last executing test programs: 16m23.883325039s ago: executing program 1 (id=6079): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x6}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xd00}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0xc0ffffff}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x6}, {0x5, 0x0, 0xa, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x3, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x2}, {0x7, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x7}, {0x18, 0x0, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x1400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 16m23.619526163s ago: executing program 1 (id=6084): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x16a) mount(&(0x7f0000000040)=@filename='./file1\x00', &(0x7f0000000080)='./file1\x00', &(0x7f0000000100)='nilfs2\x00', 0x800000, 0x0) 16m23.455026956s ago: executing program 1 (id=6087): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0x2d, 0x4e22, 0x0, @local, 0xb}, 0x1c) 16m23.298512938s ago: executing program 1 (id=6089): syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x847, &(0x7f0000000140)=ANY=[], 0xe0, 0xc33, &(0x7f0000000340)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwRFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjihIlPY9N/WbunHPvOfeM75UFnXsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj4vdcunjqdHnYrAIAH6fLoV0+dcf8HgCfKVf//DwAAAAAAAAAAAAAAB12KIp6OFHOX19J49b6jfqndf+v22PDI9tUOp6pmX1W+/KmfPnP23JdeGjrfzUvtmY+of799Nt4YvXqx8erszbn5qYWFqcnG2Ex7YnZyatd72Gv9rU5UJ6Bx881bk9evLzTOvHh208e3Bz8ceOrY4IWh508+1y07NjwyMrpRpN5bvnbPDenYaYbHoSjiZKR44Xs/Ta2IKGLv56L+YMd+q8NVJ05UnRgbHqk6Mt1uzSyWH17pnogiotFTqdk9R9uPRdT6H2gfdtaMWCqbXzb4RNm90bnWfOva9FTjSmt+sb3Ynp25kjqtLfvTiCLOp4jliFgduHt3/VFELVJ85+hauhYRfd3z8MVqYvDO7Sj2sY+7ULaz0R+xXDwCY3aADUQRr0eKn713PCbydaa61nwh4vUyfxDxTpmvRKTyi3Eu4oNtvkc8mmpRxJ+X439hLU1W14PudeXS1xpfmbk+21O2e135Je8Pd10pHtL94fCWfDAO+LWpHkW0qiv+Wrr33+wAAAAAAAAAAAAAAAAAcL8djiI+Eyle+7c/quYVRzUv/eiFod8f/P99PeWe/Zj9pIh4MSKWit3NyT2UJwZeSVdSeshziZ9k9Sjij/P8v2897MYAAAAAAAAAAAAAAAAAAAA80Yr4SaR4+f3jaTl61xRvz9xoXG1dm+6sCttd+7e7Zvr6+vp6I3WymXM851LO5ZwrOVdzRpHr52zmHM+5lHM550rO1ZzRl+vnbOYcz7mUcznnSs7VnFHL9XM2c47nXMq5nHMl52rOOCBr9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPE6KKOIXkeLb31hLkSKiGTEenVwZeNitAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKA6mI70eKxh8072yrRUSq/u04Xv5yLpqHyvxkNIfKfCWaF3O2qqw1v/UQ2s/e9KcifhwpBurv3hnwPP79nXd3vgbxzjc33n221sm+7oeDHw48dezohaGRX3t2p9dpuwacuNSeuXW7MTY8MjLas7mWj/7Jnm2D+bjF/ek6EbHw1ttvtqanp+bv/UX5FdhD9UfoRao9hj2tH4xmHMgXUTsQzXg4fecJUN7/P4gUv/3+v3dv+J37fz3+X+fdnTt8/PxPNu7/L2/d0S7v/7Wt9fL9v7ynb3f/f7pn28v5dyP9tYj64s25/mMR9YW33j7Zvtm6MXVjaubcqVNfHhr68tlT/Yci6tfb01M9r+7L6QIAAAAAAAAAAAAAAAB4cFIRvxspWj9eS42IuF3N1xq8MPT8yef6oq+ab7Vp3vYbo1cvNl6dvTk3P7WwMDXZGJtpT8xOTu32cPVqutfY8Mi+dOZjHd7n9h+uvzo799Z8+8YfLm77+ZH6xWsLi/Otie0/jsNRRDR7t5yoGjw2PFI1errdmqmqXtl2Mv0vrz8V8R+RYuJcI30+b8vz/7fO8N80/39p6472af7/J3q2lcdMqYifR4rf+otn4/NVO4/EXecsl/ubSHHi/OdyuThUluu2ofNcgc7MwLLs/0SKf/jF5rLd+ZBPb5Q9vesT+4gox/9opPj+n303fj1v2/z8h+3H/8jWHe3T+D/Ts+3IpucV7Lnr5PE/GSleefrd+I287aOe/9F99sbxXPjO8zn2afw/1bNtMB/3N+9P1wEAAAAAAAAAAB5p/amIv40UPxyppZfytt38/b/JrTvap7//9emebZP3Z72ij32x55MKAAAAAAdEfyriJ5HixuK7d+ZQb57/3TP/83c25n8Opy2fVn/O9yvVcwPu55//9RrMxx3fe7cBAAAAAAAAAAAAAAAAAADgQEmpiJfyeurj1Xz+yR3XU1+JFK/91wu5XDpWluuuAz9Y/Vq/PDtz8uL09OxEa7F1bXqqMTrXmpgq6z4TKdb++nO5blGtr95db76zxvvGWuzzkWLk77plO2uxd9cmf2aj7Omy7CcixX/+/eay3XWsP7VR9kxZ9q8ixdf/afuyxzbKni3LfjdS/OjrjW7ZI2XZ7vNRP71R9sWJ2WIfRgUAAAAAAAAAAAAAAAAAAIAnTX8q4k8jxX/fXL4zlz+v/9/f87byzjd71vvf4na1zv9gtf7/Tq/vZf3/6rkCSzsdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHk8ping7UsxdXksrA+X7jvql9syt22PDI9tXO5yqmn1V+fKnfvrM2XNfemnofDc/uv799pl4Y/Tqxcarszfn5qcWFqYmG2Mz7YnZyald72Gv9bc6UZ2Axs03b01ev77QOPPi2U0f3x78cOCpY4MXhp4/+Vy37NjwyMhoT5la/z0f/S5ph+2Hooi/jBQvfO+n6YcDEUXs/Vx8zHdnvx2uOnGi6sTY8EjVkel2a2ax/PBK90QUEY2eSs3uOXoAY7EnzYilsvllg0+U3Ruda823rk1PNa605hfbi+3ZmSup09qyP40o4nyKWI6I1YG7d9cfRbwZKb5zdC3980BEX/c8fPHy6FdPndm5HcU+9nEXynY2+iOWi0dgzA6wgSjiHyPFz947Hv8yEFGLzk98IeL1Mn8Q8U50xjuVX4xzER9s8z3i0VSLIv63HP8La+m9gfJ60L2uXPpa4ysz12d7ynavK4/8/eFBOuDXpnoU8aPqir+W/tV/1wAAAAAAAAAAAAAAAAAHSBG/Gilefv94quYH35lT3J650bjaujbdmdbXnfvXnTO9vr6+3kidbOYcz7mUcznnSs7VnFHk+jmbZdbX18fz+6WcyzlXcq7mjL5cP2cz53jOpZzLOVdyruaMWq6fs5lzPOdSzuWcKzlXc8YBmbsHAAAAAAAAAAAAAAAAAAA8XorqnxTf/sZaWh/orC89Hp1csR7oY+//AgAA///j0/g8") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 16m22.772077286s ago: executing program 1 (id=6097): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="400000001900010900000000fbdbdf2502200000fe00fd010000000008000100ac14140008001e00020000000c0016"], 0x40}}, 0x40810) 16m22.067390307s ago: executing program 1 (id=6108): r0 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$inet6_int(r0, 0x10d, 0x10, &(0x7f00000002c0), 0x4) 16m21.626316224s ago: executing program 32 (id=6108): r0 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$inet6_int(r0, 0x10d, 0x10, &(0x7f00000002c0), 0x4) 12m54.319502179s ago: executing program 0 (id=8871): pipe2(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x100000) 12m54.131660953s ago: executing program 0 (id=8875): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) 12m53.929951046s ago: executing program 0 (id=8877): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_CLASS={0x6}}}}]}, 0x38}}, 0x0) 12m53.603237511s ago: executing program 0 (id=8884): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0xc02, &(0x7f0000000280)={[{@iocharset={'iocharset', 0x3d, 'macturkish'}}, {}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@keep_last_dots}, {@keep_last_dots}, {@namecase}, {@errors_continue}, {}]}, 0x1, 0x1524, &(0x7f0000007640)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO") mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0) 12m53.02870562s ago: executing program 0 (id=8890): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x6, 0x13, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020200008500000070000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xfca804a0, 0xe, 0x0, &(0x7f0000000a80)="b8000005000000000152912e5763", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 12m52.511231848s ago: executing program 0 (id=8897): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000050c0)={&(0x7f0000000040)=@can_delroute={0x154, 0x19, 0x1, 0x0, 0x0, {}, [@CGW_CS_XOR={0x8, 0x5, {0x0, 0x0, 0x88}}, @CGW_CS_CRC8={0x11e, 0x6, {0x2, 0x4, 0x0, 0x0, 0x0, "c87b656e285d281181111413f0081ddc21c51ffc7e9526ed8503c2aa9a5e0a96d01a3ad6c30d6baa1bdf0f6c4db0f4286fccba8944cee7e579a8dc8b3cde07b51c0a437334c8c52b2cc9301fdc5a473aaf13fbd5536aa0c719f9e37963f8e40ae29ee94ccd6deef4750b5d9d6e8dc3967a4a5190ce4bc0dc8fac276a4270ec73d98334dbb9a2c0797698e4386e2c1872d2a04e6904ccd29d2a7b59082689da3602b982a9a619fa91f33a33723f92930f8a430d10ca1d979db27615a77556811503f3e6f300770b42f29d54f7f5f2fbe93144d1ee8a63e74d5f84c61acf20e8931d09f7c29048edbaff2ea4b29242fd9eec8082002947c4fa12d0fbffe2c4befd", 0x0, "5bf6ad242712a12236ec1625ac06613fc5f12f67"}}, @CGW_MOD_SET={0x15, 0x4, {{{}, 0x0, 0x0, 0x0, 0x0, "2d2fd7ac2612dea2"}, 0x1}}]}, 0x154}}, 0x0) 12m52.095099094s ago: executing program 33 (id=8897): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000050c0)={&(0x7f0000000040)=@can_delroute={0x154, 0x19, 0x1, 0x0, 0x0, {}, [@CGW_CS_XOR={0x8, 0x5, {0x0, 0x0, 0x88}}, @CGW_CS_CRC8={0x11e, 0x6, {0x2, 0x4, 0x0, 0x0, 0x0, "c87b656e285d281181111413f0081ddc21c51ffc7e9526ed8503c2aa9a5e0a96d01a3ad6c30d6baa1bdf0f6c4db0f4286fccba8944cee7e579a8dc8b3cde07b51c0a437334c8c52b2cc9301fdc5a473aaf13fbd5536aa0c719f9e37963f8e40ae29ee94ccd6deef4750b5d9d6e8dc3967a4a5190ce4bc0dc8fac276a4270ec73d98334dbb9a2c0797698e4386e2c1872d2a04e6904ccd29d2a7b59082689da3602b982a9a619fa91f33a33723f92930f8a430d10ca1d979db27615a77556811503f3e6f300770b42f29d54f7f5f2fbe93144d1ee8a63e74d5f84c61acf20e8931d09f7c29048edbaff2ea4b29242fd9eec8082002947c4fa12d0fbffe2c4befd", 0x0, "5bf6ad242712a12236ec1625ac06613fc5f12f67"}}, @CGW_MOD_SET={0x15, 0x4, {{{}, 0x0, 0x0, 0x0, 0x0, "2d2fd7ac2612dea2"}, 0x1}}]}, 0x154}}, 0x0) 12m10.440672172s ago: executing program 2 (id=9396): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000040)=@x={0x94, 0x4, "74094e18339a"}) 12m10.130476977s ago: executing program 2 (id=9401): prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, &(0x7f0000000080)) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff9000/0x7000)=nil, 0x7000, &(0x7f0000000000)='\x00\x00\xad\xddP\x04Do\x90\x986\xc7\"K3\xaf\xf3\xe7\xf7Dm\xebD\x04\xf9A\x86_\x8d\x93\xe2\x13\xbf\xc5\xc7c\xe3\xf9(\xfe\x8a\x1c\xa8\x15\xf6\x81\xf6\xfcAM\x86\xc1\xb1\xdaJoI\xef\xf0\xe6U\xc2\r!\x16\xda\x16Y\xc0\x13\xba\xacX\a9@\x00\xac\xd0\xf1\xb3\xa8\xa7\x86h3|\x03\x95@\xebM\xa6i\xb3S\x84\xa0yum\xcbZ$8\xd2e\x19\xdb\xeb\xf3\x1eK\x1a\xad\xc4w\xe5\xcd&f\x9e\xc4') 12m9.835518752s ago: executing program 2 (id=9405): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x2000000, &(0x7f0000000340)=ANY=[], 0x2, 0x640, &(0x7f000003e800)="$eJzs3c1rHOcdB/DvrGRZa4OjNLbjlkBEDGmpqK0XlFa9xC2lqBBKSA+9VtgyFl47qaQUJZRGfaPXHvIHpAfdeir0UigY0nN7y1XHQKGXnNTTlpmdXUmWLGujl5Xdz8fMPs/sM/PM7/ntMzO7a8QG+L81P5HhRykyP/HWWrm+uTHT2tyYedCtJzmfpJEMd4oUD5Pi0+RWOku+Wj5Zd1c86TgfL82989kXm5931obrpdq+cdB+h7NeLxlPMlSXx9Xf7SP3V/RGWCbsejdxMGjnkrR3+fnV7ZaDXTjyeQucBUXnvtnTrs/sseo0z2j9PqBzV+zcs59p64MOAAAAAE7BC1vZylouDToOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeJbUv/9f/er/aO+pFOMpur//P9JtT3JxgKEebORwmz1qnHQgAAAAAAAAAHDyXt3KVtZyqbvefvNn242Xq8eLeT8rWcxybmQtC1nNapYzlWRsR0cjawurq8tTee2pe07vu+f0IQNuHmm4AAAAAAAAAPC8+k3mt///HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzoIiGeoU1XK5Wx9LYzjJaJKRcrv15F/d+rPs0aADAAAAgFPwwla2spZL3fV2UX3mv1p97h/N+3mY1SxlNa0s5k71XUDnU39jc2Omtbkx86Bc9vb7vf/0FUbVYzrfPex/5GvVFs3czVL1zI3czrtp5U4a1Z6la9149o/r12VMxZu1Q0Z2py7Lkf+xLk/e0CG2Gasycq6Xkck6tjIbLx6cid2vznq/R5pKo/fNz+UTyPmFuiySiz86tZwfRp2JV1NnYnrH7Lu6fybGejt//a9//um91sP79+6uTJydIfXhfLvd7tYfnxMzOzLx8sFz4jnIxE6TVSau9Nbn88P8JBMZz9tZzlJ+kYWsZjHj+UFVW6jnc/k4dnCmbu1ae7t6bD45kpH6delcPfqL6bVq30tZyo/zbu5kMW9U/6YzlW9nNrOZ2/EKXznEWd/o76y//o26Ug7wDwcP9JSVeX2xzutHya5r7ljVtvOZ7SylyHFfG4e/VlfKY/y2Ls+GxzMxtSMTLx08X/5UXVZWWg/vL99beO+Qx3u9Lsvz6Pdn6i5RzpevlC9WtbZ7dpRtL+3bNlW1Xe61Nfa0Xem1Pe1MHanfw+3tabpqe3nftpmq7dqOtv3ebwFw5l345oWR5r+b/2x+0vxd817zrdHvn//O+VdGcu4f5747PDn0euOV4i/5JL/a/vwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8eSsffHh/odVaXH6s0m63P3pC05etDKWfvf7+t+M8evf3iI5xOMdbGe1n4/bZiLmfyn/b7faxdLh+wKQ9tkq7diZSN6DKgC9MwIm7ufrgvZsrH3z4raXuLXJ2dm5ybvaNmZt3l1qLk53HAQcJnIjtm/7etvFBBAQAAAAAAAAAAAA81Wn8OcGgxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA82+YnMvwoRaYmb0yW65sbM61y6da3txxO0khS/DIpPk1upbNkbEd3xZOO8/HS3DuffbH5+XZfw93tG3v3a/Y5ivV6yXiSobo8gl393T5yf0VvhGXCrncTB4P2vwAAAP//wBMQZA==") mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2236824, 0x0) 12m9.462578357s ago: executing program 2 (id=9409): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000019c0)=ANY=[@ANYBLOB='allow_utime=00000000000000000000304,namecase=1,errors=remount-ro,umask=00000000000000000000020,fmask=00000000000000000000005,iocharset=cp1251,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000003,errors=continue,fmask=00000000000000000000005,allow_utime=0000000000000002\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x1, 0x152a, &(0x7f0000000340)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+ZDzKSFJmiQJySlZ/2vC327X/vbe3+7Lvvbcv+t6r1n3u557Pet57/ewnuedmW+7DK3ZuFa1hkQE/xa88CMJAGIBYCAAXAMAAQCUiysXl9WfU2LSv7cT9sd6KPVKz4BdSVz/7I3rn71x/bM3rn/2xvXP3rj+2RvXP3vj+jOWnW2aXvBavmXfG1//z8748/+/SGbpsV+uLX19V4CYfzaF65+9cf3/awX/zEZc/+yN659dxV7pCbD/APz6zw5y/N0ern/2xvVnLDv7c683y/+47xsg8uc+Bgqu/DH/6vgZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLE/wWl/mQKAS+0rPS/GGGOMMcYYY4z9cXyOKz0DxhhjjDHGGGOM/d9DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+b/KfwF6wIvQE3pBEvSGPvAS9IV+0B8GwEB4GQbBKzAYXoVkGAJD4TUYBq/DcHgDRsBIGAVvwmh4C8bAWBgH4yEFJsBEeBsmwTswGabAVJgGqTAdZsC7MBNmwWx4D+bA+zAX5sF8WABp8AEshEWQDh/CYvgIMmAJLIVlsBxWwEpYBathDayFj2EdrIcNsBE2wWbYAlthG2yHHfAJ7IRPYRfshj3wGeyFz//F/FN/k98VAQEFClSoMAZjMBZjMRfmwtyYG/NgHoxgBOMwDvNiXsyH+bAAFsB4jMfCWBgNGiQkLIJFMIpRLIbFsDgWx5JYEh06TMAELIM3Y1ksi+WwHJbH8lgBK2JFrIyVsQpWwapYFathNayO1bEm1sS78W7sjXWwDtbFulgP6126PIUNsSE2wkbYGBtjE2yCTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI+JmIgdsAN2xI7YCTthZ+yMXbALdsVu2C3zhRyAL+KL2Auri97YB/tgX0zO0R8H4AB8GQfhK/gKvorJOASH4mv4Gr6Ow/EkjsCROApHYRXxFo7BsUhiPKZgCk7EiTgJJ+FknIJTcBqm4nScgTNwJs7CWfgezsH38X2ch/NwAaZhGi7ERZiO6bgYT2EGLsGluAyX4wpcjqtwNa7CtfgxrsX1uB434kbcjJtxK27F7bgdP0EFgJ/ibtyNybgX9+I+3If7cT8ewAOYiZl4EA/iITyEh/EwHsEjeBSP4XE8hifwBJ7EU3gaT+NZPIvn8Ln4rxt9UmJNMogsSigRI2JErIgVuUQukVvkFnlEHhEREREn4kRekVfkE/lEAVFAxIt4UVgUFkYYQSKMAQARFVFRTBQTxUVxUVKUFE44kSASRBlRRpQVZUU5casoL24TFURF0cZJUVlUEW1dVXGnqCaqieqihqgpaolaoraoLeqIOqKuqCvqiXqivnhANBC9sT8+JLIq01gMwSZiKDYVzYS8+A7WSgzH1qKNaCueECNxBLYXrVyieFp0EGOwo/iLGIvPis5iPHYRz4uuopvoLl4QPURr11P0EpOxt+gjpmFf0U/0FwPETKwh3sM5OWuKV0WyGCKGitfEAnxdDBdviBFipBgl3hSjxVtijBgrxonxIkVMEBPF22KSeEdMFlPEVDFNpIrpYoZ4V8wUs8Rs8Z6YI94Xc8U8MV8sEGniA7FQLBLp4kOxWHwkMsQSsVQsE8vFCrFSrBKrxRqxVnws1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BSfil1it9gjPhN7xedin/hC7BdfigPiK5EpvhYHxTfikPhWHBbfiSPie3FUHBPHxQ/ihPhRnBSnxGlxRpwVP4lz4mdxXngBEqWQUioZyBiZQ8bKnDKXvErmlsHFR/daGSevk3nl9TKfzC8LyIIyXhaShaWWRlpJMpRFZFEZlTfIYvJGWVyWkCVlKelkaZkgb5Jl5M2yrLxFlpO3yvLyNllBVpSVZGV5u6wi75AQubCP6rKGrClrybtlEtwj68h7ZV15n6wn75f15QOygXxQNpQPyUbyYdlYPiKbyEdlU9lMNpctZEv5mGwlH5etZRvZVj4h28knZXv5lEyUT8sO0l98ijwrO8vnZBf5vOwqu8nu8md5XnrZU/aS0BtkH/mS7Cv7yf5ygBwoX5aD5CtysHxVJsshcqh8TQ6Tr8vh8g05Qo6Uo+SbcrR8S46RY+U4OV6myAlyonxbTpLvyMlyipwqp8lUOV32vzjSbCn/Yf7bv5M/+Je9b5Sb5Ga5RW6V2+R2uUN+InfKnXKX3CX3yD1yr9wr98l9cr/cLw/IAzJTZsqD8qA8JA/Jw/KwPCKPyKPymDwjf5An5I/ypDwlT8kz8qw8K89dfAxAoRJKKqUCFaNyqFiVU+VSV6nc6mqVR12jIupaFaeuU3nV9Sqfyq8KqIIqXhVShZVWRllFKlRFVFEVVTfgxSeMKqlKKadKqwR107+Sr4qpG1VxVeJX+Zfml/R35tdStVStVCvVWrVWbVVb1U61U+1Ve5WoElUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJakk1Ue9pPqqfqq/GqAGqpfVIDVIDVaDVbJKVkPVUDVMDVPD1XA1Qo1Qo9QoNVqNVmPUGDVOjVMpKkVNVBPVJDVJTVaT1VQ1VaWqVDVDzVAz1Uw1W81Wc9QcNVfNVfPVfJWm0tRCtVClq3S1WC1WGWqJWqKWqWVqhVqhVqlVao1ao7LWX+vVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nLfsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBtcH+QL8gcFgoJBfFAoKBzowAQ2EBeLHg1uCIoFNwbFgxJByaBU4ILSQUJwU1AmuDkoG9wSlAtuDcoHtwUVgopBpaBycHtQJbgjqBrcGVQL7gqqBzWCmkGt4O6gdnBPUCe4N6gb3BfUC+4P6gcPBA2CB4OGwUNBo+DhoHHwSNAkeDRoGjQLmgctgpZ/6Pjen8z/uOupe+kk3Vv30S/pvrqf7q8H6IH6ZT1Iv6IH61d1sh6ih+rX9DD9uh6u39Aj9Eg9Sr+pR+u39Bg9Vo/T43WKnqAn6rf1JP2Onqyn6Kl6mk7V0/UM/a6eqWfp2fo9PUe/r+fqeXq+XqDT9Ad6oV6k0/WHerH+SGfoJXqpXqaX6xV6pV6lV+s1eq3+WK/T6/UGvVFv0pv1Fr1Vb9Pb9Q79id6pP9W79G69R3+m9+rP9T79hd6vv9QH9Fc6U3+tD+pv9CH9rT6sv9NH9Pf6qD6mj+sf9An9oz6pT+nT+ow+q3/S5/TP+rz2WYv7rI93o4wyMSbGxJpYk8vkMrlNbpPH5DEREzFxJs7kNXlNPpPPFDAFTLyJN4VNYZOFDJkipoiJmqgpZoqZ4qa4KWlKGmecSTAJpowpY8qasqacKWfKm/KmgqlgKplK5nZzu7nD3GHuNHeau8xdpoapYWqZWqa2qW3qmDqmrqlr6pl6pr6pbxqYBqahaWgamUamsWlsmpgmpqlpapqb5qalaWlamVamtWlt2pq2pp1pZ9qb9ibRJJoOpoPpaDqaTqaT6Ww6my6mi+lqupruprvpYXqYnqanSTJJpo/pY/qavqa/6W8GmoFmkBlkBpvBJtkkm6FmqBlmhpnhZrgZYUaaUVkLVfOWGWPGmnFmvEkxKWaimWgmmUlmsplsppqpJtWkmhlmhplpZprZZraZY+aYuWaumW/mmzSTZhaahSbdpJvFZrHJMBlmqVlqlpvlZqVZaVab1WatWWvWwTqzwWwwm8wms8VsMdvMNrPD7DA7zU6zy+wye8wes9fsNfvMPrPf7DcHzAGTaTLNQXPQHDKHzGFz2BwxR8xRc9QcN8fNCXPCnDQnzWlz2pw1+S9+XnoTa3PaXPYqm9tebfPYa+zfxgVsQRtvC9nCVtt8Nv+vYmOtLW5L2JK2lHW2tE2wN/0mrmAr2kq2sr3dVrF32Kq/iWvbe2wde6+ta++ztezdv4rr2fttffuIbYAIYJvZRraFbWwfsU3so7apbWab2xa2nX3StrdP2UT7tO1gn/lNvNAusqvtGrvWfmx32d32tD1jD9lv7Vn7k+1pe9mB9mU7yL5iB9tXbbId8pt4lH3TjrZv2TF2rB1nx/8mnmqn2VQ73c6w79qZdtZv4jT7gZ1j0+1cO8/Otwt+ibPmlG4/tIvtRzbDBrDULrPL7Qq70q76/3NdZtfbDXaj3Wk/tVvsVrvNbrc7Li2E7W67x35m99rP7UH7jd1vv7QH7GGbab/+Jc46vsP2O3vEfm+P2mP2uP3BnrA/qkvZWcf+g/3ZnrfeAiEBSVIUUAzloFjKSbnoKspNV1MeuoYidC3F0XWUl66nfJSfClBBiqdCVJg0GbJEFFIRKkpRuoEuTa8klSJHpSmBbqIydDOVpVuoHN1K5ek2qkAVqRJVptupCt1BVelOqkZ3UXWqQTWpFt1NtekeqkP3Ul26j+rR/VSfHqAG9CA1pIeoET1MjekRakKPUlNqRs2pBbWkx6gVPU6tqQ21pSeoHT1J7ekpSqSnqQM9Qx3pL9SJnqXO9Bx1oeepK3Wj7vQC9aAXqSf1oiTqTX3oJepL/ag/DaCB9DINoldoML1KyTSEhtJrNIxep+H0Bo2gkTSK3qTR9BaNobE0jsZTCk2gifQ2TaJ3aDJNoak0jVJpOs2gd2kmzaLZ9B7NofdpLs2j+bSA0ugDWkiLKJ0+pMX0EWXQElpKy2g5raCVtIpW0xpaSx/TOlpPG2gjbaLNtIW20jbaTjvoE9pJn9Iu2k176DPaS5/TPvqC9tOXdIC+okz6mg7SN3SIvqXD9J3vRd/TUTpGx+kHOkE/0kk6RafpDJ2ln+gc/UznyROEGIpQhioMwpgwRxgb5gxzhVeFucOrwzzhNWEkvDaMC68L84bXh/nC/GGBsGAYHxYKC4c6NKENKQzDImHRMBreEBYLbwyLhyXCkmGp0IWlw4TwprBMeHNYNrwlLBfeGpYPbwsrhBXDR+6rHN4eVgnvCKuGd4bVwrvC6mGNsGZYK7w7rB3eE9YJ7w3rhveFZcP7w/rhA2GD8MGwYfhQ2Ch8OGwcPhI2CR8Nm4bNwuZhi7Bl+FjYKnw8bB22CduGT4TtwifD9uFTYWL4dNghfOaX/vsX/f3+pLB32Cd8KXwp9P5eOT+6IJoW/SC6MLoomh79MLo4+lE0I7okujS6LLo8uiK6Mroqujq6Jro2+nF0XXR9dEN0Y9T7WjnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx13jIu5aF+euc3nd9S6fy+8KuIIu3hVyhZ12xllHLnRFXFEXdTe4Yu5GV9yVcCVdKedcaZfgWriWrqVr5R53rV0b19Y94Z5wT7on3VPuKfe06+CecR3dX1wn96zr7J5zz7nnXVfXzXV3L7gebkKeC6/JJNfH9XF9XV/X3/V3A91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfVTXWpLtXNcDPcTDfTVZl1YS9z3Vw33813aS7NLXRZa8Z0t9gtdhkuwy11S91yt9ytdCvdarfarXVr3Tq3zm1wG9wmt8ltcVvcNrfN7XA73E630+3y11wY1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5MiUyNTItEhqZHpkRuTdyMzIrMjsyHuROZH3I3Mj8yLzIwsiaZEPIgsjiyLpkQ8jiyMfRTIiSyJLI8siyyMrIt4X2hL6Ir6oj/obfDF/oy/uS/iSvpR3vrRP8Df5Mv5mX9bf4sv5W315f5uv4Cv6Sv5R39Q38819C9/SP+Zb+cd9a9/Gt/VP+Hb+Sd/eP+UT/dO+g3/Gd/R/8Z38s76zf8538c/7rr6b7+5f8D38i76n7+WTfG/fx7/k+/p+vr8f4Af6l/0g/4of7F/1yX6IH+pf88P86364f8OP8CP9qJg3/ehLp8gw3qf4CX6if9tP8u/4yX6Kn+qn+VQ/3c/w7/qZfpaf7d/zc/z7fq6f5+f7BT7Nf+AX+kU+3X/oF/uPfIZfcumisl/pV/nVfo1f6z/26/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w3/id/pP/S6/2+/xn/m9/nO/z3/h9/sv/QH/lc/0X/uD/ht/yH/rD/vv/BH/vT/qj/nj/gd/wv/oT/pT/rQ/48/6n/w5/7M/z3+zxhhjjDH2T5lwuSl+3XPhcn7v38kRf7VxHwC4emvBzL/uz1pRrst3od1PxLeLAMDTvbo8dOlWvXpSUtLFbTMkBEXnAVz6JihLDFyOl0BbeBISoQ2U+d359xPdztI/GD96K0Cuv8qJhcvx5fG/AMCk3xn/sSdGLSwfno77H8afB1C86OWcnHA5XgJtf7m+0gbK/p3552/1D+af88sUgNZ/lZMbLseX558Aj8MzkPirLRljjDHGGGOMsQv6iUqdLp1/XvqNz987P49Xl3NywOX4H52fM8YYY4wxxhhj7Mp7tlv3px5LTGzT6V9vVP1fZf3TjSbwfzUyN3634T3ApXsUAPybAwJkNeSfeRSb/5R9JV986fxt1/IzPoD/jFL+EY0r/MbEGGOMMcYY+8NdXvT/+n51pSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ3/GvxO70sfIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/LwAA//9+qv+4") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 12m8.954348695s ago: executing program 2 (id=9414): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x11, 0x4, 0x4, 0x1f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x4, &(0x7f00000004c0)={{r0}, &(0x7f00000003c0)=0x1e00, &(0x7f0000000480)='%pi6 \x00'}, 0x20) 12m8.467203292s ago: executing program 2 (id=9419): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_SNOOPING={0x5}, @IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x1}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x0) 12m8.058472939s ago: executing program 34 (id=9419): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_SNOOPING={0x5}, @IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x1}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x0) 6m20.78265981s ago: executing program 4 (id=14574): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000040)={0x8, @output={0x0, 0x1, {0xffffffff}, 0x3, 0xd}}) 6m20.433499465s ago: executing program 4 (id=14580): sendmmsg$unix(0xffffffffffffffff, &(0x7f000000bb00)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000002c0)="e0f658cf341433b192e2c342d5290dd679fec97084e603d9eb574a1a60e14d0be3b6f5be692f39b1fe6566ec241b7db2822d9a5c600989dcccebcbc529741eb2e9d42484ec66b272cd36482942913d9ae4b750ede4250dab3145734e7a0d64c36ea04de27e90e9fbdf93d5bd0c92f98c39a5480d58436c25508bd056e04a8364fc65ab3fd03540fb7b8e6ac2a973a8da8e8085191f7f7223ca", 0x99}], 0x1, 0x0, 0x90, 0x4004004}}], 0x1, 0x0) ppoll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x4000}, {0xffffffffffffffff, 0x440}, {0xffffffffffffffff, 0x1000}], 0x45, 0x0, 0x0, 0x0) 6m20.286193688s ago: executing program 4 (id=14583): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@codepage={'codepage', 0x3d, 'utf8'}}]}, 0x1, 0x304, &(0x7f0000000780)="$eJzs3U9v00gYx/HfOEmbbqtutu1qpb3sqruV4FJR4IC4gFCu3DkhoEmliqiItkjAhVBxRLwA7rwFXgQXEG8AuHDiBfRmNOOx4yQTp5Gaui3fj9TKGc+fZ7AdP2OJWgB+WbeaX95d+W5/jFRRRdJ1KZJUl6qS/tRf9Sc7+9v7nXarqKOKa2F/jJKWZqjO5k471NS2cy28hv1U1UK+DNMRx/HNr2UHgdK5qz8gkmb9dej21084ruPiJzebfu5K/5QYTinyB9gc6lBPtVhiOACAU8Df/yN/m1hwRUZRJK352/6Zvv8POiw7gON1tTNUFBc2yN3/XXYXG3t8f3e7eus9t4Sz+6N0lXiUYGoDn2eUnFl9CaYJryq/xQkfSzS3tV3V+uZLtSId6IaXa7DifreSUzc1JtrVwNp0FJsxjuytptu/JbOxGeXc4O40pK3tTttlnoH4l0ODTvKvPSnzwXwyd01db9XK8r9qbOxhckeqMXCkopqN/9LoHuddK1vLTtkk84z6qvzhBvnbj+CNmWU9vCLJ95k+IOhmEQTiPEg33NhL6n+skMxuIzSA6XW+HGrVyD4Nt3VjrfS1qvgzYX3zUafwUcp0pFM0b8wds6ofeq9mLv+PbHxryl2ZRV/1xtX0Z0Yyn5lwzaqr2Ri6c3SzrX+zCLzZiecGacKnZa/1QNe0uPfs+cNKp9PetRv3AxuPF3aNL6m9koJ1pr9RUUEddXsl7ubxIo6P2nM8zeAvHmuH9vsjK7GXT6iyvcqykuikD9P526gqtKv5UUUn5FQ30tRlwub14C6baI1oNZXvKJwyeyY96L5gKInFOWfzLpOs/1wm77M69z1jfzUK8vTiRab6etzIVnD9qeBSKHcZszaYH72Cy414ecSa0a25/rsg/Z8rNCocseHiPDdMU591j+f/AAAAAAAAAAAAAAAAAAAAZ81J/I+FsucIAAAAAAAAAAAAAAAAAAAAAMBZd/T3/8713tQU+hvx7v2/jbHv/+17AbB/URTv/wXK8TMAAP//WW58Eg==") mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\xfc\x90\xa4\x8f\x98\xb9\x89Q\xa4Pxy0\x01\x8cC\x1f|\xad\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file1\x00', 0x0, 0x1a39143, 0x0) 6m20.055368861s ago: executing program 4 (id=14588): syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4002, &(0x7f00000004c0)={[{@codepage={'codepage', 0x3d, 'cp775'}}, {@umask={'umask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp874'}}]}, 0x4, 0x33e, &(0x7f0000000540)="$eJzs3U1r1EAcBvBnkt1t1tYa20rBk1QLnkpbD4qXFil+Bg9SrO0WStcKWkGLYPUs4k0QPPbmWfQr6EX8AnrqQTzppXgwMpPJZrI7s0lf07LPD1yzybz8J8kkM7tsAyLqWTfmvm9d2Zb/RBWAD+A64AEIgAqAcxgNHq2t5xbkt5YE4pyiI83iWsOWNYDOoYXyXQUD5jo6HFEURT9yU/1OFp4fdjxUDmH2YIMH9OneqbYHRx7Zvs3YVm7G7eotxhEWO9jBYwyWGQ4REZVP3/89fZcY0ON3zwPG9Tj8pN7/E5nxzU55cRwLrfu/F7+PhNw/Z9QmOd9bWW82luIpnDz6XjJLtJVlPSeidHfXEJ9Zfr8x5DJqsVOxePXllWZjYlMV8AIzmpFsRL0uIWmI4oq2BkwBGOucmwrLdDWvtHz9qg1V2YZpR/zD3Wq0ToA//cQbe3XzXwrEJD6Lr2JehHiLpdb4rxIJuXPUkQrbukoc/6S7RNXKME6VaWUa/llVyXldAz6+T1tZd+3XAL6MxUaWItrH72ES5+uaOxeGkP1YIW7dlLt1KtcwUBFq1mDmmm4l+mvNNdJeV3252mxMLN5vuk76g2Wd0YlX4pYYwy98wJwx/vdk6nG4e2amlwuVUp8ZXdtTUSkdxzFDdeB77m5ILjczF79iXuIurmHw4ZON1YVms/Gg/IWkq+wx+4UDjic+EfXpKNfI/400CORCFYCznKp7k3XhXxRF1k0VHMUhqKqmXn2XNnljdUHoa97+qpBXzrZNs+7EAGYB6DXJFWEvtT9r5epLCyyU/Y882mqN/YRMojqCDpJUldnko69QT6l3rNnKyfX09N6uQnQCpUcfo7fLDobKIMcOIp7/GfOVSXXVkS9hl/lPlFe4UeKUYwY0pF5PFZvBtYp1jhP7k4WcOdfFy8Cltho9JDV2fNEV6jhxHL+V7PJVxqx9tZjDN9zh5/9ERERERERERERERERERERERERERCfNbn+N0PlzgvyFbI3bPfiHN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9sd4/i/gqyfG1GzP/+32pCbFj58QExzE83/9As//FZu7aCUR2fwPAAD//ycYXRM=") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 6m19.647779878s ago: executing program 4 (id=14596): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x41045508, &(0x7f0000002600)={0xfffffffe, 0x1, "5a77bd318786aeb879ca62cdab2a02fa560186c45b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b31a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008dacfba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34170613d806726615380fe65a6a0a72e19c2b60bd6276fd8bb63671ffcdbdae62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f600"}) 6m19.221023054s ago: executing program 4 (id=14605): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x80, 0x7fff0000}]}) openat2(0xffffffffffffffff, 0x0, 0x0, 0x0) 6m18.760744582s ago: executing program 35 (id=14605): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x80, 0x7fff0000}]}) openat2(0xffffffffffffffff, 0x0, 0x0, 0x0) 2.517991531s ago: executing program 6 (id=19942): setuid(0xee01) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x14, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 2.455409232s ago: executing program 6 (id=19943): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f00000002c0)={@local, @dev={0xac, 0x14, 0x14, 0x31}}, 0xc) 2.216560996s ago: executing program 6 (id=19947): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="18020000fffdffff0000000000000000850000004100000085000000d000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 2.063301128s ago: executing program 5 (id=19950): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x10}]}}}]}, 0x3c}}, 0x0) 2.028097289s ago: executing program 6 (id=19951): r0 = socket$netlink(0x10, 0x3, 0x4) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'vlan1\x00', &(0x7f0000000000)=@ethtool_rxfh={0x1}}) 1.926655331s ago: executing program 8 (id=19953): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0xff00000000000000}}, 0x1c) 1.92046186s ago: executing program 5 (id=19954): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x488, 0x2b0, 0x9403, 0x0, 0x2b0, 0x2c0, 0x3c0, 0x3d8, 0x3d8, 0x3c0, 0x3d8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @local}, @mcast1, [0x0, 0x0, 0xffffff00, 0xff000000], [0xff000000, 0x0, 0x0, 0xffffffff], 'veth1_to_bridge\x00', 'veth0_macvtap\x00', {}, {}, 0x2f, 0x0, 0x4, 0x14fb472eb2e58261}, 0x0, 0x28c, 0x2b0, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 'syz1\x00'}}, @common=@inet=@recent0={{0xf4}, {0x0, 0x5fc, 0x1, 0x0, 'syz0\x00'}}]}, @common=@inet=@TCPMSS={0x24, 'TCPMSS\x00', 0x0, {0xd}}}, {{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @private0, [0xff000000, 0x0, 0xffffffff, 0xff], [0xffffff00, 0x0, 0xff000000, 0xffffffff], 'ip_vti0\x00', 'erspan0\x00', {0xff}, {}, 0x6, 0xc, 0x7, 0x40}, 0x0, 0xc8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', {0x1000000}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x52e) 1.809490912s ago: executing program 8 (id=19955): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000000, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.794484222s ago: executing program 6 (id=19956): r0 = fsopen(&(0x7f0000000040)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='iocharset', &(0x7f0000000200)='%\x8bR\xafH\xd6e\x11\'\xec\xbb\xcb\xa0/\x1f\x16\xcf\xe2\xb5\xfc\xeb1\x12\xfdC\xb8\xa0\x01\xa3~\x971W\x96\xec\xaf\x1c\x91\xeb\xa8e\xfe\x17\x02xEA\x0f\x14\r\xae\xc1\xfe\x06\x12\beSb{~R\xf0\x06\x00\x00\x00\xf92\xce\x81p\x1fC\n\x9f(\x00\xc5\x1d\x9c\xccCq\x06\x1b-\f\xc9\xd9+\xa4\x14\xd8\xf4\xef\xf5^2\x14\xb8=\x03\x00\xd5M\x04\xf4{H\xd0\xc8\xf7\x10\xe1R \x9a^\xdfq*L\xc4lP6\x8f\xff&>\x94\x882\x1c\x00\x00\xc5\xbdD(\xa5\x17\x11\xd6\t\x12\x7fe\xba\xfc\x93\xf4\xd8\xb5\x04\xcb\x98\xd1QF\xe5\x1b\xb30x/\x86\x02\x1ct\xc7\x88\xd2\xce\xd5\x9e1\xef`\xad\x05\x11\xc9\xd8<\xc6~\x97\xd5\xde\xe3Eh\\\x84\x14\x9e\b\xe1\x9b\x00\'\xe8!\x8c\xc3\x97\x8a\xcf\xfc\x8fe\xa6\x0f\x8b\x912c\x1b>8\xc5\xa3_\xab\xf1\xf5\r\xb6\f\xfcS9\xd1.\x8b\xf3\xbc,?\xb2\x9aBDPY=r\xfa8I\x16\xa2\x18\xd4\xa5\x8b\xaf\xd1\x8a\xbb\x0e\x15O\xc9p@\xadaw\x84\xc9\xdd\x87a[\xdf\xc2\xa4\xf9@T/\xf5\xd1t\xc7\xeb\x04', 0x0) 1.719136383s ago: executing program 7 (id=19958): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0) writev(r0, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000180)='z', 0x1}], 0x2) 1.652199135s ago: executing program 5 (id=19959): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x844}, 0x4040004) 1.628266865s ago: executing program 6 (id=19960): syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=") quotactl$Q_SETINFO(0xffffffff80000600, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000580)={0x1, 0x51, 0x0, 0x6}) 1.491183977s ago: executing program 7 (id=19962): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x14, 0x2a, 0x1, 0x0, 0x0, "", [@typed={0x3}]}, 0x14}], 0x1}, 0x0) 1.462792438s ago: executing program 5 (id=19963): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x29, 0x6, 0xff, 0x402, 0x4b, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @loopback={0x0, 0xffff8881114a4aa8}, 0x20, 0x7800, 0xfffffff8, 0xfffffffa}}) 1.115425023s ago: executing program 5 (id=19967): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) preadv(r0, &(0x7f0000000240)=[{0x0}, {&(0x7f00000000c0)=""/37, 0x25}], 0x2, 0x0, 0x656) 1.114722603s ago: executing program 7 (id=19969): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8982, &(0x7f0000000000)={0x7, 'vlan0\x00', {0x9}}) 1.029542304s ago: executing program 8 (id=19970): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000070000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000012, 0x8ff, 0x0, &(0x7f00000004c0)="4133c9e924380000000000000000", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 871.406127ms ago: executing program 7 (id=19972): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x4) 854.644227ms ago: executing program 5 (id=19973): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x200044, &(0x7f0000000280)=ANY=[@ANYBLOB='iocharset=cp865,utf8=1,utf8=0,utf8=1,iocharset=utf8,sys_immutable,uni_xlate=0,uni_xlate=1,uni_xlate=1,gid=', @ANYRESHEX, @ANYBLOB="41004e4e54ee88866d537e9598610c3aa4821db83ef3f0185262560fcfcb5520f3bc7693b7838e83754caebd1d44fc4c3fc3ffa77c3330591ca76f57218579978ea4cce177c3edaccc60468898bf4067e3b1daae4953b47375230a899ce1a97f1677fa98c1b3e0f89216712f1fd23774ac8977f45e42166faa213261ddb1bb730146a259651de8c6c3c90b9ba3bc80b8278e3f776fedbfdf775af45bd9d5e5325e5f16bc412c3b"], 0x1, 0x1bd, &(0x7f0000000800)="$eJzs2z9rE3EYB/DnahvTKiSDkzjc6BSavoIGqSAGBCWDgqDYBqQnBQsBHWw3B9+EL8bBVV+JYwfhpLk06cUotbQ5aT6fJQ+5++b3h1ySJ3Av7rzZ3d7b7z/vf416ksTSZqRxlEQzluLEYQAAV8lRnsePPM/z64ex+jnyPK96RgDAZfP9DwCL58nTZw873e7W4zStR2QfB71Br3gsjnf68Tqy2In1aMTPOP6BMFLU9x90t9bToWZ8yg5G+YNB71o5345GNGfn20U+LedXYu10fiMacWt2fmNmvhZ3a+P8SkQ04vur2IsstuM4O8l/aKfpvUfdqfyN4XkAAABwFbTSsWH/Xoty/95qlY9P+uMi30nO/P/AVH+9HLeXq107ACyq/Xfvd19m2c7bcxT10WucM3624ttaMcglDnFBxcmWjp/ZnMf+/GtROz3DqWK1PNWbEXGhoy8XRW1+S04ioqoN/xIRfz0n+U/eEr9d1MOigg8jYK4mV3/VMwEAAAAAAAAAAAAAAP5kHvcVVb1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABbPrwAAAP//xU5/0Q==") syz_usb_connect(0x0, 0x46, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ab004e4099040210d7df010203010902340001000000000904d80002ca306f00090500000000000000080ba58b5893bb2a090500000000000000080b"], 0x0) 627.33187ms ago: executing program 7 (id=19975): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x30040083}, 0x8080) 626.98307ms ago: executing program 3 (id=19976): r0 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_int(r0, 0x0, 0x31, 0x0, &(0x7f0000000080)) 452.795733ms ago: executing program 7 (id=19977): syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000300000008"], 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000000c0)={0x0, 0x0, 0x3}, 0x65) 446.190293ms ago: executing program 8 (id=19978): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="421c0000000000001c001280090001007866726d000000000c0002800800020002000000140003007866726d2fe000"/56], 0x50}}, 0x0) 410.841794ms ago: executing program 3 (id=19979): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_MASK={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xd0}}, 0x0) 283.514856ms ago: executing program 3 (id=19980): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000002240), 0x2, 0x0) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000002280)={0xa, @raw_data="becb255ce19d7228279bdd59791f45f4f486173c46f66fd43e52ebeedd6d8bcb3f269580f6c83a019881b58ed05e009318e8d4a4b133346c473ed9f74a3a6e62177b7ca46b33685a2745567a9daf10799cfe02f8fe7698bbedc2cfd0f6c02d147e0b906763fa715f1b76237e90c21041263a9de3fda1ba350e79d550a96cc9f4c1e025b5e6f8bb230b37c7321ae707e7b926c99ca46d47c0cc57ea1e27dee0c39e8f922e0facd67bdc7fa3e30c4268972fa5258c2ecc36b6c06faf831660efc3788ca594e77f9e20"}) 259.297326ms ago: executing program 3 (id=19981): syz_open_procfs(0x0, &(0x7f0000000000)='net/if_inet6\x00') syz_open_procfs(0x0, &(0x7f0000000200)='net/if_inet6\x00') 195.033757ms ago: executing program 8 (id=19982): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xfffffffc}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}}, 0x20000000) 123.513909ms ago: executing program 3 (id=19983): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10000, 0x28011}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5, 0x8, 0x21}, @IFLA_MACSEC_ENCRYPT={0x5}]}}}]}, 0x44}}, 0x20) 7.20388ms ago: executing program 3 (id=19984): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003d37d840890457e00000000000010902240003000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000600)={0x2c, &(0x7f0000000380)={0x20, 0x16, 0x1, "e1"}, 0x0, 0x0, 0x0, 0x0}) 0s ago: executing program 8 (id=19985): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000001000000008"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0xc2}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) kernel console output (not intermixed with test programs): 5124] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1528.739812][T25139] xt_TCPMSS: Only works on TCP SYN packets [ 1528.825418][T25145] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18197'. [ 1528.893333][T25149] netlink: 4 bytes leftover after parsing attributes in process `syz.8.18208'. [ 1528.945869][T25153] Non-string source [ 1529.131677][T25167] program syz.3.18202 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1529.145783][T25169] loop8: detected capacity change from 0 to 256 [ 1529.379731][T25180] binder: Bad value for 'stats' [ 1530.158445][T25230] usb usb8: usbfs: process 25230 (syz.7.18223) did not claim interface 0 before use [ 1530.212307][T25235] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1530.441060][T25250] netlink: 'syz.6.18229': attribute type 10 has an invalid length. [ 1530.449224][T25250] netlink: 40 bytes leftover after parsing attributes in process `syz.6.18229'. [ 1530.488203][T25250] device batadv0 entered promiscuous mode [ 1530.508446][T25250] bridge0: port 1(batadv0) entered blocking state [ 1530.547882][T25250] bridge0: port 1(batadv0) entered disabled state [ 1530.572813][T25250] bridge0: port 1(batadv0) entered blocking state [ 1530.579537][T25250] bridge0: port 1(batadv0) entered forwarding state [ 1530.631312][T25264] loop3: detected capacity change from 0 to 16 [ 1530.658452][T25264] erofs: (device loop3): mounted with root inode @ nid 36. [ 1530.902522][T25279] netlink: 16 bytes leftover after parsing attributes in process `syz.6.18238'. [ 1530.937027][T25279] netlink: 12 bytes leftover after parsing attributes in process `syz.6.18238'. [ 1530.974097][ T1104] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 1530.984636][ T1104] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 1532.378919][T25374] netlink: 104 bytes leftover after parsing attributes in process `syz.3.18269'. [ 1532.965565][T25413] loop8: detected capacity change from 0 to 2048 [ 1533.001227][T25417] loop3: detected capacity change from 0 to 1024 [ 1533.176328][T25413] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 1533.390780][T10217] EXT4-fs (loop8): unmounting filesystem. [ 1533.538198][T25457] loop6: detected capacity change from 0 to 64 [ 1533.796596][T25466] netlink: 'syz.3.18294': attribute type 7 has an invalid length. [ 1533.939726][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 1533.939742][ T26] audit: type=1326 audit(1442.293:3574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25477 comm="syz.5.18296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84c18e929 code=0x7ffc0000 [ 1534.044051][ T26] audit: type=1326 audit(1442.331:3575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25477 comm="syz.5.18296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fe84c18e929 code=0x7ffc0000 [ 1534.096878][ T26] audit: type=1326 audit(1442.331:3576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25477 comm="syz.5.18296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84c18e929 code=0x7ffc0000 [ 1534.193646][ T26] audit: type=1326 audit(1442.340:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25477 comm="syz.5.18296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84c18e929 code=0x7ffc0000 [ 1534.251585][T25492] loop5: detected capacity change from 0 to 1764 [ 1534.347845][T25504] loop7: detected capacity change from 0 to 8 [ 1534.426251][T25509] cgroup: Unknown subsys name 'pcr' [ 1534.445259][T25504] SQUASHFS error: Failed to read block 0x636: -5 [ 1534.460519][T25504] SQUASHFS error: Unable to read metadata cache entry [634] [ 1534.495507][T25504] SQUASHFS error: Unable to read metadata cache entry [634] [ 1534.525435][T25504] SQUASHFS error: Unable to read directory block [629:0] [ 1534.574616][T25517] Invalid option length (1048180) for dns_resolver key [ 1534.969085][T25529] loop7: detected capacity change from 0 to 4096 [ 1535.020691][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffc0c00 [ 1535.037010][T25545] netlink: 4 bytes leftover after parsing attributes in process `syz.6.18316'. [ 1535.066823][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffc0c00 [ 1535.085684][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffc0c00 [ 1535.123056][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffc0c00 [ 1535.141789][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffc1c00 [ 1535.163358][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffc2c00 [ 1535.185293][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffc4c00 [ 1535.198088][T14417] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 1535.206366][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffc8c00 [ 1535.243336][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffd0c00 [ 1535.267234][T25529] ntfs3: loop7: try to read out of volume at offset 0x3fffffe0c00 [ 1535.350841][T25560] netlink: 24 bytes leftover after parsing attributes in process `syz.8.18320'. [ 1535.412963][T14417] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 1535.427090][T14417] usb 4-1: config 220 has an invalid descriptor of length 127, skipping remainder of the config [ 1535.431833][T25560] netlink: 24 bytes leftover after parsing attributes in process `syz.8.18320'. [ 1535.462509][T14417] usb 4-1: config 220 has no interface number 2 [ 1535.496781][T14417] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1535.501362][T25567] loop5: detected capacity change from 0 to 8 [ 1535.516329][T14417] usb 4-1: config 220 interface 0 has no altsetting 0 [ 1535.516354][T14417] usb 4-1: config 220 interface 76 has no altsetting 0 [ 1535.516373][T14417] usb 4-1: config 220 interface 1 has no altsetting 0 [ 1535.562658][T14417] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1535.589989][T14417] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1535.621254][T14417] usb 4-1: Product: syz [ 1535.633954][T14417] usb 4-1: Manufacturer: syz [ 1535.643222][T14417] usb 4-1: SerialNumber: syz [ 1535.689734][T25573] Invalid option length (1048180) for dns_resolver key [ 1535.729667][T25567] SQUASHFS error: Failed to read block 0x636: -5 [ 1535.742955][T25567] SQUASHFS error: Unable to read metadata cache entry [634] [ 1535.775380][T25567] SQUASHFS error: Unable to read metadata cache entry [634] [ 1535.790494][T25567] SQUASHFS error: Unable to read directory block [629:0] [ 1535.906727][T14417] usb 4-1: selecting invalid altsetting 0 [ 1535.925721][T14417] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 1535.932119][T14417] usb 4-1: No valid video chain found. [ 1535.991967][T14417] usb 4-1: selecting invalid altsetting 0 [ 1535.997780][T14417] usbtest: probe of 4-1:220.1 failed with error -22 [ 1536.050357][T14417] usb 4-1: USB disconnect, device number 25 [ 1536.088543][T25603] netlink: 40 bytes leftover after parsing attributes in process `syz.8.18330'. [ 1536.141226][T25609] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1536.678079][T25639] netlink: 'syz.6.18338': attribute type 1 has an invalid length. [ 1537.498702][T25690] loop5: detected capacity change from 0 to 8 [ 1537.560848][T11631] usb 8-1: new high-speed USB device number 36 using dummy_hcd [ 1537.570432][T25690] SQUASHFS error: Failed to read block 0xdfa: -5 [ 1537.577043][T25690] SQUASHFS error: Unable to read metadata cache entry [dfa] [ 1537.579389][T25694] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 1537.593678][T25690] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1537.623664][T25690] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 1537.651734][T25690] SQUASHFS error: Failed to read block 0x4de: -5 [ 1537.693954][T25690] SQUASHFS error: Failed to read block 0x4de: -5 [ 1537.731684][T25690] SQUASHFS error: Failed to read block 0x4de: -5 [ 1537.753682][T25690] SQUASHFS error: Failed to read block 0x4de: -5 [ 1537.787126][T11631] usb 8-1: config 220 has an invalid interface number: 76 but max is 2 [ 1537.795527][T11631] usb 8-1: config 220 has an invalid descriptor of length 127, skipping remainder of the config [ 1537.813432][T25690] SQUASHFS error: Failed to read block 0x4de: -5 [ 1537.820802][T11631] usb 8-1: config 220 has no interface number 2 [ 1537.827237][T11631] usb 8-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1537.840713][T11631] usb 8-1: config 220 interface 0 has no altsetting 0 [ 1537.847509][T11631] usb 8-1: config 220 interface 76 has no altsetting 0 [ 1537.850492][T25690] SQUASHFS error: Failed to read block 0x4de: -5 [ 1537.854912][T11631] usb 8-1: config 220 interface 1 has no altsetting 0 [ 1537.876895][T11631] usb 8-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1537.876971][T25690] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1537.906783][T11631] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1537.913836][ T26] audit: type=1800 audit(1446.007:3578): pid=25690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.18357" name="file1" dev="loop5" ino=5 res=0 errno=0 [ 1537.953801][T11631] usb 8-1: Product: syz [ 1537.963936][T11631] usb 8-1: Manufacturer: syz [ 1537.973304][T11631] usb 8-1: SerialNumber: syz [ 1538.190317][T25721] loop5: detected capacity change from 0 to 512 [ 1538.221234][T11631] usb 8-1: selecting invalid altsetting 0 [ 1538.231784][T25721] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 1538.242627][T11631] usb 8-1: Found UVC 7.01 device syz (8086:0b07) [ 1538.261240][T11631] usb 8-1: No valid video chain found. [ 1538.321687][T11631] usb 8-1: selecting invalid altsetting 0 [ 1538.331131][T11631] usbtest: probe of 8-1:220.1 failed with error -22 [ 1538.348350][T11631] usb 8-1: USB disconnect, device number 36 [ 1538.361119][T25721] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 1538.379776][T25733] loop6: detected capacity change from 0 to 8 [ 1538.391470][T25721] Quota error (device loop5): write_blk: dquota write failed [ 1538.396880][T25744] Cannot find del_set index 136 as target [ 1538.410451][T25721] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota [ 1538.433332][T25721] EXT4-fs error (device loop5): ext4_acquire_dquot:6814: comm syz.5.18364: Failed to acquire dquot type 0 [ 1538.434965][T25733] SQUASHFS error: Failed to read block 0xdfa: -5 [ 1538.466097][T25733] SQUASHFS error: Unable to read metadata cache entry [dfa] [ 1538.475520][T25721] EXT4-fs (loop5): 1 truncate cleaned up [ 1538.482279][T25733] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1538.488705][T25721] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1538.506317][T25733] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 1538.516688][T25733] SQUASHFS error: Failed to read block 0x4de: -5 [ 1538.528149][T25733] SQUASHFS error: Failed to read block 0x4de: -5 [ 1538.545316][T25733] SQUASHFS error: Failed to read block 0x4de: -5 [ 1538.572378][T25733] SQUASHFS error: Failed to read block 0x4de: -5 [ 1538.579883][T25733] SQUASHFS error: Failed to read block 0x4de: -5 [ 1538.586390][T25733] SQUASHFS error: Failed to read block 0x4de: -5 [ 1538.598812][T25733] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1538.607017][ T26] audit: type=1800 audit(1446.652:3579): pid=25733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.18377" name="file1" dev="loop6" ino=5 res=0 errno=0 [ 1538.832997][ T5332] usb 6-1: new high-speed USB device number 48 using dummy_hcd [ 1539.048328][ T5332] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1539.110698][ T5332] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 62709, setting to 1024 [ 1539.130615][ T5332] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 1024 [ 1539.157393][ T5332] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1539.190803][ T5332] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1539.222339][T25721] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1539.245458][ T5332] usb 6-1: invalid MIDI out EP 0 [ 1539.382166][ T5332] snd-usb-audio: probe of 6-1:27.0 failed with error -22 [ 1539.395253][T25809] loop8: detected capacity change from 0 to 8 [ 1539.425539][ T4340] udevd[4340]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1539.478779][T25809] SQUASHFS error: Failed to read block 0xdfa: -5 [ 1539.495040][T11631] usb 6-1: USB disconnect, device number 48 [ 1539.495620][T25809] SQUASHFS error: Unable to read metadata cache entry [dfa] [ 1539.516504][T25819] netlink: 16 bytes leftover after parsing attributes in process `syz.6.18381'. [ 1539.558359][T25809] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1539.603449][T25809] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 1539.624002][T25809] SQUASHFS error: Failed to read block 0x4de: -5 [ 1539.634672][T25809] SQUASHFS error: Failed to read block 0x4de: -5 [ 1539.641412][T25809] SQUASHFS error: Failed to read block 0x4de: -5 [ 1539.660095][T25809] SQUASHFS error: Failed to read block 0x4de: -5 [ 1539.719017][T25809] SQUASHFS error: Failed to read block 0x4de: -5 [ 1539.750516][T25809] SQUASHFS error: Failed to read block 0x4de: -5 [ 1539.790273][T25809] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1539.812842][ T26] audit: type=1800 audit(1447.775:3580): pid=25809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.18382" name="file1" dev="loop8" ino=5 res=0 errno=0 [ 1540.035480][T25850] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 1540.199224][T18416] EXT4-fs (loop5): unmounting filesystem. [ 1540.360386][T25869] x_tables: duplicate entry at hook 2 [ 1540.691887][T25838] loop3: detected capacity change from 0 to 32768 [ 1540.766273][T25838] ERROR: (device loop3): xtTruncate: XT_GETPAGE: xtree page corrupt [ 1540.766273][T25838] [ 1540.833298][T25838] ERROR: (device loop3): remounting filesystem as read-only [ 1540.847175][T25895] loop8: detected capacity change from 0 to 64 [ 1540.906802][T25900] netlink: 'syz.5.18415': attribute type 7 has an invalid length. [ 1540.914723][T25900] netlink: 'syz.5.18415': attribute type 5 has an invalid length. [ 1540.970988][T25900] netlink: 17 bytes leftover after parsing attributes in process `syz.5.18415'. [ 1540.986554][T25903] loop7: detected capacity change from 0 to 512 [ 1541.048902][T25903] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 1541.129524][T25903] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 1541.208284][T25903] Quota error (device loop7): write_blk: dquota write failed [ 1541.215770][T25903] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota [ 1541.302429][T25903] EXT4-fs error (device loop7): ext4_acquire_dquot:6814: comm syz.7.18404: Failed to acquire dquot type 0 [ 1541.367027][T25903] EXT4-fs (loop7): 1 truncate cleaned up [ 1541.372776][T25903] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 1541.430230][T25929] misc userio: No port type given on /dev/userio [ 1541.772717][T11448] usb 8-1: new high-speed USB device number 37 using dummy_hcd [ 1541.999181][T11448] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1542.021214][T11448] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 62709, setting to 1024 [ 1542.039933][T11448] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 1024 [ 1542.093580][T11448] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1542.124433][T11448] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1542.156295][T25903] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1542.194392][T11448] usb 8-1: invalid MIDI out EP 0 [ 1542.310206][T11448] snd-usb-audio: probe of 8-1:27.0 failed with error -22 [ 1542.424996][T26004] misc userio: No port type given on /dev/userio [ 1542.456172][ T7031] udevd[7031]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1542.478790][ T4322] usb 8-1: USB disconnect, device number 37 [ 1542.511441][T26007] loop6: detected capacity change from 0 to 128 [ 1542.538353][T26017] loop5: detected capacity change from 0 to 512 [ 1542.558422][T26007] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 1542.588574][T26017] EXT4-fs error (device loop5): __ext4_iget:5076: inode #11: block 1: comm syz.5.18427: invalid block [ 1542.603558][T26007] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1542.687406][T26024] loop3: detected capacity change from 0 to 512 [ 1542.702600][T26017] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.18427: couldn't read orphan inode 11 (err -117) [ 1542.762382][T26017] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1542.786867][T26024] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1542.964427][T18416] EXT4-fs (loop5): unmounting filesystem. [ 1542.972579][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 1543.087888][T26046] netlink: 212168 bytes leftover after parsing attributes in process `syz.8.18436'. [ 1543.153905][T26354] EXT4-fs (loop7): unmounting filesystem. [ 1543.343070][T26061] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 1543.572922][T26076] xt_hashlimit: overflow, try lower: 5/0 [ 1543.604558][T26078] ALSA: mixer_oss: invalid OSS volume 'u' [ 1543.692422][T26082] loop8: detected capacity change from 0 to 512 [ 1543.754325][T26082] EXT4-fs error (device loop8): __ext4_iget:5076: inode #11: block 1: comm syz.8.18446: invalid block [ 1543.787219][T26082] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.18446: couldn't read orphan inode 11 (err -117) [ 1543.801620][T26082] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 1543.892737][T26091] netlink: 'syz.3.18449': attribute type 7 has an invalid length. [ 1543.918993][T26091] netlink: 'syz.3.18449': attribute type 5 has an invalid length. [ 1543.941869][T26091] netlink: 17 bytes leftover after parsing attributes in process `syz.3.18449'. [ 1543.988680][T10217] EXT4-fs (loop8): unmounting filesystem. [ 1544.840931][T11631] usb 8-1: new high-speed USB device number 38 using dummy_hcd [ 1544.863878][T26178] loop6: detected capacity change from 0 to 4096 [ 1544.940813][T26191] netlink: 'syz.8.18467': attribute type 7 has an invalid length. [ 1544.959064][T26191] netlink: 'syz.8.18467': attribute type 5 has an invalid length. [ 1544.969897][T26191] netlink: 17 bytes leftover after parsing attributes in process `syz.8.18467'. [ 1545.051884][T11631] usb 8-1: Using ep0 maxpacket: 16 [ 1545.067144][T11631] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 1545.107563][T11631] usb 8-1: config 0 has no interface number 0 [ 1545.142053][T11631] usb 8-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 1545.184875][T11631] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1545.192943][T11631] usb 8-1: Product: syz [ 1545.236642][T11631] usb 8-1: Manufacturer: syz [ 1545.241501][T11631] usb 8-1: SerialNumber: syz [ 1545.260229][T11631] usb 8-1: config 0 descriptor?? [ 1545.292759][T11631] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 1545.424689][T26201] loop8: detected capacity change from 0 to 4096 [ 1545.461743][T26210] loop6: detected capacity change from 0 to 512 [ 1545.501002][T26217] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1545.534460][T26201] NILFS error (device loop8): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 1545.580833][T26210] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1545.596956][T26201] Remounting filesystem read-only [ 1545.730673][T11631] gspca_spca1528: reg_w err -71 [ 1545.761070][T11631] spca1528: probe of 8-1:0.1 failed with error -71 [ 1545.801392][T11631] usb 8-1: USB disconnect, device number 38 [ 1545.802170][T25017] EXT4-fs (loop6): unmounting filesystem. [ 1546.312900][T26252] loop5: detected capacity change from 0 to 4096 [ 1546.626205][T11448] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 1546.728403][T26277] ALSA: mixer_oss: invalid OSS volume 'u' [ 1546.833838][T11448] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 1546.854128][T11448] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1546.877290][T11448] usb 4-1: Product: syz [ 1546.881488][T11448] usb 4-1: Manufacturer: syz [ 1546.889540][T26279] loop5: detected capacity change from 0 to 4096 [ 1546.921520][T11448] usb 4-1: SerialNumber: syz [ 1546.923094][T26279] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512) [ 1546.957955][T11448] usb 4-1: config 0 descriptor?? [ 1546.971758][T11448] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 1547.409072][T26274] loop7: detected capacity change from 0 to 32768 [ 1547.424207][T11448] usb 4-1: USB disconnect, device number 26 [ 1547.490859][T26274] ocfs2: Slot 0 on device (7,7) was already allocated to this node! [ 1547.552929][T26274] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 1547.687171][T26274] (syz.7.18491,26274,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=64 [ 1547.751978][T26274] (syz.7.18491,26274,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 1547.769330][T26274] (syz.7.18491,26274,1):ocfs2_symlink:1864 ERROR: status = -2 [ 1547.846287][T26274] (syz.7.18491,26274,1):ocfs2_symlink:2065 ERROR: status = -2 [ 1547.859606][T26338] netlink: 212168 bytes leftover after parsing attributes in process `syz.5.18506'. [ 1548.031636][T26354] ocfs2: Unmounting device (7,7) on (node local) [ 1548.127759][T26350] netlink: 212168 bytes leftover after parsing attributes in process `syz.6.18518'. [ 1549.521438][T26379] loop5: detected capacity change from 0 to 32768 [ 1549.616092][T26379] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 1549.712699][T26379] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1549.758807][T26379] (syz.5.18519,26379,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=64 [ 1549.862508][T26379] (syz.5.18519,26379,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 1549.897676][T26379] (syz.5.18519,26379,0):ocfs2_symlink:1864 ERROR: status = -2 [ 1549.941389][T26379] (syz.5.18519,26379,0):ocfs2_symlink:2065 ERROR: status = -2 [ 1550.095206][T18416] ocfs2: Unmounting device (7,5) on (node local) [ 1550.102609][T26443] block nbd6: NBD_DISCONNECT [ 1550.741564][T26477] netlink: 'syz.6.18548': attribute type 1 has an invalid length. [ 1550.784989][T26477] netlink: 112860 bytes leftover after parsing attributes in process `syz.6.18548'. [ 1551.380328][T26470] loop5: detected capacity change from 0 to 32768 [ 1551.415336][T26470] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.18538 (26470) [ 1551.449643][ T5332] usb 8-1: new high-speed USB device number 39 using dummy_hcd [ 1551.491715][T26470] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1551.534732][T26470] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 1551.551658][T26470] BTRFS info (device loop5): using free space tree [ 1551.650828][ T5332] usb 8-1: Using ep0 maxpacket: 8 [ 1551.656920][T26495] loop8: detected capacity change from 0 to 32768 [ 1551.671178][T26495] ocfs2: Slot 0 on device (7,8) was already allocated to this node! [ 1551.678847][ T5332] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1551.711201][ T5332] usb 8-1: config 4 interface 0 has no altsetting 0 [ 1551.718167][T26495] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode. [ 1551.736058][ T5332] usb 8-1: string descriptor 0 read error: -22 [ 1551.766148][ T5332] usb 8-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 1551.790422][T26495] (syz.8.18551,26495,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=64 [ 1551.800462][ T5332] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1551.847311][ T5332] usb 8-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 1551.862129][T26470] BTRFS info (device loop5): enabling ssd optimizations [ 1551.879976][ T5332] usb 8-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1551.914101][ T5332] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 1551.916460][T26495] (syz.8.18551,26495,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 1551.936518][ T5332] usb 8-1: media controller created [ 1551.958417][T26531] loop6: detected capacity change from 0 to 4096 [ 1551.995551][T26531] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 1552.016088][T26495] (syz.8.18551,26495,1):ocfs2_symlink:1864 ERROR: status = -2 [ 1552.017687][ T5332] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1552.076145][T26495] (syz.8.18551,26495,1):ocfs2_symlink:2065 ERROR: status = -2 [ 1552.271329][T10217] ocfs2: Unmounting device (7,8) on (node local) [ 1552.278298][T18416] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1552.385946][T25017] ntfs3: loop6: ntfs_sync_fs r=1a failed, -22. [ 1552.441202][T25017] ntfs3: loop6: ntfs_evict_inode r=1a failed, -22. [ 1552.477012][T11395] usb 8-1: USB disconnect, device number 39 [ 1552.486450][T25017] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 1552.652301][T26568] futex_wake_op: syz.6.18573 tries to shift op by 32; fix this program [ 1553.275241][T26598] netlink: 'syz.3.18569': attribute type 4 has an invalid length. [ 1553.293716][T26598] netlink: 'syz.3.18569': attribute type 3 has an invalid length. [ 1553.324085][T26598] netlink: 132 bytes leftover after parsing attributes in process `syz.3.18569'. [ 1553.579060][T26608] netlink: 212168 bytes leftover after parsing attributes in process `syz.3.18572'. [ 1553.850130][T26623] futex_wake_op: syz.3.18576 tries to shift op by 32; fix this program [ 1554.114682][T26588] loop5: detected capacity change from 0 to 32768 [ 1554.138924][T26628] loop6: detected capacity change from 0 to 4096 [ 1554.198335][T26628] ntfs: (device loop6): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1554.257118][T26631] loop7: detected capacity change from 0 to 4096 [ 1554.259679][T26628] ntfs: (device loop6): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1554.265890][T26631] ntfs3: loop7: Different NTFS' sector size (4096) and media sector size (512) [ 1554.307065][T26588] XFS (loop5): Mounting V5 Filesystem [ 1554.372929][T26588] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 1554.402048][T26628] ntfs: (device loop6): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1554.474981][T26631] ntfs3: loop7: failed to convert "c46c" to iso8859-7 [ 1554.483698][T26588] XFS (loop5): Starting recovery (logdev: internal) [ 1554.493488][T26628] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1554.564676][T26628] ntfs: (device loop6): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1554.587190][T26588] XFS (loop5): Ending recovery (logdev: internal) [ 1554.617131][T26628] ntfs: volume version 3.1. [ 1554.671550][T26628] ntfs: (device loop6): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 1554.719476][T26628] ntfs: (device loop6): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 1554.778521][T26659] loop3: detected capacity change from 0 to 4096 [ 1554.789714][T26628] ntfs: (device loop6): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 1554.815411][T26628] ntfs: (device loop6): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 1554.858834][T26659] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 1554.870389][T26628] ntfs: (device loop6): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 1554.886626][T18416] XFS (loop5): Unmounting Filesystem [ 1555.289214][ T4251] ntfs3: loop3: ntfs_sync_fs r=1a failed, -22. [ 1555.307781][ T4251] ntfs3: loop3: ntfs_evict_inode r=1a failed, -22. [ 1555.314386][ T4251] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1555.652543][T26704] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18604'. [ 1555.866221][T26712] netlink: 'syz.8.18594': attribute type 4 has an invalid length. [ 1555.905583][T26712] netlink: 'syz.8.18594': attribute type 3 has an invalid length. [ 1555.945828][T26712] netlink: 132 bytes leftover after parsing attributes in process `syz.8.18594'. [ 1556.014111][T26719] netlink: 'syz.5.18585': attribute type 32 has an invalid length. [ 1556.425421][T26743] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1556.429822][T26741] netlink: 212168 bytes leftover after parsing attributes in process `syz.8.18602'. [ 1556.599048][T26750] loop3: detected capacity change from 0 to 256 [ 1556.628699][T26750] UBIFS error (pid: 26750): cannot open "ubifs", error -22 [ 1556.886516][T26765] netlink: 'syz.7.18612': attribute type 1 has an invalid length. [ 1556.942694][T26765] netlink: 112860 bytes leftover after parsing attributes in process `syz.7.18612'. [ 1557.243509][T26784] netlink: 'syz.7.18619': attribute type 2 has an invalid length. [ 1557.251387][T26784] netlink: 'syz.7.18619': attribute type 1 has an invalid length. [ 1557.300110][T26784] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18619'. [ 1557.588792][T26809] netlink: 212168 bytes leftover after parsing attributes in process `syz.7.18626'. [ 1557.951312][T26856] netlink: 212168 bytes leftover after parsing attributes in process `syz.7.18643'. [ 1558.236204][T11395] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 1558.423069][T26872] loop8: detected capacity change from 0 to 32768 [ 1558.431241][T26872] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 scanned by syz.8.18632 (26872) [ 1558.446674][T26872] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1558.460359][T26872] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm [ 1558.461097][T11395] usb 6-1: Using ep0 maxpacket: 8 [ 1558.469841][T26872] BTRFS info (device loop8): using free space tree [ 1558.477027][T11395] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1558.501271][T11395] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 1558.511564][T11395] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1558.527870][T11395] usb 6-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.01 [ 1558.537875][T11395] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1558.545906][T11395] usb 6-1: Product: syz [ 1558.550902][T11395] usb 6-1: Manufacturer: syz [ 1558.555530][T11395] usb 6-1: SerialNumber: syz [ 1558.562773][T11395] usb 6-1: config 0 descriptor?? [ 1558.571216][T11395] radioshark 6-1:0.0: Invalid radioSHARK device [ 1558.578548][T11395] radioshark: probe of 6-1:0.0 failed with error -22 [ 1558.585964][T11395] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 1558.599716][T11631] usb 8-1: new high-speed USB device number 40 using dummy_hcd [ 1558.630634][T26872] BTRFS info (device loop8): enabling ssd optimizations [ 1558.690815][T10217] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1558.802940][T11631] usb 8-1: Using ep0 maxpacket: 32 [ 1558.810128][T11631] usb 8-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 1558.835394][T11631] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1558.898082][T11395] usb 6-1: USB disconnect, device number 49 [ 1558.912742][T11631] usb 8-1: config 0 descriptor?? [ 1558.946275][T11631] gspca_main: sunplus-2.14.0 probing 041e:400b [ 1559.362632][T11631] gspca_sunplus: reg_w_riv err -71 [ 1559.372351][T11631] sunplus: probe of 8-1:0.0 failed with error -71 [ 1559.423008][T11631] usb 8-1: USB disconnect, device number 40 [ 1559.486373][T26950] loop6: detected capacity change from 0 to 128 [ 1559.552989][T26950] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 1559.604157][T26962] netlink: 1 bytes leftover after parsing attributes in process `syz.3.18660'. [ 1559.630087][T26963] netlink: 8 bytes leftover after parsing attributes in process `syz.8.18649'. [ 1559.764481][T25000] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 1559.812470][T26972] loop3: detected capacity change from 0 to 512 [ 1559.856234][T26972] EXT4-fs: inline encryption not supported [ 1559.944347][T26972] EXT4-fs (loop3): 1 truncate cleaned up [ 1559.953543][T26972] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1559.985266][T26988] netlink: 'syz.8.18655': attribute type 10 has an invalid length. [ 1560.094270][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 1560.094283][ T26] audit: type=1326 audit(1466.745:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26990 comm="syz.6.18657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f515678e929 code=0x7ffc0000 [ 1560.216364][T26988] device veth0_vlan left promiscuous mode [ 1560.220525][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 1560.229686][ T26] audit: type=1326 audit(1466.801:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26990 comm="syz.6.18657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f515678e929 code=0x7ffc0000 [ 1560.297652][ T26] audit: type=1326 audit(1466.801:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26990 comm="syz.6.18657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f515678e929 code=0x7ffc0000 [ 1560.325242][T26988] device veth0_vlan entered promiscuous mode [ 1560.411574][T27003] loop6: detected capacity change from 0 to 256 [ 1560.420449][T26988] team0: Device veth0_vlan failed to register rx_handler [ 1560.507098][T27003] FAT-fs (loop6): Directory bread(block 64) failed [ 1560.516062][T27003] FAT-fs (loop6): Directory bread(block 65) failed [ 1560.526984][T26997] loop5: detected capacity change from 0 to 4096 [ 1560.550478][T27003] FAT-fs (loop6): Directory bread(block 66) failed [ 1560.572074][T27003] FAT-fs (loop6): Directory bread(block 67) failed [ 1560.609594][T27003] FAT-fs (loop6): Directory bread(block 68) failed [ 1560.631071][T27003] FAT-fs (loop6): Directory bread(block 69) failed [ 1560.637717][T27003] FAT-fs (loop6): Directory bread(block 70) failed [ 1560.666256][T27003] FAT-fs (loop6): Directory bread(block 71) failed [ 1560.696246][T27003] FAT-fs (loop6): Directory bread(block 72) failed [ 1560.724579][T27003] FAT-fs (loop6): Directory bread(block 73) failed [ 1560.749402][T26997] ntfs: volume version 3.1. [ 1560.948161][T27022] loop8: detected capacity change from 0 to 512 [ 1561.072056][T27022] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2 [ 1561.095197][T27031] loop7: detected capacity change from 0 to 256 [ 1561.140925][T27022] EXT4-fs (loop8): 1 truncate cleaned up [ 1561.169389][T27029] loop6: detected capacity change from 0 to 2048 [ 1561.186111][T27022] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 1561.239964][T27029] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1561.259792][T27023] loop3: detected capacity change from 0 to 4096 [ 1561.295673][T27022] EXT4-fs error (device loop8): ext4_append:79: inode #2: comm syz.8.18667: Logical block already allocated [ 1561.338462][T27023] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1561.396525][T27023] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1561.443448][T27022] EXT4-fs (loop8): Remounting filesystem read-only [ 1561.496957][T27023] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1561.541788][T27023] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1561.615719][T27023] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1561.657684][T27052] delete_channel: no stack [ 1561.661121][T27023] ntfs: volume version 3.1. [ 1561.706008][T27023] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 1561.720165][T10217] EXT4-fs (loop8): unmounting filesystem. [ 1561.757543][T27023] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 1561.958099][T27068] netlink: 'syz.6.18676': attribute type 10 has an invalid length. [ 1562.205910][T27068] device veth0_vlan left promiscuous mode [ 1562.236318][T27068] device veth0_vlan entered promiscuous mode [ 1562.310829][T27068] team0: Device veth0_vlan failed to register rx_handler [ 1562.384958][T27090] binder: BC_ATTEMPT_ACQUIRE not supported [ 1562.394885][T27090] binder: 27085:27090 ioctl c0306201 200000000340 returned -22 [ 1562.571158][T27089] bridge0: port 1(bridge_slave_0) entered listening state [ 1562.849845][T27105] loop3: detected capacity change from 0 to 512 [ 1562.913378][T27105] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1562.938959][T27105] EXT4-fs (loop3): 1 truncate cleaned up [ 1562.944854][T27105] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1562.973559][T27105] EXT4-fs error (device loop3): ext4_append:79: inode #2: comm syz.3.18688: Logical block already allocated [ 1562.990437][T27105] EXT4-fs (loop3): Remounting filesystem read-only [ 1563.046658][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 1563.223524][T27084] loop7: detected capacity change from 0 to 32768 [ 1563.409139][T27084] XFS (loop7): Mounting V5 Filesystem [ 1563.514170][T27093] loop5: detected capacity change from 0 to 32768 [ 1563.546704][T27084] XFS (loop7): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 1563.589714][T27145] loop6: detected capacity change from 0 to 4096 [ 1563.605013][T27145] ntfs3: loop6: Different NTFS' sector size (2048) and media sector size (512) [ 1563.626271][T27145] ntfs3: loop6: Failed to load $Extend. [ 1563.653090][T27084] XFS (loop7): Starting recovery (logdev: internal) [ 1563.658136][T27145] ntfs3: loop6: ino=5, "/" directory corrupted [ 1563.700047][T11631] usb 9-1: new high-speed USB device number 14 using dummy_hcd [ 1563.743855][T27084] XFS (loop7): Ending recovery (logdev: internal) [ 1563.891550][T11631] usb 9-1: Using ep0 maxpacket: 8 [ 1563.898365][T11631] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1563.923728][T11631] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 1563.969997][T27158] netlink: 'syz.3.18700': attribute type 10 has an invalid length. [ 1563.977948][T11631] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1563.980664][T11631] usb 9-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.01 [ 1564.004828][T26354] XFS (loop7): Unmounting Filesystem [ 1564.021338][T27160] loop5: detected capacity change from 0 to 256 [ 1564.083559][T11631] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1564.104930][T27160] UBIFS error (pid: 27160): cannot open "ubifs", error -22 [ 1564.124795][T11631] usb 9-1: Product: syz [ 1564.152876][T27158] team0: Device veth0_vlan is already a lower device of the team interface [ 1564.166040][T11631] usb 9-1: Manufacturer: syz [ 1564.200523][T11631] usb 9-1: SerialNumber: syz [ 1564.222135][T11631] usb 9-1: config 0 descriptor?? [ 1564.256487][T11631] radioshark 9-1:0.0: Invalid radioSHARK device [ 1564.271437][T11631] radioshark: probe of 9-1:0.0 failed with error -22 [ 1564.280387][T11631] usbhid 9-1:0.0: couldn't find an input interrupt endpoint [ 1564.483073][T27180] loop5: detected capacity change from 0 to 512 [ 1564.509815][T27180] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1564.553250][T11395] usb 9-1: USB disconnect, device number 14 [ 1564.682289][T27180] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1564.691420][T27199] netlink: 'syz.6.18708': attribute type 2 has an invalid length. [ 1564.714763][T27199] netlink: 'syz.6.18708': attribute type 1 has an invalid length. [ 1564.759245][T27199] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18708'. [ 1564.762676][T27202] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 1564.830637][T18416] EXT4-fs (loop5): unmounting filesystem. [ 1564.936151][T27206] loop7: detected capacity change from 0 to 512 [ 1565.006847][T27211] xt_l2tp: v2 doesn't support IP mode [ 1565.016805][T27206] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2 [ 1565.070354][T27206] EXT4-fs (loop7): 1 truncate cleaned up [ 1565.076071][T27206] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 1565.107231][T27216] loop3: detected capacity change from 0 to 4096 [ 1565.121229][T27216] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 1565.168332][T27216] ntfs3: loop3: Failed to load $Extend. [ 1565.192520][T27216] ntfs3: loop3: ino=5, "/" directory corrupted [ 1565.264767][T27206] EXT4-fs error (device loop7): ext4_append:79: inode #2: comm syz.7.18704: Logical block already allocated [ 1565.317046][T27206] EXT4-fs (loop7): Remounting filesystem read-only [ 1565.366639][T27225] loop6: detected capacity change from 0 to 512 [ 1565.428172][T27225] EXT4-fs: inline encryption not supported [ 1565.451956][T26354] EXT4-fs (loop7): unmounting filesystem. [ 1565.535679][T27225] EXT4-fs (loop6): 1 truncate cleaned up [ 1565.562282][T27225] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1565.620405][T27240] x_tables: unsorted entry at hook 2 [ 1565.636446][T25017] EXT4-fs (loop6): unmounting filesystem. [ 1565.698384][T27248] xt_TCPMSS: Only works on TCP SYN packets [ 1565.759258][T27250] loop5: detected capacity change from 0 to 2048 [ 1565.806173][T27255] netlink: 'syz.7.18718': attribute type 10 has an invalid length. [ 1565.832179][T27250] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1565.846344][T27255] device veth0_vlan left promiscuous mode [ 1565.915119][T27255] device veth0_vlan entered promiscuous mode [ 1565.985098][T27255] team0: Device veth0_vlan failed to register rx_handler [ 1566.086075][T27267] loop3: detected capacity change from 0 to 256 [ 1566.202316][T27267] FAT-fs (loop3): Directory bread(block 64) failed [ 1566.208940][T27267] FAT-fs (loop3): Directory bread(block 65) failed [ 1566.294965][T27267] FAT-fs (loop3): Directory bread(block 66) failed [ 1566.313728][T27267] FAT-fs (loop3): Directory bread(block 67) failed [ 1566.316215][T27279] netlink: set zone limit has 4 unknown bytes [ 1566.330124][T27267] FAT-fs (loop3): Directory bread(block 68) failed [ 1566.347557][T27267] FAT-fs (loop3): Directory bread(block 69) failed [ 1566.360292][T27267] FAT-fs (loop3): Directory bread(block 70) failed [ 1566.388320][T27267] FAT-fs (loop3): Directory bread(block 71) failed [ 1566.395508][T27267] FAT-fs (loop3): Directory bread(block 72) failed [ 1566.402132][T27267] FAT-fs (loop3): Directory bread(block 73) failed [ 1566.713043][T27296] netlink: 16 bytes leftover after parsing attributes in process `syz.7.18732'. [ 1566.763988][T27296] netlink: 16 bytes leftover after parsing attributes in process `syz.7.18732'. [ 1566.966248][T27308] loop5: detected capacity change from 0 to 256 [ 1566.972838][T27309] netlink: 16 bytes leftover after parsing attributes in process `syz.3.18737'. [ 1567.019699][T27303] loop8: detected capacity change from 0 to 8192 [ 1567.097640][T27303] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1567.216403][T27303] REISERFS (device loop8): found reiserfs format "3.6" with non-standard journal [ 1567.225690][T27303] REISERFS (device loop8): using ordered data mode [ 1567.291298][T27303] reiserfs: using flush barriers [ 1567.323574][T27303] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1567.355860][T27303] REISERFS (device loop8): checking transaction log (loop8) [ 1567.365545][T27328] blktrace: Concurrent blktraces are not allowed on sg0 [ 1567.514968][T27284] loop6: detected capacity change from 0 to 32768 [ 1567.616737][T27341] overlayfs: missing 'workdir' [ 1567.641202][T27303] REISERFS (device loop8): Using tea hash to sort names [ 1567.648861][T27303] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage. [ 1567.687839][T27284] XFS (loop6): Mounting V5 Filesystem [ 1567.920359][T27284] XFS (loop6): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 1567.946218][T27361] IPv6: Can't replace route, no match found [ 1568.008185][T27284] XFS (loop6): Starting recovery (logdev: internal) [ 1568.179003][T27284] XFS (loop6): Ending recovery (logdev: internal) [ 1568.257508][T27378] loop5: detected capacity change from 0 to 64 [ 1568.424169][T25017] XFS (loop6): Unmounting Filesystem [ 1568.745030][T11395] usb 9-1: new high-speed USB device number 15 using dummy_hcd [ 1568.957093][T27418] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1568.971425][T11395] usb 9-1: config 0 has an invalid interface number: 122 but max is 0 [ 1568.993481][T11395] usb 9-1: config 0 has no interface number 0 [ 1569.014513][T11395] usb 9-1: config 0 interface 122 has no altsetting 0 [ 1569.035430][T11395] usb 9-1: New USB device found, idVendor=13d3, idProduct=3219, bcdDevice=7a.67 [ 1569.060911][T11395] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1569.087780][T11395] usb 9-1: Product: syz [ 1569.112267][T11395] usb 9-1: Manufacturer: syz [ 1569.123011][T11395] usb 9-1: SerialNumber: syz [ 1569.140031][T11395] usb 9-1: config 0 descriptor?? [ 1569.416427][T27432] loop6: detected capacity change from 0 to 8192 [ 1569.437638][T27432] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1569.450922][T27432] REISERFS (device loop6): found reiserfs format "3.6" with non-standard journal [ 1569.460206][T27432] REISERFS (device loop6): using ordered data mode [ 1569.467358][T27432] reiserfs: using flush barriers [ 1569.475064][T27432] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1569.500031][T27432] REISERFS (device loop6): checking transaction log (loop6) [ 1569.595995][T11395] usb 9-1: USB disconnect, device number 15 [ 1569.611393][T11395] dvb-usb: generic DVB-USB module successfully deinitialized and disconnected. [ 1569.655960][T27432] REISERFS (device loop6): Using tea hash to sort names [ 1569.674202][T27432] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage. [ 1569.679427][T27458] xt_l2tp: v2 doesn't support IP mode [ 1570.014725][ T26] kauditd_printk_skb: 9 callbacks suppressed [ 1570.014740][ T26] audit: type=1326 audit(1476.033:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27468 comm="syz.7.18780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1570.086452][T27475] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1570.151095][ T26] audit: type=1326 audit(1476.071:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27468 comm="syz.7.18780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1570.263282][ T26] audit: type=1326 audit(1476.071:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27468 comm="syz.7.18780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1570.293512][T27484] loop6: detected capacity change from 0 to 512 [ 1570.300362][T27485] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18783'. [ 1570.319045][T27484] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1570.376571][T27492] netlink: 'syz.8.18785': attribute type 10 has an invalid length. [ 1570.390241][ T26] audit: type=1326 audit(1476.071:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27468 comm="syz.7.18780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1570.426351][T27492] device veth0_vlan left promiscuous mode [ 1570.445162][T27492] device veth0_vlan entered promiscuous mode [ 1570.457743][T27492] team0: Device veth0_vlan failed to register rx_handler [ 1570.466433][T27484] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1570.501375][ T26] audit: type=1326 audit(1476.071:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27468 comm="syz.7.18780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1570.613389][T27502] netlink: set zone limit has 4 unknown bytes [ 1570.639767][T27505] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18788'. [ 1570.793099][T25017] EXT4-fs (loop6): unmounting filesystem. [ 1570.895280][ T26] audit: type=1326 audit(1476.856:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27517 comm="syz.3.18793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a4358e929 code=0x7ffc0000 [ 1571.027477][ T26] audit: type=1326 audit(1476.875:3590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27517 comm="syz.3.18793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7f7a4358e929 code=0x7ffc0000 [ 1571.091715][T27530] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1571.101303][T27531] netlink: 104 bytes leftover after parsing attributes in process `syz.5.18806'. [ 1571.118474][ T26] audit: type=1326 audit(1476.875:3591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27517 comm="syz.3.18793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a4358e929 code=0x7ffc0000 [ 1571.188820][ T26] audit: type=1326 audit(1476.875:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27517 comm="syz.3.18793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a4358e929 code=0x7ffc0000 [ 1571.392236][T27546] netlink: 8 bytes leftover after parsing attributes in process `syz.8.18798'. [ 1571.469635][T27550] overlayfs: missing 'workdir' [ 1571.815959][T27574] netlink: 4 bytes leftover after parsing attributes in process `syz.6.18807'. [ 1571.863880][T27581] netlink: 4 bytes leftover after parsing attributes in process `syz.7.18821'. [ 1571.890853][T27583] IPv6: Can't replace route, no match found [ 1572.215737][T27603] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18817'. [ 1572.281807][T27609] loop7: detected capacity change from 0 to 64 [ 1572.393871][T27615] xt_TCPMSS: Only works on TCP SYN packets [ 1572.575886][T27627] program syz.8.18824 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1572.882577][T27650] IPv6: Can't replace route, no match found [ 1573.326198][T27677] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1573.410504][T27681] netlink: 16 bytes leftover after parsing attributes in process `syz.7.18843'. [ 1573.459604][T27681] netlink: 12 bytes leftover after parsing attributes in process `syz.7.18843'. [ 1573.929592][T27716] netlink: 'syz.3.18853': attribute type 10 has an invalid length. [ 1573.959440][T27716] team0: Device veth0_vlan is already a lower device of the team interface [ 1574.190298][T27732] netlink: 24 bytes leftover after parsing attributes in process `syz.3.18869'. [ 1574.238439][T27732] netlink: 24 bytes leftover after parsing attributes in process `syz.3.18869'. [ 1574.264327][T27734] netlink: 'syz.7.18860': attribute type 10 has an invalid length. [ 1574.300279][T27734] netlink: 40 bytes leftover after parsing attributes in process `syz.7.18860'. [ 1574.316132][T27734] device  entered promiscuous mode [ 1574.359199][T27734] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check. [ 1574.710064][T27762] netlink: 104 bytes leftover after parsing attributes in process `syz.8.18868'. [ 1575.705030][T27821] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1576.359810][T27852] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 1576.667616][T27869] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1576.918440][T27885] loop6: detected capacity change from 0 to 512 [ 1576.984136][T27878] loop5: detected capacity change from 0 to 4096 [ 1577.059038][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 1577.102571][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 1577.143139][T27885] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1577.169547][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 1577.207734][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 1577.259046][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffc1c00 [ 1577.286782][T27885] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.18911: bg 0: block 18: invalid block bitmap [ 1577.302377][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffc2c00 [ 1577.329578][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffc4c00 [ 1577.363434][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffc8c00 [ 1577.371775][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffd0c00 [ 1577.372762][T27885] Quota error (device loop6): write_blk: dquota write failed [ 1577.401965][T27878] ntfs3: loop5: try to read out of volume at offset 0x3fffffe0c00 [ 1577.436527][ T4299] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 1577.448199][T27885] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 1577.479370][T27885] EXT4-fs error (device loop6): ext4_acquire_dquot:6814: comm syz.6.18911: Failed to acquire dquot type 1 [ 1577.652545][ T4299] usb 4-1: Using ep0 maxpacket: 16 [ 1577.679196][ T4299] usb 4-1: config 0 has an invalid interface number: 99 but max is 0 [ 1577.694683][ T4299] usb 4-1: config 0 has no interface number 0 [ 1577.706448][ T4299] usb 4-1: config 0 interface 99 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 1577.746307][ T4299] usb 4-1: config 0 interface 99 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 1577.799316][ T4299] usb 4-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=63.0c [ 1577.820931][T25017] EXT4-fs (loop6): unmounting filesystem. [ 1577.844744][ T4299] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1577.863853][ T4299] usb 4-1: Product: syz [ 1577.871250][ T4299] usb 4-1: Manufacturer: syz [ 1577.888442][ T4299] usb 4-1: SerialNumber: syz [ 1577.903267][ T4299] usb 4-1: config 0 descriptor?? [ 1577.914001][T27901] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1577.935791][T27901] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1577.946283][ T4299] usbtest 4-1:0.99: usb test device [ 1577.989895][ T4299] usbtest 4-1:0.99: high-speed {control in/out bulk-in bulk-out} tests (+alt) [ 1578.211930][ T5333] usb 4-1: USB disconnect, device number 27 [ 1578.298818][T27957] program syz.7.18926 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1578.760662][T27976] loop6: detected capacity change from 0 to 4096 [ 1578.802100][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffc0c00 [ 1578.830994][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffc0c00 [ 1578.893057][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffc0c00 [ 1578.900966][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffc0c00 [ 1578.940106][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffc1c00 [ 1578.999843][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffc2c00 [ 1579.026850][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffc4c00 [ 1579.044850][T27994] loop3: detected capacity change from 0 to 2048 [ 1579.054362][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffc8c00 [ 1579.082400][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffd0c00 [ 1579.094475][T28001] program syz.8.18941 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1579.133505][T27994] Alternate GPT is invalid, using primary GPT. [ 1579.147297][T27976] ntfs3: loop6: try to read out of volume at offset 0x3fffffe0c00 [ 1579.168612][T27994] loop3: p2 p3 p7 [ 1579.651110][ T4407] udevd[4407]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 1579.662711][ T4331] udevd[4331]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 1579.695759][ T4408] udevd[4408]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 1579.782730][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 1579.789115][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 1579.914411][T28045] loop3: detected capacity change from 0 to 512 [ 1580.005735][T28045] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1580.019895][T28049] loop7: detected capacity change from 0 to 2048 [ 1580.093939][T28049] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1580.197469][T28049] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1580.214025][T28045] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.18949: bg 0: block 18: invalid block bitmap [ 1580.292246][T28045] Quota error (device loop3): write_blk: dquota write failed [ 1580.334414][T28045] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1580.359738][T28045] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.18949: Failed to acquire dquot type 1 [ 1580.491844][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 1581.075569][T28123] loop3: detected capacity change from 0 to 2048 [ 1581.116397][T28123] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1581.164206][T28123] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1581.181472][T28131] loop7: detected capacity change from 0 to 512 [ 1581.188987][T11631] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 1581.244938][T28131] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 1581.313475][T28139] loop6: detected capacity change from 0 to 2048 [ 1581.385119][T28131] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.18973: bg 0: block 18: invalid block bitmap [ 1581.398480][T28139] Alternate GPT is invalid, using primary GPT. [ 1581.405137][T11631] usb 6-1: Using ep0 maxpacket: 16 [ 1581.412174][T28139] loop6: p2 p3 p7 [ 1581.418743][T11631] usb 6-1: config 0 has an invalid interface number: 99 but max is 0 [ 1581.431694][T11631] usb 6-1: config 0 has no interface number 0 [ 1581.457879][T11631] usb 6-1: config 0 interface 99 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 1581.471230][T28131] Quota error (device loop7): write_blk: dquota write failed [ 1581.506730][T11631] usb 6-1: config 0 interface 99 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 1581.508520][T28131] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 1581.565267][T11631] usb 6-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=63.0c [ 1581.618914][T28131] EXT4-fs error (device loop7): ext4_acquire_dquot:6814: comm syz.7.18973: Failed to acquire dquot type 1 [ 1581.648599][T11631] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1581.699574][T11631] usb 6-1: Product: syz [ 1581.712810][T11631] usb 6-1: Manufacturer: syz [ 1581.754905][T11631] usb 6-1: SerialNumber: syz [ 1581.797135][T11631] usb 6-1: config 0 descriptor?? [ 1581.820609][T28108] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1581.828224][T28108] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1581.874337][T11631] usbtest 6-1:0.99: usb test device [ 1581.876463][T26354] EXT4-fs (loop7): unmounting filesystem. [ 1581.879583][T11631] usbtest 6-1:0.99: high-speed {control in/out bulk-in bulk-out} tests (+alt) [ 1581.936366][ T4407] udevd[4407]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory [ 1581.950709][ T4331] udevd[4331]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 1581.978783][ T4408] udevd[4408]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 1582.117863][T11631] usb 6-1: USB disconnect, device number 50 [ 1582.139003][T28186] netlink: 36 bytes leftover after parsing attributes in process `syz.3.18983'. [ 1582.203621][T28178] loop8: detected capacity change from 0 to 4096 [ 1582.238007][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffc0c00 [ 1582.263569][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffc0c00 [ 1582.295356][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffc0c00 [ 1582.337960][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffc0c00 [ 1582.351519][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffc1c00 [ 1582.370648][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffc2c00 [ 1582.375152][T28205] loop7: detected capacity change from 0 to 8 [ 1582.389815][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffc4c00 [ 1582.406242][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffc8c00 [ 1582.414775][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffd0c00 [ 1582.451336][T28178] ntfs3: loop8: try to read out of volume at offset 0x3fffffe0c00 [ 1582.478989][T28205] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 1582.846821][T28218] loop7: detected capacity change from 0 to 2048 [ 1582.889783][T28228] ip6t_srh: unknown srh invflags 7D00 [ 1582.934113][T28218] Alternate GPT is invalid, using primary GPT. [ 1582.940481][T28218] loop7: p2 p3 p7 [ 1583.384389][T28254] loop6: detected capacity change from 0 to 8 [ 1583.447084][T28254] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 1583.473339][ T5419] udevd[5419]: inotify_add_watch(7, /dev/loop7p2, 10) failed: No such file or directory [ 1583.478952][ T4408] udevd[4408]: inotify_add_watch(7, /dev/loop7p3, 10) failed: No such file or directory [ 1583.485495][ T4331] udevd[4331]: inotify_add_watch(7, /dev/loop7p7, 10) failed: No such file or directory [ 1583.705530][T28278] netlink: 'syz.6.19004': attribute type 8 has an invalid length. [ 1583.805178][T28275] loop3: detected capacity change from 0 to 4096 [ 1583.836485][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 1583.868245][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 1583.909016][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 1583.952189][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 1583.978088][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffc1c00 [ 1584.006130][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffc2c00 [ 1584.046872][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffc4c00 [ 1584.065753][T11395] usb 8-1: new high-speed USB device number 41 using dummy_hcd [ 1584.092164][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffc8c00 [ 1584.114475][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffd0c00 [ 1584.127236][T28275] ntfs3: loop3: try to read out of volume at offset 0x3fffffe0c00 [ 1584.213668][T28302] loop5: detected capacity change from 0 to 2048 [ 1584.268208][T11395] usb 8-1: Using ep0 maxpacket: 16 [ 1584.278218][T11395] usb 8-1: config 0 has an invalid interface number: 99 but max is 0 [ 1584.284573][T28302] Alternate GPT is invalid, using primary GPT. [ 1584.303329][T11395] usb 8-1: config 0 has no interface number 0 [ 1584.319261][T11395] usb 8-1: config 0 interface 99 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 1584.330180][T28302] loop5: p2 p3 p7 [ 1584.340072][T11395] usb 8-1: config 0 interface 99 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 1584.350575][T28306] ip6t_srh: unknown srh invflags 7D00 [ 1584.406513][T11395] usb 8-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=63.0c [ 1584.451966][T11395] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1584.502506][T11395] usb 8-1: Product: syz [ 1584.529886][T11395] usb 8-1: Manufacturer: syz [ 1584.568429][T11395] usb 8-1: SerialNumber: syz [ 1584.611144][T11395] usb 8-1: config 0 descriptor?? [ 1584.630855][T28280] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1584.653961][T28280] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1584.703362][T28326] netlink: 36 bytes leftover after parsing attributes in process `syz.6.19012'. [ 1584.715555][T11395] usbtest 8-1:0.99: usb test device [ 1584.726076][T11395] usbtest 8-1:0.99: high-speed {control in/out bulk-in bulk-out} tests (+alt) [ 1584.799740][ T4407] udevd[4407]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 1584.932116][T28343] loop8: detected capacity change from 0 to 8 [ 1584.953397][T28344] netlink: 20 bytes leftover after parsing attributes in process `syz.5.19017'. [ 1584.965101][T11395] usb 8-1: USB disconnect, device number 41 [ 1585.013868][T28343] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 1585.273238][T28371] netlink: 8 bytes leftover after parsing attributes in process `syz.6.19024'. [ 1585.322624][T28376] ip6t_srh: unknown srh invflags 7D00 [ 1585.436065][T28379] loop5: detected capacity change from 0 to 1764 [ 1585.602322][T28379] syz.5.19026: attempt to access beyond end of device [ 1585.602322][T28379] loop5: rw=524288, sector=1936, nr_sectors = 256 limit=1764 [ 1585.634383][T28379] syz.5.19026: attempt to access beyond end of device [ 1585.634383][T28379] loop5: rw=524288, sector=2192, nr_sectors = 256 limit=1764 [ 1585.722797][T28379] syz.5.19026: attempt to access beyond end of device [ 1585.722797][T28379] loop5: rw=0, sector=1936, nr_sectors = 8 limit=1764 [ 1585.741889][T28397] netlink: 20 bytes leftover after parsing attributes in process `syz.3.19032'. [ 1585.751611][ T26] audit: type=1800 audit(1490.738:3593): pid=28379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.19026" name="file0" dev="loop5" ino=1986 res=0 errno=0 [ 1585.781499][T28399] netlink: 798 bytes leftover after parsing attributes in process `syz.7.19031'. [ 1586.324511][T28420] loop5: detected capacity change from 0 to 4096 [ 1586.339462][T28420] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1586.665043][T28446] netlink: 20 bytes leftover after parsing attributes in process `syz.6.19047'. [ 1586.771776][T28452] loop8: detected capacity change from 0 to 1764 [ 1586.892811][T28452] syz.8.19048: attempt to access beyond end of device [ 1586.892811][T28452] loop8: rw=524288, sector=1936, nr_sectors = 256 limit=1764 [ 1586.973759][T28452] syz.8.19048: attempt to access beyond end of device [ 1586.973759][T28452] loop8: rw=524288, sector=2192, nr_sectors = 256 limit=1764 [ 1587.050123][T28469] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19053'. [ 1587.060252][T28452] syz.8.19048: attempt to access beyond end of device [ 1587.060252][T28452] loop8: rw=0, sector=1936, nr_sectors = 8 limit=1764 [ 1587.082831][ T26] audit: type=1800 audit(1492.001:3594): pid=28452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.19048" name="file0" dev="loop8" ino=1986 res=0 errno=0 [ 1587.687505][T28509] netlink: 798 bytes leftover after parsing attributes in process `syz.6.19064'. [ 1587.791348][T28510] loop8: detected capacity change from 0 to 4096 [ 1587.835688][T28510] ntfs3: loop8: Different NTFS' sector size (1024) and media sector size (512) [ 1588.008516][T28527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19071'. [ 1588.063291][T28510] ntfs3: loop8: ntfs3_write_inode r=1e failed, -22. [ 1588.228049][T10217] ntfs3: loop8: ntfs_evict_inode r=1e failed, -22. [ 1588.258739][T10217] ntfs3: loop8: Mark volume as dirty due to NTFS errors [ 1588.484280][ T26] audit: type=1326 audit(1493.310:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28552 comm="syz.3.19080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a4358e929 code=0x7ffc0000 [ 1588.574574][ T26] audit: type=1326 audit(1493.338:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28552 comm="syz.3.19080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f7a4358e929 code=0x7ffc0000 [ 1588.709580][ T26] audit: type=1326 audit(1493.338:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28552 comm="syz.3.19080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a4358e929 code=0x7ffc0000 [ 1588.731689][ C0] vkms_vblank_simulate: vblank timer overrun [ 1588.804946][ T26] audit: type=1326 audit(1493.338:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28552 comm="syz.3.19080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a4358e929 code=0x7ffc0000 [ 1588.845254][T28577] netlink: 8 bytes leftover after parsing attributes in process `syz.8.19085'. [ 1588.907910][T11466] usb 6-1: new high-speed USB device number 51 using dummy_hcd [ 1588.932770][ T26] audit: type=1326 audit(1493.591:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28573 comm="syz.6.19094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f515678e929 code=0x7ffc0000 [ 1589.060052][ T26] audit: type=1326 audit(1493.600:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28573 comm="syz.6.19094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f515678e929 code=0x7ffc0000 [ 1589.123598][T11466] usb 6-1: Using ep0 maxpacket: 8 [ 1589.141739][T11466] usb 6-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab [ 1589.170689][ T26] audit: type=1326 audit(1493.600:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28573 comm="syz.6.19094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f515678e929 code=0x7ffc0000 [ 1589.193245][T11466] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1589.206294][T28598] loop3: detected capacity change from 0 to 4096 [ 1589.225583][T11466] usb 6-1: Product: syz [ 1589.230282][T11466] usb 6-1: Manufacturer: syz [ 1589.235071][T11466] usb 6-1: SerialNumber: syz [ 1589.252202][T28598] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 1589.262014][ T26] audit: type=1326 audit(1493.609:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28573 comm="syz.6.19094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f515678e929 code=0x7ffc0000 [ 1589.283994][ C0] vkms_vblank_simulate: vblank timer overrun [ 1589.299824][T11466] usb 6-1: config 0 descriptor?? [ 1589.353102][T28598] ntfs3: loop3: ntfs3_write_inode r=1e failed, -22. [ 1589.458052][ T4251] ntfs3: loop3: ntfs_evict_inode r=1e failed, -22. [ 1589.503946][ T4251] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1589.737161][T28626] netlink: 20 bytes leftover after parsing attributes in process `syz.8.19096'. [ 1589.912261][T11466] usb 6-1: USB disconnect, device number 51 [ 1590.093204][T28656] loop3: detected capacity change from 0 to 1024 [ 1590.143756][T28656] EXT4-fs: inline encryption not supported [ 1590.172754][T28656] EXT4-fs: Ignoring removed i_version option [ 1590.221157][T28607] loop6: detected capacity change from 0 to 32768 [ 1590.265076][T28656] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 2: comm syz.3.19110: lblock 2 mapped to illegal pblock 2 (length 1) [ 1590.286643][T28656] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 48: comm syz.3.19110: lblock 0 mapped to illegal pblock 48 (length 1) [ 1590.303627][T28673] loop7: detected capacity change from 0 to 1764 [ 1590.312355][T28656] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.19110: Failed to acquire dquot type 0 [ 1590.328178][T28656] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 1590.350776][T28656] EXT4-fs error (device loop3): ext4_evict_inode:279: inode #11: comm syz.3.19110: mark_inode_dirty error [ 1590.381295][T28656] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 1590.420360][T28656] EXT4-fs (loop3): 1 orphan inode deleted [ 1590.436595][ T4304] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1) [ 1590.440944][T28673] syz.7.19101: attempt to access beyond end of device [ 1590.440944][T28673] loop7: rw=524288, sector=1936, nr_sectors = 256 limit=1764 [ 1590.489927][T28656] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1590.523779][ T4304] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:5: Failed to release dquot type 0 [ 1590.590686][T28673] syz.7.19101: attempt to access beyond end of device [ 1590.590686][T28673] loop7: rw=524288, sector=2192, nr_sectors = 256 limit=1764 [ 1590.609139][T28656] EXT4-fs (loop3): unmounting filesystem. [ 1590.646510][T28656] EXT4-fs error (device loop3): __ext4_get_inode_loc:4507: comm syz.3.19110: Invalid inode table block 1 in block_group 0 [ 1590.661447][T28673] syz.7.19101: attempt to access beyond end of device [ 1590.661447][T28673] loop7: rw=0, sector=1936, nr_sectors = 8 limit=1764 [ 1590.717835][T28656] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 1590.743976][T28656] EXT4-fs error (device loop3): ext4_quota_off:7120: inode #3: comm syz.3.19110: mark_inode_dirty error [ 1590.793712][T28689] loop8: detected capacity change from 0 to 128 [ 1590.979321][T28686] loop5: detected capacity change from 0 to 4096 [ 1591.007590][T28686] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 1591.202170][T28686] ntfs3: loop5: ntfs3_write_inode r=1e failed, -22. [ 1591.263179][T28711] netlink: 196 bytes leftover after parsing attributes in process `syz.8.19109'. [ 1591.332216][T28711] netlink: 196 bytes leftover after parsing attributes in process `syz.8.19109'. [ 1591.361200][T28711] netlink: 19 bytes leftover after parsing attributes in process `syz.8.19109'. [ 1591.378868][T18416] ntfs3: loop5: ntfs_evict_inode r=1e failed, -22. [ 1591.385422][T18416] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1591.862236][T28731] loop3: detected capacity change from 0 to 4096 [ 1591.889279][T28731] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 1591.986522][T11467] usb 7-1: new high-speed USB device number 46 using dummy_hcd [ 1592.039157][T28749] loop7: detected capacity change from 0 to 1024 [ 1592.069834][T28731] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1592.086453][T28749] EXT4-fs: inline encryption not supported [ 1592.125714][T28731] ntfs3: loop3: ino=1b, "file0" attr_set_size [ 1592.136162][T28749] EXT4-fs: Ignoring removed i_version option [ 1592.151341][T28742] loop8: detected capacity change from 0 to 8192 [ 1592.200353][T11467] usb 7-1: Using ep0 maxpacket: 8 [ 1592.218758][T11467] usb 7-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab [ 1592.253187][T28749] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #3: block 2: comm syz.7.19122: lblock 2 mapped to illegal pblock 2 (length 1) [ 1592.275033][T28742] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1592.307354][T28749] __quota_error: 10 callbacks suppressed [ 1592.307367][T28749] Quota error (device loop7): qtree_write_dquot: dquota write failed [ 1592.307366][T11467] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1592.313041][T28749] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #3: block 48: comm syz.7.19122: lblock 0 mapped to illegal pblock 48 (length 1) [ 1592.334444][T28742] REISERFS (device loop8): found reiserfs format "3.5" with non-standard journal [ 1592.369432][T28760] netlink: 20 bytes leftover after parsing attributes in process `syz.5.19124'. [ 1592.377841][T11467] usb 7-1: Product: syz [ 1592.384209][T28749] Quota error (device loop7): v2_write_file_info: Can't write info structure [ 1592.394080][T11467] usb 7-1: Manufacturer: syz [ 1592.395373][T28749] EXT4-fs error (device loop7): ext4_acquire_dquot:6814: comm syz.7.19122: Failed to acquire dquot type 0 [ 1592.409639][T11467] usb 7-1: SerialNumber: syz [ 1592.410581][T28742] REISERFS (device loop8): using ordered data mode [ 1592.421852][T28742] reiserfs: using flush barriers [ 1592.426967][T28749] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 1592.438214][T28742] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1592.455433][T28749] EXT4-fs error (device loop7): ext4_evict_inode:279: inode #11: comm syz.7.19122: mark_inode_dirty error [ 1592.456670][T11467] usb 7-1: config 0 descriptor?? [ 1592.472582][T28742] REISERFS (device loop8): checking transaction log (loop8) [ 1592.482003][T28742] REISERFS (device loop8): Using r5 hash to sort names [ 1592.489007][T28749] EXT4-fs warning (device loop7): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 1592.504495][ T4251] ntfs3: loop3: ntfs_sync_fs r=1a failed, -22. [ 1592.506272][T28749] EXT4-fs (loop7): 1 orphan inode deleted [ 1592.517906][T28742] REISERFS (device loop8): using 3.5.x disk format [ 1592.520051][ T4251] ntfs3: loop3: ntfs_evict_inode r=1a failed, -22. [ 1592.541967][T28742] REISERFS warning (device loop8): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are! [ 1592.570957][T28749] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 1592.583788][ T9] EXT4-fs error (device loop7): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 1592.613944][T28742] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage. [ 1592.650530][ T9] Quota error (device loop7): remove_tree: Can't read quota data block 1 [ 1592.702943][ T9] EXT4-fs error (device loop7): ext4_release_dquot:6850: comm kworker/u4:0: Failed to release dquot type 0 [ 1592.758053][T28749] EXT4-fs (loop7): unmounting filesystem. [ 1592.790425][T28749] EXT4-fs error (device loop7): __ext4_get_inode_loc:4507: comm syz.7.19122: Invalid inode table block 1 in block_group 0 [ 1592.828195][T28749] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 1592.844078][T28749] EXT4-fs error (device loop7): ext4_quota_off:7120: inode #3: comm syz.7.19122: mark_inode_dirty error [ 1593.082012][T11467] usb 7-1: USB disconnect, device number 46 [ 1593.498364][ T5419] udevd[5419]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1593.531782][T28776] loop3: detected capacity change from 0 to 32768 [ 1593.601778][T28776] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.19126 (28776) [ 1593.669115][T28776] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1593.708948][T28776] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 1593.762067][T28776] BTRFS info (device loop3): force clearing of disk cache [ 1593.770349][T28776] BTRFS info (device loop3): force zlib compression, level 3 [ 1593.804185][T28776] BTRFS info (device loop3): enabling auto defrag [ 1593.810868][T28776] BTRFS info (device loop3): max_inline at 0 [ 1593.826043][T28776] BTRFS info (device loop3): enabling disk space caching [ 1593.849099][T28776] BTRFS info (device loop3): disk space caching is enabled [ 1593.951221][T28828] loop7: detected capacity change from 0 to 4096 [ 1594.106833][T28828] ntfs3: loop7: Different NTFS' sector size (4096) and media sector size (512) [ 1594.118194][T28853] netlink: 20 bytes leftover after parsing attributes in process `syz.6.19137'. [ 1594.149871][T28776] BTRFS info (device loop3): enabling ssd optimizations [ 1594.167859][T28776] BTRFS info (device loop3): rebuilding free space tree [ 1594.209299][T28828] ntfs3: loop7: Mark volume as dirty due to NTFS errors [ 1594.223475][T28776] BTRFS info (device loop3): disabling free space tree [ 1594.230451][T28776] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1594.249863][T28828] ntfs3: loop7: Failed to load $Extend. [ 1594.289638][T28776] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1594.605060][ T4251] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1594.876262][ T4408] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 11 /dev/loop3 scanned by udevd (4408) [ 1595.281170][T28905] libceph: resolve '. [ 1595.281170][T28905] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 1595.281170][T28905] ' (ret=-3): failed [ 1595.392340][T28913] netlink: 'syz.5.19151': attribute type 1 has an invalid length. [ 1595.434480][T28913] netlink: 224 bytes leftover after parsing attributes in process `syz.5.19151'. [ 1595.597431][T14417] usb 8-1: new high-speed USB device number 42 using dummy_hcd [ 1595.813809][T14417] usb 8-1: Using ep0 maxpacket: 8 [ 1595.823028][T14417] usb 8-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab [ 1595.875559][T14417] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1595.908961][T14417] usb 8-1: Product: syz [ 1595.936230][T14417] usb 8-1: Manufacturer: syz [ 1595.965340][T14417] usb 8-1: SerialNumber: syz [ 1595.978711][T14417] usb 8-1: config 0 descriptor?? [ 1596.156753][T28953] loop5: detected capacity change from 0 to 2048 [ 1596.285643][T28953] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1596.392708][T28973] netlink: 'syz.3.19169': attribute type 1 has an invalid length. [ 1596.400622][T28973] netlink: 224 bytes leftover after parsing attributes in process `syz.3.19169'. [ 1596.521590][T14417] usb 8-1: USB disconnect, device number 42 [ 1596.712759][T18416] EXT4-fs (loop5): unmounting filesystem. [ 1596.721916][T28996] netlink: 'syz.8.19182': attribute type 1 has an invalid length. [ 1596.741012][T28996] netlink: 224 bytes leftover after parsing attributes in process `syz.8.19182'. [ 1596.827986][T28979] loop6: detected capacity change from 0 to 8192 [ 1596.864652][T28979] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1596.916280][ T5419] udevd[5419]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1596.924401][T28979] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal [ 1597.012711][T28979] REISERFS (device loop6): using ordered data mode [ 1597.019300][T28979] reiserfs: using flush barriers [ 1597.066056][T28979] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1597.192549][T28979] REISERFS (device loop6): checking transaction log (loop6) [ 1597.238128][T28979] REISERFS (device loop6): Using r5 hash to sort names [ 1597.245070][T28979] REISERFS (device loop6): using 3.5.x disk format [ 1597.279492][T29015] loop3: detected capacity change from 0 to 4096 [ 1597.294275][T29015] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 1597.321326][T28979] REISERFS warning (device loop6): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are! [ 1597.369012][T29015] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1597.403999][T28979] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage. [ 1597.413927][T29015] ntfs3: loop3: Failed to load $Extend. [ 1597.554997][T29030] loop5: detected capacity change from 0 to 1764 [ 1597.786059][T29041] loop3: detected capacity change from 0 to 2048 [ 1597.880089][T29041] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1598.045562][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 1598.099551][T29061] dlm: non-version read from control device 0 [ 1598.104589][T29066] netlink: 20 bytes leftover after parsing attributes in process `syz.7.19189'. [ 1598.480340][T29097] IPv6: addrconf: prefix option has invalid lifetime [ 1598.537637][T29097] IPv6: addrconf: prefix option has invalid lifetime [ 1598.808433][T29118] IPv6: addrconf: prefix option has invalid lifetime [ 1598.865898][T29118] IPv6: addrconf: prefix option has invalid lifetime [ 1598.918376][T29125] loop8: detected capacity change from 0 to 2048 [ 1599.026754][T29125] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 1599.128329][T10217] EXT4-fs (loop8): unmounting filesystem. [ 1599.309177][T29150] netlink: 20 bytes leftover after parsing attributes in process `syz.3.19208'. [ 1600.335029][T29169] netlink: 'syz.8.19212': attribute type 18 has an invalid length. [ 1600.827422][T29202] netlink: 60 bytes leftover after parsing attributes in process `syz.7.19227'. [ 1601.158306][T29223] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1601.177030][T29223] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1601.201561][T29223] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1601.215747][T29227] loop6: detected capacity change from 0 to 1764 [ 1601.222404][T29223] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1601.305301][T29224] netlink: 'syz.7.19235': attribute type 10 has an invalid length. [ 1601.340766][T29224] netlink: 40 bytes leftover after parsing attributes in process `syz.7.19235'. [ 1601.371509][T29224] device  left promiscuous mode [ 1601.402136][T29224] batman_adv: batadv0: Adding interface:  [ 1601.426789][T29224] batman_adv: batadv0: The MTU of interface  is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1601.496807][T29224] batman_adv: batadv0: Interface activated:  [ 1601.653523][T29247] netlink: 604 bytes leftover after parsing attributes in process `syz.8.19238'. [ 1602.258331][T29288] loop5: detected capacity change from 0 to 512 [ 1602.273832][T29290] netlink: 60 bytes leftover after parsing attributes in process `syz.3.19263'. [ 1602.422014][T29288] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1602.517661][T29302] netlink: 'syz.7.19256': attribute type 18 has an invalid length. [ 1602.683987][T18416] EXT4-fs (loop5): unmounting filesystem. [ 1602.832323][T29280] loop6: detected capacity change from 0 to 32768 [ 1602.891205][T29280] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 11 [ 1603.075319][T29327] loop8: detected capacity change from 0 to 1024 [ 1603.376243][ T5419] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 11 [ 1603.466981][T29354] netlink: 'syz.6.19273': attribute type 10 has an invalid length. [ 1603.486003][T29354] netlink: 40 bytes leftover after parsing attributes in process `syz.6.19273'. [ 1603.530022][T29354] device virt_wifi0 left promiscuous mode [ 1603.569243][T29354] batman_adv: batadv0: Adding interface: virt_wifi0 [ 1603.607531][T29354] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1603.665976][T29363] netlink: 'syz.3.19274': attribute type 3 has an invalid length. [ 1603.695527][T29363] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.19274'. [ 1603.736864][T29354] batman_adv: batadv0: Interface activated: virt_wifi0 [ 1603.984384][T29382] netlink: 4 bytes leftover after parsing attributes in process `syz.6.19282'. [ 1604.288475][T29398] netlink: 604 bytes leftover after parsing attributes in process `syz.6.19286'. [ 1605.362601][T29458] netlink: 4 bytes leftover after parsing attributes in process `syz.8.19317'. [ 1605.426090][T29402] loop7: detected capacity change from 0 to 32768 [ 1605.518708][T29402] XFS (loop7): Mounting V5 Filesystem [ 1605.562712][T29476] loop6: detected capacity change from 0 to 1764 [ 1605.688888][T29402] XFS (loop7): Ending clean mount [ 1605.705847][T29402] XFS (loop7): Quotacheck needed: Please wait. [ 1605.842028][T29402] XFS (loop7): Quotacheck: Done. [ 1606.027076][T26354] XFS (loop7): Unmounting Filesystem [ 1606.037310][T29507] loop3: detected capacity change from 0 to 512 [ 1606.133692][T29507] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1606.280377][T29528] netlink: 4 bytes leftover after parsing attributes in process `syz.5.19322'. [ 1606.486874][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 1607.418766][T29590] loop3: detected capacity change from 0 to 1764 [ 1608.067617][T29634] binder: 29630:29634 ioctl c018620c 200000000700 returned -22 [ 1608.206946][T29635] loop5: detected capacity change from 0 to 2048 [ 1608.294719][T29635] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1608.513118][T29660] netlink: 12 bytes leftover after parsing attributes in process `syz.8.19364'. [ 1608.588134][T29660] netlink: 48 bytes leftover after parsing attributes in process `syz.8.19364'. [ 1608.731897][T29674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.19367'. [ 1609.159312][ T52] block nbd6: Attempted send on invalid socket [ 1609.165534][ T52] I/O error, dev nbd6, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1609.278632][T29707] binder: 29706:29707 ioctl c018620c 200000000700 returned -22 [ 1609.494403][T29718] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1609.511482][T29720] usb usb8: usbfs: process 29720 (syz.5.19381) did not claim interface 0 before use [ 1609.938824][T29743] device geneve5 entered promiscuous mode [ 1609.954439][T29701] loop8: detected capacity change from 0 to 32768 [ 1610.136037][T29701] XFS (loop8): Mounting V5 Filesystem [ 1610.223453][T29701] XFS (loop8): Ending clean mount [ 1610.234376][T29701] XFS (loop8): Quotacheck needed: Please wait. [ 1610.382351][T29701] XFS (loop8): Quotacheck: Done. [ 1610.512871][T10217] XFS (loop8): Unmounting Filesystem [ 1610.606647][T29786] loop5: detected capacity change from 0 to 65 [ 1610.648906][T29786] BFS-fs: bfs_fill_super(): NOTE: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway [ 1610.852886][T29797] netlink: 12 bytes leftover after parsing attributes in process `syz.3.19402'. [ 1610.882380][T29795] loop6: detected capacity change from 0 to 2048 [ 1610.919215][T29797] netlink: 48 bytes leftover after parsing attributes in process `syz.3.19402'. [ 1610.968605][T29795] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1611.155136][T29812] device geneve4 entered promiscuous mode [ 1611.584085][T29839] loop3: detected capacity change from 0 to 64 [ 1611.837282][T29848] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1611.906308][ T93] block nbd7: Attempted send on invalid socket [ 1611.912569][ T93] I/O error, dev nbd7, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1611.955480][T29820] loop6: detected capacity change from 0 to 32768 [ 1612.083294][T29873] xt_connbytes: Forcing CT accounting to be enabled [ 1612.095904][T29873] xt_bpf: check failed: parse error [ 1612.125980][T29820] XFS (loop6): Mounting V5 Filesystem [ 1612.252653][T29882] netlink: 12 bytes leftover after parsing attributes in process `syz.5.19422'. [ 1612.287954][T29882] netlink: 5 bytes leftover after parsing attributes in process `syz.5.19422'. [ 1612.313422][T29885] netdevsim netdevsim7 netdevsim1: set [1, 1] type 2 family 0 port 6081 - 0 [ 1612.330640][T29820] XFS (loop6): Ending clean mount [ 1612.352110][T29882] netlink: 5 bytes leftover after parsing attributes in process `syz.5.19422'. [ 1612.373256][T29885] netdevsim netdevsim7 netdevsim2: set [1, 1] type 2 family 0 port 6081 - 0 [ 1612.373935][T29820] XFS (loop6): Quotacheck needed: Please wait. [ 1612.382837][T29885] netdevsim netdevsim7 netdevsim3: set [1, 1] type 2 family 0 port 6081 - 0 [ 1612.431990][T29885] device geneve3 entered promiscuous mode [ 1612.504569][T29885] netdevsim netdevsim7 netdevsim1: unset [1, 1] type 2 family 0 port 6081 - 0 [ 1612.564348][T29885] netdevsim netdevsim7 netdevsim2: unset [1, 1] type 2 family 0 port 6081 - 0 [ 1612.589158][T29820] XFS (loop6): Quotacheck: Done. [ 1612.595891][T29885] netdevsim netdevsim7 netdevsim3: unset [1, 1] type 2 family 0 port 6081 - 0 [ 1612.745891][T25017] XFS (loop6): Unmounting Filesystem [ 1612.926030][T29914] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1613.209831][T29930] loop3: detected capacity change from 0 to 65 [ 1613.239436][T29930] BFS-fs: bfs_fill_super(): NOTE: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway [ 1613.255807][T29934] netlink: 12 bytes leftover after parsing attributes in process `syz.5.19432'. [ 1613.283209][T29934] netlink: 48 bytes leftover after parsing attributes in process `syz.5.19432'. [ 1614.064630][T29972] loop6: detected capacity change from 0 to 64 [ 1614.346577][T29985] xt_connbytes: Forcing CT accounting to be enabled [ 1614.392488][T29985] xt_bpf: check failed: parse error [ 1614.406769][T29936] loop7: detected capacity change from 0 to 32768 [ 1614.542292][T29936] JBD2: Ignoring recovery information on journal [ 1614.752832][T29936] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 1615.070420][T26354] ocfs2: Unmounting device (7,7) on (node local) [ 1615.240915][T30029] loop5: detected capacity change from 0 to 64 [ 1615.598653][T30044] loop7: detected capacity change from 0 to 2048 [ 1615.668041][T30044] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1615.723998][T30005] loop8: detected capacity change from 0 to 32768 [ 1615.827119][T30005] [ 1615.827119][T30005] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1615.827119][T30005] [ 1615.896586][T30005] ERROR: (device loop8): diWrite: ixpxd invalid [ 1615.896586][T30005] [ 1615.935395][T30005] ERROR: (device loop8): txCommit: [ 1615.935395][T30005] [ 1616.171084][T10217] [ 1616.171084][T10217] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1616.171084][T10217] [ 1616.205669][T10217] [ 1616.205669][T10217] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1616.205669][T10217] [ 1616.680134][T30100] loop5: detected capacity change from 0 to 2048 [ 1616.769310][T30100] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1617.197562][T30077] loop6: detected capacity change from 0 to 32768 [ 1617.289466][T30077] JBD2: Ignoring recovery information on journal [ 1617.337783][T30131] autofs4:pid:30131:autofs_fill_super: called with bogus options [ 1617.468990][T30077] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 1617.777598][T30158] loop3: detected capacity change from 0 to 2048 [ 1617.814185][T30158] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1617.830374][T25017] ocfs2: Unmounting device (7,6) on (node local) [ 1618.068198][T30170] netlink: 'syz.5.19516': attribute type 21 has an invalid length. [ 1618.297702][T30185] device geneve3 entered promiscuous mode [ 1618.995895][T30229] netlink: 'syz.7.19522': attribute type 9 has an invalid length. [ 1619.038919][T30230] XFS (nullb0): Invalid superblock magic number [ 1619.102606][T30184] loop3: detected capacity change from 0 to 32768 [ 1619.539985][ T26] audit: type=1326 audit(1522.364:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30257 comm="syz.7.19531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1619.629610][T30266] netlink: 128 bytes leftover after parsing attributes in process `syz.3.19533'. [ 1619.653957][ T26] audit: type=1326 audit(1522.401:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30257 comm="syz.7.19531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1619.717727][ T26] audit: type=1326 audit(1522.401:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30257 comm="syz.7.19531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1619.863558][ T26] audit: type=1326 audit(1522.401:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30257 comm="syz.7.19531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95898e929 code=0x7ffc0000 [ 1620.035168][T30279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1620.572448][T30308] loop8: detected capacity change from 0 to 512 [ 1620.605886][T30308] EXT4-fs: Ignoring removed mblk_io_submit option [ 1620.715156][T30308] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13 [ 1620.734771][T30308] EXT4-fs error (device loop8): ext4_clear_blocks:883: inode #13: comm syz.8.19549: attempt to clear invalid blocks 2 len 1 [ 1620.757121][T30308] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1620.823095][T30308] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.19549: invalid indirect mapped block 1819239214 (level 0) [ 1620.862325][T30308] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.19549: invalid indirect mapped block 1819239214 (level 1) [ 1620.926881][T30308] EXT4-fs (loop8): 1 truncate cleaned up [ 1620.946382][T30308] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 1621.004547][T30308] EXT4-fs (loop8): unmounting filesystem. [ 1621.251912][T30356] loop3: detected capacity change from 0 to 256 [ 1621.304106][T30356] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 1621.334997][T30356] FAT-fs (loop3): Filesystem has been set read-only [ 1621.503411][T11395] usb 7-1: new high-speed USB device number 47 using dummy_hcd [ 1621.718721][T11395] usb 7-1: config 0 has an invalid interface number: 120 but max is 0 [ 1621.727046][T11395] usb 7-1: config 0 has no interface number 0 [ 1621.750125][T11395] usb 7-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1621.800894][T11395] usb 7-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 1621.817725][T11395] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1621.842349][T11395] usb 7-1: config 0 descriptor?? [ 1621.845545][T14417] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 1621.874064][T11395] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.120/input/input94 [ 1622.059168][T14417] usb 4-1: Using ep0 maxpacket: 16 [ 1622.066024][T14417] usb 4-1: config 166 has an invalid interface number: 177 but max is 1 [ 1622.085174][T14417] usb 4-1: config 166 has an invalid interface number: 34 but max is 1 [ 1622.104822][T14417] usb 4-1: config 166 has an invalid descriptor of length 0, skipping remainder of the config [ 1622.144461][T14417] usb 4-1: config 166 has no interface number 0 [ 1622.159491][T30413] netlink: 'syz.7.19574': attribute type 4 has an invalid length. [ 1622.165082][T14417] usb 4-1: config 166 has no interface number 1 [ 1622.195490][T14417] usb 4-1: config 166 interface 177 altsetting 4 has an invalid endpoint with address 0x0, skipping [ 1622.225162][T30418] usb usb7: usbfs: process 30418 (syz.8.19576) did not claim interface 0 before use [ 1622.240846][T14417] usb 4-1: config 166 interface 177 altsetting 4 has an invalid endpoint with address 0x0, skipping [ 1622.265538][T14417] usb 4-1: config 166 interface 34 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 4 [ 1622.288932][T14417] usb 4-1: config 166 interface 177 has no altsetting 0 [ 1622.299608][T14417] usb 4-1: config 166 interface 34 has no altsetting 0 [ 1622.314606][T14417] usb 4-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12 [ 1622.327749][T14417] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1622.335846][T14417] usb 4-1: Product: syz [ 1622.345562][T30421] loop7: detected capacity change from 0 to 512 [ 1622.353114][T14417] usb 4-1: Manufacturer: syz [ 1622.357907][T14417] usb 4-1: SerialNumber: syz [ 1622.374497][T11631] usb 7-1: USB disconnect, device number 47 [ 1622.393637][T30421] EXT4-fs (loop7): external journal device major/minor numbers have changed [ 1622.543409][T30421] block device autoloading is deprecated and will be removed. [ 1622.565254][T30421] EXT4-fs (loop7): couldn't read superblock of external journal [ 1622.619510][T14417] ums-realtek 4-1:166.177: USB Mass Storage device detected [ 1622.795136][T14417] ums-realtek 4-1:166.34: USB Mass Storage device detected [ 1622.916182][T14417] usb 4-1: Found UVC 0.00 device syz (0bda:0138) [ 1622.931537][T14417] usb 4-1: No valid video chain found. [ 1622.955535][T14417] usb 4-1: USB disconnect, device number 28 [ 1623.468827][T30509] loop3: detected capacity change from 0 to 16 [ 1623.526339][T30509] erofs: (device loop3): mounted with root inode @ nid 36. [ 1623.769060][T30533] netlink: 'syz.6.19600': attribute type 21 has an invalid length. [ 1623.813307][T30533] netlink: 128 bytes leftover after parsing attributes in process `syz.6.19600'. [ 1623.887190][T30533] netlink: 'syz.6.19600': attribute type 4 has an invalid length. [ 1623.895052][T30533] netlink: 'syz.6.19600': attribute type 5 has an invalid length. [ 1623.951441][T30533] netlink: 3 bytes leftover after parsing attributes in process `syz.6.19600'. [ 1623.969886][T30542] loop7: detected capacity change from 0 to 128 [ 1624.037271][T30542] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256 [ 1624.059262][T30546] bridge6: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 1624.129193][T30554] NILFS (nullb0): couldn't find nilfs on the device [ 1624.209366][T30542] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1624.275735][T30542] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 93: 0x5d != 0x05 [ 1624.357855][T30542] UDF-fs: error (device loop7): udf_count_free_bitmap: udf_count_free failed [ 1624.743999][T30585] netlink: 'syz.6.19615': attribute type 1 has an invalid length. [ 1624.796691][T30585] netlink: 'syz.6.19615': attribute type 3 has an invalid length. [ 1624.836504][T30585] netlink: 224 bytes leftover after parsing attributes in process `syz.6.19615'. [ 1625.442345][T30576] loop5: detected capacity change from 0 to 32768 [ 1625.487295][T30576] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 scanned by syz.5.19613 (30576) [ 1625.527797][T30576] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1625.597811][T30576] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 1625.625668][T30576] BTRFS info (device loop5): turning off barriers [ 1625.673315][T30576] BTRFS info (device loop5): enabling ssd optimizations [ 1625.680494][T30576] BTRFS info (device loop5): using spread ssd allocation scheme [ 1625.704944][T30576] BTRFS info (device loop5): not using ssd optimizations [ 1625.712012][T30576] BTRFS info (device loop5): not using spread ssd allocation scheme [ 1625.765970][T30576] BTRFS info (device loop5): enabling all of the rescue options [ 1625.796104][T30576] BTRFS info (device loop5): ignoring data csums [ 1625.840238][T30576] BTRFS info (device loop5): ignoring bad roots [ 1625.879000][T30576] BTRFS info (device loop5): disabling log replay at mount time [ 1625.919722][T30576] BTRFS info (device loop5): force zlib compression, level 3 [ 1625.927163][T30576] BTRFS info (device loop5): enabling ssd optimizations [ 1626.001898][T30576] BTRFS info (device loop5): using spread ssd allocation scheme [ 1626.021065][T30576] BTRFS info (device loop5): using free space tree [ 1626.080693][T30605] loop3: detected capacity change from 0 to 32768 [ 1626.214737][T30605] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1626.368303][T30605] (syz.3.19621,30605,0):ocfs2_remount:623 ERROR: Cannot change heartbeat mode on remount [ 1626.398818][T30673] No such timeout policy "syz1" [ 1626.522918][T30682] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19637'. [ 1626.564713][ T4251] ocfs2: Unmounting device (7,3) on (node local) [ 1626.711453][T18416] BTRFS info (device loop5: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1627.266112][ T5419] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 scanned by udevd (5419) [ 1627.408247][T30751] netlink: 'syz.3.19649': attribute type 3 has an invalid length. [ 1627.973505][T30775] openvswitch: netlink: Message has 1 unknown bytes. [ 1628.075406][T30785] loop8: detected capacity change from 0 to 64 [ 1628.139462][T30785] syz.8.19660: attempt to access beyond end of device [ 1628.139462][T30785] loop8: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 1628.172165][T30785] Buffer I/O error on dev loop8, logical block 134217734, async page read [ 1628.394865][T30800] netlink: 8 bytes leftover after parsing attributes in process `syz.6.19664'. [ 1628.469153][T30807] netlink: 'syz.7.19666': attribute type 1 has an invalid length. [ 1628.527047][T30807] netlink: 'syz.7.19666': attribute type 3 has an invalid length. [ 1628.546641][T30807] netlink: 224 bytes leftover after parsing attributes in process `syz.7.19666'. [ 1629.035129][T30837] loop6: detected capacity change from 0 to 64 [ 1629.124441][T30837] syz.6.19676: attempt to access beyond end of device [ 1629.124441][T30837] loop6: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 1629.189902][T30837] Buffer I/O error on dev loop6, logical block 134217734, async page read [ 1630.025711][T30902] netlink: 'syz.7.19695': attribute type 2 has an invalid length. [ 1630.040439][T30901] loop3: detected capacity change from 0 to 1024 [ 1630.090413][T30901] hfsplus: bad catalog entry type [ 1630.167099][ T4304] hfsplus: b-tree write err: -5, ino 4 [ 1630.900465][T30988] netlink: 'syz.6.19711': attribute type 10 has an invalid length. [ 1630.925894][T30991] netlink: 'syz.8.19713': attribute type 2 has an invalid length. [ 1630.934033][T30988] device bond0 left promiscuous mode [ 1630.979116][T30988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1631.018183][T30988] device bond0 entered promiscuous mode [ 1631.045886][T30988] team0: Port device bond0 added [ 1631.385681][T31008] loop7: detected capacity change from 0 to 4096 [ 1631.394745][T31017] netlink: 24 bytes leftover after parsing attributes in process `syz.3.19722'. [ 1631.424589][T31008] ntfs3: loop7: ino=3, Correct links count -> 2. [ 1632.223555][T31002] loop8: detected capacity change from 0 to 32768 [ 1632.268708][T31002] BTRFS info (device loop8): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1632.309753][T31002] BTRFS info (device loop8): using blake2b (blake2b-256-generic) checksum algorithm [ 1632.349729][T31002] BTRFS info (device loop8): turning off barriers [ 1632.386481][T31002] BTRFS info (device loop8): enabling ssd optimizations [ 1632.393491][T31002] BTRFS info (device loop8): using spread ssd allocation scheme [ 1632.447632][T31002] BTRFS info (device loop8): not using ssd optimizations [ 1632.471735][T31002] BTRFS info (device loop8): not using spread ssd allocation scheme [ 1632.515738][T31002] BTRFS info (device loop8): enabling all of the rescue options [ 1632.523432][T31002] BTRFS info (device loop8): ignoring data csums [ 1632.578691][T31002] BTRFS info (device loop8): ignoring bad roots [ 1632.601573][T31062] loop7: detected capacity change from 0 to 4096 [ 1632.608009][T31002] BTRFS info (device loop8): disabling log replay at mount time [ 1632.642445][T31002] BTRFS info (device loop8): force zlib compression, level 3 [ 1632.656366][T31002] BTRFS info (device loop8): enabling ssd optimizations [ 1632.664446][T31062] ntfs3: loop7: Different NTFS' sector size (4096) and media sector size (512) [ 1632.678461][T31002] BTRFS info (device loop8): using spread ssd allocation scheme [ 1632.713319][T31002] BTRFS info (device loop8): using free space tree [ 1633.150062][T31110] openvswitch: netlink: Message has 1 unknown bytes. [ 1633.286417][T10217] BTRFS info (device loop8: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1633.459728][T31123] netlink: 28 bytes leftover after parsing attributes in process `syz.5.19751'. [ 1633.506587][T31126] netlink: 'syz.3.19753': attribute type 21 has an invalid length. [ 1633.536283][T31127] netlink: 24 bytes leftover after parsing attributes in process `syz.6.19752'. [ 1633.539041][T31126] netlink: 128 bytes leftover after parsing attributes in process `syz.3.19753'. [ 1633.601468][T31126] netlink: 'syz.3.19753': attribute type 4 has an invalid length. [ 1633.629762][T31126] netlink: 'syz.3.19753': attribute type 5 has an invalid length. [ 1633.661661][T31126] netlink: 3 bytes leftover after parsing attributes in process `syz.3.19753'. [ 1633.805793][T31136] loop7: detected capacity change from 0 to 1024 [ 1634.025215][T31140] loop3: detected capacity change from 0 to 4096 [ 1634.046412][ T4579] hfsplus: b-tree write err: -5, ino 4 [ 1634.110769][T31140] ntfs3: loop3: ino=3, Correct links count -> 2. [ 1634.610745][T31169] loop5: detected capacity change from 0 to 64 [ 1635.271898][T31160] loop6: detected capacity change from 0 to 32768 [ 1635.323632][T31160] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 scanned by syz.6.19760 (31160) [ 1635.433475][T31160] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1635.497299][T31160] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 1635.506810][T31160] BTRFS info (device loop6): turning off barriers [ 1635.581982][T31160] BTRFS info (device loop6): enabling ssd optimizations [ 1635.616913][T31160] BTRFS info (device loop6): using spread ssd allocation scheme [ 1635.646906][T31160] BTRFS info (device loop6): not using ssd optimizations [ 1635.665031][T31160] BTRFS info (device loop6): not using spread ssd allocation scheme [ 1635.704519][T31160] BTRFS info (device loop6): enabling all of the rescue options [ 1635.723460][T31160] BTRFS info (device loop6): ignoring data csums [ 1635.743526][T31160] BTRFS info (device loop6): ignoring bad roots [ 1635.749822][T31160] BTRFS info (device loop6): disabling log replay at mount time [ 1635.794794][T31160] BTRFS info (device loop6): force zlib compression, level 3 [ 1635.832182][T31160] BTRFS info (device loop6): enabling ssd optimizations [ 1635.847909][T31184] loop8: detected capacity change from 0 to 32768 [ 1635.858836][T31160] BTRFS info (device loop6): using spread ssd allocation scheme [ 1635.880787][T31160] BTRFS info (device loop6): using free space tree [ 1635.914310][T11636] usb 8-1: new high-speed USB device number 43 using dummy_hcd [ 1635.973991][T31184] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode. [ 1636.041467][T31184] (syz.8.19767,31184,0):ocfs2_remount:623 ERROR: Cannot change heartbeat mode on remount [ 1636.127977][T11636] usb 8-1: Using ep0 maxpacket: 16 [ 1636.154629][T11636] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7 [ 1636.216519][T11636] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1636.245909][T11636] usb 8-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1636.260080][T11636] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1636.275479][T11636] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1636.289659][T10217] ocfs2: Unmounting device (7,8) on (node local) [ 1636.297675][T11636] usb 8-1: Product: syz [ 1636.310204][T11636] usb 8-1: Manufacturer: syz [ 1636.314844][T11636] usb 8-1: SerialNumber: syz [ 1636.432676][T25017] BTRFS info (device loop6: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1636.599537][T11636] usb 8-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1636.601277][T31260] loop3: detected capacity change from 0 to 4096 [ 1636.663381][T11636] usb 8-1: USB disconnect, device number 43 [ 1636.679008][T31260] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1636.702616][ T5419] udevd[5419]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1636.750142][T31290] netlink: 'syz.5.19785': attribute type 10 has an invalid length. [ 1636.805529][T31260] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1636.913942][T31260] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1636.970388][T31260] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1637.017486][T31260] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1637.041281][T31260] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1637.063099][T31260] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1637.077306][T31260] ntfs: volume version 3.1. [ 1637.092993][T31260] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 1637.155352][T31260] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 1637.185423][T31260] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 1637.239539][T31290] device bond0 left promiscuous mode [ 1637.257710][T31290] device bond_slave_1 left promiscuous mode [ 1637.280766][T31290] device batadv_slave_0 left promiscuous mode [ 1637.361522][T31290] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1637.396019][T31290] device bond0 entered promiscuous mode [ 1637.419365][T31290] device bond_slave_1 entered promiscuous mode [ 1637.444449][T31290] device batadv_slave_0 entered promiscuous mode [ 1637.471059][T31290] team0: Port device bond0 added [ 1637.681977][T31313] netlink: 'syz.6.19784': attribute type 4 has an invalid length. [ 1637.900625][T31335] loop6: detected capacity change from 0 to 512 [ 1637.925483][T31340] loop5: detected capacity change from 0 to 16 [ 1637.927289][T31341] kAFS: unable to lookup cell '\/' [ 1637.969449][T31335] EXT4-fs (loop6): external journal device major/minor numbers have changed [ 1637.989080][T31340] erofs: (device loop5): mounted with root inode @ nid 36. [ 1638.036961][T31335] EXT4-fs (loop6): couldn't read superblock of external journal [ 1638.145574][T31350] loop8: detected capacity change from 0 to 1024 [ 1638.429091][ T4579] hfsplus: b-tree write err: -5, ino 4 [ 1638.674365][T31383] netlink: 'syz.3.19808': attribute type 4 has an invalid length. [ 1638.710752][T31388] netlink: 'syz.5.19809': attribute type 8 has an invalid length. [ 1638.759267][T31388] netlink: 399 bytes leftover after parsing attributes in process `syz.5.19809'. [ 1638.769156][T31391] ieee802154 phy0 wpan0: encryption failed: -22 [ 1638.968194][T31401] loop3: detected capacity change from 0 to 64 [ 1639.590527][T31437] XFS (nullb0): Invalid superblock magic number [ 1639.845827][T31457] netlink: 'syz.8.19827': attribute type 4 has an invalid length. [ 1640.011665][T31461] netlink: 'syz.7.19829': attribute type 10 has an invalid length. [ 1640.048607][T31461] device bond0 left promiscuous mode [ 1640.081632][T31461] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1640.127634][T31461] device bond0 entered promiscuous mode [ 1640.162501][T31461] team0: Port device bond0 added [ 1640.198216][T31428] loop3: detected capacity change from 0 to 32768 [ 1640.268065][T31475] loop6: detected capacity change from 0 to 64 [ 1640.774289][T31502] netlink: 'syz.5.19842': attribute type 9 has an invalid length. [ 1641.168200][T31527] netlink: 'syz.5.19848': attribute type 1 has an invalid length. [ 1641.184601][ T5331] usb 9-1: new high-speed USB device number 16 using dummy_hcd [ 1641.388012][ T5331] usb 9-1: Using ep0 maxpacket: 16 [ 1641.395760][ T5331] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7 [ 1641.444625][T31541] netlink: 'syz.3.19850': attribute type 10 has an invalid length. [ 1641.462520][ T5331] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1641.472235][ T5331] usb 9-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1641.517668][T31541] device bond0 left promiscuous mode [ 1641.524716][ T5331] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1641.548457][T31541] device bond_slave_0 left promiscuous mode [ 1641.554560][T31541] device bond_slave_1 left promiscuous mode [ 1641.561378][ T5331] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1641.580220][ T5331] usb 9-1: Product: syz [ 1641.584435][ T5331] usb 9-1: Manufacturer: syz [ 1641.589046][ T5331] usb 9-1: SerialNumber: syz [ 1641.594171][T31541] device batadv_slave_0 left promiscuous mode [ 1641.674522][T31541] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1641.683044][T31541] device bond0 entered promiscuous mode [ 1641.690152][T31541] device bond_slave_0 entered promiscuous mode [ 1641.696649][T31541] device bond_slave_1 entered promiscuous mode [ 1641.704492][T31541] device batadv_slave_0 entered promiscuous mode [ 1641.713550][T31541] team0: Port device bond0 added [ 1641.866942][ T5331] usb 9-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1641.918916][ T5331] usb 9-1: USB disconnect, device number 16 [ 1642.050254][T31572] loop5: detected capacity change from 0 to 4096 [ 1642.073262][T31589] netlink: 19 bytes leftover after parsing attributes in process `syz.7.19859'. [ 1642.111647][T31572] __ntfs_warning: 8 callbacks suppressed [ 1642.111662][T31572] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1642.249716][T31572] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1642.375544][T31572] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1642.388102][T31605] loop6: detected capacity change from 0 to 256 [ 1642.400655][T31572] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1642.403847][T31606] netlink: 'syz.3.19865': attribute type 10 has an invalid length. [ 1642.446962][T31572] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1642.489200][T31606] device veth1_vlan entered promiscuous mode [ 1642.530335][T31572] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1642.553722][T31606] device macvlan0 entered promiscuous mode [ 1642.578924][T31572] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1642.591270][T31606] team0: Port device macvlan0 added [ 1642.640798][T31572] ntfs: volume version 3.1. [ 1642.642724][T31610] loop7: detected capacity change from 0 to 2048 [ 1642.669281][T31572] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 1642.717466][T31572] ntfs: (device loop5): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 1642.796923][T31572] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 1642.819549][T31617] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1642.878032][T31610] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1642.989270][T31610] Remounting filesystem read-only [ 1643.030722][T31620] loop6: detected capacity change from 0 to 4096 [ 1643.038756][T31610] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1643.075782][T31610] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1643.135005][T31610] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1643.156453][T31620] ntfs: volume version 3.1. [ 1643.189163][T31610] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1643.261387][T31610] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1643.307122][T31610] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1643.365779][T31610] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1643.884501][T31673] loop5: detected capacity change from 0 to 64 [ 1644.743237][T31732] netlink: 24 bytes leftover after parsing attributes in process `syz.6.19902'. [ 1644.843669][T31737] loop5: detected capacity change from 0 to 512 [ 1644.914642][T31737] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1644.973339][T31737] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1644.992533][T31737] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.19904: invalid indirect mapped block 2683928664 (level 1) [ 1645.026174][T31747] loop6: detected capacity change from 0 to 256 [ 1645.097842][T31737] EXT4-fs (loop5): Remounting filesystem read-only [ 1645.109060][T31737] EXT4-fs (loop5): 1 truncate cleaned up [ 1645.114757][T31737] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1645.346725][T18416] EXT4-fs (loop5): unmounting filesystem. [ 1645.406073][T31771] loop8: detected capacity change from 0 to 1024 [ 1645.464236][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 1645.470564][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 1645.604454][T31783] vivid-000: ================= START STATUS ================= [ 1645.641760][T31771] hfsplus: extend alloc file! (8192,512,16777721) [ 1645.674945][T31783] vivid-000: Generate PTS: true [ 1645.700644][T31783] vivid-000: Generate SCR: true [ 1645.705662][T31783] tpg source WxH: 640x360 (R'G'B) [ 1645.728277][T31783] tpg field: 1 [ 1645.731730][T31783] tpg crop: 640x360@0x0 [ 1645.735915][T31783] tpg compose: 640x360@0x0 [ 1645.835164][T31783] tpg colorspace: 9 [ 1645.839133][T31783] tpg transfer function: 7/2 [ 1645.878490][T31783] tpg quantization: 2/2 [ 1645.882766][T31783] tpg RGB range: 0/2 [ 1645.886745][T31783] vivid-000: ================== END STATUS ================== [ 1645.955513][T31805] netlink: 8 bytes leftover after parsing attributes in process `syz.8.19921'. [ 1646.110850][T31814] loop7: detected capacity change from 0 to 128 [ 1646.216727][T31814] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 1646.436321][T26354] EXT4-fs (loop7): unmounting filesystem. [ 1646.469799][T14417] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 1646.558232][T31842] xt_cgroup: invalid path, errno=-2 [ 1646.679746][T14417] usb 4-1: Using ep0 maxpacket: 16 [ 1646.692896][T14417] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 1646.724099][T14417] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1646.751358][T14417] usb 4-1: Product: syz [ 1646.762858][T14417] usb 4-1: Manufacturer: syz [ 1646.802096][T14417] usb 4-1: SerialNumber: syz [ 1646.814384][T14417] usb 4-1: config 0 descriptor?? [ 1646.841537][T14417] ums-onetouch 4-1:0.0: USB Mass Storage device detected [ 1646.848801][T31862] loop8: detected capacity change from 0 to 64 [ 1647.058798][ T5331] usb 4-1: USB disconnect, device number 29 [ 1648.715690][T31988] loop5: detected capacity change from 0 to 128 [ 1648.772289][T31988] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1648.899365][T31944] loop6: detected capacity change from 0 to 32768 [ 1648.957982][T31944] (syz.6.19960,31944,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1648.980884][T31944] (syz.6.19960,31944,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1649.181217][ T5331] usb 6-1: new high-speed USB device number 52 using dummy_hcd [ 1649.196882][T31944] JBD2: Ignoring recovery information on journal [ 1649.350101][T31944] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 1649.393229][ T5331] usb 6-1: config 0 has an invalid interface number: 216 but max is 0 [ 1649.416399][ T5331] usb 6-1: config 0 has no interface number 0 [ 1649.422595][ T5331] usb 6-1: config 0 interface 216 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1649.438932][T11631] usb 8-1: new low-speed USB device number 44 using dummy_hcd [ 1649.458762][T31944] [ 1649.461125][T31944] ====================================================== [ 1649.468161][T31944] WARNING: possible circular locking dependency detected [ 1649.475205][T31944] 6.1.141-syzkaller #0 Not tainted [ 1649.480336][T31944] ------------------------------------------------------ [ 1649.487372][T31944] syz.6.19960/31944 is trying to acquire lock: [ 1649.493539][T31944] ffff888038c92650 (sb_internal#4){.+.+}-{0:0}, at: ocfs2_write_info+0x117/0x350 [ 1649.502733][T31944] [ 1649.502733][T31944] but task is already holding lock: [ 1649.510118][T31944] ffff8880544fea20 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1e5/0x270 [ 1649.521046][T31944] [ 1649.521046][T31944] which lock already depends on the new lock. [ 1649.521046][T31944] [ 1649.531478][T31944] [ 1649.531478][T31944] the existing dependency chain (in reverse order) is: [ 1649.540529][T31944] [ 1649.540529][T31944] -> #6 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}: [ 1649.549420][T31944] down_write+0x36/0x60 [ 1649.554133][T31944] ocfs2_lock_global_qf+0x1e5/0x270 [ 1649.559883][T31944] ocfs2_acquire_dquot+0x2a0/0xb10 [ 1649.565560][T31944] dqget+0x778/0xeb0 [ 1649.570004][T31944] __dquot_initialize+0x3b6/0xcb0 [ 1649.575590][T31944] ocfs2_get_init_inode+0x138/0x1b0 [ 1649.581353][T31944] ocfs2_mknod+0x8be/0x2350 [ 1649.586421][T31944] ocfs2_mkdir+0x1b6/0x4a0 [ 1649.591388][T31944] vfs_mkdir+0x387/0x570 [ 1649.596182][T31944] do_mkdirat+0x1d0/0x430 [ 1649.601081][T31944] __x64_sys_mkdirat+0x85/0x90 [ 1649.606389][T31944] do_syscall_64+0x4c/0xa0 [ 1649.611331][T31944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1649.617751][T31944] [ 1649.617751][T31944] -> #5 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7){+.+.}-{3:3}: [ 1649.628271][T31944] down_write+0x36/0x60 [ 1649.632955][T31944] ocfs2_lock_global_qf+0x1c7/0x270 [ 1649.638679][T31944] ocfs2_acquire_dquot+0x2a0/0xb10 [ 1649.644312][T31944] dqget+0x778/0xeb0 [ 1649.648723][T31944] __dquot_initialize+0x3b6/0xcb0 [ 1649.654265][T31944] ocfs2_get_init_inode+0x138/0x1b0 [ 1649.659999][T31944] ocfs2_mknod+0x8be/0x2350 [ 1649.665035][T31944] ocfs2_mkdir+0x1b6/0x4a0 [ 1649.669976][T31944] vfs_mkdir+0x387/0x570 [ 1649.674745][T31944] do_mkdirat+0x1d0/0x430 [ 1649.679602][T31944] __x64_sys_mkdirat+0x85/0x90 [ 1649.684891][T31944] do_syscall_64+0x4c/0xa0 [ 1649.689850][T31944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1649.696283][T31944] [ 1649.696283][T31944] -> #4 (&dquot->dq_lock){+.+.}-{3:3}: [ 1649.703959][T31944] __mutex_lock+0x120/0xaf0 [ 1649.708990][T31944] dquot_commit+0x5a/0x410 [ 1649.713932][T31944] ext4_write_dquot+0x1f0/0x360 [ 1649.719312][T31944] mark_all_dquot_dirty+0xf9/0x400 [ 1649.724949][T31944] __dquot_free_space+0x7ec/0xbc0 [ 1649.730504][T31944] ext4_free_blocks+0x1bab/0x2640 [ 1649.735173][T11631] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1649.736072][T31944] ext4_ext_remove_space+0x1f0d/0x4490 [ 1649.749734][T31944] ext4_ext_truncate+0x211/0x370 [ 1649.751752][T11631] usb 8-1: no configurations [ 1649.755213][T31944] ext4_truncate+0xa0b/0x1230 [ 1649.755235][T31944] ext4_evict_inode+0xb35/0x1100 [ 1649.764071][T11631] usb 8-1: can't read configurations, error -22 [ 1649.765021][T31944] evict+0x485/0x870 [ 1649.781179][T31944] vfs_rmdir+0x397/0x4d0 [ 1649.785966][T31944] do_rmdir+0x288/0x5e0 [ 1649.790644][T31944] __x64_sys_unlinkat+0xc0/0xe0 [ 1649.796106][T31944] do_syscall_64+0x4c/0xa0 [ 1649.801058][T31944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1649.807483][T31944] [ 1649.807483][T31944] -> #3 (&ei->i_data_sem){++++}-{3:3}: [ 1649.815124][T31944] down_write+0x36/0x60 [ 1649.819826][T31944] ext4_truncate+0x987/0x1230 [ 1649.825034][T31944] ext4_setattr+0x10cb/0x19f0 [ 1649.830242][T31944] notify_change+0xc74/0xf40 [ 1649.835392][T31944] do_truncate+0x197/0x220 [ 1649.840346][T31944] do_sys_ftruncate+0x312/0x3c0 [ 1649.845725][T31944] do_syscall_64+0x4c/0xa0 [ 1649.850672][T31944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1649.857097][T31944] [ 1649.857097][T31944] -> #2 (jbd2_handle){++++}-{0:0}: [ 1649.864486][T31944] start_this_handle+0x1f49/0x2150 [ 1649.870122][T31944] jbd2__journal_start+0x2b7/0x5a0 [ 1649.875762][T31944] jbd2_journal_start+0x26/0x30 [ 1649.881146][T31944] ocfs2_start_trans+0x372/0x6c0 [ 1649.886627][T31944] ocfs2_shutdown_local_alloc+0x1fd/0xa10 [ 1649.892879][T31944] ocfs2_dismount_volume+0x1fc/0x930 [ 1649.898684][T31944] generic_shutdown_super+0x130/0x340 [ 1649.904588][T31944] kill_block_super+0x7c/0xe0 [ 1649.909792][T31944] deactivate_locked_super+0x93/0xf0 [ 1649.915620][T31944] cleanup_mnt+0x463/0x4f0 [ 1649.920586][T31944] task_work_run+0x1ca/0x250 [ 1649.925714][T31944] exit_to_user_mode_loop+0xe6/0x110 [ 1649.931539][T31944] exit_to_user_mode_prepare+0xb1/0x140 [ 1649.937604][T31944] syscall_exit_to_user_mode+0x16/0x40 [ 1649.943599][T31944] do_syscall_64+0x58/0xa0 [ 1649.948550][T31944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1649.954973][T31944] [ 1649.954973][T31944] -> #1 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 1649.963492][T31944] down_read+0x42/0x2d0 [ 1649.968171][T31944] ocfs2_start_trans+0x366/0x6c0 [ 1649.973629][T31944] ocfs2_shutdown_local_alloc+0x1fd/0xa10 [ 1649.979895][T31944] ocfs2_dismount_volume+0x1fc/0x930 [ 1649.985700][T31944] generic_shutdown_super+0x130/0x340 [ 1649.991593][T31944] kill_block_super+0x7c/0xe0 [ 1649.996798][T31944] deactivate_locked_super+0x93/0xf0 [ 1650.002604][T31944] cleanup_mnt+0x463/0x4f0 [ 1650.007543][T31944] task_work_run+0x1ca/0x250 [ 1650.012683][T31944] exit_to_user_mode_loop+0xe6/0x110 [ 1650.018506][T31944] exit_to_user_mode_prepare+0xb1/0x140 [ 1650.024594][T31944] syscall_exit_to_user_mode+0x16/0x40 [ 1650.030567][T31944] do_syscall_64+0x58/0xa0 [ 1650.035507][T31944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1650.041927][T31944] [ 1650.041927][T31944] -> #0 (sb_internal#4){.+.+}-{0:0}: [ 1650.049408][T31944] __lock_acquire+0x2cf8/0x7c50 [ 1650.054832][T31944] lock_acquire+0x1b4/0x490 [ 1650.059874][T31944] ocfs2_start_trans+0x267/0x6c0 [ 1650.065335][T31944] ocfs2_write_info+0x117/0x350 [ 1650.070721][T31944] dquot_set_dqinfo+0x459/0x6c0 [ 1650.076096][T31944] quota_setinfo+0x2a4/0x2b0 [ 1650.081210][T31944] __se_sys_quotactl+0x295/0x6b0 [ 1650.086663][T31944] do_syscall_64+0x4c/0xa0 [ 1650.091594][T31944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1650.098011][T31944] [ 1650.098011][T31944] other info that might help us debug this: [ 1650.098011][T31944] [ 1650.108234][T31944] Chain exists of: [ 1650.108234][T31944] sb_internal#4 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7 --> &ocfs2_quota_ip_alloc_sem_key [ 1650.108234][T31944] [ 1650.125180][T31944] Possible unsafe locking scenario: [ 1650.125180][T31944] [ 1650.132622][T31944] CPU0 CPU1 [ 1650.138003][T31944] ---- ---- [ 1650.143360][T31944] lock(&ocfs2_quota_ip_alloc_sem_key); [ 1650.148991][T31944] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7); [ 1650.158828][T31944] lock(&ocfs2_quota_ip_alloc_sem_key); [ 1650.166985][T31944] lock(sb_internal#4); [ 1650.171232][T31944] [ 1650.171232][T31944] *** DEADLOCK *** [ 1650.171232][T31944] [ 1650.179370][T31944] 3 locks held by syz.6.19960/31944: [ 1650.184659][T31944] #0: ffff888038c920e0 (&type->s_umount_key#118){++++}-{3:3}, at: user_get_super+0x118/0x240 [ 1650.194933][T31944] #1: ffff8880544fed88 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7){+.+.}-{3:3}, at: ocfs2_lock_global_qf+0x1c7/0x270 [ 1650.207905][T31944] #2: ffff8880544fea20 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1e5/0x270 [ 1650.219251][T31944] [ 1650.219251][T31944] stack backtrace: [ 1650.225136][T31944] CPU: 0 PID: 31944 Comm: syz.6.19960 Not tainted 6.1.141-syzkaller #0 [ 1650.233371][T31944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1650.243418][T31944] Call Trace: [ 1650.246716][T31944] [ 1650.249653][T31944] dump_stack_lvl+0x168/0x22e [ 1650.254339][T31944] ? load_image+0x3b0/0x3b0 [ 1650.258866][T31944] ? show_regs_print_info+0x12/0x12 [ 1650.264071][T31944] ? print_circular_bug+0x12b/0x1a0 [ 1650.269292][T31944] check_noncircular+0x274/0x310 [ 1650.274239][T31944] ? add_chain_block+0x940/0x940 [ 1650.279182][T31944] ? lockdep_lock+0xdc/0x1e0 [ 1650.283820][T31944] ? lockdep_unlock+0x133/0x2d0 [ 1650.288701][T31944] ? _find_first_zero_bit+0xcf/0x100 [ 1650.294006][T31944] ? _find_first_zero_bit+0xcf/0x100 [ 1650.299322][T31944] __lock_acquire+0x2cf8/0x7c50 [ 1650.304228][T31944] ? verify_lock_unused+0x140/0x140 [ 1650.309503][T31944] ? verify_lock_unused+0x140/0x140 [ 1650.314741][T31944] ? ocfs2_inode_lock_full_nested+0xcb3/0x1b20 [ 1650.320918][T31944] lock_acquire+0x1b4/0x490 [ 1650.325421][T31944] ? ocfs2_write_info+0x117/0x350 [ 1650.330444][T31944] ? __might_sleep+0xd0/0xd0 [ 1650.335044][T31944] ? do_raw_spin_lock+0x11d/0x280 [ 1650.340076][T31944] ? read_lock_is_recursive+0x10/0x10 [ 1650.345459][T31944] ? __rwlock_init+0x140/0x140 [ 1650.350246][T31944] ? __rwlock_init+0x140/0x140 [ 1650.355018][T31944] ? do_raw_spin_unlock+0x11d/0x230 [ 1650.360232][T31944] ocfs2_start_trans+0x267/0x6c0 [ 1650.365171][T31944] ? ocfs2_write_info+0x117/0x350 [ 1650.370204][T31944] ? down_write+0x42/0x60 [ 1650.374574][T31944] ? ocfs2_recovery_exit+0x50/0x50 [ 1650.379823][T31944] ocfs2_write_info+0x117/0x350 [ 1650.384689][T31944] ? ocfs2_mark_dquot_dirty+0xce0/0xce0 [ 1650.390240][T31944] ? __rwlock_init+0x140/0x140 [ 1650.395016][T31944] ? do_raw_spin_unlock+0x11d/0x230 [ 1650.400228][T31944] dquot_set_dqinfo+0x459/0x6c0 [ 1650.405085][T31944] quota_setinfo+0x2a4/0x2b0 [ 1650.409681][T31944] ? quota_getinfo+0x270/0x270 [ 1650.414453][T31944] ? bpf_lsm_capable+0x5/0x10 [ 1650.419134][T31944] ? bpf_lsm_quotactl+0x5/0x10 [ 1650.423902][T31944] ? security_quotactl+0x85/0xb0 [ 1650.428857][T31944] ? do_quotactl+0x5ad/0x710 [ 1650.433458][T31944] __se_sys_quotactl+0x295/0x6b0 [ 1650.438403][T31944] ? __x64_sys_quotactl+0xa0/0xa0 [ 1650.443445][T31944] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1650.449434][T31944] ? lock_chain_count+0x20/0x20 [ 1650.454297][T31944] ? lockdep_hardirqs_on+0x94/0x140 [ 1650.459494][T31944] do_syscall_64+0x4c/0xa0 [ 1650.463920][T31944] ? clear_bhb_loop+0x60/0xb0 [ 1650.468612][T31944] ? clear_bhb_loop+0x60/0xb0 [ 1650.473298][T31944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1650.479197][T31944] RIP: 0033:0x7f515678e929 [ 1650.483647][T31944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1650.503251][T31944] RSP: 002b:00007f515764d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 1650.511662][T31944] RAX: ffffffffffffffda RBX: 00007f51569b5fa0 RCX: 00007f515678e929 [ 1650.519631][T31944] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffff80000600 [ 1650.527605][T31944] RBP: 00007f5156810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1650.535591][T31944] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000000 [ 1650.543577][T31944] R13: 0000000000000000 R14: 00007f51569b5fa0 R15: 00007fff74d84b48 [ 1650.551557][T31944] [ 1650.560219][ T5331] usb 6-1: config 0 interface 216 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1650.585183][ T5331] usb 6-1: New USB device found, idVendor=0499, idProduct=1002, bcdDevice=df.d7 [ 1650.598145][ T5331] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1650.608898][ T5331] usb 6-1: Product: syz [ 1650.613089][ T5331] usb 6-1: Manufacturer: syz [ 1650.617768][ T5331] usb 6-1: SerialNumber: syz [ 1650.622414][T25017] ocfs2: Unmounting device (7,6) on (node local) [ 1650.633050][ T5331] usb 6-1: config 0 descriptor?? [ 1650.638702][ T5331] usb 6-1: Interface #216 referenced by multiple IADs [ 1650.664447][ T5331] snd-usb-audio: probe of 6-1:0.216 failed with error -2 [ 1650.689576][ T5419] udevd[5419]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.216/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1650.870288][T11466] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 1650.880363][T11471] usb 6-1: USB disconnect, device number 52 [ 1651.063802][T11466] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1651.074061][T11466] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1651.083033][T11466] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1651.092149][T11466] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1651.101560][T11466] usb 4-1: config 0 descriptor?? [ 1651.538253][T11466] Bluetooth: Can't get state to change to load configuration err [ 1651.546104][T11466] Bluetooth: Loading sysconfig file failed [ 1651.551919][T11466] ath3k: probe of 4-1:0.0 failed with error -16 [ 1651.559334][T11466] usb 4-1: USB disconnect, device number 30