last executing test programs: 2m20.68637542s ago: executing program 4 (id=24): r0 = socket(0x1d, 0x2, 0x6) syz_genetlink_get_family_id$fou(&(0x7f00000001c0), r0) 2m20.651469605s ago: executing program 4 (id=25): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f000001fac0)={0x0, 0x1}) 2m20.608233603s ago: executing program 4 (id=27): syz_mount_image$hfsplus(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80000c, &(0x7f0000000000)=ANY=[], 0x1, 0x6f7, &(0x7f00000002c0)="$eJzs3c1r5OYZAPBH47E9dmHjTfajLYEMCaSlprv2Gqd1L92WUnwIJU0PPZtdb9bsrDfYTnFCqb1N/4AecuopPfi29FBS6HGhPTcESq4+Bgq55OTbFGmk+fB82hmvneT3M5Je6f3Qq0cjaTTCKIBvrNX5KNfr9b3V+dd30/nDg6XaxMHSdJ5di4ipiChFlBuTSDYjy72dD/GddGFePum3ng82Vt789IvDzxpz5XzIypcG1ethqnvRfj5ENSIm8mm3yT4tfnR89R3t3elsr18jAyTNLUwD9koRuPjLyZuCcap32W/mPflvNh5U/STHLXBBJY3rZpe5iNmIqEQ0rvr52aH0bHs3fvvn3QEAAAA4qZlhBbpv1587iqPYjUtn1SUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Osrf/5/kQ6lIVyMp3v8/lS+LPP2V9Ml0Y/r0vDsCAAAAAAAAAGPw0lEcxW5cKubrSfbM/+W2Z/zfindiO9ZjK27EbqzFTuzEVixGxFxbQ1O7azs7W4tZzYgrA2reio971LzVv4+3B2/CP399mg0HAAAAAAAAgIurMiT/wWT3sj/Gauv5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXARJxERjkg1XivRclMoRUYmIqbTcfsTHRfrCeX+619Kk18KnZ94ZAAAAGK9K52xSGaHOc3txFLtxqZivJ9k9/7XsfrkS78Rm7MRG7EQt1uNufg+d3vWXDg+WaocHSw/Tobvdn31+oq5nLUbjt4fea/52VmIm7sVGtuRG3Ikk6plS0fm9xvTh4UHSo1+P0z4lP80N6M1EW/puOrr+UZb+c+evCOUTbeIplfrmzGW5k82ILDxu1bhc7Jnee2jo3ikPXNNilJq//FwZvKbeMX88eO2zx0r1/OXmXByPxK0oNffQtcGRiPjeP5789n5t88H9e9vzF2eTetobWuJ4JJbaInH9axSJ4RaySFxtzq/GL+M3MR+fT78RW7ERv4u12In1apG/ln+e0/Hc4Eh9Mts+98awnqTHZLV5/urVp2p09Cmq8YsstRYvRxJzcSk2IolHEZPr8Vr2dysWm2eD1h6+OsJRXxrhTNum8v1s0gxTzPQv+7fRmhyXNK6X2+Lads7NjoPLHUtaUXq+Z5SKa93o16M25e/mibSF9wdeH56145FYbIvEC/0+L42Q/rWejrdrmw+27q+9PeL6Xs2nxaezx4mk/mW25/TSPfx8VPKNu5yN096ln44074VmrzvjNZU/cWkodeVdbdZrHKm/ikdxN9qP1B/FcizHSlb6WlZ6suuKleZdb7bUeQ5P89JvWuXmg53271uPotb4PgTAxTb7g9mpmf/N/Gfmw5k/zdyfeb3y8+kfT784FZP/nvxJeWHi1dKLyd/jw/hD6/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4ve1333uwVqutb/VOlHpnJYNrrdWKN/INKtORSPJX5YxQOBmpwcGJ6Xzzv2w7HYnqqRos3tY4vHB1fF3tSiT7+Q5rLqkM3xfZW572RtrLSVfA08qn7nPxfqkzisaYEtXxNVh8YAeVGXpUFm9W68iaiIhehYecOCbGdQYCzsvNnYdv39x+970fbjxce2v9rfXNyeXllYWV5deWbt7bqK0vNMZtFZ7Jy2+BZ6F10W9fWop4aXjdAS9qBQAAAAAAAAAAAM7Q8f/oOIv/hXhy3hsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfKWtzkf5aSSxuHBjIZ0/PFiqpUORbpUsR0QpIpLfRyT/irgdjSHm2ppL+q3ng42VNz/94vCzVlvlonwpYr9vvdHs50NUI2Iin46rvTvD25tqJad7ZCfNyKQBe6UIHJy3/wcAAP//vGfxGQ==") syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='.\x00', 0x108020, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0) 2m20.33306304s ago: executing program 4 (id=36): r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000440)={0x100, {{0xa, 0x4e20, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}}, {{0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, '\x00', 0x16}, 0x1490}}}, 0x108) 2m20.126597414s ago: executing program 4 (id=39): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) 2m20.096082764s ago: executing program 4 (id=41): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r0, &(0x7f0000000080)={0x24, @none={0x3}}, 0x2) 2m4.969292132s ago: executing program 32 (id=41): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r0, &(0x7f0000000080)={0x24, @none={0x3}}, 0x2) 1m35.149047644s ago: executing program 0 (id=890): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x350, 0xa8, 0x0, 0xfbffffff, 0x0, 0xa8, 0x2b8, 0x2b8, 0xffffffff, 0x2b8, 0x2b8, 0x5, 0x0, {[{{@ip={@broadcast, @local, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @empty, @local, @port, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x2b8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @local, @gre_key, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3b0) 1m35.080367516s ago: executing program 0 (id=894): syz_mount_image$erofs(&(0x7f00000005c0), &(0x7f0000000580)='./file2\x00', 0x2000000, &(0x7f0000000200)=ANY=[], 0x1, 0x205, &(0x7f0000000300)="$eJzslL+LE0EUx78z2ezdiig2V9hYeOCJ3mZ3g3LNFScIViLcKVpp8NbjzN5FkhXcBYvDxkY7C8HGwsbS4opUFnb+A4IWKggWphTLldmZJJNsfplsKt+nmHxn5s28eW/DFwRB/Ld8//b767NLa1vnARzFMhbU+s8CwJjUXIv/8vLhuRfrl1+9+/zmw/6xx83++8SRJOldWByR3wDwfqOdlfefxrL63QLv6OvgOPsnkYDBVut3wHFDaR8Mt5S+r+maiLfte7uBb9+tBdtCOGJwxeCJodz/vtYBw7aai5RM229EcbUSBH5dE4baG7A1legkqy5l+lcU79vgWNfeJ7p48+mTAzFv98bR+ueCw1VFlMGwqdbXsNDujWyJVv9Jo3t/IVP/wGrTrwNgXJGLefRooDixOt3xlRw/XhQDPStFdLdEJ+dUe48wciwnK65OWsVzC8CMSd9O8I8CZkix1Gp+zG79mLVRxxtRzDDXrzylsBBXOQJf2HSONwOfDqV/JK8Zzmj+ZGj+UQr3HpQaUby6u1fZ8Xf8fc8rX3QYnAteKTUiOWZ8r+vPVupPR7T7i0NiTW7iUSUM664cTWbCQhjWvXTuaY67eVj7dVsdC3EFwGk5EbZpDn0NwEwZw9NYoVYKI8IJgiAIgiAIgiAIgiAIgiD+gVNgSMbjXUuj/wYAAP//QU5t/w==") chdir(&(0x7f00000001c0)='./file0\x00') 1m34.94542146s ago: executing program 0 (id=899): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0505350, &(0x7f0000000340)={{0x0, 0xfc}, 'port1\x00', 0x0, 0x100201, 0x2, 0xfffffff8, 0x3, 0x0, 0x2, 0x0, 0x3, 0xf3}) 1m34.798719269s ago: executing program 0 (id=906): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x2000c0, &(0x7f0000002380)=ANY=[@ANYBLOB="747970653d629bfeaa2c747970653d75699e3e2c666f7263652c6465636f6d706f73652c666f7263652c6e6c733d69736f383835392d392c00fb96ab4c9493d7be8b39915215ec88b35cc6fc60097459"], 0x1, 0x6e4, &(0x7f0000000240)="$eJzs3U1sHGcZAOB31uu1N5XcbZu0BSHFakQEDSS2l5IgIREQQj5UKBKXXk3iNFbWbmRvkRMhsgUKRzihHHooQubQE+oBqYgDIpyRkLii3CNxjziwaGZn1rtre72b+CcJzyON55uZ7+ed1zOfd2cTbQD/txbficlWJLF47u3NdPvBVr3xYKu+WpQjYioiShHlziqStYjkfsTl6CzxuXRn3l2y1zhvPfzso7P3Pql3tsr5ktUvDWu3rT1khFa+xGxETOTrMZX36u/qLv3dHavrpBt3mrAzReLguLV3aI3TfIT7Fnja3Y2YmNxlfy3iRERM568DIp8dSkcc3oEba5YDAACAp9PEfhVefBSPYjNmjiYcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeD4kne8MTPKlVJRnIym+/7+S70tVKscc73Bf2ef4h9ePKBAAAAAAAAAAOBSf5h/cn34Uj2IzZor97ST7zP+NbONk9vOFeD82YjnW43xsxlI0oxnrMR8xOdPTYWVzqdlcn9/Z8jeRtmy323fzlgsRUdvRcuEIThoAAAAAAAAAnl8/jcWYOe4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgVxIx0Vlly8miXItSOSKmI6KS1mtF/LkoP8v+ctwBAAAAwOGr5uuZ5L+dQjvJ3vO/mr3vn473Yy2asRLNaMRyXMueBXTe9Zf+0ao3HmzVV9NlZ8ff/vdYcWQ9RsREfLDHyHNZjVPdFovxvfhBnIvZuBLrsRI/iqVoxnLMRjU9iViKJGrVztOLWhHn7vFe7tu6Mhjb6YHt17NIqnE9VrLYzsfVSnQem2TnkI75es9of6xEDIz4QZqd5Fu5EXN0ref39ev8uUyu/eKIfRyOWnbmk92MzKW5z7Px0vDcj3mdDI40H6XuM6iT26Okm4MjFTn/4Tg5P5Gv01z/oj/nB23MR2mDmViIUn71Rbzan/NbX7z3cn/jL//zr1dulNZu3ri+ce4QT+lQTRaFwUzUezLx2vCrL89EI81Ea/RMTA7umH6C8zhAlTwb2VQ04mz53ay0FG/0XILvxbVYjosxF/NxKebiG7EQ9b4r7FRfXsv11f6cZPdaaef8Vh0S/Jkv9VT65T6Vj1aal5d68to709WyY/mey7+KuZ4svTz86hv7r0A6/ufzcjrGz7p/cZ4GfZnI5+YiuleGZ+K37fTnRmPt5vqNpVsjjnc2X6e37Yf9c/PvDuJ8Hl96vaQzbjnbynJSLa6X9Ngr3Wj781XJP3HptCvtOHaqe6wWM7ES39/zTq3kr+F29tQ59lrvsX9tz5yV/PVNcazvVU68F43sVciA2aPJKgAjO/HmiUr1YfXv1Y+rP6/eqL49/Z2pS1NfqMTk38p/mvhD6felbyZvxsfxk5g57kgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB5sHH7zs2lRmN5vVuI6cE9T1qo7DnW8EKU9q2z9cJoHUYtYvhYSV6oHOy5P4uFahxSz59GxJA6lSceIhn7Ghu7kF7IB9Jh8cVp2Z72xBjNy0Wr3euUY2N6r9/g1PZdELWbS43/tPvqVKPnlgGecxeaq7cubNy+89WV1aV3l99dXlu4dPHSxfrX57924fpKY3mu8/O4owQOw8btOxPHHQMAAAAAAAAAAAAwnvxf/zcf+z8zlPepU1nf2H3k00d9qgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAzavGdmGxFEvNz5+fS7Qdb9Ua6FOXtmuWIKEVE8uOI5H7E5egsUevpLtlrnLcefvbR2Xuf1Lf7Khf1S8PajaaVLzEbERP5en9Tu3Szs7+rPf21Hiu8pHuGacLOFImD4/a/AAAA//+vgfmP") mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1adc51, 0x0) 1m34.622166313s ago: executing program 0 (id=912): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x891d, &(0x7f0000000080)={'sit0\x00', @ifru_flags=0x8000}) 1m34.044879117s ago: executing program 0 (id=937): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x6, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x5128ef2c52fe809}, 0x800) 1m33.912057081s ago: executing program 33 (id=937): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x6, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x5128ef2c52fe809}, 0x800) 41.462401219s ago: executing program 3 (id=2312): r0 = syz_open_dev$vcsn(&(0x7f0000000040), 0x1, 0x0) pwrite64(r0, 0x0, 0x0, 0x0) 41.432103978s ago: executing program 3 (id=2313): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) capget(0xffffffffffffffff, 0x0) 41.299193738s ago: executing program 3 (id=2317): r0 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0) write$khugepaged_scan(r0, &(0x7f0000000380), 0x8) 41.257616044s ago: executing program 3 (id=2319): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3200004, &(0x7f0000000040)={[{@force}, {@nls={'nls', 0x3d, 'cp874'}}, {@type={'type', 0x3d, "886819bf"}}, {@force}, {@gid}, {}, {@uid}, {@nodecompose}]}, 0x43, 0x6ae, &(0x7f0000000e40)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBqNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmEyAYoSJw4oR44FKFw6AkhhFQOCFHOSEhcOOUeiRuHHABXM7O7Xtsbx25ir9t+PtJ43ts3773f/DJ/dsexNsBn1rnXsr+XIueOn79Z1u/d7XTv3e1cG5STTCVpJM16laKdFB8mZ1Mv+Xz5Yn+44mHzvHL/g6L57vudutbsL9X2jc36bTB2y15yYFjZl2SmLv53y8NuGK9aqnEuro73cFObNRbDuMuEHRskDiZtZYPeamPjkd23ft4Ce9bt+r65wXRyMPXdtbrF9a8Oj74yTN6m16be7sUBAAAAO2XsZ/lRTz3Ig9zMod0JBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4divo7A4v+0hiUZ1IMvv+/NfKd+q0Jh/uY3rlcrb771KQDAQAAAAAAAIDH8sKDPMjNHBrUV4rqd/4vVpXD1c/P5a3cyEKWciI3M5/lLGcpc0mmRwZq3ZxfXl6a29jzlyl7rqys3O73PDW256m1cfXWBzrufxps2AgAAAAAAAAAPrN+lHOrv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC9oEj21atqOTwoT6fRTHIgSauYGW7emmiwT8BfJh0AAAAA7Lx2f32o+H9dWCmqz/xHqs/9B/JWrmc5i1lONwu5VD0LqD/1N/7R63Tv3e1cK5eNA3/j39uKoxox9bOH8TPPVls8N+xxLt/O93I8M7mQpSzm+5nPchYyk29VpfkUme4/vZi+d7edQawb4z27pnZhfWwvjJTL+I5WkbRzOYtVbCdysTUIvdHf7ujIbH9sJetmvFNmp3i1b4s5utRfl3v0i/56b5iu9nz/MCOz/dyX2Xh6NO8bc7/N42T9THNpDJ9BHV6dpayun+lj5fxgf13m+qc7m/NtPkpbm4nez8va4Og7snnOky//868XrjSuX71y+cbxvXMYfUzrj4nOSCae31ImumUmeo+RiQOPE/+T0+pno76Kbu9q+WLV91AW8528kUtZyOnMZi5nMpuv5VQ6OTWS1+c2z2t1rjW2d64d+1K/UN6TfjZyb9o1Uw9rKPP69EheR69001Xb6CurWXpmC1kqWhmfpX+NDaX5hX6hnOPHI3ecyVufibmRTDy7eSZ+/b+VJDe6168uXZl/c5M5bv354EuD8qBQnrbvrL02/+ZJ7tc29He3PF6eKf+xUt82Ro+Osu3ZQVudr6KZ1X6Hh21r73OtVqrzuW571JlajnTkzriR6rbnx87SqdqOjrSteZeTN9IdvgsBYA87+PLBVvt+++/t99o/aV9pnz/wzakzU19sZf/fmn/a97vGbxtfL17Oe/lhDk06UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS48fatq/Pd7sLSHiyk8YQHvDO2aZCK+pXW3tj3T2pharMj6vdJNunemkTM7SR7InVp7sJcUxnTdH74SjtpDONJcnWPfMEdsBNOLl978+SNt299ZfHa/OsLry9cP3Xm9KunO1+du33y8mJ3Ybb+OekogZ2w+jZg0pEAAAAAAAAAAAAAW7Ubf94wZtqiN4F9BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6Zzr2W/b0UmZs9MVvW793tdMtlUF7dspmkkaT4QVJ8mJxNvWR6ZLjiYfO8cv+DX7307vud1bGag+0b6/r94T8rK9vci15/yUySff31o01tabyLI+P1thlYrRjuYZmwY4PEwaR9FAAA///howfX") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x10b091, 0x0) 40.97898737s ago: executing program 3 (id=2328): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0xffffffffffffffde}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_TYPE={0x6, 0x5, 0x808}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 40.733073096s ago: executing program 3 (id=2335): r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/dev\x00') lseek(r0, 0xd7, 0x0) 40.597594938s ago: executing program 34 (id=2335): r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/dev\x00') lseek(r0, 0xd7, 0x0) 1.277468683s ago: executing program 1 (id=3365): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='attr\x00') getdents64(r0, 0x0, 0x0) 1.230065967s ago: executing program 1 (id=3368): futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x5, 0x300, 0x0, &(0x7f0000048000), 0x5000000) 1.176700899s ago: executing program 5 (id=3369): r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200a106002a17006000000002000020d3"]) 1.078422489s ago: executing program 5 (id=3374): r0 = syz_io_uring_setup(0x212a, &(0x7f0000000700)={0x0, 0x86dd, 0x80, 0x1, 0x5e}, &(0x7f0000000080), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000840)={&(0x7f0000001000), 0x0, 0x3}, 0x1) 1.058803326s ago: executing program 2 (id=3375): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0x891e, 0x0) 963.685951ms ago: executing program 2 (id=3377): r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) add_key(&(0x7f0000000200)='rxrpc\x00', 0x0, &(0x7f0000000040)="0000000000000040ff6943b87902f5d9f27dbafff200000000861f4104bfeacd", 0x20, r0) 955.822756ms ago: executing program 5 (id=3378): r0 = socket$pptp(0x18, 0x1, 0x2) connect$pptp(r0, &(0x7f0000000300)={0x18, 0x2, {0x3, @broadcast}}, 0x1e) 896.910406ms ago: executing program 2 (id=3380): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, 0xffffffffffffffff) 861.306348ms ago: executing program 5 (id=3382): syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file2\x00', 0x2000000, &(0x7f00000002c0)=ANY=[], 0x1, 0x223, &(0x7f0000000000)="$eJzsmL9rFEEUx78zu7fZFRWrFDYKBoyoe9k9lDSHRhCsREj8Velh1hBvk5PLCuZAMNjYaGch2Fj4D1ikSGVh5z8gaKGCYOEVFjY2I7M7u5m7ubjJcp3vUwzf2ffmx/ve7isOBEH8t3z7+vvLswuzC6cA7McUJtTzHxbAWKa5lv/55YOTL5oXX7399Ob96sFHW8P7ySVCDD5w/3G+DeDdnIWkOKlY/UeKKTVZAC/0VXCcUPo6GHylb4PjmtIRGG4qfU/THZnv+3eX48i/04kXpZiRQyCHUA6N4fv1NxgW1VwIIZgWX1vvtVtxHHU1YavYiFAlURzWnjQNdIH+HEdTu5908cbTJxtynnszo/kXgCNQRTTAMK+ez2Ii9yazRKv/sL29v2XUP7JamSoDZUW6mWj+GotZushf5r0un5blnDdDh1DlGhhcVcN2SDo5mHx0vCao2u3yd/Gc8qrCWZeNKnYQzz0AY/+VTVGpilxM9rc+mKHvZcsFKz+C7f79cXd75/xDrO6Yh16b79GxAyMb39DFPm5m/UO8Zjiu9Sdb6x/1ZOV+fW29d3p5pbUULUWrYdg4y4DHZ8J62oiy0ex7RX/20v60T9u/tkOuw50aWknSDR6mo8MceEiSbpjOQ+2zmd/s/LylliW4BOBYNpFt0yl2tIwzmJPl8DRXqmkziSAIgiAIgiAIgiAIgiAIohJHwNJ/QUsIr6TZfwMAAP//dD5fLA==") syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x841440, 0x0, 0x0, 0x0, &(0x7f0000000180)) 750.318954ms ago: executing program 5 (id=3387): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) getgroups(0x2, &(0x7f0000000380)=[0xee00, 0xee00]) 735.235053ms ago: executing program 2 (id=3388): syz_read_part_table(0x5d6, &(0x7f0000000600)="$eJzs3L9rU2scB+A3QSIKIm5uBjNEXCJkLBE0xEMJmBC86HCv6KZDljo5xAgGxMG4ROS61EERatBBJxFBkNKkQyFTaWnvcNtSOlwKXQKl5FI4/QN6LykIzwMvvD8+53zPy+GM5w380pLhn9FolAghjI4f/urfZkrXJtPVK7UbISTCHyGEv7NTf+6vJOLEwV3Px+PVeJz/dqz+fCZ62u6cOvslvTufjNcfx22j//r2/94cY3fhwcUf54aDM1/L4U3vcm/iZP3WvW622OwuVD9ffZd+f/Dec2Oq/6kwe/pJaypqPyzcX4waa9Fmcmc7uv5qOpd60axlty7FuTtjql/fu5n68PZnsbV+Ij9XrlQ6H5dfZhql761Hg35mafjsbpxb+Q9fFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR+/Cg4s/zg0HZ76Ww5ve5d7Eyfqte91ssdldqH6++i79/nycy42p/qfC7Oknramo/bBwfzFqrEWbyZ3t6Pqr6VzqRbOW3boU5+6MqX5972bqw9ufxdb6ifxcuVLpfFx+mWmUvrceDfqZpeGzu3Fu5fiYHgAAAAAAAAAAAAAAAAAAAABCCKVrk+nqldqN/f7vIYSJ6cnl/f4o/t89EecOzgFYjefz347Vn89ET9udU2e/pHfn/4rnH8dto//69lHvhcP7NwAA//+dF4rB") mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='jfs\x00', 0x0, 0x0) 678.922898ms ago: executing program 5 (id=3390): futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x5, 0xfffffffc, 0x0, &(0x7f0000048000)=0x3, 0x2000000) 602.959538ms ago: executing program 7 (id=3392): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='cmdline\x00') preadv(r0, &(0x7f0000001240)=[{0x0, 0x2}, {&(0x7f0000000200)=""/44, 0x2c}], 0x2, 0x0, 0x0) 588.799265ms ago: executing program 6 (id=3393): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000006c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKMODE={0x5}, @IFLA_IFNAME={0x14, 0x3, 'bridge_slave_0\x00'}, @IFLA_VFINFO_LIST={0x8, 0x16, 0x0, 0x1, [{0x4}]}]}, 0x44}}, 0x0) 521.794719ms ago: executing program 2 (id=3394): syz_mount_image$ocfs2(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x2a00403, &(0x7f0000000400)=ANY=[@ANYBLOB="6c6f63616c616c6c6f633d31383434363734343037333730393535313630382c726573765f6c6576656c3d30303030303030303030303030303030303030322c6865617274626561743d6e6f6e652c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c6e6f696e74722c636f686572656e63793d66756c6c2c6e6f61636c2c636f686572656e63793d66756c6c2c646174613d6f7264657265642c00a6bbbf4f1c4504306b696ca03fb375edc4c5f0f579bf2195c3cc88165b8c279abaa84a848971253cb6e898fee96fa6", @ANYRESHEX, @ANYRESDEC=0x0], 0x8, 0x4484, &(0x7f000000ac40)="$eJzs28tvG9UeAOAzdnqb9La9efXdSta9ixvdiyKnK6ALShtAlRAl4SHEopHzaBtw4ihxUBdIFLGvhMQCsWbTij1q2fRfYEG3LLsoLNgg2BBkeybxjOMmVHZC0++T2vGcM+ch/2bOnNPj5mLV6/MrhfmVQmmxUJm5unK28FGlvLowF3I7ZIv2w451hMfqxn2y2/fes+zyxVffevdsCDd+GPzn2traWqjpD5saa/r86y8fzzQfE7lMmVq9m9fWKe+HEIZDCL0h2598COG9b0OIQggDcdpgfOwLIRwMjbzPvrk92duh3uQf3pm4PTF+6+6jhQd9F68U2l4YhfBV+cRz1xZ++k/+3I//61DzAADwWK9NXn7nzeJYuB+Fw/d6Wufrx+Jju/nxGlvI17+ll7ofSgAAAGhrY/3fH+Wi1vX/cHxssyUYLGyfbpfeuDz+SnEs3v+NWvKfj5N+fjlf30NN9lfzbfZ/BzLlN9//bW3nSSX9S9rtD1FuNHWey42OhjB2oXF+PDqQK1dWqv+/WlldnO1YN55a6fg3du9T0Yk39LPxb7f/P5ipv/v7/0Mtd1PtvNC5W2xPS8c/3/a6rz+NthX/oUy5nYg/Ty4d/5562r+bLyg0BoBa/D/v2Tr+w5n6uxX/w7WxPar1tTc1AtTmMLX0dvOVxHeHutGrp086/vvqaamhM/4i2z3/v2fifyRT/26N/yMXutvqXpGO/z/qaekfrW08/wO5rZ//o5n6dyP+tf6PeP9vSzr++xuJ6cGz/k1ud/w/lqm/Kf7Jhmgnun1zva7DURhq+tXpvZ7GyyHZr64vaWrZS51odu9Jx791l39j/Zfb1vzveKb8Tq3/knaT9V+yDhmJGus/NpeOf1/b67b7/J/IlOv6+B/1xiuAtU+62s4elY7/gUZiZgK47y/E/2Sm/m7Fvz7i9ybx3+jwH/sb6UXzv21Jxz8OVeo1cLP+d33+F7XG/bdM/E9l6m+Kf/a/hnRI6/yv1v+RLrW216Tjf7DtdbX4f7+N9//pTLnuz/9DKJrrP7F0/Nv/o0j9+e/dOv5nMuW6Hf//drNyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnwGB87A9RbjR1nsuNjoYwFJ8fDwei6dLs1HS5MvPhSgjDcXohDEbXypXpUnlqfrEyOzdVKpcrMyEcifOHQ2+0Uq5UpxZKS0fX6+qLrs+VlqvTc6VqCOFYnH46HErqmp6vLpSW6tcmef/KVZaXrpcWp2bnl18sFovFcGK9DwPR3I3q3GK10XojN4ST62X7o6bO1bNPrfflYPRBZXV5sVSup59uKlOuzJTKTWXOxHlfhIGoury6OFOqzk2VK9eS9nbT+fg4fmny7cnXx1ryC1HjOLiz3QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgb+b+uRe+DCH0NM5yIYTzyYco/pOSf3hn4vbE+K27jxYe9F28UtjsGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4E924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKg1DURiAz70KCi7q6BM4hWRzVRRxMSL4BL5Eh75mH6NDxy6l0N5ASBro0tLh+5ZD8nPvOXAPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyOz9/276duIlLcbm4iZovHu37+VGr9dvj81Rlm5HS+vtv3j7op755G+Uv5tXzNu3S9mv9Hqde9704z2JPhPu2N+wxN7dvUfF3f+0i5ioiHkj+nnKvquLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC27M2hCYBgEMfRO8Fks7iGTmFUBPcwOp5LOI8mwWAQvvpeOjh+/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/xmVa536II6O6MmM/2+b9755j++6zbL4uywEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmx04kAEAAAAQ5m+dR/sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KAAD//9s10NY=") syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='.\x00', 0x108020, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0) 520.910852ms ago: executing program 7 (id=3395): capset(&(0x7f0000000300)={0x20080522}, &(0x7f0000000340)) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f00000000c0)={[{@grpquota}, {@norecovery}, {@data_err_abort}, {@noblock_validity}]}, 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm") 449.10907ms ago: executing program 6 (id=3396): r0 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$sock_int(r0, 0x28, 0x0, 0x0, 0x0) 439.705667ms ago: executing program 6 (id=3397): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0xea, 0x7, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000700), 0x20000000, 0x2}, 0x20) 418.569307ms ago: executing program 7 (id=3398): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x28}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x28, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 325.030656ms ago: executing program 6 (id=3399): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x70}}, 0x0) 324.883081ms ago: executing program 1 (id=3400): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) keyctl$dh_compute(0x17, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000001340)={0x0, &(0x7f0000000340)="25b60795260d99e3edf8f54ec73559ebd2605daeab5f32b48cf7350590b2246b971eb0e3d94a3e99ed031327fb1938b6ede3daa4974f5279b73a0e5356a7d66d26", 0x41}) 298.194513ms ago: executing program 7 (id=3401): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x16, 0xa, 0x401, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}]}], {0x14, 0x10}}, 0xc0}}, 0x0) 266.09087ms ago: executing program 6 (id=3402): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0x8, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}, @NFTA_CMP_SREG={0x8}, @NFTA_CMP_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc8}}, 0x0) 217.1092ms ago: executing program 1 (id=3403): r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, &(0x7f00000000c0)={0x9, [0x3b, 0xffff0000, 0x4f], [{0x0, 0x100a, 0x1}, {0x8000000, 0xae2, 0x0, 0x1}, {0x0, 0x5}, {}, {0xfffffffc, 0x84}, {}, {0x2}, {}, {0x9, 0xfffffffd}, {0x100, 0x41}, {0x57b}, {0x0, 0x1}], 0x35}) 185.806737ms ago: executing program 7 (id=3404): openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, &(0x7f0000000340)) 131.115484ms ago: executing program 6 (id=3405): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f0000001f80)="$eJzs3M9vFFUcAPDvzHaLCNiKqPxS8Vck/mgpoHLwoEYTD5iY6EGPTVsIslBDayKEKBiDJ2NMvBuP/gt60Ysxnoxe9W5IiOECeFozuzN0d7u7tNsti93PJxl4b+ZN3/v2zdt9M2+3AQytfdk/ScTWiPgzIsbq2eYC++r/Xb96fubG1fMzSVSrb/+T1Mpdu3p+pihanLclz+xPI9LPktjTpt6Fs+dOTlcqc2fy/OTiqQ8mF86ee+7Eqenjc8fnTh88cuTwoakXXzj4fF/izNp0bffH83t3vfHeV28e/aIp/pY41mznpsYf3daT1WrfqrsTbGtIJyMDbAirUoqIrLvKtfE/FqVY6ryxeP3TgTYOWFfVarW6pfPhC1VgA0uiOW/Iw7Ao3uiz+99ia50EvLx+04+Bu/JK/QYoi/t6vtWPjESalym33N/2076IePfCv99kW/T7OQQAQBs/ZvOfZ9vN/9J4oKHcPfna0HhE3BsR2yPivojYERH3R9TKPhgRO1dZf+siyfL5T3q5p8BWKJv/vZSvbTXP/4rZX4yX8ty2Wvzl5NiJytyB/HeyP8qbsvxUlzp+eu2PLzsda5z/ZVtWfzEXzNtxeWRT8zmz04vTa4m50ZWLEbtH2sWf3FwJSCJiV0Ts7rGOE09/t7fTsVvH30Uf1pmq30Y8Ve//C9ESfyHpvj45eVdU5g5MFlfFcr/+dumtTvWvKf4+yPr/7rbX/834x5PG9dqF1ddx6a/PO97T9Hr9jybv1NKj+b6PphcXz0xFjCZH641u3H9w6dwiX5T/4ff6/nbjf3ss/Sb2RER2ET8UEQ9HxCN52x+NiMci4vEu8f/y6hPv9x7/+sr6f3ZV/b+UGI3WPe0TpZM/f99U6fiy+G907//DtdT+fM9KXv9W0q7ermYAAAD4/0kjYmsk6cTNdJpOTNQ/L78jIq3MLyw+c2z+w9Oz9e8IjEc5LZ50jTU8D53Kb+vr+YsRUf9oQXH8UP7c+OvS5lp+Yma+Mjvo4GHIbekw/jN/lwbdOmDd+b4WDC/jH4aX8Q/Dy/iH4dVm/G8eRDuA26/d+/8nA2gHcPu1jH/LfjBE3P/D8Oo4/jfyX/4Barz/w1Ba2By3/pJ810Txk3o8fcMmonxHNGPtiWrStnMjHXTDJNYzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH75LwAA//8HW+BC") lsetxattr$system_posix_acl(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0) 121.198295ms ago: executing program 1 (id=3406): r0 = socket(0x1, 0x3, 0x0) recvmsg$inet_nvme(r0, &(0x7f00000003c0)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0, 0xfffffc8c}, 0x40) 85.629801ms ago: executing program 7 (id=3407): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb) setsockopt$ax25_int(r0, 0x101, 0x5, &(0x7f00000000c0), 0x4) 31.201617ms ago: executing program 1 (id=3408): r0 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @auto=[0x33, 0x61, 0x33, 0x65, 0x33, 0x36, 0x32, 0xad, 0x33, 0x66, 0x6c, 0x66, 0x66, 0x62, 0x34, 0xe]}, &(0x7f0000000180)={0x0, "33fe6728ac6cbe0d38e38e48be4342949cdcdbbf6eab85b3f122610b00000000000000151bc98f1f559a560ede6bd98700", 0x33}, 0x48, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x1e, r0, r0, 0xfffffffffffffffe, 0x1) 0s ago: executing program 2 (id=3409): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000014c0)=@newtaction={0x78, 0x30, 0x80d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_ct={0x60, 0x1, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_ZONE={0x6, 0x4, 0x800}, @TCA_CT_PARMS={0x18, 0x1, {0x2, 0x8, 0xffffffffffffffff, 0x4, 0x8}}, @TCA_CT_LABELS={0x14, 0x7, "a31a5744c98714e0c10894427408df27"}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x0) kernel console output (not intermixed with test programs): D 50:50:50:50:50:50 [ 98.921586][ T44] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.923146][ T44] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.091314][ T9543] loop2: detected capacity change from 0 to 1764 [ 99.305530][ T9559] netlink: 'syz.2.1141': attribute type 32 has an invalid length. [ 99.422939][ T9572] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1145'. [ 99.554567][ T9582] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1153'. [ 99.671564][ T9591] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 99.747508][ T9597] loop1: detected capacity change from 0 to 64 [ 99.872821][ T9595] loop6: detected capacity change from 0 to 32768 [ 100.026298][ T9614] netlink: 'syz.3.1165': attribute type 5 has an invalid length. [ 100.076566][ T9609] loop5: detected capacity change from 0 to 32768 [ 100.078390][ T9609] btrfs: Deprecated parameter 'usebackuproot' [ 100.079772][ T9609] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 100.088375][ T9609] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1164 (9609) [ 100.111809][ T9609] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 100.113886][ T9609] BTRFS info (device loop5): using crc32c (crc32c-arm64) checksum algorithm [ 100.115785][ T9609] BTRFS info (device loop5): using free-space-tree [ 100.220400][ T9636] loop3: detected capacity change from 0 to 512 [ 100.246856][ T9636] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 100.394688][ T9636] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.407322][ T9609] BTRFS info (device loop5): rebuilding free space tree [ 100.477879][ T9660] loop2: detected capacity change from 0 to 512 [ 100.500821][ T9660] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 100.554622][ T9660] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 100.575547][ T9660] EXT4-fs (loop2): Remounting filesystem read-only [ 100.578495][ T9660] EXT4-fs (loop2): 1 truncate cleaned up [ 100.590089][ T9660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.635226][ T6431] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.658476][ T6422] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.976211][ T7113] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 101.022638][ T9696] IPVS: set_ctl: invalid protocol: 51 172.30.1.7:20000 [ 101.063284][ T9698] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1188'. [ 101.076880][ T9692] netlink: 'syz.2.1186': attribute type 6 has an invalid length. [ 101.429210][ T9729] loop1: detected capacity change from 0 to 512 [ 101.459668][ T9729] EXT4-fs (loop1): filesystem is read-only [ 101.629978][ T9749] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1206'. [ 101.861344][ T9771] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1215'. [ 102.123550][ T9780] loop2: detected capacity change from 0 to 32768 [ 102.144538][ T9780] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1219 (9780) [ 102.168789][ T9780] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 102.171392][ T9780] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm [ 102.173102][ T9780] BTRFS info (device loop2): using free-space-tree [ 102.518297][ T9783] loop1: detected capacity change from 0 to 40427 [ 102.534188][ T9783] F2FS-fs (loop1): heap/no_heap options were deprecated [ 102.564736][ T9783] F2FS-fs (loop1): invalid crc value [ 102.574733][ T9783] F2FS-fs (loop1): Found nat_bits in checkpoint [ 102.581833][ T6431] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 102.628378][ T9783] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 102.689416][ T9775] loop3: detected capacity change from 0 to 32768 [ 102.712549][ T6423] syz-executor: attempt to access beyond end of device [ 102.712549][ T6423] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 102.725333][ T6423] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 102.745536][ T9775] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1216 (9775) [ 102.751794][ T9775] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 102.754073][ T9775] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 102.755899][ T9775] BTRFS info (device loop3): disk space caching is enabled [ 102.781291][ T9775] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 102.823332][ T9842] loop6: detected capacity change from 0 to 256 [ 102.825308][ T9842] exfat: Deprecated parameter 'utf8' [ 102.862430][ T9842] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011ded, chksum : 0x9858084d, utbl_chksum : 0xe619d30d) [ 102.944787][ T9775] BTRFS info (device loop3): rebuilding free space tree [ 102.987822][ T9775] BTRFS info (device loop3): disabling free space tree [ 102.989280][ T9775] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 102.995511][ T9775] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 103.090258][ T9775] BTRFS info (device loop3): balance: start -susage=43..0,drange=0..0,vrange=0..0,limit=351848015855616,stripes=0..4294967293 [ 103.121081][ T9775] BTRFS info (device loop3): balance: ended with status: 0 [ 103.135894][ T9865] loop5: detected capacity change from 0 to 8 [ 103.175528][ T9859] loop2: detected capacity change from 0 to 32768 [ 103.184814][ T6422] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 103.187685][ T9865] SQUASHFS error: xz decompression failed, data probably corrupt [ 103.200161][ T9865] SQUASHFS error: Failed to read block 0x108: -5 [ 103.208358][ T9865] SQUASHFS error: Unable to read metadata cache entry [106] [ 103.209819][ T9865] SQUASHFS error: Unable to read inode 0x0 [ 103.408882][ T9859] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 1791,noshard_inode_numbers,noinodes_use_key_cache,fsck,fix_errors=yes,norecovery,nojournal_transaction_names [ 103.455759][ T9859] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 103.457550][ T9859] bcachefs (loop2): Version upgrade required: [ 103.457550][ T9859] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 103.457550][ T9859] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 103.457550][ T9859] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 103.558891][ T9859] bcachefs (loop2): error validating btree node at btree alloc level 0/0 [ 103.558912][ T9859] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 103.558923][ T9859] node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing [ 103.571899][ T9902] loop6: detected capacity change from 0 to 64 [ 103.630463][ T9859] bcachefs (loop2): btree_node_read_work: rewriting btree node at btree=alloc level=0 SPOS_MAX due to error [ 103.669021][ T9859] bcachefs (loop2): check_topology... done [ 103.670231][ T9859] bcachefs (loop2): accounting_read... done [ 103.709694][ T9859] bcachefs (loop2): alloc_read... done [ 103.710689][ T30] audit: type=1400 audit(103.690:2): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=9910 comm="syz.1.1251" saddr=172.30.0.2 daddr=172.20.20.170 netif=wpan0 [ 103.720931][ T9859] bcachefs (loop2): stripes_read... done [ 103.722152][ T9859] bcachefs (loop2): snapshots_read... done [ 103.723461][ T9859] bcachefs (loop2): check_allocations... [ 103.746737][ T9859] bucket 0:26 data type btree ptr gen 0 missing in alloc btree [ 103.746770][ T9859] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 103.778057][ T9859] bucket 0:38 data type btree ptr gen 0 missing in alloc btree [ 103.778084][ T9859] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 103.799819][ T9859] bucket 0:41 data type btree ptr gen 0 missing in alloc btree [ 103.799838][ T9859] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 103.846875][ T9859] bucket 0:35 data type btree ptr gen 0 missing in alloc btree [ 103.846893][ T9859] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 103.993029][ T9859] bucket 0:29 data type btree ptr gen 0 missing in alloc btree [ 103.993048][ T9859] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 104.003739][ T9859] bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing [ 104.005656][ T9859] bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 104.007799][ T9859] bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing [ 104.009589][ T9859] bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 104.025178][ T9859] bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing [ 104.027589][ T9859] bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 104.045850][ T9859] bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing [ 104.047717][ T9859] bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 104.061630][ T9939] Cannot find set identified by id 0 to match [ 104.106413][ T9859] bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing [ 104.136625][ T9859] bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 104.138820][ T9859] bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing [ 104.140539][ T9859] bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 104.169707][ T9953] loop5: detected capacity change from 0 to 256 [ 104.189593][ T9859] bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing [ 104.194524][ T9955] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 104.225044][ T9859] bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 104.227285][ T9859] bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing [ 104.228995][ T9859] bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing [ 104.246163][ T9953] FAT-fs (loop5): Directory bread(block 64) failed [ 104.246206][ T9953] FAT-fs (loop5): Directory bread(block 65) failed [ 104.246253][ T9953] FAT-fs (loop5): Directory bread(block 66) failed [ 104.246278][ T9953] FAT-fs (loop5): Directory bread(block 67) failed [ 104.246331][ T9953] FAT-fs (loop5): Directory bread(block 68) failed [ 104.246360][ T9953] FAT-fs (loop5): Directory bread(block 69) failed [ 104.246411][ T9953] FAT-fs (loop5): Directory bread(block 70) failed [ 104.246438][ T9953] FAT-fs (loop5): Directory bread(block 71) failed [ 104.246489][ T9953] FAT-fs (loop5): Directory bread(block 72) failed [ 104.246515][ T9953] FAT-fs (loop5): Directory bread(block 73) failed [ 104.279441][ T9859] bucket 0:9 gen 0 has wrong data_type: got free, should be journal, fixing [ 104.281807][ T9859] bucket 0:9 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 104.290842][ T9859] bucket 0:10 gen 0 has wrong data_type: got free, should be journal, fixing [ 104.292909][ T9859] bucket 0:10 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 104.295022][ T9859] bucket 0:11 gen 0 has wrong data_type: got free, should be journal, fixing [ 104.296822][ T9859] bcachefs (loop2): Ratelimiting new instances of previous error [ 104.298418][ T9859] bucket 0:11 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 104.300500][ T9859] bcachefs (loop2): Ratelimiting new instances of previous error [ 104.335822][ T9966] @ÿ: renamed from veth0_vlan (while UP) [ 104.384741][ T9859] done [ 104.403880][ T9859] bcachefs (loop2): going read-write [ 104.501898][ T9859] bcachefs (loop2): Fixed errors, running fsck a second time to verify fs is clean [ 104.526397][ T9859] bcachefs (loop2): done starting filesystem [ 104.674568][ T6431] bcachefs (loop2): shutting down [ 104.675607][ T6431] bcachefs (loop2): going read-only [ 104.678054][ T6431] bcachefs (loop2): finished waiting for writes to stop [ 104.716581][ T9984] loop5: detected capacity change from 0 to 1024 [ 104.766538][ T6431] bcachefs (loop2): flushing journal and stopping allocators, journal seq 13 [ 104.771092][ T9984] hfsplus: xattr searching failed [ 104.772521][ T9984] hfsplus: xattr searching failed [ 104.773583][ T9984] hfsplus: xattr searching failed [ 104.777829][ T9984] hfsplus: xattr searching failed [ 104.957675][ T9995] ieee802154 phy0 wpan0: encryption failed: -22 [ 104.998947][ T6431] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 15 [ 105.133846][ T6431] bcachefs (loop2): unshutdown complete, journal seq 16 [ 105.136296][ T6431] bcachefs (loop2): done going read-only, filesystem not clean [ 105.241692][ T6431] bcachefs (loop2): shutdown complete [ 105.487175][T10011] loop6: detected capacity change from 0 to 32768 [ 105.492302][T10011] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1296 (10011) [ 105.496832][T10011] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 105.499119][T10011] BTRFS info (device loop6): using sha256 (sha256-ce) checksum algorithm [ 105.506427][T10011] BTRFS info (device loop6): using free-space-tree [ 105.673720][ T9048] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 105.826891][T10068] loop1: detected capacity change from 0 to 1024 [ 105.880167][T10068] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 106.134089][T10093] netlink: 'syz.5.1329': attribute type 1 has an invalid length. [ 106.310464][T10107] loop6: detected capacity change from 0 to 1024 [ 106.317831][T10107] EXT4-fs: Ignoring removed nobh option [ 106.329718][T10107] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 106.359007][T10107] EXT4-fs error (device loop6): ext4_ext_check_inode:524: inode #11: comm syz.6.1336: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 106.367979][T10107] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.1336: couldn't read orphan inode 11 (err -117) [ 106.378394][T10107] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.428141][T10107] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.1336: Invalid block bitmap block 0 in block_group 0 [ 106.466524][T10107] Quota error (device loop6): write_blk: dquota write failed [ 106.480812][T10107] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 106.489376][T10107] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.1336: Failed to acquire dquot type 0 [ 106.591831][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.773313][T10143] devtmpfs: Cannot enable quota on remount [ 106.925535][T10150] sctp: [Deprecated]: syz.1.1354 (pid 10150) Use of struct sctp_assoc_value in delayed_ack socket option. [ 106.925535][T10150] Use struct sctp_sack_info instead [ 106.976607][T10145] loop6: detected capacity change from 0 to 32768 [ 106.978185][T10145] XFS: noikeep mount option is deprecated. [ 107.016752][T10145] XFS (loop6): DAX unsupported by block device. Turning off DAX. [ 107.020707][T10145] XFS (loop6): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent. [ 107.060766][T10145] XFS (loop6): Quotacheck needed: Please wait. [ 107.075190][T10167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1358'. [ 107.101257][ T6470] XFS (loop6): Metadata CRC error detected at xfs_rmapbt_read_verify+0x50/0xf0, xfs_rmapbt block 0x14 [ 107.103787][ T6470] XFS (loop6): Unmount and run xfs_repair [ 107.104950][ T6470] XFS (loop6): First 128 bytes of corrupted metadata buffer: [ 107.106404][ T6470] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 107.108333][ T6470] 00000010: 00 00 02 00 00 00 00 14 00 00 00 01 00 00 00 80 ................ [ 107.110134][ T6470] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 107.125199][ T6470] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 107.127121][ T6470] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 107.128839][ T6470] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 107.148124][ T6470] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 107.150091][ T6470] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 107.161020][ T515] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x274/0x434" at daddr 0x14 len 4 error 74 [ 107.201191][ T515] XFS (loop6): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x590/0xae8 (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem. [ 107.216915][ T515] XFS (loop6): Please unmount the filesystem and rectify the problem(s) [ 107.237486][T10145] XFS (loop6): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 107.240930][T10145] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 107.783902][T10209] random: crng reseeded on system resumption [ 108.471411][T10244] loop3: detected capacity change from 0 to 2048 [ 108.478111][T10211] loop2: detected capacity change from 0 to 32768 [ 108.480294][T10242] loop6: detected capacity change from 0 to 32768 [ 108.483102][T10211] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1377 (10211) [ 108.491922][T10242] (syz.6.1394,10242,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 108.497757][T10242] (syz.6.1394,10242,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 108.502091][T10211] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 108.504253][T10211] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm [ 108.505927][T10211] BTRFS info (device loop2): using free-space-tree [ 108.510962][T10244] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 108.528201][T10244] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1376) has entry at pos 232 with incorrect tag 0 [ 108.557132][T10242] (syz.6.1394,10242,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 108.566736][T10242] JBD2: Ignoring recovery information on journal [ 108.854281][T10183] loop1: detected capacity change from 0 to 131072 [ 108.879221][T10242] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 108.883842][T10183] F2FS-fs (loop1): QUOTA feature is enabled, so ignore jquota_fmt [ 108.892297][T10183] F2FS-fs (loop1): Found nat_bits in checkpoint [ 108.909295][T10183] F2FS-fs (loop1): Mounted with checkpoint version = 1b41e955 [ 108.957657][ T6431] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 108.979157][T10283] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1402'. [ 108.983436][T10242] (syz.6.1394,10242,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x28030c75. Applying ECC. [ 108.986423][T10242] (syz.6.1394,10242,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x28d1d8ae [ 108.991266][T10242] (syz.6.1394,10242,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 108.993405][T10242] (syz.6.1394,10242,1):ocfs2_quota_read:201 ERROR: status = -5 [ 108.994824][T10242] Quota error (device loop6): find_next_id: Can't read quota tree block 5 [ 108.996622][T10242] (syz.6.1394,10242,1):ocfs2_get_next_id:916 ERROR: status = -5 [ 109.160996][ T9048] ocfs2: Unmounting device (7,6) on (node local) [ 109.325123][T10304] loop3: detected capacity change from 0 to 16 [ 109.336797][T10304] erofs (device loop3): mounted with root inode @ nid 36. [ 109.499977][T10322] SET target dimension over the limit! [ 109.905160][T10346] loop6: detected capacity change from 0 to 2048 [ 109.954538][T10321] loop3: detected capacity change from 0 to 32768 [ 109.968607][T10321] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1420 (10321) [ 109.974872][T10346] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.009480][T10321] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 110.034971][T10321] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 110.036902][T10321] BTRFS info (device loop3): disk space caching is enabled [ 110.038301][T10321] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 110.092266][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.457448][T10398] ieee802154 phy0 wpan0: encryption failed: -22 [ 110.496217][T10321] BTRFS info (device loop3): rebuilding free space tree [ 110.515845][T10321] BTRFS info (device loop3): disabling free space tree [ 110.517292][T10321] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 110.519255][T10321] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 110.520832][ T6437] Bluetooth: hci4: unexpected cc 0x2039 length: 4 > 1 [ 110.639917][T10417] loop1: detected capacity change from 0 to 256 [ 110.768672][T10417] FAT-fs (loop1): Directory bread(block 64) failed [ 110.770224][T10417] FAT-fs (loop1): Directory bread(block 65) failed [ 110.772247][T10417] FAT-fs (loop1): Directory bread(block 66) failed [ 110.773652][T10417] FAT-fs (loop1): Directory bread(block 67) failed [ 110.775036][T10417] FAT-fs (loop1): Directory bread(block 68) failed [ 110.776380][T10417] FAT-fs (loop1): Directory bread(block 69) failed [ 110.777790][T10417] FAT-fs (loop1): Directory bread(block 70) failed [ 110.779155][T10417] FAT-fs (loop1): Directory bread(block 71) failed [ 110.797079][T10417] FAT-fs (loop1): Directory bread(block 72) failed [ 110.798335][T10417] FAT-fs (loop1): Directory bread(block 73) failed [ 110.812705][T10321] BTRFS info (device loop3): balance: start -ssoft,usage=172,vrange=0..18446744073709551615,limit=0,stripes=0..0 [ 110.815112][T10321] BTRFS info (device loop3): balance: ended with status: 0 [ 110.956208][ T6422] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 111.057199][T10444] loop1: detected capacity change from 0 to 1024 [ 111.058903][T10444] EXT4-fs: Ignoring removed oldalloc option [ 111.060133][T10444] EXT4-fs: Ignoring removed nomblk_io_submit option [ 111.147051][T10444] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.269834][T10464] loop2: detected capacity change from 0 to 256 [ 111.298679][T10464] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 111.356743][ T6423] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.532421][T10480] tmpfs: Bad value for 'mpol' [ 111.774481][T10505] xt_TCPMSS: Only works on TCP SYN packets [ 112.011147][T10522] loop3: detected capacity change from 0 to 2048 [ 112.093616][T10530] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 112.114706][T10532] loop5: detected capacity change from 0 to 512 [ 112.130995][T10522] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 112.147033][T10532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.173776][T10522] Remounting filesystem read-only [ 112.194535][T10511] loop1: detected capacity change from 0 to 32768 [ 112.198023][T10511] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1494 (10511) [ 112.248532][T10511] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 112.250746][T10511] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 112.252585][T10511] BTRFS info (device loop1): disk space caching is enabled [ 112.254127][T10511] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 112.278529][ T7113] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.388672][T10511] BTRFS info (device loop1): rebuilding free space tree [ 112.460016][T10511] BTRFS info (device loop1): disabling free space tree [ 112.462867][T10511] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 112.465002][T10511] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 112.504105][T10569] ebt_among: src integrity fail: 100 [ 112.538147][T10511] BTRFS info (device loop1): balance: start -susage=0..3,drange=0..7,limit=0..0 [ 112.540136][T10511] BTRFS info (device loop1): balance: ended with status: 0 [ 112.552384][T10575] loop2: detected capacity change from 0 to 512 [ 112.555037][T10575] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 112.562311][T10575] EXT4-fs (loop2): 1 truncate cleaned up [ 112.564842][T10575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.581799][T10572] ip6t_srh: unknown srh invflags 7D00 [ 112.683421][ T6423] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 112.693409][T10581] libceph: resolve '4' (ret=-3): failed [ 112.709408][ T6431] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.713111][T10584] loop6: detected capacity change from 0 to 8 [ 112.761702][T10584] SQUASHFS error: Failed to read block 0x730: -5 [ 112.774778][T10584] SQUASHFS error: Unable to read metadata cache entry [72e] [ 112.776386][T10584] SQUASHFS error: Unable to read metadata cache entry [72e] [ 112.777804][T10584] SQUASHFS error: Unable to read metadata cache entry [72e] [ 112.779266][T10584] SQUASHFS error: Unable to read metadata cache entry [72e] [ 112.899807][T10592] loop1: detected capacity change from 0 to 1764 [ 113.129415][T10615] loop3: detected capacity change from 0 to 256 [ 113.158883][T10615] FAT-fs (loop3): Directory bread(block 64) failed [ 113.160186][T10615] FAT-fs (loop3): Directory bread(block 65) failed [ 113.175955][T10615] FAT-fs (loop3): Directory bread(block 66) failed [ 113.177410][T10615] FAT-fs (loop3): Directory bread(block 67) failed [ 113.178769][T10615] FAT-fs (loop3): Directory bread(block 68) failed [ 113.180150][T10615] FAT-fs (loop3): Directory bread(block 69) failed [ 113.209523][T10615] FAT-fs (loop3): Directory bread(block 70) failed [ 113.218406][T10615] FAT-fs (loop3): Directory bread(block 71) failed [ 113.219946][T10615] FAT-fs (loop3): Directory bread(block 72) failed [ 113.221370][T10615] FAT-fs (loop3): Directory bread(block 73) failed [ 113.302352][T10628] loop6: detected capacity change from 0 to 1024 [ 113.416909][T10628] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.422774][T10640] loop5: detected capacity change from 0 to 128 [ 113.437100][T10640] FAT-fs (loop5): error, corrupted directory (invalid entries) [ 113.439844][T10640] FAT-fs (loop5): Filesystem has been set read-only [ 113.534400][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.641681][T10657] loop6: detected capacity change from 0 to 16 [ 113.702450][T10657] erofs (device loop6): mounted with root inode @ nid 36. [ 113.750207][T10657] erofs (device loop6): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 113.781409][T10657] erofs (device loop6): failed to decompress -4 in[53, 4043] out[1851] [ 113.783600][T10657] erofs (device loop6): read error -117 @ 43 of nid 36 [ 113.792509][T10671] xt_recent: hitcount (262144) is larger than allowed maximum (65535) [ 114.076076][T10701] netlink: 'syz.6.1574': attribute type 27 has an invalid length. [ 114.077790][T10701] netlink: 'syz.6.1574': attribute type 3 has an invalid length. [ 114.079371][T10701] netlink: 132 bytes leftover after parsing attributes in process `syz.6.1574'. [ 114.581338][T10730] loop5: detected capacity change from 0 to 40427 [ 114.584517][T10707] loop2: detected capacity change from 0 to 32768 [ 114.597073][T10730] F2FS-fs (loop5): Wrong segment_count / block_count (64 > 16384) [ 114.599007][T10730] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 114.619618][T10707] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1577 (10707) [ 114.647318][T10730] F2FS-fs (loop5): Found nat_bits in checkpoint [ 114.729669][T10730] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 114.732536][T10730] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 114.735191][T10707] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 114.740694][T10707] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 114.742649][T10707] BTRFS info (device loop2): disk space caching is enabled [ 114.744277][T10707] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 114.863917][ T7113] syz-executor: attempt to access beyond end of device [ 114.863917][ T7113] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 114.872998][ T7113] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 114.940369][T10707] BTRFS info (device loop2): rebuilding free space tree [ 115.010277][T10707] BTRFS info (device loop2): disabling free space tree [ 115.016169][T10707] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 115.018109][T10707] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 115.083916][T10707] BTRFS info (device loop2): balance: start -susage=0..3,drange=0..7,limit=0..0 [ 115.087252][T10707] BTRFS info (device loop2): balance: ended with status: 0 [ 115.461869][ T6431] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 115.582491][T10818] loop6: detected capacity change from 0 to 164 [ 115.606723][T10818] Unable to read rock-ridge attributes [ 115.838149][T10829] loop6: detected capacity change from 0 to 2048 [ 115.882020][T10838] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 115.945469][T10806] loop3: detected capacity change from 0 to 32768 [ 115.966860][T10840] random: crng reseeded on system resumption [ 116.018422][T10846] loop1: detected capacity change from 0 to 1024 [ 116.429744][T10878] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1630'. [ 116.449328][T10872] loop2: detected capacity change from 0 to 4096 [ 116.543522][T10886] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1634'. [ 116.592802][T10871] loop6: detected capacity change from 0 to 8192 [ 116.733542][T10904] netlink: 'syz.5.1638': attribute type 5 has an invalid length. [ 116.740459][T10871] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 116.750467][T10871] FAT-fs (loop6): Filesystem has been set read-only [ 117.032828][T10917] loop5: detected capacity change from 0 to 32768 [ 117.093865][T10927] kAFS: No cell specified [ 117.105336][T10917] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 117.128503][T10917] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 117.157790][T10917] (syz.5.1647,10917,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=9223372036854775873, rec_len=0, name_len=0 [ 117.161527][T10917] (syz.5.1647,10917,0):ocfs2_prepare_dir_for_insert:4277 ERROR: status = -2 [ 117.163304][T10917] (syz.5.1647,10917,0):ocfs2_mknod:298 ERROR: status = -2 [ 117.164696][T10917] (syz.5.1647,10917,0):ocfs2_mknod:502 ERROR: status = -2 [ 117.166113][T10917] (syz.5.1647,10917,0):ocfs2_mkdir:659 ERROR: status = -2 [ 117.285145][ T7113] ocfs2: Unmounting device (7,5) on (node local) [ 117.323343][T10938] loop1: detected capacity change from 0 to 4096 [ 117.333782][T10938] ntfs3(loop1): It is recommened to use chkdsk. [ 117.342140][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 117.343906][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 117.345453][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 117.390247][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 117.400977][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffc1c00 [ 117.402592][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffc2c00 [ 117.404095][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffc4c00 [ 117.405658][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffc8c00 [ 117.407200][T10938] ntfs3(loop1): try to read out of volume at offset 0x3fffffd0c00 [ 117.524354][T10958] loop5: detected capacity change from 0 to 256 [ 117.602378][T10958] FAT-fs (loop5): Directory bread(block 64) failed [ 117.603938][T10958] FAT-fs (loop5): Directory bread(block 65) failed [ 117.605502][T10958] FAT-fs (loop5): Directory bread(block 66) failed [ 117.606938][T10958] FAT-fs (loop5): Directory bread(block 67) failed [ 117.639723][T10958] FAT-fs (loop5): Directory bread(block 68) failed [ 117.674729][T10940] loop6: detected capacity change from 0 to 32768 [ 117.677469][T10958] FAT-fs (loop5): Directory bread(block 69) failed [ 117.678957][T10958] FAT-fs (loop5): Directory bread(block 70) failed [ 117.680520][T10958] FAT-fs (loop5): Directory bread(block 71) failed [ 117.682035][T10958] FAT-fs (loop5): Directory bread(block 72) failed [ 117.683385][T10958] FAT-fs (loop5): Directory bread(block 73) failed [ 117.703142][T10940] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1654 (10940) [ 117.745241][T10940] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 117.747429][T10940] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm [ 117.749260][T10940] BTRFS info (device loop6): disk space caching is enabled [ 117.750868][T10940] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 117.837260][T10940] BTRFS info (device loop6): rebuilding free space tree [ 117.891081][T10940] BTRFS info (device loop6): disabling free space tree [ 117.892900][T10940] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 117.894980][T10940] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 118.038444][T11015] netlink: 260 bytes leftover after parsing attributes in process `syz.5.1672'. [ 118.103265][ T9048] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 118.235340][T11035] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1681'. [ 118.423096][T11052] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1687'. [ 118.425052][T11052] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1687'. [ 119.250983][T11127] netlink: 'syz.3.1718': attribute type 1 has an invalid length. [ 119.346617][T11133] loop1: detected capacity change from 0 to 2048 [ 119.347232][T11138] loop6: detected capacity change from 0 to 256 [ 119.358963][T11133] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 119.445100][T11143] loop3: detected capacity change from 0 to 764 [ 119.455268][T11138] FAT-fs (loop6): Directory bread(block 64) failed [ 119.456839][T11138] FAT-fs (loop6): Directory bread(block 65) failed [ 119.458214][T11138] FAT-fs (loop6): Directory bread(block 66) failed [ 119.459500][T11138] FAT-fs (loop6): Directory bread(block 67) failed [ 119.482787][T11138] FAT-fs (loop6): Directory bread(block 68) failed [ 119.484117][T11138] FAT-fs (loop6): Directory bread(block 69) failed [ 119.485474][T11138] FAT-fs (loop6): Directory bread(block 70) failed [ 119.494731][T11138] FAT-fs (loop6): Directory bread(block 71) failed [ 119.496229][T11138] FAT-fs (loop6): Directory bread(block 72) failed [ 119.497587][T11138] FAT-fs (loop6): Directory bread(block 73) failed [ 119.613152][T11155] netlink: 'syz.1.1731': attribute type 10 has an invalid length. [ 119.627328][T11155] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.628958][T11155] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.674543][T11155] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.676051][T11155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.677556][T11155] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.679006][T11155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.708577][T11155] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 119.869963][T11171] @: renamed from vlan0 (while UP) [ 120.092203][T11190] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1750'. [ 120.094098][T11190] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1750'. [ 120.099603][T11190] netlink: 'syz.6.1750': attribute type 6 has an invalid length. [ 120.106827][T11191] netlink: 'syz.1.1749': attribute type 4 has an invalid length. [ 120.205143][T11199] overlayfs: conflicting options: userxattr,metacopy=on [ 120.406273][T11219] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1764'. [ 120.494319][T11221] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1765'. [ 120.666995][T11233] loop1: detected capacity change from 0 to 512 [ 120.694976][T11233] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.1770: casefold flag without casefold feature [ 120.710762][T11233] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.1770: couldn't read orphan inode 15 (err -117) [ 120.718039][T11206] loop3: detected capacity change from 0 to 32768 [ 120.724891][T11206] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1757 (11206) [ 120.734249][T11233] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.782888][T11206] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 120.785018][T11206] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm [ 120.786655][T11206] BTRFS info (device loop3): using free-space-tree [ 120.821996][T11213] loop2: detected capacity change from 0 to 32768 [ 120.825212][T11213] BTRFS: device /dev/loop2 (7:2) using temp-fsid a7eb07e9-d96a-47fe-97b7-ec12fb10368a [ 120.827374][T11213] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1759 (11213) [ 120.836826][ T6423] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.840082][T11213] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 120.847573][T11213] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm [ 120.851248][T11213] BTRFS info (device loop2): using free-space-tree [ 120.910037][T11269] netlink: 'syz.1.1776': attribute type 7 has an invalid length. [ 120.953059][ T6422] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 120.992631][T11282] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1780'. [ 121.082112][T11288] loop5: detected capacity change from 0 to 2048 [ 121.107648][T11288] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 121.113716][ T6431] BTRFS info (device loop2): last unmount of filesystem a7eb07e9-d96a-47fe-97b7-ec12fb10368a [ 121.167724][T11288] syz.5.1784: attempt to access beyond end of device [ 121.167724][T11288] loop5: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 121.173590][T11295] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 121.215468][T11288] NILFS error (device loop5): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0 [ 121.226279][T11302] netlink: 'syz.3.1779': attribute type 11 has an invalid length. [ 121.227991][T11302] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1779'. [ 121.735688][T11342] loop5: detected capacity change from 0 to 2048 [ 121.770893][T11346] tmpfs: Bad value for 'mpol' [ 121.787426][T11342] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found! [ 121.853687][T11342] UDF-fs: unknown compression code (0) [ 121.964231][T11359] trusted_key: encrypted_key: hex blob is missing [ 121.966312][T11310] loop2: detected capacity change from 0 to 32768 [ 122.043440][T11310] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 122.162440][T11310] XFS (loop2): Ending clean mount [ 122.164688][T11310] XFS (loop2): Quotacheck needed: Please wait. [ 122.200430][T11385] loop3: detected capacity change from 0 to 256 [ 122.240077][T11310] XFS (loop2): Quotacheck: Done. [ 122.333665][T11390] loop1: detected capacity change from 0 to 1764 [ 122.381995][ T6431] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 122.496414][T11404] loop5: detected capacity change from 0 to 24 [ 122.499360][T11404] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 122.540316][T11404] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 122.810902][T11426] netlink: 'syz.1.1838': attribute type 3 has an invalid length. [ 122.940860][T11438] netlink: 'syz.3.1843': attribute type 3 has an invalid length. [ 122.942480][T11438] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1843'. [ 122.944196][T11377] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 122.951242][T11377] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 123.100827][T11446] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1845'. [ 123.145416][T11377] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 123.150492][T11377] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 123.290799][T11461] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1851'. [ 123.292794][T11461] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1851'. [ 123.434134][T11416] loop2: detected capacity change from 0 to 40427 [ 123.449695][T11416] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 123.459846][T11416] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 123.501280][T11416] F2FS-fs (loop2): Found nat_bits in checkpoint [ 123.543192][T11416] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 123.580204][T11416] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 123.585700][T11416] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 123.759267][T11463] loop1: detected capacity change from 0 to 32768 [ 123.773161][T11463] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1850 (11463) [ 123.814655][T11463] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 123.816814][T11463] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 123.818505][T11463] BTRFS info (device loop1): using free-space-tree [ 123.987816][T11512] loop3: detected capacity change from 0 to 2048 [ 123.996431][T11512] EXT4-fs: Ignoring removed mblk_io_submit option [ 124.026913][T11512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.039551][ T6423] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 124.094586][T11512] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1860: bg 0: block 234: padding at end of block bitmap is not set [ 124.133268][T11512] EXT4-fs (loop3): Remounting filesystem read-only [ 124.223205][T11489] loop5: detected capacity change from 0 to 32768 [ 124.226016][ T6422] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.226544][T11377] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 124.229120][T11377] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 124.273690][T11489] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 124.308137][T11489] XFS (loop5): Ending clean mount [ 124.355680][T11538] loop3: detected capacity change from 0 to 1024 [ 124.357566][ T7113] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 124.552175][ T42] hfsplus: b-tree write err: -5, ino 4 [ 124.625925][T11562] netlink: 'syz.3.1871': attribute type 3 has an invalid length. [ 124.725881][T11377] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 124.727095][T11377] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 124.834824][T11572] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 124.836576][T11572] IPv6: NLM_F_CREATE should be set when creating new route [ 125.087514][T11583] loop1: detected capacity change from 0 to 8192 [ 125.221959][T11593] xt_cluster: node mask cannot exceed total number of nodes [ 125.274945][T11571] loop3: detected capacity change from 0 to 32768 [ 125.276869][T11571] btrfs: Deprecated parameter 'usebackuproot' [ 125.278021][T11571] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 125.290171][T11571] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1877 (11571) [ 125.326970][T11571] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 125.329002][T11571] BTRFS info (device loop3): using crc32c (crc32c-arm64) checksum algorithm [ 125.334687][T11571] BTRFS info (device loop3): using free-space-tree [ 125.406080][T11621] __nla_validate_parse: 3 callbacks suppressed [ 125.406098][T11621] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1889'. [ 125.409329][T11571] BTRFS info (device loop3): rebuilding free space tree [ 125.538618][T11571] process 'syz.3.1877' launched './file2' with NULL argv: empty string added [ 125.791229][ T6422] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 125.917328][T11656] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1900'. [ 125.923860][ T2349] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.925228][ T2349] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.068085][T11663] loop6: detected capacity change from 0 to 2048 [ 126.069219][T11622] loop1: detected capacity change from 0 to 40427 [ 126.096049][T11622] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 126.097723][T11622] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 126.106834][T11663] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 126.114729][T11622] F2FS-fs (loop1): invalid crc value [ 126.116755][T11670] loop2: detected capacity change from 0 to 512 [ 126.120023][T11622] F2FS-fs (loop1): Found nat_bits in checkpoint [ 126.133333][T11670] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 126.166435][T11670] EXT4-fs (loop2): orphan cleanup on readonly fs [ 126.175311][T11622] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 126.176860][T11622] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 126.178841][T11677] netlink: 400 bytes leftover after parsing attributes in process `syz.5.1907'. [ 126.200762][T11677] netlink: 192 bytes leftover after parsing attributes in process `syz.5.1907'. [ 126.222522][T11670] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1905: bg 0: block 248: padding at end of block bitmap is not set [ 126.265227][T11670] Quota error (device loop2): write_blk: dquota write failed [ 126.266850][T11670] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 126.268788][T11670] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.1905: Failed to acquire dquot type 1 [ 126.322547][T11670] EXT4-fs (loop2): 1 truncate cleaned up [ 126.327389][T11670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 126.358101][T11670] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 126.430793][T11670] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 126.457921][T11670] EXT4-fs error (device loop2): __ext4_remount:6749: comm syz.2.1905: Abort forced by user [ 126.460290][T11670] EXT4-fs (loop2): Remounting filesystem read-only [ 126.477351][T11670] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 126.523729][T11695] loop6: detected capacity change from 0 to 512 [ 126.525455][T11695] EXT4-fs: Ignoring removed nobh option [ 126.544864][T11695] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -13 [ 126.549668][ T6431] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.570661][T11695] EXT4-fs error (device loop6): ext4_clear_blocks:876: inode #13: comm syz.6.1914: attempt to clear invalid blocks 2 len 1 [ 126.594968][T11695] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 126.637913][T11684] loop3: detected capacity change from 0 to 32768 [ 126.639750][T11684] XFS: noikeep mount option is deprecated. [ 126.643152][T11695] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1914: invalid indirect mapped block 1819239214 (level 0) [ 126.713746][T11684] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 126.722644][T11695] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1914: invalid indirect mapped block 1819239214 (level 1) [ 126.780125][T11695] EXT4-fs (loop6): 1 truncate cleaned up [ 126.783708][T11695] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.967419][T11684] XFS (loop3): Ending clean mount [ 126.969567][T11684] XFS (loop3): Quotacheck needed: Please wait. [ 126.980849][T11720] loop5: detected capacity change from 0 to 32768 [ 127.028875][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.051530][T11726] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 127.099547][T11684] XFS (loop3): Quotacheck: Done. [ 127.186977][ T6422] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 127.213281][T11737] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1931'. [ 127.376661][T11743] loop1: detected capacity change from 0 to 512 [ 127.461769][T11743] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.494606][T11750] No such timeout policy "syz1" [ 127.622230][T11756] loop3: detected capacity change from 0 to 128 [ 127.629627][ T6423] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.651575][T11756] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 127.831182][T11763] netlink: 1010 bytes leftover after parsing attributes in process `syz.1.1942'. [ 127.850848][T11763] bridge: RTM_NEWNEIGH with invalid state 0x1 [ 127.858832][T11744] loop2: detected capacity change from 0 to 32768 [ 127.899311][T11744] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 128.042619][T11744] XFS (loop2): Ending clean mount [ 128.075856][T11744] XFS (loop2): Quotacheck needed: Please wait. [ 128.145475][T11744] XFS (loop2): Quotacheck: Done. [ 128.171701][T11791] loop3: detected capacity change from 0 to 4096 [ 128.181752][T11791] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 128.261175][ T6431] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 128.299674][T11794] netlink: 'syz.5.1952': attribute type 11 has an invalid length. [ 128.301776][T11791] ntfs3(loop3): failed to convert "c46c" to cp1250 [ 128.307368][T11794] netlink: 140 bytes leftover after parsing attributes in process `syz.5.1952'. [ 128.599945][T11730] loop6: detected capacity change from 0 to 131072 [ 128.636190][T11730] F2FS-fs (loop6): Found nat_bits in checkpoint [ 128.675153][T11730] F2FS-fs (loop6): Mounted with checkpoint version = 753bd00b [ 128.809401][T11827] loop2: detected capacity change from 0 to 164 [ 129.268098][T11861] syz.3.1985 uses old SIOCAX25GETINFO [ 129.359210][T11871] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1990'. [ 129.363621][T11871] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1990'. [ 129.821412][T11904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 129.823466][T11904] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 129.861605][T11909] netlink: 'syz.5.2008': attribute type 15 has an invalid length. [ 129.863217][T11909] netlink: 25 bytes leftover after parsing attributes in process `syz.5.2008'. [ 129.907351][T11913] cgroup: noprefix used incorrectly [ 130.047327][T11927] trusted_key: encrypted_key: keylen parameter is missing [ 130.103042][T11930] trusted_key: encrypted_key: master key parameter '' is invalid [ 130.342810][T11945] xt_socket: unknown flags 0x50 [ 130.448432][T11917] loop5: detected capacity change from 0 to 32768 [ 130.450203][T11917] XFS: ikeep mount option is deprecated. [ 130.455487][T11917] XFS: noikeep mount option is deprecated. [ 130.498199][T11917] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 130.577046][T11917] XFS (loop5): Ending clean mount [ 130.591372][T11917] XFS (loop5): Quotacheck needed: Please wait. [ 130.678615][T11917] XFS (loop5): Quotacheck: Done. [ 130.707946][T11939] loop2: detected capacity change from 0 to 32768 [ 130.720306][T11939] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2022 (11939) [ 130.740100][T11939] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 130.746528][T11939] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm [ 130.748252][T11939] BTRFS info (device loop2): using free-space-tree [ 130.764690][ T7113] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 130.976755][T11958] loop6: detected capacity change from 0 to 32768 [ 130.983856][ T6431] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 131.000434][T11991] loop3: detected capacity change from 0 to 8192 [ 131.026372][T11958] loop6: detected capacity change from 0 to 16 [ 131.028748][T11958] erofs: Unknown parameter 'discard' [ 131.153868][T12004] overlayfs: empty lowerdir [ 131.190862][T12005] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2045'. [ 131.205282][T12005] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2045'. [ 131.992090][T12050] loop3: detected capacity change from 0 to 1764 [ 132.004183][T12052] netlink: 'syz.5.2066': attribute type 21 has an invalid length. [ 132.015956][T12052] netlink: 160 bytes leftover after parsing attributes in process `syz.5.2066'. [ 132.023749][T12050] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 132.029168][T12050] CIFS mount error: No usable UNC path provided in device string! [ 132.029168][T12050] [ 132.052045][T12050] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 132.062131][T12026] loop6: detected capacity change from 0 to 32768 [ 132.071785][T12026] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2055 (12026) [ 132.100722][T12026] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 132.102814][T12026] BTRFS info (device loop6): using sha256 (sha256-ce) checksum algorithm [ 132.104491][T12026] BTRFS info (device loop6): using free-space-tree [ 132.436960][T12087] netlink: 'syz.2.2077': attribute type 10 has an invalid length. [ 132.438608][T12087] netlink: 55 bytes leftover after parsing attributes in process `syz.2.2077'. [ 132.540503][T12096] netlink: 'syz.5.2080': attribute type 1 has an invalid length. [ 132.551038][ T9048] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 132.714807][T12038] kexec: Could not allocate control_code_buffer [ 133.134225][T12131] loop5: detected capacity change from 0 to 4096 [ 133.149163][T12131] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 133.239884][T12131] ntfs3(loop5): ino=5, "/" attr_set_size [ 133.244285][T12131] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 133.464938][T12151] loop1: detected capacity change from 0 to 128 [ 133.505159][T12151] sysv_free_block: flc_count > flc_size [ 133.506636][T12151] sysv_free_block: flc_count > flc_size [ 133.507724][T12151] sysv_free_block: flc_count > flc_size [ 133.508773][T12151] sysv_free_block: flc_count > flc_size [ 133.509855][T12151] sysv_free_block: flc_count > flc_size [ 133.511263][T12151] sysv_free_block: flc_count > flc_size [ 133.513600][T12151] sysv_free_block: flc_count > flc_size [ 133.516936][T12151] sysv_free_block: flc_count > flc_size [ 133.518023][T12151] sysv_free_block: flc_count > flc_size [ 133.519102][T12151] sysv_free_block: flc_count > flc_size [ 133.520724][T12166] netlink: 'syz.6.2115': attribute type 21 has an invalid length. [ 133.524473][T12168] loop5: detected capacity change from 0 to 164 [ 133.526129][T12151] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 133.531136][T12166] netlink: 128 bytes leftover after parsing attributes in process `syz.6.2115'. [ 133.533253][T12166] netlink: 35 bytes leftover after parsing attributes in process `syz.6.2115'. [ 133.632762][T12171] loop2: detected capacity change from 0 to 2048 [ 133.725582][T12171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.783973][T12186] netlink: 'syz.3.2123': attribute type 1 has an invalid length. [ 133.786865][T12186] netlink: 'syz.3.2123': attribute type 3 has an invalid length. [ 133.788479][T12186] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2123'. [ 133.812425][ T6431] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.051233][T12211] loop3: detected capacity change from 0 to 512 [ 134.054985][T12211] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 134.101682][T12211] syz.3.2134: attempt to access beyond end of device [ 134.101682][T12211] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 134.123931][T12211] XFS (nbd3): SB validate failed with error -5. [ 134.225171][T12228] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 134.266076][T12231] loop5: detected capacity change from 0 to 128 [ 134.269399][T12231] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 134.403809][T12244] loop1: detected capacity change from 0 to 256 [ 134.432236][T12244] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 134.437126][T12244] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 134.437835][T12248] loop2: detected capacity change from 0 to 64 [ 134.445476][T12244] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 134.594177][T12257] xt_TPROXY: Can be used only with -p tcp or -p udp [ 134.603378][T12254] loop6: detected capacity change from 0 to 4096 [ 134.640443][T12254] NILFS (loop6): invalid segment: Inconsistency found [ 134.644955][T12254] NILFS (loop6): trying rollback from an earlier position [ 134.672034][T12254] NILFS (loop6): recovery complete [ 134.674140][T12262] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 134.721611][T12264] random: crng reseeded on system resumption [ 134.740497][T12266] Zero length message leads to an empty skb [ 134.814775][T12271] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2161'. [ 134.817263][T12271] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 135.069438][T12252] loop5: detected capacity change from 0 to 32768 [ 135.099545][T12294] netlink: 'syz.3.2168': attribute type 21 has an invalid length. [ 135.108033][T12294] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2168'. [ 135.110967][T12252] JBD2: Ignoring recovery information on journal [ 135.143136][T12252] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 135.180408][T12252] OCFS2: ERROR (device loop5): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total [ 135.240808][T12252] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 135.242766][T12252] OCFS2: Returning error to the calling process. [ 135.244014][T12252] (syz.5.2153,12252,0):ocfs2_claim_suballoc_bits:2038 ERROR: status = -5 [ 135.245680][T12252] (syz.5.2153,12252,0):__ocfs2_claim_clusters:2412 ERROR: status = -5 [ 135.247201][T12252] (syz.5.2153,12252,0):__ocfs2_claim_clusters:2420 ERROR: status = -5 [ 135.283193][T12252] (syz.5.2153,12252,1):ocfs2_block_group_alloc_contig:437 ERROR: status = -5 [ 135.285608][T12252] (syz.5.2153,12252,1):ocfs2_block_group_alloc:709 ERROR: status = -5 [ 135.287521][T12252] (syz.5.2153,12252,1):ocfs2_block_group_alloc:762 ERROR: status = -5 [ 135.291374][T12252] (syz.5.2153,12252,1):ocfs2_reserve_suballoc_bits:837 ERROR: status = -5 [ 135.293470][T12252] (syz.5.2153,12252,1):ocfs2_reserve_suballoc_bits:854 ERROR: status = -5 [ 135.300800][T12252] (syz.5.2153,12252,1):ocfs2_reserve_new_metadata_blocks:994 ERROR: status = -5 [ 135.335350][T12311] netlink: 'syz.3.2180': attribute type 21 has an invalid length. [ 135.336916][T12311] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2180'. [ 135.338721][T12311] netlink: 'syz.3.2180': attribute type 4 has an invalid length. [ 135.340317][T12311] netlink: 'syz.3.2180': attribute type 5 has an invalid length. [ 135.416773][T12252] (syz.5.2153,12252,0):ocfs2_reserve_new_metadata_blocks:1017 ERROR: status = -5 [ 135.422640][T12252] (syz.5.2153,12252,0):ocfs2_mknod:350 ERROR: status = -5 [ 135.428095][T12252] (syz.5.2153,12252,0):ocfs2_mknod:502 ERROR: status = -5 [ 135.428112][T12302] loop1: detected capacity change from 0 to 32768 [ 135.429537][T12252] (syz.5.2153,12252,0):ocfs2_mkdir:659 ERROR: status = -5 [ 135.478187][T12292] loop2: detected capacity change from 0 to 32768 [ 135.489673][T12302] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2176 (12302) [ 135.498251][T12314] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 135.507020][T12292] BTRFS: device /dev/loop2 (7:2) using temp-fsid 9d7de9b0-df73-48ef-a256-949e6928f099 [ 135.509056][T12292] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2174 (12292) [ 135.516019][T12302] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 135.518118][T12302] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 135.520493][T12302] BTRFS info (device loop1): using free-space-tree [ 135.523943][ T7113] ocfs2: Unmounting device (7,5) on (node local) [ 135.611477][T12292] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 135.613576][T12292] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm [ 135.615238][T12292] BTRFS info (device loop2): using free-space-tree [ 135.646110][T12333] loop5: detected capacity change from 0 to 256 [ 135.656008][T12333] exfat: Deprecated parameter 'namecase' [ 135.657191][T12333] exfat: Deprecated parameter 'namecase' [ 135.659532][T12333] exfat: Deprecated parameter 'namecase' [ 135.679564][T12333] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x079995a4, utbl_chksum : 0xe619d30d) [ 135.807661][T12360] netlink: 'syz.3.2189': attribute type 1 has an invalid length. [ 135.825119][ T6423] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 135.860841][ T6431] BTRFS info (device loop2): last unmount of filesystem 9d7de9b0-df73-48ef-a256-949e6928f099 [ 136.370784][T12398] __nla_validate_parse: 4 callbacks suppressed [ 136.370802][T12398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2205'. [ 136.520522][T12406] SET target dimension over the limit! [ 136.540472][T12370] loop2: detected capacity change from 0 to 32768 [ 136.542761][T12370] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2193 (12370) [ 136.597885][T12370] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 136.599994][T12370] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm [ 136.610699][T12370] BTRFS info (device loop2): using free-space-tree [ 136.695288][T12424] bond0: (slave netdevsim0): Error: Device can not be enslaved while up [ 136.789788][T12392] loop6: detected capacity change from 0 to 32768 [ 136.832637][T12431] loop3: detected capacity change from 0 to 4096 [ 136.860444][ T6431] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 136.869309][T12431] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 136.883948][T12439] netlink: 'syz.1.2217': attribute type 2 has an invalid length. [ 136.924576][T12431] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 137.033789][T12446] netlink: 'syz.6.2224': attribute type 6 has an invalid length. [ 137.035332][T12446] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2224'. [ 137.151924][T12457] loop1: detected capacity change from 0 to 16 [ 137.153679][T12457] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 137.315675][T12469] loop5: detected capacity change from 0 to 1024 [ 137.376401][T12469] hfsplus: can't free extent [ 137.450130][T12479] netlink: 'syz.2.2239': attribute type 1 has an invalid length. [ 137.465956][T12479] netlink: 'syz.2.2239': attribute type 2 has an invalid length. [ 137.628636][T12495] netlink: 'syz.6.2247': attribute type 3 has an invalid length. [ 137.633626][T12495] netlink: 132 bytes leftover after parsing attributes in process `syz.6.2247'. [ 137.736190][T12506] loop3: detected capacity change from 0 to 128 [ 137.794043][T12506] syz.3.2250: attempt to access beyond end of device [ 137.794043][T12506] loop3: rw=3, sector=1179746, nr_sectors = 6 limit=128 [ 137.797135][T12506] syz.3.2250: attempt to access beyond end of device [ 137.797135][T12506] loop3: rw=2051, sector=1179752, nr_sectors = 2 limit=128 [ 138.058202][T12533] xt_TCPMSS: Only works on TCP SYN packets [ 138.239072][T12532] loop6: detected capacity change from 0 to 32768 [ 138.247280][T12532] (syz.6.2264,12532,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 138.260733][T12532] (syz.6.2264,12532,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 138.378152][T12532] JBD2: Ignoring recovery information on journal [ 138.431988][T12541] loop5: detected capacity change from 0 to 32768 [ 138.484969][T12541] (syz.5.2269,12541,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 138.487957][T12541] (syz.5.2269,12541,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 138.501447][T12532] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 138.532054][T12541] debugfs: Directory '9357E9D751824C228242B9B0D0FB6750' with parent 'ocfs2' already present! [ 138.536662][T12541] JBD2: Ignoring recovery information on journal [ 138.559019][T12558] loop2: detected capacity change from 0 to 256 [ 138.659275][ T9048] ocfs2: Unmounting device (7,6) on (node local) [ 138.731466][T12541] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 138.868593][T12563] loop3: detected capacity change from 0 to 32768 [ 138.870387][T12563] btrfs: Deprecated parameter 'usebackuproot' [ 138.876041][T12563] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 138.881971][T12563] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2278 (12563) [ 138.921666][T12563] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 138.924015][T12563] BTRFS info (device loop3): using crc32c (crc32c-arm64) checksum algorithm [ 138.925906][T12563] BTRFS info (device loop3): disk space caching is enabled [ 138.927405][T12563] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 138.986279][ T7113] ocfs2: Unmounting device (7,5) on (node local) [ 139.190199][T12605] netlink: 124 bytes leftover after parsing attributes in process `syz.5.2286'. [ 139.239443][ T6422] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 139.349398][T12608] loop6: detected capacity change from 0 to 32768 [ 139.357617][T12608] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2292 (12608) [ 139.387081][T12608] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 139.389206][T12608] BTRFS info (device loop6): using sha256 (sha256-ce) checksum algorithm [ 139.391233][T12608] BTRFS info (device loop6): using free-space-tree [ 139.430650][T12622] bridge1: entered allmulticast mode [ 139.557919][T12630] xt_hashlimit: overflow, try lower: 35184372088832/511 [ 139.628326][T12635] loop5: detected capacity change from 0 to 512 [ 139.669179][T12635] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.863660][ T7113] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.899320][T12638] loop1: detected capacity change from 0 to 32768 [ 139.901605][T12638] XFS (loop1): Invalid device [./file0], error=-16 [ 140.120769][ T9048] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 140.163848][T12678] netlink: 830 bytes leftover after parsing attributes in process `syz.5.2318'. [ 140.205894][T12681] loop1: detected capacity change from 0 to 1024 [ 140.271896][T12686] loop3: detected capacity change from 0 to 1024 [ 140.374591][ T6422] hfsplus: bad catalog entry type [ 140.458125][T12697] tmpfs: Bad value for 'mpol' [ 140.586242][T12709] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2333'. [ 140.596948][ T206] hfsplus: b-tree write err: -5, ino 4 [ 141.015647][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 141.021704][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 141.026136][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 141.029074][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 141.031430][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 141.033128][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 141.044230][ T6437] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 141.049461][ T6437] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 141.053862][ T6437] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 141.055934][ T6437] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 141.057683][ T6437] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 141.059366][ T6437] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 141.136267][ T44] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.372422][T12766] loop2: detected capacity change from 0 to 128 [ 141.475159][T12776] loop5: detected capacity change from 0 to 64 [ 141.567411][T12783] syz.1.2368 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 141.624411][ T44] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.701537][T12732] lo speed is unknown, defaulting to 1000 [ 141.822259][ T44] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.961785][ T44] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.055151][T12801] loop5: detected capacity change from 0 to 32768 [ 142.207301][T12732] chnl_net:caif_netlink_parms(): no params data found [ 142.273125][T12808] loop2: detected capacity change from 0 to 32768 [ 142.275304][T12808] btrfs: Deprecated parameter 'usebackuproot' [ 142.276681][T12808] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 142.301008][T12808] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2378 (12808) [ 142.320428][ T44] bridge_slave_1: left allmulticast mode [ 142.321786][ T44] bridge_slave_1: left promiscuous mode [ 142.323134][ T44] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.348709][T12808] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 142.350934][T12808] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 142.352853][T12808] BTRFS info (device loop2): disk space caching is enabled [ 142.354174][T12808] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 142.363459][ T44] bridge_slave_0: left allmulticast mode [ 142.364791][ T44] bridge_slave_0: left promiscuous mode [ 142.366045][ T44] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.452436][ T11] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xab36da95f7d629ca8cc302fd0fd3c25f2e0c358a27b6cae5b3699304a6c15a5c level 0 [ 142.453054][T12842] ebt_among: src integrity fail: 30a [ 142.457688][T12808] BTRFS error (device loop2): failed to load root extent [ 142.460009][T12808] BTRFS warning (device loop2): try to load backup roots slot 1 [ 142.608043][ T6431] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 143.120753][ T53] Bluetooth: hci0: command tx timeout [ 143.454754][T12890] loop2: detected capacity change from 0 to 32768 [ 143.512591][ T44] team0: Port device bridge0 removed [ 144.374141][ T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 144.417108][ T44] bond0 (unregistering): Released all slaves [ 144.430612][T12857] validate_nla: 1 callbacks suppressed [ 144.430636][T12857] netlink: 'syz.5.2393': attribute type 7 has an invalid length. [ 144.684032][T12732] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.685607][T12732] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.687159][T12732] bridge_slave_0: entered allmulticast mode [ 144.701218][T12732] bridge_slave_0: entered promiscuous mode [ 144.703569][T12732] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.705016][T12732] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.706560][T12732] bridge_slave_1: entered allmulticast mode [ 144.708381][T12732] bridge_slave_1: entered promiscuous mode [ 144.852754][T12732] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 144.856427][T12732] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 144.896007][T12902] loop5: detected capacity change from 0 to 32768 [ 144.899343][T12902] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2410 (12902) [ 144.914388][T12902] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 144.916659][T12902] BTRFS info (device loop5): using sha256 (sha256-ce) checksum algorithm [ 144.918419][T12902] BTRFS info (device loop5): using free-space-tree [ 145.024231][T12948] loop2: detected capacity change from 0 to 256 [ 145.172605][T12732] team0: Port device team_slave_0 added [ 145.175285][T12732] team0: Port device team_slave_1 added [ 145.210719][ T53] Bluetooth: hci0: command tx timeout [ 145.235218][T12965] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2427'. [ 145.235613][ T7113] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 145.353465][T12732] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 145.357471][T12732] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.404464][T12732] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 145.475080][T12970] loop2: detected capacity change from 0 to 32768 [ 145.479448][T12732] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 145.498428][T12732] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.516813][T12732] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 145.781852][T12985] loop1: detected capacity change from 0 to 32768 [ 145.860236][ T44] hsr_slave_0: left promiscuous mode [ 145.879100][T12993] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2439'. [ 145.939955][ T44] hsr_slave_1: left promiscuous mode [ 146.027268][T12985] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=gzip,erasure_code,norecovery,nojournal_transaction_names,reconstruct_alloc [ 146.033661][T12985] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 146.035604][T12982] loop2: detected capacity change from 0 to 32768 [ 146.038146][T12985] bcachefs (loop1): Version upgrade required: [ 146.038146][T12985] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 146.038146][T12985] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 146.038146][T12985] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 146.063957][T12985] bcachefs (loop1): dropping and reconstructing all alloc info [ 146.074177][T12985] bcachefs (loop1): accounting_read... [ 146.081010][ T44] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.083761][ T44] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 146.095532][T12982] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 146.105703][ T44] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.107299][ T44] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 146.111185][T12985] done [ 146.111883][T12985] bcachefs (loop1): alloc_read... done [ 146.113132][T12985] bcachefs (loop1): stripes_read... done [ 146.114264][T12985] bcachefs (loop1): snapshots_read... done [ 146.115538][T12985] bcachefs (loop1): check_allocations... [ 146.129485][T13019] loop5: detected capacity change from 0 to 64 [ 146.168402][ T44] veth1_macvtap: left promiscuous mode [ 146.168471][ T44] veth0_macvtap: left promiscuous mode [ 146.168536][ T44] veth1_vlan: left promiscuous mode [ 146.188407][T12985] done [ 146.213629][T12982] XFS (loop2): Ending clean mount [ 146.233650][T12985] bcachefs (loop1): going read-write [ 146.266750][T12985] bcachefs (loop1): done starting filesystem [ 146.293724][ T6431] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 146.453366][ T6423] bcachefs (loop1): shutting down [ 146.454493][ T6423] bcachefs (loop1): going read-only [ 146.455500][ T6423] bcachefs (loop1): finished waiting for writes to stop [ 146.481684][ T6423] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10 [ 146.483596][ T6423] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10 [ 146.505959][ T6423] bcachefs (loop1): unshutdown complete, journal seq 11 [ 146.507861][ T6423] bcachefs (loop1): done going read-only, filesystem not clean [ 146.547157][ T6423] bcachefs (loop1): shutdown complete [ 146.689928][T13033] loop2: detected capacity change from 0 to 4096 [ 146.884337][T13039] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 146.886227][T13039] overlayfs: missing 'lowerdir' [ 147.280627][ T53] Bluetooth: hci0: command tx timeout [ 148.166041][ T44] team0 (unregistering): Port device team_slave_1 removed [ 148.344128][ T44] team0 (unregistering): Port device team_slave_0 removed [ 149.370731][ T53] Bluetooth: hci0: command tx timeout [ 150.423615][T12732] hsr_slave_0: entered promiscuous mode [ 150.450975][T12732] hsr_slave_1: entered promiscuous mode [ 150.501108][T12732] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 150.502771][T12732] Cannot create hsr debugfs directory [ 150.574086][T13051] netlink: 'syz.6.2459': attribute type 12 has an invalid length. [ 150.575788][T13051] netlink: 132 bytes leftover after parsing attributes in process `syz.6.2459'. [ 150.637801][T13061] xt_TPROXY: Can be used only with -p tcp or -p udp [ 150.668965][T13063] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2466'. [ 150.703670][T13067] netlink: 504 bytes leftover after parsing attributes in process `syz.5.2467'. [ 150.714691][T13057] loop2: detected capacity change from 0 to 4096 [ 150.739793][T13068] loop6: detected capacity change from 0 to 512 [ 150.751244][T13068] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 150.766513][T13068] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 150.768272][T13068] System zones: 1-12 [ 150.769225][T13068] EXT4-fs (loop6): orphan cleanup on readonly fs [ 150.845540][T13079] loop5: detected capacity change from 0 to 256 [ 150.922699][T13068] EXT4-fs error (device loop6): ext4_clear_blocks:876: inode #11: comm syz.6.2465: attempt to clear invalid blocks 1024 len 1 [ 150.950019][T13068] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2465: bg 0: block 361: padding at end of block bitmap is not set [ 150.975077][T13068] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 150.992456][T13068] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.2465: invalid indirect mapped block 1811939328 (level 0) [ 151.000926][T12732] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 151.009516][T13068] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.2465: invalid indirect mapped block 2 (level 2) [ 151.022815][T13068] EXT4-fs (loop6): 1 truncate cleaned up [ 151.024397][T13068] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 151.033593][T12732] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 151.058739][T12732] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 151.070175][T12732] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 151.151319][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 151.217996][T13105] loop2: detected capacity change from 0 to 256 [ 151.287653][T12732] 8021q: adding VLAN 0 to HW filter on device bond0 [ 151.322767][T12732] 8021q: adding VLAN 0 to HW filter on device team0 [ 151.331363][ T142] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.332983][ T142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 151.426010][ T515] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.427784][ T515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 151.793643][T12732] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 152.099829][T12732] veth0_vlan: entered promiscuous mode [ 152.118958][T12732] veth1_vlan: entered promiscuous mode [ 152.162044][T13180] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2505'. [ 152.163854][T13180] netlink: 74 bytes leftover after parsing attributes in process `syz.2.2505'. [ 152.202699][T12732] veth0_macvtap: entered promiscuous mode [ 152.225776][T12732] veth1_macvtap: entered promiscuous mode [ 152.255063][T12732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.279134][T12732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.290021][T13188] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2507'. [ 152.292220][T12732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.300076][T12732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.304963][T12732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.307062][T12732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.308885][T12732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.327972][T12732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.347566][T13151] loop1: detected capacity change from 0 to 32768 [ 152.351296][T12732] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 152.372514][T12732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.374644][T12732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.388109][T12732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.408565][T12732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.417411][T12732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.424949][T12732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.426994][T12732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.429160][T12732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.443943][T12732] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 152.453748][T12732] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.455521][T12732] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.457246][T12732] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.458995][T12732] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.674632][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.676267][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.684773][ T515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.686517][ T515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.911288][T13217] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2520'. [ 152.991083][T13219] loop7: detected capacity change from 0 to 2048 [ 153.017676][T13219] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024) [ 153.026065][T13184] loop6: detected capacity change from 0 to 40427 [ 153.045617][T13219] syz.7.2338: attempt to access beyond end of device [ 153.045617][T13219] loop7: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 153.048967][T13228] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 153.055004][T13184] F2FS-fs (loop6): inline encryption not supported [ 153.056440][T13184] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x1fffff [ 153.058207][T13184] F2FS-fs (loop6): Unrecognized mount option "grpquota=)" or missing value [ 153.070253][T13230] netlink: 'syz.1.2523': attribute type 3 has an invalid length. [ 153.113483][T13219] syz.7.2338: attempt to access beyond end of device [ 153.113483][T13219] loop7: rw=0, sector=9437254, nr_sectors = 2 limit=2048 [ 153.116247][T13219] NILFS (loop7): I/O error reading meta-data file (ino=6, block-offset=0) [ 153.373685][T13258] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2532'. [ 153.664752][T13278] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2542'. [ 153.666781][T13278] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2542'. [ 153.823641][T13289] loop2: detected capacity change from 0 to 256 [ 153.997046][T13184] loop6: detected capacity change from 0 to 32768 [ 153.998879][T13184] bcachefs: bch2_parse_one_mount_opt() Invalid mount option grpquota: must be bool [ 154.627748][T13318] loop7: detected capacity change from 0 to 32768 [ 154.678103][T13318] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 154.735723][T13318] XFS (loop7): Ending clean mount [ 154.751661][T13318] XFS (loop7): Quotacheck needed: Please wait. [ 154.798436][T13318] XFS (loop7): Quotacheck: Done. [ 154.890709][T12732] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 155.011734][T13369] ip6erspan0: entered promiscuous mode [ 155.031923][T13342] loop1: detected capacity change from 0 to 32768 [ 155.033663][T13342] XFS: noikeep mount option is deprecated. [ 155.034999][T13342] XFS: ikeep mount option is deprecated. [ 155.082566][T13374] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 155.096476][T13342] XFS (loop1): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent. [ 155.150905][T13342] XFS (loop1): Quotacheck needed: Please wait. [ 155.246426][T13394] loop6: detected capacity change from 0 to 1024 [ 155.325773][T13342] XFS (loop1): Quotacheck: Done. [ 155.327231][T13342] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 155.401975][T13405] loop7: detected capacity change from 0 to 512 [ 155.486965][T13405] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -13 [ 155.489481][T13405] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.2584: invalid indirect mapped block 2683928664 (level 1) [ 155.492935][T13405] EXT4-fs (loop7): Remounting filesystem read-only [ 155.494471][T13405] EXT4-fs (loop7): 1 truncate cleaned up [ 155.496104][T13405] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.578992][T12732] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.736471][T13433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 155.738362][T13433] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 155.931861][T13452] bond0: (slave erspan0): Opening slave failed [ 155.943977][T13456] __nla_validate_parse: 2 callbacks suppressed [ 155.943995][T13456] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2606'. [ 155.972129][T13456] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2606'. [ 155.997254][T13460] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2605'. [ 156.392698][T13503] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 157.042026][T13567] loop6: detected capacity change from 0 to 1024 [ 157.175976][T13580] loop2: detected capacity change from 0 to 256 [ 157.177933][T13580] exfat: Deprecated parameter 'utf8' [ 157.179041][T13580] exfat: Deprecated parameter 'utf8' [ 157.338782][T13591] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2664'. [ 157.626111][T13579] loop1: detected capacity change from 0 to 65536 [ 157.629275][T13599] loop7: detected capacity change from 0 to 256 [ 157.709610][T13612] loop6: detected capacity change from 0 to 512 [ 157.750914][T13579] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 157.840794][T13612] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 157.852466][T13579] XFS (loop1): Ending clean mount [ 157.856617][T13579] XFS (loop1): Quotacheck needed: Please wait. [ 157.876984][ T142] XFS (loop1): Metadata corruption detected at xfs_dinode_verify+0x2e4/0xf90, inode 0x25 dinode [ 157.898759][T13612] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.2672: iget: bad i_size value: -67835469387268086 [ 157.906083][ T142] XFS (loop1): Unmount and run xfs_repair [ 157.907324][ T142] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 157.908784][ T142] 00000000: 49 4e a1 ff 03 01 00 00 00 00 00 00 00 00 00 00 IN.............. [ 157.910886][ T142] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 157.912964][ T142] 00000020: 34 f7 58 68 7a bb 44 4d 34 f7 58 68 7a bb 44 4d 4.Xhz.DM4.Xhz.DM [ 157.914821][T13612] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.2672: couldn't read orphan inode 15 (err -117) [ 157.917424][ T142] 00000030: 34 f7 58 68 7a bb 44 4d 00 00 00 00 00 00 00 27 4.Xhz.DM.......' [ 157.919328][ T142] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 157.921419][T13630] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2676'. [ 157.921449][T13630] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2676'. [ 157.927015][ T142] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 0c 44 49 b4 .............DI. [ 157.929116][ T142] 00000060: ff ff ff ff f1 fd ce d1 00 00 00 00 00 00 00 02 ................ [ 157.931630][ T142] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08 ................ [ 157.948080][T13612] EXT4-fs (loop6): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.018128][T13579] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 158.024366][T13579] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 158.032084][T13579] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair. [ 158.033058][T13612] EXT4-fs error (device loop6): ext4_add_entry:2444: inode #2: comm syz.6.2672: Directory hole found for htree leaf block 0 [ 158.145935][ T9048] EXT4-fs (loop6): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 158.346066][T13654] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2688'. [ 158.477773][T13665] i2c i2c-0: Invalid block write size 254 [ 158.607921][T13678] syz.2.2697 (13678): /proc/13675/oom_adj is deprecated, please use /proc/13675/oom_score_adj instead. [ 159.140115][T13722] netlink: 'syz.1.2709': attribute type 21 has an invalid length. [ 159.147707][T13677] loop6: detected capacity change from 0 to 32768 [ 159.151553][T13677] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2696 (13677) [ 159.153164][T13722] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2709'. [ 159.164380][T13677] BTRFS info (device loop6 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 159.169709][T13677] BTRFS info (device loop6 state S): using blake2b (blake2b-256-generic) checksum algorithm [ 159.176716][T13677] BTRFS info (device loop6 state S): using free-space-tree [ 159.263877][ T9048] BTRFS info (device loop6 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 159.511999][T13781] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2712'. [ 159.545128][T13791] xt_l2tp: wrong L2TP version: 0 [ 159.596062][T13691] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 159.770827][T13803] loop7: detected capacity change from 0 to 1024 [ 159.783076][T13803] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 159.788580][T13803] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.888009][T12732] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.040501][T13819] loop5: detected capacity change from 0 to 1024 [ 160.179211][T13778] hfsplus: b-tree write err: -5, ino 4 [ 160.759305][T13871] loop7: detected capacity change from 0 to 512 [ 160.780998][T13871] EXT4-fs error (device loop7): ext4_orphan_get:1389: inode #15: comm syz.7.2749: casefold flag without casefold feature [ 160.784267][T13844] loop6: detected capacity change from 0 to 32768 [ 160.785494][T13871] EXT4-fs (loop7): Remounting filesystem read-only [ 160.787384][T13871] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.800077][T13850] loop2: detected capacity change from 0 to 32768 [ 160.802185][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 160.874248][T13844] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 160.951243][T12732] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.982592][T13887] loop2: detected capacity change from 0 to 256 [ 161.017262][T13844] OCFS2: ERROR (device loop6): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 2304 but max bitmap bits of 2048 [ 161.022487][T13844] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 161.038622][T13844] OCFS2: File system is now read-only. [ 161.039796][T13844] (syz.6.2735,13844,0):ocfs2_search_chain:1814 ERROR: status = -30 [ 161.053441][T13844] (syz.6.2735,13844,0):ocfs2_search_chain:1926 ERROR: status = -30 [ 161.055851][T13844] (syz.6.2735,13844,0):ocfs2_claim_suballoc_bits:1995 ERROR: status = -30 [ 161.068080][T13844] (syz.6.2735,13844,0):ocfs2_claim_suballoc_bits:2038 ERROR: status = -30 [ 161.069938][T13844] (syz.6.2735,13844,0):ocfs2_claim_new_inode:2273 ERROR: status = -30 [ 161.090697][T13844] (syz.6.2735,13844,0):ocfs2_claim_new_inode:2288 ERROR: status = -30 [ 161.092511][T13844] (syz.6.2735,13844,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 161.094124][T13844] (syz.6.2735,13844,0):ocfs2_mknod:385 ERROR: status = -30 [ 161.096371][T13844] (syz.6.2735,13844,0):ocfs2_mknod:502 ERROR: status = -30 [ 161.098139][T13844] (syz.6.2735,13844,0):ocfs2_create:676 ERROR: status = -30 [ 161.181101][ T9048] ocfs2: Unmounting device (7,6) on (node local) [ 161.333147][T13863] loop5: detected capacity change from 0 to 40427 [ 161.505599][T13894] loop7: detected capacity change from 0 to 32768 [ 161.506027][T13863] F2FS-fs (loop5): Found nat_bits in checkpoint [ 161.557764][T13863] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 161.604352][T13922] netlink: 'syz.2.2769': attribute type 14 has an invalid length. [ 161.606000][T13922] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2769'. [ 161.688415][T13928] loop6: detected capacity change from 0 to 512 [ 161.731592][T13928] EXT4-fs (loop6): orphan cleanup on readonly fs [ 161.733526][T13928] EXT4-fs error (device loop6): ext4_quota_enable:7112: comm syz.6.2772: inode #65535: comm syz.6.2772: iget: illegal inode # [ 161.738430][T13928] EXT4-fs error (device loop6): ext4_quota_enable:7115: comm syz.6.2772: Bad quota inode: 65535, type: 2 [ 161.773894][T13928] EXT4-fs warning (device loop6): ext4_enable_quotas:7156: Failed to enable quota tracking (type=2, err=-117, ino=65535). Please run e2fsck to fix. [ 161.800851][T13928] EXT4-fs (loop6): Cannot turn on quotas: error -117 [ 161.818168][T13928] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 161.853333][T13894] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 161.858992][T13894] bcachefs (loop7): recovering from clean shutdown, journal seq 10 [ 161.861645][T13894] bcachefs (loop7): Version upgrade required: [ 161.861645][T13894] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 161.861645][T13894] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 161.861645][T13894] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 161.930056][T13942] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0 [ 161.955171][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.970413][T13894] bcachefs (loop7): dropping and reconstructing all alloc info [ 162.011865][T13894] bcachefs (loop7): check_topology... done [ 162.013521][T13894] bcachefs (loop7): accounting_read... [ 162.025580][T13931] loop2: detected capacity change from 0 to 32768 [ 162.041611][T13894] done [ 162.042231][T13894] bcachefs (loop7): alloc_read... done [ 162.043402][T13894] bcachefs (loop7): stripes_read... done [ 162.044728][T13894] bcachefs (loop7): snapshots_read... done [ 162.046092][T13894] bcachefs (loop7): check_allocations... done [ 162.095833][T13894] bcachefs (loop7): going read-write [ 162.119896][T13894] bcachefs (loop7): done starting filesystem [ 162.251738][T13968] loop6: detected capacity change from 0 to 16 [ 162.263196][T13968] erofs (device loop6): mounted with root inode @ nid 36. [ 162.294474][T12732] bcachefs (loop7): shutting down [ 162.297912][T12732] bcachefs (loop7): going read-only [ 162.299086][T12732] bcachefs (loop7): finished waiting for writes to stop [ 162.367886][T12732] bcachefs (loop7): flushing journal and stopping allocators, journal seq 12 [ 162.408684][T12732] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 13 [ 162.438288][T13976] sctp: [Deprecated]: syz.2.2792 (pid 13976) Use of int in max_burst socket option. [ 162.438288][T13976] Use struct sctp_assoc_value instead [ 162.480994][T12732] bcachefs (loop7): unshutdown complete, journal seq 14 [ 162.482980][T12732] bcachefs (loop7): done going read-only, filesystem not clean [ 162.572538][T13986] loop5: detected capacity change from 0 to 4096 [ 162.581471][T13986] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 162.586212][T12732] bcachefs (loop7): shutdown complete [ 162.653927][T13986] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 162.727262][T14000] xt_hashlimit: max too large, truncated to 1048576 [ 162.728758][T14000] xt_hashlimit: invalid rate [ 162.765189][T14001] loop6: detected capacity change from 0 to 256 [ 162.998266][T14020] loop5: detected capacity change from 0 to 512 [ 163.078919][T14020] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.165907][T14020] EXT4-fs error (device loop5): ext4_empty_dir:3094: inode #12: comm syz.5.2811: invalid size [ 163.193339][T14020] EXT4-fs (loop5): Remounting filesystem read-only [ 163.244223][T14018] loop6: detected capacity change from 0 to 32768 [ 163.280401][T14040] loop1: detected capacity change from 0 to 2048 [ 163.281227][ T7113] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.285583][ T206] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 163.287696][ T206] Quota error (device loop5): write_blk: dquota write failed [ 163.289129][ T206] Quota error (device loop5): free_dqentry: Can't write quota data block 5 [ 163.291804][ T206] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 163.293894][ T206] Quota error (device loop5): write_blk: dquota write failed [ 163.297042][ T206] Quota error (device loop5): free_dqentry: Can't write quota data block 5 [ 163.340253][T14018] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 163.363265][T14040] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 163.445375][T14018] XFS (loop6): Ending clean mount [ 163.566027][ T9048] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 163.660144][T14077] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 164.766767][T14125] loop1: detected capacity change from 0 to 2048 [ 164.788669][T14126] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 164.848042][T14125] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 164.933857][T14125] Remounting filesystem read-only [ 165.086581][T14134] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 165.682377][T14189] loop2: detected capacity change from 0 to 256 [ 165.943284][T14211] netlink: 'syz.5.2883': attribute type 1 has an invalid length. [ 166.192675][T14237] CIFS mount error: No usable UNC path provided in device string! [ 166.192675][T14237] [ 166.194743][T14237] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 166.321295][T14242] netlink: 'syz.6.2895': attribute type 1 has an invalid length. [ 166.322904][T14242] netlink: 'syz.6.2895': attribute type 2 has an invalid length. [ 166.345873][T14246] nvme_fabrics: unknown parameter or missing value 'Y' in ctrl creation request [ 166.550235][T14236] loop5: detected capacity change from 0 to 32768 [ 166.555380][T14236] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2894 (14236) [ 166.574768][T14236] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 166.576974][T14236] BTRFS info (device loop5): using sha256 (sha256-ce) checksum algorithm [ 166.578671][T14236] BTRFS info (device loop5): using free-space-tree [ 166.675643][T14277] loop7: detected capacity change from 0 to 512 [ 166.741081][T14277] EXT4-fs error (device loop7): ext4_orphan_get:1415: comm syz.7.2909: bad orphan inode 13 [ 166.749841][T14287] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 166.780880][T14277] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.888472][T14306] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2913'. [ 166.915580][T12732] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.006315][T14317] SET target dimension over the limit! [ 167.046440][ T7113] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 167.274450][T14338] loop1: detected capacity change from 0 to 2048 [ 167.305424][T14340] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 167.342581][T14338] NILFS (loop1): failed to count free inodes: err=-34 [ 167.949348][T14339] loop2: detected capacity change from 0 to 32768 [ 167.957477][T14339] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES [ 167.959721][T14339] bcachefs: bch2_fs_get_tree() error: EACCES [ 168.023207][T14397] loop7: detected capacity change from 0 to 8 [ 168.026748][T14399] loop5: detected capacity change from 0 to 256 [ 168.038796][T14399] exFAT-fs (loop5): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d) [ 168.290784][T14416] netlink: 'syz.6.2958': attribute type 6 has an invalid length. [ 168.297411][T14419] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2961'. [ 168.299268][T14419] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2961'. [ 168.367749][T14360] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 168.371288][T14425] bridge3: the hash_elasticity option has been deprecated and is always 16 [ 168.477135][T14434] xt_connbytes: Forcing CT accounting to be enabled [ 168.478771][T14434] Cannot find del_set index 1 as target [ 168.806847][T14458] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2973'. [ 168.813981][T14456] lo: entered allmulticast mode [ 168.828515][T14456] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 168.991115][T14417] loop7: detected capacity change from 0 to 32768 [ 168.993444][T14417] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2959 (14417) [ 169.008270][T14417] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 169.019444][T14417] BTRFS info (device loop7): using sha256 (sha256-ce) checksum algorithm [ 169.027805][T14417] BTRFS info (device loop7): using free-space-tree [ 169.145191][T14502] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2987'. [ 169.231416][T14507] netlink: 'syz.5.2986': attribute type 1 has an invalid length. [ 169.307951][T14516] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2991'. [ 169.360044][T12732] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 169.608123][ T6437] Bluetooth: hci0: command 0x0c1a tx timeout [ 170.045877][T14586] random: crng reseeded on system resumption [ 170.107840][T14586] hibernate: Hibernate image not generated by this kernel! [ 170.109647][T14586] PM: hibernation: Image mismatch: architecture specific data [ 170.367112][ T30] audit: type=1400 audit(170.350:3): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=14612 comm="syz.1.3028" saddr=172.30.0.2 daddr=172.20.20.170 netif=wpan0 [ 170.574621][T14633] loop5: detected capacity change from 0 to 8 [ 170.603151][T14633] SQUASHFS error: Unable to read inode 0xa7 [ 170.807118][T14657] netlink: 84 bytes leftover after parsing attributes in process `syz.7.3046'. [ 170.809161][T14657] netlink: 84 bytes leftover after parsing attributes in process `syz.7.3046'. [ 170.962343][T14673] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3051'. [ 171.016777][T14678] loop1: detected capacity change from 0 to 1024 [ 171.178237][ T4430] hfsplus: b-tree write err: -5, ino 4 [ 171.265010][T14704] netlink: 576 bytes leftover after parsing attributes in process `syz.5.3064'. [ 171.338378][T14715] loop2: detected capacity change from 0 to 64 [ 171.357573][T14713] ieee802154 phy0 wpan0: encryption failed: -22 [ 171.778380][T14750] loop5: detected capacity change from 0 to 16 [ 171.815338][T14750] erofs (device loop5): mounted with root inode @ nid 36. [ 171.853573][T14749] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 171.962722][T14769] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3091'. [ 172.150695][T14795] misc userio: Invalid payload size [ 172.386602][T14809] xfrm2: entered allmulticast mode [ 172.439396][T14815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3112'. [ 172.444897][T14815] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3112'. [ 172.506691][T14820] xt_l2tp: invalid flags combination: 0 [ 172.940753][T14860] Injecting memory failure for pfn 0x13b029 at process virtual address 0x201bd000 [ 172.964581][T14860] Memory failure: 0x13b029: Sending SIGBUS to syz.7.3125:14860 due to hardware memory corruption [ 172.964915][T14860] Memory failure: 0x13b029: recovery action for dirty LRU page: Recovered [ 172.964939][T14860] Injecting memory failure for pfn 0x137fe6 at process virtual address 0x201be000 [ 172.975567][T14860] Memory failure: 0x137fe6: Sending SIGBUS to syz.7.3125:14860 due to hardware memory corruption [ 172.975612][T14860] Memory failure: 0x137fe6: recovery action for dirty LRU page: Recovered [ 172.975632][T14860] Injecting memory failure for pfn 0x137fe7 at process virtual address 0x201bf000 [ 172.975785][T14860] Memory failure: 0x137fe7: Sending SIGBUS to syz.7.3125:14860 due to hardware memory corruption [ 172.975815][T14860] Memory failure: 0x137fe7: recovery action for dirty LRU page: Recovered [ 172.988706][T14866] netlink: 'syz.2.3137': attribute type 10 has an invalid length. [ 173.054840][T14866] bridge0: port 4(team0) entered blocking state [ 173.054890][T14866] bridge0: port 4(team0) entered disabled state [ 173.055018][T14866] team0: entered allmulticast mode [ 173.055032][T14866] team_slave_0: entered allmulticast mode [ 173.055046][T14866] team_slave_1: entered allmulticast mode [ 173.055954][T14866] team0: entered promiscuous mode [ 173.055972][T14866] team_slave_0: entered promiscuous mode [ 173.056134][T14866] team_slave_1: entered promiscuous mode [ 173.056654][T14866] bridge0: port 4(team0) entered blocking state [ 173.056699][T14866] bridge0: port 4(team0) entered forwarding state [ 173.113672][T14870] loop1: detected capacity change from 0 to 128 [ 173.173907][T14875] loop2: detected capacity change from 0 to 24 [ 173.174324][T14875] romfs: Unknown parameter 'xœìÚ¿JûPð3úûutt [ 173.174324][T14875] T¢ ù¯uÕQÜ|ƒÐæ¦ÁSAÚ'Áá:ø‚Oà#dtÓEЗˆ\›š6•v©Åïgé—œžÞ^n–£ÅQh±D#ÚéÝœ¼®ÅQ¨´œý6³˜KCGD¤ÈfÙ­NSž¿êiFú77ü¨Ú¼6Þ‡ŸÍ-__±€{öÚ' [ 173.214142][T14875] kAFS: No cell specified [ 173.225980][ T6423] sysv_free_block: flc_count > flc_size [ 173.226027][ T6423] sysv_free_block: flc_count > flc_size [ 173.226035][ T6423] sysv_free_block: flc_count > flc_size [ 173.226042][ T6423] sysv_free_block: flc_count > flc_size [ 173.226050][ T6423] sysv_free_block: flc_count > flc_size [ 173.226057][ T6423] sysv_free_block: flc_count > flc_size [ 173.226065][ T6423] sysv_free_block: flc_count > flc_size [ 173.226090][ T6423] sysv_free_block: flc_count > flc_size [ 173.226098][ T6423] sysv_free_block: flc_count > flc_size [ 173.226106][ T6423] sysv_free_block: flc_count > flc_size [ 173.227405][ T6423] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 173.528330][T14901] loop6: detected capacity change from 0 to 1024 [ 173.596006][T14901] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.636193][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.810815][T14930] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3166'. [ 174.219864][T14946] loop6: detected capacity change from 0 to 32768 [ 174.223566][T14946] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3175 (14946) [ 174.236279][T14946] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 174.240127][T14946] BTRFS info (device loop6): using sha256 (sha256-ce) checksum algorithm [ 174.243177][T14946] BTRFS info (device loop6): using free-space-tree [ 174.434309][T14970] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3179'. [ 174.455346][T14972] cgroup: name respecified [ 174.534813][ T9048] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 174.585177][T14976] loop2: detected capacity change from 0 to 2048 [ 174.841266][T14996] loop6: detected capacity change from 0 to 1024 [ 174.869559][T14996] EXT4-fs (loop6): orphan cleanup on readonly fs [ 174.885590][T14996] EXT4-fs (loop6): 1 truncate cleaned up [ 174.889438][T14996] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 174.970392][T14982] loop1: detected capacity change from 0 to 32768 [ 174.989712][T14982] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3186 (14982) [ 174.994218][T14982] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 174.996348][T14982] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 174.998097][T14982] BTRFS info (device loop1): using free-space-tree [ 175.029583][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.117196][T15030] netlink: 'syz.6.3199': attribute type 5 has an invalid length. [ 175.268600][ T6423] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 175.288781][T15036] loop2: detected capacity change from 0 to 4096 [ 176.197881][T15072] loop1: detected capacity change from 0 to 32768 [ 176.228674][T15072] (syz.1.3222,15072,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 176.232164][T15072] (syz.1.3222,15072,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 176.257501][T15072] JBD2: Ignoring recovery information on journal [ 176.368841][T15072] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 176.404764][T15111] loop7: detected capacity change from 0 to 512 [ 176.478864][T15111] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 176.567210][T15111] EXT4-fs error (device loop7): ext4_xattr_block_get:596: inode #15: comm syz.7.3239: corrupted xattr block 33: invalid ea_ino [ 176.656233][T15111] EXT4-fs error (device loop7): ext4_xattr_block_get:596: inode #15: comm syz.7.3239: corrupted xattr block 33: invalid ea_ino [ 176.660171][T15111] EXT4-fs error (device loop7): ext4_xattr_block_get:596: inode #15: comm syz.7.3239: corrupted xattr block 33: invalid ea_ino [ 176.670228][T15119] netlink: 'syz.5.3242': attribute type 1 has an invalid length. [ 176.678585][T15119] netlink: 'syz.5.3242': attribute type 3 has an invalid length. [ 176.680236][T15119] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3242'. [ 176.761699][ T6423] ocfs2: Unmounting device (7,1) on (node local) [ 176.850057][T12732] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.057246][T15156] netlink: 'syz.7.3259': attribute type 10 has an invalid length. [ 177.259934][T15169] loop6: detected capacity change from 0 to 2048 [ 177.310438][T15169] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 177.350680][T15179] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3270'. [ 177.480659][T15189] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3276'. [ 177.484500][T15189] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3276'. [ 177.505912][T15191] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3274'. [ 177.843655][T15205] loop7: detected capacity change from 0 to 4096 [ 177.900578][T15220] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 177.948634][T15205] overlayfs: failed to resolve './file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 177.951657][T15181] loop2: detected capacity change from 0 to 32768 [ 178.219774][T15240] Cannot find del_set index 2 as target [ 178.531132][T15268] loop7: detected capacity change from 0 to 164 [ 178.819556][T15292] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3326'. [ 179.020109][T15266] loop5: detected capacity change from 0 to 32768 [ 179.124041][T15311] loop1: detected capacity change from 0 to 8 [ 179.132366][T15311] SQUASHFS error: zlib decompression failed, data probably corrupt [ 179.133988][T15311] SQUASHFS error: Failed to read block 0x9b: -5 [ 179.135182][T15311] SQUASHFS error: Unable to read metadata cache entry [99] [ 179.141112][T15311] SQUASHFS error: Unable to read inode 0x127 [ 179.165773][T15266] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 179.307275][T15274] loop2: detected capacity change from 0 to 32768 [ 179.310000][T15274] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES [ 179.313706][T15274] bcachefs: bch2_fs_get_tree() error: EACCES [ 179.373446][T15331] loop7: detected capacity change from 0 to 256 [ 179.437331][T15331] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 179.476121][T15338] loop1: detected capacity change from 0 to 256 [ 179.490885][T15266] XFS (loop5): Ending clean mount [ 179.496957][T15266] XFS (loop5): Quotacheck needed: Please wait. [ 179.543375][T15266] XFS (loop5): Quotacheck: Done. [ 179.669602][T15350] netlink: 'syz.1.3351': attribute type 10 has an invalid length. [ 179.684064][ T7113] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 179.751759][T15350] macvlan0: entered promiscuous mode [ 179.794954][T15350] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 179.892158][T15362] loop6: detected capacity change from 0 to 64 [ 180.108655][T15356] loop7: detected capacity change from 0 to 32768 [ 180.144853][T15356] find_entry called with index = 0 [ 180.146035][T15356] find_entry called with index = 0 [ 180.268738][T15388] usb usb1: usbfs: process 15388 (syz.5.3369) did not claim interface 23 before use [ 180.559969][T15412] loop5: detected capacity change from 0 to 16 [ 180.567078][T15412] erofs (device loop5): mounted with root inode @ nid 36. [ 180.587838][T15412] erofs (device loop5): unsupported i_format 2048 of nid 46 [ 180.659575][T15421] IPv6: sit2: Disabled Multicast RS [ 180.779946][T15423] loop2: detected capacity change from 0 to 2048 [ 180.816387][T15423] Alternate GPT is invalid, using primary GPT. [ 180.820135][T15423] loop2: p1 p2 p3 [ 180.927600][T15440] loop7: detected capacity change from 0 to 2048 [ 181.197603][ T6414] udevd[6414]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 181.203296][ T6524] udevd[6524]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 181.216745][ T7398] udevd[7398]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 181.314033][T15439] loop2: detected capacity change from 0 to 32768 [ 181.329182][T15460] loop6: detected capacity change from 0 to 512 [ 181.332847][T15460] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 181.341955][T15460] EXT4-fs (loop6): 1 truncate cleaned up [ 181.343615][T15460] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.351841][T15439] ocfs2: Readonly device (7,2) detected. Cluster services will not be used for this mount. Recovery will be skipped. [ 181.354464][T15439] ocfs2: Mounting device (7,2) on (node local, slot 65535) with ordered data mode. [ 181.395252][ T6431] INFO: trying to register non-static key. [ 181.396480][ T6431] The code is fine but needs lockdep annotation, or maybe [ 181.397817][ T6431] you didn't initialize this object before use? [ 181.399047][ T6431] turning off the locking correctness validator. [ 181.400316][ T6431] CPU: 0 UID: 0 PID: 6431 Comm: syz-executor Not tainted 6.13.0-rc2-syzkaller-gfac04efc5c79 #0 [ 181.402365][ T6431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 181.404468][ T6431] Call trace: [ 181.405280][ T6431] show_stack+0x2c/0x3c (C) [ 181.406270][ T6431] dump_stack_lvl+0xe4/0x150 [ 181.407219][ T6431] dump_stack+0x1c/0x28 [ 181.408130][ T6431] assign_lock_key+0x278/0x2b0 [ 181.409191][ T6431] register_lock_class+0x144/0x6b4 [ 181.410218][ T6431] __lock_acquire+0x18c/0x7904 [ 181.411206][ T6431] lock_acquire+0x23c/0x724 [ 181.412246][ T6431] _raw_spin_lock_irqsave+0x5c/0x7c [ 181.413354][ T6431] ocfs2_mark_lockres_freeing+0x164/0x788 [ 181.414469][ T6431] ocfs2_dlm_shutdown+0x44/0x230 [ 181.415431][ T6431] ocfs2_dismount_volume+0x3fc/0x920 [ 181.416499][ T6431] ocfs2_put_super+0xec/0x368 [ 181.417471][ T6431] generic_shutdown_super+0x12c/0x2bc [ 181.418648][ T6431] kill_block_super+0x44/0x90 [ 181.419725][ T6431] deactivate_locked_super+0xc4/0x12c [ 181.420844][ T6431] deactivate_super+0xe0/0x100 [ 181.421767][ T6431] cleanup_mnt+0x34c/0x3dc [ 181.422751][ T6431] __cleanup_mnt+0x20/0x30 [ 181.423708][ T6431] task_work_run+0x230/0x2e0 [ 181.424698][ T6431] do_notify_resume+0x178/0x1f4 [ 181.425699][ T6431] el0_svc+0xac/0x168 [ 181.426501][ T6431] el0t_64_sync_handler+0x84/0x108 [ 181.427698][ T6431] el0t_64_sync+0x198/0x19c [ 181.439873][ T9048] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.441638][ T6431] ocfs2: Unmounting device (7,2) on (node local) [ 181.445294][ T6431] Unable to handle kernel paging request at virtual address dfff800000000001 [ 181.452914][T15472] loop1: detected capacity change from 0 to 512 [ 181.454804][T15472] ext4: Invalid gid '0x00000000ffffffff' [ 181.469116][ T6431] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 181.474858][ T6431] Mem abort info: [ 181.476872][ T6431] ESR = 0x0000000096000005 [ 181.477778][ T6431] EC = 0x25: DABT (current EL), IL = 32 bits [ 181.484509][ T6431] SET = 0, FnV = 0 [ 181.485283][ T6431] EA = 0, S1PTW = 0 [ 181.489418][ T6431] FSC = 0x05: level 1 translation fault [ 181.493103][ T6431] Data abort info: [ 181.493910][ T6431] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000 [ 181.497046][ T6431] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 181.498348][ T6431] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 181.499666][ T6431] [dfff800000000001] address between user and kernel address ranges [ 181.502275][ T6431] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP [ 181.503776][ T6431] Modules linked in: [ 181.504544][ T6431] CPU: 1 UID: 0 PID: 6431 Comm: syz-executor Not tainted 6.13.0-rc2-syzkaller-gfac04efc5c79 #0 [ 181.506529][ T6431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 181.508417][ T6431] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 181.510007][ T6431] pc : ocfs2_evict_inode+0xd40/0x4660 [ 181.511097][ T6431] lr : ocfs2_evict_inode+0xccc/0x4660 [ 181.512221][ T6431] sp : ffff8000b1327080 [ 181.513060][ T6431] x29: ffff8000b13277a0 x28: ffff700016264e24 x27: 1fffe0001bb56bc4 [ 181.514693][ T6431] x26: ffff0000ddab5e20 x25: 1fffe0001bb56bc8 x24: ffff8000b1327120 [ 181.516372][ T6431] x23: ffff0000ddab5580 x22: ffff0000efb1c000 x21: dfff800000000000 [ 181.517923][ T6431] x20: ffff0000efb1c290 x19: 0000000000000008 x18: 1fffe000366c5a7e [ 181.519526][ T6431] x17: ffff80008f97d000 x16: ffff80008326d65c x15: 0000000000000001 [ 181.521195][ T6431] x14: 1fffe0001bb56b6e x13: 0000000000000000 x12: 0000000000000000 [ 181.522746][ T6431] x11: 0000000000000001 x10: 0000000000ff0100 x9 : ffff0000ddab5df8 [ 181.524418][ T6431] x8 : 0000000000000001 x7 : 0000000000000000 x6 : ffff8000821d7ca8 [ 181.526007][ T6431] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000804598a0 [ 181.527661][ T6431] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000 [ 181.529377][ T6431] Call trace: [ 181.530005][ T6431] ocfs2_evict_inode+0xd40/0x4660 (P) [ 181.531219][ T6431] ocfs2_evict_inode+0xccc/0x4660 (L) [ 181.532323][ T6431] evict+0x444/0x978 [ 181.533127][ T6431] iput+0x740/0x8e8 [ 181.533881][ T6431] ocfs2_free_slot_info+0x80/0x20c [ 181.534953][ T6431] ocfs2_delete_osb+0x64/0x150 [ 181.535952][ T6431] ocfs2_dismount_volume+0x4d8/0x920 [ 181.537069][ T6431] ocfs2_put_super+0xec/0x368 [ 181.538043][ T6431] generic_shutdown_super+0x12c/0x2bc [ 181.539121][ T6431] kill_block_super+0x44/0x90 [ 181.540103][ T6431] deactivate_locked_super+0xc4/0x12c [ 181.541241][ T6431] deactivate_super+0xe0/0x100 [ 181.542324][ T6431] cleanup_mnt+0x34c/0x3dc [ 181.543254][ T6431] __cleanup_mnt+0x20/0x30 [ 181.544209][ T6431] task_work_run+0x230/0x2e0 [ 181.545111][ T6431] do_notify_resume+0x178/0x1f4 [ 181.546146][ T6431] el0_svc+0xac/0x168 [ 181.546931][ T6431] el0t_64_sync_handler+0x84/0x108 [ 181.547969][ T6431] el0t_64_sync+0x198/0x19c [ 181.548827][ T6431] Code: 97a85737 f9400288 91002113 d343fe68 (38756908) [ 181.550158][ T6431] ---[ end trace 0000000000000000 ]--- [ 182.153353][ T6431] Kernel panic - not syncing: Oops: Fatal exception [ 182.154607][ T6431] SMP: stopping secondary CPUs [ 182.155539][ T6431] Kernel Offset: disabled [ 182.156403][ T6431] CPU features: 0x100,00002070,00800250,82017203 [ 182.157592][ T6431] Memory Limit: none [ 182.692640][ T6431] Rebooting in 86400 seconds..