last executing test programs: 10m4.881525992s ago: executing program 0 (id=454): r0 = fsopen(&(0x7f0000000040)='fusectl\x00', 0x1) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000003c0)='noinit_itable', &(0x7f0000000400)='A', 0x1) 10m4.293553236s ago: executing program 0 (id=458): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508) syz_emit_ethernet(0x89, &(0x7f0000000e00)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "560400", 0x53, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x200, 0x0, 0x4, {[@sack_perm={0x4, 0x1}]}}, {"b3742b69022a0ef644729f3b1512a58df9bebbfa65bec6282fdf369f4541f9ab288ff12773e86902cd7ace3d5c9e00"/59}}}}}}}, 0x0) 10m3.013388358s ago: executing program 0 (id=465): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000440)={0x30, 0x2, 0x6, 0x201, 0x0, 0x0, {0x6, 0x0, 0x2}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x10}]}]}, 0x30}}, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280ff"], 0x528}}, 0xc000) 10m2.237215094s ago: executing program 0 (id=470): syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1d4, &(0x7f00000006c0)="$eJzs282O0lAYxvGnlMI4jo6fG1cmLnQj6OjGnXMB3oC7yVAJsagRNxAT46V4J9yJNwCJ7lxZ00MhLZZyLJZC+P+SGd5wePq2hEPPWSAAB+uG+e/IkWeqMAy/3Jf0+pWkesUnB6BUoX6HAA6V+6PqMwBQjem5a9YBY0f6/vPz5ST+8yzXD9Pz2qw4kpTIN2zzXx3zeK8uTRL5ZnzIteuXb7P8Q6XzV/6x//FS/nhNzlnkZ9f/6EE6f1XSiaRrkq5LOpUUvdM3Jd3K6N9Z6n/X8vyBTUSfvtYGG32TbxXvH82eN73Af5I16K7Pe3H+afZw4itknPmCRpw/szzfVflnBfPNON+6fB90MsZrBY8L2KiZ+V/cpvPflX6Fy/P/pX2+nj//AeQYDEdvL4LA/ziIbramWDyzqvBM0YyPkPfi6O6YeEY5LaLNiFV3ivKLo4whL/VpKbtobOdKo9vXLrzhlsV81pbf6zSo7CsJwJa0P/U/tAfD0eNe/6Lrd/13Z89fzLfdZl/eXrk7B7Dn0otzAAAAAAAAAAAAAACwj25LulMkaPsDPwAAAAA74//+eMiT9PdQTvuTLV4qAAAAAAAAAAAAAAAAAAAAsPf+BAAA//8xiEDA") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c}) 10m1.373744027s ago: executing program 0 (id=475): mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x81031, 0xffffffffffffffff, 0x10000000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x6, 0x0) get_mempolicy(0x0, 0x0, 0x2, &(0x7f0000ffc000/0x4000)=nil, 0x3) 10m0.605729777s ago: executing program 0 (id=480): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x40000004}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc01c64b9, &(0x7f0000000600)={0x0, 0x0, 0x0, r1}) 9m58.028424583s ago: executing program 32 (id=480): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x40000004}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc01c64b9, &(0x7f0000000600)={0x0, 0x0, 0x0, r1}) 9m20.927482982s ago: executing program 4 (id=624): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) preadv2(r0, &(0x7f0000000400)=[{&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000002200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0) 9m19.773962396s ago: executing program 4 (id=630): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x8000, &(0x7f0000000000)=ANY=[], 0x1, 0x2b2, &(0x7f0000000880)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x2) renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x5) 9m18.653395537s ago: executing program 4 (id=635): r0 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x0, 0x0, 0x28b}) setresuid(0x0, 0xee00, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) 9m17.524647558s ago: executing program 4 (id=640): syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00e611ed6229b237ad2a184a94283e2b34c24caf7280c18475708140abe763dfb52cdb0ba0cdc8c572346d0a832984b36248c4fa844eda0af4b1652605421a7821dcfde12aa77458d811a84538a156b05b0ec3eaf24a90ceb5b7463d9fd38b49d41fbfa868653605702abe43d9c2c30aed4da0b8cc18c6b369f086a965442c1217f19a67a534064b7236a6660000000000"], 0x1, 0x17b, &(0x7f0000000300)="$eJzs28tO4nAUx/FfoVyGuTHDXJLJLGY1mc1QwAR1h49CoBJiUSJuICbqe7hx58PJwp0rMZS2SmWFtEX5fjacHydND4s/nBAQgI3V0B8ZMpSdht/54lnJSHokADGZeI/3EwCbJ32X9AQAkjHek/qSbm5PW0pn/bXgp19M+w2/n8o92x/GF9Iv0+sbeb0L7xdX0l//eqOw8PpC0H+/sP9PRe/+H/RRn/RZRX3RV5W8fju4/scLtyEAADaDoXI4zz2R0n7XsStBzri5qoI5y1k314L+LG8FOefmcuvIaUf4KgAsI6Xy9dMcPv/p0Pk3vfMP4PUbDEcHTcexj2Mq/O8HYr3pagqdr8UYKykyWosxKBYUptZijITfmABEzjrp9a3BcPS/22t27I59WK/V67uVne2q5S7+1vz6D+ANefzQT3oSAAAAAAAAAAAAAACwrG/6nvQIAAAAAGIS2b+IDEmX4pfFAAAAAAAAAAAAAAAAAABE4CEAAP//gNgaag==") syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080)) mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c}) 9m16.1100112s ago: executing program 4 (id=646): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000c80)=[{{&(0x7f0000000100)={0xa, 0x4e24, 0x1, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000800)='-', 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000340)={0x0, @in={{0x2, 0x4e24, @private=0xa010101}}}, 0x84) 9m14.89342135s ago: executing program 4 (id=650): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) mlock2(&(0x7f0000549000/0x1000)=nil, 0x1000, 0x0) 9m12.072887341s ago: executing program 33 (id=650): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) mlock2(&(0x7f0000549000/0x1000)=nil, 0x1000, 0x0) 3m48.29425232s ago: executing program 1 (id=2001): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x7, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x4}) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x1}) 3m47.757315969s ago: executing program 1 (id=2006): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) syz_mount_image$bcachefs(&(0x7f0000000000), &(0x7f0000005900)='./file0\x00', 0x10000, &(0x7f0000000240)=ANY=[@ANYRESOCT, @ANYBLOB='fsck,inline_data,nocow,degraded,str_hash=siphash,norecovery,discard,reconstruct_alloc,erasure_code,acl,no_splitbrain_check,hash,uid=', @ANYRES32, @ANYRESOCT=0x0, @ANYRESDEC=0x0, @ANYRESDEC], 0x0, 0x58cc, &(0x7f000000b240)="$eJzs3X+QHFWdAPDXM7PZyW5+bAJIBNksgSiCmg2/Cn+Uxt8WIBULSwkXhYVsMJqEVBIEAkrwwIMCLLS0FPUPtJA6NFpUwSmREvlxCacoxelRV0id3qF/eIUcKYEcZXnu1e70m+z2Tm/PzsyGBD6fSrbnven5vtfdb3r6+2Z2JwAAAPCKsPvaLXvPOuK9P//c8AtXfeDHG64OveWx+mpcoS9dXvZS9ZD9qbuyaGyZHRevu+K7fxi48F0/u7PnOy/uWnP02t+855AL7/3k6Ttv+cYDz8+9+29PFcWN4+n4feXkmSSE6k/2fOXzux45fLQuCSGUk77tISxIFj6wIMmEGPxLCGFNWliUufOuF05aO7q8+obuCfXzM+sZ769s1XScbdt76Qnht+9cdc0vF//g+107nt6+b5WkOm48hTDv/PGP7wohzE7/j4qjLY7HOGhXhhB6xj3utIJ+HdNk/5fllI9Ml7PSZW9BnHj/kky5lFkvW466MsuegvbaldePVtcrMidTzp6M2pXXz1i/IF3+KF0eP8345fg/CaUkVOrdX5/sGyNh3HFLQjJ2LKv1cql+bEO6/ZlykimXMuVyV2a7xtpNB1o5SSbWx/Uy9fF0XEnrjx5/rm7g7Jz6V6fLavpEfTGWQ/ZGTe+kG/XtGhP7tWeKvuwPpXHnoEb19QOfHozetK43WTjpMSMNxPt2rbpxaXn1g7v7cvqR3Jmk8ZOW4m/7xYI5H//e9ZdkX9fr8c8vpfFLLcX/3RmPPnvu9d/+em78m2P8ckvxT7yv55kzHrp2Se7+2RP3T6Wl+ENPPXzT4kMv2JHb/1tj/GpL8VfsfLR77t777s/t/2DcP7Nbiv/kW9/3+zsev+fp3Pghxu9pKf7qnZu+0N2/97jc+PfH/dPb2vh5bsepT/T3/3EgL/5jMf7cluLfvv2Wt9w2/4bTc4/vyrh/+lqKf+ax914zZ+89R+WdO5NbO/XKCfDKdEh6jXVdWm41z2zXuHzhawOV2jXfnPT/3E42lDHazrwZjA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAK9NhJ/zL+//rI33PVNJyd3rjyVJtGetnhZDMDiFs2Tq0eeu6jRcNfPLiSzZvHFo/MLR1YHjj1s2XD5z8hoHNw5vWD10+eu/gG0+qPW5hSGrL5KhJbY+MjIyU+ibWxfbefeyO3y497b//FMLgYb/ur+T2f9ktG247tMHPjGTFyDs2XHLWr0/5VrpdfWm/+nL6FXL69T/n/PW2L+35w3EhDL5qqn49/OTbfzqhQ2MV++KkSt2h1qHupKdhP+q9TvsT91dl7br1w4PF+7ecsx1/d8XTf1l72Rf/Wtu/1dztaHL/zl4xsr701VVn/t9Xr6xVHKjHvWh/x62I/Yv7r5ru73npds3L2a5KznZd+8v7H//JEdc/vz0MVp5bPLntou3qSgdAV/LqptqNLfQkCybUV9P14xGPj1u2dcOmZVsu3/bGdRuGLhq+aHjjm5efvPzUwVNOPWXZ2JYv6/D2x/Zf2+T275/xNP/T238UfzY3nor6VbQ/RvtVvD/G9yjv+ddz9ue//OZbHjqrVlE0zuPa9fNJuuwZPc7Lw7jxNnlfNdquov0QQhhotB+eff70cPi/r7um6Dw0/siM/5mRrBh5ZMmfv3XaNxe9rVaxX87z4zvU4nm+3ut9/RnbX9X0eByo+7c7lNPt6m3Yr+WPPNR14+4/fabev1mzwmVDW7duXl77OSft6ZzkyIb9ytbG7Vo89rMc0t0S6sO0wXgd1RVq/cueP+Pq2b3am97XmyxsuF1Z8b5dq25cWl794O68PZ3cWWtxdphbWyavyVlzfeaB5XqHG7V/sI6P/vd/8+6P3P3DkyeNjxNrP4u2K8nZrh88fvuXv/PFf/hh57br/W9/tO/P//GJpbWKg+W8Uu912p9k/HnlxBCKnn+LQ+PtyH3+lRpvT9HzL9vOvvUbxxvIlHtDuaXn64n39TxzxkPXLsl9vu5p9vl65YRSueD5eqCMn5fu+TVhoCQrRn523SHbH7hq5RG1iqJxXV+70bg+qYn8I2e7fnruE/0XD/z9v3XuvPHdN9x13m+GVny2VnGgHPdqun+rOfu33uuYd47fv2+68OL1a2r1B+71b7osyH/iqWTL5ds+NbR+/fDmLc1tV7Ovp7Gd7F5u9fU0nt0WFmxXadJ2zdyNZvZXs8+32P81Le+vic+33pC09Lqw7RcL5nz8e9df0jfpUWlD55fS+KWW4v/ujEefPff6b389N/7NMX6lpfhDTz180+JDL9iRG//WJI1fbSn+ip2Pds/de9/9ufEHY/9ntxT/ybe+7/d3PH7P07nxQ4zf29r+f27HqU/09/8xN/5jSdrO6DVSCHe9cNLaWjkJXenzLfaja0K/QracZMqlTLk8vlyqzbXWGygnycT6uF5af/S4vjTy0Zz6eBVWXVRbvhjLIXtj6voDTWncub9RfdF1KgDAy118/z9eg8b3/4fTC6X8mQbYp908bFFO3JiH7ZvPmTXh/kVp/Pj4OA/Y/6YwOLq8eqB2oT/dec74fMjOc8Z2jjtmYoxW5zmL5t+XZMqxX7X58sq4PDQ1Oa+phCbm3ye3M/X8e2bzi+fHB66b1K2BcfNW2ePXlc6YNfq8Q6a/ldEIeeMjOy8WP8/RPy+sHGuvyfGR/RxNPA7Zz9HEdo7InDhb/RxNu+MjdnuK8THW5eL3NyYfvzDF/t13/BpHyx6/Zo93ZazJkZGZfn/24J83nNn3w8xL5sRPn2AH+rxhrI/bUWlyPvEjOfWdmk+Mp4vYrz1T9GV/MJ8IvFzF/D++Rozm/6MX4P+bWa/oOjR71Rjj5X5OqNy4P0V5x+TP6fW09Dq+euemL3T37z0u9zrn/mY/97NpQqmn4HM/RftxaaZcuB9zJmiK8r1sO0X7Pfu5jN4wt6X9fvv2W95y2/wbTs/d7ytrL6TF+/3LE0pzC/a7fCEnfnG+8O6p4ssXDozPMRTNn71k+Uj6waeZykc+nFM/3XykZ9KN+naNOejyka792y8A4OAR8//6+2dp/v+fmfWK8tbjM+UYLzdvzbk+yctbP5guL8us35v+RsV0r5vPPPbea+bsveeo3Lzl1mbz0H+cUOorzEPby5tz84iVnfm8eG4eUc+z2ntfKbf/9TyxvTw9N349T28vj87dP/U8ur15gNz49XmAgz3Pndn5updtHp3++uxM5dFn59RPN4/unXSjvl1j5NEAAC+tmP/Hy7iY/z+UWa/d6/bcvKBD1+3ZvwdSj//Y/sorZzrvm+m8dabz+pmelzjY8+KZnhea2XkyeXFaDtkbNfJiAAAOBDH/n52W8/P/9vKT3Pytnp/IzxvGl58fIPn5wT7/Jf+X/xeT/wMAvLzF/D/+2mP8+3//nJazf7denp4TX54uT59q/DSdp8/0PJt5APMAxcwDAAC8vHSNZUqTf8/+Y+ky+3v2eb+Xf27O+s2qjP2OfQgXbN08PHzeJZvWDG0dPm/jxWuGt5x36eZ1W7cOb6yt127emJu3pHljV6ik+6Pxetm8bX769xDm5/w9hOz6MeyRYzcm/z2EbLOzC/6OwL7j11x/845faYr1G42PvOOdF/+jOetH9eN/4SdOPG/tlvPWbVy3dd3Q+nXbhieuN5q19kzjezPjbpnW92ZmfkxSmv73d3amH6VJ/ehK90fe97MnmX4sSHuyIO/7D3L6/fN//dKnjx356x0hDB5Wfk1b+y9ZMfJP5wx/cOvuX28a7X9pyv7X10z7VfR9pdn14/ZU1l+8ZesJay++ZGP2GyVbE+czSvXyDM1npE//cpPzE6tz6qc7P1GedOPA1PT8BAAAE8T3/+P1bHz/8IvpBVSsbz5Pb+/949w8fbC5PD37vWRFeXp2/bi9zebp1Tbz9Gz7RXl6o/Ub5el5eXde/A/nrD9dzY+T9j7nkTtOzm9unGS/z6BonGTXn+44SdocJ9n2i8ZJo/UbjZO8454X/0M56+dpfjy097mc3PFwc3Pj4fWZctF4yK4/3fFQanM8ZNsvGg+N1m80HvKOb178s3LWb9bE8TE6MMbGxfB5l168+VPj1pvp779ov38z+/0frWq+/zP7ua+Z7//Mfq5s5vvf3ufKcvv/WHszYc33f2a/36VV+22+Nv2wWdHnz4rmcVfl1E93HnfWpBsHJvO48NKJ+X98uyfm/zeky06/DXTwf0+a7zFrGL9D32NWdB3j9XyKxg4AXs8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmtNdWTS23H3tlr1nHfHen39u+IWrPvDjDVe/7orv/mHgwnf97M6e77y4a83Ra3/znkMuvPeTp++85RsPPD/37r89VRi4r7Y4Pi1WQ0ieSUKo/mTPVz6/65HDR+uSEEI56dsewoJk4QMLkkyEwb+EENbU+znxzrteOGnt6PLqG7on1M/PBMluV+gtx/5M6Ge4rHCLOAhV03G2be+lJ4TfvnPVNb9c/IPvd+14evu+VZLquPEUwrzzxz++K4QwO/0/Ko62RfHB6XJlCKFn3ONOK+jXMU32f1lO+ch0OStd9hbEifcvyZRLmfWy5agrs+wpaK9def1odb0iczLl7MmoXXn9jPUL0uWP0uXx04xfjv+TUEpCpd799cm+MRLGHbckJGPHslovl+rHNqTbnyknmXIpUy53ZbZrrN10oJWTZGJ9XC9TH0/HlbT+6PHn6gbOzql/dbqspk/UF2M5ZG/U9E66Ud+uMbFfe6boy/5QGncOalRfP/DpwehN63qThZMeM9JAvG/XqhuXllc/uLsvpx/JnUkaP2kp/rZfLJjz8e9df8mivPjnl9L4pZbi/+6MR5899/pvfz03/s0xfrml+Cfe1/PMGQ9duyR3/+yJ+6fSUvyhpx6+afGhF+zI7f+tMX61pfgrdj7aPXfvfffn9n8w7p/ZLcV/8q3v+/0dj9/zdG78EOP3tBR/9c5NX+ju33tcbvz74/7pbW38PLfj1Cf6+/84kBf/sRh/bkvxb99+y1tum3/D6bnHd2XcP30txT/z2HuvmbP3nqPyzp3JrZ165QR4ZTokvca6Li23mme2a1y+8LWBSu2ab076f24nG8oYbWfeDMYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODl6VdXnvyxc97xoVWVJIQkZ52RBuJ95VkrVgy00O7QUw/ftPjQC3aMr1vUQhwAAACgWMzDS/WaalgULk1mhyMbrh/nCI6MpWRifXYOIcbJzhG0GqfUoTjlDsWpdChOV4fizOpQnO4OxakWxKmG5uLMnjJOqen+9HQoTm+H4szpUJy5HYozr0Nx5ncoTt+UcZofhws6FGdhh+Ic0qE4h3YozmEdivOqDsU5vENxsnPK0x2Hc9M1j8iLM3ajXBinkpTrdzSaT4/tHNVmO71NtpP7etxkO7ObbOeYzONK02yn2mQ7r22znaTJdl7fZjulgnbiuL0s27/YTiw1Of4v71CcbR2Kc0WH4lzZoTifydRvazHOZzvUn6vajAPQrJj/78v3+kJ35W2hJz3jZGcBYr67eOzn5Ne7vBNSjPeaTP2sbLxsmGyinom3eLr9y04gZOItydR3TYhXqecjU8Srjo+3NHPnpO3N9i87oZDp3/GZ+u6ieNmJBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYQb+68uSPnfOOD60KSRj919BIA/G+8qwVKwZaaHfXqhuXllc/uHt8XXelhUAAAABAoZiHd9VrqqG7sjx0J7MmrFdN5wGqabncV1v2zwsrR5fJQGms3JMsmPJxlfRxy7Zu2LRsy+Xb3rhuw9BFwxcNb3zz8pOXnzp4yqmnLFu7bv3wYO1nCN0F8UIIY9MPWy7f9qmh9euHN2+pVWb7vyh93KK0nKSP639TGBxdXp32f2FBe6VJ7c3cjeKjBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/z67dhch5lXEAP+/M7Mx025iVfk1DsxnyUaIWTeJWUi3dFwQLbRKyFGS2upZgEyxumtAmJdaxDdjWBEVoCYRIvIjEYmvxph+2iP0gEKnRgBuDtEV7oRdKq5W05EJSRrI7Z3ZmMpPZjKVp4+93Me/MOc85z3vmYuH/7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8sKaqIxOV0bHxwSSEpEtNrYM4l82nabmPvl99fusPC8MnlzePFXJ9bAQAAAD0FHP4QGOkGAq5bMiGq6Y/LQ5NE2E29wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9/pqojE5XRsfGLkxCSLjW1DuJcNp+m5T76vvHOk597dXj4781jpT72AQAAAHqLOTzTGCmGUlgSBpKrWuris4EFbevb6+I+C+dY1/7soFvdkjnWXTPHuk/0qFtXv+4IAAAA8NEX83+uMTIUCrl5XfN/r1wf6xa11WXr135+KwAAAAD8b2L+LzRGSqGQKzXy+lzz/uK2uri+1//t4/plXdb3+n/+2vrV/+kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KNjqjoyURkdG88mISRdamodxLlsPk3LffRd9cLgP2859NDi5rFCro+NAAAAgJ5iDp+N3sVQyA2GgXDxdO4fvmn/019++tmREMJMzM/nw44N27bdvWrmNdatPHJo4AeH3/rOGXUrZ17P2wEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID3zVR1ZKIyOjZ+URJC0qWm1kGcy+bTtNxH39e/8KW/Pn78uTebx0p97AMAAAD0FnP4bPYvhlLIh3y4YvpTc9Y/LdO2vtszAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODCcc+37vvmhsnJjXd744033jTenO+/TAAAwPttUUhC7Rxduf583zUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBhMFUdmaiMjo0XkxCSLjW1DuJcNp+m5T76ps8fLcw7+cJLzWOlPvYBAAAAeos5fDb7F0MpDISBcPn0p07PBKbz/9AHeJMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh8pUdWSiMjo2Pi8JIelSU+sgzmXzaVruo+9jO/d9/uD879/cPFbI9bERAAAA0FPM4fnGSDEUcp8MhXB1/fNk64IkW792fi4wu25ry7LBOa+rtqzLznndrraT5eqnmVlXjPsNzVwb68pnris3rSuFRvtyy7qwp2XVvB73GQAAAOA8ivm/0BgZCoVcoSnn/qylfkjOBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6mKqOTFRGx8aTJISkS02tgziXzadpuY++9/3u45d87ee7tzePlfrYBwAAAOgt5vDZ7F8MpbAwfCwsnM79Yai1Ptb9q3Lq4KP//tvyEFZccWw413X/37x+44vtLyFkWosyIcyv90u69PvtHx69d2nt1OMhrLg8e/W59mvdMq09U9m4dtvhY1vP8sUAAADABSTm/4HGyFAo5O7qmv9j8j6n/D//3p2/vKz+Wk/kbSsyQ/V+mS79vrj0yb8sW/2Pt07n/7P1+8y+zQcva2k4M9ImSWujm7evO3bdgUw89Uz/bFv/+L185dtv/mfTjkdOzfQvhmJ9fEHjVuJPIk53m+nZ/NrmorQ2mdk7vua9vdXW/rku53/o9y8d//WC3e+e7v/OosFG/2vOcv6z9x+89eE91+87tK61fwih3Kn/2+/eHK78050Ptp9/sG3j5m+++bVN8uPakcUnDqzeX7qhtX/S1j9+/784/tienz7yvWdj//hbkeVL5tq/5ZlTktZe2XXpzpcfWL+gtX+my/lfvO3V4S3l7/6x/fx39Hn+tPbEtU/d/tqG9P72KQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvLVHVkojI6Np5JQki61NQ6iHPZfJqW++j7xi1H375t909+1DxW6mMfAAAAoLeYw2ezfzGUQj7kw+B07n+msnHttsPHtoahmdmkfs1Nbrln26c2bdl+1x3n6c4BAACAuYr5P9cYGQqF3NIwUM//o5u3rzt23YFMzP+ZmP833Tm5cUVo1L2y69KdLz+wfkHjOUEI0z8LKJ6u++xs3U03Hh068edvLOtYt2q27sjiEwdW7y/dEOtCc93K0Hg+8cS1T93+2ob0/sb9Ndd9+utbJuuPJ+K+g7c+vOf6fYfWNc5Rvw7W9411k5m942ve21uNddn6tVg/NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwpqnqyERldGw8ZENIutTUOohz2Xyalvvou2bprx685ORzC5vHCrk+NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7IDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWF/foJjauI4wA+s5uYbTZpk1YwKqZpVZR6sCiI6EVFRVqRgqdKkWprD6IgiCj1YCqpWKriRbB6KaKCGqWgYGOxtEoq/itePKigUD0IpRjQhuJBJcnMdvOaZ/SlCtrPB5bZmX3v+37vzWSyCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyndHUMTLeHtj84edt5N33y+D3HH7vlvfu3XfLo6z8Mbbrh4z3dr5wY37xiy9c3Ltu07941Y7tePPhL7zu/HZk3+JGZZlXqNkKIx2IIjfcnnnti/NNzpsZiCKEe+4ZD6I9LD/bHQsLqX0MIm1t1zv7w7eNXbplqt+3smjW+pBBSvK/QrOd6ZvTNrpf/l0ZaZ1snH74sfHv9+pHPl7/1Zufo0eGTh8RG23oKYfHG9vM7QwiL0mtKXm0D+eTUrgshdLedd/U8dV34F+u/vKR/fmrPSm1znpz8+cpCv1Y4rtjPOgtt9zzXW6iyOqoeN5+eQr+4GS1UWZ15vD+176Z21d/Mr+dXDLUYOlrl3xdPrpHQNm8xxOm5bLT6tdbchnT/hX4s9GuFfr2zcF/T100LrR7j7PF8XGE8b8cdaXxF+149h9tLxs9NbSP9oZ7I/VB8M6N5ypvWfU3LdU38SS3/hlrbHjTXeGvi02Q001gzLj3lnN/nkD8bX//UxfUNHxzqK6kj7okpP1bK3/pZf8+db+x4aKAsf2Mt5dcq5X+39vBPd+x46YXS/Gdzfr1S/hX7u4+t/XD7ytLnM5GfT0el/LuOfPT08rPvHi2tf3fOb1TKv27scFfv5P4DpfWvzs9nUaX8b669+fvXvtx7tDQ/5PzuSvkbxh54pmtw8tLS/AP5+TSrrZ+fR6/6anDwx6Gy/C9yfm+l/FeHd13z8pKda0rnd11+Pn2V8m+9aN9Iz+TeC8r2zrj7dP3nBDhzjLRtqsvSd6wnU7/q78yFavu98PxQx8x3vp706j2dFyqYus7ifzAfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bggAQAAABA0P/X7QgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACApwIAAP//hBI3OQ==") 3m45.691450817s ago: executing program 1 (id=2011): setitimer(0x2, &(0x7f0000000580)={{0x77359400}, {0x0, 0xea60}}, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xffffffffffffffff}, 0x0) setitimer(0x2, 0x0, 0x0) 3m39.843196714s ago: executing program 1 (id=2042): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x300001, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 3m38.816569533s ago: executing program 1 (id=2046): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000045c0)={0x14, r1, 0x1}, 0x14}}, 0x40) 3m36.577356196s ago: executing program 1 (id=2059): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000100004"], 0x24}}, 0x0) 3m34.001174005s ago: executing program 34 (id=2059): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000100004"], 0x24}}, 0x0) 8.75256808s ago: executing program 7 (id=3220): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x0, 0x83, 0xec, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0x2, 0x0, 0xa}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000040)={0x84, &(0x7f0000000000)={0x40, 0x30, 0xc, "008000010a01000000000080"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 5.579179394s ago: executing program 5 (id=3237): unshare(0x24060400) r0 = timerfd_create(0x7, 0x800) timerfd_settime(r0, 0x3, &(0x7f00000003c0)={{}, {0x77359400}}, 0x0) 4.676904888s ago: executing program 7 (id=3239): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10) getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000480)) 4.543853915s ago: executing program 2 (id=3240): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x28, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x40000) 4.485448294s ago: executing program 3 (id=3241): r0 = socket(0x2000000000000021, 0x2, 0x2) shutdown(r0, 0x2) shutdown(r0, 0x2) 4.357379324s ago: executing program 5 (id=3242): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x11, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) fdatasync(r0) 4.076089986s ago: executing program 6 (id=3243): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000040)="0d000000010001", 0x7) 3.655183671s ago: executing program 7 (id=3244): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) read$FUSE(r0, &(0x7f0000000440)={0x2020}, 0x2020) 3.501377624s ago: executing program 3 (id=3245): r0 = getpid() syz_pidfd_open(r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 3.496174517s ago: executing program 2 (id=3246): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='attr\x00') getdents64(r0, &(0x7f0000001fc0)=""/4086, 0xff6) mknodat(r0, &(0x7f0000000000)='./file0\x00', 0x8, 0x101) 3.427286815s ago: executing program 6 (id=3247): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0b0400000000000000000200000028000480240001800b000100657874686472000014000280080001400200000008000640000000020900010073797a30000000000900020073797a3200000000050007"], 0x84}}, 0x0) 3.291046335s ago: executing program 5 (id=3248): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r0) sendmsg$IEEE802154_LIST_PHY(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r1, 0x30b}, 0x14}}, 0x0) 2.931243559s ago: executing program 3 (id=3249): r0 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x7005, 0x0) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x1337) 2.659790081s ago: executing program 6 (id=3250): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) sendmmsg(r0, &(0x7f0000002940)=[{{0x0, 0x4a, &(0x7f0000000100)=[{&(0x7f00000001c0)}], 0x1}}], 0x1, 0x0) ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d2, &(0x7f0000000100)) 2.512780128s ago: executing program 2 (id=3251): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e6400000000180002801400088008"], 0x48}}, 0x0) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 2.301830707s ago: executing program 5 (id=3252): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="18000000240011030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r0, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000004c0)=""/77, 0x4d}, {&(0x7f0000000540)=""/4090, 0xffa}], 0x2}, 0xacd2}], 0x1, 0x10000, 0x0) 2.196557644s ago: executing program 3 (id=3253): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil) madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9) 1.812686313s ago: executing program 6 (id=3254): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x850}, 0x0) 1.653622846s ago: executing program 2 (id=3255): capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x7}) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)="39000000140081ae10003c000500018311001f9de60cbda816dc9f2c90c3c79f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb3", 0x39}], 0x1}, 0x0) 1.612578714s ago: executing program 3 (id=3256): unshare(0x8020000) r0 = semget$private(0x0, 0x4000, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f00000002c0)=""/203) 1.456221442s ago: executing program 7 (id=3257): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000005280)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) setuid(r0) 1.357386864s ago: executing program 5 (id=3258): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000050000000000000f00000008000300", @ANYBLOB="050033"], 0x2c}}, 0x0) 990.984325ms ago: executing program 2 (id=3259): socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_UNLINK(r0, 0x40044160, 0x3) 937.536139ms ago: executing program 6 (id=3260): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000b"], 0x20}, 0x1, 0x0, 0x0, 0xc011}, 0x0) 851.308817ms ago: executing program 7 (id=3261): r0 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000001b40)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x4, 0x7, 0x19ef, 0x3, 0x7, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x5}}) 745.021407ms ago: executing program 3 (id=3262): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) wait4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0) 505.566038ms ago: executing program 5 (id=3263): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYBLOB="3d303030010000000000000030d3706f73652c6e6c733d63703837342c7569643d078e0a23304ed9a35342c01a964adf337017cc9d9f1e653f9f8de6cf9b9638f44ee1089ac3d1a9d42bf0904f16668c9fb68eda5d2e73344db87a3266f03a1c1f50f09739fc870a4cf8e108b9f8e174ecb0294f6c224ed544d1f9135cca8ba3fc8a230000000020e988c6266f97f6d64d819e1034ee3549883abfa1bf973b228909d82822d2fe45a8be6d2a947fef5f007e00"/194, @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f626172726965722c70617243d08e7cd54ad24890743d3078303030303030303030"], 0x20, 0x6de, &(0x7f0000000840)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3Esds4abvPR3p+v+f3+/N9X//es/3SygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9Mn8+6S/cZ54+HHH5y7/1Gjs1XJl6x+aVC7He0BI7TyJWYiopyvR1TZr79re/R3b6Suk+2404SdLRIHx629S2uU5kOct8DT7l5EeWKP5+sRJyJiKv8cEPnVoXTE4R26ka5yAAAA8HQqH1ThxUfxKDZj+mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5JpL89/+/n1fLVKvHG+4BvnzA/vdvHFEgAAAAAAAAAHD4JnaKZx7Fo9iM6WK7nWR/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYjxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUn2V/Pe4AAAAAYPxq+Xo6+V+n0E6y7/yvZN/7p+LdWI2NWI6NaMZSXM/uBXS+9Zf+2Wo0H2w1VtJld8ff+vdIcWQ9RkQ53ttn5NmsxqntFgvx3fhBnI+ZuBprsRw/isXYiKWYiVp6ELEYSdRrnbsX9SLO3njLeVdXekK52h/bmb7t01kktbgRy1lsF+JateitlNVI4nTXaH+qRvRl6L00O8k3c0Pm6HrX6/Xr/L5Mrv3ikH2MRz078ontjMymuc+z8dLeuS+MOE/6R5qL0vY9qJM7o6Sb/SMVOf/hKDk/ka/TXP+iN+eHbcRbaf2ZmI9SPvsiXunN+e0v3H+5t/GX/vW3qzdLq7du3lg/P8ZDGquJotCfiUZXJl4dPPvyTDTTTLSGz8RE/xNTT3Ach6iaZ6NzYRvuavmdrLQYr3VNwXfieizFpZiNubgcs/H1mI9Gzww71ZPXSmOlNyfZuVbafX2rDQj+7Be7Kv3ygMpHK83LS1157b7S1bN9+TNXfhWzXVl6efDse5x3gcrn8kI6xs+233GeBj2ZyK/NRXTFG9Q+mfhtO31cb67eWru5eHvI8c7l6/S0fb/32vy7Jz6YJ5LOl/SKW8m2spzUivmS7vvMdrS9+armf3HptCvt2ndqe189pmM5vrfvmVrNP8Pt7qmz79U99zWyfae79vV8yol3opl9CukzczRZBWBoJ14/Ua09rP2j9mHt57WbtTenvj15efLz1Zj4e+XP5T+Ufl/6RvJ6fBg/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lpsNpfWxlioPuZYUTqwztYLw3UY9YjBYyV5oTrubDwFhf9MDcxGLcY0+h8jYkCd6hMPkYx/PqcT+VA6LH44LXumXR6heaVotXedSqxP7fcKTu687lG/tdj8b7unTi26ThngOXdxY+X2xfU7d7+yvLL49tLbS6vzly9dvtT42txXL95Ybi7Ndh6PO0pgHNbv3C0fdwwAAAAAAAAAAADAaPJ//b/x2P+ZoXJAnera+t4jnznqQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeUQtvxUQrkpibvTCbbj/YajTTpSjv1KxERCkikh9HJJ9EXInOEvWu7pL9xnnj4ccfnLv/UWOnr0pRvzSo3XBa+RIzEVHO1web3KOb3f1d6+qv9VjhJdtHmCbsbJE4OG7/DwAA//9tSfWT") syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1899051, 0x0, 0x0, 0x0, &(0x7f0000000140)) rmdir(&(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 281.392495ms ago: executing program 2 (id=3264): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="d800000012000186"], 0xd8}, 0x1, 0x0, 0x0, 0x1}, 0x20004440) recvmmsg$unix(r0, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000040)=""/54, 0x36}, {&(0x7f0000001200)=""/117, 0x75}, {&(0x7f0000001280)=""/23, 0x17}, {&(0x7f0000002380)=""/4106, 0x100a}, {&(0x7f00000012c0)=""/248, 0xf8}], 0x6}}], 0x1, 0x40000000, 0x0) 213.94444ms ago: executing program 6 (id=3265): r0 = socket(0x2, 0x5, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r0, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x84, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="300000000000000084000000010000000000ffff070200"/44, @ANYRES32=0x0, @ANYBLOB="18"], 0x48}], 0x1, 0x0) 0s ago: executing program 7 (id=3266): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000005c0)={0x28, r1, 0x9, 0x3, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048814}, 0x0) kernel console output (not intermixed with test programs): d_register: readreg error (reg=127, ret==0) [ 757.795537][T11283] hsr_slave_0: entered promiscuous mode [ 757.809037][T11283] hsr_slave_1: entered promiscuous mode [ 757.828112][T11283] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 757.836145][T11283] Cannot create hsr debugfs directory [ 758.398891][ T11] usb 6-1: USB disconnect, device number 11 [ 758.706403][T11343] netlink: 132 bytes leftover after parsing attributes in process `syz.6.2092'. [ 758.729164][ T5825] Bluetooth: hci4: command tx timeout [ 759.044336][T11283] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 759.070583][T11283] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 759.101399][T11283] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 759.126432][T11283] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 760.246881][T11283] 8021q: adding VLAN 0 to HW filter on device bond0 [ 760.477897][T11283] 8021q: adding VLAN 0 to HW filter on device team0 [ 760.548022][ T1110] bridge0: port 1(bridge_slave_0) entered blocking state [ 760.555776][ T1110] bridge0: port 1(bridge_slave_0) entered forwarding state [ 760.655731][ T4128] bridge0: port 2(bridge_slave_1) entered blocking state [ 760.663450][ T4128] bridge0: port 2(bridge_slave_1) entered forwarding state [ 760.810139][ T5825] Bluetooth: hci4: command tx timeout [ 761.553579][T11377] tmpfs: Cannot change global quota limit on remount [ 762.221089][T11384] loop3: detected capacity change from 0 to 1024 [ 762.422014][T11387] loop6: detected capacity change from 0 to 128 [ 762.584433][T11387] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 762.599897][T11387] ext4 filesystem being mounted at /273/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 762.675624][ T1110] hfsplus: b-tree write err: -5, ino 4 [ 762.705604][T11387] EXT4-fs warning (device loop6): ext4_dirblock_csum_verify:375: inode #2: comm syz.6.2112: No space for directory leaf checksum. Please run e2fsck -D. [ 762.721865][T11387] EXT4-fs error (device loop6): __ext4_find_entry:1626: inode #2: comm syz.6.2112: checksumming directory block 0 [ 762.930458][T11396] loop2: detected capacity change from 0 to 256 [ 762.991568][T11283] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 762.999678][T11396] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 763.011026][T11396] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 763.142858][ T7541] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 763.229751][T11396] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 764.139597][T11415] ieee802154 phy0 wpan0: encryption failed: -22 [ 764.619886][ T30] kauditd_printk_skb: 417 callbacks suppressed [ 764.619966][ T30] audit: type=1326 audit(1753063595.927:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 764.649684][ T30] audit: type=1326 audit(1753063595.937:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 764.672741][ T30] audit: type=1326 audit(1753063595.937:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5fadb8e9e3 code=0x7ffc0000 [ 764.695818][ T30] audit: type=1326 audit(1753063595.937:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5fadb8d45f code=0x7ffc0000 [ 764.723178][ T30] audit: type=1326 audit(1753063595.997:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5fadb8ea37 code=0x7ffc0000 [ 764.771892][T11423] loop6: detected capacity change from 0 to 512 [ 764.779929][ T30] audit: type=1326 audit(1753063596.087:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5fadb8d310 code=0x7ffc0000 [ 764.803672][ T30] audit: type=1326 audit(1753063596.087:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5fadb8e5ab code=0x7ffc0000 [ 764.838947][ T30] audit: type=1326 audit(1753063596.147:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5fadb8d60a code=0x7ffc0000 [ 764.861910][ T30] audit: type=1326 audit(1753063596.147:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5fadb8d60a code=0x7ffc0000 [ 764.884900][ T30] audit: type=1326 audit(1753063596.147:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.6.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5fadb8d217 code=0x7ffc0000 [ 764.894220][T11423] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 765.038895][T11423] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 765.059386][T11423] System zones: 0-2, 18-18, 34-34 [ 765.144805][T11423] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 765.158331][T11423] ext4 filesystem being mounted at /276/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 765.543914][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 765.556517][T11283] veth0_vlan: entered promiscuous mode [ 765.772664][T11283] veth1_vlan: entered promiscuous mode [ 766.056596][T11283] veth0_macvtap: entered promiscuous mode [ 766.138546][T11283] veth1_macvtap: entered promiscuous mode [ 766.295519][T11283] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 766.349028][T11283] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 766.387238][T11441] loop2: detected capacity change from 0 to 2048 [ 766.484990][T11441] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 766.513951][T11283] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.523515][T11283] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.533016][T11283] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.542799][T11283] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.686895][T11447] loop6: detected capacity change from 0 to 512 [ 766.822135][T11447] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 767.297049][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 767.746624][ T9511] IPVS: starting estimator thread 0... [ 767.850642][ T5869] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 767.869608][T11467] IPVS: using max 192 ests per chain, 9600 per kthread [ 768.128892][ T5869] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 768.141370][ T5869] usb 6-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00 [ 768.151050][ T5869] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 768.362375][ T5869] usb 6-1: config 0 descriptor?? [ 768.643281][T11466] loop2: detected capacity change from 0 to 32768 [ 768.667596][T11466] (syz.2.2142,11466,1):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 768.676894][T11466] (syz.2.2142,11466,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 768.986776][ T5869] kye 0003:0458:4018.0014: unbalanced delimiter at end of report description [ 769.032209][ T5869] kye 0003:0458:4018.0014: parse failed [ 769.038826][ T5869] kye 0003:0458:4018.0014: probe with driver kye failed with error -22 [ 769.237341][ T5869] usb 6-1: USB disconnect, device number 12 [ 770.689598][T11496] loop2: detected capacity change from 0 to 512 [ 770.810088][T11496] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 770.823556][T11496] ext4 filesystem being mounted at /448/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 770.842806][T11501] loop5: detected capacity change from 0 to 256 [ 770.877229][T11501] exfat: Deprecated parameter 'utf8' [ 770.884303][T11501] exfat: Deprecated parameter 'utf8' [ 770.893054][T11501] exfat: Deprecated parameter 'utf8' [ 770.898846][T11501] exfat: Deprecated parameter 'utf8' [ 771.172838][T11501] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xac5c0b1f, utbl_chksum : 0xe619d30d) [ 771.204141][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 771.277116][T11507] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2156'. [ 771.289124][T11507] tipc: Enabling of bearer rejected, failed to enable media [ 772.010359][T11521] loop5: detected capacity change from 0 to 16 [ 772.054462][T11521] erofs (device loop5): mounted with root inode @ nid 36. [ 772.122723][T11521] syz.5.2161: attempt to access beyond end of device [ 772.122723][T11521] loop5: rw=0, sector=48, nr_sectors = 16 limit=16 [ 772.137170][T11521] erofs (device loop5): read error -5 @ 43 of nid 36 [ 772.211106][T11521] syz.5.2161: attempt to access beyond end of device [ 772.211106][T11521] loop5: rw=0, sector=48, nr_sectors = 16 limit=16 [ 772.225061][T11521] erofs (device loop5): read error -5 @ 43 of nid 36 [ 773.394236][ T4128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 773.402630][ T4128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 773.561626][T11544] loop6: detected capacity change from 0 to 512 [ 773.606440][T11544] EXT4-fs: Ignoring removed oldalloc option [ 773.641931][ T4128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 773.650242][ T4128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 773.699948][T11544] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 773.798705][T11544] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2856c018, mo2=0002] [ 773.830019][T11544] System zones: 1-3, 19-19, 35-38 [ 773.894486][T11544] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 773.908249][T11544] ext4 filesystem being mounted at /288/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 774.363501][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 774.493610][T11557] loop2: detected capacity change from 0 to 1024 [ 774.553012][T11557] EXT4-fs: Ignoring removed mblk_io_submit option [ 774.636073][T11557] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 774.714929][T11557] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.2175: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 774.794866][T11557] EXT4-fs (loop2): Remounting filesystem read-only [ 775.087093][T11570] loop7: detected capacity change from 0 to 256 [ 775.114950][T11570] exfat: Deprecated parameter 'namecase' [ 775.192515][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 775.251157][T11570] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 777.109946][T11601] loop7: detected capacity change from 0 to 64 [ 778.007785][ T9511] usb 6-1: new full-speed USB device number 13 using dummy_hcd [ 778.257832][ T9511] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 778.267623][ T9511] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 778.339887][ T9511] usb 6-1: config 0 descriptor?? [ 778.381080][ T9511] cp210x 6-1:0.0: cp210x converter detected [ 778.604054][T11628] loop3: detected capacity change from 0 to 128 [ 778.744368][T11628] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 550, start 00050006) [ 778.744532][T11628] FAT-fs (loop3): Filesystem has been set read-only [ 778.849708][ T9511] usb 6-1: cp210x converter now attached to ttyUSB0 [ 779.033613][ T5869] usb 6-1: USB disconnect, device number 13 [ 779.090820][ T5869] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 779.143583][ T5869] cp210x 6-1:0.0: device disconnected [ 779.346029][T11634] loop3: detected capacity change from 0 to 512 [ 779.406106][T11634] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 779.487357][T11634] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2213: Invalid block bitmap block 0 in block_group 0 [ 779.562010][T11634] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 779.574021][T11634] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.2213: attempt to clear invalid blocks 983261 len 1 [ 779.589896][T11634] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.2213: Invalid inode table block 0 in block_group 0 [ 779.612913][T11634] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 779.627522][T11634] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 779.638254][T11634] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.2213: Invalid inode table block 0 in block_group 0 [ 779.693558][T11634] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 779.751516][T11634] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.2213: mark_inode_dirty error [ 779.813614][T11634] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 779.833655][T11634] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.2213: Invalid inode table block 0 in block_group 0 [ 779.889668][T11634] EXT4-fs (loop3): 1 truncate cleaned up [ 779.897916][T11634] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 780.217160][T11645] loop7: detected capacity change from 0 to 2048 [ 780.299946][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 780.335615][T11649] loop5: detected capacity change from 0 to 512 [ 780.386808][T11652] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 780.433651][T11649] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 780.548956][T11649] EXT4-fs (loop5): 1 truncate cleaned up [ 780.557385][T11649] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 781.032070][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 781.905749][T11673] loop2: detected capacity change from 0 to 512 [ 781.972983][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 781.973069][ T30] audit: type=1326 audit(1753063613.287:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11675 comm="syz.6.2231" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5fadb8e9a9 code=0x0 [ 782.039298][T11673] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 782.060694][T11673] EXT4-fs (loop2): orphan cleanup on readonly fs [ 782.085693][T11673] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.2229: corrupted inode contents [ 782.110535][T11673] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #16: comm syz.2.2229: mark_inode_dirty error [ 782.190952][T11673] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.2229: corrupted inode contents [ 782.207039][T11682] loop3: detected capacity change from 0 to 512 [ 782.222662][T11673] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.2229: mark_inode_dirty error [ 782.266315][T11673] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.2229: corrupted inode contents [ 782.338160][T11673] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 782.359725][T11673] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.2229: corrupted inode contents [ 782.397474][T11682] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 782.410895][T11682] ext4 filesystem being mounted at /478/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 782.448987][T11673] EXT4-fs error (device loop2): ext4_truncate:4597: inode #16: comm syz.2.2229: mark_inode_dirty error [ 782.498911][T11673] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 782.560830][T11673] EXT4-fs (loop2): 1 truncate cleaned up [ 782.572037][T11643] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 782.583058][T11643] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1 [ 782.684391][T11673] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 782.702664][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 782.710632][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 782.883318][T11689] loop5: detected capacity change from 0 to 2048 [ 782.960875][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 783.008974][T11689] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 783.103540][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 783.561248][ T3913] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 783.604854][ T3913] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 783.618026][ T3913] EXT4-fs (loop5): This should not happen!! Data will be lost [ 783.618026][ T3913] [ 783.628325][ T3913] EXT4-fs (loop5): Total free blocks count 0 [ 783.634794][ T3913] EXT4-fs (loop5): Free/Dirty block details [ 783.641503][ T3913] EXT4-fs (loop5): free_blocks=4096 [ 783.646972][ T3913] EXT4-fs (loop5): dirty_blocks=64 [ 783.657170][ T3913] EXT4-fs (loop5): Block reservation details [ 783.665119][ T3913] EXT4-fs (loop5): i_reserved_data_blocks=4 [ 783.741922][ T3913] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 44 with error 28 [ 784.251739][T11712] loop5: detected capacity change from 0 to 512 [ 784.279719][T11714] veth1_macvtap: left promiscuous mode [ 784.285717][T11714] macsec0: entered allmulticast mode [ 784.334951][T11715] veth1_macvtap: entered promiscuous mode [ 784.341462][T11715] veth1_macvtap: entered allmulticast mode [ 784.347715][T11715] macsec0: left allmulticast mode [ 784.353273][T11715] veth1_macvtap: left allmulticast mode [ 784.365142][T11712] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 784.491397][T11712] EXT4-fs (loop5): 1 truncate cleaned up [ 784.499994][T11712] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 784.689668][T11712] EXT4-fs error (device loop5): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.5.2240: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 784.736228][T11712] EXT4-fs (loop5): Remounting filesystem read-only [ 784.947227][T11721] loop6: detected capacity change from 0 to 2048 [ 784.996619][T11721] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 785.007258][T11721] NILFS (loop6): mounting unchecked fs [ 785.123370][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 785.183699][T11721] NILFS (loop6): recovery complete [ 785.239624][T11728] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 785.718057][T11734] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2252'. [ 785.774905][T11734] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2252'. [ 786.195851][T11744] loop7: detected capacity change from 0 to 512 [ 786.365092][T11744] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 786.378973][T11744] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 786.668800][T11753] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz.7.2257: invalid size [ 787.082649][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 787.381227][T11763] loop2: detected capacity change from 0 to 1024 [ 787.402760][T11763] EXT4-fs: Ignoring removed bh option [ 787.409000][T11763] EXT4-fs: inline encryption not supported [ 787.478087][T11763] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 787.550170][T11768] loop7: detected capacity change from 0 to 512 [ 787.566681][T11763] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 787.569826][T11768] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 787.612660][T11768] EXT4-fs error (device loop7): ext4_orphan_get:1419: comm syz.7.2266: bad orphan inode 131083 [ 787.627712][T11768] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 787.652431][T11763] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.2265: lblock 2 mapped to illegal pblock 2 (length 1) [ 787.715845][T11768] EXT4-fs error (device loop7): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.7.2266: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 787.731570][T11763] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 787.745441][T11763] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.2265: lblock 0 mapped to illegal pblock 48 (length 1) [ 787.782003][T11768] EXT4-fs error (device loop7) in ext4_delete_entry:2739: Corrupt filesystem [ 787.836057][T11763] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 787.845348][T11763] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2265: Failed to acquire dquot type 0 [ 787.931625][T11763] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 788.028071][T11763] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.2265: mark_inode_dirty error [ 788.078979][T11763] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 788.092126][T11763] EXT4-fs (loop2): 1 orphan inode deleted [ 788.100799][T11763] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 788.115439][ T3913] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:17: lblock 1 mapped to illegal pblock 1 (length 1) [ 788.143719][ T3913] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 788.152838][ T3913] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:17: Failed to release dquot type 0 [ 788.256891][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.298785][ T30] audit: type=1326 audit(1753063619.597:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11777 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 788.322156][ T30] audit: type=1326 audit(1753063619.597:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11777 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 788.345469][ T30] audit: type=1326 audit(1753063619.637:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11777 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 788.373807][ T30] audit: type=1326 audit(1753063619.637:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11777 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 788.396842][ T30] audit: type=1326 audit(1753063619.637:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11777 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 788.420781][ T30] audit: type=1326 audit(1753063619.637:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11777 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 788.444229][ T30] audit: type=1326 audit(1753063619.637:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11777 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 788.490000][T11779] program syz.5.2272 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 788.600143][T11763] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 788.664590][T11763] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 789.054709][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 789.125589][T11789] loop5: detected capacity change from 0 to 512 [ 789.169278][T11789] EXT4-fs: Ignoring removed oldalloc option [ 789.175527][T11789] EXT4-fs: Ignoring removed bh option [ 789.243998][T11789] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c118, mo2=0002] [ 789.291212][T11789] System zones: 1-12 [ 789.326656][T11789] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.2276: corrupted in-inode xattr: e_value size too large [ 789.425108][T11789] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.2276: couldn't read orphan inode 15 (err -117) [ 789.471642][T11789] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 789.766023][T11798] loop6: detected capacity change from 0 to 1024 [ 789.823933][T11798] EXT4-fs: Ignoring removed orlov option [ 789.879161][T11798] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 790.151191][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 790.442705][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 791.087865][T11820] loop7: detected capacity change from 0 to 512 [ 791.165769][T11820] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 791.286880][T11820] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 791.300684][T11820] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 791.607920][T11828] loop3: detected capacity change from 0 to 1764 [ 791.683321][T11828] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 791.695244][T11828] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 791.696451][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 792.399425][T11845] loop5: detected capacity change from 0 to 128 [ 792.427926][T11845] vfat: Unknown parameter 'rscard' [ 792.952519][T11854] loop6: detected capacity change from 0 to 2048 [ 793.112227][T11854] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 793.152952][T11864] loop2: detected capacity change from 0 to 1024 [ 793.163896][T11864] EXT4-fs: inline encryption not supported [ 793.170524][T11864] EXT4-fs: Ignoring removed i_version option [ 793.189382][T11864] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 793.217087][T11864] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.2304: lblock 2 mapped to illegal pblock 2 (length 1) [ 793.232267][T11864] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 793.241208][T11864] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.2304: lblock 0 mapped to illegal pblock 48 (length 1) [ 793.266278][T11864] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 793.276289][T11864] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2304: Failed to acquire dquot type 0 [ 793.315441][T11864] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 793.396886][T11864] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.2304: mark_inode_dirty error [ 793.451983][T11864] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 793.462845][T11864] EXT4-fs (loop2): 1 orphan inode deleted [ 793.471407][T11864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 793.490479][ T3913] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:17: lblock 1 mapped to illegal pblock 1 (length 1) [ 793.579536][ T3913] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 793.593368][ T3913] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:17: Failed to release dquot type 0 [ 793.615525][T11864] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.2304: Invalid inode table block 1 in block_group 0 [ 793.649407][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 793.702982][T11864] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 793.717508][T11864] EXT4-fs error (device loop2): ext4_setattr:5828: inode #2: comm syz.2.2304: mark_inode_dirty error [ 793.744007][T11872] Invalid logical block size (2046) [ 793.972119][T11870] loop7: detected capacity change from 0 to 2048 [ 794.109396][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 794.133031][T11870] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 794.139104][T11650] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 794.146057][T11870] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 794.207467][T11650] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 794.217654][T11650] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 0 [ 794.242475][ T5812] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 794.257805][ T5812] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 794.274487][ T5812] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 794.567254][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 795.016176][T11898] pimreg: entered allmulticast mode [ 795.044859][T11898] pimreg: left allmulticast mode [ 795.132202][T11903] loop2: detected capacity change from 0 to 256 [ 795.263296][ T30] audit: type=1800 audit(1753063626.577:517): pid=11903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2315" name=F26BC524B970A5BC277FE4FB38 dev="loop2" ino=1048767 res=0 errno=0 [ 797.294677][ T5825] Bluetooth: hci0: command 0x0406 tx timeout [ 797.728877][T11951] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2335'. [ 798.796495][T11968] loop5: detected capacity change from 0 to 512 [ 798.870961][T11966] loop7: detected capacity change from 0 to 2048 [ 798.926495][T11966] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024) [ 799.027296][T11968] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.2343: bad orphan inode 13 [ 799.056980][T11968] ext4_test_bit(bit=12, block=4) = 1 [ 799.062914][T11968] is_bad_inode(inode)=0 [ 799.067309][T11968] NEXT_ORPHAN(inode)=0 [ 799.071843][T11968] max_ino=32 [ 799.075274][T11968] i_nlink=1 [ 799.081087][T11968] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 799.085048][T11977] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 799.198856][T11968] EXT4-fs warning (device loop5): dx_probe:801: inode #2: comm syz.5.2343: Unrecognised inode hash code 20 [ 799.210925][T11968] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.2343: Corrupt directory, running e2fsck is recommended [ 799.269647][T11968] EXT4-fs warning (device loop5): dx_probe:801: inode #2: comm syz.5.2343: Unrecognised inode hash code 20 [ 799.281907][T11968] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.2343: Corrupt directory, running e2fsck is recommended [ 799.298205][ T30] audit: type=1800 audit(1753063630.607:518): pid=11968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2343" name="bus" dev="loop5" ino=18 res=0 errno=0 [ 799.777506][T11985] loop2: detected capacity change from 0 to 1024 [ 799.806285][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 799.892374][T11985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 799.905543][T11985] ext4 filesystem being mounted at /491/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 800.402771][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 800.553005][T12009] loop3: detected capacity change from 0 to 128 [ 800.590305][T12009] EXT4-fs: Ignoring removed nomblk_io_submit option [ 800.597414][T12009] EXT4-fs: Ignoring removed nomblk_io_submit option [ 800.620678][T11990] loop7: detected capacity change from 0 to 4096 [ 800.639866][T12009] EXT4-fs (loop3): Test dummy encryption mode enabled [ 800.700660][T12009] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 800.830179][T12009] ext4 filesystem being mounted at /505/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 801.110978][T11990] ntfs3(loop7): ino=b, mi_enum_attr [ 801.116555][T11990] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 801.158937][T11990] ntfs3(loop7): Failed to load $Extend (-22). [ 801.170361][T11990] ntfs3(loop7): Failed to initialize $Extend. [ 801.680475][T12009] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 801.772829][T12009] EXT4-fs (loop3): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 801.857307][T12026] loop6: detected capacity change from 0 to 2048 [ 802.069246][T12026] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 802.127662][ T5815] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 802.160827][T12034] loop5: detected capacity change from 0 to 1024 [ 802.223472][T12026] overlayfs: upper fs needs to support d_type. [ 802.234955][T12026] overlayfs: cleanup of 'work/#b' failed (-2) [ 802.241610][T12026] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 802.248988][T12026] overlayfs: failed to set xattr on upper [ 802.254953][T12026] overlayfs: ...falling back to redirect_dir=nofollow. [ 802.262271][T12026] overlayfs: ...falling back to index=off. [ 802.268325][T12026] overlayfs: ...falling back to uuid=null. [ 802.274755][T12026] overlayfs: conflicting lowerdir path [ 802.398766][T12034] hfsplus: bad catalog entry type [ 802.674721][ T3913] hfsplus: b-tree write err: -5, ino 4 [ 802.966079][T12051] netlink: 92 bytes leftover after parsing attributes in process `syz.6.2365'. [ 803.076279][T12043] loop2: detected capacity change from 0 to 4096 [ 803.625961][T12043] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 804.076672][T12064] loop6: detected capacity change from 0 to 16 [ 804.199372][T12064] erofs (device loop6): mounted with root inode @ nid 36. [ 804.223269][T12043] ntfs3(loop2): ino=19, mi_enum_attr [ 804.229232][T12043] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 805.004599][T12070] loop3: detected capacity change from 0 to 4096 [ 805.176538][T12083] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 806.473338][T12106] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2387'. [ 806.503644][T12105] loop3: detected capacity change from 0 to 256 [ 806.541618][T12105] exfat: Deprecated parameter 'namecase' [ 806.547707][T12105] exfat: Deprecated parameter 'namecase' [ 806.763155][T12105] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 806.950841][T12115] loop5: detected capacity change from 0 to 128 [ 807.038291][T12115] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 807.181427][T12115] ext4 filesystem being mounted at /359/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 808.172489][ T7037] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 810.079897][T12142] loop5: detected capacity change from 0 to 32768 [ 810.188213][T12142] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,fix_errors=ask,norecovery,nojournal_transaction_names,read_only [ 810.188529][T12142] allowing incompatible features above 0.0: (unknown version) [ 810.188628][T12142] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 810.230417][T12142] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 810.239772][T12142] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 810.248902][T12142] bcachefs (loop5): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive [ 810.248902][T12142] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 810.374412][T12142] bcachefs (loop5): btree node read error at btree lru level 0/0 [ 810.374521][T12142] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key 0:196608:0 durability: 1 ptr: 0:28:0 gen 0 [ 810.374636][T12142] loop5 node offset 0/16: incorrect min_key: got POS_MIN should be 0:196608:0 [ 810.374725][T12142] loop5 btree validate error [ 810.374796][T12142] flagging btree lru lost data [ 810.374871][T12142] running recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 810.374964][T12142] running recovery pass check_lrus (14), currently at recovery_pass_empty (0) [ 810.375058][T12142] running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0) [ 810.375159][T12142] running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0) [ 810.375256][T12142] ret btree_node_read_err_bad_node [ 810.469998][T12142] bcachefs (loop5): error reading btree root btree=lru level=0: btree_node_read_error, fixing [ 810.494453][T12142] bcachefs (loop5): btree node read error at btree freespace level 0/0 [ 810.494564][T12142] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0 [ 810.494680][T12142] loop5 node offset 0/32 bset u64s 0: invalid bkey format: field 4 too large: 0 + 4294967296 > 4294967295 [ 810.494783][T12142] u64s 3 fields 64:0, 64:0, 32:0, 0:0, 0:4294967296, 0:0 [ 810.494863][T12142] loop5 btree validate error [ 810.494933][T12142] flagging btree freespace lost data [ 810.495007][T12142] ret btree_node_read_err_bad_node [ 810.554030][T12142] bcachefs (loop5): error reading btree root btree=freespace level=0: btree_node_read_error, fixing [ 810.572272][T12142] bcachefs (loop5): btree node read error at btree backpointers level 0/0 [ 810.572384][T12142] u64s 11 type btree_ptr_v2 360287970189639679:U64_MAX:U32_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0 [ 810.572510][T12142] loop5 node offset 0/24 bset u64s 0: incorrect max key SPOS_MAX [ 810.572592][T12142] loop5 btree validate error [ 810.572663][T12142] flagging btree backpointers lost data [ 810.572743][T12142] running recovery pass check_btree_backpointers (15), currently at recovery_pass_empty (0) [ 810.572834][T12142] ret btree_node_read_err_bad_node [ 810.640532][T12142] bcachefs (loop5): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 810.659293][T12142] bcachefs (loop5): check_topology... done [ 810.672339][T12142] bcachefs (loop5): accounting_read... done [ 810.681784][T12142] bcachefs (loop5): alloc_read... done [ 810.695446][T12142] bcachefs (loop5): snapshots_read... done [ 810.705879][T12142] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean [ 810.717887][T12142] bcachefs (loop5): done starting filesystem [ 810.850584][ T7037] bcachefs (loop5): shutting down [ 810.880361][T12157] netlink: 'syz.2.2406': attribute type 3 has an invalid length. [ 810.899053][T12157] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2406'. [ 810.976807][ T7037] bcachefs (loop5): shutdown complete [ 812.615157][ T5869] kernel read not supported for file /1060/net/sockstat (pid: 5869 comm: kworker/0:4) [ 812.773938][T12190] loop3: detected capacity change from 0 to 2048 [ 812.931787][T12190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 813.322460][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 813.368104][T12206] loop2: detected capacity change from 0 to 64 [ 813.622392][T12206] hfs: request for non-existent node 327680 in B*Tree [ 813.629803][T12206] hfs: request for non-existent node 327680 in B*Tree [ 813.640202][T12206] hfs: request for non-existent node 327680 in B*Tree [ 813.647372][T12206] hfs: request for non-existent node 327680 in B*Tree [ 813.695244][T12206] hfs: request for non-existent node 327680 in B*Tree [ 813.703029][T12206] hfs: request for non-existent node 327680 in B*Tree [ 813.840056][T12214] overlayfs: conflicting lowerdir path [ 814.535143][T12228] loop3: detected capacity change from 0 to 256 [ 814.737212][T12228] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 814.751439][T12228] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 814.867784][ T30] audit: type=1800 audit(1753063646.177:519): pid=12228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2430" name="file2" dev="loop3" ino=1048769 res=0 errno=0 [ 815.572993][T12245] loop2: detected capacity change from 0 to 64 [ 816.016365][T12252] loop6: detected capacity change from 0 to 512 [ 816.242645][T12252] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 816.253935][T12252] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 816.264559][T12252] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2437: Failed to acquire dquot type 1 [ 816.465228][T12252] EXT4-fs (loop6): 1 truncate cleaned up [ 816.473735][T12252] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 816.487740][T12252] ext4 filesystem being mounted at /341/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 816.678220][T12252] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 816.689696][T12252] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 816.700347][T12252] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2437: Failed to acquire dquot type 1 [ 816.802331][T12273] loop2: detected capacity change from 0 to 512 [ 816.901013][T12273] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.2442: invalid block [ 816.941631][T12273] EXT4-fs (loop2): Remounting filesystem read-only [ 816.990193][T12273] EXT4-fs (loop2): 2 truncates cleaned up [ 816.998818][T12273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 817.131446][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 817.376294][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 817.729258][T12292] program syz.2.2448 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 818.165044][T12285] loop3: detected capacity change from 0 to 4096 [ 818.228975][T12285] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 818.484918][T12304] loop7: detected capacity change from 0 to 1024 [ 818.690264][T12285] ntfs3(loop3): ino=1a, mi_enum_attr [ 818.696052][T12285] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 818.784978][T12301] loop5: detected capacity change from 0 to 4096 [ 818.817509][T12301] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 818.831007][T12285] ntfs3(loop3): ino=1e, "file1" ntfs3_write_inode failed, -22. [ 819.195879][T12301] ntfs3(loop5): ino=0, attr_set_size [ 819.201942][T12301] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 819.213179][T12312] ntfs3(loop5): MFT: r=0, expect seq=0 instead of 1! [ 819.222618][T11650] hfsplus: b-tree write err: -5, ino 4 [ 819.327449][T12308] loop6: detected capacity change from 0 to 4096 [ 819.353406][T12308] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512). [ 820.851956][T12342] loop7: detected capacity change from 0 to 1024 [ 821.093706][T12342] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 821.107345][T12342] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 821.400070][T12351] loop2: detected capacity change from 0 to 256 [ 821.716795][T12345] loop3: detected capacity change from 0 to 32768 [ 821.787115][T12345] (syz.3.2468,12345,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #66: directory entry overrun - offset=88, inode=69, rec_len=1812, name_len=8 [ 821.804617][T12345] (syz.3.2468,12345,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 821.814187][T12345] (syz.3.2468,12345,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 2, possibly corrupt fs? [ 821.814384][T12345] (syz.3.2468,12345,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 821.836455][T12345] (syz.3.2468,12345,0):ocfs2_initialize_super:2198 ERROR: status = -22 [ 821.850568][T12345] (syz.3.2468,12345,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 822.117902][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 822.723195][T12371] netem: incorrect gi model size [ 822.728816][T12371] netem: change failed [ 823.289504][T12379] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2480'. [ 823.299072][T12379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2480'. [ 823.308578][T12379] netlink: 'syz.3.2480': attribute type 14 has an invalid length. [ 823.316658][T12379] netlink: 'syz.3.2480': attribute type 11 has an invalid length. [ 823.990029][T12385] loop6: detected capacity change from 0 to 4096 [ 824.281818][T12399] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2487'. [ 824.291692][T12399] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2487'. [ 824.325736][T12399] vlan2: entered allmulticast mode [ 824.331404][T12399] gretap0: entered allmulticast mode [ 824.349641][T12385] ntfs3(loop6): ino=1a, mi_enum_attr [ 824.355424][T12385] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 825.545924][T12421] team0: Port device bridge1 added [ 826.035964][T12417] loop5: detected capacity change from 0 to 32768 [ 826.057175][T12417] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2494 (12417) [ 826.090182][T12417] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 826.102096][T12417] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm [ 826.106912][T12426] loop2: detected capacity change from 0 to 1024 [ 826.111440][T12417] BTRFS info (device loop5): using free-space-tree [ 826.280839][ T3913] BTRFS warning (device loop5): checksum verify failed on logical 5341184 mirror 1 wanted 0xe51addfa found 0x6230e5ae level 0 [ 826.294813][T12417] BTRFS error (device loop5): failed to load root free space [ 826.323084][T12417] BTRFS error (device loop5): open_ctree failed: -5 [ 826.503749][T12448] macsec1: entered promiscuous mode [ 826.509536][T12448] macsec1: entered allmulticast mode [ 826.976711][ T3913] hfsplus: b-tree write err: -5, ino 4 [ 827.809619][T12466] loop7: detected capacity change from 0 to 1024 [ 828.013977][T12459] loop5: detected capacity change from 0 to 32768 [ 828.035361][T12459] bcachefs (/dev/loop5): error validating superblock: Invalid time precision: 0 (min 1, max 1000000000) [ 828.047527][T12459] bcachefs: bch2_fs_get_tree() error: invalid_sb_time_precision [ 828.085880][T12469] loop3: detected capacity change from 0 to 1024 [ 828.563452][T12469] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.2505: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 828.599603][T12469] EXT4-fs error (device loop3): ext4_quota_enable:7127: comm syz.3.2505: Bad quota inode: 3, type: 0 [ 828.712807][T12469] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 828.955118][T12469] EXT4-fs (loop3): mount failed [ 829.583981][T12477] loop2: detected capacity change from 0 to 40427 [ 829.595388][T12477] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 829.602975][T12477] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 829.636543][T12477] F2FS-fs (loop2): build fault injection rate: 17008 [ 829.643946][T12477] F2FS-fs (loop2): build fault injection type: 0x6 [ 829.651408][T12477] F2FS-fs (loop2): build fault injection rate: 25 [ 829.675224][T12477] F2FS-fs (loop2): invalid crc value [ 829.715734][T12477] F2FS-fs (loop2): inject kvmalloc in f2fs_kvmalloc of f2fs_build_segment_manager+0x53a7/0x54d0 [ 829.727113][T12477] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-12) [ 829.767004][T12494] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2510'. [ 829.777357][T12494] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2510'. [ 829.798823][T12494] netlink: 'syz.6.2510': attribute type 19 has an invalid length. [ 830.867996][T12508] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2515'. [ 830.877759][T12508] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2515'. [ 830.904722][T12508] macvlan2: entered promiscuous mode [ 830.910483][T12508] macvlan2: entered allmulticast mode [ 830.916141][T12508] bridge0: entered allmulticast mode [ 831.349048][T12504] loop5: detected capacity change from 0 to 32768 [ 831.359204][T12504] ocfs2: Bad value for 'heartbeat' [ 833.108722][T12526] loop5: detected capacity change from 0 to 32768 [ 833.122565][T12526] XFS: attr2 mount option is deprecated. [ 833.187872][T12526] XFS (loop5): Metadata CRC error detected at xfs_sb_read_verify+0x5c7/0x640, xfs_sb block 0x0 [ 833.199427][T12526] XFS (loop5): Unmount and run xfs_repair [ 833.205432][T12526] XFS (loop5): First 128 bytes of corrupted metadata buffer: [ 833.218604][T12526] 00000000: 58 46 53 42 00 00 10 00 00 00 00 00 00 00 10 00 XFSB............ [ 833.227788][T12526] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 833.238761][T12526] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 833.247927][T12526] 00000030: 00 00 00 00 00 00 00 06 00 00 00 00 00 00 11 40 ...............@ [ 833.257644][T12526] 00000040: 00 00 00 00 00 00 11 41 00 00 00 00 00 00 11 42 .......A.......B [ 833.266936][T12526] 00000050: 00 00 00 01 00 00 10 00 00 00 00 01 00 00 00 00 ................ [ 833.276270][T12526] 00000060: 00 00 04 3e b4 b5 02 00 04 00 00 04 00 00 00 00 ...>............ [ 833.285665][T12526] 00000070: 00 00 00 00 00 00 05 00 00 00 0a 02 0c 00 00 0a ................ [ 833.295180][T12526] XFS (loop5): SB validate failed with error -74. [ 833.852286][T12545] loop3: detected capacity change from 0 to 256 [ 833.873160][T12545] exfat: Deprecated parameter 'namecase' [ 833.953111][T12550] loop7: detected capacity change from 0 to 64 [ 833.979009][T12549] loop2: detected capacity change from 0 to 256 [ 834.143579][T12545] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 834.316790][T12549] FAT-fs (loop2): Directory bread(block 64) failed [ 834.324382][T12549] FAT-fs (loop2): Directory bread(block 65) failed [ 834.332504][T12549] FAT-fs (loop2): Directory bread(block 66) failed [ 834.344777][T12549] FAT-fs (loop2): Directory bread(block 67) failed [ 834.353471][T12549] FAT-fs (loop2): Directory bread(block 68) failed [ 834.360505][T12549] FAT-fs (loop2): Directory bread(block 69) failed [ 834.367476][T12549] FAT-fs (loop2): Directory bread(block 70) failed [ 834.374537][T12549] FAT-fs (loop2): Directory bread(block 71) failed [ 834.381849][T12549] FAT-fs (loop2): Directory bread(block 72) failed [ 834.389886][T12549] FAT-fs (loop2): Directory bread(block 73) failed [ 835.518897][T12579] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2536'. [ 836.788759][ T5871] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 836.870815][T12604] tipc: Enabling of bearer rejected, failed to enable media [ 837.007183][ T5871] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 837.017240][ T5871] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 837.080271][ T5871] usb 4-1: config 0 descriptor?? [ 837.133736][ T5871] cp210x 4-1:0.0: cp210x converter detected [ 837.538924][ T5871] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -121 [ 837.639487][T12613] loop6: detected capacity change from 0 to 512 [ 837.763731][ T5871] cp210x 4-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 837.771896][ T5871] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 837.779495][T12613] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 837.794690][T12613] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 837.805220][T12613] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2551: Failed to acquire dquot type 1 [ 837.817662][ T5871] usb 4-1: cp210x converter now attached to ttyUSB0 [ 837.857074][ T5871] usb 4-1: USB disconnect, device number 8 [ 837.886295][ T5871] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 837.895603][ T5871] cp210x 4-1:0.0: device disconnected [ 837.938108][T12613] EXT4-fs (loop6): 1 truncate cleaned up [ 837.946510][T12613] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 837.960000][T12613] ext4 filesystem being mounted at /361/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 838.099729][T12613] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 838.113463][T12613] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 838.124047][T12613] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2551: Failed to acquire dquot type 1 [ 838.670663][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 840.685071][T12681] netlink: 64 bytes leftover after parsing attributes in process `syz.7.2575'. [ 841.312312][T12687] loop3: detected capacity change from 0 to 764 [ 841.352194][T12687] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 843.193462][T12723] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 843.345711][T12725] loop7: detected capacity change from 0 to 64 [ 843.593001][T12730] loop2: detected capacity change from 0 to 128 [ 844.129686][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 844.136565][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 845.488606][T12765] loop3: detected capacity change from 0 to 256 [ 845.524313][T12767] ip6tnl0: Master is either lo or non-ether device [ 845.555712][T12765] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 845.569601][T12765] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 845.789498][T12765] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 846.783351][T12790] loop2: detected capacity change from 0 to 2048 [ 846.895965][T12790] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 847.614329][T12808] loop6: detected capacity change from 0 to 256 [ 847.755332][T12808] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 849.646359][T12852] loop5: detected capacity change from 0 to 16 [ 849.707063][T12852] erofs (device loop5): mounted with root inode @ nid 36. [ 849.783286][T12852] erofs (device loop5): readahead error at folio 26 @ nid 36 [ 849.791395][T12852] erofs (device loop5): readahead error at folio 25 @ nid 36 [ 849.799346][T12852] erofs (device loop5): readahead error at folio 24 @ nid 36 [ 849.807510][T12852] erofs (device loop5): readahead error at folio 23 @ nid 36 [ 849.815442][T12852] erofs (device loop5): readahead error at folio 22 @ nid 36 [ 849.823545][T12852] erofs (device loop5): readahead error at folio 21 @ nid 36 [ 849.831519][T12852] erofs (device loop5): readahead error at folio 20 @ nid 36 [ 849.839765][T12852] erofs (device loop5): readahead error at folio 18 @ nid 36 [ 849.847529][T12852] erofs (device loop5): readahead error at folio 16 @ nid 36 [ 849.856879][T12852] erofs (device loop5): readahead error at folio 12 @ nid 36 [ 849.871283][T12852] syz.5.2640: attempt to access beyond end of device [ 849.871283][T12852] loop5: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 849.885942][T12852] syz.5.2640: attempt to access beyond end of device [ 849.885942][T12852] loop5: rw=524288, sector=525144, nr_sectors = 16 limit=16 [ 849.900707][T12852] syz.5.2640: attempt to access beyond end of device [ 849.900707][T12852] loop5: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 849.915024][T12852] syz.5.2640: attempt to access beyond end of device [ 849.915024][T12852] loop5: rw=524288, sector=13716630376, nr_sectors = 8 limit=16 [ 849.985071][T12858] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2642'. [ 849.994593][T12858] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2642'. [ 850.004090][T12858] netlink: 'syz.2.2642': attribute type 7 has an invalid length. [ 850.582146][T12867] loop7: detected capacity change from 0 to 256 [ 850.626905][T12869] netlink: 'syz.5.2647': attribute type 2 has an invalid length. [ 850.770489][T12872] loop3: detected capacity change from 0 to 256 [ 850.978738][ T30] audit: type=1804 audit(1753063682.332:520): pid=12872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2648" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=1048791 res=1 errno=0 [ 851.612780][T12889] loop3: detected capacity change from 0 to 256 [ 851.652081][T12889] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 851.711096][T12889] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 851.723956][T12889] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 851.732183][T12889] UDF-fs: Scanning with blocksize 512 failed [ 851.766968][T12889] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 851.837579][T12889] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 852.170242][T12899] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2656'. [ 852.180188][T12899] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2656'. [ 852.230876][T12897] loop5: detected capacity change from 0 to 1024 [ 852.326407][T12897] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 852.459774][T12910] netlink: 'syz.2.2661': attribute type 10 has an invalid length. [ 852.469002][T12910] bridge0: port 2(bridge_slave_1) entered disabled state [ 852.477792][T12910] bridge0: port 1(bridge_slave_0) entered disabled state [ 852.502628][T12910] bridge0: port 2(bridge_slave_1) entered blocking state [ 852.510354][T12910] bridge0: port 2(bridge_slave_1) entered forwarding state [ 852.519334][T12910] bridge0: port 1(bridge_slave_0) entered blocking state [ 852.527180][T12910] bridge0: port 1(bridge_slave_0) entered forwarding state [ 852.556012][T12910] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 852.568938][T12897] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 852.685603][T12913] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2661'. [ 852.695476][T12913] bridge_slave_1: left allmulticast mode [ 852.701645][T12913] bridge_slave_1: left promiscuous mode [ 852.708577][T12913] bridge0: port 2(bridge_slave_1) entered disabled state [ 852.838116][T12913] bridge_slave_0: left allmulticast mode [ 852.847174][T12913] bridge_slave_0: left promiscuous mode [ 852.854366][T12913] bridge0: port 1(bridge_slave_0) entered disabled state [ 852.964216][T12916] loop6: detected capacity change from 0 to 512 [ 853.092929][T12913] bond0: (slave bridge0): Releasing backup interface [ 853.098039][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 853.182963][T12916] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 853.196987][T12916] ext4 filesystem being mounted at /374/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 853.347423][T12916] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #2: comm syz.6.2660: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 853.439925][T12928] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2664'. [ 853.452429][T12928] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2664'. [ 853.774537][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 854.401721][T12943] netlink: 'syz.7.2669': attribute type 1 has an invalid length. [ 854.529525][T12932] loop2: detected capacity change from 0 to 4096 [ 854.965164][T12949] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2671'. [ 854.975002][T12949] netlink: 72 bytes leftover after parsing attributes in process `syz.7.2671'. [ 856.177588][T12969] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2679'. [ 857.939881][T13004] loop5: detected capacity change from 0 to 16 [ 857.978059][T13004] erofs (device loop5): mounted with root inode @ nid 36. [ 858.072062][T13004] erofs (device loop5): readahead error at folio 2 @ nid 89 [ 858.082244][T13004] erofs (device loop5): readahead error at folio 0 @ nid 89 [ 858.090535][T13004] syz.5.2693: attempt to access beyond end of device [ 858.090535][T13004] loop5: rw=524288, sector=524296, nr_sectors = 8 limit=16 [ 858.111198][T13004] syz.5.2693: attempt to access beyond end of device [ 858.111198][T13004] loop5: rw=0, sector=524296, nr_sectors = 8 limit=16 [ 858.126802][T13004] erofs (device loop5): read error -5 @ 0 of nid 89 [ 858.144242][ T30] audit: type=1800 audit(1753063689.550:521): pid=13004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2693" name="file2" dev="loop5" ino=89 res=0 errno=0 [ 858.315637][ T1851] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 858.493107][ T1851] usb 4-1: Using ep0 maxpacket: 8 [ 858.525602][ T1851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 858.537348][ T1851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 858.547771][ T1851] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 858.561331][ T1851] usb 4-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00 [ 858.570872][ T1851] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 858.587064][ T1851] usb 4-1: config 0 descriptor?? [ 858.990118][T13016] loop6: detected capacity change from 0 to 4096 [ 859.113838][ T1851] waltop 0003:172F:0501.0015: hidraw0: USB HID v0.00 Device [HID 172f:0501] on usb-dummy_hcd.3-1/input0 [ 859.248041][ T1851] usb 4-1: USB disconnect, device number 9 [ 859.386685][T13016] ntfs3(loop6): ino=1a, mi_enum_attr [ 859.392340][T13016] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 859.568102][T13046] loop7: detected capacity change from 0 to 2048 [ 859.649808][T13050] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 860.245294][T13058] netlink: 'syz.2.2706': attribute type 1 has an invalid length. [ 860.253757][T13058] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2706'. [ 861.096472][T13071] ./file0: Can't lookup blockdev [ 863.027416][T13101] loop7: detected capacity change from 0 to 4096 [ 863.138432][T13101] NILFS (loop7): invalid segment: Checksum error in segment payload [ 863.149744][T13101] NILFS (loop7): trying rollback from an earlier position [ 863.278087][T13101] NILFS (loop7): recovery complete [ 863.350927][T13116] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 863.766247][T13118] loop6: detected capacity change from 0 to 256 [ 863.795753][T13118] exfat: Deprecated parameter 'utf8' [ 863.802397][T13118] exfat: Deprecated parameter 'utf8' [ 863.923717][T13121] loop5: detected capacity change from 0 to 512 [ 863.949454][T13118] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d) [ 863.954338][T13121] EXT4-fs: Ignoring removed mblk_io_submit option [ 864.069839][T13121] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 864.112226][T13121] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 864.200525][T13121] EXT4-fs (loop5): orphan cleanup on readonly fs [ 864.304042][T13121] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2732: Invalid block bitmap block 0 in block_group 0 [ 864.378407][T13121] EXT4-fs (loop5): Remounting filesystem read-only [ 864.404838][T13121] Quota error (device loop5): write_blk: dquota write failed [ 864.467898][T13121] Quota error (device loop5): write_blk: dquota write failed [ 864.476242][T13121] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota [ 864.486880][T13121] EXT4-fs (loop5): 1 orphan inode deleted [ 864.597452][T13121] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 865.098208][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 865.688254][T13159] loop5: detected capacity change from 0 to 1024 [ 865.848374][T13159] hfsplus: invalid extended attribute record [ 866.019781][T13167] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2747'. [ 866.177267][ T3529] hfsplus: b-tree write err: -5, ino 4 [ 866.644996][T13178] loop7: detected capacity change from 0 to 128 [ 866.706091][T13178] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 866.719831][T13183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2753'. [ 867.039070][T13186] loop3: detected capacity change from 0 to 128 [ 867.155874][T13186] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 867.245315][T13186] ext4 filesystem being mounted at /585/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 867.315904][ T3913] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 867.416663][ T5815] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 868.312458][T13210] loop3: detected capacity change from 0 to 512 [ 868.331153][T13211] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2763'. [ 868.478601][T13210] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 868.499480][T13210] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 868.511902][T13210] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.2765: Corrupt directory, running e2fsck is recommended [ 868.601547][T13210] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 868.642125][T13210] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.2765: corrupted in-inode xattr: invalid ea_ino [ 868.712076][T13210] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2765: couldn't read orphan inode 15 (err -117) [ 868.758426][T13210] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 868.944423][T13210] EXT4-fs: group quota file already specified [ 869.070866][T13229] loop5: detected capacity change from 0 to 512 [ 869.096234][T13226] loop7: detected capacity change from 0 to 1024 [ 869.128105][T13229] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 869.181936][T13229] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.2769: invalid block [ 869.272172][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 869.282646][T13229] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.2769: invalid indirect mapped block 4294967295 (level 1) [ 869.326722][T13229] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.2769: invalid indirect mapped block 4294967295 (level 1) [ 869.358689][T13229] EXT4-fs (loop5): 2 truncates cleaned up [ 869.367275][T13229] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 869.696277][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 869.947221][T13243] loop2: detected capacity change from 0 to 1024 [ 870.075276][T13243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 870.088400][T13243] ext4 filesystem being mounted at /586/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 870.369395][T13258] loop5: detected capacity change from 0 to 256 [ 870.515118][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 872.520067][T13303] loop7: detected capacity change from 0 to 64 [ 873.053816][T13311] loop5: detected capacity change from 0 to 512 [ 873.271015][T13311] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 873.289102][T13311] ext4 filesystem being mounted at /437/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 873.919784][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 873.931017][T13331] smc: net device bond0 applied user defined pnetid SYZ0 [ 874.243333][T13329] loop7: detected capacity change from 0 to 4096 [ 874.285449][T13329] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512). [ 874.651324][ T30] audit: type=1800 audit(1753063706.142:522): pid=13329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2800" name="file1" dev="loop7" ino=30 res=0 errno=0 [ 874.695091][T13335] loop3: detected capacity change from 0 to 4096 [ 874.787169][T13335] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 875.161664][T13349] loop5: detected capacity change from 0 to 1024 [ 876.415275][T13375] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 876.422247][T13375] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 876.430661][T13375] vhci_hcd vhci_hcd.0: Device attached [ 876.515339][T13376] vhci_hcd: connection closed [ 876.519502][T11643] vhci_hcd: stop threads [ 876.529126][T11643] vhci_hcd: release socket [ 876.534034][T11643] vhci_hcd: disconnect device [ 878.203341][T13411] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2827'. [ 878.729791][T13419] loop5: detected capacity change from 0 to 256 [ 878.800744][T13422] loop3: detected capacity change from 0 to 512 [ 878.818850][T13419] exfat: Deprecated parameter 'namecase' [ 878.828022][T13419] exfat: Deprecated parameter 'utf8' [ 879.007991][T13422] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.2831: bad orphan inode 13 [ 879.061284][T13422] ext4_test_bit(bit=12, block=4) = 1 [ 879.066896][T13422] is_bad_inode(inode)=0 [ 879.071645][T13422] NEXT_ORPHAN(inode)=0 [ 879.075959][T13422] max_ino=32 [ 879.079380][T13422] i_nlink=1 [ 879.096795][T13422] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 879.145399][T13419] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 879.175281][T13422] EXT4-fs warning (device loop3): dx_probe:801: inode #2: comm syz.3.2831: Unrecognised inode hash code 20 [ 879.191769][T13422] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.2831: Corrupt directory, running e2fsck is recommended [ 879.252617][T13422] EXT4-fs warning (device loop3): dx_probe:801: inode #2: comm syz.3.2831: Unrecognised inode hash code 20 [ 879.264880][T13422] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.2831: Corrupt directory, running e2fsck is recommended [ 879.294574][ T30] audit: type=1800 audit(1753063710.804:523): pid=13422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2831" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 879.435383][T13436] genirq: Flags mismatch irq 4. 00200000 (das16m1) vs. 00200080 (ttyS0) [ 879.706476][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 880.984852][T13464] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2846'. [ 881.599436][T13473] loop5: detected capacity change from 0 to 256 [ 881.647721][T13473] exfat: Deprecated parameter 'namecase' [ 881.654224][T13473] exfat: Deprecated parameter 'namecase' [ 881.776232][T13476] loop6: detected capacity change from 0 to 512 [ 881.834117][T13476] EXT4-fs error (device loop6): ext4_orphan_get:1419: comm syz.6.2850: bad orphan inode 13 [ 881.856533][T13483] loop7: detected capacity change from 0 to 256 [ 881.913221][T13476] ext4_test_bit(bit=12, block=4) = 1 [ 881.915578][T13473] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 881.919028][T13476] is_bad_inode(inode)=0 [ 881.919094][T13476] NEXT_ORPHAN(inode)=0 [ 881.919153][T13476] max_ino=32 [ 881.919210][T13476] i_nlink=1 [ 881.921653][T13476] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 881.989969][T13476] EXT4-fs warning (device loop6): dx_probe:801: inode #2: comm syz.6.2850: Unrecognised inode hash code 20 [ 882.002029][T13476] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.2850: Corrupt directory, running e2fsck is recommended [ 882.023890][T13476] EXT4-fs warning (device loop6): dx_probe:801: inode #2: comm syz.6.2850: Unrecognised inode hash code 20 [ 882.036094][T13476] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.2850: Corrupt directory, running e2fsck is recommended [ 882.092610][ T30] audit: type=1800 audit(1753063713.597:524): pid=13476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2850" name="bus" dev="loop6" ino=18 res=0 errno=0 [ 882.531079][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 882.762066][T13501] loop3: detected capacity change from 0 to 16 [ 882.835023][T13501] erofs (device loop3): mounted with root inode @ nid 36. [ 882.986303][ T30] audit: type=1800 audit(1753063714.521:525): pid=13501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2856" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 883.528154][T13513] loop5: detected capacity change from 0 to 512 [ 883.612626][T13513] EXT4-fs: Ignoring removed i_version option [ 883.660457][T13513] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 883.795096][T13513] EXT4-fs (loop5): 1 truncate cleaned up [ 883.803595][T13513] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 884.075282][T13530] loop7: detected capacity change from 0 to 512 [ 884.224476][T13530] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 884.240296][T13530] ext4 filesystem being mounted at /148/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 884.240676][T13537] loop3: detected capacity change from 0 to 8 [ 884.312531][T13537] SQUASHFS error: zlib decompression failed, data probably corrupt [ 884.321530][T13537] SQUASHFS error: Failed to read block 0x9b: -5 [ 884.328403][T13537] SQUASHFS error: Unable to read metadata cache entry [99] [ 884.335885][T13537] SQUASHFS error: Unable to read inode 0x127 [ 884.381899][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 884.404136][T13530] EXT4-fs error (device loop7): ext4_ext_check_inode:523: inode #2: comm syz.7.2866: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 884.477209][T13530] EXT4-fs (loop7): Remounting filesystem read-only [ 884.829441][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 885.300815][T13556] loop7: detected capacity change from 0 to 64 [ 885.891571][T13567] tipc: Started in network mode [ 885.897024][T13567] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 885.907599][T13567] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 885.925625][T13567] tipc: Enabled bearer , priority 10 [ 885.990713][T13570] loop7: detected capacity change from 0 to 256 [ 886.295853][T13570] FAT-fs (loop7): Directory bread(block 64) failed [ 886.303227][T13570] FAT-fs (loop7): Directory bread(block 65) failed [ 886.310732][T13570] FAT-fs (loop7): Directory bread(block 66) failed [ 886.317633][T13570] FAT-fs (loop7): Directory bread(block 67) failed [ 886.330203][T13570] FAT-fs (loop7): Directory bread(block 68) failed [ 886.337034][T13570] FAT-fs (loop7): Directory bread(block 69) failed [ 886.347238][T13570] FAT-fs (loop7): Directory bread(block 70) failed [ 886.354762][T13570] FAT-fs (loop7): Directory bread(block 71) failed [ 886.361921][T13570] FAT-fs (loop7): Directory bread(block 72) failed [ 886.369121][T13570] FAT-fs (loop7): Directory bread(block 73) failed [ 886.509326][T13570] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2878'. [ 887.041722][ T1851] tipc: Node number set to 1 [ 887.761371][T13599] loop7: detected capacity change from 0 to 256 [ 887.881985][T13599] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF [ 887.893915][T13599] FAT-fs (loop7): Filesystem has been set read-only [ 888.820860][T13625] loop7: detected capacity change from 0 to 64 [ 888.959044][T13625] hfs: request for non-existent node 327680 in B*Tree [ 888.966243][T13625] hfs: request for non-existent node 327680 in B*Tree [ 889.058208][T13625] hfs: request for non-existent node 327680 in B*Tree [ 889.065301][T13625] hfs: request for non-existent node 327680 in B*Tree [ 889.133550][T13622] loop2: detected capacity change from 0 to 4096 [ 889.156276][T13625] hfs: request for non-existent node 327680 in B*Tree [ 889.163734][T13625] hfs: request for non-existent node 327680 in B*Tree [ 889.190995][T13622] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 889.434913][T13622] ntfs3(loop2): ino=1a, mi_enum_attr [ 889.441771][T13622] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 889.649216][T13622] ntfs3(loop2): ino=1e, "file1" ntfs3_write_inode failed, -22. [ 889.858503][T13639] loop7: detected capacity change from 0 to 512 [ 890.157538][T13639] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 890.172043][T13639] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 890.551919][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 891.098892][T13668] overlayfs: conflicting lowerdir path [ 891.414629][ T5869] kernel read not supported for file /975/net/sockstat (pid: 5869 comm: kworker/0:4) [ 891.717081][T13679] loop6: detected capacity change from 0 to 512 [ 891.967355][T13679] EXT4-fs error (device loop6): ext4_get_branch:178: inode #11: block 4294967295: comm syz.6.2914: invalid block [ 892.064315][T13679] EXT4-fs (loop6): Remounting filesystem read-only [ 892.156543][T13679] EXT4-fs (loop6): 2 truncates cleaned up [ 892.164768][T13679] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 892.569742][T13678] loop2: detected capacity change from 0 to 32768 [ 892.676804][T13678] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,fix_errors=ask,norecovery,nojournal_transaction_names,read_only [ 892.676952][T13678] allowing incompatible features above 0.0: (unknown version) [ 892.677048][T13678] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 892.721167][T13678] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 892.730540][T13678] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 892.741779][T13678] bcachefs (loop2): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive [ 892.741779][T13678] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 892.807651][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 892.887760][T13678] bcachefs (loop2): btree node read error at btree lru level 0/0 [ 892.887870][T13678] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key 0:196608:0 durability: 1 ptr: 0:28:0 gen 0 [ 892.888079][T13678] loop2 node offset 0/16: incorrect min_key: got POS_MIN should be 0:196608:0 [ 892.888171][T13678] loop2 btree validate error [ 892.888241][T13678] flagging btree lru lost data [ 892.888319][T13678] running recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 892.888412][T13678] running recovery pass check_lrus (14), currently at recovery_pass_empty (0) [ 892.888507][T13678] running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0) [ 892.888621][T13678] running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0) [ 892.888710][T13678] ret btree_node_read_err_bad_node [ 893.048475][T13678] bcachefs (loop2): error reading btree root btree=lru level=0: btree_node_read_error, fixing [ 893.076621][T13678] bcachefs (loop2): btree node read error at btree freespace level 0/0 [ 893.076727][T13678] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0 [ 893.076855][T13678] loop2 node offset 0/32 bset u64s 0: invalid bkey format: field 4 too large: 0 + 4294967296 > 4294967295 [ 893.076956][T13678] u64s 3 fields 64:0, 64:0, 32:0, 0:0, 0:4294967296, 0:0 [ 893.077037][T13678] loop2 btree validate error [ 893.077105][T13678] flagging btree freespace lost data [ 893.077180][T13678] ret btree_node_read_err_bad_node [ 893.139531][T13678] bcachefs (loop2): error reading btree root btree=freespace level=0: btree_node_read_error, fixing [ 893.167377][T13678] bcachefs (loop2): btree node read error at btree backpointers level 0/0 [ 893.167491][T13678] u64s 11 type btree_ptr_v2 360287970189639679:U64_MAX:U32_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0 [ 893.167616][T13678] loop2 node offset 0/24 bset u64s 0: incorrect max key SPOS_MAX [ 893.167701][T13678] loop2 btree validate error [ 893.167773][T13678] flagging btree backpointers lost data [ 893.167857][T13678] running recovery pass check_btree_backpointers (15), currently at recovery_pass_empty (0) [ 893.167952][T13678] ret btree_node_read_err_bad_node [ 893.236554][T13678] bcachefs (loop2): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 893.257967][T13678] bcachefs (loop2): check_topology... done [ 893.278120][T13678] bcachefs (loop2): accounting_read... [ 893.284932][T13692] program syz.7.2929 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 893.304703][T13678] done [ 893.307735][T13678] bcachefs (loop2): alloc_read... done [ 893.318725][T13678] bcachefs (loop2): snapshots_read... done [ 893.327677][T13678] bcachefs (loop2): Fixed errors, running fsck a second time to verify fs is clean [ 893.339715][T13678] bcachefs (loop2): done starting filesystem [ 893.561092][ T5812] bcachefs (loop2): shutting down [ 893.652110][ T5812] bcachefs (loop2): shutdown complete [ 894.512383][T13712] loop7: detected capacity change from 0 to 2048 [ 894.663354][T13712] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 895.077381][T13721] loop3: detected capacity change from 0 to 4096 [ 895.165361][T13721] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 895.189436][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 897.599884][T13739] loop7: detected capacity change from 0 to 256 [ 897.758410][T13739] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 897.772086][T13739] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 897.965986][ T30] audit: type=1800 audit(1753063729.548:526): pid=13739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2935" name="file2" dev="loop7" ino=1048803 res=0 errno=0 [ 898.102466][T13750] loop3: detected capacity change from 0 to 512 [ 898.255143][T13750] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 898.272475][T13750] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 898.287297][T13750] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2936: Failed to acquire dquot type 1 [ 898.413088][T13750] EXT4-fs (loop3): 1 truncate cleaned up [ 898.422861][T13750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 898.437220][T13750] ext4 filesystem being mounted at /623/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 898.560027][T13750] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 898.579909][T13750] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 898.592127][T13750] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2936: Failed to acquire dquot type 1 [ 899.016255][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 899.372268][T13771] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2945'. [ 899.386557][T13771] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2945'. [ 899.397566][T13771] netlink: 'syz.6.2945': attribute type 14 has an invalid length. [ 899.408027][T13771] netlink: 'syz.6.2945': attribute type 11 has an invalid length. [ 900.233938][T13775] loop7: detected capacity change from 0 to 32768 [ 900.238425][T13777] loop3: detected capacity change from 0 to 32768 [ 900.250502][T13777] ocfs2: Bad value for 'heartbeat' [ 900.297565][T13776] netem: incorrect gi model size [ 900.307741][T13776] netem: change failed [ 900.423833][T13775] bcachefs (/dev/loop7): error validating superblock: Invalid time precision: 0 (min 1, max 1000000000) [ 900.436083][T13775] bcachefs: bch2_fs_get_tree() error: invalid_sb_time_precision [ 900.860558][T13779] macsec1: entered promiscuous mode [ 900.866370][T13779] macsec1: entered allmulticast mode [ 901.311882][T13789] loop3: detected capacity change from 0 to 1024 [ 901.660369][T13796] team0: Port device bridge1 added [ 902.745529][T13812] overlayfs: conflicting lowerdir path [ 903.004186][T13810] loop2: detected capacity change from 0 to 32768 [ 903.023408][T13810] (syz.2.2957,13810,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #66: directory entry overrun - offset=88, inode=69, rec_len=1812, name_len=8 [ 903.040245][T13810] (syz.2.2957,13810,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 903.049786][T13810] (syz.2.2957,13810,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 2, possibly corrupt fs? [ 903.049979][T13810] (syz.2.2957,13810,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 903.078109][T13810] (syz.2.2957,13810,1):ocfs2_initialize_super:2198 ERROR: status = -22 [ 903.087449][T13810] (syz.2.2957,13810,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 903.356549][T13817] loop6: detected capacity change from 0 to 1024 [ 903.598893][T13817] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 903.870374][T13817] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 904.244468][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 904.453224][T13836] loop7: detected capacity change from 0 to 256 [ 904.579469][T13831] loop5: detected capacity change from 0 to 4096 [ 904.766503][T13836] FAT-fs (loop7): Directory bread(block 64) failed [ 904.774085][T13836] FAT-fs (loop7): Directory bread(block 65) failed [ 904.781045][T13836] FAT-fs (loop7): Directory bread(block 66) failed [ 904.788126][T13836] FAT-fs (loop7): Directory bread(block 67) failed [ 904.800507][T13836] FAT-fs (loop7): Directory bread(block 68) failed [ 904.809102][T13836] FAT-fs (loop7): Directory bread(block 69) failed [ 904.816393][T13836] FAT-fs (loop7): Directory bread(block 70) failed [ 904.823434][T13836] FAT-fs (loop7): Directory bread(block 71) failed [ 904.830394][T13836] FAT-fs (loop7): Directory bread(block 72) failed [ 904.837438][T13836] FAT-fs (loop7): Directory bread(block 73) failed [ 904.887549][T13831] ntfs3(loop5): ino=1a, mi_enum_attr [ 904.898816][T13831] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 905.277538][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 905.284713][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 906.251950][ T5869] kernel read not supported for file /usbmon0 (pid: 5869 comm: kworker/0:4) [ 906.449794][T13865] loop3: detected capacity change from 0 to 1024 [ 906.900373][ T3529] hfsplus: b-tree write err: -5, ino 4 [ 908.178546][T13875] loop7: detected capacity change from 0 to 40427 [ 908.195510][T13875] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504) [ 908.202786][T13875] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 908.221653][T13875] F2FS-fs (loop7): build fault injection rate: 17008 [ 908.229060][T13875] F2FS-fs (loop7): build fault injection type: 0x6 [ 908.236375][T13875] F2FS-fs (loop7): build fault injection rate: 25 [ 908.272231][T13875] F2FS-fs (loop7): invalid crc value [ 908.333472][T13875] F2FS-fs (loop7): inject kvmalloc in f2fs_kvmalloc of f2fs_build_segment_manager+0x53a7/0x54d0 [ 908.351017][T13875] F2FS-fs (loop7): Failed to initialize F2FS segment manager (-12) [ 909.494957][T13905] netlink: 260 bytes leftover after parsing attributes in process `syz.6.2991'. [ 909.504714][T13905] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2991'. [ 909.565439][ T5825] Bluetooth: hci4: link tx timeout [ 909.571129][ T5825] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 910.298160][ T1851] IPVS: starting estimator thread 0... [ 910.402086][T13925] IPVS: using max 192 ests per chain, 9600 per kthread [ 910.445250][T13920] loop2: detected capacity change from 0 to 1024 [ 910.783716][T13931] loop5: detected capacity change from 0 to 256 [ 910.906459][T13934] loop7: detected capacity change from 0 to 256 [ 910.952055][T13934] exfat: Deprecated parameter 'namecase' [ 911.106474][T13934] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 911.288676][T13931] FAT-fs (loop5): Directory bread(block 64) failed [ 911.295734][T13931] FAT-fs (loop5): Directory bread(block 65) failed [ 911.302817][T13931] FAT-fs (loop5): Directory bread(block 66) failed [ 911.314002][T13931] FAT-fs (loop5): Directory bread(block 67) failed [ 911.322468][T13931] FAT-fs (loop5): Directory bread(block 68) failed [ 911.335470][T13931] FAT-fs (loop5): Directory bread(block 69) failed [ 911.342491][T13931] FAT-fs (loop5): Directory bread(block 70) failed [ 911.353587][T13931] FAT-fs (loop5): Directory bread(block 71) failed [ 911.360769][T13931] FAT-fs (loop5): Directory bread(block 72) failed [ 911.367948][T13931] FAT-fs (loop5): Directory bread(block 73) failed [ 911.609405][T13910] Bluetooth: hci4: command 0x0406 tx timeout [ 912.495522][T13949] loop3: detected capacity change from 0 to 32768 [ 912.507585][T13949] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3007 (13949) [ 912.532336][T13958] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3010'. [ 912.537965][T13949] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 912.557319][T13949] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 912.570132][T13949] BTRFS info (device loop3): using free-space-tree [ 912.789240][ T3509] BTRFS warning (device loop3): checksum verify failed on logical 5341184 mirror 1 wanted 0xe51addfa found 0x6230e5ae level 0 [ 912.803525][T13949] BTRFS error (device loop3): failed to load root free space [ 912.899338][T13949] BTRFS error (device loop3): open_ctree failed: -5 [ 913.453857][T13984] veth1_virt_wifi: entered promiscuous mode [ 913.461649][T13984] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3016'. [ 913.476282][T13984] A link change request failed with some changes committed already. Interface veth1_virt_wifi may have been left with an inconsistent configuration, please check. [ 914.329904][T13998] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 914.943732][T14008] loop5: detected capacity change from 0 to 512 [ 915.079764][T14008] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 915.091199][T14008] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 915.102484][T14008] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3024: Failed to acquire dquot type 1 [ 915.230138][T14008] EXT4-fs (loop5): 1 truncate cleaned up [ 915.239124][T14008] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 915.252434][T14008] ext4 filesystem being mounted at /484/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 915.388437][T14008] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 915.399616][T14008] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 915.410292][T14008] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3024: Failed to acquire dquot type 1 [ 915.751389][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 916.059564][T14031] loop3: detected capacity change from 0 to 128 [ 917.546286][T14042] loop5: detected capacity change from 0 to 40427 [ 917.581166][T14042] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504) [ 917.590144][T14042] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 917.632950][T14049] loop2: detected capacity change from 0 to 1024 [ 917.640642][T14042] F2FS-fs (loop5): build fault injection rate: 17008 [ 917.648118][T14042] F2FS-fs (loop5): build fault injection type: 0x6 [ 917.655270][T14042] F2FS-fs (loop5): build fault injection rate: 25 [ 917.716821][T14042] F2FS-fs (loop5): invalid crc value [ 917.741579][T14042] F2FS-fs (loop5): inject kvmalloc in f2fs_kvmalloc of f2fs_build_segment_manager+0x53a7/0x54d0 [ 917.752929][T14042] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-12) [ 918.299409][ T3509] hfsplus: b-tree write err: -5, ino 4 [ 918.952318][T14066] overlay: filesystem on ./file0/file0 not supported [ 919.493508][T14078] loop2: detected capacity change from 0 to 64 [ 920.366674][T14090] loop6: detected capacity change from 0 to 1024 [ 920.617040][T14098] netlink: 332 bytes leftover after parsing attributes in process `syz.7.3055'. [ 920.636260][T14098] netlink: 160 bytes leftover after parsing attributes in process `syz.7.3055'. [ 921.119872][T14095] loop3: detected capacity change from 0 to 32768 [ 921.341696][T14095] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,fix_errors=ask,norecovery,nojournal_transaction_names,read_only [ 921.341848][T14095] allowing incompatible features above 0.0: (unknown version) [ 921.341944][T14095] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 921.387661][T14095] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0 [ 921.399635][T14095] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 921.408328][T14095] bcachefs (loop3): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive [ 921.408328][T14095] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 921.517056][T14095] bcachefs (loop3): btree node read error at btree lru level 0/0 [ 921.517161][T14095] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key 0:196608:0 durability: 1 ptr: 0:28:0 gen 0 [ 921.517273][T14095] loop3 node offset 0/16: incorrect min_key: got POS_MIN should be 0:196608:0 [ 921.517362][T14095] loop3 btree validate error [ 921.517432][T14095] flagging btree lru lost data [ 921.517504][T14095] running recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 921.517626][T14095] running recovery pass check_lrus (14), currently at recovery_pass_empty (0) [ 921.517724][T14095] running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0) [ 921.517824][T14095] running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0) [ 921.517915][T14095] ret btree_node_read_err_bad_node [ 921.556820][ T3885] hfsplus: b-tree write err: -5, ino 4 [ 921.561516][T14095] bcachefs (loop3): error reading btree root btree=lru level=0: btree_node_read_error, fixing [ 921.665413][T14095] bcachefs (loop3): btree node read error at btree freespace level 0/0 [ 921.665521][T14095] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0 [ 921.665645][T14095] loop3 node offset 0/32 bset u64s 0: invalid bkey format: field 4 too large: 0 + 4294967296 > 4294967295 [ 921.665749][T14095] u64s 3 fields 64:0, 64:0, 32:0, 0:0, 0:4294967296, 0:0 [ 921.665829][T14095] loop3 btree validate error [ 921.665900][T14095] flagging btree freespace lost data [ 921.665972][T14095] ret btree_node_read_err_bad_node [ 921.729636][T14095] bcachefs (loop3): error reading btree root btree=freespace level=0: btree_node_read_error, fixing [ 921.769820][T14095] bcachefs (loop3): btree node read error at btree backpointers level 0/0 [ 921.769935][T14095] u64s 11 type btree_ptr_v2 360287970189639679:U64_MAX:U32_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0 [ 921.770056][T14095] loop3 node offset 0/24 bset u64s 0: incorrect max key SPOS_MAX [ 921.770138][T14095] loop3 btree validate error [ 921.770208][T14095] flagging btree backpointers lost data [ 921.770297][T14095] running recovery pass check_btree_backpointers (15), currently at recovery_pass_empty (0) [ 921.770395][T14095] ret btree_node_read_err_bad_node [ 921.840960][T14095] bcachefs (loop3): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 921.874496][T14095] bcachefs (loop3): check_topology... done [ 921.888156][T14095] bcachefs (loop3): accounting_read... done [ 921.909770][T14095] bcachefs (loop3): alloc_read... done [ 921.918097][T14095] bcachefs (loop3): snapshots_read... done [ 921.926870][T14095] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean [ 921.941534][T14095] bcachefs (loop3): done starting filesystem [ 922.191078][ T5815] bcachefs (loop3): shutting down [ 922.353713][ T5815] bcachefs (loop3): shutdown complete [ 923.776996][T14139] ip6tnl0: Master is either lo or non-ether device [ 924.987326][T14147] loop6: detected capacity change from 0 to 32768 [ 925.091449][T14147] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,fix_errors=ask,norecovery,nojournal_transaction_names,read_only [ 925.091596][T14147] allowing incompatible features above 0.0: (unknown version) [ 925.091692][T14147] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 925.139102][T14147] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0 [ 925.148519][T14147] bcachefs (loop6): recovering from clean shutdown, journal seq 10 [ 925.157543][T14147] bcachefs (loop6): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive [ 925.157543][T14147] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 925.348265][T14147] bcachefs (loop6): btree node read error at btree lru level 0/0 [ 925.348376][T14147] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key 0:196608:0 durability: 1 ptr: 0:28:0 gen 0 [ 925.348491][T14147] loop6 node offset 0/16: incorrect min_key: got POS_MIN should be 0:196608:0 [ 925.348581][T14147] loop6 btree validate error [ 925.348649][T14147] flagging btree lru lost data [ 925.348724][T14147] running recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 925.348821][T14147] running recovery pass check_lrus (14), currently at recovery_pass_empty (0) [ 925.348913][T14147] running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0) [ 925.349010][T14147] running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0) [ 925.349109][T14147] ret btree_node_read_err_bad_node [ 925.445145][T14147] bcachefs (loop6): error reading btree root btree=lru level=0: btree_node_read_error, fixing [ 925.463630][T14147] bcachefs (loop6): btree node read error at btree freespace level 0/0 [ 925.463736][T14147] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0 [ 925.463866][T14147] loop6 node offset 0/32 bset u64s 0: invalid bkey format: field 4 too large: 0 + 4294967296 > 4294967295 [ 925.463968][T14147] u64s 3 fields 64:0, 64:0, 32:0, 0:0, 0:4294967296, 0:0 [ 925.464052][T14147] loop6 btree validate error [ 925.464119][T14147] flagging btree freespace lost data [ 925.464196][T14147] ret btree_node_read_err_bad_node [ 925.524075][T14147] bcachefs (loop6): error reading btree root btree=freespace level=0: btree_node_read_error, fixing [ 925.555673][T14147] bcachefs (loop6): btree node read error at btree backpointers level 0/0 [ 925.555782][T14147] u64s 11 type btree_ptr_v2 360287970189639679:U64_MAX:U32_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0 [ 925.555905][T14147] loop6 node offset 0/24 bset u64s 0: incorrect max key SPOS_MAX [ 925.555987][T14147] loop6 btree validate error [ 925.556062][T14147] flagging btree backpointers lost data [ 925.556137][T14147] running recovery pass check_btree_backpointers (15), currently at recovery_pass_empty (0) [ 925.556247][T14147] ret btree_node_read_err_bad_node [ 925.617673][T14147] bcachefs (loop6): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 925.646065][T14147] bcachefs (loop6): check_topology... done [ 925.660729][T14147] bcachefs (loop6): accounting_read... done [ 925.677234][T14147] bcachefs (loop6): alloc_read... done [ 925.685708][T14147] bcachefs (loop6): snapshots_read... done [ 925.694779][T14147] bcachefs (loop6): Fixed errors, running fsck a second time to verify fs is clean [ 925.706696][T14147] bcachefs (loop6): done starting filesystem [ 925.877159][ T7541] bcachefs (loop6): shutting down [ 925.996095][ T7541] bcachefs (loop6): shutdown complete [ 926.544270][T14167] loop7: detected capacity change from 0 to 2048 [ 926.570730][T14169] loop3: detected capacity change from 0 to 2048 [ 926.614399][T14167] EXT4-fs: Ignoring removed mblk_io_submit option [ 926.644876][T14172] xt_hashlimit: max too large, truncated to 1048576 [ 926.666370][T14169] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 926.741007][T14167] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a800c029, mo2=0002] [ 926.758312][T14167] System zones: 0-7 [ 926.785538][T14167] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 927.093377][T14178] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 927.135535][T14178] EXT4-fs (loop7): Remounting filesystem read-only [ 927.240392][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 927.253877][T14182] loop2: detected capacity change from 0 to 1024 [ 927.383112][T14182] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 927.923568][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 928.404142][ T1851] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 928.665491][ T1851] usb 6-1: Using ep0 maxpacket: 8 [ 928.771369][ T1851] usb 6-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 928.781183][ T1851] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 928.789838][ T1851] usb 6-1: Product: syz [ 928.794596][ T1851] usb 6-1: Manufacturer: syz [ 928.799468][ T1851] usb 6-1: SerialNumber: syz [ 929.100684][ T1851] usb 6-1: config 0 descriptor?? [ 929.139513][T14205] loop3: detected capacity change from 0 to 32768 [ 929.152597][T14205] XFS: attr2 mount option is deprecated. [ 929.202205][ T1851] radio-usb-si4713 6-1:0.0: Si4713 development board discovered: (10C4:8244) [ 929.234208][T14212] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3093'. [ 929.244552][T14212] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3093'. [ 929.254288][T14212] netlink: 'syz.7.3093': attribute type 6 has an invalid length. [ 929.386489][T14205] XFS (loop3): Metadata CRC error detected at xfs_sb_read_verify+0x5c7/0x640, xfs_sb block 0x0 [ 929.400240][T14205] XFS (loop3): Unmount and run xfs_repair [ 929.406672][T14205] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 929.419775][T14205] 00000000: 58 46 53 42 00 00 10 00 00 00 00 00 00 00 10 00 XFSB............ [ 929.433472][T14205] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 929.442900][T14205] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 929.452202][T14205] 00000030: 00 00 00 00 00 00 00 06 00 00 00 00 00 00 11 40 ...............@ [ 929.464120][T14205] 00000040: 00 00 00 00 00 00 11 41 00 00 00 00 00 00 11 42 .......A.......B [ 929.473452][T14205] 00000050: 00 00 00 01 00 00 10 00 00 00 00 01 00 00 00 00 ................ [ 929.482734][T14205] 00000060: 00 00 04 3e b4 b5 02 00 04 00 00 04 00 00 00 00 ...>............ [ 929.494478][T14205] 00000070: 00 00 00 00 00 00 05 00 00 00 0a 02 0c 00 00 0a ................ [ 929.503931][T14205] XFS (loop3): SB validate failed with error -74. [ 929.976770][ T1851] radio-usb-si4713 6-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 929.987567][ T1851] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 930.098646][ T1851] usb 6-1: USB disconnect, device number 14 [ 930.645867][T14242] loop3: detected capacity change from 0 to 512 [ 930.683258][T14242] EXT4-fs: Ignoring removed nobh option [ 930.767877][T14242] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002] [ 930.833127][T14242] System zones: 0-2, 18-18, 34-34 [ 930.865567][T14242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 930.879173][T14242] ext4 filesystem being mounted at /652/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 930.980700][T14242] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 931.172576][T14252] loop5: detected capacity change from 0 to 256 [ 931.586990][T14252] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x76936814, utbl_chksum : 0xe619d30d) [ 931.650716][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 932.118956][T14260] loop6: detected capacity change from 0 to 32768 [ 932.164600][T14260] (syz.6.3102,14260,1):ocfs2_find_entry:1075 ERROR: status = -117 [ 932.179354][T14260] (syz.6.3102,14260,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 932.190540][T14260] (syz.6.3102,14260,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 932.190745][T14260] (syz.6.3102,14260,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 932.212976][T14260] (syz.6.3102,14260,1):ocfs2_initialize_super:2198 ERROR: status = -22 [ 932.222189][T14260] (syz.6.3102,14260,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 933.317445][T14275] loop5: detected capacity change from 0 to 4096 [ 933.418267][T14275] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 933.432686][T14275] System zones: 0-5 [ 933.448677][T14275] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 933.561431][T14288] loop6: detected capacity change from 0 to 64 [ 933.995232][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 934.633373][T14303] loop2: detected capacity change from 0 to 256 [ 934.675880][T14303] exfat: Deprecated parameter 'utf8' [ 934.681985][T14303] exfat: Deprecated parameter 'utf8' [ 935.001381][T14301] loop7: detected capacity change from 0 to 4096 [ 935.094606][T14301] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512). [ 935.094869][T14297] loop3: detected capacity change from 0 to 32768 [ 935.126858][T14303] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d) [ 935.215595][T14297] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 935.496734][T14301] ntfs3(loop7): ino=1a, mi_enum_attr [ 935.502618][T14301] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 935.559784][T14297] XFS (loop3): Ending clean mount [ 935.578023][T14297] XFS (loop3): Metadata CRC error detected at xfs_inobt_read_verify+0xaf/0x2d0, xfs_finobt block 0x20 [ 935.597030][T14297] XFS (loop3): Unmount and run xfs_repair [ 935.605877][T14297] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 935.613646][T14297] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff FIB3............ [ 935.622947][T14297] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40 ....... .......@ [ 935.634647][T14297] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a ...B..N....xv... [ 935.652170][T14297] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37 .......F......@7 [ 935.666028][T14297] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 935.675348][T14297] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 ................ [ 935.684800][T14297] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 935.696538][T14297] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 935.705926][T14297] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x33d/0x5f0" at daddr 0x20 len 8 error 74 [ 935.718451][T14297] XFS (loop3): Failed to initialize disk quotas, err -117. [ 935.859301][ T5815] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 935.919385][T14301] ntfs3(loop7): ino=1e, "file1" ntfs3_write_inode failed, -22. [ 935.959363][ T5815] XFS (loop3): Uncorrected metadata errors detected; please run xfs_repair. [ 936.294994][T14335] netlink: 'syz.6.3124': attribute type 1 has an invalid length. [ 936.923994][T14348] loop7: detected capacity change from 0 to 64 [ 936.999462][ T5869] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 937.193625][ T5869] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 937.205174][ T5869] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 937.215616][ T5869] usb 6-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 937.227971][ T5869] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 937.338315][ T5869] usb 6-1: config 0 descriptor?? [ 938.152724][ T5869] uclogic 0003:5543:0522.0016: item fetching failed at offset 5/7 [ 938.297734][T14353] loop6: detected capacity change from 0 to 32768 [ 938.313018][T14353] XFS: attr2 mount option is deprecated. [ 938.347256][ T5869] uclogic 0003:5543:0522.0016: parse failed [ 938.354653][ T5869] uclogic 0003:5543:0522.0016: probe with driver uclogic failed with error -22 [ 938.427326][ T5869] usb 6-1: USB disconnect, device number 15 [ 938.475651][T14353] XFS (loop6): Metadata CRC error detected at xfs_sb_read_verify+0x5c7/0x640, xfs_sb block 0x0 [ 938.486944][T14353] XFS (loop6): Unmount and run xfs_repair [ 938.492957][T14353] XFS (loop6): First 128 bytes of corrupted metadata buffer: [ 938.501049][T14353] 00000000: 58 46 53 42 00 00 10 00 00 00 00 00 00 00 10 00 XFSB............ [ 938.515753][T14353] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 938.526806][T14353] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 938.536201][T14353] 00000030: 00 00 00 00 00 00 00 06 00 00 00 00 00 00 11 40 ...............@ [ 938.545633][T14353] 00000040: 00 00 00 00 00 00 11 41 00 00 00 00 00 00 11 42 .......A.......B [ 938.554971][T14353] 00000050: 00 00 00 01 00 00 10 00 00 00 00 01 00 00 00 00 ................ [ 938.564344][T14353] 00000060: 00 00 04 3e b4 b5 02 00 04 00 00 04 00 00 00 00 ...>............ [ 938.573715][T14353] 00000070: 00 00 00 00 00 00 05 00 00 00 0a 02 0c 00 00 0a ................ [ 938.582982][T14353] XFS (loop6): SB validate failed with error -74. [ 939.241563][T14385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3123'. [ 939.583773][T14391] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3136'. [ 939.593405][T14391] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3136'. [ 940.100361][T14398] loop3: detected capacity change from 0 to 512 [ 940.223987][T14398] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 940.232645][T14398] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002] [ 940.262932][T14398] System zones: 1-3, 19-19, 35-38 [ 940.306191][T14398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 940.524234][T14403] loop5: detected capacity change from 0 to 2048 [ 940.744490][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 940.763716][T14403] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 940.813426][T14403] ext4 filesystem being mounted at /506/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 940.990341][T14418] EXT4-fs error (device loop5): ext4_lookup:1787: inode #13: comm syz.5.3141: unexpected EA_INODE flag [ 941.899579][T14432] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3152'. [ 942.252839][T14424] loop2: detected capacity change from 0 to 32768 [ 942.265018][T14424] XFS: ikeep mount option is deprecated. [ 942.272202][T14424] XFS (loop2): stripe width (2147483647) must be a multiple of the stripe unit (127) [ 942.377341][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 942.582783][T14440] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3153'. [ 942.748587][T14440] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3153'. [ 943.453789][T14445] loop7: detected capacity change from 0 to 4096 [ 943.613427][T14455] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 943.952999][T14449] loop2: detected capacity change from 0 to 4096 [ 943.995721][T14449] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 946.145980][T14492] loop7: detected capacity change from 0 to 512 [ 946.281703][T14492] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 946.293846][T14492] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it [ 946.304711][T14492] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.3168: Corrupt directory, running e2fsck is recommended [ 946.409897][T14495] loop2: detected capacity change from 0 to 4096 [ 946.433040][T14492] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117 [ 946.455987][T14492] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.3168: corrupted in-inode xattr: invalid ea_ino [ 946.515590][T14495] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 946.529675][T14492] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.3168: couldn't read orphan inode 15 (err -117) [ 946.562846][T14492] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 946.673080][T14492] EXT4-fs: group quota file already specified [ 946.825200][T11283] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 946.983569][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 947.918504][ T30] audit: type=1326 audit(1753063779.615:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14523 comm="syz.7.3178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed758e9a9 code=0x7ffc0000 [ 947.944756][ T30] audit: type=1326 audit(1753063779.615:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14523 comm="syz.7.3178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed758e9a9 code=0x7ffc0000 [ 948.055862][ T30] audit: type=1326 audit(1753063779.715:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14523 comm="syz.7.3178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f7ed758e9a9 code=0x7ffc0000 [ 948.082285][ T30] audit: type=1326 audit(1753063779.715:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14523 comm="syz.7.3178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed758e9a9 code=0x7ffc0000 [ 948.105498][ T30] audit: type=1326 audit(1753063779.715:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14523 comm="syz.7.3178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f7ed758e9a9 code=0x7ffc0000 [ 948.135302][ T30] audit: type=1326 audit(1753063779.765:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14523 comm="syz.7.3178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed758e9a9 code=0x7ffc0000 [ 948.164047][ T30] audit: type=1326 audit(1753063779.765:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14523 comm="syz.7.3178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed758e9a9 code=0x7ffc0000 [ 948.903458][T14539] loop6: detected capacity change from 0 to 64 [ 949.706792][ T30] audit: type=1800 audit(1753063781.418:534): pid=14539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3184" name="file1" dev="loop6" ino=5 res=0 errno=0 [ 950.535207][T14566] netlink: 'syz.6.3192': attribute type 2 has an invalid length. [ 950.603374][T14569] netlink: 'syz.6.3192': attribute type 2 has an invalid length. [ 951.991349][T14583] loop6: detected capacity change from 0 to 4096 [ 952.290719][T14599] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 952.495181][T14601] loop2: detected capacity change from 0 to 64 [ 953.355337][ T30] audit: type=1326 audit(1753063785.073:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14613 comm="syz.6.3208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 953.470181][ T30] audit: type=1326 audit(1753063785.133:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14613 comm="syz.6.3208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 953.495887][ T30] audit: type=1326 audit(1753063785.133:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14613 comm="syz.6.3208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fadb8e9a9 code=0x7ffc0000 [ 954.766225][T14624] loop6: detected capacity change from 0 to 32768 [ 956.429364][T14657] loop5: detected capacity change from 0 to 256 [ 956.698177][T14660] loop3: detected capacity change from 0 to 16 [ 956.754255][T14660] erofs (device loop3): mounted with root inode @ nid 36. [ 957.539004][T14677] loop6: detected capacity change from 0 to 512 [ 957.586509][T14677] EXT4-fs: Ignoring removed nobh option [ 957.721674][T14677] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.3231: iget: bad i_size value: 38620345925642 [ 957.808173][T14677] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.3231: couldn't read orphan inode 15 (err -117) [ 957.859248][T14677] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 958.022565][T14689] loop2: detected capacity change from 0 to 164 [ 958.061700][T14690] loop5: detected capacity change from 0 to 16 [ 958.258570][ T7541] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 959.451998][T14699] loop6: detected capacity change from 0 to 32768 [ 959.494869][T14699] bcachefs (/dev/loop6): error validating superblock: Invalid superblock: optional field with size 0 (type 1) [ 959.509062][T14699] bcachefs: bch2_fs_get_tree() error: invalid_sb_field_size [ 960.316148][T14726] loop5: detected capacity change from 0 to 512 [ 960.456809][T14726] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 960.887408][ T30] audit: type=1804 audit(1753063792.613:538): pid=14737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3245" name="/" dev="pidfs" ino=14737 res=1 errno=0 [ 960.924141][ T7037] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 961.960981][T14753] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 961.972301][T14753] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 962.163454][T14753] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 962.174067][T14753] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 963.302328][T14774] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3258'. [ 963.577841][T14779] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3260'. [ 964.125380][T14788] loop5: detected capacity change from 0 to 1024 [ 964.298821][T14792] netlink: 184 bytes leftover after parsing attributes in process `syz.2.3264'. [ 964.344346][T14788] ===================================================== [ 964.354567][T14788] BUG: KMSAN: uninit-value in hfsplus_delete_cat+0x1195/0x13d0 [ 964.362664][T14788] hfsplus_delete_cat+0x1195/0x13d0 [ 964.368335][T14788] hfsplus_rmdir+0x13c/0x310 [ 964.377931][T14788] vfs_rmdir+0x5b6/0x800 [ 964.382429][T14788] do_rmdir+0x87b/0xf30 [ 964.386945][T14792] netlink: 184 bytes leftover after parsing attributes in process `syz.2.3264'. [ 964.400286][T14788] __x64_sys_rmdir+0x71/0xb0 [ 964.405123][T14788] x64_sys_call+0x353f/0x3db0 [ 964.410855][T14788] do_syscall_64+0xd9/0x210 [ 964.418214][T14788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.424367][T14788] [ 964.426952][T14788] Uninit was stored to memory at: [ 964.432342][T14788] hfsplus_create_cat+0x18fb/0x1910 [ 964.438049][T14788] hfsplus_mknod+0x208/0x560 [ 964.442871][T14788] hfsplus_mkdir+0x5a/0x80 [ 964.450078][T14788] vfs_mkdir+0x4e7/0x850 [ 964.454565][T14788] do_mkdirat+0x41a/0xf30 [ 964.460900][T14788] __x64_sys_mkdirat+0xc1/0x140 [ 964.466516][T14788] x64_sys_call+0x370b/0x3db0 [ 964.471464][T14788] do_syscall_64+0xd9/0x210 [ 964.483415][T14788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.491079][T14788] [ 964.493552][T14788] Uninit was stored to memory at: [ 964.499366][T14788] hfsplus_create_cat+0x18fb/0x1910 [ 964.504857][T14788] hfsplus_fill_super+0x212e/0x2740 [ 964.512971][T14788] get_tree_bdev_flags+0x6e6/0x920 [ 964.518629][T14788] get_tree_bdev+0x38/0x50 [ 964.523291][T14788] hfsplus_get_tree+0x35/0x40 [ 964.528382][T14788] vfs_get_tree+0xb3/0x5c0 [ 964.533039][T14788] do_new_mount+0x738/0x1610 [ 964.540482][T14788] path_mount+0x6db/0x1e90 [ 964.545159][T14788] __se_sys_mount+0x6eb/0x7d0 [ 964.550892][T14788] __x64_sys_mount+0xe4/0x150 [ 964.556337][T14788] x64_sys_call+0xfa7/0x3db0 [ 964.561220][T14788] do_syscall_64+0xd9/0x210 [ 964.568660][T14788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.574821][T14788] [ 964.577469][T14788] Uninit was stored to memory at: [ 964.582847][T14788] hfsplus_create_cat+0x18fb/0x1910 [ 964.593075][T14788] hfsplus_fill_super+0x212e/0x2740 [ 964.602718][T14788] get_tree_bdev_flags+0x6e6/0x920 [ 964.608349][T14788] get_tree_bdev+0x38/0x50 [ 964.613011][T14788] hfsplus_get_tree+0x35/0x40 [ 964.618177][T14788] vfs_get_tree+0xb3/0x5c0 [ 964.622837][T14788] do_new_mount+0x738/0x1610 [ 964.630311][T14788] path_mount+0x6db/0x1e90 [ 964.634959][T14788] __se_sys_mount+0x6eb/0x7d0 [ 964.640099][T14788] __x64_sys_mount+0xe4/0x150 [ 964.645044][T14788] x64_sys_call+0xfa7/0x3db0 [ 964.650219][T14788] do_syscall_64+0xd9/0x210 [ 964.654961][T14788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.663728][T14788] [ 964.666410][T14788] Uninit was stored to memory at: [ 964.671797][T14788] hfsplus_create_cat+0x18fb/0x1910 [ 964.677596][T14788] hfsplus_fill_super+0x212e/0x2740 [ 964.687682][T14788] get_tree_bdev_flags+0x6e6/0x920 [ 964.693063][T14788] get_tree_bdev+0x38/0x50 [ 964.701820][T14788] hfsplus_get_tree+0x35/0x40 [ 964.707095][T14788] vfs_get_tree+0xb3/0x5c0 [ 964.711766][T14788] do_new_mount+0x738/0x1610 [ 964.716810][T14788] path_mount+0x6db/0x1e90 [ 964.721465][T14788] __se_sys_mount+0x6eb/0x7d0 [ 964.729073][T14788] __x64_sys_mount+0xe4/0x150 [ 964.734035][T14788] x64_sys_call+0xfa7/0x3db0 [ 964.739108][T14788] do_syscall_64+0xd9/0x210 [ 964.743862][T14788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.750157][T14788] [ 964.752630][T14788] Uninit was created at: [ 964.759730][T14788] __alloc_frozen_pages_noprof+0x689/0xf00 [ 964.766113][T14788] alloc_pages_mpol+0x328/0x860 [ 964.771224][T14788] alloc_frozen_pages_noprof+0xf7/0x200 [ 964.777154][T14788] allocate_slab+0x24d/0x1220 [ 964.786793][T14788] ___slab_alloc+0xfec/0x3480 [ 964.791766][T14788] kmem_cache_alloc_lru_noprof+0x922/0xed0 [ 964.801932][T14788] hfsplus_alloc_inode+0x5a/0xd0 [ 964.807323][T14788] alloc_inode+0x87/0x4a0 [ 964.811884][T14788] iget_locked+0x239/0x12d0 [ 964.816778][T14788] hfsplus_iget+0x5c/0xb80 [ 964.819473][ C1] hrtimer: interrupt took 278324 ns [ 964.821376][T14788] hfsplus_btree_open+0x134/0x1d00 [ 964.832177][T14788] hfsplus_fill_super+0x1161/0x2740 [ 964.840890][T14788] get_tree_bdev_flags+0x6e6/0x920 [ 964.846401][T14788] get_tree_bdev+0x38/0x50 [ 964.851052][T14788] hfsplus_get_tree+0x35/0x40 [ 964.856108][T14788] vfs_get_tree+0xb3/0x5c0 [ 964.860765][T14788] do_new_mount+0x738/0x1610 [ 964.868462][T14788] path_mount+0x6db/0x1e90 [ 964.873129][T14788] __se_sys_mount+0x6eb/0x7d0 [ 964.878220][T14788] __x64_sys_mount+0xe4/0x150 [ 964.883157][T14788] x64_sys_call+0xfa7/0x3db0 [ 964.892857][T14788] do_syscall_64+0xd9/0x210 [ 964.901824][T14788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.908144][T14788] [ 964.910630][T14788] CPU: 0 UID: 0 PID: 14788 Comm: syz.5.3263 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(none) [ 964.921360][T14788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 964.934181][T14788] ===================================================== [ 964.941479][T14788] Disabling lock debugging due to kernel taint [ 964.948495][T14788] Kernel panic - not syncing: kmsan.panic set ... [ 964.955136][T14788] CPU: 0 UID: 0 PID: 14788 Comm: syz.5.3263 Tainted: G B 6.16.0-rc7-syzkaller #0 PREEMPT(none) [ 964.967316][T14788] Tainted: [B]=BAD_PAGE [ 964.971624][T14788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 964.981881][T14788] Call Trace: [ 964.985310][T14788] [ 964.988387][T14788] __dump_stack+0x26/0x30 [ 964.992974][T14788] dump_stack_lvl+0x53/0x270 [ 964.997801][T14788] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 965.003839][T14788] dump_stack+0x1e/0x25 [ 965.008218][T14788] panic+0x4bd/0xd50 [ 965.012389][T14788] kmsan_report+0x31c/0x320 [ 965.017106][T14788] ? __msan_warning+0x1b/0x30 [ 965.021966][T14788] ? hfsplus_delete_cat+0x1195/0x13d0 [ 965.027597][T14788] ? hfsplus_rmdir+0x13c/0x310 [ 965.032637][T14788] ? vfs_rmdir+0x5b6/0x800 [ 965.037265][T14788] ? do_rmdir+0x87b/0xf30 [ 965.041787][T14788] ? __x64_sys_rmdir+0x71/0xb0 [ 965.046753][T14788] ? x64_sys_call+0x353f/0x3db0 [ 965.051848][T14788] ? do_syscall_64+0xd9/0x210 [ 965.056734][T14788] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 965.063021][T14788] ? kmsan_get_metadata+0xfb/0x160 [ 965.068351][T14788] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 965.074389][T14788] ? hfsplus_bnode_dump+0x50a/0x560 [ 965.079811][T14788] ? kmsan_get_metadata+0xfb/0x160 [ 965.085137][T14788] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 965.091197][T14788] ? hfsplus_brec_remove+0x92f/0xa60 [ 965.096752][T14788] ? kmsan_get_metadata+0xfb/0x160 [ 965.102094][T14788] __msan_warning+0x1b/0x30 [ 965.106795][T14788] hfsplus_delete_cat+0x1195/0x13d0 [ 965.112262][T14788] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 965.118292][T14788] ? kmsan_get_metadata+0xfb/0x160 [ 965.123652][T14788] hfsplus_rmdir+0x13c/0x310 [ 965.128457][T14788] ? __pfx_hfsplus_rmdir+0x10/0x10 [ 965.133759][T14788] vfs_rmdir+0x5b6/0x800 [ 965.138221][T14788] do_rmdir+0x87b/0xf30 [ 965.142596][T14788] __x64_sys_rmdir+0x71/0xb0 [ 965.147390][T14788] x64_sys_call+0x353f/0x3db0 [ 965.152317][T14788] do_syscall_64+0xd9/0x210 [ 965.157029][T14788] ? irqentry_exit+0x16/0x60 [ 965.161817][T14788] ? clear_bhb_loop+0x40/0x90 [ 965.166714][T14788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 965.172823][T14788] RIP: 0033:0x7f3f15d8e9a9 [ 965.177419][T14788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 965.197267][T14788] RSP: 002b:00007f3f16b73038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 965.205921][T14788] RAX: ffffffffffffffda RBX: 00007f3f15fb5fa0 RCX: 00007f3f15d8e9a9 [ 965.214113][T14788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000780 [ 965.222288][T14788] RBP: 00007f3f15e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 965.230450][T14788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 965.238599][T14788] R13: 0000000000000000 R14: 00007f3f15fb5fa0 R15: 00007ffc7043cc98 [ 965.246787][T14788] [ 965.250313][T14788] Kernel Offset: disabled [ 965.254752][T14788] Rebooting in 86400 seconds..