last executing test programs: 58.654411391s ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4018aee1, 0x0) 58.481845228s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc3f8108c, &(0x7f0000000600)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7f}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfffffffffffff51b}}, {@nobarrier}, {@jqfmt_vfsold}]}, 0xfe, 0x470, &(0x7f0000000940)="$eJzs3MtvVFUYAPDvTqel5WER8QGCVtFIfLS0PGThRqOJC40musC4qtNCkIEaWhMhRNEFxrgwJO6NSxP/Ale6MerKxC3uDYkxbEBXY87MvdAOM7WPaac4v19y4Zx773DOd889M+eeM0MAPWsk/ZFFbI2IKxExHBHl5hNGGn/duHah8ve1C5UsarU3/srSy+L6tQuV/J+ob8mWxo5aLc9valHupbcjJqvV6bN5fmzu9Htjs+fOP3Py9OSJ6RPTZyaOHj10cO/AkYnDHYkzxXV994cze3a9/NblVyvHLr/z87epvlvz40UcnTTSuLotPd7pwrps27x0Vu5iRViW1G79+XYlhqMvhm4eG46XPulq5YA1VavVaq0+n3MXa8D/WBbdrgHQHcUHfXr+LbZ1GnpsCH8+35jwSHHfyLfGkXKU8nP6m55vO2kwIo5d/OertMUazUMAAMz3fRr/PN1q/FeK++add1e+hrI9Iu6OiB0RcU9E7IyIeyPq594fEQ8ss/zmFZLbxz+lqysKbInS+O+5fG1r4fivGP3F9r48t60ef392/GR1+kB+TfZH/6aUH1/wkoV+ePG3L5r3fZ5Ps4/MG/+lLZVfjAXzelwtN03QTU3OTXYk+BT/xxG7y63iz26uA2YRsSsidq+wjJNPfrOn3bH/jn8RHVhnqn0d8USj/S9GU/yFrO365PizRyYOjw1GdfrAWHFX3O6XXy+93q78VcXfAan9N7e8/xvxp2fEbDBi9tz5U/X12tnll3Hp908rWZtjO1d4/w9kb9bTA/m+Dybn5s6ORwxkr6Ts0IL9E7deW+SL81P8+/e17v87Go9n9SvxYESkm3hvRDwUEQ/nbfdIRDwaEfsWif+nFx57t92x9u2/yKx8B6X4pxZp//SWl1K32n/5ib5TP37Xrvzaktr/UD21P9+zlPe/pVZwNdcOAAAA7hSl+nfgs9LozXSpNDra+A7/zthcqs7Mzj11fOb9M1ON78pvj/5SMdM1PG8+dDyfGy7yE035g/m88Zd9Q/X8aGWmOtXt4KHHbWnT/5M/+rpdO2DN+b0W9C79H3qX/g+9S/+H3qX/Q48aaL37o/WuB9AVy//8H1yTegDrz/gfepf+D71L/4ee1Pa38aVV/eT/Tk2UN0Y1WiaGNkY1ikSUNkQ1Opd47bNGl9go9SkS5SX/ZxYrTGxqeajb70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//z8/5no=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}}) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r4, 0x8004e500, &(0x7f00000000c0)=r3) 42.975087474s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc3f8108c, &(0x7f0000000600)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7f}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfffffffffffff51b}}, {@nobarrier}, {@jqfmt_vfsold}]}, 0xfe, 0x470, &(0x7f0000000940)="$eJzs3MtvVFUYAPDvTqel5WER8QGCVtFIfLS0PGThRqOJC40musC4qtNCkIEaWhMhRNEFxrgwJO6NSxP/Ale6MerKxC3uDYkxbEBXY87MvdAOM7WPaac4v19y4Zx773DOd889M+eeM0MAPWsk/ZFFbI2IKxExHBHl5hNGGn/duHah8ve1C5UsarU3/srSy+L6tQuV/J+ob8mWxo5aLc9valHupbcjJqvV6bN5fmzu9Htjs+fOP3Py9OSJ6RPTZyaOHj10cO/AkYnDHYkzxXV994cze3a9/NblVyvHLr/z87epvlvz40UcnTTSuLotPd7pwrps27x0Vu5iRViW1G79+XYlhqMvhm4eG46XPulq5YA1VavVaq0+n3MXa8D/WBbdrgHQHcUHfXr+LbZ1GnpsCH8+35jwSHHfyLfGkXKU8nP6m55vO2kwIo5d/OertMUazUMAAMz3fRr/PN1q/FeK++add1e+hrI9Iu6OiB0RcU9E7IyIeyPq594fEQ8ss/zmFZLbxz+lqysKbInS+O+5fG1r4fivGP3F9r48t60ef392/GR1+kB+TfZH/6aUH1/wkoV+ePG3L5r3fZ5Ps4/MG/+lLZVfjAXzelwtN03QTU3OTXYk+BT/xxG7y63iz26uA2YRsSsidq+wjJNPfrOn3bH/jn8RHVhnqn0d8USj/S9GU/yFrO365PizRyYOjw1GdfrAWHFX3O6XXy+93q78VcXfAan9N7e8/xvxp2fEbDBi9tz5U/X12tnll3Hp908rWZtjO1d4/w9kb9bTA/m+Dybn5s6ORwxkr6Ts0IL9E7deW+SL81P8+/e17v87Go9n9SvxYESkm3hvRDwUEQ/nbfdIRDwaEfsWif+nFx57t92x9u2/yKx8B6X4pxZp//SWl1K32n/5ib5TP37Xrvzaktr/UD21P9+zlPe/pVZwNdcOAAAA7hSl+nfgs9LozXSpNDra+A7/zthcqs7Mzj11fOb9M1ON78pvj/5SMdM1PG8+dDyfGy7yE035g/m88Zd9Q/X8aGWmOtXt4KHHbWnT/5M/+rpdO2DN+b0W9C79H3qX/g+9S/+H3qX/Q48aaL37o/WuB9AVy//8H1yTegDrz/gfepf+D71L/4ee1Pa38aVV/eT/Tk2UN0Y1WiaGNkY1ikSUNkQ1Opd47bNGl9go9SkS5SX/ZxYrTGxqeajb70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//z8/5no=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}}) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r4, 0x8004e500, &(0x7f00000000c0)=r3) 41.96378236s ago: executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x28, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r3 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r3, &(0x7f00000007c0)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='~', 0x1}], 0x1}}, {{&(0x7f00000022c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000600)=[{&(0x7f0000002300)="ef", 0x1}], 0x1}}, {{&(0x7f00000003c0)={0x2, 0x0, @private=0xa010103}, 0x10, &(0x7f0000000780)=[{&(0x7f00000006c0)='o', 0x1}], 0x1}}], 0x3, 0x0) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000002c0), 0x10) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r4, 0x5}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000600), &(0x7f0000000040)=@tcp6}, 0x20) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) 41.042431553s ago: executing program 1: r0 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0) fallocate(r0, 0x0, 0x0, 0x8004) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) readv(r1, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/15, 0x2}, {&(0x7f0000000180)=""/172, 0x2000022c}], 0x2) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0x90000) r3 = dup(r2) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) 11.973980172s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r1, &(0x7f0000000000), 0x100000008) writev(r1, &(0x7f0000004600), 0x0) 6.979069797s ago: executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) getpgrp(r1) memfd_secret(0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r3 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f00000003c0), &(0x7f0000000440)) syz_io_uring_setup(0x5c4, &(0x7f0000000200), &(0x7f0000000140), &(0x7f00000002c0)) io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x7d, 0x0, 0x0) r4 = dup3(r2, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000280)={0x44, 0x0, &(0x7f0000000680)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffeb, 0x0, 0x0}}], 0x0, 0x0, 0x0}) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5393, &(0x7f0000000000)) 6.146976686s ago: executing program 4: socket$nl_route(0x10, 0x3, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$inet6_icmp(0xa, 0x2, 0x3a) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801279a756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32, @ANYRES64=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000ecff850000000400000018110000", @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpu.stat\x00', 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYRES32=0x0, @ANYBLOB="93630100200501001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}}, 0x0) 6.084520756s ago: executing program 2: chdir(&(0x7f0000000240)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x16, &(0x7f0000000080), 0x1, 0x5124, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac895ztz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVG7V/eUB6x0/eLuo5v2NjceP9yuX7109mT5pbNgYqUnsFLy8+rC4rnU7PweSfYo2l2nXq3nFM36pyfcv/IiAIAlmWp1FsXH0fwjbtHen9aTdjNpt5N2/ITQ7m4sRzbuqn7z3JDWV2iezSwqjPedZ1LP3/+i3Ur7J+0kaixhnr275pFmot8855L6Ss0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4E7yyNujD1XVT12bPnNuprnzwJaZy/um150OodHZXsvKtdXvH27+9e3WYwd+3PzV8QvPP1bP+8XlaNfO4be48sRkCG90VS7EYS+uDaHVW+g0w5flwludlediAQAAgLvJ/Z3fI0U7i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLyi3Vj8qXUF4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6Pd044bf40T3jUZwtSgqQMAAAB9xP93X/xqIeb17JuDNK8/9ejBc1XjlfJ/c7j8P3ZLXxUAAABwM458sf3hqnop/7eGy//jt3XWAAAAwFK88+HEB1X1Uv6fHS7/r86X+ZUPWaef4l8hHJoMYWJhZS4r/BzaTxcFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/12F7K5/T7oxAAAAAPei8vX88fb42ZML+j1/f9jr/x/438FXq45fyv/7h8v/9e7lwPv/F5Md/Pw/AAAAWIb/2vP/tpfGqTbo/v/3ffTuL1X9S/m/PVz+j8s13S/vRHx/3psMYf3CSn43wW/i4XYlhfmxrkJHK+mxLfbIC/PjXYWOuaTH5skQHlxY2d+4nssK/4+FdtLjytq8cCQpnI6F/HwoCseSwol4pn2+Np9uWvg+FvILLObjFRRriksikh5X+/VYKNywx9ni4AAAAPeUGJ7zLDvW2wxplJ2vDdph9aAdRgbtUB+0w2iyQ7pjv+1htrcQt7fPbFza8/+PDJf/41uxKlv0u/4/xOv/8+caFtf/z8ZCIynMx0IrvWNAKx4jC7sfx2M0WnmPK+uLAgAAANzV4vcC9RWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD/s3XuMXFd9OPAz+xrvw7ubwE+E/BAsUMe44PXaDg+1qVinqYpCKeuSElWIYmOvw+INNrZTcATIsUEpiqChRII/iuIIIZw/klokCGhAcSNhFDUkKFUjkigRaZ0gotA0gEIhEq5m7z2zd87deaztdbzh85G8c2a+53nn4Tn33jkXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3w/HPvOxv28Vv/d3lz3y+JWTHz646cpnPnnZ+Q+EMDX3eCULVwau/8rkL2679PaDd224+c4Tl7+xLy+Xx8Ng7U9XfufTsdYTK0P4ViWEnjSwdigL9Ob3h2J9rxoK4bwwH6iXmB7ISqQNh+/3h3A4zAfqVX2nP4ShQuCKB++5+3O1xE39IawKIVTTNh6rZm30p4GL+rLAQBrY1ZMFfn0yUw98uysLwGmLb4b6i/7oVGOG0YXLNXn99Z6xjr240uF1x8Ro83w/37TEnSroSx+YOq2nrVQdS6L09jjm3bYM3m2l7Xyjp634RSr/hnJyPlQNXdund2y9ZnZffKQrjI93N6tpiZ7nh5/7xLbFpJfN6zB2YPSMvA4/f/+q27rXvOuHd65d9dSRNx16+nS7+ePCJi2ml1o15K+5ZfM8RpM+T5bB26/0LWnMl64Qwo4P/cG7W8VL8//R1vP/+HKOt10NuWOtLwxnc/P4yFBMPDuczc0BAABg2VgOe013jX/vba3qK83/xzo7/h8P+eeT+Wy0x0KYnEscGgnhgrnHs8CtsbkPjoTw2rnUVGNgUxI4FsIrv/D1PJhVlZRYEUuMJYGfDueBySRwPAamksDXYuDGJPDpGDiaBLbFwLEkcGkMhJn6OOYSfzicj6PjQH8MbMk24tF4FsIvh2NrU40lHq1XBQAAcIbks8PexruFcx1ON0OcXh7tb5chnoHdNEM1qSGdwdanVU1r6GlXQ1chQ6Uw1a9nqI/7QOvhl2qutOtb6TSMSmOGr/zq794TWijN/ydaz/+rC3SkUjr+H8Lmub8xd1cema3Ht0w1ZAAAAABOw+D/PvHVVvHS/H+ys/P/4z6R7kLmcF/cDbFzJISJxkBW7R+XA9lR78E8AAAAAMtB/Xh8/Vj4TH6bnaKdzqfL+acWmT8e+J9cMH/fse9uadXf0vx/qrPz/wcab7NOHI+9+OJICCsKgR/EXtYCc8Zi4Cdvbwzk4z8eN8ANsar8xIR6VTfEEltiYCIJHG5W4kf1Ehc0BvInq974ofo4ZvIShQAAAACcdXF3QDwuH8//f91vN3ysVbnS/H/L4s7/n5sHl07vnx0MYV1PCN3pDwPuG8gWBoyBoUqe+N5AVld3WtV1AyFcUhtYWtUT+fr/Pekagw/2Z1XFwAWvO/LcRbXEV/tDWFcMPPS+W95cS+xLAvXG/7o/hNfURps2/s0VWeO9aeNfWhHCqwuBelUfXBFCrbG+tKp7qvl1DNKq/rkawssKgXpVb6mGsD8AsEzF/0q3Fx/cu//anVtnZ6f3LGEi7sPvDztmZqfHt+2a3V5t0qftSZ8bljG6rjymTq9882i+RNF779g81Em6/jvBiWJb+X780omD+f34Xah3bpwbehvubkyH/IbXl5sIhW9SzYbctcRDHihWMv8kluqP+fvCYFhxzd7pPeMf37pv35712d9Os2/I/sbDTNm2Wp9uq4GF+tbBy6PpalmJU91Wq4uVrNt39e51e/dfu3bm6q1XTV81/ZH1b9kwcfHExom3XryuNqqJ7G+boa5eqOpkqCdv6XBcZ3CoF/YUKjkbnxoSEhLLLbFrcHXL/5NL8//dref/8VMnfvLn6zM0O/4/Gg/zZ4/PH+bfEgOHy8f/G/6XqB//H212NL9+YsBYEjgQAwcc5gcAAOClIU7y49w57pX+2ZpvPtWqXGn+f6Cz3/+fofX/60vXXz7SZJn/NbHERLP1/9Nl/uvr/x9otv5/usx/ff3/wy/C+v/X1APJJvml9f8BAICXgrO3/n/b5f3TCwSUMnS1y5BeIKCUoe0y/p1eIGDR6/8/9p9/89+hhdL8/8bO5v8W7gcAAIBzx6f+4mP/r1W8NP8/3Nn8/+yv/xeanf8/1iww1WxhQOv/AQAAsEw1W/9v9PqBD7QqV5r/H+1s/h9Pu+hqyB1rfWE4W9MupGvaPTtc/8kAAAAALA9dYXy8t8O8DSujbjr1Nh/OlwJtlS564s9OLO78/2Odzf8bfpfx+ftX3da95l0/fOHOtaueOvKmQ0/PH/8HAAAAlk6n+yUAAAAAAAAAAAAAAIAX3xP/cXBjq3jp9/9h89zjzX7/H6/7F39f8PKG3LHW9uv/5feveOft++eWLLxvOITXFwM7D+48L+TX5l9dDNz9/jWvqCUOpiW++/ilT9YSH0gD71h7/vO1xCVJYEtcJPGVaSBeVfH5lUkgLq/472kgbo+jaaAvD3x2ZTaOSrqtfjaUbatKuq0eGQphpBCob6tvDWVtVNIB3pQE6gP8aBqIA/zLPNCV9ur2waxXMTAUi948mPUKAIBzVvwW2Bt2zMxOT8Sv8PH2wp7G26hhybLrytVWOmz+0XxpsvfesXmok3R3+l10/lrjvaFaG8L60tfVYpbK3CjPTC1tNt3Lmwy53WpvXU3KpRa76fqaj6g/G9H4tl2z23vbDnxj+ywbetpmWV+a7BSzdM1t0g5q6aAvHYyow23TQZfj/a4wPt6d5PqjGBwNDdq9Ijr9vX5xnb9mr4Jino+cOPTrVvWV5v+jnc3/q8VxPZ9fDOBAvLLeP4xY5h8AAACW1mc3/ebL8d97rr/3oVZ5S/P/sc7m/3EPVn4oONvbcSxe///QSAhzl9YfzQK3xuY+OBLCa+dSU7FEdkH9y2OJiSxwa9xhsiaW2DLVWNWKGDiaBH46nAeOJYHjMZDvpTgS8l05XxgO4c1zqc2NJXbHEqNJ4N0xMJYExmNgIgmsjIHJJPDMyjwwlQT+LQbCTOO2umNlvq0AAAAWI59n9TbeDek872hPuwyVdhkG2mXoapeh2i5Ds1HE+9+IGXqTk1cqhUy9aa39SS2lDPFi+IvuVylD+FFjzrRgqel4/kH9fINKY4a73tZTDS2U5v8Tnc3/syfzZGPrx+P8f/76f1ngB7F7X4ynjo/FwE/e3hjIdwwcj5PdG+pVTeUl8kn7DbHEZAyMJYHdMTCZBLZszgOHX9EYyGfa9cYP1RufyUsUAgAAAHDWxR0EcTdNnP/fvPczg63Kleb/k53N/2N7g8XGPh1rPbEyhG9V5ntTD6wdygJxP8ZQ/Hn8q4ZCOK+wg6NeYnogK9GXNBy+35/9Qr0vreo7/dmPD+L9Kx685+7P1RI39YewqrD3pd7GY9Wsjf40cFFfFhhIA7t6skDc81MPfLsrC8Bpq+8VjC+o/FSXutGFyzV5/b1UrgmaDq+0D3SBfAv95mqplHa45vtU6xb3tLXcf8sZU3p7HPNuW47vtlHvtuIXqfwbysn5UDV0bZ/esfWa2X3xkeIvWUuW6Hku/kq1k/QZeB0eOPXetldNOzCRfHxMLFxu4ddhJVb3+ftX3da95l0/vHPtqqeOvOnQ0x13o4n4Q+F7PvmvQz8ubN6lVg35a27ZfZ5M+TxZjv8NjHnaQgibn/nSDa3ipfn/VGfz/57kds5v4sbcOxLCGwob9764+f90JPscLASyT8mXlQPZIff/Gm76yQkAAABnWn13R31/wUx+m50Qns6Ty/mnFpk/7q+YXDB/p/0e+Nv3r2oVL83/t7Se/69Iuun4v+P/LBHH/xd0ru+KXpE+cOC0dkWXqmNJOP6/oHP93eb4/4Ic/3f8fyGO/7fh+P+CzvWnrfQtabcvXSGEp/7ke4+0ipfm/7s7m/9b/2/hRfvq6/9tabb+3+5m6/8dsP4fAACwpJosNJfO80qr95UypKv3lTK0XSCw7RKD1v9b9Pp/T1742G/DQvKaSvP/A53N/+PLYbDY+nJZ/29sc5OqboyB3RYGBAAA4FzUbAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL667/vF/treK3/u7yx55/MrJDx/cdOUzn7zs/AdCmJl7vJKFKwPXf2XyF7ddevvBuzbcfOeJy99Yzcv15rf/vyF3rPWF4RAOFx4Ziolnh2t35gNXvPP2/T21xH3DIby+GNh5cOd5tcTXhkNYXQzc/f41r6glDqYlvvv4pU/WEh9IA+9Ye/7ztcQlW7uybqbd/aeVWXcraXc/tzKEkUKg3t0Pr8zaqKRt/Hke6Erb+PpQ1kYMDMWiXx7K2oiB2VhiZkUI63pC6E6rureaVdWdVvUv1ayq7rSqT1VDuCSE0JNW9XhfVlVPOvIH+rKqYuCC1x157qJa4nBfCOuKgYfed8uba4mPJoF643/VF8Jrai+ZtPFv9GaN96aN39QbwqtDCH1piV/1ZCX60hJP9ITwskKg3viHekLYH3hJiB8+DZ9oe/dfu3Pr7Oz0niVM9OVt9YcdM7PT49t2zW6vJn1qplJIn7zu1Mf+6HOf2Fa7fe8dm4c6Sffk5Xrnuryht+HuxnO997FfA8VK5p+PUv0xf18YDCuu2Tu9Z/zjW/ft27M++9tp9g3Z3+48mm2r9S22VXfxzou9rVYXK1m37+rd6/buv3btzNVbr5q+avoj69+yYeLiiY0Tb714XW1UE9nfzocamg71llMa5ZW3ZrenNNQLewo1nY0PgMUl4uY5V/ojIfH7mOhq+HSbONf/0yt90Z/vaG+ozn1Al6YVxSyVuVGeiUFvOsURn8r3lLYjWl+aOJSybGifZWNpMjGfpT/LMve9rjQ5LNbUNbdJ4/2uMD7e3Ww7jDbeLW7en5/G5n0433SdpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+VuH0bMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcCgAA//8aXSYE") chdir(&(0x7f0000000240)='./file0\x00') syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000e00)='./file0\x00', 0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="00bb148100000096ab7ebcb8e9eac8d3ecbf3c5623aaa123b83de213969e1a6a460cb13cb71e4c8ab5"], 0x1, 0xda2, &(0x7f0000000000)="$eJzs3UtvXNUdAPBzxx47LxoHG+ymaeySUtxHbBKi0l2NlC5QJVSJT4DSQEMNfYQuQEFyWHTbSIgPUMS+iz6zQIpYpWLTql8AseomRUi0jSqBK9vnjMf/zOiOHcfj8fx+0plz7z333nPOzJ07d+7jnAQMrcb664ULM1VK79x8++Ld2dH/rk2Zbc0xt/46mseWUkrN1nIpTYT1LY1vxJ9/eu1Se/xFjqt0PlWpak1Pz91pLXs0pbSS5tKtNJGe/2T6xssfPrv8/uT1yYtvzt9+MLUHAIDhcveH7/3ir0/84NqJ//3u9FIab00vx+dLefxYPu5fqjbGc9T6H1C1xVXbeDEW5hvNoRHmG+kwX3s+zTDfaJf8x8J6m13mG6/Jf6RtWqd6wyDb/B9fNRa2jDcaCwsb/8nXfDQyVi28emX5xat9Kiiw6z6bzaf4BEEYurB6vN97IIAN8brhPVbimYX701rbaG/533mm0Xl52AV7vf3Lf7Dyf++6PQ6756BuTaVe5Xt0LI/H6wijYbntfv/L+uL1iGaP5ex2HWFQri90K+fIHpdjp7qVP24XB9VXc1zeh9Mhvf37Ez/TQfmMgc7uOv8vCEMbVvu9AwL2rXjf3GpW0uN9fTF9vCb9UE364Zr0IzXpR2vSYZj9/rXfpBvV5v/8+J9+u+fDynm2h3L8pW2WJ56P3G7+8b7f7brf/OP9xLCvzf/n1Ge/uvW3eP//F+H+/zP5t3Qi7yDK+cJ4Xr117394MLjRZb6HQ3Ee6jD/+vDU1vmqqc31pLb9zD3lmNm63PFu853aOt9EmO9IPhY5FMobj0+OhOXK8UfZr5b3azTUtxnqMRbKUT6ZEzk+FOpzolu9wonssTBfM4fJUK+pUK9HwnKPhnpVM1vrFc+fl/JMh+nxOkmZL3xs9/wuxc8iPpfxWI7fyvG7Of4gxx93yHcYle2x2/3/ZfucSc3qxSvLl5/M42U7vT3SHF+bfm6Pyw3cv16f/5lJW5//Odaa3my07xeOb06v2vcLE2H6+S7Tn8rj5ffsJyOH16cvXPrZ8o93u/Iw5K6+/sZPX1hevvxLAwYMGGgN9HvPBDxoi6+98vPFq6+/cfbKKy+8dPmly6+ee/J7333q6acvLK4f1S+2H9sDB8vmj36/SwIAAAAAAAAAAAD0rDrceXKO69q3Lc+Tl+fT4/PxDIbyuZWtobRjUJ7/7NauS3l+88QelJHdtxePE/W7jkBn/9L+ryAMbVhd1Yo/sD/0u/+/0u5hiY+d/ceJtVBmu/PM1v1lbL8Q7sd+739O/ger/79W/1c97/9Cj1kTO8v3D3cP/70t23Sy1/xj/Us7sFPby/+POf9Sm8dTb/mv/jbkHxsq7dGfQv5Hesz/nvqf2ln+f875l7dt/kyv+W+UuGpsLUc8b1zaAYznjYu/hPqXtv22Xf8ddtR2M+cPw2xQ+pncrkHp/7Obst6yH8y759Z1utL+duzvoK78K6Gl69Lud/kdeCSsv6r5fdP/52Cr6/+zbH+L+v+EA+cj1/8EYWjD6upqX7s+GdZ+V/aLfr///T6G7Hf+/X7/68T+P+P/pdj/Z0yP/X/G9Nj/Z0yP/WvF9Nj/Z3w/Y/+fMX06rDf2DzpTk/7lmvSTNelfqUk/VZO+8f9trGv6XM3yp2vSZ2vSH65Jf6wm/UxN+tdr0h+vSX+iJn2+Jv2g+1qOh7X+MMxiv5G+/zA8yvWfbt//qZp0YHDFfp3j9/sbNenA4Ho0nxPz/YYhVHVusSOeby/ncd/K8bs5/iDHHz+wArIXvpnjb+X42zn+To7P5nghx4s5zn1DVimt7EUx2WW//ufJ0zeqzfv8jof0Xu+Hjc8DxHZizvVYnnh9brv34073mM+Dyn+Hj4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxG2/A7N9+++O+p7/9obXi2NXVu/XU0jy2llJoppSqPj4b1rYxvxJ9/eu1Sp7hK59dfy3h67k5r2aNry6e5dCtNpOc/mb7x8ofPLr8/eX3y4pvzt3e73gAAADBM/h8AAP//YBflyA==") lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000002440)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="020000", @ANYRES32=0xee00, @ANYRESOCT=r0, @ANYRES32=0x0, @ANYRES8=r1, @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) write$sndseq(r4, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick=0x79, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time}], 0x70) renameat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000180)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140)='proc\x00', 0x0, 0x0) syz_mount_image$fuse(&(0x7f00000003c0), &(0x7f0000000080)='./file0\x00', 0x2304023, &(0x7f00000001c0)=ANY=[], 0x8, 0x0, 0x0) mount(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000280)='proc\x00', 0x0, 0x0) pivot_root(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00') bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000ec0)={r0, r5, 0x0, 0xf, &(0x7f0000000e40)=':@\'$-.+@\'+,\\&\\\x00'}, 0x30) read$FUSE(r5, &(0x7f000000ac40)={0x2020}, 0x2020) 6.076862767s ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") creat(0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x19, &(0x7f0000000880), 0x4) 5.938986518s ago: executing program 3: mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000030000005800018044000400200001000a00000000000000000000000000003a000040000000000100000000200002000a00000000000000fe880000000000000000000000000001000000000d0001007564703a73"], 0x6c}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x3c, r2, 0x923, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp}]}, 0x3c}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_DELETE(r5, 0x0, 0x0) r6 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r8 = openat$cgroup_int(r7, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0) r9 = openat$cgroup_ro(r7, &(0x7f0000000140)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) sendfile(r8, r9, 0x0, 0x7ffff000) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) 5.28117516s ago: executing program 3: bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xc, 0xff, 0x7, 0x1, 0x1240, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x4}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)=ANY=[@ANYRES64=r0], 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3f, 0xc, 0x7}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d40)={{r1}, &(0x7f0000000400), &(0x7f0000000980)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000180)=@name={0x1e, 0x2, 0x0, {{0x41}, 0x4}}, 0x10) r3 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) close(r2) creat(&(0x7f0000000040)='./file0\x00', 0x143) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) 4.885655211s ago: executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000100)={0x0, "5660359c3245d11f0000000000000000000000000f00", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000000)={0x0, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f0000000340)={"0180000000000000f2e2ad238a7b44a8d886010284ed9208000000affbf514fd", r6, 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r7, 0xc0383e04, &(0x7f0000000280)={""/32, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)}) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r2, 0x5423, &(0x7f0000000000)) openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10) madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xc) 4.148801476s ago: executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prctl$PR_SET_MM_AUXV(0x49, 0xc, 0x0, 0x0) r0 = gettid() r1 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r1, 0x0, 0x0) sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10001) 3.432437307s ago: executing program 2: pwritev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000340)}], 0x1, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000002400)={{}, 0x0, 0x12, @unused=[0x7f, 0x3, 0x4f000, 0x200], @subvolid}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000027c00000400000014000180060006008847000008001c"], 0x2c}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x7a05, 0x1700) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x20, 0x52, 0x1, 0x0, 0x0, {0xa}, [@typed={0x4}, @typed={0x8, 0xaa, 0x0, 0x0, @pid}]}, 0x20}}, 0x0) write$cgroup_int(r3, &(0x7f0000000200), 0x18000) r5 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x20, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x14, 0x0, 0x4}, 0x14}}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), 0xffffffffffffffff) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), r6) sendmsg$NL802154_CMD_SET_TX_POWER(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000140)={0x1c, r7, 0x400, 0x0, 0x0, {0x1d}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r9) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r11, 0x8933, &(0x7f0000000340)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x50, r10, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r12}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x50}, 0x4, 0x700000000000000}, 0x0) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r8, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r12}]}, 0x1c}, 0x1, 0x0, 0x0, 0x84000}, 0x20048010) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r13 = socket(0xa, 0x6, 0x0) getsockopt$inet6_mreq(r13, 0x10d, 0xa4, 0x0, &(0x7f0000000080)) 3.215631221s ago: executing program 2: bind$inet(0xffffffffffffffff, 0x0, 0x0) socket(0x22, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x0, 0x0) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000a40)={0x0, 0x0}) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f0000003440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000200)=0x3e) fcntl$setsig(r3, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r4}], 0x1, 0xfffffffffffffff8) dup2(r3, r4) fcntl$setown(r4, 0x8, r2) tkill(r2, 0x14) add_key(0x0, 0x0, &(0x7f0000000100)="01000000100000000000006bb55a2a630b00c145f9", 0x15, 0xffffffffffffffff) 2.980812247s ago: executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298900000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24490a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1fcff7a1ef3282837771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969cc1595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d400000000000004011c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0890700eef552fcde2981f48c482bde8a168c3f5db2eaa6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000100000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed90868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c83ae45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422636f949e2ab8f162d7e3f855e378f4a1f40bc96fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df775e411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8605000000000000003fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373eaea36546791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf00000000f3ffffffffffff12a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca0000000000000000000090044ed83fec890f693d54e1c0adf7b3fe6cfcf3b9873cecd116826f1be38a8d61d866516197c199d5a3721a378de95d5c25b3887a271db57518e630dd132a518a3b2490b3a9ac177d286502aa73eb67275de3523ce65e50b67a3820faaab5e7b22850c8265b44085a0d2d3c734712591007e15d7f0b2cd7eb796e8f4318d2eb8343c5176056000000000000000000000007444a9a2b71016c9cf336078fa3fcfbdf4dcfc2f5acc09ad13dda373957ab7ed731565049f1d18bcba118079dc5307fa972f19cdf463cbf159985aeb0d92fceb4d62956f6de3f2a416a74"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3208012, &(0x7f0000001540)={[{@dioread_nolock}, {@jqfmt_vfsold}, {@grpid}, {@barrier}]}, 0x1, 0x551, &(0x7f0000000740)="$eJzs3c+PG1cdAPDvzP7wNk27CfQAFZAAhYCi2Fmnjape2lxAqKqEqDggDumy66yW2HGIvaW7RGJ74g8ACSRO8CdwQOKA1BMHbhyROCCkckAKEIGyiB8ymvHsxt21iam9drP+fKTJ/Hie+X5fNuP3/GbjF8DMOh8RuxGxGBFvRMRycTwplnilu2Sve3D/7tre/btrSXQ6r/8lycuzY9FzTubJ4ppLEfGVL0Z8Izkat7W9c3O1Xq/dKfYr7cbtSmt759JmY3WjtlG7Va1eXbl6+cUrL1THVtdzjZ/d+8Lmq1/95S8+/u5vdj//nSyt00VZbz3GqVv1hYM4mfmIePU4gk3BXLFenHIevD9pRHwoIj6V3//LMZf/6wQATrJOZzk6y737AMBJl+ZjYElajog0LToB5e4Y3jNxKq03W+2LN5pbt9a7Y2VnYiG9sVmvXT5b+t238hcvJNn+Sl6Wl+f71UP7VyLibET8oPREvl9ea9bXp9PlAYCZ9+R++7/8vfxZwN9LaVouD3Vqn6d6AMBjY2naCQAAE6f9B4DZo/0HgNkzRPtfPOzfPfZcAIDJ8PkfAGbPgPa/NOk8AIDJ8fkfAGbKl197LVs6e8X3X6+/ub11s/nmpfVa62a5sbVWXmveuV3eaDY38u/saTzqevVm8/bK87H1VqVda7Urre2d643m1q329fx7va/XFiZSKwDgfzl77p3fJhGx+9IT+RI9czloq+FkS6edADA1c6OcrIMAjzWzfcHsGqoJzzsJvz72XIDpSOKfRw8u9d18rx/9H0H8nhF8oFz4aD7+/59hxv/N8Qwni/F/mF3vb/z/5bHnAUye8X+YXZ1OcnjO/8WDIgDgRBrhV/g63x1XJwSYqkdN5j2W5/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwwpyOiG9GkpbzucDT7M+0XI54KiLOxEJyY7NeuxwRT8e5iFgoZfsr004aABhR+qekmP/rwvJzpw+XLib/KOXriPj2j1//4Vur7fadlez4Xw+Ol/anD6s+PG+EeQUBgDHL2+9qse75IP/g/t21/WWS+dy7Fv8upiJe27t/N1+6JfORHYxYyvsSp/6WxHxxzlJEPBsRc2OIv/t2RHykX/2TfGzkTDHzaW/8KGI/NdH46Xvip3lZd511vj48hlxg1rxzLSJe6Xf/pXE+X/e//5fyd6jR3bvWvdj+e99eT/z5ItJcn/jZPX9+2BjP/+pLRw52lrtlb0c8O98vfnIQPxkQ/7kh4//+Y5/4/ssDyjo/ibgQ/eP3xqq0G7crre2dS5uN1Y3aRu1WtXp15erlF6+8UK3kY9SV/ZHqo/780sWnB+WW1f/UgPhLfeu/eHDuZ4as/0//9cbXP/lwt3Q4/uc+3f/n/0zf+F1Zm/jZIeOvnvr5wOm7s/jrA+r/qJ//xSHjv/vHnfUhXwoATEBre+fmar1euzPSRvYpdBzXObKRpTjci/e7i6MF/UOMMfnFoZPvv7FwXH+rx74xf9BXHO+Vv5ZdccLVScdei5E2Hkwq1vTek4DJeHjTTzsTAAAAAAAAAAAAAABgkEn816Vp1xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICT678BAAD//6SBzcw=") r1 = open(0x0, 0x0, 0x0) getdents(r1, &(0x7f0000001fc0)=""/184, 0x6d) mkdirat$cgroup(0xffffffffffffff9c, &(0x7f0000000000)='syz0\x00', 0x1ff) 2.908375909s ago: executing program 2: prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_SERVICE(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r4, 0x1, 0x0, 0x0, {0x11}}, 0x14}}, 0x0) 2.484147874s ago: executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x28, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) r2 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r2, &(0x7f00000007c0)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='~', 0x1}], 0x1}}, {{&(0x7f00000022c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000600)=[{&(0x7f0000002300)="ef", 0x1}], 0x1}}, {{&(0x7f00000003c0)={0x2, 0x0, @private=0xa010103}, 0x10, &(0x7f0000000780)=[{&(0x7f00000006c0)='o', 0x1}], 0x1}}], 0x3, 0x0) r3 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, r4}, 0x10) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, r5, 0x5}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000600), &(0x7f0000000040)=@tcp6}, 0x20) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) 2.417818984s ago: executing program 3: socket$nl_route(0x10, 0x3, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$inet6_icmp(0xa, 0x2, 0x3a) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801279a756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32, @ANYRES64=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000ecff850000000400000018110000", @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpu.stat\x00', 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYRES32=0x0, @ANYBLOB="93630100200501001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}}, 0x0) 2.097919574s ago: executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x28, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r3 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r3, &(0x7f00000007c0)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='~', 0x1}], 0x1}}, {{&(0x7f00000022c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000600)=[{&(0x7f0000002300)="ef", 0x1}], 0x1}}, {{&(0x7f00000003c0)={0x2, 0x0, @private=0xa010103}, 0x10, &(0x7f0000000780)=[{&(0x7f00000006c0)='o', 0x1}], 0x1}}], 0x3, 0x0) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000002c0), 0x10) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r4, 0x5}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000600), &(0x7f0000000040)=@tcp6}, 0x20) syz_open_procfs(0x0, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1.911681683s ago: executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000217100000001010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000016d8ce4db711d5e46c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e30000000000000000000000014000100677265e52ea619052f9c0800000004000800014000"], 0x4b0}}, 0x0) 1.02627948s ago: executing program 0: syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="00058639aa6f0bfbe4b28434ef119376977b00fffbcec7a5fc1f5a72d4fe24156a9f971990e4f372b7"], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000b80)='./bus\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_misc(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="8bb177c20a7c0c41007fa6f380d6f8b97ae2cf9896190100a374161faa080fe7ad1f72346e94c92d5131d228a38e59ce76f73bcd4623d6dac88ba791d4d4dedc2b"], 0xed) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) 1.020159811s ago: executing program 3: prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_SERVICE(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r4, 0x1, 0x0, 0x0, {0x11}}, 0x14}}, 0x0) 845.733608ms ago: executing program 4: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prctl$PR_SET_MM_AUXV(0x49, 0xc, 0x0, 0x0) r0 = gettid() r1 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r1, 0x0, 0x0) sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10001) 730.058556ms ago: executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4) r2 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="60000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="7b130000000000003800128008000100677470002c00028008000100", @ANYRES32, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="080003000800000008000100", @ANYRES32=r1], 0x60}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 655.451808ms ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") creat(0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x19, &(0x7f0000000880), 0x4) 392.471609ms ago: executing program 0: bind$inet(0xffffffffffffffff, 0x0, 0x0) socket(0x22, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x0, 0x0) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000a40)={0x0, 0x0}) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f0000003440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000200)=0x3e) fcntl$setsig(r3, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r4}], 0x1, 0xfffffffffffffff8) dup2(r3, r4) fcntl$setown(r4, 0x8, r2) tkill(r2, 0x14) add_key(0x0, 0x0, &(0x7f0000000100)="01000000100000000000006bb55a2a630b00c145f9", 0x15, 0xffffffffffffffff) 123.12616ms ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r1, &(0x7f0000000000), 0x100000008) writev(r1, &(0x7f0000004600), 0x0) 0s ago: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000100)={0x0, "5660359c3245d11f0000000000000000000000000f00", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000000)={0x0, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f0000000340)={"0180000000000000f2e2ad238a7b44a8d886010284ed9208000000affbf514fd", r6, 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r7, 0xc0383e04, &(0x7f0000000280)={""/32, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)}) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r2, 0x5423, &(0x7f0000000000)) openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10) madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xc) kernel console output (not intermixed with test programs): from 0 to 512 [ 529.164426][ T5521] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 529.172552][ T9414] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 529.191430][ T9414] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 529.386333][ T9417] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 529.446845][ T9411] loop0: detected capacity change from 0 to 4096 [ 529.462234][ T9411] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 529.474975][ T9414] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 529.488148][ T9411] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 529.495416][ T9411] ntfs3: loop0: Failed to load $BadClus. [ 529.564035][ T9414] ext4 filesystem being mounted at /root/syzkaller-testdir3787652431/syzkaller.KOXNB4/144/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 529.600802][ T9414] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz-executor.1: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 529.701110][ T9414] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 12: comm syz-executor.1: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 529.748652][ T9428] loop0: detected capacity change from 0 to 512 [ 529.777855][ T9428] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 15 [ 529.795035][ T9424] EXT4-fs error (device loop1): ext4_do_update_inode:5210: inode #2: comm syz-executor.1: corrupted inode contents [ 529.795128][ T9428] ext4_test_bit(bit=14, block=5) = 0 [ 529.827850][ T9428] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 529.829466][ T9424] EXT4-fs error (device loop1): ext4_dirty_inode:6072: inode #2: comm syz-executor.1: mark_inode_dirty error [ 529.848863][ T9424] EXT4-fs error (device loop1): ext4_do_update_inode:5210: inode #2: comm syz-executor.1: corrupted inode contents [ 530.034928][ T9424] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz-executor.1: mark_inode_dirty error [ 530.918424][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 530.930616][ T8955] EXT4-fs (loop0): unmounting filesystem. [ 531.670554][ T9438] loop1: detected capacity change from 0 to 512 [ 531.731321][ T9438] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 256 (level 2) [ 531.749630][ T9438] EXT4-fs (loop1): 2 truncates cleaned up [ 531.755670][ T9438] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 531.933260][ T9444] loop0: detected capacity change from 0 to 512 [ 531.954902][ T26] audit: type=1800 audit(1718798549.650:5711): pid=9438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 531.983860][ T9422] loop2: detected capacity change from 0 to 40427 [ 532.014344][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 532.238088][ T9422] F2FS-fs (loop2): Found nat_bits in checkpoint [ 532.259784][ T9449] can0: slcan on ttyS3. [ 532.932686][ T9455] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 532.976479][ T9455] device gtp2 entered promiscuous mode [ 533.078134][ T9452] can0 (unregistered): slcan off ttyS3. [ 533.386502][ T9464] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 533.444707][ T9467] loop0: detected capacity change from 0 to 1024 [ 533.843075][ T9445] loop4: detected capacity change from 0 to 32768 [ 533.872618][ T9445] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (9445) [ 534.359240][ T9445] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 534.389082][ T4590] hfsplus: b-tree write err: -5, ino 4 [ 534.401801][ T9445] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 534.582947][ T9445] BTRFS info (device loop4): force zlib compression, level 3 [ 534.597545][ T9445] BTRFS info (device loop4): force clearing of disk cache [ 534.604695][ T9445] BTRFS info (device loop4): setting nodatasum [ 534.932428][ T9445] BTRFS info (device loop4): allowing degraded mounts [ 535.013429][ T26] audit: type=1326 audit(1718798552.710:5712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9472 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd93c67cf29 code=0x0 [ 535.025436][ T9445] BTRFS info (device loop4): enabling disk space caching [ 535.227469][ T9445] BTRFS info (device loop4): disk space caching is enabled [ 535.668003][ T9494] loop2: detected capacity change from 0 to 4096 [ 535.682816][ T9494] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 535.687145][ T9445] BTRFS error (device loop4): open_ctree failed [ 536.415523][ T9494] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 536.477374][ T9494] ntfs3: loop2: Failed to load $BadClus. [ 536.504238][ T9506] loop3: detected capacity change from 0 to 512 [ 536.949996][ T9506] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 256 (level 2) [ 536.993774][ T9506] EXT4-fs (loop3): 2 truncates cleaned up [ 537.012940][ T9506] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 537.388986][ T26] audit: type=1800 audit(1718798555.090:5713): pid=9506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 537.428632][ T9520] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 537.460647][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 537.470906][ T9520] device gtp0 entered promiscuous mode [ 537.574421][ T9508] loop0: detected capacity change from 0 to 4096 [ 537.584323][ T9508] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 537.624807][ T9508] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 537.632129][ T9508] ntfs3: loop0: Failed to load $BadClus. [ 537.692358][ T9512] loop1: detected capacity change from 0 to 32768 [ 537.720565][ T9523] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 538.862968][ T9539] loop3: detected capacity change from 0 to 512 [ 538.953806][ T9539] EXT4-fs error (device loop3): ext4_orphan_get:1422: comm syz-executor.3: bad orphan inode 15 [ 539.252640][ T9539] ext4_test_bit(bit=14, block=5) = 0 [ 539.258842][ T9539] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 539.853838][ T9517] loop4: detected capacity change from 0 to 40427 [ 540.471135][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 540.495452][ T9540] loop2: detected capacity change from 0 to 4096 [ 541.044723][ T9551] loop0: detected capacity change from 0 to 32768 [ 541.067394][ T9551] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (9551) [ 541.307210][ T9551] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 541.320846][ T9551] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 541.330030][ T9551] BTRFS info (device loop0): using free space tree [ 541.633385][ T9551] BTRFS info (device loop0): enabling ssd optimizations [ 541.854367][ T26] audit: type=1326 audit(1718798559.550:5714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9552 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f096007cf29 code=0x0 [ 542.406088][ T8955] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 542.436108][ T9583] loop3: detected capacity change from 0 to 512 [ 542.505844][ T9544] loop1: detected capacity change from 0 to 32768 [ 542.546477][ T9583] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 256 (level 2) [ 542.557398][ T9544] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (9544) [ 542.590355][ T9583] EXT4-fs (loop3): 2 truncates cleaned up [ 542.596347][ T9583] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 542.788788][ T9544] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 542.839848][ T9544] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 542.877446][ T9544] BTRFS info (device loop1): force zlib compression, level 3 [ 542.908227][ T9587] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 542.930591][ T9544] BTRFS info (device loop1): force clearing of disk cache [ 542.951513][ T9587] device gtp1 entered promiscuous mode [ 542.952008][ T9544] BTRFS info (device loop1): setting nodatasum [ 542.974941][ T9544] BTRFS info (device loop1): allowing degraded mounts [ 542.984153][ T9544] BTRFS info (device loop1): enabling disk space caching [ 543.009232][ T9544] BTRFS info (device loop1): disk space caching is enabled [ 543.014586][ T9589] loop4: detected capacity change from 0 to 512 [ 543.203882][ T9589] EXT4-fs error (device loop4): ext4_orphan_get:1422: comm syz-executor.4: bad orphan inode 15 [ 543.211270][ T9608] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 543.245228][ T9589] ext4_test_bit(bit=14, block=5) = 0 [ 543.250758][ T26] audit: type=1800 audit(1718798560.940:5715): pid=9583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 543.305811][ T9589] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 543.318407][ T9544] BTRFS error (device loop1): open_ctree failed [ 543.352920][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 544.200985][ T8754] EXT4-fs (loop4): unmounting filesystem. [ 544.372050][ T9575] loop2: detected capacity change from 0 to 1024 [ 544.906520][ T26] audit: type=1326 audit(1718798562.600:5716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9618 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f096007cf29 code=0x0 [ 545.365061][ T9612] loop0: detected capacity change from 0 to 40427 [ 545.507550][ T9612] F2FS-fs (loop0): Found nat_bits in checkpoint [ 545.665483][ T9612] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 546.590302][ T9646] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 546.880554][ T9646] device gtp1 entered promiscuous mode [ 546.890577][ T9644] loop4: detected capacity change from 0 to 1024 [ 547.490812][ T9641] loop1: detected capacity change from 0 to 4096 [ 547.540710][ T9641] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 547.567746][ T9651] loop3: detected capacity change from 0 to 256 [ 547.611207][ T9641] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 547.643955][ T9651] exFAT-fs (loop3): invalid fs_name [ 547.656522][ T9641] ntfs3: loop1: Failed to load $BadClus. [ 547.666491][ T9651] exFAT-fs (loop3): failed to read boot sector [ 547.673774][ T9651] exFAT-fs (loop3): failed to recognize exfat type [ 547.786325][ T9654] loop4: detected capacity change from 0 to 512 [ 547.954977][ T9654] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz-executor.4: invalid indirect mapped block 256 (level 2) [ 548.018482][ T9654] EXT4-fs (loop4): 2 truncates cleaned up [ 548.024357][ T9654] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 548.119993][ T9658] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 548.132651][ T9651] loop3: detected capacity change from 0 to 4096 [ 548.202831][ T3987] hfsplus: b-tree write err: -5, ino 4 [ 548.257933][ T9651] NILFS (loop3): invalid segment: Checksum error in segment payload [ 548.266065][ T9651] NILFS (loop3): trying rollback from an earlier position [ 548.395674][ T9651] NILFS (loop3): recovery complete [ 548.439347][ T9664] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 549.161078][ T9666] loop2: detected capacity change from 0 to 32768 [ 552.968944][ T9656] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 553.000280][ T9666] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (9666) [ 553.022434][ T26] audit: type=1800 audit(1718798570.720:5717): pid=9654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 553.045979][ T9666] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 553.056476][ T9666] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 553.065610][ T9666] BTRFS error (device loop2): unrecognized mount option 'dont_appraise' [ 553.080599][ T9666] BTRFS error (device loop2): open_ctree failed [ 553.252500][ T8754] EXT4-fs (loop4): unmounting filesystem. [ 554.521987][ T9687] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 554.675941][ T9687] device gtp3 entered promiscuous mode [ 556.203846][ T9689] loop3: detected capacity change from 0 to 4096 [ 556.238983][ T9689] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 556.277180][ T9700] loop2: detected capacity change from 0 to 4096 [ 556.334433][ T9689] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 556.353590][ T9703] loop0: detected capacity change from 0 to 512 [ 556.360408][ T9689] ntfs3: loop3: Failed to load $BadClus. [ 556.397460][ T9705] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 556.451971][ T9703] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 15 [ 556.473567][ T9703] ext4_test_bit(bit=14, block=5) = 0 [ 556.480203][ T9709] loop2: detected capacity change from 0 to 512 [ 556.508986][ T9703] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 556.509037][ T9709] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 556.713984][ T9709] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 556.875945][ T9709] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 557.484005][ T9709] ext4 filesystem being mounted at /root/syzkaller-testdir766479746/syzkaller.1bv6ST/10/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 557.960138][ T9717] loop3: detected capacity change from 0 to 32768 [ 557.978931][ T9717] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (9717) [ 558.039588][ T9709] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor.2: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 558.162957][ T9709] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 12: comm syz-executor.2: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 558.293516][ T9717] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 558.305199][ T9717] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 558.318205][ T9717] BTRFS error (device loop3): unrecognized mount option 'dont_appraise' [ 558.385128][ T9717] BTRFS error (device loop3): open_ctree failed [ 558.415500][ T9709] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 13: comm syz-executor.2: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 559.412068][ T8955] EXT4-fs (loop0): unmounting filesystem. [ 559.420531][ T9724] EXT4-fs error (device loop2): ext4_do_update_inode:5210: inode #2: comm syz-executor.2: corrupted inode contents [ 562.005057][ T9724] EXT4-fs error (device loop2): ext4_dirty_inode:6072: inode #2: comm syz-executor.2: mark_inode_dirty error [ 562.045772][ T9724] EXT4-fs error (device loop2): ext4_do_update_inode:5210: inode #2: comm syz-executor.2: corrupted inode contents [ 562.058669][ T9724] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz-executor.2: mark_inode_dirty error [ 562.113881][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 563.249762][ T9741] loop0: detected capacity change from 0 to 512 [ 563.341200][ T9741] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz-executor.0: invalid indirect mapped block 256 (level 2) [ 563.367524][ T9741] EXT4-fs (loop0): 2 truncates cleaned up [ 563.373316][ T9741] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 563.528550][ T26] audit: type=1326 audit(1718798581.230:5718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9749 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feef567cf29 code=0x0 [ 563.638499][ T26] audit: type=1800 audit(1718798581.340:5719): pid=9741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 563.699938][ T8955] EXT4-fs (loop0): unmounting filesystem. [ 563.820621][ T26] audit: type=1326 audit(1718798581.520:5720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9754 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4bb447cf29 code=0x0 [ 564.051542][ T9735] loop3: detected capacity change from 0 to 40427 [ 564.078083][ T9736] loop4: detected capacity change from 0 to 32768 [ 564.089796][ T9735] F2FS-fs (loop3): Found nat_bits in checkpoint [ 564.131295][ T9759] ebt_among: dst integrity fail: 200 [ 564.938100][ T9735] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 566.902617][ T9782] loop0: detected capacity change from 0 to 32768 [ 570.726072][ T1255] ieee802154 phy0 wpan0: encryption failed: -22 [ 570.735623][ T1255] ieee802154 phy1 wpan1: encryption failed: -22 [ 570.765856][ T9782] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (9782) [ 570.793706][ T9782] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 570.805027][ T9782] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 570.814183][ T9782] BTRFS error (device loop0): unrecognized mount option 'dont_appraise' [ 570.823672][ T9782] BTRFS error (device loop0): open_ctree failed [ 571.238091][ T9792] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.4'. [ 571.561943][ T9793] netlink: 'syz-executor.4': attribute type 17 has an invalid length. [ 574.499744][ T9816] loop1: detected capacity change from 0 to 4096 [ 574.548250][ T9816] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 574.650458][ T9816] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 574.682682][ T9816] ntfs3: loop1: Failed to load $BadClus. [ 575.435330][ T9824] loop2: detected capacity change from 0 to 4096 [ 575.568824][ T9824] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 576.256883][ T9835] loop1: detected capacity change from 0 to 32768 [ 580.081211][ T9824] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 580.119589][ T9824] ntfs3: loop2: Failed to load $BadClus. [ 580.388318][ T9840] netlink: 'syz-executor.0': attribute type 16 has an invalid length. [ 580.396742][ T9840] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 581.393503][ T9850] loop1: detected capacity change from 0 to 512 [ 582.546192][ T9850] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 256 (level 2) [ 582.657522][ T9850] EXT4-fs (loop1): 2 truncates cleaned up [ 583.017031][ T9850] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 583.539412][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 583.674461][ T9870] loop2: detected capacity change from 0 to 512 [ 583.711413][ T9870] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz-executor.2: bad orphan inode 15 [ 583.906962][ T9870] ext4_test_bit(bit=14, block=5) = 0 [ 583.912565][ T9870] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 584.737385][ T9864] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap [ 584.870625][ T9881] loop4: detected capacity change from 0 to 256 [ 584.891128][ T9881] FAT-fs (loop4): Unrecognized mount option "nnonumtail=1" or missing value [ 585.528267][ T9886] loop3: detected capacity change from 0 to 32768 [ 585.537886][ T3578] Bluetooth: hci1: command 0x0406 tx timeout [ 585.552651][ T9886] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (9886) [ 585.577670][ T9886] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 585.588138][ T9886] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 585.596814][ T9886] BTRFS error (device loop3): unrecognized mount option 'dont_appraise' [ 585.630556][ T9886] BTRFS error (device loop3): open_ctree failed [ 589.508539][ T9892] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 589.569462][ T9895] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 589.661936][ T9897] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 589.672538][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 589.684911][ T9897] device gtp4 entered promiscuous mode [ 589.864485][ T9899] loop2: detected capacity change from 0 to 2048 [ 589.905317][ T9899] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 589.935821][ T9906] loop3: detected capacity change from 0 to 512 [ 590.047457][ T9899] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 590.659290][ T9906] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 256 (level 2) [ 590.674121][ T9899] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 590.697910][ T9906] EXT4-fs (loop3): 2 truncates cleaned up [ 590.704812][ T9906] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 590.768506][ T9910] loop1: detected capacity change from 0 to 4096 [ 590.795580][ T9910] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 590.975826][ T26] audit: type=1800 audit(1718798608.670:5721): pid=9906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 591.004591][ T9910] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 591.039151][ T9910] ntfs3: loop1: Failed to load $BadClus. [ 591.146191][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 593.153944][ T9922] loop2: detected capacity change from 0 to 1024 [ 595.676010][ T9923] loop3: detected capacity change from 0 to 32768 [ 599.390919][ T9922] hfsplus: failed to load extents file [ 600.053943][ T9936] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 600.094841][ T9937] loop0: detected capacity change from 0 to 512 [ 600.141038][ T9937] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 15 [ 600.184054][ T9937] ext4_test_bit(bit=14, block=5) = 0 [ 600.210213][ T9937] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 600.219471][ T9943] loop3: detected capacity change from 0 to 256 [ 600.258979][ T9943] FAT-fs (loop3): Unrecognized mount option "nnonumtail=1" or missing value [ 600.406098][ T9943] loop3: detected capacity change from 0 to 8 [ 600.479909][ T9945] loop2: detected capacity change from 0 to 128 [ 600.487705][ T9943] SQUASHFS error: zstd decompression error: 10 [ 600.493969][ T9943] SQUASHFS error: zstd decompression failed, data probably corrupt [ 600.537502][ T9943] SQUASHFS error: Failed to read block 0x4ea: -5 [ 600.543980][ T9943] SQUASHFS error: Unable to read metadata cache entry [4e8] [ 600.545587][ T9945] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 600.554951][ T9948] loop1: detected capacity change from 0 to 2048 [ 600.570407][ T9948] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 600.579620][ T9943] SQUASHFS error: Unable to read inode 0x11f [ 600.588787][ T9948] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 600.749817][ T9948] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 600.760131][ T9945] ext4 filesystem being mounted at /root/syzkaller-testdir766479746/syzkaller.1bv6ST/23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 601.257999][ T8955] EXT4-fs (loop0): unmounting filesystem. [ 601.282770][ T3627] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 601.331309][ T9952] openvswitch: netlink: Message has 12 unknown bytes. [ 602.042827][ T3627] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.048853][ T9962] loop3: detected capacity change from 0 to 1024 [ 602.066521][ T9959] loop0: detected capacity change from 0 to 512 [ 602.109062][ T9959] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz-executor.0: invalid indirect mapped block 256 (level 2) [ 602.126057][ T9959] EXT4-fs (loop0): 2 truncates cleaned up [ 602.144493][ T9959] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 602.171030][ T3627] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.237637][ T9967] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. [ 602.610609][ T9970] loop1: detected capacity change from 0 to 32768 [ 606.538125][ T9941] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 606.828177][ T26] audit: type=1800 audit(1718798624.530:5722): pid=9959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 606.891903][ T3627] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.939964][ T8955] EXT4-fs (loop0): unmounting filesystem. [ 607.046777][ T9975] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 607.058843][ T9975] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 607.073604][ T9975] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 607.084495][ T9975] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 607.092364][ T9975] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 607.111753][ T9975] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 607.125045][ T9977] loop0: detected capacity change from 0 to 1024 [ 607.208290][ T9977] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 607.872962][ T9994] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 608.557585][ T9975] Bluetooth: hci0: command 0x0406 tx timeout [ 609.191454][ T9973] chnl_net:caif_netlink_parms(): no params data found [ 609.198386][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 609.215009][ T9975] Bluetooth: hci1: command tx timeout [ 609.548390][T10006] loop2: detected capacity change from 0 to 256 [ 609.564014][T10001] loop1: detected capacity change from 0 to 4096 [ 609.580422][T10006] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value [ 609.618640][ T8955] EXT4-fs error (device loop0): ext4_lookup:1859: inode #2: comm syz-executor.0: deleted inode referenced: 11 [ 609.641775][ T8955] EXT4-fs error (device loop0): ext4_lookup:1859: inode #2: comm syz-executor.0: deleted inode referenced: 11 [ 609.738546][T10006] loop2: detected capacity change from 0 to 8 [ 609.827088][T10006] SQUASHFS error: zstd decompression error: 10 [ 609.881327][T10002] loop3: detected capacity change from 0 to 4096 [ 609.897160][T10002] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 609.906998][T10006] SQUASHFS error: zstd decompression failed, data probably corrupt [ 609.915290][T10006] SQUASHFS error: Failed to read block 0x4ea: -5 [ 609.921832][T10006] SQUASHFS error: Unable to read metadata cache entry [4e8] [ 609.930104][T10006] SQUASHFS error: Unable to read inode 0x11f [ 609.949709][T10002] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 609.957047][T10002] ntfs3: loop3: Failed to load $BadClus. [ 610.184449][T10013] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. [ 610.392889][T10015] openvswitch: netlink: Message has 12 unknown bytes. [ 610.879365][T10016] loop1: detected capacity change from 0 to 32768 [ 612.555572][ T9975] Bluetooth: hci1: command tx timeout [ 612.980755][ T9973] bridge0: port 1(bridge_slave_0) entered blocking state [ 612.988101][ T9973] bridge0: port 1(bridge_slave_0) entered disabled state [ 613.053035][ T9973] device bridge_slave_0 entered promiscuous mode [ 613.088482][ T8955] EXT4-fs (loop0): unmounting filesystem. [ 613.132901][ T9973] bridge0: port 2(bridge_slave_1) entered blocking state [ 613.152419][T10022] loop2: detected capacity change from 0 to 512 [ 613.167356][ T9973] bridge0: port 2(bridge_slave_1) entered disabled state [ 613.175664][ T9973] device bridge_slave_1 entered promiscuous mode [ 613.366859][T10020] loop3: detected capacity change from 0 to 512 [ 614.252084][T10020] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 256 (level 2) [ 614.281331][T10020] EXT4-fs (loop3): 2 truncates cleaned up [ 614.296881][T10029] loop2: detected capacity change from 0 to 1024 [ 614.308093][ T9973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 614.330488][T10020] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 614.360396][ T3627] device hsr_slave_0 left promiscuous mode [ 614.377334][T10029] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 614.390617][ T3627] device hsr_slave_1 left promiscuous mode [ 614.407491][ T3627] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 614.414958][ T3627] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 614.425269][T10029] EXT4-fs (loop2): invalid journal inode [ 614.454893][ T3627] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 614.481021][ T3627] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 614.488630][T10029] EXT4-fs (loop2): can't get journal size [ 614.509203][T10029] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 614.519830][ T3627] device bridge_slave_1 left promiscuous mode [ 614.526071][ T3627] bridge0: port 2(bridge_slave_1) entered disabled state [ 614.577806][T10035] loop1: detected capacity change from 0 to 128 [ 614.588223][ T3627] device bridge_slave_0 left promiscuous mode [ 614.594435][ T3627] bridge0: port 1(bridge_slave_0) entered disabled state [ 614.602009][ T26] audit: type=1800 audit(1718798632.290:5723): pid=10020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 614.637370][ T9975] Bluetooth: hci1: command tx timeout [ 614.680627][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 614.690274][ T3627] device veth1_macvtap left promiscuous mode [ 614.696376][ T3627] device veth0_macvtap left promiscuous mode [ 614.708678][T10035] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 614.725168][T10035] ext4 filesystem being mounted at /root/syzkaller-testdir3787652431/syzkaller.KOXNB4/177/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 614.773343][ T3627] device veth1_vlan left promiscuous mode [ 614.786420][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 614.788144][ T3627] device veth0_vlan left promiscuous mode [ 614.976673][ T3578] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 614.997775][ T3578] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 615.008802][ T3578] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 615.021444][ T3578] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 615.036058][ T3578] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 615.056595][T10044] loop3: detected capacity change from 0 to 512 [ 615.070507][ T3578] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 615.120528][T10044] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 615.130010][T10044] ext4 filesystem being mounted at /root/syzkaller-testdir2926186391/syzkaller.otVqD7/154/bus supports timestamps until 2038 (0x7fffffff) [ 616.034731][ T3627] team0 (unregistering): Port device team_slave_1 removed [ 616.090608][ T3627] team0 (unregistering): Port device team_slave_0 removed [ 616.137634][ T3627] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 616.148469][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 616.175432][ T3627] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 616.375365][ T3627] bond0 (unregistering): Released all slaves [ 617.157996][ T3578] Bluetooth: hci1: command tx timeout [ 617.163518][ T3578] Bluetooth: hci0: command tx timeout [ 617.195658][ T9973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 617.225815][T10051] tipc: Started in network mode [ 617.269975][T10051] tipc: Node identity 000000000000003a0000400000000001, cluster identity 4711 [ 617.290333][T10051] tipc: Enabling of bearer rejected, failed to enable media [ 617.350612][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 617.364177][T10063] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.3'. [ 618.049121][T10067] loop3: detected capacity change from 0 to 32768 [ 621.726657][ T3578] Bluetooth: hci0: command tx timeout [ 621.887507][ T9973] team0: Port device team_slave_0 added [ 621.970892][ T9973] team0: Port device team_slave_1 added [ 622.536102][ T9973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 622.543741][ T9973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 622.577353][ T9973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 622.645891][ T9973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 622.683857][ T9973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 622.689117][T10071] loop1: detected capacity change from 0 to 4096 [ 622.729967][T10071] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 622.746853][ T9973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 622.782117][T10071] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 622.806843][T10071] ntfs3: loop1: Failed to load $BadClus. [ 622.891823][ T9973] device hsr_slave_0 entered promiscuous mode [ 622.943612][ T9973] device hsr_slave_1 entered promiscuous mode [ 622.954364][ T9973] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 622.962308][ T9973] Cannot create hsr debugfs directory [ 623.104772][T10084] loop2: detected capacity change from 0 to 512 [ 623.170869][T10084] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 256 (level 2) [ 623.186816][T10084] EXT4-fs (loop2): 2 truncates cleaned up [ 623.195170][T10084] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 623.767661][ T3578] Bluetooth: hci0: command tx timeout [ 623.826542][ T26] audit: type=1800 audit(1718798641.520:5724): pid=10084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 623.830664][T10040] chnl_net:caif_netlink_parms(): no params data found [ 623.899595][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 624.316285][T10040] bridge0: port 1(bridge_slave_0) entered blocking state [ 624.329804][T10040] bridge0: port 1(bridge_slave_0) entered disabled state [ 624.346674][T10040] device bridge_slave_0 entered promiscuous mode [ 624.396601][T10040] bridge0: port 2(bridge_slave_1) entered blocking state [ 624.406605][T10040] bridge0: port 2(bridge_slave_1) entered disabled state [ 624.422472][T10040] device bridge_slave_1 entered promiscuous mode [ 624.506622][T10040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 624.549437][T10040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 624.643492][T10040] team0: Port device team_slave_0 added [ 624.672651][T10040] team0: Port device team_slave_1 added [ 624.750153][T10040] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 624.766790][T10040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 624.834310][T10040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 624.924818][T10095] loop2: detected capacity change from 0 to 40427 [ 624.976856][T10095] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 624.987493][T10095] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 625.006651][T10040] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 625.017382][T10040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 625.163530][T10095] F2FS-fs (loop2): Found nat_bits in checkpoint [ 625.436673][T10040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 625.677154][T10095] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 625.796108][T10095] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 625.869640][ T3578] Bluetooth: hci0: command tx timeout [ 625.934657][T10109] loop1: detected capacity change from 0 to 128 [ 625.962884][T10040] device hsr_slave_0 entered promiscuous mode [ 625.976577][T10040] device hsr_slave_1 entered promiscuous mode [ 625.984452][T10040] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 625.992798][T10040] Cannot create hsr debugfs directory [ 625.993738][T10109] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 626.040001][T10109] ext4 filesystem being mounted at /root/syzkaller-testdir3787652431/syzkaller.KOXNB4/182/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 626.102829][ T9973] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 626.140615][ T9973] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 626.356526][T10115] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 626.385617][ T9973] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 626.801351][T10119] loop3: detected capacity change from 0 to 32768 [ 630.724725][ T9973] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 631.077008][T10040] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 631.225766][T10040] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 631.782898][T10127] loop2: detected capacity change from 0 to 1024 [ 632.209250][ T9973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 632.317471][ T9973] 8021q: adding VLAN 0 to HW filter on device team0 [ 632.483455][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 632.508355][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 632.529154][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 632.545069][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 632.560384][ T7948] bridge0: port 1(bridge_slave_0) entered blocking state [ 632.567577][ T7948] bridge0: port 1(bridge_slave_0) entered forwarding state [ 632.583742][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 632.593027][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 632.609064][ T7948] bridge0: port 2(bridge_slave_1) entered blocking state [ 632.616230][ T7948] bridge0: port 2(bridge_slave_1) entered forwarding state [ 632.666062][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 632.694244][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 632.747921][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 632.796160][T10134] loop3: detected capacity change from 0 to 32768 [ 632.807665][ T9975] Bluetooth: hci2: command 0x0406 tx timeout [ 632.814679][T10134] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (10134) [ 632.839049][T10134] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 632.839588][T10040] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 632.849546][T10134] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 632.849584][T10134] BTRFS info (device loop3): using free space tree [ 632.908087][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 632.929602][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 632.993318][T10040] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.012377][T10149] loop2: detected capacity change from 0 to 512 [ 633.034784][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 633.053687][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 633.069658][T10149] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 256 (level 2) [ 633.078018][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 633.105266][T10149] EXT4-fs (loop2): 2 truncates cleaned up [ 633.111533][T10149] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 633.136726][T10134] BTRFS info (device loop3): enabling ssd optimizations [ 633.147999][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 633.168285][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 633.200814][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 633.228004][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 633.260059][ T9973] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 633.450171][T10134] dlm: no local IP address has been set [ 633.455862][T10134] dlm: cannot start dlm midcomms -107 [ 633.578451][ T6928] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 633.649537][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 633.846908][ T26] audit: type=1800 audit(1718798651.540:5725): pid=10149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 633.975485][T10040] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 634.004586][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 634.005815][T10040] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 634.078334][T10040] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 634.140361][T10040] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 634.575367][ T1255] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.582054][ T1255] ieee802154 phy1 wpan1: encryption failed: -22 [ 634.835021][T10170] loop1: detected capacity change from 0 to 1024 [ 634.868503][T10170] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 634.885069][T10168] loop2: detected capacity change from 0 to 4096 [ 634.889940][T10172] loop3: detected capacity change from 0 to 2048 [ 634.905958][T10168] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 634.918068][T10170] EXT4-fs (loop1): invalid journal inode [ 634.929074][T10170] EXT4-fs (loop1): can't get journal size [ 634.950933][T10172] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 634.955267][ T9973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 634.982764][T10170] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 634.993534][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 635.007553][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 635.012936][T10168] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 635.051995][T10172] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 635.079050][T10168] ntfs3: loop2: Failed to load $BadClus. [ 635.136030][T10172] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 636.211881][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 636.311432][T10183] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 636.430681][ T26] audit: type=1326 audit(1718798654.110:5726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10182 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feef567cf29 code=0x0 [ 636.999956][T10181] loop2: detected capacity change from 0 to 32768 [ 637.011611][T10181] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10181) [ 637.883150][T10200] loop3: detected capacity change from 0 to 32768 [ 637.897386][T10200] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (10200) [ 638.923361][T10200] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 638.933946][T10200] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 638.942879][T10200] BTRFS info (device loop3): using free space tree [ 638.971958][T10181] BTRFS error (device loop2): open_ctree failed [ 639.007069][T10040] 8021q: adding VLAN 0 to HW filter on device bond0 [ 639.104705][T10212] loop1: detected capacity change from 0 to 128 [ 639.184238][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 639.193250][T10212] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 639.193972][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 639.238704][T10212] ext4 filesystem being mounted at /root/syzkaller-testdir3787652431/syzkaller.KOXNB4/189/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 639.248785][T10040] 8021q: adding VLAN 0 to HW filter on device team0 [ 639.463901][ T9973] device veth0_vlan entered promiscuous mode [ 639.485229][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 639.502035][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 639.511408][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 639.519454][T10200] BTRFS info (device loop3): enabling ssd optimizations [ 639.529943][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 639.538941][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 639.554910][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 639.563926][ T4097] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.571113][ T4097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 639.827693][T10200] dlm: no local IP address has been set [ 639.833984][T10200] dlm: cannot start dlm midcomms -107 [ 639.873541][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 639.884236][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 639.902470][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 639.916749][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 639.979302][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 639.993611][ T3612] bridge0: port 2(bridge_slave_1) entered blocking state [ 640.000810][ T3612] bridge0: port 2(bridge_slave_1) entered forwarding state [ 640.011151][ T6928] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 640.020926][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 640.035820][ T9973] device veth1_vlan entered promiscuous mode [ 640.227818][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 640.236260][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 640.311136][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 640.572523][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 640.774173][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 640.898342][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 640.935477][ T9973] device veth0_macvtap entered promiscuous mode [ 641.024251][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 641.042801][T10236] loop2: detected capacity change from 0 to 4096 [ 641.063541][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 641.085588][T10238] loop3: detected capacity change from 0 to 512 [ 641.087979][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 641.112499][T10238] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 641.112715][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 641.142145][ T5516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 641.157298][T10238] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 641.160607][ T9973] device veth1_macvtap entered promiscuous mode [ 641.216613][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 641.230696][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 641.232678][T10238] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 641.261909][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.273087][T10238] ext4 filesystem being mounted at /root/syzkaller-testdir2926186391/syzkaller.otVqD7/165/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 641.293293][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.308362][T10238] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor.3: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 641.342303][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.373246][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.378645][T10238] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 12: comm syz-executor.3: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 641.393609][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.413049][T10243] loop2: detected capacity change from 0 to 1024 [ 641.418802][T10241] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #2: comm syz-executor.3: corrupted inode contents [ 641.434941][T10243] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 641.442466][T10241] EXT4-fs error (device loop3): ext4_dirty_inode:6072: inode #2: comm syz-executor.3: mark_inode_dirty error [ 641.464698][T10243] EXT4-fs (loop2): invalid journal inode [ 641.464807][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.474295][T10243] EXT4-fs (loop2): can't get journal size [ 641.493061][T10241] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #2: comm syz-executor.3: corrupted inode contents [ 641.507004][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.508714][T10243] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 641.525851][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.536775][T10241] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz-executor.3: mark_inode_dirty error [ 641.557442][T10238] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor.3: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 641.560852][ T9973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 641.590031][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 641.601520][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 641.610072][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 641.620057][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 641.630679][T10040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 641.648375][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 641.658556][ T3627] device hsr_slave_0 left promiscuous mode [ 641.666330][ T3627] device hsr_slave_1 left promiscuous mode [ 641.678921][T10238] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 14: comm syz-executor.3: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 641.743393][ T3627] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 641.765168][ T3627] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 641.774208][T10238] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 15: comm syz-executor.3: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 641.804868][ T3627] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 641.828684][ T3627] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 641.836972][T10238] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor.3: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 641.853723][ T3627] device bridge_slave_1 left promiscuous mode [ 642.252122][ T3627] bridge0: port 2(bridge_slave_1) entered disabled state [ 642.266530][ T3627] device bridge_slave_0 left promiscuous mode [ 642.275903][ T3627] bridge0: port 1(bridge_slave_0) entered disabled state [ 642.293952][ T3627] device veth1_macvtap left promiscuous mode [ 642.305861][ T3627] device veth0_macvtap left promiscuous mode [ 642.313631][ T3627] device veth1_vlan left promiscuous mode [ 642.326974][ T3627] device veth0_vlan left promiscuous mode [ 642.546125][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 642.593600][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 642.631458][ T26] audit: type=1326 audit(1718798660.330:5727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff46687cf29 code=0x0 [ 642.748787][ T3627] team0 (unregistering): Port device team_slave_1 removed [ 642.775442][ T3627] team0 (unregistering): Port device team_slave_0 removed [ 642.804600][ T3627] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 642.833544][ T3627] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 642.938510][ T3627] bond0 (unregistering): Released all slaves [ 642.994987][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.005953][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.023746][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.046870][T10264] loop3: detected capacity change from 0 to 512 [ 643.053339][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.064450][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.075124][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.093197][ T9973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 643.102743][T10249] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 643.137552][T10264] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 256 (level 2) [ 643.153572][T10249] device gtp5 entered promiscuous mode [ 643.168329][T10264] EXT4-fs (loop3): 2 truncates cleaned up [ 643.170284][ T5521] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 643.186316][T10264] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 643.194915][ T5521] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 643.254114][ T9973] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.280093][ T9973] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.313543][ T9973] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.330539][ T9973] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.677571][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 643.685135][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 643.771171][T10040] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 644.078865][ T26] audit: type=1800 audit(1718798661.770:5728): pid=10264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 644.120991][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 644.291468][T10276] loop2: detected capacity change from 0 to 32768 [ 644.306181][T10276] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10276) [ 644.323151][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 644.362876][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 644.375925][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 644.387904][T10040] device veth0_vlan entered promiscuous mode [ 644.402457][T10276] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 644.412865][T10276] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 644.414698][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 644.421637][T10276] BTRFS info (device loop2): using free space tree [ 644.445071][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 644.461478][T10278] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 644.479272][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 644.500898][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 644.509207][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 644.538413][T10278] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 644.559012][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 644.569532][T10285] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 644.606054][ T3987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 644.622015][ T3987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 644.650722][T10278] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 644.675807][T10294] loop3: detected capacity change from 0 to 128 [ 644.685057][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 644.703778][T10040] device veth1_vlan entered promiscuous mode [ 644.725788][T10285] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 644.779541][T10276] BTRFS info (device loop2): enabling ssd optimizations [ 644.800740][T10294] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 644.817424][T10278] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 644.835796][T10294] ext4 filesystem being mounted at /root/syzkaller-testdir2926186391/syzkaller.otVqD7/168/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 644.931648][T10276] dlm: no local IP address has been set [ 644.937391][T10276] dlm: cannot start dlm midcomms -107 [ 645.064332][ T7182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 645.078231][ T7182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 645.090210][ T9187] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 645.100947][T10040] device veth0_macvtap entered promiscuous mode [ 645.119078][T10278] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 645.182015][T10301] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 645.351090][T10040] device veth1_macvtap entered promiscuous mode [ 645.518201][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 645.539575][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 645.800533][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 645.875255][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 645.890857][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 645.904538][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 645.935327][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 645.966944][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 645.984526][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 646.015365][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.072946][T10040] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 646.110266][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 646.148215][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.180528][T10307] loop4: detected capacity change from 0 to 512 [ 646.187306][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 646.187330][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.187356][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 646.187376][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.187394][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 646.187408][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.189046][T10040] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 646.286769][T10307] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 646.333287][T10307] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 646.405580][T10307] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 646.411958][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 646.426413][T10307] ext4 filesystem being mounted at /root/syzkaller-testdir2998077695/syzkaller.F2ogxj/1/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 646.570891][T10307] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 646.608714][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 646.618227][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 646.627921][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 646.640157][T10040] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 646.653017][T10307] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz-executor.4: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 646.675346][T10040] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 646.676527][T10315] loop1: detected capacity change from 0 to 1024 [ 646.684946][T10040] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 646.719041][T10317] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #2: comm syz-executor.4: corrupted inode contents [ 646.725105][T10315] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 646.737408][T10040] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 646.750629][T10317] EXT4-fs error (device loop4): ext4_dirty_inode:6072: inode #2: comm syz-executor.4: mark_inode_dirty error [ 646.777423][T10315] EXT4-fs (loop1): invalid journal inode [ 646.784469][T10317] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #2: comm syz-executor.4: corrupted inode contents [ 646.790677][T10315] EXT4-fs (loop1): can't get journal size [ 646.809128][T10317] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz-executor.4: mark_inode_dirty error [ 646.850773][T10307] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 646.881387][T10307] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz-executor.4: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 646.916589][T10315] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 646.987386][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 647.007555][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 647.082681][ T7499] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 647.128065][ T3987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 647.143932][ T3987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 647.173545][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 647.204561][ T9973] EXT4-fs (loop4): unmounting filesystem. [ 647.524444][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 647.563433][T10323] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 647.731397][T10326] device gtp0 entered promiscuous mode [ 647.993519][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 648.202050][T10336] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 648.465070][T10340] loop1: detected capacity change from 0 to 1024 [ 648.831079][T10343] loop2: detected capacity change from 0 to 32768 [ 648.838911][T10343] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10343) [ 648.857422][T10343] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 648.867622][T10343] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 648.876548][T10343] BTRFS info (device loop2): using free space tree [ 648.986286][T10353] loop0: detected capacity change from 0 to 512 [ 648.992236][T10340] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 650.059441][T10343] BTRFS info (device loop2): enabling ssd optimizations [ 650.144766][T10343] dlm: no local IP address has been set [ 650.150526][T10343] dlm: cannot start dlm midcomms -107 [ 650.237699][ T26] audit: type=1326 audit(1718798667.790:5729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10381 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d1567cf29 code=0x0 [ 650.288956][ T9187] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 650.513385][ T26] audit: type=1804 audit(1718798668.210:5730): pid=10389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2017940331/syzkaller.8Opoio/2/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0 [ 650.674962][ T6416] EXT4-fs error (device loop1): ext4_lookup:1859: inode #2: comm syz-executor.1: deleted inode referenced: 11 [ 650.718656][ T6416] EXT4-fs error (device loop1): ext4_lookup:1859: inode #2: comm syz-executor.1: deleted inode referenced: 11 [ 651.045117][T10395] __nla_validate_parse: 7 callbacks suppressed [ 651.045139][T10395] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 651.070667][T10395] device gtp1 entered promiscuous mode [ 651.155398][T10397] loop3: detected capacity change from 0 to 1024 [ 651.161244][T10401] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 651.187417][ T6416] EXT4-fs (loop1): unmounting filesystem. [ 651.204989][T10399] loop0: detected capacity change from 0 to 4096 [ 651.222391][T10397] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 651.245743][T10397] EXT4-fs (loop3): invalid journal inode [ 651.251794][ T3987] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.275331][T10399] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 651.291119][T10397] EXT4-fs (loop3): can't get journal size [ 651.314780][T10397] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 651.469737][ T3987] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.492520][T10408] loop4: detected capacity change from 0 to 256 [ 651.512267][T10408] FAT-fs (loop4): Unrecognized mount option "nnonumtail=1" or missing value [ 651.687534][T10408] loop4: detected capacity change from 0 to 8 [ 651.742802][ T3987] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.762448][T10408] SQUASHFS error: zstd decompression error: 10 [ 651.868019][T10408] SQUASHFS error: zstd decompression failed, data probably corrupt [ 651.877420][T10408] SQUASHFS error: Failed to read block 0x4ea: -5 [ 651.947339][T10408] SQUASHFS error: Unable to read metadata cache entry [4e8] [ 652.092087][T10408] SQUASHFS error: Unable to read inode 0x11f [ 652.126480][ T3987] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 652.217614][ T26] audit: type=1800 audit(1718798669.900:5731): pid=10399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file0" dev="loop0" ino=13 res=0 errno=0 [ 652.424984][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 652.465460][ T3578] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 652.487286][ T3578] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 652.731252][T10040] EXT4-fs (loop0): unmounting filesystem. [ 653.046419][T10419] loop2: detected capacity change from 0 to 32768 [ 653.077802][T10419] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10419) [ 653.099922][ T3581] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 653.112334][T10419] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 653.123157][T10419] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 653.131969][T10419] BTRFS info (device loop2): using free space tree [ 653.238062][ T3581] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 653.245903][ T3581] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 653.255242][ T3578] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 653.304385][ T3987] tipc: Left network mode [ 653.392908][ T26] audit: type=1326 audit(1718798671.090:5732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x0 [ 653.511354][ T26] audit: type=1326 audit(1718798671.210:5733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10428 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d1567cf29 code=0x0 [ 653.560136][T10418] chnl_net:caif_netlink_parms(): no params data found [ 653.594594][T10419] BTRFS info (device loop2): enabling ssd optimizations [ 653.655468][T10419] dlm: no local IP address has been set [ 653.661477][T10419] dlm: cannot start dlm midcomms -107 [ 653.730484][ T9187] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 653.824390][ T26] audit: type=1804 audit(1718798671.520:5734): pid=10456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2998077695/syzkaller.F2ogxj/8/cgroup.controllers" dev="sda1" ino=1945 res=1 errno=0 [ 654.076189][T10418] bridge0: port 1(bridge_slave_0) entered blocking state [ 654.092585][T10418] bridge0: port 1(bridge_slave_0) entered disabled state [ 654.104010][T10418] device bridge_slave_0 entered promiscuous mode [ 654.133801][T10418] bridge0: port 2(bridge_slave_1) entered blocking state [ 654.153529][T10418] bridge0: port 2(bridge_slave_1) entered disabled state [ 654.164505][T10418] device bridge_slave_1 entered promiscuous mode [ 654.262378][T10418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 654.327782][T10464] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 654.339797][T10418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 654.452396][T10418] team0: Port device team_slave_0 added [ 654.478764][T10468] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 654.516342][T10468] device gtp2 entered promiscuous mode [ 654.586881][T10418] team0: Port device team_slave_1 added [ 654.824226][T10478] loop2: detected capacity change from 0 to 1024 [ 654.903062][T10478] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 654.950766][T10462] loop3: detected capacity change from 0 to 32768 [ 654.967029][T10478] EXT4-fs (loop2): invalid journal inode [ 654.968266][T10462] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (10462) [ 654.995150][T10478] EXT4-fs (loop2): can't get journal size [ 655.011548][T10462] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 655.016280][T10418] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 655.035905][T10462] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 655.054182][T10484] loop0: detected capacity change from 0 to 256 [ 655.064099][T10418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 655.082005][T10462] BTRFS info (device loop3): force zlib compression, level 3 [ 655.099051][T10462] BTRFS info (device loop3): force clearing of disk cache [ 655.100228][T10478] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 655.106371][T10462] BTRFS info (device loop3): setting nodatasum [ 655.121956][T10462] BTRFS info (device loop3): allowing degraded mounts [ 655.128937][T10462] BTRFS info (device loop3): enabling disk space caching [ 655.136000][T10462] BTRFS info (device loop3): disk space caching is enabled [ 655.144897][T10418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 655.145444][T10484] FAT-fs (loop0): Unrecognized mount option "nnonumtail=1" or missing value [ 655.207860][T10418] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 655.215314][T10418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 655.257780][T10484] loop0: detected capacity change from 0 to 8 [ 655.285398][T10484] SQUASHFS error: zstd decompression error: 10 [ 655.292352][ T3581] Bluetooth: hci4: command tx timeout [ 655.334430][T10484] SQUASHFS error: zstd decompression failed, data probably corrupt [ 655.343514][T10418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 655.377824][T10484] SQUASHFS error: Failed to read block 0x4ea: -5 [ 655.384233][T10484] SQUASHFS error: Unable to read metadata cache entry [4e8] [ 655.430665][T10484] SQUASHFS error: Unable to read inode 0x11f [ 655.443461][ T3987] device hsr_slave_0 left promiscuous mode [ 655.461622][ T3987] device hsr_slave_1 left promiscuous mode [ 655.858924][T10462] BTRFS info (device loop3): rebuilding free space tree [ 655.874670][ T3987] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 656.162229][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 656.175087][ T3987] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 656.269120][T10462] BTRFS info (device loop3): disabling free space tree [ 656.286385][ T3987] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 656.296498][T10462] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 656.316727][ T3987] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 656.336975][T10462] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 656.360881][ T3987] device bridge_slave_1 left promiscuous mode [ 656.413785][ T3987] bridge0: port 2(bridge_slave_1) entered disabled state [ 656.452886][ T3987] device bridge_slave_0 left promiscuous mode [ 656.472782][ T3987] bridge0: port 1(bridge_slave_0) entered disabled state [ 656.601596][T10509] loop4: detected capacity change from 0 to 128 [ 656.641140][T10509] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 656.694436][T10509] ext4 filesystem being mounted at /root/syzkaller-testdir2998077695/syzkaller.F2ogxj/11/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 656.733169][T10515] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 657.248423][ T3987] device veth1_macvtap left promiscuous mode [ 657.254839][ T3987] device veth0_macvtap left promiscuous mode [ 657.279139][ T3987] device veth1_vlan left promiscuous mode [ 657.311690][ T3987] device veth0_vlan left promiscuous mode [ 657.368253][ T3581] Bluetooth: hci4: command tx timeout [ 658.118248][ T3987] bond1 (unregistering): Released all slaves [ 658.399181][ T3987] team0 (unregistering): Port device team_slave_1 removed [ 658.429994][ T3987] team0 (unregistering): Port device team_slave_0 removed [ 658.454888][ T3987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 658.496280][ T3987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 658.556853][ T9973] EXT4-fs (loop4): unmounting filesystem. [ 658.673395][ T3987] bond0 (unregistering): Released all slaves [ 659.437579][ T3581] Bluetooth: hci4: command tx timeout [ 659.720222][T10534] loop4: detected capacity change from 0 to 512 [ 659.758599][T10534] EXT4-fs error (device loop4): ext4_orphan_get:1422: comm syz-executor.4: bad orphan inode 15 [ 659.769381][T10534] ext4_test_bit(bit=14, block=5) = 0 [ 659.774720][T10534] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 659.901494][T10418] device hsr_slave_0 entered promiscuous mode [ 659.918270][T10418] device hsr_slave_1 entered promiscuous mode [ 659.927350][T10418] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 659.935039][T10418] Cannot create hsr debugfs directory [ 660.026421][T10506] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address [ 660.044863][T10506] bond0: (slave ip6tnl0): Error -95 calling set_mac_address [ 660.052726][T10515] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 660.887032][ T9973] EXT4-fs (loop4): unmounting filesystem. [ 661.088138][ T6928] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 661.130009][ T26] audit: type=1326 audit(1718798678.830:5735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.248614][ T26] audit: type=1326 audit(1718798678.830:5736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.349864][ T26] audit: type=1326 audit(1718798678.850:5737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.418323][ T26] audit: type=1326 audit(1718798678.850:5738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.463197][T10547] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 661.495631][T10547] device gtp3 entered promiscuous mode [ 661.503726][ T26] audit: type=1326 audit(1718798678.850:5739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.527366][ T3581] Bluetooth: hci4: command tx timeout [ 661.548807][T10549] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 661.559690][ T26] audit: type=1326 audit(1718798678.850:5740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.583003][ T26] audit: type=1326 audit(1718798678.850:5741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.597458][ T7182] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 661.617743][ T26] audit: type=1326 audit(1718798678.850:5742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.642438][ T26] audit: type=1326 audit(1718798678.850:5743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.710187][ T26] audit: type=1326 audit(1718798678.850:5744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10541 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 661.937258][ T7182] usb 5-1: Using ep0 maxpacket: 8 [ 662.007998][T10555] 9pnet_fd: Insufficient options for proto=fd [ 662.016547][T10545] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 662.090844][T10545] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 662.200274][T10545] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 662.319846][T10545] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 662.471554][T10418] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 662.477488][ T7182] usb 5-1: device descriptor read/all, error -71 [ 662.545411][T10418] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 662.630030][T10418] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 662.673104][T10418] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 662.783295][T10560] netlink: 'syz-executor.3': attribute type 17 has an invalid length. [ 662.804674][T10560] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 662.994580][T10562] loop3: detected capacity change from 0 to 512 [ 663.028690][T10562] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 663.055661][T10418] 8021q: adding VLAN 0 to HW filter on device bond0 [ 663.074936][T10562] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 663.114103][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 663.128253][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 663.149339][T10562] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 663.166680][T10418] 8021q: adding VLAN 0 to HW filter on device team0 [ 663.245341][T10562] ext4 filesystem being mounted at /root/syzkaller-testdir2926186391/syzkaller.otVqD7/180/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 663.272309][ T5521] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 663.287993][ T5521] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 663.352057][ T5521] bridge0: port 1(bridge_slave_0) entered blocking state [ 663.359283][ T5521] bridge0: port 1(bridge_slave_0) entered forwarding state [ 663.361533][T10562] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor.3: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 663.448840][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 663.460365][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 663.500687][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 663.515729][T10562] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 12: comm syz-executor.3: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 663.547920][ T3588] bridge0: port 2(bridge_slave_1) entered blocking state [ 663.550468][T10565] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #2: comm syz-executor.3: corrupted inode contents [ 663.555115][ T3588] bridge0: port 2(bridge_slave_1) entered forwarding state [ 663.599713][T10565] EXT4-fs error (device loop3): ext4_dirty_inode:6072: inode #2: comm syz-executor.3: mark_inode_dirty error [ 663.657859][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 663.680248][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 663.709754][T10565] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #2: comm syz-executor.3: corrupted inode contents [ 663.747797][T10565] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz-executor.3: mark_inode_dirty error [ 663.769040][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 663.789759][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 663.833090][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 663.873057][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 663.893152][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 663.923343][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 663.970360][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 664.015096][T10418] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 664.067651][T10418] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 664.079391][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 664.095071][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 664.138205][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 665.004037][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 665.015711][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 665.051143][T10418] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 665.139295][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 665.164886][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 665.211047][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 665.228622][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 665.257674][T10418] device veth0_vlan entered promiscuous mode [ 665.271330][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 665.283401][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 665.315360][T10418] device veth1_vlan entered promiscuous mode [ 665.343892][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 665.434910][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 665.449469][ T3588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 665.482396][T10418] device veth0_macvtap entered promiscuous mode [ 665.518445][T10418] device veth1_macvtap entered promiscuous mode [ 665.605214][T10418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 665.649578][T10418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 665.702987][T10418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 665.747623][T10418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 665.773106][T10418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 665.817245][T10418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 665.827107][T10418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 665.887244][T10418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 665.925614][T10418] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 665.952525][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 665.968277][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 665.976635][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 666.028302][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 666.075542][T10418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 666.090341][T10418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.122971][T10418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 666.173554][T10418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.213616][T10418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 666.247238][T10418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.277252][T10418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 666.307290][T10418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.328962][T10418] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 666.356663][ T7182] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 666.367703][ T7182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 666.400539][T10418] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.429786][T10418] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.457225][T10418] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.486447][T10418] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.705905][ T3732] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 666.737350][ T3732] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 666.777970][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 666.840809][ T3732] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 666.867149][ T3732] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 666.902120][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 667.026871][T10583] loop1: detected capacity change from 0 to 512 [ 667.605556][T10581] loop3: detected capacity change from 0 to 32768 [ 667.628948][T10581] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (10581) [ 667.663511][T10581] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 667.697574][T10581] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 667.706860][T10581] BTRFS info (device loop3): force zlib compression, level 3 [ 667.727726][T10581] BTRFS info (device loop3): force clearing of disk cache [ 667.734916][T10581] BTRFS info (device loop3): setting nodatasum [ 667.777270][T10581] BTRFS info (device loop3): allowing degraded mounts [ 667.784224][T10581] BTRFS info (device loop3): enabling disk space caching [ 667.797280][T10581] BTRFS info (device loop3): disk space caching is enabled [ 667.824749][ T26] kauditd_printk_skb: 5 callbacks suppressed [ 667.824765][ T26] audit: type=1326 audit(1718798685.520:5750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 668.007384][ T26] audit: type=1326 audit(1718798685.520:5751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 668.459829][ T26] audit: type=1326 audit(1718798685.520:5752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 668.552773][T10581] BTRFS info (device loop3): rebuilding free space tree [ 668.600613][T10581] BTRFS info (device loop3): disabling free space tree [ 668.614766][T10581] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 668.624714][T10581] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 668.667573][T10581] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address [ 668.697530][ T26] audit: type=1326 audit(1718798685.530:5753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 668.780376][T10581] bond0: (slave ip6tnl0): Error -95 calling set_mac_address [ 668.811340][ T26] audit: type=1326 audit(1718798685.530:5754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 668.880636][ T3588] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 668.914932][ T26] audit: type=1326 audit(1718798685.530:5755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 668.963092][ T6928] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 669.011999][ T26] audit: type=1326 audit(1718798685.530:5756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 669.067646][ T26] audit: type=1326 audit(1718798685.530:5757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 669.118067][ T26] audit: type=1326 audit(1718798685.530:5758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 669.182810][ T3588] usb 5-1: Using ep0 maxpacket: 8 [ 669.188447][ T26] audit: type=1326 audit(1718798685.530:5759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 669.343319][ T3588] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 669.351680][ T3588] usb 5-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 669.381837][ T3588] usb 5-1: config 179 has no interface number 0 [ 669.401927][ T3588] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 669.443351][ T3588] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid wMaxPacketSize 0 [ 669.463039][ T3588] usb 5-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 669.503093][ T3588] usb 5-1: config 179 interface 65 has no altsetting 0 [ 669.523906][ T3588] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 669.546298][ T3588] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 669.570875][T10618] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 669.605452][T10618] device gtp2 entered promiscuous mode [ 669.993080][T10609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 670.021906][T10609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 670.044657][T10609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 670.068597][T10609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 670.376787][T10626] loop0: detected capacity change from 0 to 512 [ 670.420107][T10626] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 670.429558][T10626] ext4 filesystem being mounted at /root/syzkaller-testdir2017940331/syzkaller.8Opoio/10/bus supports timestamps until 2038 (0x7fffffff) [ 671.453368][T10040] EXT4-fs (loop0): unmounting filesystem. [ 671.555563][ T5521] usb 5-1: USB disconnect, device number 16 [ 672.143477][T10645] loop2: detected capacity change from 0 to 256 [ 672.175063][T10645] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value [ 672.256805][T10645] loop2: detected capacity change from 0 to 8 [ 672.280962][T10645] SQUASHFS error: zstd decompression error: 10 [ 672.296294][T10645] SQUASHFS error: zstd decompression failed, data probably corrupt [ 672.315078][T10645] SQUASHFS error: Failed to read block 0x4ea: -5 [ 672.332894][T10645] SQUASHFS error: Unable to read metadata cache entry [4e8] [ 672.352749][T10645] SQUASHFS error: Unable to read inode 0x11f [ 672.483504][T10651] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 673.055386][T10657] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 673.250962][T10657] device gtp3 entered promiscuous mode [ 673.745344][T10661] loop3: detected capacity change from 0 to 512 [ 673.815816][T10661] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 673.825022][T10661] ext4 filesystem being mounted at /root/syzkaller-testdir2926186391/syzkaller.otVqD7/189/bus supports timestamps until 2038 (0x7fffffff) [ 674.050980][T10671] loop0: detected capacity change from 0 to 512 [ 674.064758][T10671] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 674.078343][T10671] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 674.624221][T10675] loop4: detected capacity change from 0 to 32768 [ 674.637437][T10675] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (10675) [ 674.670316][T10671] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 674.684224][T10671] ext4 filesystem being mounted at /root/syzkaller-testdir2017940331/syzkaller.8Opoio/13/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 674.713353][T10671] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz-executor.0: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 674.742164][T10671] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 12: comm syz-executor.0: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 674.775496][T10671] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 13: comm syz-executor.0: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 674.806051][T10678] EXT4-fs error (device loop0): ext4_do_update_inode:5210: inode #2: comm syz-executor.0: corrupted inode contents [ 674.824565][T10678] EXT4-fs error (device loop0): ext4_dirty_inode:6072: inode #2: comm syz-executor.0: mark_inode_dirty error [ 674.837074][T10678] EXT4-fs error (device loop0): ext4_do_update_inode:5210: inode #2: comm syz-executor.0: corrupted inode contents [ 674.856854][T10678] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz-executor.0: mark_inode_dirty error [ 674.880118][T10671] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 14: comm syz-executor.0: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 674.904643][T10671] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 15: comm syz-executor.0: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 674.907666][T10675] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 674.928822][T10671] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 16: comm syz-executor.0: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 674.935622][T10675] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 674.965657][T10675] BTRFS info (device loop4): using free space tree [ 674.988897][ T6928] EXT4-fs (loop3): unmounting filesystem. [ 674.999444][T10040] EXT4-fs (loop0): unmounting filesystem. [ 675.228608][T10675] BTRFS info (device loop4): enabling ssd optimizations [ 675.472715][T10703] dlm: no local IP address has been set [ 675.478355][T10703] dlm: cannot start dlm midcomms -107 [ 675.857995][ T9973] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 676.673921][ T26] kauditd_printk_skb: 11 callbacks suppressed [ 676.673939][ T26] audit: type=1326 audit(1718798694.350:5771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 676.817106][ T26] audit: type=1326 audit(1718798694.410:5772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 676.867600][ T26] audit: type=1326 audit(1718798694.410:5773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 676.896333][ T26] audit: type=1326 audit(1718798694.410:5774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 676.920429][ T26] audit: type=1326 audit(1718798694.410:5775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 676.943511][ T26] audit: type=1326 audit(1718798694.410:5776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 676.968574][T10717] loop4: detected capacity change from 0 to 512 [ 676.979307][ T26] audit: type=1326 audit(1718798694.410:5777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 677.005809][T10716] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 677.031656][T10717] EXT4-fs error (device loop4): ext4_orphan_get:1422: comm syz-executor.4: bad orphan inode 15 [ 677.051223][ T26] audit: type=1326 audit(1718798694.410:5778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 677.117481][T10717] ext4_test_bit(bit=14, block=5) = 0 [ 677.143277][T10717] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 677.175040][ T26] audit: type=1326 audit(1718798694.410:5779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10712 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d6c7cf29 code=0x7ffc0000 [ 677.338932][T10723] loop2: detected capacity change from 0 to 256 [ 677.359965][T10723] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value [ 677.429305][T10726] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 678.435266][T10728] loop0: detected capacity change from 0 to 32768 [ 682.348507][T10719] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap [ 682.452813][ T9973] EXT4-fs (loop4): unmounting filesystem. [ 682.581545][T10733] loop2: detected capacity change from 0 to 512 [ 682.602754][T10733] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 682.620247][T10733] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 682.673478][T10733] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 682.709415][T10740] loop0: detected capacity change from 0 to 512 [ 682.710808][T10733] ext4 filesystem being mounted at /root/syzkaller-testdir766479746/syzkaller.1bv6ST/64/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 682.760100][T10740] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 682.769259][T10740] ext4 filesystem being mounted at /root/syzkaller-testdir2017940331/syzkaller.8Opoio/18/bus supports timestamps until 2038 (0x7fffffff) [ 682.893058][T10733] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor.2: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 682.982814][T10733] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 12: comm syz-executor.2: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 683.405938][T10746] EXT4-fs error (device loop2): ext4_do_update_inode:5210: inode #2: comm syz-executor.2: corrupted inode contents [ 683.664923][T10746] EXT4-fs error (device loop2): ext4_dirty_inode:6072: inode #2: comm syz-executor.2: mark_inode_dirty error [ 683.701406][T10746] EXT4-fs error (device loop2): ext4_do_update_inode:5210: inode #2: comm syz-executor.2: corrupted inode contents [ 683.754971][T10746] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz-executor.2: mark_inode_dirty error [ 683.802064][T10040] EXT4-fs (loop0): unmounting filesystem. [ 683.848395][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 684.165821][T10752] loop2: detected capacity change from 0 to 32768 [ 684.187454][T10752] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10752) [ 684.208253][T10752] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 684.218515][T10752] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 684.227355][T10752] BTRFS info (device loop2): using free space tree [ 684.435019][T10752] BTRFS info (device loop2): enabling ssd optimizations [ 684.724435][T10776] dlm: no local IP address has been set [ 684.730185][T10776] dlm: cannot start dlm midcomms -107 [ 685.318503][ T9187] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 685.656952][T10783] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 685.815291][T10786] loop2: detected capacity change from 0 to 1024 [ 685.889005][T10786] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 685.915526][T10786] EXT4-fs (loop2): invalid journal inode [ 685.935518][T10786] EXT4-fs (loop2): can't get journal size [ 685.984269][T10786] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 686.563049][T10795] loop0: detected capacity change from 0 to 512 [ 686.599427][T10795] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 15 [ 686.623659][T10795] ext4_test_bit(bit=14, block=5) = 0 [ 686.632440][T10795] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 687.617896][T10803] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 688.089628][T10806] loop4: detected capacity change from 0 to 32768 [ 688.101706][T10806] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (10806) [ 689.875958][T10797] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap [ 689.892756][ T9187] EXT4-fs (loop2): unmounting filesystem. [ 689.910263][T10806] BTRFS error (device loop4): open_ctree failed [ 689.978869][T10040] EXT4-fs (loop0): unmounting filesystem. [ 690.051111][T10811] loop0: detected capacity change from 0 to 256 [ 690.061104][T10811] FAT-fs (loop0): Unrecognized mount option "nnonumtail=1" or missing value [ 690.073071][T10813] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 690.088076][T10809] loop2: detected capacity change from 0 to 2048 [ 690.101606][T10809] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 690.113593][T10809] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 690.142293][T10809] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 690.142563][T10811] loop0: detected capacity change from 0 to 8 [ 690.198347][T10811] SQUASHFS error: zstd decompression error: 10 [ 690.215363][T10811] SQUASHFS error: zstd decompression failed, data probably corrupt [ 690.235063][T10811] SQUASHFS error: Failed to read block 0x4ea: -5 [ 690.257553][T10811] SQUASHFS error: Unable to read metadata cache entry [4e8] [ 690.272014][T10816] loop4: detected capacity change from 0 to 512 [ 690.277217][T10811] SQUASHFS error: Unable to read inode 0x11f [ 690.455988][T10816] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 690.465294][T10816] ext4 filesystem being mounted at /root/syzkaller-testdir2998077695/syzkaller.F2ogxj/30/bus supports timestamps until 2038 (0x7fffffff) [ 690.558536][T10818] loop3: detected capacity change from 0 to 32768 [ 690.587364][T10818] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (10818) [ 690.697672][T10818] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 690.708192][T10818] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 690.716927][T10818] BTRFS info (device loop3): using free space tree [ 691.471102][ T9973] EXT4-fs (loop4): unmounting filesystem. [ 691.495206][T10818] BTRFS info (device loop3): enabling ssd optimizations [ 691.816308][T10846] dlm: no local IP address has been set [ 691.822108][T10846] dlm: cannot start dlm midcomms -107 [ 692.020579][T10848] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 692.075917][T10848] device gtp1 entered promiscuous mode [ 692.388806][ T6928] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 692.816010][T10857] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 693.362739][T10874] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 697.853791][T10873] loop3: detected capacity change from 0 to 32768 [ 697.872250][T10873] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (10873) [ 697.888533][ T1255] ieee802154 phy0 wpan0: encryption failed: -22 [ 697.894885][ T1255] ieee802154 phy1 wpan1: encryption failed: -22 [ 697.947591][T10873] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 697.957787][T10873] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 697.966420][T10873] BTRFS error (device loop3): unrecognized mount option 'dont_appraise' [ 697.984984][T10873] BTRFS error (device loop3): open_ctree failed [ 698.425195][T10881] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 699.804414][T10892] loop2: detected capacity change from 0 to 32768 [ 699.805200][T10894] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 699.833488][T10892] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10892) [ 699.860749][T10894] device gtp2 entered promiscuous mode [ 699.883147][T10892] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 699.893551][T10892] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 699.902305][T10892] BTRFS info (device loop2): using free space tree [ 700.022649][T10904] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 700.154658][T10914] loop4: detected capacity change from 0 to 2048 [ 700.165336][T10892] BTRFS info (device loop2): enabling ssd optimizations [ 700.172323][T10914] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 700.183386][T10914] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 700.197708][T10914] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 700.548682][T10918] dlm: no local IP address has been set [ 700.554377][T10918] dlm: cannot start dlm midcomms -107 [ 701.109555][ T9187] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 701.603283][T10924] tipc: Enabling of bearer rejected, failed to enable media [ 702.414845][T10937] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 702.689268][T10935] loop3: detected capacity change from 0 to 32768 [ 703.988693][T10952] loop4: detected capacity change from 0 to 128 [ 704.026545][T10952] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 704.270464][T10952] ext4 filesystem being mounted at /root/syzkaller-testdir2998077695/syzkaller.F2ogxj/39/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 704.282258][T10953] loop2: detected capacity change from 0 to 32768 [ 704.320053][T10953] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10953) [ 704.339698][T10953] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 704.350686][T10953] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 704.359611][T10953] BTRFS info (device loop2): using free space tree [ 704.546405][T10959] tipc: Started in network mode [ 704.575074][T10959] tipc: Node identity 000000000000003a0000400000000001, cluster identity 4711 [ 704.587356][T10959] tipc: Enabling of bearer rejected, failed to enable media [ 704.608088][ T9975] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 704.632370][ T9975] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 704.642681][ T9975] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 704.651056][ T9975] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 704.660838][ T3578] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 704.767730][ T9975] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 704.856954][T10953] BTRFS info (device loop2): enabling ssd optimizations [ 705.224914][T10987] dlm: no local IP address has been set [ 705.230929][T10987] dlm: cannot start dlm midcomms -107 [ 705.788711][ T9187] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 705.805590][T10965] chnl_net:caif_netlink_parms(): no params data found [ 706.160049][T10965] bridge0: port 1(bridge_slave_0) entered blocking state [ 706.167347][T10965] bridge0: port 1(bridge_slave_0) entered disabled state [ 706.175730][T10965] device bridge_slave_0 entered promiscuous mode [ 706.228171][T10965] bridge0: port 2(bridge_slave_1) entered blocking state [ 706.235479][T10965] bridge0: port 2(bridge_slave_1) entered disabled state [ 706.258456][T10965] device bridge_slave_1 entered promiscuous mode [ 706.361713][T10965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 706.441153][T10965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 706.534833][T10965] team0: Port device team_slave_0 added [ 706.543655][T10997] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 706.559463][T10965] team0: Port device team_slave_1 added [ 706.606644][T10965] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 706.638562][T10965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 706.727249][T10965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 706.759795][T10965] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 706.766790][T10965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 706.836753][T10965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 706.883560][ T3581] Bluetooth: hci5: command tx timeout [ 706.980687][ T9973] EXT4-fs (loop4): unmounting filesystem. [ 707.032817][T10965] device hsr_slave_0 entered promiscuous mode [ 707.064721][T10965] device hsr_slave_1 entered promiscuous mode [ 707.084731][T10965] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 707.104135][T10965] Cannot create hsr debugfs directory [ 707.117733][T11007] loop4: detected capacity change from 0 to 512 [ 707.154018][T11007] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 707.177279][T11007] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 707.248669][T11007] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 707.302648][T11007] ext4 filesystem being mounted at /root/syzkaller-testdir2998077695/syzkaller.F2ogxj/40/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 707.439298][T11007] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #2: comm syz-executor.4: corrupted inode contents [ 707.470851][T11007] EXT4-fs error (device loop4): ext4_dirty_inode:6072: inode #2: comm syz-executor.4: mark_inode_dirty error [ 707.569895][T11007] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #2: comm syz-executor.4: corrupted inode contents [ 707.588205][T11007] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz-executor.4: mark_inode_dirty error [ 707.824263][T10965] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.856654][ T9973] EXT4-fs (loop4): unmounting filesystem. [ 708.809492][T10965] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 708.957379][ T3581] Bluetooth: hci5: command tx timeout [ 708.977782][T11026] loop0: detected capacity change from 0 to 16 [ 708.985926][T11026] erofs: (device loop0): mounted with root inode @ nid 36. [ 709.034532][T10965] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 709.160034][T10965] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 709.359596][T11034] loop4: detected capacity change from 0 to 128 [ 709.400457][T11034] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 709.414210][T11036] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 709.430469][T11036] device gtp0 entered promiscuous mode [ 709.436251][T11034] ext4 filesystem being mounted at /root/syzkaller-testdir2998077695/syzkaller.F2ogxj/43/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 709.543112][T10965] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 709.565613][T10965] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 709.617675][T10965] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 709.644760][T10965] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 709.968819][T10965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 710.034791][ T5518] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 710.048886][ T5518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 710.070893][T10965] 8021q: adding VLAN 0 to HW filter on device team0 [ 710.175173][ T5518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 710.207116][ T5518] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 710.238192][ T5518] bridge0: port 1(bridge_slave_0) entered blocking state [ 710.245377][ T5518] bridge0: port 1(bridge_slave_0) entered forwarding state [ 710.367614][ T7499] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 710.375891][ T7499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 815.067156][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 815.074001][ C1] rcu: 1-...!: (10499 ticks this GP) idle=6324/1/0x4000000000000000 softirq=42874/42874 fqs=14 [ 815.086463][ C1] (t=10500 jiffies g=58393 q=75 ncpus=2) [ 815.092227][ C1] rcu: rcu_preempt kthread starved for 10466 jiffies! g58393 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 815.103492][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 815.113488][ C1] rcu: RCU grace-period kthread stack dump: [ 815.119399][ C1] task:rcu_preempt state:R running task stack:26712 pid:16 ppid:2 flags:0x00004000 [ 815.130396][ C1] Call Trace: [ 815.133697][ C1] [ 815.136685][ C1] __schedule+0x142d/0x4550 [ 815.141238][ C1] ? _raw_spin_unlock+0x40/0x40 [ 815.146134][ C1] ? __mod_timer+0x956/0xee0 [ 815.150770][ C1] ? __sched_text_start+0x8/0x8 [ 815.155672][ C1] ? lockdep_softirqs_off+0x420/0x420 [ 815.161082][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 815.167096][ C1] ? _raw_spin_unlock+0x40/0x40 [ 815.171986][ C1] schedule+0xbf/0x180 [ 815.176091][ C1] schedule_timeout+0x1b9/0x300 [ 815.180978][ C1] ? console_conditional_schedule+0x40/0x40 [ 815.186915][ C1] ? update_process_times+0x1b0/0x1b0 [ 815.192327][ C1] ? prepare_to_swait_event+0x329/0x350 [ 815.197924][ C1] rcu_gp_fqs_loop+0x2d2/0x1150 [ 815.202826][ C1] ? dyntick_save_progress_counter+0x2b0/0x2b0 [ 815.209106][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 815.214515][ C1] ? rcu_gp_init+0x15f0/0x15f0 [ 815.219324][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 815.225263][ C1] ? finish_swait+0xcf/0x1e0 [ 815.229904][ C1] rcu_gp_kthread+0xa3/0x3b0 [ 815.234530][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 815.239674][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 815.245613][ C1] ? __kthread_parkme+0x168/0x1c0 [ 815.250685][ C1] kthread+0x28d/0x320 [ 815.254792][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 815.259937][ C1] ? kthread_blkcg+0xd0/0xd0 [ 815.264558][ C1] ret_from_fork+0x1f/0x30 [ 815.269032][ C1] [ 815.272074][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 815.278429][ C1] Sending NMI from CPU 1 to CPUs 0: [ 815.283758][ C0] NMI backtrace for cpu 0 [ 815.283769][ C0] CPU: 0 PID: 3544 Comm: syz-fuzzer Not tainted 6.1.94-syzkaller #0 [ 815.283788][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 815.283799][ C0] RIP: 0010:psi_task_switch+0x16a/0x770 [ 815.283822][ C0] Code: 3d 00 00 74 12 4c 89 f7 e8 53 95 79 00 48 bf 00 00 00 00 00 fc ff df 49 8b 06 48 8d 6c 28 40 48 89 e8 48 c1 e8 03 0f b6 04 38 <84> c0 75 59 f6 45 01 01 0f 85 9f 00 00 00 48 89 df 44 89 e6 31 d2 [ 815.283837][ C0] RSP: 0018:ffffc90003abf888 EFLAGS: 00000806 [ 815.283854][ C0] RAX: 0000000000000000 RBX: ffff888019641000 RCX: 0000000080000002 [ 815.283867][ C0] RDX: 1ffffffff1fd4000 RSI: ffffffff8aec13c0 RDI: dffffc0000000000 [ 815.283881][ C0] RBP: ffffe8ffffc87300 R08: ffffffff8fea0000 R09: ffffffff8fea0008 [ 815.283894][ C0] R10: ffffffff8fea0018 R11: ffffffff8fea0010 R12: 0000000000000000 [ 815.283907][ C0] R13: 1ffffffff196290c R14: ffffffff8cb14860 R15: 0000000000000000 [ 815.283920][ C0] FS: 000000c000058090(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 815.283937][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 815.283950][ C0] CR2: 00007f7d1632dd58 CR3: 0000000022bc2000 CR4: 00000000003506f0 [ 815.283966][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 815.283976][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 815.283988][ C0] Call Trace: [ 815.283995][ C0] [ 815.284003][ C0] ? nmi_cpu_backtrace+0x3de/0x560 [ 815.284033][ C0] ? read_lock_is_recursive+0x10/0x10 [ 815.284062][ C0] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 815.284090][ C0] ? nmi_handle+0x25/0x440 [ 815.284126][ C0] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 815.284154][ C0] ? nmi_handle+0x12e/0x440 [ 815.284181][ C0] ? nmi_handle+0x25/0x440 [ 815.284207][ C0] ? psi_task_switch+0x16a/0x770 [ 815.284225][ C0] ? default_do_nmi+0x62/0x150 [ 815.284243][ C0] ? exc_nmi+0xa8/0x100 [ 815.284260][ C0] ? end_repeat_nmi+0x16/0x31 [ 815.284293][ C0] ? psi_task_switch+0x16a/0x770 [ 815.284312][ C0] ? psi_task_switch+0x16a/0x770 [ 815.284331][ C0] ? psi_task_switch+0x16a/0x770 [ 815.284348][ C0] [ 815.284353][ C0] [ 815.284358][ C0] ? set_next_task_rt+0x2cb/0x5f0 [ 815.284380][ C0] __schedule+0x2056/0x4550 [ 815.284413][ C0] ? print_irqtrace_events+0x210/0x210 [ 815.284443][ C0] ? lockdep_hardirqs_on+0x94/0x130 [ 815.284465][ C0] ? __sched_text_start+0x8/0x8 [ 815.284495][ C0] ? queued_write_lock_slowpath+0x3e0/0x441 [ 815.284529][ C0] schedule+0xbf/0x180 [ 815.284544][ C0] ? futex_wait_queue+0x23/0x1d0 [ 815.284565][ C0] futex_wait_queue+0x149/0x1d0 [ 815.284588][ C0] futex_wait+0x203/0x5c0 [ 815.284613][ C0] ? futex_wait_setup+0x340/0x340 [ 815.284635][ C0] ? __remove_hrtimer+0x4b0/0x4b0 [ 815.284661][ C0] ? ktime_get+0x7f/0x270 [ 815.284690][ C0] ? ktime_get+0x7f/0x270 [ 815.284711][ C0] ? lockdep_hardirqs_on+0x94/0x130 [ 815.284733][ C0] do_futex+0x3b5/0x490 [ 815.284755][ C0] ? __ia32_sys_get_robust_list+0x80/0x80 [ 815.284775][ C0] ? xfd_validate_state+0x6a/0x140 [ 815.284795][ C0] ? ktime_get+0x242/0x270 [ 815.284818][ C0] __se_sys_futex+0x3d7/0x460 [ 815.284842][ C0] ? __x64_sys_futex+0xf0/0xf0 [ 815.284863][ C0] ? syscall_enter_from_user_mode+0x2e/0x230 [ 815.284884][ C0] ? lockdep_hardirqs_on+0x94/0x130 [ 815.284905][ C0] ? __x64_sys_futex+0x1d/0xf0 [ 815.284925][ C0] do_syscall_64+0x3b/0xb0 [ 815.284952][ C0] ? clear_bhb_loop+0x45/0xa0 [ 815.284978][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 815.285003][ C0] RIP: 0033:0x473523 [ 815.285023][ C0] Code: 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14 4c 8b 54 24 18 4c 8b 44 24 20 44 8b 4c 24 28 b8 ca 00 00 00 0f 05 <89> 44 24 30 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc [ 815.285037][ C0] RSP: 002b:000000c000069e80 EFLAGS: 00000206 ORIG_RAX: 00000000000000ca [ 815.285055][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000473523 [ 815.285066][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000025c2800 [ 815.285078][ C0] RBP: 000000c000069ec8 R08: 0000000000000000 R09: 0000000000000000 [ 815.285089][ C0] R10: 000000c000069eb8 R11: 0000000000000206 R12: 000000c000069eb8 [ 815.285101][ C0] R13: 000000c0006e6c00 R14: 000000c0000064e0 R15: 0000000000000009 [ 815.285123][ C0] [ 815.285757][ C1] CPU: 1 PID: 6940 Comm: kworker/u4:17 Not tainted 6.1.94-syzkaller #0 [ 815.716649][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 815.726746][ C1] Workqueue: 0x0 (phy37) [ 815.731139][ C1] RIP: 0010:finish_task_switch+0x1d3/0x810 [ 815.737036][ C1] Code: 2e 0b 00 48 83 c4 08 4c 89 f7 e8 98 30 00 00 0f 1f 44 00 00 4c 89 f7 e8 7b 23 36 09 e8 06 1e 32 00 fb 49 8d bc 24 f8 15 00 00 <48> 89 f8 48 c1 e8 03 49 bd 00 00 00 00 00 fc ff df 42 0f b6 04 28 [ 815.756679][ C1] RSP: 0018:ffffc9000355fa28 EFLAGS: 00000282 [ 815.762790][ C1] RAX: 4a99db0456158300 RBX: ffff888020713bb4 RCX: ffffffff91c95103 [ 815.770811][ C1] RDX: dffffc0000000000 RSI: ffffffff8aec0240 RDI: ffff88805ee95178 [ 815.778904][ C1] RBP: ffffc9000355fa70 R08: dffffc0000000000 R09: ffffed1017327541 [ 815.787002][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88805ee93b80 [ 815.795002][ C1] R13: 1ffff110173276eb R14: ffff8880b993aa00 R15: ffff8880b993b758 [ 815.803007][ C1] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 815.811969][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 815.818589][ C1] CR2: 00007f7d15784038 CR3: 000000004928e000 CR4: 00000000003506e0 [ 815.826601][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 815.834865][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 815.842866][ C1] Call Trace: [ 815.846168][ C1] [ 815.849038][ C1] ? rcu_dump_cpu_stacks+0x296/0x4f0 [ 815.854369][ C1] ? print_cpu_stall+0x346/0x5f0 [ 815.859367][ C1] ? rcu_sched_clock_irq+0x997/0x1200 [ 815.864946][ C1] ? rcutree_dead_cpu+0x20/0x20 [ 815.869868][ C1] ? hrtimer_run_queues+0x163/0x450 [ 815.875192][ C1] ? acct_account_cputime+0x26e/0x270 [ 815.880603][ C1] ? update_process_times+0x147/0x1b0 [ 815.886111][ C1] ? tick_sched_timer+0x386/0x550 [ 815.891209][ C1] ? tick_setup_sched_timer+0x2f0/0x2f0 [ 815.896804][ C1] ? __hrtimer_run_queues+0x5a7/0xe50 [ 815.902409][ C1] ? hrtimer_interrupt+0x980/0x980 [ 815.907565][ C1] ? ktime_get_update_offsets_now+0x407/0x420 [ 815.913772][ C1] ? hrtimer_interrupt+0x392/0x980 [ 815.918948][ C1] ? __sysvec_apic_timer_interrupt+0x156/0x580 [ 815.925142][ C1] ? sysvec_apic_timer_interrupt+0x8c/0xb0 [ 815.931597][ C1] [ 815.934581][ C1] [ 815.937540][ C1] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 815.943759][ C1] ? finish_task_switch+0x1d3/0x810 [ 815.949006][ C1] ? finish_task_switch+0x1ca/0x810 [ 815.954250][ C1] __schedule+0x1435/0x4550 [ 815.958830][ C1] ? __sched_text_start+0x8/0x8 [ 815.963733][ C1] ? print_irqtrace_events+0x210/0x210 [ 815.969242][ C1] ? preempt_schedule_irq+0xec/0x1c0 [ 815.974562][ C1] preempt_schedule_irq+0xf7/0x1c0 [ 815.979722][ C1] ? preempt_schedule_notrace+0x140/0x140 [ 815.985495][ C1] ? trace_hardirqs_off_finish+0x7b/0x1a0 [ 815.991260][ C1] ? rcu_is_watching+0x76/0xb0 [ 815.996160][ C1] irqentry_exit+0x53/0x80 [ 816.000612][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 816.006637][ C1] RIP: 0010:preempt_count_add+0x2/0x180 [ 816.012220][ C1] Code: 0c 24 80 e1 07 80 c1 03 38 c1 7c 97 48 8b 3c 24 e8 d3 b2 83 00 eb 8c e9 f2 fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 41 57 <41> 56 53 89 fb 48 c7 c0 60 51 c9 91 48 c1 e8 03 49 bf 00 00 00 00 [ 816.031855][ C1] RSP: 0018:ffffc9000355fdb8 EFLAGS: 00000202 [ 816.037959][ C1] RAX: 0000000000000001 RBX: 1ffff1100bdd2770 RCX: ffffffff8a939aa6 [ 816.045958][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000001 [ 816.054045][ C1] RBP: ffff88805e2ecb68 R08: dffffc0000000000 R09: ffffed100bdd2771 [ 816.062047][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88805ee93b80 [ 816.070135][ C1] R13: dffffc0000000000 R14: ffff88805ee94df8 R15: dffffc0000000000 [ 816.078157][ C1] ? schedule+0xd6/0x180 [ 816.082445][ C1] schedule+0xb8/0x180 [ 816.086549][ C1] worker_thread+0xe9d/0x1200 [ 816.091275][ C1] ? _raw_spin_unlock+0x40/0x40 [ 816.096181][ C1] kthread+0x28d/0x320 [ 816.100278][ C1] ? worker_clr_flags+0x190/0x190 [ 816.105424][ C1] ? kthread_blkcg+0xd0/0xd0 [ 816.110044][ C1] ret_from_fork+0x1f/0x30 [ 816.114516][ C1]