 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 754.921439][ T27] #2: ffffffff8d3306b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930 [ 754.936687][ T27] 2 locks held by kworker/0:20/14666: [ 754.942707][ T27] #0: ffff888017c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 754.957373][ T27] #1: ffffc9000cb4fd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 754.969076][ T27] [ 754.971417][ T27] ============================================= [ 754.971417][ T27] [ 754.987043][ T27] NMI backtrace for cpu 1 [ 754.991386][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.127-syzkaller #0 [ 754.999265][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 755.009324][ T27] Call Trace: [ 755.012628][ T27] [ 755.015576][ T27] dump_stack_lvl+0x1e3/0x2cb [ 755.020276][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 755.025736][ T27] ? panic+0x764/0x764 [ 755.029816][ T27] ? vprintk_emit+0x622/0x740 [ 755.034501][ T27] ? printk_sprint+0x490/0x490 [ 755.039281][ T27] ? nmi_cpu_backtrace+0x252/0x560 [ 755.044414][ T27] nmi_cpu_backtrace+0x4e1/0x560 [ 755.049349][ T27] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 755.055500][ T27] ? _printk+0xd1/0x111 [ 755.059669][ T27] ? panic+0x764/0x764 [ 755.063744][ T27] ? __wake_up_klogd+0xcc/0x100 [ 755.068583][ T27] ? panic+0x764/0x764 [ 755.072726][ T27] ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0 [ 755.078787][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 755.084849][ T27] nmi_trigger_cpumask_backtrace+0x1ae/0x3f0 [ 755.090828][ T27] watchdog+0xf88/0xfd0 [ 755.094982][ T27] ? watchdog+0x1f8/0xfd0 [ 755.099310][ T27] kthread+0x28d/0x320 [ 755.103375][ T27] ? hungtask_pm_notify+0x50/0x50 [ 755.108388][ T27] ? kthread_blkcg+0xd0/0xd0 [ 755.112962][ T27] ret_from_fork+0x1f/0x30 [ 755.117381][ T27] [ 755.120538][ C1] vkms_vblank_simulate: vblank timer overrun [ 755.127488][ T27] Sending NMI from CPU 1 to CPUs 0: [ 755.132917][ C0] NMI backtrace for cpu 0 [ 755.132938][ C0] CPU: 0 PID: 75 Comm: kworker/u4:4 Not tainted 6.1.127-syzkaller #0 [ 755.132954][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 755.132964][ C0] Workqueue: bat_events batadv_nc_worker [ 755.132990][ C0] RIP: 0010:rcu_is_watching+0x4/0xb0 [ 755.133008][ C0] Code: 21 02 0f 84 02 ff ff ff e9 6c ff ff ff 48 c7 c7 20 1a 33 8d 4c 89 f6 e8 da 25 fc 02 e9 2b ff ff ff e8 30 4e 3f 09 41 57 41 56 <53> 65 ff 05 cc e7 8e 7e e8 6f 66 3f 09 89 c3 83 f8 08 73 76 49 bf [ 755.133021][ C0] RSP: 0018:ffffc900020bfbe0 EFLAGS: 00000202 [ 755.133033][ C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff88801a3ed940 [ 755.133044][ C0] RDX: ffff88801a3ed940 RSI: 0000000000000001 RDI: 0000000000000000 [ 755.133054][ C0] RBP: 0000000000000000 R08: ffffffff8a8356ba R09: fffffbfff224a04d [ 755.133065][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888077c8cc80 [ 755.133075][ C0] R13: 0000000000000273 R14: ffff888026f47d00 R15: dffffc0000000000 [ 755.133086][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 755.133099][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 755.133110][ C0] CR2: 00007ff4b87762d8 CR3: 0000000075b6c000 CR4: 00000000003506f0 [ 755.133125][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 755.133134][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 755.133143][ C0] Call Trace: [ 755.133149][ C0] [ 755.133155][ C0] ? nmi_cpu_backtrace+0x3de/0x560 [ 755.133171][ C0] ? read_lock_is_recursive+0x10/0x10 [ 755.133194][ C0] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 755.133209][ C0] ? nmi_handle+0x25/0x440 [ 755.133239][ C0] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 755.133253][ C0] ? nmi_handle+0x12e/0x440 [ 755.133274][ C0] ? nmi_handle+0x25/0x440 [ 755.133295][ C0] ? rcu_is_watching+0x4/0xb0 [ 755.133309][ C0] ? default_do_nmi+0x62/0x150 [ 755.133325][ C0] ? exc_nmi+0xa8/0x100 [ 755.133339][ C0] ? end_repeat_nmi+0x16/0x31 [ 755.133356][ C0] ? batadv_nc_worker+0x1fa/0x610 [ 755.133378][ C0] ? rcu_is_watching+0x4/0xb0 [ 755.133392][ C0] ? rcu_is_watching+0x4/0xb0 [ 755.133406][ C0] ? rcu_is_watching+0x4/0xb0 [ 755.133420][ C0] [ 755.133425][ C0] [ 755.133430][ C0] batadv_nc_worker+0x203/0x610 [ 755.133450][ C0] ? batadv_nc_worker+0xc7/0x610 [ 755.133471][ C0] ? process_one_work+0x7a9/0x11d0 [ 755.133488][ C0] process_one_work+0x8a9/0x11d0 [ 755.133512][ C0] ? worker_detach_from_pool+0x260/0x260 [ 755.133531][ C0] ? _raw_spin_lock_irqsave+0x120/0x120 [ 755.133551][ C0] ? kthread_data+0x4e/0xc0 [ 755.133573][ C0] ? wq_worker_running+0x97/0x190 [ 755.133589][ C0] worker_thread+0xa47/0x1200 [ 755.133617][ C0] kthread+0x28d/0x320 [ 755.133630][ C0] ? worker_clr_flags+0x190/0x190 [ 755.133652][ C0] ? kthread_blkcg+0xd0/0xd0 [ 755.133666][ C0] ret_from_fork+0x1f/0x30 [ 755.133691][ C0] [ 755.147071][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 755.147084][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.127-syzkaller #0 [ 755.147101][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 755.147111][ T27] Call Trace: [ 755.147117][ T27] [ 755.147124][ T27] dump_stack_lvl+0x1e3/0x2cb [ 755.147152][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 755.147174][ T27] ? panic+0x764/0x764 [ 755.147194][ T27] ? vscnprintf+0x59/0x80 [ 755.147214][ T27] panic+0x318/0x764 [ 755.147234][ T27] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 755.147252][ T27] ? memcpy_page_flushcache+0xfc/0xfc [ 755.147271][ T27] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 755.147284][ T27] ? nmi_trigger_cpumask_backtrace+0x338/0x3f0 [ 755.147301][ T27] ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0 [ 755.147319][ T27] watchdog+0xfc7/0xfd0 [ 755.147343][ T27] ? watchdog+0x1f8/0xfd0 [ 755.147364][ T27] kthread+0x28d/0x320 [ 755.147378][ T27] ? hungtask_pm_notify+0x50/0x50 [ 755.147405][ T27] ? kthread_blkcg+0xd0/0xd0 [ 755.147421][ T27] ret_from_fork+0x1f/0x30 [ 755.147451][ T27] [ 755.147588][ T27] Kernel Offset: disabled [ 755.539728][ T27] Rebooting in 86400 seconds..