last executing test programs: 15m18.834034303s ago: executing program 2 (id=1374): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x421, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @remote}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x48}}, 0x0) 15m18.456035168s ago: executing program 2 (id=1379): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x6, 0x1, 0x301, 0x0, 0x0, {0x5, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40084}, 0x10) 15m18.182753972s ago: executing program 2 (id=1391): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') writev(r0, &(0x7f0000000540)=[{0x0, 0x500}, {&(0x7f0000000300)="b8", 0x1}], 0x2) 15m17.994917846s ago: executing program 2 (id=1383): syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x847, &(0x7f0000000140)=ANY=[], 0xe0, 0xc33, &(0x7f0000000340)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwRFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjihIlPY9N/WbunHPvOfeM75UFnXsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj4vdcunjqdHnYrAIAH6fLoV0+dcf8HgCfKVf//DwAAAAAAAAAAAAAAB12KIp6OFHOX19J49b6jfqndf+v22PDI9tUOp6pmX1W+/KmfPnP23JdeGjrfzUvtmY+of799Nt4YvXqx8erszbn5qYWFqcnG2Ex7YnZyatd72Gv9rU5UJ6Bx881bk9evLzTOvHh208e3Bz8ceOrY4IWh508+1y07NjwyMrpRpN5bvnbPDenYaYbHoSjiZKR44Xs/Ta2IKGLv56L+YMd+q8NVJ05UnRgbHqk6Mt1uzSyWH17pnogiotFTqdk9R9uPRdT6H2gfdtaMWCqbXzb4RNm90bnWfOva9FTjSmt+sb3Ynp25kjqtLfvTiCLOp4jliFgduHt3/VFELVJ85+hauhYRfd3z8MVqYvDO7Sj2sY+7ULaz0R+xXDwCY3aADUQRr0eKn713PCbydaa61nwh4vUyfxDxTpmvRKTyi3Eu4oNtvkc8mmpRxJ+X439hLU1W14PudeXS1xpfmbk+21O2e135Je8Pd10pHtL94fCWfDAO+LWpHkW0qiv+Wrr33+wAAAAAAAAAAAAAAAAAcL8djiI+Eyle+7c/quYVRzUv/eiFod8f/P99PeWe/Zj9pIh4MSKWit3NyT2UJwZeSVdSeshziZ9k9Sjij/P8v2897MYAAAAAAAAAAAAAAAAAAAA80Yr4SaR4+f3jaTl61xRvz9xoXG1dm+6sCttd+7e7Zvr6+vp6I3WymXM851LO5ZwrOVdzRpHr52zmHM+5lHM550rO1ZzRl+vnbOYcz7mUcznnSs7VnFHL9XM2c47nXMq5nHMl52rOOCBr9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPE6KKOIXkeLb31hLkSKiGTEenVwZeNitAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKA6mI70eKxh8072yrRUSq/u04Xv5yLpqHyvxkNIfKfCWaF3O2qqw1v/UQ2s/e9KcifhwpBurv3hnwPP79nXd3vgbxzjc33n221sm+7oeDHw48dezohaGRX3t2p9dpuwacuNSeuXW7MTY8MjLas7mWj/7Jnm2D+bjF/ek6EbHw1ttvtqanp+bv/UX5FdhD9UfoRao9hj2tH4xmHMgXUTsQzXg4fecJUN7/P4gUv/3+v3dv+J37fz3+X+fdnTt8/PxPNu7/L2/d0S7v/7Wt9fL9v7ynb3f/f7pn28v5dyP9tYj64s25/mMR9YW33j7Zvtm6MXVjaubcqVNfHhr68tlT/Yci6tfb01M9r+7L6QIAAAAAAAAAAAAAAAB4cFIRvxspWj9eS42IuF3N1xq8MPT8yef6oq+ab7Vp3vYbo1cvNl6dvTk3P7WwMDXZGJtpT8xOTu32cPVqutfY8Mi+dOZjHd7n9h+uvzo799Z8+8YfLm77+ZH6xWsLi/Otie0/jsNRRDR7t5yoGjw2PFI1errdmqmqXtl2Mv0vrz8V8R+RYuJcI30+b8vz/7fO8N80/39p6472af7/J3q2lcdMqYifR4rf+otn4/NVO4/EXecsl/ubSHHi/OdyuThUluu2ofNcgc7MwLLs/0SKf/jF5rLd+ZBPb5Q9vesT+4gox/9opPj+n303fj1v2/z8h+3H/8jWHe3T+D/Ts+3IpucV7Lnr5PE/GSleefrd+I287aOe/9F99sbxXPjO8zn2afw/1bNtMB/3N+9P1wEAAAAAAAAAAB5p/amIv40UPxyppZfytt38/b/JrTvap7//9emebZP3Z72ij32x55MKAAAAAAdEfyriJ5HixuK7d+ZQb57/3TP/83c25n8Opy2fVn/O9yvVcwPu55//9RrMxx3fe7cBAAAAAAAAAAAAAAAAAADgQEmpiJfyeurj1Xz+yR3XU1+JFK/91wu5XDpWluuuAz9Y/Vq/PDtz8uL09OxEa7F1bXqqMTrXmpgq6z4TKdb++nO5blGtr95db76zxvvGWuzzkWLk77plO2uxd9cmf2aj7Omy7CcixX/+/eay3XWsP7VR9kxZ9q8ixdf/afuyxzbKni3LfjdS/OjrjW7ZI2XZ7vNRP71R9sWJ2WIfRgUAAAAAAAAAAAAAAAAAAIAnTX8q4k8jxX/fXL4zlz+v/9/f87byzjd71vvf4na1zv9gtf7/Tq/vZf3/6rkCSzsdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHk8ping7UsxdXksrA+X7jvql9syt22PDI9tXO5yqmn1V+fKnfvrM2XNfemnofDc/uv799pl4Y/Tqxcarszfn5qcWFqYmG2Mz7YnZyald72Gv9bc6UZ2Axs03b01ev77QOPPi2U0f3x78cOCpY4MXhp4/+Vy37NjwyMhoT5la/z0f/S5ph+2Hooi/jBQvfO+n6YcDEUXs/Vx8zHdnvx2uOnGi6sTY8EjVkel2a2ax/PBK90QUEY2eSs3uOXoAY7EnzYilsvllg0+U3Ruda823rk1PNa605hfbi+3ZmSup09qyP40o4nyKWI6I1YG7d9cfRbwZKb5zdC3980BEX/c8fPHy6FdPndm5HcU+9nEXynY2+iOWi0dgzA6wgSjiHyPFz947Hv8yEFGLzk98IeL1Mn8Q8U50xjuVX4xzER9s8z3i0VSLIv63HP8La+m9gfJ60L2uXPpa4ysz12d7ynavK4/8/eFBOuDXpnoU8aPqir+W/tV/1wAAAAAAAAAAAAAAAAAHSBG/Gilefv94quYH35lT3J650bjaujbdmdbXnfvXnTO9vr6+3kidbOYcz7mUcznnSs7VnFHk+jmbZdbX18fz+6WcyzlXcq7mjL5cP2cz53jOpZzLOVdyruaMWq6fs5lzPOdSzuWcKzlXc8YBmbsHAAAAAAAAAAAAAAAAAAA8XorqnxTf/sZaWh/orC89Hp1csR7oY+//AgAA///j0/g8") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 15m17.574533882s ago: executing program 2 (id=1389): syz_mount_image$hfsplus(&(0x7f00000003c0), &(0x7f0000000180)='./bus\x00', 0x14018, &(0x7f0000000080)={[{@barrier}, {@force}, {@nls={'nls', 0x3d, 'macinuit'}}, {@uid}, {@nodecompose}, {@force}, {@nodecompose}, {@umask={'umask', 0x3d, 0x5}}, {@part={'part', 0x3d, 0x4db}}, {@creator={'creator', 0x3d, "3d5cc00e"}}]}, 0xb, 0x6cc, &(0x7f0000006240)="$eJzs3UtsXFf9B/DvHY9f+Uup0ybtH1SJtJEKIiLxQymETQJCyIuqqsSCBSsrcRork7SyXXArRM1720XZl0V2rJBYsQkqOyRYsjSsKiHYsMrO6D7Gnng8zpjEnlh8PtGde+49j3vOb+5zrOgG+J+1eDHtBymyePGNjXJ56/5CZ+v+wmST3UlSpltJu56luJcUnybXU0/5XLmyKV8M2s7HZfV/b32WZLpuq90tXzb6+z+9+UpP6Q+3DzeKzWbK+SRjzbzfeP+qqce3d2Nge7XJnvT+4y92csqAXegGDkZtu8/mI/nTB1cfeLwDJ0dRXzf7zCSnmstkdZ1rzg6t4+3d07c56g4AAADAISz+89z8Ycp3f8977mEeZuPEP8YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsWre/180U6ubPp+i+/7/iWZdmvSJ9mDUHQAAAAAAAACAIUx2E9f2z//CwzzMRk53l7eL6m/+r1YLZ6vP/8t7WctyVnMpG1nKetazmrkkMz0NTWwsra+vzg1Rc37fmvPDDwUAAAAAAAAA6POTLO7+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4FRTJWz6rpbDc9k1Y7yVSSibLcZvKXbvqEKPZb+eD4+wEAAABPZGqIMv/aszyRPMxGTneXt4vqmf/F6nl5Ku/lXtazkvV0spybzTN0+dTf2rq/0Nm6v3C3nHpb3G4cqutVi6l/e9h/y/9flZjOraxUay7lRtWZm2lVNUt/T3K326e9/Up+XA6+uFb7wZA9u9nMy4191P0VYfJQgzsiM0m7lfGdiMxWfat3gjO9UeiPxDf27gY7rtez9t4tpXdLc2nt/PJztt5CmXxszK8NObJTzbwczy8G/XLztE3tbnRzYKGdSLRSRWK+Z+978eCYJ1/83W8+Kop7d27fWrt4LEM6Snv3iYWeSLw0RCS+e7vzjEaiPXzR7/0qyWwViXM7Kxfz7XwnF3M+b2U1K/l+lrKe5RTNSJea/bn8nDk4UtcfWXrrcd2ZaL6X+iw6TJ/O51tVaimvVnVPZyVF3snNLOf16t985vLVXMmVXO35hs8N7Hc1tuqob5VH/N/Sd9S39u/8hS81iekkv2zmo1afFMq4numJa+85d6bK612zG6Xnq+hMDnU9qqL0+CG3P98kym38dHA0R2BvJOZ6bgFeOHg//3VVdK1z787q7aV39726jjfz3VuL15o15R7388ff/vxhwPqntZv1nMfK/eX5TDVnkjMZr7s21s17Yecs80i8qryzO3mtvrxz9ddddI/UNwceqRPNPVx/S/NV3kv75i1UeeWdVrudvvut5J10du6HAHiGnfryqYnpf0z/efqT6Z9N355+Y+qbk1+bfHki438c/3p7duy11svFb/NJfrT7/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPz31t7/4M5Sp7O8un+iNTjroET3TT7D1yqaN+kMVbh12P4cRWL7w+QZ6Mbq2itJjqDl4oj6nM7yavclgoerPtu/R10fZeT/ethamTrUkLefq6N0qE3M1HWGKDxZB3NswHHafEXDvFwUOJEur9999/La+x98ZeXu0tvLby/fG79y5ers1SuvL1y+tdJZnq0/R91L4CjsXvRH3RMAAAAAAAAAAABgWMfx/yVGPUYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgZFu8mPaDFJmbvTRbLm/dX+iUUze9W7KdpNVKih8mxafJ9dRTZnqaKwZt5+OVq2NJPtttq90t3zqg3vbkUKPYbKacTzLWzJ/AI+3deOL2ip0RlgG70A0cjNp/AgAA//+xm/t2") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a) 15m17.152037718s ago: executing program 2 (id=1395): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="6e6c733d69736f383835392d31352c6e6f626172726965722c63726561746f723dbd3c66f52c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',force,umask=00000000000000000006745,decompose,barrier,force,gid=', @ANYRESHEX=0xee00, @ANYRES8=0x0], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") mount_setattr(0xffffffffffffffff, &(0x7f0000000080)='./file0/../file0/../file0/../file0\x00', 0x800, &(0x7f00000000c0), 0x48) 15m16.631868606s ago: executing program 32 (id=1395): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="6e6c733d69736f383835392d31352c6e6f626172726965722c63726561746f723dbd3c66f52c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',force,umask=00000000000000000006745,decompose,barrier,force,gid=', @ANYRESHEX=0xee00, @ANYRES8=0x0], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") mount_setattr(0xffffffffffffffff, &(0x7f0000000080)='./file0/../file0/../file0/../file0\x00', 0x800, &(0x7f00000000c0), 0x48) 12m29.282522478s ago: executing program 0 (id=3633): madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xc) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xd) 12m29.012997242s ago: executing program 0 (id=3638): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000140)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@dioread_lock}, {@nombcache}, {@noload}]}, 0x3, 0x459, &(0x7f0000000c00)="$eJzs3M1vFGUYAPBnph9820rwgw+1ikb8amlB5OBFo4kHTUz0gN5qWwhSqKE1EUIUjcGjIfFuPJr4F3jSi1FPJl71riTEcAE9rZnuDN1ddpfdsmUK+/slS993Zpb3eWbm3b4zb2cD6Ftj2T9JxNaI+CMiRqrV+g3Gqj+uXTk38++VczNJVCpv/ZMsb3f1yrmZYtPifVuKymBE+nkSu5u0u3jm7Inp+fm503l9YunkBxOLZ84+d/zk9LG5Y3Onpg4fPnhg8oVDU8/3JM8sr6u7Pl7Ys/O1dy6+MXPk4nu/fJcU+Tfk0SNj7VY+Uan0uLlybaspJ4MlBkJXBqrdNIaW+/9IDMTKwRuJVz8rNThgTVUqlcr9rVefrwB3sSTKjgAoR/GLPrv+LV63aeixLlx+qXoBlOV9LX9ly/+u2T9DDde3vTQWEUfO//d19oq1uQ8BAFDnh2z882yz8V8atfeF7snnUEYj4t6I2B4RhyJiR0TcF7G87QMR8WCX7TdOktw4/kkvrSqxDmXjvxfzua3a8V+Wf250IK9tW85/KDl6fH5uf75P9sXQhqw+2aaNH1/5/ctW62rHf9kra78YC+ZxXBrcUP+e2eml6VvJudblTyN2DTbLP7k+E5BExM6I2NXk/cMdtHH86W/3tFp38/zb6ME8U+WbiCerx/98NORfSNrPT05sjPm5/RPFWXGjX3+78Gar9m8p/x7Ijv/mpuf/9fxHk9r52sUu/vN3Nz6V/bjw5xctr2lWe/4PJ2/XLftoemnp9GTEcPJ6Neja5VMN202tbJ/lv29v8/6/PVb2xO6IyE7ihyLi4Yh4JI/90Yh4LCL2ttkNP7/8+Purz39tZfnPdnX8VwrD0bikeWHgxE/f1zU62k3+2fE/uFzaly/p5POvk7i6PJsBAADgjpVGxNZI0vHr5TQdH6/+Df+O2JzOLywuPXN04cNTs9VnBEZjKC3udI3U3A+dzC/ri/pUQ/1Aft/4q4FNy/XxmYX52bKThz63pUX/z/w1UHZ0wJrzvBb0L/0f+pf+D/1L/4f+1aT/byojDuD2a/b7/5MS4gBuv4b+b9oP+ojrf+hfq+n/PjPg7tC2L3fyhD9wJ1rcFDd/SL7MQhHoeolnbQppx19YsG4Kka6LMOq+aCI/V9ZLPLdcSEtsvbzPJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF76PwAA//9Gcecj") mkdir(&(0x7f0000000300)='./bus\x00', 0x0) 12m28.391598682s ago: executing program 0 (id=3648): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000036d000800"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b00010065727370616e000018000280040012000500160001000000060003"], 0x48}}, 0x0) 12m28.068297197s ago: executing program 0 (id=3653): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='iocharset=cp865,uid=', @ANYRESHEX=0x0, @ANYBLOB=',namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30303030303030303030303030303030303030303031302c757466382c666d61736b3d30303030303030303030303030303030303030303030362c6572726f72733d636f6e74696e75652c7379735f747a2c616c6c6f775f7574696d653d30303030303030303030303030303030303134373036342c00968868822eaa4073da2a8bad3e75bf3fa58e5fe9023e2efe14b61e42154e792855b9c44517fcaf42990fa252a8fcc76df45041b88e383db02cc075636a6b415c49ee2ad1af7ecfc73f3809bce1541b2c780705cdd96cfb760a1f342582ee152abbe3f5828666937a000000800f62dc427b22ae7bd20a2fb9094ffaf7b7eda15af87283045448d6cabb51f8a411539d39a9d6db38d1409fe568885e22b71e7a4823804f8c350397801bc23742343cecb0758cec6286312c4d"], 0x1, 0x1545, &(0x7f0000001a00)="$eJzs3AucTVX7OPDnWWvtMSROk1yGtdazOcllmSTJJUkuSZIkSW4JSZO8kpAYQpKGJCSXIYkhJJeJSeN+v18SkqRJkpDckvX/TPFXb97f+77/t19+/988389nf2Y9Z+9n7Wef55w5e2/mfNt1aK0mtas3IiL4j+CvP5IAIBYABgJAXgAIAKB8XPm4rPU5JSb9Zzthf64HU690BexK4v5nb9z/7I37n71x/7M37n/2xv3P3rj/2Rv3n7HsbNO0Qtfwkn2XP/v+fyzf////CH/+/y+SWWbsl2vKXNcNIOZfTeH+Z2/c//+1gn9lI+5/9pTzwk/uf3YVe6ULYH+lPpd/mN//2UGOf7iG+5+9cf8Zy86u9P3nv3KJuczxQuR/2HNw5MK12V+0vyv9+mOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlj2c9pcoALg4vtJ1McYYY4wxxhhj7M/jc1zpChhjjDHGGGOMMfbfD0GABAUBxEAOiIWckAsEAFwNeSAvROAaiINrIR9cB/mhABSEQhAPhaEIaDBggSCEolAMonA9FIcboASUhFJQGhyUgQS4EcrCTVAObobycAtUgFuhIlSCylAFboOqcDtUgzugOtwJNaAm1ILacBfUgbuhLtwD9eBeqA/3IcD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv91PjS4bP7z0BNegF7QG5KgD/SFF6Ef9IcB8BIMhJdhELwCg+FVSIYhMBReg2HwOgyHN2AEjIRR8CaMhrdgDIyFcTAeUmACTIS3YRK8A5PhXZgCUyEVpsF0eA9mwEyYBe/DbPgA5sBcmAfzIQ0+hAWwENLhI1gEH0MGLIYlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi2wFbbBdtgBn8BO+BR2wW7YA5/BXvj838w/9Xf53RAQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwH+bD/JgfC2JBjMd4LIJF0KBBQsKiWBSjGMXiWBxLYAkshaXQocMETMCyeBOWw3JYHstjBayAFbESVsIqWAWrYlWshtWwOlbHGlgDa2EtvAvvwj5YF+tiPayH9bH+xdtT2AgbYWNsjE2wCTbFptgMm2ELbIGtsBW2xtbYBttgO2yH7bE9dsAOmIiJ2BE7YifshJ2xM3bBLtgVu2I37I7dM5/PAfgCvoC9sYbog32xL/bD5BwD8CV8CV/GQfgKvoKvYjIOwaH4Gr6Gr+NwPIkjcCSOwlFYVbyFY3AskhiPKZiCE3EiTsJJmFXouzgVU3EaTsfpOANn4kx8H2fjB/gBzsW5OB/TMA0X4EJMx3RchKcwAxfjElyKy3A5LsOVuApX4hpci2twPa7HjbgRN+Nm3IpbcTtux09QAeCnuBt3YzLuxb24D/fhftyPB/AAZmImHsSDeAgP4WE8jEfwCB7FY3gcj+EJPIEn8RSextN4Fs/iOXw2/uvGn5RcnQwiixJKxIgYEStiRS6RS+QWuUUekUdERETEiTiRT+QT+UV+UVAUFPEiXhQRRYQRRpAIYwBAREVUFBfFRQlRQpQSpYQTTiSIBFFWlBXlRDlRXtwiKohbRUVRSbR1VUQVUVW0c9XEHaK6qC5qiJqilqgtaos6oo6oK+qKeqKeqC/qiwbiftFQ9MEB+KDI6kwTMQSbiqHYTDQX8sJvsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHh2r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZFf91FD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6Cy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeU/zX/7MvmDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tyF5wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvGBUKVVaOVVGJagb/518VVzdoEqokr/Lv1hf0j+or5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezTvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBeaHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1Z/6vzenyzwmOule+sk3Uf31S/qfrq/HqBf0gP1y3qQfkUP1q/qZD1ED9Wv6WH6dT1cv6FH6JF6lH5Tj9Zv6TF6rB6nx+sUPUFP1G/rSfodPVm/q6foqTpVT9PT9Xt6hp6pZ+n39Wz9gZ6j5+p5er5O0x/qBXqhTtcf6UX6Y52hF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa36x36E71Tf6p36d16j/5M79Wf6336C71ff6kP6K90pv5aH9Tf6EP6W31Yf6eP6O/1UX1MH9c/6BP6R31Sn9Kn9Rl9Vv+kz+mf9Xnts07usz7ejTLKxJgYE2tiTS6Ty+Q2uU0ek8dETMTEmTiTz+Qz+U1+U9AUNPEm3hQxRUwWMmSKmqImaqKmuCluSpgSppQpZZxxJsEkmLKmrClnypnyprypYCqYiqaiqWwqm9vMbeZ2c7u5w9xh7jR3mpqmpqltaps6po6pa+qaeqaeqW/qmwamgWloGppGppFpbBqbJqaJaWqammammWlhWphWppVpbVqbNqaNaWfamfamvelgOphEk2g6mo6mk+lkOpvOpovpYrqarqab6WZ6mB6mp+lpepleJskkmb6mr+ln+pkBZoAZaAaaQWaQGWwGm2STbIaaoWaYGWaGm+FmhBlpRmWdqJq3zBgz1owz402KSTETzUQzyUwyk81kM8VMMakm1Uw3080MM8PMMrPMbDPbzDFzzDwzz6SZNLPALDDpJt0sMotMhskwS8wSs8wsMyvMCrPKrDJrzBqzDtaZDWaD2WQ2mS1mi9lmtpkdZofZaXaaXWaX2WP2mL1mr9ln9pn9Zr85YA6YTJNpDpqD5pA5ZA6bw+aIOWKOmqPmuDluTpgT5qQ5aU6b0+asKXDh89KbWJvT5rJX2dz2apvH5rV/Hxe0hWy8LWyLWG3z2wK/i421toQtaUvZ0tbZMjbB3viHuKKtZCvbKvY2W9Xebqv9Ia5j77Z17T22nr3X1rZ3/S6ub++zDezDtiEigG1uG9uWtol92Da1j9hmtrltYVva9vYJ28E+aRPtU7ajffoP8QK70K6yq+0au9busrvtaXvGHrLf2rP2J9vL9rYD7ct2kH3FDrav2mQ75A/xKPumHW3fsmPsWDvOjv9DPMVOtal2mp1u37Mz7Mw/xGn2Qzvbpts5dq6dZ+f/EmfVlG4/sovsxzbDBrDELrXL7HK7wq68WKvPa9fbDXaj3Wk/tVvsVrvNbrc7Lp4I2912j/3M7rWf24P2G7vffmkP2MM20379S5x1fIftd/aI/d4etcfscfuDPWF/VBezs479B/uzPW+9BUICkqQooBjKQbGUk3LRVZSbrqY8lJcidA3F0bWUj66j/FSAClIhiqfCVIQ0GbJEFFJRKkZRup4ulleKSpOjMpRAN1JZuonK0c1Unm6hCnQrVaRKVJmq0G1UlW6nanQHVac7qQbVpFpUm+6iOnQ31aV7qB7dS/XpPmpA91NDeoAa0YPUmB6iJvQwNaVHqBk1pxbUklrRo9SaHqM21Jba0ePUnp6gDvQkJdJT1JGepk70N+pMz1AXepa60nPUjbpTD3qeetIL1It6UxL1ob70IvWj/jSAXqKB9DINoldoML1KyTSEhtJrNIxep+H0Bo2gkTSK3qTR9BaNobE0jsZTCk2gifQ2TaJ3aDK9S1NoKqXSNJpO79EMmkmz6H2aTR/QHJpL82g+pdGHtIAWUjp9RIvoY8qgxbSEltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjvoE9pJn9Iu2k176DPaS5/TPvqC9tOXdIC+okz6mg7SN3SIvqXD9J3vTd/TUTpGx+kHOkE/0kk6RafpDJ2ln+gc/UznyROEGIpQhioMwpgwRxgb5gxzhVeFucOrwzxh3jASXhPGhdeG+cLrwvxhgbBgWCiMDwuHRUIdmtCGFIZh0bBYGA2vD4uHN4QlwpJhqbB06MIyYUJ4Y1g2vCksF94clg9vCSuEt4YVw0rhw/dWCW8Lq4a3h9XCO8Lq4Z1hjbBmWCusHd4V1gnvDuuG94T1wnvDcuF9YYPw/rBh+EDYKHwwbBw+FDYJHw6bho+EzcLmYYuwZdgqfDRsHT4Wtgnbhu3Cx8P24RNhh/DJMDF8KuwYPv3L+vsW/uP1SWGfsG/4Yvhi6P09cl50fjQt+mF0QXRhND36UXRR9ONoRnRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEN0Y9T72jnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx+V1EXeNi3PXunzuOpffFXAFXSEX7wq7Ik4746wjF7qirpiLuutdcXeDK+FKulKutHOujEtwLV0r18q1do+5Nq6ta+ced4+7J9wT7kn3pHvKdXRPu07ub66ze8Z1cc+6Z91zrpvr7nq4511PNyHPr+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ35617muDlunpvn0lyaW+CyzhnT3SK3yGW4DLfELXHL3DK3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t8PtcDvdTrfL5/11UrfX7XP73H633x1wX7lM97U76L5xh9y37rD7zh1x37uj7pg77n5wJ9yP7qQ75U67M+6s+8mdcz+78867lMiEyMTI25FJkXcikyPvRqZEpkZSI9Mi0yPvRWZEZkZmRd6PzI58EJkTmRuZF5kfSYt8GFkQWRhJj3wUWRT5OJIRWRxZElkaWRZZHvG+8JbQF/XFfNRf74v7G3wJX9KX8qW982V8gr/Rl/U3+XL+Zl/e3+Ir+Ft9RV/JV/aP+Ga+uW/hW/pW/lHf2j/m2/i2vp1/3Lf3T/gO/kmf6J/yHf3TvpP/m+/sn/Fd/LO+q3/Od/PdfQ//vO/pX/C9fG+f5Pv4vv5F38/39wP8S36gf9kP8q/4wf5Vn+yH+KH+NT/Mv+6H+zf8CD/Sj4p504++eIkM432Kn+An+rf9JP+On+zf9VPOep/qp/np/j0/w8/0s/z7frb/wM/xc/08P9+n+Q/9Ar/Qp/uP/CL/sc/wiy/eVPYr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3O/wnfqf/1O/yu/0e/5nf6z/3+/wXfr//0h/wX/lM/7U/6L/xh/y3/rD/zh/x3/uj/pg/7n/wJ/yP/qQ/5U/7M/6s/8mf8z/78/w3a4wxxhhj/5IJl4bi92t+vZ3f5zI54jcb9wWAq7cWyvzt+qwzynX5fx33F/HtIwDwVO+uD15catRI+r/bZkgIis0FuPgvQVli4FK8GNrBE5AIbaHsZevvL7qfpT/On5T0m/mjtwDk+k1OLFyKL83/BQAmXWb+Rx8ftaBCeDruv5h/LkCJYpdycsKleDG0++X+Slso9w/qL9D6n9Sf88sUgDa/yckNl+JL9SfAY/A0JP5uS8YYY4wxxhhj7Ff9ReXOF68/L/6Pz7+/vs26Po9Xl3JywKX4n12fM8YYY4wxxhhj7Mp7pnuPJx9NTGzb+d8fVPt/yvqXB03hv2tmHlx24D3AxUcUAPyHEwJkDeRfeRSb/5J9JV946/z9qmVnfAD/M1r5Zwyu8C8mxhhjjDHG2J/u0kn/7x9XV6ogxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsG/orvk6Mv02AMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZYdvd/AgAA//8vzfwg") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 12m27.556038754s ago: executing program 0 (id=3658): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x41002, 0x1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local}, @IFLA_BR_GROUP_FWD_MASK={0x6}]}}}]}, 0x48}}, 0x0) 12m27.376651487s ago: executing program 0 (id=3660): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x4bfb, &(0x7f0000000000)) 12m26.862767425s ago: executing program 33 (id=3660): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x4bfb, &(0x7f0000000000)) 1m44.498504119s ago: executing program 6 (id=12462): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) getuid() 1m44.208049893s ago: executing program 6 (id=12467): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x9003000000000000, 0x40, &(0x7f0000000b40)=@raw={'raw\x00', 0x2, 0x3, 0x2c8, 0x0, 0x178, 0x178, 0x178, 0x178, 0x230, 0x230, 0x230, 0x230, 0x230, 0x3, 0x0, {[{{@uncond, 0x0, 0x158, 0x178, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "d9d9e63590ab5471c46924e95540949f0cd7e2b0a94d71d9d944acb7f0a1297674a95b30cee19db4c1725572ba928385b1635c89b58ae9a0e1ea500b26f006da3fa8a134552f7980e92de5a784cd4f46e799e191835d7d5ea776f04bef524e22f0bb6ed4b00f44ceb936943e13fa1caa6b4b159c673db1efa9a08b1ddc74ce6c", 0x43, 0x3}}, @common=@inet=@socket3={{0x28}, 0x51}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x98, 0xb8, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x328) 1m43.892396177s ago: executing program 6 (id=12471): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000100)={0x0, 0xf00, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x1401, 0x7fc32be5eb343aa7}, 0x5c}}, 0x0) 1m43.665628811s ago: executing program 6 (id=12474): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./bus\x00', 0x80, &(0x7f0000000000)={[{@nodecompose}, {@gid}, {@barrier}, {@creator={'creator', 0x3d, "d48258bc"}}, {@part={'part', 0x3d, 0x3}}, {@nls={'nls', 0x3d, 'cp775'}}]}, 0x5, 0x712, &(0x7f0000002100)="$eJzs3U9sW3cdAPDvc2wnTqXM29qtIKRGq6hgZW0SM1okBAEhlMOEKnHZNbTJGtXJqiRDaYVoBgyOcECohx2GUDjshHZAGuKAgDMIiSsq50rcKyQwes/Pju3EjtPmT9N9PtLz+733fn++77uff/GfVQ7gE2vuzShtRhJzF9/YSI8fbNXqD7Zqy63yaLNaIaLY3EWyEpH8OWI2mlt8Kj2Zd5f0G+f1hx+/f+H+h7XmUTHfsvqF3nblXXtoDBhhM99iMiJG8v0+Ffv1d32X/u7tq+ukHXeasPOtxMFxa+ywuZ/mfZ/vwMlxL2KktMv5asR4RIxFRPZSIF8dCkcc3oHb1yoHAAAAT6eRvSo89ygexUZMHE04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GxImr8ZmORboVWejKT1+//l/FyqXD7meAf7wh7X31u89NUjCgUAAAAAAAAADsFH+Rf35x7Fo9iIidb5RpJ95/9KdnA6ezwV78RaLMRqXIqNmI/1WI/VmI4oTXR0WN6YX19fnd7Z8peRtmw0GvfyljMRUd3RcuYIbhoAAAAAAAAAnl0/jLmYOO4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgUxJRau6y7XSrXI1CMSLGIqKc1tuM+EOrfKKMdh/+8bjiAAAAgKNTyfcTyf+ahUaSved/KXvfPxbvxEqsx1KsRz0W4kb2WUDzXX/h75u1+oOt2nK67ez46//eVxxZjxExEu/2GXkqq3Gm3WIuvhXfiYsxGddiNZbiezEf67EQk1FJbyLmI4lqpfnpRbUV5+7xznYdXeuN7VzP8dkskkosxlIW26W4Xs5Cz+8hHfNsx2i/K0f0jPhump3ka7khc3Sj47/Xz/PPZXKN54bs43BUszsvtTMyleY+z8bzg3O/z3nSO9J0FNqfQZ3eHiU97B2plfPv7ifn4/k+zfVPunN+0Hb9KO1f4/2q92ZiJgr57It4qTvntz97/4Xuxp//x5+u3Sys3Lq5uHbxEG/pUJVahd5M1Doy8fLg2Zdnop5mYnP4TJR6T4w9wX0coHQKpWtethQNuVp+MyvNxysdU/DtuBELcSWmYjquxlR8OWai1jXDznTltVhb7s5J9lwr7Fzf8uXrF4Vdgj//uY5KP+1Y645fmpfnYzuvnStdNbuWn5n9WUx1ZOmFwbNv338F0vE/nZfTMX7U/ovzNOjKRL42t6J7cXAmftVIH9fqK7dWb87fHnK8C/k+fdq+1702//og7ufxpfMlXXGL2VGWk0prvqTXXmxH252vcv6NS7NdYce1M+1r1ZiIpfh232dqOX8Nt7On5rWXO6/9c3vlLOevb1rXKrGYROtVTrwd9exVSI/Jo8kqAEMbf3W8XHlY+Wvlg8qPKzcrb4x9Y/Tq6GfKUfpL8fcjvy38pvCV5NX4IH4QE8cdKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAvW7ty9NV+vL6y2CzHWe+ZJC+W+Yw0uRGHPOlunhuswqhGDx0ryQvlg7/0kFirROvPfswfa80cRMaBO+YmHSPI59lr++1OHkJ+02wPpsPXDadmZxkjnpUbTvT7Ni61Wu/dcjLWx6DPoaPtZMPu36q35+n8aXXUqHRnrv2ac1F8OBLpdXl++fXntzt3Xlpbn31p4a2Fl5uqVq1dqX5r+4uXFpfrCVPPxuKMEDsPanbsjQ1U8deihAAAAAAAAAAAAAEPK/+//9cf+xwzFPeqUV9d2H/ncUd8qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcELNvRmlzUhieurSVHr8YKtWT7dWebtmMSIKEZF8v7lPzaYP1Y7ukn7jvP7w4/cv3P+wtt1XsVW/MKjdcDbzLSYjYiTf7210l2529ne9o7/Nxwovad9hmrDzpcfqBA7e/wMAAP//rIH7fA==") mount$afs(0x0, &(0x7f00000008c0)='./file0/../file0\x00', &(0x7f0000000900), 0x1, &(0x7f0000000080)={[{@dyn}]}) 1m43.144059779s ago: executing program 6 (id=12481): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x10, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000005c0)={r0, &(0x7f0000000540), 0x0}, 0x20) 1m42.415477579s ago: executing program 6 (id=12487): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x28, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x1}]}, 0x28}}, 0x40) 1m41.67167813s ago: executing program 34 (id=12487): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x28, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x1}]}, 0x28}}, 0x40) 5.511853448s ago: executing program 7 (id=13421): r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000900), 0x0, 0x0) ioctl$VFIO_CHECK_EXTENSION(r0, 0x3b65, 0x0) 5.161383454s ago: executing program 7 (id=13424): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000004c0)=ANY=[], &(0x7f0000000280)=0x28) 4.73238216s ago: executing program 7 (id=13427): r0 = socket$inet6(0xa, 0x2, 0x3a) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c) 4.354137736s ago: executing program 7 (id=13432): r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x7, 0x0, 0xa0) 3.963312321s ago: executing program 7 (id=13435): set_mempolicy(0x3, &(0x7f0000000580)=0x6, 0xd8) syz_clone(0x41000000, 0x0, 0x0, 0x0, 0x0, 0x0) 3.674068586s ago: executing program 4 (id=13439): mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000500)='./file1\x00', &(0x7f0000000080), 0x10000, &(0x7f0000000240)={[{@volatile}, {@index_off}]}) 3.611674526s ago: executing program 3 (id=13440): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, 0x0, &(0x7f0000000140)) 3.36404952s ago: executing program 3 (id=13443): r0 = syz_open_procfs$namespace(0x0, &(0x7f00000003c0)='ns/cgroup\x00') ioctl$NS_GET_USERNS(r0, 0xb701, 0x0) 3.080583944s ago: executing program 3 (id=13446): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x18, 0x0, 0x0) 2.995249405s ago: executing program 4 (id=13448): r0 = syz_open_dev$vbi(&(0x7f00000000c0), 0x0, 0x2) ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f0000000100)={0x5, "3cdc34c3d374c8922a2ce348c91ec209643b3a8b896508b4d743b0388d44d63a"}) 2.758634069s ago: executing program 3 (id=13450): pipe2$watch_queue(&(0x7f0000000780)={0xffffffffffffffff}, 0x80) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r0, 0x5761, &(0x7f00000007c0)) 2.492865983s ago: executing program 3 (id=13452): syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000000)='./bus\x00', 0x400, &(0x7f0000000480)=ANY=[], 0x1, 0x626f, &(0x7f000000f3c0)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxde+0k3lnn+XwkZ+Y3z4z3mXx3vLueGT8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Djc1VEXPlVWnAi4nPRj+hFLI3rlYhYWjmR1x9ExAux2RzPR8RwIaLKjc9GvB4RHx+PuP/gzup40fl99uP7f/nnH35y7Ef/+PPwzP/+eqv/xm7r3b792//+7e6j7y8AAACUqK7rukof80+mz/e9rjsFAMxEfv2vk7xcPXf1+pz1R61Wq9VHsG6qJ7vbLCJivbnN+D2D0/EAcMSsxyddd4EOyb9og4g41nUngLlWdd0BDsX9B3dWq5Rv1Xw9WNlqz9eC7Mh/vdq+v2O36TTta0xm9fzaiH48t0t/lmbUh3mS8++187+y1T5K6x12/rOyW/6jrVufipPz77fzb3l68u9NzL9UOf/BgfLvyx8AAAAAAOZY/v3/iY7P/y48/q7sy17nf1dm1AcAAAAAAAAAeNIed/y/bZXx/wAAAGBejT+rj/3u+MNlzWv9R7Fz+eUq4pnW+kBh0s0yy133AwAAAAAAAAAAAABKMti6hvdyFTGMiGeWl+u6Hn81teuDetztj7rS9x9K1vUPeQAA2PLx8da9/FXEYkRcTn/rb7i8vFzXi0vL9XK9tJDfz44WFuulxufaPB0vWxjt4w3xYFSPv9liY7umaZ+Xp7W3v9/4sUZ1fx8dm40OAweAiNh6NbrvFekpU9fPRtfvcjgaHP9PH8c/+9H18xQAAAA4fHVd11X6c94n0zn/XtedAgBmIr/+t88LqNVqtVqtfvrqpnqyu80iItab24zfMxiOHwCOmPX4pOsu0CH5F20QES903QlgrlVdd4BDcf/BndUq5Vs1Xw/S+O75WpAd+a9Xm9vl7SdNp2lfYzKr59dG9OO5Xfrz/Iz6ME9y/r12/le22kdpvcn5L0bEk8l/VnbLf7yfJzroT9dy/v12/i2HffzPykb0JuZfqpz/4ED59+UPAAAAAABzLP/+/8Rcnf8dPeruTLXX+d+VQ3tUAAAAAAAAADhc9x/cWc33vebz/1+YsJ77P59OOf9K/kXK+fda+X+1tV6/MX/v7Yf5/+fBndU/3vr35/N0v/kv5JkqPbOq9Iyo0iNVgzR9nL37rI1hfzR+pGHV6w/SNT/18N24FtdjLc7uWLeX/j8etp/b0T7u6XCzve5vtZ/f0T7Ybs/bX9jRPkxXOtVLuf10rMbP43q8s9k+bluYsv+LU9rrKe05/77jv0g5/0Hja5z/cmqvWtOxex/1PnPcN6eTHueta1/8zdnD352pNqK/vW9N4/17qYP+bP6fHBvFL2+u3Th9++qtWzfORZrsWHo+0uQJy/kP09f2z/+Xt9rzz/3m8Xrvo9GB858XGzHYNf+XG/Pj/X1lxn3rQs5/lL5y/u+k9snH/wHy7/1pZvuyH3sd/6920B8AAAAAAAAAAAAAAADYS13Xm7eIvhURF9P9P13dmwkAzFZ+/a+TvHxWdX/Gj6dWH/G6mrP+zLT+tJ6v/qjVR7Fuqid7s1lExN+b24zfM/x60jcDAObZpxHxr647QWfkX7D89/7G01NddwaYqZsffPjTq9evr9242XVPAAAAAAAAAIBHlcf/XGmM/3yqruu7rfV2jP/6dqw87vivgzyzPcDoLgNV9w++T3vZ6I36vcZw4y/GbuN/D7fn9hr/ezDl8YZT2kdT2hemtC9OaZ94o0dDzv/FxnjnpyLiZGv49Uce/3XO7DX+a3vM+xLk/F9qPJ/H+X+ltV4z//r3Rzn/3o78z9x6/xdnbn7w4WvX3r/63tp7az+7cO7c2QsXL166dOnMu9eur53d+rfDHh+unH8e+9p1oGXJ+efM5V+WnP+XUi3/suT8v5xq+Zcl55/f78m/LDn//NlH/mXJ+b+SavmXJef/tVTLvyw5/1dTLf+y5Py/nmr5lyXn/1qq5V+WnP/pVMu/LDn/M6neZ/5Lh90vZiPnn89wOf7LkvPPVzbIvyw5//Opln9Zcv4XUi3/suT8X0+1/MuS8/9GquVflpz/xVTLvyw5/2+mWv5lyflfSrX8y5Lz/1aq5V+WnP+3Uy3/suT830i1/MuS8/9OquVflpz/d1Mt/7Lk/L+XavmXJef/ZqrlX5aHf//fjBkzZvJM1z+ZAAAAAAAAAAAAAIC2WVxO3PU+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2cHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi7txi57voO4Gf25o0DiYGQOqkJG8cY42yy60t8oXUx4dpwKwmhpBds17s2C77htUugUe0oUCJhVFTRNjy0BYTavFRYFQ+0ApQH1KpSJWgf6AuiQuUhqgIKSJXaCrLVzPn//zszOzuz6x1vzpzz+UjJLztzZs6ZM2fO7nc33xkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa3fmm2U/Xsiyr1Wr5BZuy7CX1ecPEpsYlr39xtw8AAABYu180/v38zemCwyu4UdMy/3THd762sLCwkH1g+E9HP7+wkK6YyLLRDVnWuC66+sNHas3LBE9k47Whpq+Heqx+uMf1Iz2uH+1x/ViP6zf0uH68x/VLdsASN2S1dGfbGv+5Kd+l2S3ZaOO6bR1u9URtw1B936XbZrXGbRZGT2Rz2alsNptuWT5fttZY/ht31tf19iyua6hpXVvqR8hPHzset6EW9vG2lnUt3mf04zdmEz/76WPH//rCc7d1mj13Q8v95du5Y2t9Oz8ZLsm3tZZtSPskbudQ03Zu6fCcDLdsZ61xu/p/t2/n8yvczuHFzVxX7c/5eDbU+O/vNvbTSC3rsJ+2hMv+564syy4vbnb7MkvWlQ1lG1suGVp8fsbzI7J+H/VD6eXZSPfjdKHWcpzeuYLjtD5ntrUep+2vifj83xluN7LMNjQ/TT9+fKzpef/5wrUcp1H9US/3Wmk/Bvv9WinKMRiPi+82HvSTHY/BbeHxP7Z9+WOw47HT4RhMj7vpGNza6xgcGhtubHN6EmqN2yweg7talh9urKnWmM9u734MTl04fW5q/uOfuGfu9LGTsydnz+zZtWt6z759Bw4cmDoxd2p2Ov/3Ne7t4tuYDaXXwNaw7+Jr4LVtyzYfqgtfGlty/r3W1+F4l9fhprZl+/06HGl/cLX1eUEuPabz18b76jt9/MpQtsxrrPH87Fz76zA97qbX4UjT67Dj95QOr8ORFbwO68uc27myn1lGmv7ptA3Lfy9Y2zG4qekYbP95pP0Y7PfPI0U5BsfDcfH9nct/L9gStvfJydX+PDK85BhMDzece+qXpJ/3xw80Rqfj8vb6FTeOZRfnZ8/f++ixCxfO78rCWBevaDpW2o/XjU2PKVtyvA6t+ng9PHfHk7d3uHxT2Ffj99T/Nb7sc1VfZu+93Z+rxne3zvuz5dLdWRh9tt77s9N38/r+HMuyL3z78Qe/+dgX3rTs/qznzU9Orf1n8ZRLm86/o8ucf2PufyFfX7qrJ4ZHR/LX73DaO6Mt5+PWp2qkce6qNdb9/NTKzsej4Z/1Ph/f0uV8vLlt2X6fj0fbH1w8H9d6/bZjbdqfz/FwnJya7n4+ri+zefdqj8mRrufju8Kshf3/upAUUi5qOnaWO27TukZGRsPjGolraD1O97QsPxqyWX1dT+++tuN0x135fQ2nR7dovY7TibZl+32cpt99LXec1nr99u3atD+f4+G4uGVP9+O0vswze9d+7rwh/mfTuXOs1zE4OjxW3+bRdBA2zvfZwg3xGLw3O56dzU5lM41rxxrHU62xrsn7VnYMjoV/1vtcubnLMbijbdl+H4Pp+9hyx15tZOmD74P253M8HBdP3df9GKwv8+b9/f3ZdUe4JC3T9LNr++/Xlvud1+1tu+l6HSsjYTu/vb/772bry5w6sNqc2X0/3R0uubHDfmp//S73mprJ1mc/bQ7b+dyB5fdTfXvqy3z+4AqPp8NZll366P2N3/eGv6/83cXvfa3l7y6d/qZz6aP3/+SlJ/5xNdsPwOB7IR8b8+91TX+ZWsnf/wEAAICBEHP/UJiJ/A8AAAClEXN//L/CE/kfAAAASiPm/pEwk4rk/81vfm7uhUtZauYvBPH6tBseyJeLHdfp8PXEwqL65fd/Zfa//+HSytY9lGXZzx/4g47Lb34gblduImzn1be0Xr7E1+5Z0bqPPnwprbe5v/7FcP/x8az0MOhUwZ3OsuwbN3+2sZ6JR6405jMPHG3MBy8/+UR9mecP5l/H2z/7inz5vwjl38MnjrXc/tmwH34U5vQ7Ou+PeLuvXnndlv3vX1xfvF1t602Nh/3UB/P7je+T87kn8uXjfl5u+7/5mae/Wl/+0dd03v5LQ523/+lwv18J839flS/f/BzUv463+1TY/ri+eLt7v/ytjtt/9dP58ufemi93NMy4/h3h621vfW6ueX89WjvW8riyt+XLxfVPf++PG9fH+4v3377940eutOyP9uPjmX/L72eqbfl4eVxP9Pdt66/fT/PxGdf/9B8dbdnPvdZ/9cFnX1W/3/b139223LmP7mysf/H+Wt+x6S8/9dmO64vbc/hvz7U8nsPvDa/jsP6nPhiOx3D9/13N76/93RWOvrf1/BOX/+KmSy2PJ3r7z/L1X33DycbcMH7Dxhtf8tKbLr+6vu+y7Lsb8vvrtf6Tf3W2Zfu/dGu+P+L1saPfvv7lxPWf/9jkmbPzF+dm0l597ObGe+e8M9+euL03h3Nr+9dHzl740Oz5iemJ6SybKO9b6F2zL4f5k3xc7r70wpIz6M6Hw/N5+59/Y+P2f/1MvPzf35dffuUd+fet14blPhcu3xSev9Wtf6mn7ry18fquPRO2cGHp+wWvxZZt/3VgRQuGx9/+c0E83s+98kON/VC/rvF9I76u17j9P5jJ7+frYb8uhHdm3nrr4vqal4/vjXDlofz1vub9F05z8Xn9m/B8v+tH+f3H7YqP9wfh55hvbW4938Xj4+uXhtrvv/EuHpfD+SS7nF8fl4r7+8rzt3bcvPg+JNnl2xpf/0m6n9tW9TCXM//x+alTc2cuPjp1YXb+wtT8xz9x5PTZi2cuHGm8l+eRD/e6/eL5aWPj/DQzu29v1jhbnc3HdfZib/+5h4/P7J/ePjN74tjFExcePjd7/uTx+fnjszPz24+dODH7sV63n5s5tGv3wT37d0+enJs5dODgwT0HJ+fOnK1vRr5RPeyb/sjkmfNHGjeZP7T34K777ts7PXn67Mzsof3T05MXe92+8b1psn7r3588P3vq2IW507OT83OfmD206+C+fbt7vhvg6XMn5iemzl88M3Vxfvb8VP5YJi40Lq5/7+t1e8pp/j/yn2fb1fI34svec/e+9P6sdV95fNm7yhdpewPR58J70fzzy84dWMnXMfePhplUJP8DAABAFcTcPxZmIv8DAABAacTcvyHMRP4HAACA0oi5fzzMpCL5v3T9/82XVrR+/X/9/+b9pf9fsf7/Q0Xr/+fnC/3//lhr/17/P9D/1//X/x+Y/v9C+IbU0v8f1/+nGIrW/4+5/4Ysq2T+BwAAgCqIuX9jmIn8DwAAAKURc/+NYSbyPwAAAJRGzP0vCTOpSP7X/9f/1//X/9f/77x+/f/BpP/fnf5/D/r/U1m1+v+X+7n9Pv9f/5+litb/j7n/pWEmFcn/AAAAUAUx998UZiL/AwAAQGnE3H9zmIn8DwAAAKURc/+mMJOK5H/9f/1//X/9f/3/zuvX/x9M+v/d6f/3oP/v8//1//X/6aui9f9j7n9ZmElF8j8AAABUQcz9Lw8zkf8BAACgeEau7WYx978izGRJ/r/GFQAAAAAvupj7b8naiuAV+fu//r/+f/H7/xvSdfr/+v9ZIfv/w5n+f3Ho/3en/9+D/r/+v/6//j99VbT+fyP3Z+PZK8NMKpL/AQAAoApi7r81zET+BwAAgNKIuf+XwkzkfwAAACiNmPs3h5lUJP/r/+v/F7//7/P/9f+L3v/3+f9Fov/fnf5/D/r/+v/6//r/9FXR+v8x998WZlKR/A8AAABVEHP/7WEm8j8AAACURsz9vxxmIv8DAABAacTcvyXMpCL5X/+/4P3/2BzV/9f/1//X/9f/XxH9/+70/3vQ/9f/1//X/6evitb/j7n/VWEmFcn/AAAAUAUx998RZiL/AwAAQGnE3P/qMBP5HwAAAEoj5v6JMJOK5H/9/4L3//Me/NjEI8OZ/r/+v/5/6+PR/9f/70T/vzv9/x7Cae7HWZbp/+v/6//r/7N2Rev/x9x/Z5hJRfI/AAAAVEHM/VvDTOR/AAAAKI2Y++8KM5H/AQAAoDRi7t8WZlKR/K//PxD9/3R7/X/9f/1//X/9/+70/7vT/+/B5//r/+v/6//TV0Xr/8fc/5owk4rkfwAAAKiCmPu3h5nI/wAAAFAaMfe/NsxE/gcAAIDSiLl/R5hJRfK//r/+v/6//r/+f+f16/8PJv3/7vT/e9D/1//X/9f/p6+K1v+Puf91YSYVyf8AAABQBTH37wwzkf8BAACgNGLuvzvMRP4HAACA0oi5fzLMpCL5X/9f/1//X/9f/7/z+vX/B5P+f3f6/z3o/+v/6//r/9NXRev/x9x/T5hJRfI/AAAAVEHM/feGmcj/AAAAUBox90+Fmcj/AAAAUBox90+HmVQk/+v/6//r/+v/r6r//+rF+9X/z+n/F4v+f3f6/z3o/+v/v+j9/1H9f0qlaP3/mPt3hZlUJP8DAABAFcTcvzvMRP4HAACA0oi5f0+YifwPAAAApRFz/94wk4rkf/1//X/9f/1/n//fef36/4NJ/7+7/vf/40PU/9f/1//3+f/6/yxVtP5/zP33hZlUJP8DAABAFcTcvy/MRP4HAACA0oi5f3+YifwPAAAApRFz/4Ewk4rkf/1//X/9f/1//f/O69f/H0z6/935/P8eitf/f0Pzzdez/19fl/6//r/+P6v30B82f1W0/n/M/QfDTCqS/wEAAKAKYu5/fZiJ/A8AAAClEXP/r4SZdM//G67vVgEAAAD9FHP/r4aZVOTv//r/+v/6//r/+v+d16//P5j0/7vT/++heP3/Fj7/v9jbr/+v/89SRev/x9x/KMykIvkfAAAAqiDm/l8LM5H/AQAAoDRi7n9DmIn8DwAAAKURc//hMINOde5S0v/X/9f/1//X/++8/vXu/4/F+9X/XxP9/+70/3vQ/9f/1//X/6evitb/j7n/jWEm/v4PAAAApRFz//1hJvI/AAAAlEbM/W8KM5H/AQAAoDRi7n9zmElF8r/+v/6//r/+v/5/5/X7/P/BpP/fnf5/D/r/+v/6//r/9FXR+v8x978lzKQi+R8AAACqIOb+t4aZyP8AAABQGjH3vy3MRP4HAACA0oi5/+1hJhXJ//r/+v/6//r/+v+d16//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+Xw8zqUj+BwAAgCqIuf+BMBP5HwAAAEoj5v53hJnI/wAAAFAaMfe/M8ykIvlf/1//X/9f/1//v/P69f8Hk/5/dwPW///FTeFy/f+c/n+xt3+1/f+Rtq+vS///h8v1/xc2tN9e/5/roWj9/5j73xVmUpH8DwAAAFUQc/+7w0zkfwAAACiNmPvfE2bSlP/7+j/eAQAAAOsu5v7fCDOpyN//C9L/b6/7rnP/f7G9rP+v/9+4QP9f/1//f2Dp/3c3YP1/n//fRv+/2Nvv8//1/1mqaP3/mPvfG2ZSkfwPAAAAVRBz/4NhJvI/AAAAlEbM/Q+Fmcj/AAAAUBox978vzKQi+b8g/f+l2+Xz/xv0//X/9f/1//X/V0f/vzv9/x70//X/i9b//0/9fwZb0fr/Mfc/HGZSkfwPAAAAVRBz//vDTOR/AAAAKI2Y+38zzET+BwAAgNKIuf8DYSYVyf/6/4PS/58Y0P7/4/r/17H/f8dN+XL6//r/LNL/707/vwf9f/3/ovX/ff4/A65o/f+Y+x8JM1l5/h9f8ZIAAADAdTSy7DUx9/9WmElF/v4PAAAAVRBz/2+Hmcj/AAAAUBox9/9OmElF8r/+/6D0/33+f6b/7/P/2x6P/r/+fyfr1/+PZx79f/1//f9I/7+q/f/8O6P+P50Urf8fc//vhplUJP8DAABAFcTc/8EwE/kfAAAABkKn/ye7Xcz9R8JM5H8AAAAojZj7j4aZVCT/6//r/+v/F7T//2db/+X733n30V36//r/+v+rsq6f/19/8fv8f/1//f9kUPr/tWU+Gkz/3+f/039F6//H3H8szKQi+R8AAACqIOb+3wszkf8BAACgNGLuPx5mIv8DAABAacTcPxNmUpH8r/+v/6//X9D+/wB//n/cH/r/rfrW/48nXf3/jta1///+xZ64/v9q+/9jHS/V/9f/H+Tt1//X/2epovX/Y+6fDTOpSP4HAACAKgi5f+hEPhevkP8BAACgNGLuPxlmIv8DAABAacTc/6Ewk4rkf/1//X/9f/1/n//fef3d+v+1EZ//X1T6/90Vp//fmf6//v8gb7/+v/4/SxWt/x9z/1yYSUXyPwAAAFRBzP0fDjOR/wEAAKA0Yu7/SJiJ/A8AAAClEXP/qTCTiuR//X/9f/1//X/9/87rL+zn/+v/d6X/353+fw/6//r/+v/6//TV/7N3Z0+W1ncdx08zA9NTWKV3XnhjlZf+CVzItd7rhTdeaJVllaCi4s7gvqKouCYhIftCFgiEkITsG2QjITskIQnZV7IRktSk6P5+v709fU53zzl9nuf3e70u+DotPedkagLzmZ53nrH1/7n7fztu6WT/AwAAQA9y918Tt9j/AAAA0Izc/dfGLfY/AAAANCN3/+/ELZ3sf/2//r/Z/v8X9P+Hvb7+X//fMv3/fPr/BfT/+n/9v/6fpRpb/5+7/3fjlk72PwAAAPQgd//vxS32PwAAADQjd/91cYv9DwAAAM3I3f/7cUsn+39f/78x67P/z4xX/99S/+/5/4e+vv7/Evr/M/r/sTvd/v/Gp/7Jp//X/+v/g/7/SP3/ucM+X/9Pi8bW/+fu/4O4pZP9DwAAAD3I3f+HcYv9DwAAAM3I3X993GL/AwAAQDNy9/9R3NLJ/l/e8//Pb318ov1/0f/r/7c+oP/X/x/W/5/d+bb+f5w8/3++nvr/6x668prH7/6Ze47z+vp//b/n/+v/Wa6x9f+5+/84bulk/wMAAEAPcvf/Sdxi/wMAAEAzcvf/adxi/wMAAEAzcvf/WdzSyf5fXv8/6ef/F/2//n/rA/p//f9h/f8ve/7/2On/5+up/z/J6+v/9f/6f/0/y7Xu/j+/4/x27v4/j1s62f8AAADQg9z9fxG32P8AAADQjNz9N8Qt9j8AAAA0I3f/hbilk/2v/199//8j/b/+P67+X/+v/189/f98+v8F9P/6f/2//p+lWnf/v//buftvjFs62f8AAADQg9z9fxm32P8AAADQjNz9fxW32P8AAADQjNz9fx23dLL/9f+e/6//1//r/4dfX/8/Tfr/+fT/C+j/L7Wfv1z/P8H+P34hpf9nFY7Z/z855x/bS+n/c/f/TdzSyf4HAACAHuTu/9u4xf4HAACAZuTu/7u4xf4HAACAZuTu//u4pZP9r//X/+v/9f8n7v8P/tTbov8fpv8/Hfr/+UbT/2+cHfyw/n/y/b/n/0+x/w/6f1ZhbM//z93/D3FLJ/sfAAAAepC7/x/jljn7/9i/mQ8AAACsVe7+f4pbfP0fAAAAJi+rs9z9/xy3dLL/9f/6f/2//t/z/4dff17/f8+u96f/Hxf9/3yj6f8Pof/X/0/5/ev/9f8cNLb+P3f/v8Qtnex/AAAA6EHu/pviFvsfAAAAmpG7/1/jFvsfAAAAmpG7/9/ilk72/3D/v/P/1/8fjf5/7/vX/w///FhW/5/fo/5/bv9/tef/90n/P9/p9//n9P97v3/9/wqt+/033v+fX/T5+n+GjK3/z91/c9zSyf4HAACAHuTu//e4xf4HAACAZuTu/4+4xf4HAACAZuTu/8+4pZP9v+bn/994xWHvS/+/Rf+v//f8/3E+/3926v3/Wf3/Een/5/P8/wX0//p//b/n/7NUY+v/c/ffErd0sv8BAACgB7c8Mdva/f81m9n/AAAAMEW7/+zA/j9QGnL3/3fcYv8DAABAM3L3/0/c0sn+X3P/v6rn/1++6LX1//r/3T9e+n/9/9Drj6v/9/z/o9L/z6f/X0D/v4p+/mxj/f+th33+GPr/G/T/jMye/v++nY+vq//P3f+/cUsn+x8AAAB6kLv//+IW+x8AAACakbv//+MW+x8AAACakbv/aXFLJ/t/5f3/+cNfe4X9/0L6f/3/7h8v/b/+f+j19f/TpP+fT/+/gP7f8/89/1//z1Lt6f93WVf/n7v/6XFLJ/sfAAAAepC7/xlxi/0PAAAAzcjdf2vcYv8DAABAM3L3PzNu6WT/N/r8/4X0//r/3T9e+n/9/9Dr6/+nSf8/n/5/Af2//l//v7j/3/8v6qD/Z8jY+v/c/c+KWzrZ/wAAANCD3P23xS32PwAAADQjd/+z4xb7HwAAAJqRu/85cUsn+1//v9r+Pz+u/9f/z47T/8cn6P+36f/1/8cxtf5//39/Ttyvbwz9m+igQ/r/B37zwi/t/Yj+X/+v/9f/e/4/SzCK/v/izq8uc/c/N27pZP8DAABAD3L3Py9usf8BAACgGbn7nx+32P8AAADQjNz9L4hbjrn/f2qp7+r06P89/1//P8L+P+j/t+n/9f/HMbX+fz/P/9f/6/+n+/71//p/DhpF/7/r27n7Xxi3+Po/AAAANCN3/4viFvsfAAAAmpG7/8Vxi/0PAAAAzcjd/5K4pZP9r//X/+v/9f/6/+HXP2n/vzkbpv8/Hfr/+fT/C+j/9f+X2P8/tS30//p/doyt/8/df3vc0sn+BwAAgB7k7n9p3GL/AwAAQDNy978sbrH/AQAAoBm5+18et3Sy//X/+n/9v/5f/z/8+p7/P036//lW1f+fmVL/f8ecNzDU/188p//X/3v+v/6fExpb/5+7/xVxSyf7HwAAAHqQu/+OuMX+BwAAgGbk7r8zbrH/AQAAoBm5+18Zt3Sy//X/+n/9v/5f/z/8+vr/adL/z+f5/wt4/r/+X/+v/2epxtb/5+6/K27pZP8DAABAD3L33x232P8AAADQjNz9r4pb7H8AAABoRu7+e+KWTva//l//r//X/+v/h19f/z9Nq+v/Z+vr/x+77LjfzaH0/wvo//X/+n/9P0s1tv4/d/+r45ZO9j8AAAD0IHf/vXGL/Q8AAADNyN3/mrjF/gcAAIBm5O5/bdzSyf7X/+v/p9n/37w59P71//r/mf6/e57/P5/+fwH9v/5f/6//Z6nG1v/n7n9d3NLJ/gcAAIAe5O6/L26x/wEAAKAZuftfH7fY/wAAANCM3P1viFs62f/6/4b6/7M7r33y/n82m0b/7/n/M/1/C/3/5kz/v3T6//mO1v9frf/X/7fV/182a6j/P3/o5+v/GaOx9f+5+98Yt3Sy/wEAAKAHufvfFLfY/wAAANCA7T87k7v/zXGL/Q8AAADNyN3/lrilk/0//f7/3L5P7Lj/3/Hw9c0//1//P9P/t9D/14+q/n959P/zef7/Avr/Nvt/z//X/7M2Y+v/c/e/NW7pZP8DAABAD3L3vy1usf8BAACgGbn73x632P8AAADQjNz974hbOtn/0+//93+i/n92Sc//1/9vfUD/r//X/0+W/n8+/f8C+v+F/fzGIb/umen/9f/6fwaMrf/P3f/OuKWT/Q8AAAA9yN1/f9xi/wMAAEAzcvc/ELfY/wAAANCM3P3vils62f/6f/2//n+a/f+m/l//r/8fNJb+/6qrfvFB/b/+v8X+fx79v/5f/89+Y+v/c/e/O27pZP8DAABAD3L3vydusf8BAACgGbn73xu32P8AAADQjNz974tbOtn/B/v/y2fbheq2of4/GjX9/y76/73vX/8//PPD8//1//r/1RtL/+/5/yd7//p//f+U3/+x+v+fPfj5+n9aNLb+P3f/g3FLJ/sfAAAAepC7//1xi/0PAAAAzcjd/4G4xf4HAACAZuTufyhu6WT/e/6//l//r//X/w+/vv5/mvT/8+n/F9D/6/89///aXz+j/2d5xtb/5+7/YNyyNfx+7idO+B8TAAAAGJHc/R+KWzr5+j8AAAD0IHf/h+MW+x8AAACakbv/I3FLJ/tf/6//1//r//X/w6+v/58m/f98+v8F+un/N4c+uO5+/lKt+/030/97/j9LNLb+P3f/R+OWTvY/AAAA9CB3/8fiFvsfAAAAmpG7/+Nxi/0PAAAAzcjd/3Dc0sn+1//r/9vv/39N/7/v9fX/+v+W6f/z3+jD9P8L9NP/D1p3Pz/196//1/9z0Nj6/9z9j8Qtnex/AAAA6EHu/k/ELfY/AAAANCN3/yfjFvsfAAAAmpG7/1NxSyf7X//fV/+/Meux//f8f/2//r8n0+n/bzs79FHP/9f/6/+n+/71//p/Dhpb/5+7/9GNs13ufwAAAJiqX/n533rkqH/vo1t/3Zx9Om6x/wEAAKAZufs/E7fY/wAAANCM3P2fjVs62f/6/776/z6f/6//1//r/3synf5/mP5f/6//n+77X9z/D/2KcYf+nxaNrf/P3f9Y3LJr+A3+D/QAAAAAk5G7/3NxSydf/wcAAIAe5O7/fNxyYP9fPOKfagcAAADGJnf/F+KWTr7+r/8fef8/W1H/H3+f/n+b/l//P/T6+v9paq3/PzcbVf9/caOL/v8n65v6f/3/6J//v+ufMvp/xmhs/X/u/nvvmnW5/wEAAKBRe35H4Ytbf92cfSlusf8BAACgGbn7vxy32P8AAADQjNz9X4lbOtn/+v+R9/8nev7/+fq/PP+/8/7/ps3B19f/6/9b1lr/7/n/2x/3/P9t+v9xv/+19P+76P8Zo2P0/1uDdNX9f+7+r8Ytnex/AAAA6EHu/q/FLfY/AAAANCN3/9fjFvsfAAAAmpG7/xtxSyf7X/+/hv7/5nOz2Ur7/yM8/1//30f/f8jrt9P///SVF+7/1d+483b9PztOs//Pnwv6f/2//n+b/l//r/9nv7E9/z93/zfjlk72PwAAAPQgd//jcYv9DwAAAM3I3f+tuMX+BwAAgGbk7v923NLJ/tf/t/j8/2n2//ljvYb+/8L0+v9sinvv/z3/X/9/kOf/z6f/X0D/r//X/+v/Waqx9f+5+78Tt3Sy/wEAAKAHufu/G7fk/t849m/dAwAAACOTu/97cYuv/wMAAEAzcvc/Ebd0sv/1//r/sfT/yfP/dz7P8/+36f/1/8eh/59P/7+A/l//r//X/7NUY+v/c/d/P27pZP8DAABAD3L3Pxm32P8AAADQjNz9P4hb7H8AAABoRu7+H8Ytnex//f9S+v8z+v+971//v5f+P34+6P/1/6dA/z+f/v8pVxz+BvT/+n/9v/6fpRpb/5+7/8cBAAD//84VX2M=") truncate(&(0x7f0000000000)='./file1\x00', 0xe) 2.444458473s ago: executing program 4 (id=13453): r0 = syz_open_procfs(0x0, &(0x7f00000020c0)='net/igmp\x00') copy_file_range(r0, 0x0, r0, 0x0, 0x8000000000000001, 0x0) 1.896888882s ago: executing program 4 (id=13457): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x15}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}]}}}]}, 0x48}}, 0x0) 1.757328174s ago: executing program 5 (id=13458): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) timerfd_gettime(0xffffffffffffffff, 0x0) 1.717745044s ago: executing program 1 (id=13459): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getnexthop={0x20, 0x6a, 0x501, 0x0, 0x0, {0x0, 0x0, 0x0, 0x2}, [@NHA_MASTER={0x8}]}, 0x20}}, 0x0) 1.524148087s ago: executing program 5 (id=13460): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp6\x00') read$FUSE(r0, &(0x7f000001c280)={0x2020}, 0x771) 1.480747458s ago: executing program 1 (id=13461): r0 = socket(0x25, 0x1, 0x0) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f00000000c0), 0x4) 1.267312901s ago: executing program 4 (id=13462): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x556, 0x300, 0x2000, 0x4b0, 0xbbba, 0x0, 0x0, 0x0, {0x0, 0x8}, {}, {}, {0x0, 0xfffffffd}, 0x0, 0x3f0, 0x0, 0xd613, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) 1.224559702s ago: executing program 1 (id=13463): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x10, 0x0, &(0x7f0000000280)) 1.199262882s ago: executing program 5 (id=13464): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x701, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_NAT_REG_ADDR_MIN={0x8}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0xa}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc8}}, 0x0) 953.094436ms ago: executing program 1 (id=13465): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newtaction={0x80, 0x30, 0x1, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_ct={0x68, 0x1, 0x0, 0x0, {{0x7}, {0x40, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x0, 0x0, 0x0, 0x3}}, @TCA_CT_ACTION={0x6, 0x3, 0x28}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @private2={0xfc, 0x2, '\x00', 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0) 856.502687ms ago: executing program 7 (id=13466): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="580100001000130728bd700000000000ac1414aa0000000000000000000000002001000000000000000000000000000200020001000000000a00000084000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff01000000000000000000000000000100000000320000002001000000000000000000000000000104000000000000000000000001000000080000000000000001000000010000a8dcc228000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000020000000000000007000000000000000c000000000000000000000029bd7000000000000a000000000000000000000068001200726663343534332867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e000000080000000"], 0x158}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 832.216008ms ago: executing program 4 (id=13467): prlimit64(0x0, 0x6, &(0x7f0000000140)={0x8, 0xd11}, 0x0) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) 715.001299ms ago: executing program 5 (id=13468): r0 = socket(0x18, 0x3, 0x1) accept4$unix(r0, 0x0, 0x0, 0x800) 493.103842ms ago: executing program 1 (id=13469): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x70bd28, 0x25dfdbfe, {0x81, 0x80, 0x80, 0x6, 0xfc, 0x0, 0x0, 0x5}}, 0x1c}}, 0x884) 408.340463ms ago: executing program 5 (id=13470): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) 217.114596ms ago: executing program 3 (id=13471): io_submit(0x0, 0x1, &(0x7f00000004c0)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a) 130.431278ms ago: executing program 1 (id=13472): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'wlan0\x00', &(0x7f0000000080)=@ethtool_perm_addr={0x4b, 0x16, "000002000000372a7200"/22}}) 0s ago: executing program 5 (id=13473): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSETMODE(r0, 0x4b63, 0x4) kernel console output (not intermixed with test programs): mestamps until 2038-01-19 (0x7fffffff) [ 936.946427][T30319] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11478'. [ 936.996606][T30319] netlink: 44 bytes leftover after parsing attributes in process `syz.6.11478'. [ 937.089076][ T4262] EXT4-fs (loop3): unmounting filesystem. [ 937.527033][T30338] xt_hashlimit: invalid interval [ 938.333836][T30329] loop6: detected capacity change from 0 to 32768 [ 938.375854][T30329] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.11484 (30329) [ 938.393100][ T26] audit: type=1326 audit(1747272980.619:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30366 comm="syz.4.11502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 938.461454][T30329] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 938.493849][ T26] audit: type=1326 audit(1747272980.649:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30366 comm="syz.4.11502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 938.516749][T30329] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm [ 938.516824][T30329] BTRFS info (device loop6): metadata ratio 4 [ 938.516848][T30329] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_LZO (0x8) [ 938.646343][ T26] audit: type=1326 audit(1747272980.649:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30366 comm="syz.4.11502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 938.687675][T30372] befs: (nullb0): No write support. Marking filesystem read-only [ 938.696410][T30329] BTRFS info (device loop6): force lzo compression, level 0 [ 938.736315][T30329] BTRFS warning (device loop6): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 938.750325][T30372] befs: (nullb0): invalid magic header [ 938.752462][ T26] audit: type=1326 audit(1747272980.649:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30366 comm="syz.4.11502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 938.786682][T30329] BTRFS info (device loop6): trying to use backup root at mount time [ 938.825358][T30329] BTRFS info (device loop6): doing ref verification [ 938.856772][T30329] BTRFS info (device loop6): disabling tree log [ 938.863097][T30329] BTRFS info (device loop6): using free space tree [ 938.876900][ T26] audit: type=1326 audit(1747272980.649:1921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30366 comm="syz.4.11502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 938.941184][T30377] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check. [ 939.028096][T30386] loop1: detected capacity change from 0 to 8 [ 939.081052][ T4383] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 939.152627][T30375] loop4: detected capacity change from 0 to 4096 [ 939.232783][T30375] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 939.254790][T30400] netlink: 'syz.5.11512': attribute type 1 has an invalid length. [ 939.387235][T30405] loop1: detected capacity change from 0 to 1024 [ 939.436556][T26770] BTRFS warning (device loop6): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0 [ 939.541070][T30405] hfsplus: bad catalog entry type [ 939.546783][T30375] ntfs3: loop4: failed to convert "c46c" to iso8859-3 [ 939.586364][T30329] BTRFS warning (device loop6): couldn't read tree root [ 939.593506][T30329] BTRFS warning (device loop6): try to load backup roots slot 1 [ 939.624267][ T4319] BTRFS warning (device loop6): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0 [ 939.678732][T30329] BTRFS warning (device loop6): couldn't read tree root [ 939.685760][T30329] BTRFS warning (device loop6): try to load backup roots slot 2 [ 939.722473][ T4319] hfsplus: b-tree write err: -5, ino 4 [ 939.763225][T30329] BTRFS error (device loop6): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7 [ 939.826376][T30329] BTRFS warning (device loop6): couldn't read tree root [ 939.833377][T30329] BTRFS warning (device loop6): try to load backup roots slot 3 [ 939.946313][ T26] audit: type=1326 audit(1747272982.169:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30416 comm="syz.4.11519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 939.948824][T30329] BTRFS info (device loop6): enabling ssd optimizations [ 940.046686][ T26] audit: type=1326 audit(1747272982.179:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30416 comm="syz.4.11519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 940.069217][T30329] BTRFS info (device loop6): rebuilding free space tree [ 940.107983][T30329] BTRFS info (device loop6): checking UUID tree [ 940.246968][ T26] audit: type=1326 audit(1747272982.179:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30416 comm="syz.4.11519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 940.372204][ T26] audit: type=1326 audit(1747272982.179:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30416 comm="syz.4.11519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 940.408064][T30433] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6 [ 940.428935][T12929] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 940.747958][ T26] audit: type=1400 audit(1747272982.979:1926): apparmor="DENIED" operation="change_hat" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=30440 comm="syz.5.11530" [ 940.836406][ T7176] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop6 scanned by udevd (7176) [ 940.884525][ T4243] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 941.109837][ T4243] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 941.139804][ T4243] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 941.187968][ T4243] usb 2-1: config 0 descriptor?? [ 941.238163][T30453] loop3: detected capacity change from 0 to 128 [ 941.299387][T30453] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 941.369428][T30455] netlink: 'syz.6.11527': attribute type 21 has an invalid length. [ 941.434566][T30455] netlink: 132 bytes leftover after parsing attributes in process `syz.6.11527'. [ 941.629907][ T4243] usb 2-1: Cannot set MAC address [ 941.635210][ T4243] MOSCHIP usb-ethernet driver: probe of 2-1:0.0 failed with error -71 [ 941.688625][ T4243] usb 2-1: USB disconnect, device number 44 [ 941.815708][T30466] netlink: 'syz.5.11540': attribute type 21 has an invalid length. [ 942.050897][T30472] loop6: detected capacity change from 0 to 256 [ 942.079696][T30472] exfat: Deprecated parameter 'namecase' [ 942.105925][T30472] exfat: Deprecated parameter 'namecase' [ 942.164462][T30472] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d) [ 942.433712][T30482] loop4: detected capacity change from 0 to 2048 [ 942.518293][T30482] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 943.341951][T30511] netlink: 'syz.3.11562': attribute type 1 has an invalid length. [ 943.366487][T30511] netlink: 112865 bytes leftover after parsing attributes in process `syz.3.11562'. [ 943.391123][T30503] loop1: detected capacity change from 0 to 4096 [ 943.412799][T30515] netlink: 45 bytes leftover after parsing attributes in process `syz.5.11563'. [ 943.427524][T30503] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 943.531417][T30503] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 944.681837][T30521] loop3: detected capacity change from 0 to 32768 [ 944.688460][T30546] loop6: detected capacity change from 0 to 8192 [ 944.710920][T30546] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 944.741199][T30546] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal [ 944.766393][T30546] REISERFS (device loop6): using ordered data mode [ 944.772963][T30546] reiserfs: using flush barriers [ 944.836411][T30546] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 944.859914][T30546] REISERFS (device loop6): checking transaction log (loop6) [ 944.900345][T30521] syz.3.11567: attempt to access beyond end of device [ 944.900345][T30521] loop3: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 944.939332][T30546] REISERFS (device loop6): Using r5 hash to sort names [ 944.963307][T30521] metapage_write_end_io: I/O error [ 945.002865][T30521] blkno = 8ed2c, nblocks = 1 [ 945.036631][T30521] ERROR: (device loop3): dbUpdatePMap: blocks are outside the map [ 945.036631][T30521] [ 945.085261][T30521] ERROR: (device loop3): remounting filesystem as read-only [ 945.097340][T30560] binder: 30558:30560 ioctl c0306201 200000000640 returned -14 [ 945.144072][T30521] blkno = 8ed2c, nblocks = 1 [ 945.178414][T30521] ERROR: (device loop3): dbUpdatePMap: blocks are outside the map [ 945.178414][T30521] [ 945.442919][ T106] blkno = 8ed2c, nblocks = 4 [ 945.448134][ T106] ERROR: (device loop3): dbUpdatePMap: blocks are outside the map [ 945.448134][ T106] [ 945.506820][ T4262] syz-executor: attempt to access beyond end of device [ 945.506820][ T4262] loop3: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 945.566643][ T4262] metapage_write_end_io: I/O error [ 945.572125][ T4262] JFS: metapage_get_blocks failed [ 945.605969][ T4262] JFS: metapage_get_blocks failed [ 945.617106][ T4262] JFS: metapage_get_blocks failed [ 945.631529][T30574] loop4: detected capacity change from 0 to 512 [ 945.646752][ T4262] JFS: metapage_get_blocks failed [ 945.757859][T30574] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.11592: Invalid block bitmap block 0 in block_group 0 [ 945.806366][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 945.814495][T30574] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 945.846864][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 945.853438][T30574] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.11592: attempt to clear invalid blocks 983260 len 1 [ 945.937170][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 945.943802][T30574] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.11592: invalid indirect mapped block 2683928664 (level 0) [ 946.026963][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.072861][T30574] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.11592: invalid indirect mapped block 1701603686 (level 1) [ 946.093448][T30584] cgroup: Unknown subsys name 'pcr' [ 946.148414][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.155102][T30574] EXT4-fs error (device loop4): __ext4_get_inode_loc:4507: comm syz.4.11592: Invalid inode table block 0 in block_group 0 [ 946.250894][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.266221][T30574] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 946.301728][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.324639][T30574] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 946.346782][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.353531][T30590] netlink: 'syz.1.11600': attribute type 2 has an invalid length. [ 946.376303][T30574] EXT4-fs error (device loop4): __ext4_get_inode_loc:4507: comm syz.4.11592: Invalid inode table block 0 in block_group 0 [ 946.413835][T30592] IPv6: sit3: Disabled Multicast RS [ 946.422732][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.426870][T30590] netlink: 'syz.1.11600': attribute type 1 has an invalid length. [ 946.445798][T30574] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 946.464460][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.495423][T30574] EXT4-fs error (device loop4): ext4_truncate:4312: inode #13: comm syz.4.11592: mark_inode_dirty error [ 946.527456][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.534033][T30574] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 946.580166][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.615611][T30574] EXT4-fs (loop4): 1 truncate cleaned up [ 946.640214][T30574] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 946.750437][T30574] EXT4-fs error (device loop4): __ext4_get_inode_loc:4507: comm syz.4.11592: Invalid inode table block 0 in block_group 0 [ 946.776388][T30574] EXT4-fs (loop4): Remounting filesystem read-only [ 946.922695][ T4261] EXT4-fs (loop4): unmounting filesystem. [ 947.434580][T30614] loop4: detected capacity change from 0 to 64 [ 948.668495][T30654] sctp: [Deprecated]: syz.1.11632 (pid 30654) Use of int in maxseg socket option. [ 948.668495][T30654] Use struct sctp_assoc_value instead [ 948.715610][T30656] netlink: 'syz.4.11633': attribute type 2 has an invalid length. [ 949.020304][T30667] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 949.079000][T30636] loop6: detected capacity change from 0 to 32768 [ 949.463029][T30678] loop4: detected capacity change from 0 to 256 [ 949.516450][T30678] FAT-fs (loop4): Directory bread(block 64) failed [ 949.566622][T30678] FAT-fs (loop4): Directory bread(block 65) failed [ 949.573324][T30678] FAT-fs (loop4): Directory bread(block 66) failed [ 949.586664][T30678] FAT-fs (loop4): Directory bread(block 67) failed [ 949.619933][T30678] FAT-fs (loop4): Directory bread(block 68) failed [ 949.654715][T30678] FAT-fs (loop4): Directory bread(block 69) failed [ 949.677202][T30678] FAT-fs (loop4): Directory bread(block 70) failed [ 949.694227][T30678] FAT-fs (loop4): Directory bread(block 71) failed [ 949.718567][T30678] FAT-fs (loop4): Directory bread(block 72) failed [ 949.770520][T30678] FAT-fs (loop4): Directory bread(block 73) failed [ 950.554956][T30702] loop1: detected capacity change from 0 to 256 [ 950.646683][T30702] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 950.677128][T30702] FAT-fs (loop1): Filesystem has been set read-only [ 951.606366][ T4586] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 951.800441][ T4586] usb 4-1: New USB device found, idVendor=0c45, idProduct=608f, bcdDevice=b5.55 [ 951.836436][ T4586] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 951.870260][ T4586] usb 4-1: Product: syz [ 951.874488][ T4586] usb 4-1: Manufacturer: syz [ 951.907822][ T4586] usb 4-1: SerialNumber: syz [ 951.931934][ T4586] usb 4-1: config 0 descriptor?? [ 951.960041][ T4586] gspca_main: sonixb-2.14.0 probing 0c45:608f [ 952.196453][ T4243] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 952.351879][T30730] loop6: detected capacity change from 0 to 32768 [ 952.389880][ T4586] usb 4-1: USB disconnect, device number 39 [ 952.396520][ T4243] usb 2-1: Using ep0 maxpacket: 8 [ 952.404468][ T4243] usb 2-1: unable to get BOS descriptor or descriptor too short [ 952.406668][T30730] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 scanned by syz.6.11668 (30730) [ 952.447511][ T4243] usb 2-1: config 4 has an invalid interface number: 147 but max is 0 [ 952.485237][ T4243] usb 2-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 952.519014][ T4243] usb 2-1: config 4 has no interface number 0 [ 952.539099][T30730] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 952.541604][ T4243] usb 2-1: string descriptor 0 read error: -22 [ 952.565950][ T4243] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 952.586129][T30730] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm [ 952.606338][T30730] BTRFS info (device loop6): force zlib compression, level 3 [ 952.614051][ T4243] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 952.629295][T30730] BTRFS info (device loop6): force clearing of disk cache [ 952.664891][ T4243] usb 2-1: Found UVC 0.02 device (04f2:b746) [ 952.667346][T30730] BTRFS info (device loop6): setting nodatasum [ 952.683235][ T4243] usb 2-1: No valid video chain found. [ 952.738793][T30730] BTRFS info (device loop6): use zlib compression, level 3 [ 952.746092][T30730] BTRFS info (device loop6): allowing degraded mounts [ 952.785906][T30730] BTRFS info (device loop6): enabling disk space caching [ 952.806846][T30730] BTRFS info (device loop6): disk space caching is enabled [ 952.867209][ T4243] usb 2-1: USB disconnect, device number 45 [ 953.116555][T30730] BTRFS info (device loop6): enabling ssd optimizations [ 953.155095][T30730] BTRFS info (device loop6): rebuilding free space tree [ 953.225630][T30730] BTRFS info (device loop6): disabling free space tree [ 953.257909][T30730] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 953.295941][T30730] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 953.659193][T12929] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 953.702966][T30803] loop4: detected capacity change from 0 to 1024 [ 954.030677][ T4381] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop6 scanned by udevd (4381) [ 954.155360][ T26] audit: type=1326 audit(1747272996.379:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30813 comm="syz.5.11701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 954.257141][ T26] audit: type=1326 audit(1747272996.379:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30813 comm="syz.5.11701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 954.375442][ T26] audit: type=1326 audit(1747272996.379:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30813 comm="syz.5.11701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 954.523844][ T26] audit: type=1326 audit(1747272996.379:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30813 comm="syz.5.11701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 954.985331][T30839] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11710'. [ 954.994689][T30838] netlink: 'syz.4.11712': attribute type 1 has an invalid length. [ 955.026298][T30838] netlink: 220 bytes leftover after parsing attributes in process `syz.4.11712'. [ 955.066612][T30838] NCSI netlink: No device for ifindex 130997362 [ 955.116111][T30845] loop1: detected capacity change from 0 to 64 [ 955.603365][T30857] netlink: 'syz.3.11721': attribute type 21 has an invalid length. [ 955.622875][T30857] netlink: 132 bytes leftover after parsing attributes in process `syz.3.11721'. [ 955.905425][T30870] loop6: detected capacity change from 0 to 2048 [ 955.956394][T30873] netlink: 'syz.5.11728': attribute type 21 has an invalid length. [ 955.987238][T30870] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 956.366360][ T5187] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 956.578528][T30893] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11736'. [ 956.586621][ T5187] usb 5-1: config 0 has an invalid interface number: 95 but max is 0 [ 956.616561][T30893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11736'. [ 956.636018][ T5187] usb 5-1: config 0 has an invalid descriptor of length 185, skipping remainder of the config [ 956.686202][ T5187] usb 5-1: config 0 has no interface number 0 [ 956.692716][ T5187] usb 5-1: config 0 interface 95 altsetting 0 endpoint 0x1 has an invalid bInterval 114, changing to 10 [ 956.751474][ T5187] usb 5-1: config 0 interface 95 altsetting 0 endpoint 0x1 has invalid maxpacket 33648, setting to 1024 [ 956.793046][ T5187] usb 5-1: New USB device found, idVendor=7725, idProduct=b0a8, bcdDevice= 7.46 [ 956.818101][ T5187] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 956.832361][T30900] loop6: detected capacity change from 0 to 2048 [ 956.838883][ T5187] usb 5-1: Product: syz [ 956.843115][ T5187] usb 5-1: Manufacturer: syz [ 956.857451][T30900] EXT4-fs: inline encryption not supported [ 956.863399][ T5187] usb 5-1: SerialNumber: syz [ 956.871012][ T5187] usb 5-1: config 0 descriptor?? [ 956.912707][T30900] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 957.095829][ T5187] usb 5-1: MIDIStreaming interface descriptor not found [ 957.145228][ T5187] usb 5-1: USB disconnect, device number 50 [ 957.216351][ T34] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 957.428430][ T34] usb 7-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 957.466694][ T34] usb 7-1: config 0 has an invalid descriptor of length 16, skipping remainder of the config [ 957.477489][ T5194] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 957.504001][ T34] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 957.520935][ T34] usb 7-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 957.535561][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 957.545966][ T34] usb 7-1: config 0 descriptor?? [ 957.565517][ T34] usb-storage 7-1:0.0: USB Mass Storage device detected [ 957.590512][ T34] usb-storage 7-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 957.686474][ T5194] usb 4-1: Using ep0 maxpacket: 16 [ 957.699349][ T5194] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 957.742675][ T5194] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 957.773024][ T5194] usb 4-1: Product: syz [ 957.782563][ T5194] usb 4-1: Manufacturer: syz [ 957.792704][ T5194] usb 4-1: SerialNumber: syz [ 957.812604][ T5194] usb 4-1: config 0 descriptor?? [ 957.817993][ T34] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 957.845151][ T5187] usb 7-1: USB disconnect, device number 24 [ 957.868943][ T5194] ums-onetouch 4-1:0.0: USB Mass Storage device detected [ 958.020741][ T34] usb 2-1: Using ep0 maxpacket: 16 [ 958.030953][ T34] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4 [ 958.071204][ T34] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 958.102595][ T34] usb 2-1: Product: syz [ 958.107996][ T34] usb 2-1: Manufacturer: syz [ 958.114719][ T34] usb 2-1: SerialNumber: syz [ 958.135016][T30939] netlink: 'syz.5.11756': attribute type 11 has an invalid length. [ 958.135490][ T34] usb 2-1: config 0 descriptor?? [ 958.150172][T30907] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 958.184404][T30907] EXT4-fs (loop6): Remounting filesystem read-only [ 958.192928][ T5187] usb 4-1: USB disconnect, device number 40 [ 958.222710][ T34] usb_ehset_test: probe of 2-1:0.0 failed with error -32 [ 958.327058][T12929] EXT4-fs (loop6): unmounting filesystem. [ 958.437137][ T5187] usb 2-1: USB disconnect, device number 46 [ 958.538055][T30948] loop4: detected capacity change from 0 to 64 [ 958.565801][T30949] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead [ 958.585375][T30949] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD [ 959.042207][T30961] netlink: 'syz.5.11767': attribute type 4 has an invalid length. [ 959.091104][T30961] netlink: 48 bytes leftover after parsing attributes in process `syz.5.11767'. [ 959.120716][T30964] loop4: detected capacity change from 0 to 64 [ 959.536279][ T4586] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 959.746564][ T4586] usb 4-1: Using ep0 maxpacket: 16 [ 959.753817][ T4586] usb 4-1: config 0 has an invalid interface number: 99 but max is 0 [ 959.792728][ T4586] usb 4-1: config 0 has no interface number 0 [ 959.823065][ T4586] usb 4-1: config 0 interface 99 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 959.875217][ T4586] usb 4-1: config 0 interface 99 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 959.909350][ T4586] usb 4-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=63.0c [ 959.936460][ T4586] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 959.975036][ T4586] usb 4-1: Product: syz [ 959.980384][T30993] loop6: detected capacity change from 0 to 512 [ 959.997346][ T4586] usb 4-1: Manufacturer: syz [ 960.002043][ T4586] usb 4-1: SerialNumber: syz [ 960.051924][ T4586] usb 4-1: config 0 descriptor?? [ 960.059601][T30993] EXT4-fs (loop6): orphan cleanup on readonly fs [ 960.086384][T30993] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -13 [ 960.111175][T30968] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 960.129780][T30968] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 960.177013][T30993] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 960.198194][ T4586] usbtest 4-1:0.99: usb test device [ 960.203474][ T4586] usbtest 4-1:0.99: high-speed {control in/out bulk-in bulk-out} tests (+alt) [ 960.258305][T30993] EXT4-fs error (device loop6): ext4_clear_blocks:883: inode #13: comm syz.6.11783: attempt to clear invalid blocks 2 len 1 [ 960.334583][T30993] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.11783: invalid indirect mapped block 1819239214 (level 0) [ 960.414215][T30993] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.11783: invalid indirect mapped block 1819239214 (level 1) [ 960.445718][ T34] usb 4-1: USB disconnect, device number 41 [ 960.475219][T31009] loop4: detected capacity change from 0 to 256 [ 960.487201][T30993] EXT4-fs (loop6): 1 truncate cleaned up [ 960.506353][T30993] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 960.559210][T30993] EXT4-fs (loop6): unmounting filesystem. [ 961.141554][T31028] I/O error, dev loop6, sector 128 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2 [ 961.167036][T31028] gfs2: error 10 reading superblock [ 961.916559][ T34] usb 7-1: new full-speed USB device number 25 using dummy_hcd [ 962.119063][ T34] usb 7-1: config 4 has an invalid interface number: 231 but max is 0 [ 962.137797][ T34] usb 7-1: config 4 has no interface number 0 [ 962.178735][ T34] usb 7-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 962.208714][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 962.236249][ T34] usb 7-1: Product: syz [ 962.244287][T31064] loop4: detected capacity change from 0 to 1024 [ 962.251356][ T34] usb 7-1: Manufacturer: syz [ 962.256001][ T34] usb 7-1: SerialNumber: syz [ 962.304096][ T34] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 962.319119][T31064] hfsplus: failed to load root directory [ 962.590783][T31043] loop1: detected capacity change from 0 to 32768 [ 962.643028][T31043] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 962.696009][ T26] audit: type=1326 audit(1747273004.919:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31073 comm="syz.3.11822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62ac18e969 code=0x7ffc0000 [ 962.707502][ T34] vp7045: USB control message 'in' went wrong. [ 962.801229][ T34] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 962.816695][ T26] audit: type=1326 audit(1747273004.949:1932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31073 comm="syz.3.11822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f62ac18e969 code=0x7ffc0000 [ 962.856267][ T34] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 962.939955][ T34] usb 7-1: USB disconnect, device number 25 [ 962.967144][ T26] audit: type=1326 audit(1747273004.949:1933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31073 comm="syz.3.11822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62ac18e969 code=0x7ffc0000 [ 963.079565][ T26] audit: type=1326 audit(1747273004.949:1934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31073 comm="syz.3.11822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62ac18e969 code=0x7ffc0000 [ 963.127941][ T4381] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 963.356388][T31090] netlink: 'syz.3.11830': attribute type 1 has an invalid length. [ 963.512489][T31096] loop4: detected capacity change from 0 to 64 [ 963.703318][T31100] misc userio: Invalid payload size [ 964.625945][T31135] netlink: 'syz.4.11852': attribute type 11 has an invalid length. [ 964.764468][T31142] loop1: detected capacity change from 0 to 512 [ 964.925051][T31150] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11858'. [ 964.936518][T31142] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 964.956728][T31142] ext4 filesystem being mounted at /2274/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 965.147269][T31156] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11861'. [ 965.196577][T31156] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11861'. [ 965.264704][ T26] audit: type=1326 audit(1747273007.489:1935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31158 comm="syz.3.11863" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f62ac18e969 code=0x0 [ 965.294202][ T4252] EXT4-fs (loop1): unmounting filesystem. [ 965.520654][T31167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11868'. [ 965.676386][ T5187] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 965.876579][ T5187] usb 5-1: Using ep0 maxpacket: 8 [ 965.885661][ T5187] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 965.917094][ T5187] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 965.925139][ T5187] usb 5-1: Product: syz [ 965.939642][ T5187] usb 5-1: Manufacturer: syz [ 965.960830][ T5187] usb 5-1: SerialNumber: syz [ 965.991387][ T5187] usb 5-1: config 0 descriptor?? [ 966.020163][ T5187] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 966.421100][ T5187] gspca_zc3xx: reg_r err -71 [ 966.428514][ T5187] gspca_zc3xx: probe of 5-1:0.0 failed with error -71 [ 966.474856][ T5187] usb 5-1: USB disconnect, device number 51 [ 966.560707][T31203] netlink: 1096 bytes leftover after parsing attributes in process `syz.3.11885'. [ 966.839707][T31213] siw: device registration error -23 [ 966.870738][T31215] netlink: 'syz.5.11891': attribute type 1 has an invalid length. [ 966.879131][T31215] netlink: 224 bytes leftover after parsing attributes in process `syz.5.11891'. [ 966.945393][T31217] Bluetooth: hci0: Opcode 0x0c1a failed: -22 [ 967.958533][T31252] loop3: detected capacity change from 0 to 4096 [ 968.016972][T31252] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 968.037441][ C0] vkms_vblank_simulate: vblank timer overrun [ 968.102807][T31247] loop1: detected capacity change from 0 to 8192 [ 968.152999][T31247] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 968.208688][T31264] loop4: detected capacity change from 0 to 1024 [ 968.224337][T31247] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 968.235714][T31247] REISERFS (device loop1): using ordered data mode [ 968.248939][T31247] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 968.252430][T31264] hfsplus: bad catalog entry type [ 968.265646][T31247] REISERFS (device loop1): checking transaction log (loop1) [ 968.279124][T31247] REISERFS (device loop1): Using r5 hash to sort names [ 968.297536][T31247] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 968.370089][T31252] ntfs: volume version 3.1. [ 968.395508][T31247] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 968.476683][T31267] bond0: Error: Cannot enslave bond to itself. [ 968.586929][ T46] hfsplus: b-tree write err: -5, ino 4 [ 968.859760][T31276] openvswitch: netlink: EtherType 0 is less than min 600 [ 968.946594][ T4269] Bluetooth: hci0: command 0x0c1a tx timeout [ 969.412868][T31287] loop3: detected capacity change from 0 to 4096 [ 969.449611][T31287] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 969.811699][T31302] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11933'. [ 970.099787][ T126] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 970.306563][ T126] usb 4-1: Using ep0 maxpacket: 8 [ 970.313907][ T126] usb 4-1: config 0 has an invalid interface number: 63 but max is 0 [ 970.327188][T31318] loop6: detected capacity change from 0 to 256 [ 970.348439][ T126] usb 4-1: config 0 has no interface number 0 [ 970.385132][ T126] usb 4-1: New USB device found, idVendor=f65e, idProduct=3868, bcdDevice=c6.17 [ 970.405467][ T126] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 970.444627][T31318] FAT-fs (loop6): Directory bread(block 64) failed [ 970.473484][ T126] usb 4-1: config 0 descriptor?? [ 970.479292][T31318] FAT-fs (loop6): Directory bread(block 65) failed [ 970.485955][T31318] FAT-fs (loop6): Directory bread(block 66) failed [ 970.518225][ T126] usb-storage 4-1:0.63: USB Mass Storage device detected [ 970.542963][T31318] FAT-fs (loop6): Directory bread(block 67) failed [ 970.560704][T31318] FAT-fs (loop6): Directory bread(block 68) failed [ 970.567927][T31318] FAT-fs (loop6): Directory bread(block 69) failed [ 970.581263][T31318] FAT-fs (loop6): Directory bread(block 70) failed [ 970.588099][T31318] FAT-fs (loop6): Directory bread(block 71) failed [ 970.594920][T31318] FAT-fs (loop6): Directory bread(block 72) failed [ 970.601916][T31318] FAT-fs (loop6): Directory bread(block 73) failed [ 970.735551][ T4586] usb 4-1: USB disconnect, device number 42 [ 971.047940][T31339] xt_TCPMSS: Only works on TCP SYN packets [ 971.710918][T31358] tmpfs: Bad value for 'mpol' [ 972.070048][T31337] loop4: detected capacity change from 0 to 32768 [ 972.201513][T31337] XFS (loop4): Mounting V5 Filesystem [ 972.283291][T31383] delete_channel: no stack [ 972.462775][T31337] XFS (loop4): Ending clean mount [ 972.726581][ T4261] XFS (loop4): Unmounting Filesystem [ 972.745281][T31395] loop1: detected capacity change from 0 to 2048 [ 972.900976][T31399] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 972.920484][T31395] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 973.936633][ T126] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 974.136474][ T126] usb 4-1: Using ep0 maxpacket: 16 [ 974.143481][ T126] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 974.197007][ T126] usb 4-1: New USB device found, idVendor=0979, idProduct=0227, bcdDevice=36.cd [ 974.225070][ T126] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.253082][ T126] usb 4-1: Product: syz [ 974.268002][ T126] usb 4-1: Manufacturer: syz [ 974.272656][ T126] usb 4-1: SerialNumber: syz [ 974.298572][ T126] usb 4-1: config 0 descriptor?? [ 974.310698][ T126] gspca_main: jl2005bcd-2.14.0 probing 0979:0227 [ 974.324055][ T126] command write [95] error -22 [ 974.572969][ T126] usb 4-1: USB disconnect, device number 43 [ 974.666684][T31449] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11999'. [ 974.887779][T31456] siw: device registration error -23 [ 974.997709][ T26] audit: type=1800 audit(1747273017.219:1936): pid=31438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.6.11996" name="/newroot/1640/file0" dev="tmpfs" ino=8382 res=0 errno=0 [ 975.236219][T31464] sctp: [Deprecated]: syz.5.12006 (pid 31464) Use of struct sctp_assoc_value in delayed_ack socket option. [ 975.236219][T31464] Use struct sctp_sack_info instead [ 975.527438][T31475] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 975.547790][T31468] loop6: detected capacity change from 0 to 4096 [ 975.608264][T31468] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 976.509866][T31508] CIFS mount error: No usable UNC path provided in device string! [ 976.509866][T31508] [ 976.543644][T31508] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 977.031128][T31523] loop6: detected capacity change from 0 to 128 [ 977.077868][T31523] VFS: Found a Xenix FS (block size = 1024) on device loop6 [ 977.230636][T12929] sysv_free_block: flc_count > flc_size [ 977.261346][T12929] sysv_free_block: flc_count > flc_size [ 977.276209][T12929] sysv_free_block: flc_count > flc_size [ 977.283586][T12929] sysv_free_block: flc_count > flc_size [ 977.307395][T12929] sysv_free_block: flc_count > flc_size [ 977.313093][T12929] sysv_free_block: flc_count > flc_size [ 977.338767][T12929] sysv_free_block: flc_count > flc_size [ 977.344377][T12929] sysv_free_block: flc_count > flc_size [ 977.376242][T12929] sysv_free_block: flc_count > flc_size [ 977.381859][T12929] sysv_free_block: flc_count > flc_size [ 977.432904][T12929] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 978.052894][T31551] loop4: detected capacity change from 0 to 1024 [ 978.465741][T31564] netlink: 32 bytes leftover after parsing attributes in process `syz.6.12055'. [ 978.507501][T31564] netlink: 40 bytes leftover after parsing attributes in process `syz.6.12055'. [ 978.958944][T31582] loop3: detected capacity change from 0 to 8 [ 979.040650][T31578] loop6: detected capacity change from 0 to 8192 [ 979.079512][T31585] netlink: 'syz.5.12064': attribute type 10 has an invalid length. [ 979.102819][T31585] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 979.129578][T31585] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 979.149191][T31585] team0: Port device hsr0 added [ 979.155818][T31578] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 979.224612][T31589] loop4: detected capacity change from 0 to 8192 [ 979.232913][T31578] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal [ 979.242562][T31578] REISERFS (device loop6): using ordered data mode [ 979.249272][T31578] reiserfs: using flush barriers [ 979.271584][T31592] netlink: 'syz.1.12066': attribute type 1 has an invalid length. [ 979.279916][T31578] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 979.296287][T31589] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 979.297003][T31578] REISERFS (device loop6): checking transaction log (loop6) [ 979.309494][T31589] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 979.309585][T31589] REISERFS (device loop4): using ordered data mode [ 979.309597][T31589] reiserfs: using flush barriers [ 979.338490][T31592] netlink: 'syz.1.12066': attribute type 3 has an invalid length. [ 979.351895][T31589] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 979.386533][T31592] netlink: 224 bytes leftover after parsing attributes in process `syz.1.12066'. [ 979.392370][T31589] REISERFS (device loop4): checking transaction log (loop4) [ 979.460737][T31589] REISERFS (device loop4): Using r5 hash to sort names [ 979.507595][T31578] REISERFS (device loop6): Using tea hash to sort names [ 979.514974][T31578] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage. [ 979.566860][T31589] REISERFS warning (device loop4): super-6502 reiserfs_getopt: unknown mount option "01777777777777777777777<LqQ·χ [ 979.566860][T31589] OQ6b" [ 979.589334][ C0] vkms_vblank_simulate: vblank timer overrun [ 980.526325][ T34] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 980.614980][T31594] loop3: detected capacity change from 0 to 32768 [ 980.738364][ T34] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 980.765450][ T34] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 980.807280][ T34] usb 2-1: config 0 descriptor?? [ 980.838111][ T34] cp210x 2-1:0.0: cp210x converter detected [ 980.995404][T31627] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 981.024413][ T34] usb 2-1: cp210x converter now attached to ttyUSB0 [ 981.106540][ T4586] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 981.236647][ T34] usb 2-1: USB disconnect, device number 47 [ 981.279528][ T34] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 981.304454][ T4586] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 981.325647][ T34] cp210x 2-1:0.0: device disconnected [ 981.356392][ T4586] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 981.384809][ T4586] usb 5-1: Product: syz [ 981.394943][ T4586] usb 5-1: Manufacturer: syz [ 981.405063][ T4586] usb 5-1: SerialNumber: syz [ 981.440170][ T4586] usb 5-1: config 0 descriptor?? [ 981.654008][ T4586] hso 5-1:0.0: Can't find BULK IN endpoint [ 981.661042][ T4586] usb-storage 5-1:0.0: USB Mass Storage device detected [ 981.894623][ T126] usb 5-1: USB disconnect, device number 52 [ 982.163456][T31660] loop1: detected capacity change from 0 to 2048 [ 982.184042][T31660] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 982.392353][ T26] audit: type=1400 audit(1747273024.619:1937): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3A pid=31663 comm="syz.3.12100" [ 982.419390][ C0] vkms_vblank_simulate: vblank timer overrun [ 982.775517][T31674] dlm: no locking on control device [ 982.879250][T31677] loop1: detected capacity change from 0 to 512 [ 982.911379][T31679] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 982.962594][T31677] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 983.002446][T31677] ext4 filesystem being mounted at /2328/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 983.048374][ T26] audit: type=1326 audit(1747273025.279:1938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31686 comm="syz.5.12109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 983.055751][T31655] loop6: detected capacity change from 0 to 32768 [ 983.070929][ C0] vkms_vblank_simulate: vblank timer overrun [ 983.166242][ T26] audit: type=1326 audit(1747273025.349:1939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31686 comm="syz.5.12109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 983.167392][T31655] XFS: attr2 mount option is deprecated. [ 983.277206][ T26] audit: type=1326 audit(1747273025.349:1940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31686 comm="syz.5.12109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 983.280906][ T4252] EXT4-fs (loop1): unmounting filesystem. [ 983.364401][T31655] XFS (loop6): Mounting V5 Filesystem [ 983.423587][ T26] audit: type=1326 audit(1747273025.349:1941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31686 comm="syz.5.12109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 983.447172][ T26] audit: type=1326 audit(1747273025.349:1942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31686 comm="syz.5.12109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 983.546304][T31655] XFS (loop6): Ending clean mount [ 983.664871][T31655] XFS (loop6): Quotacheck needed: Please wait. [ 983.890765][T31655] XFS (loop6): Quotacheck: Done. [ 983.906558][T31655] XFS (loop6): Unmounting Filesystem [ 983.983544][ C0] vkms_vblank_simulate: vblank timer overrun [ 984.229064][T31727] x_tables: duplicate underflow at hook 3 [ 985.124002][T31758] netlink: 'syz.3.12140': attribute type 1 has an invalid length. [ 985.279735][T31752] loop6: detected capacity change from 0 to 4096 [ 985.325029][T31752] EXT4-fs (loop6): Test dummy encryption mode enabled [ 985.371018][T31752] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a042c018, mo2=0003] [ 985.386720][ T34] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 985.387799][T31752] System zones: 0-5 [ 985.434065][T31752] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 985.600569][ T34] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 985.617916][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 985.642520][ T34] usb 6-1: Product: syz [ 985.669749][ T34] usb 6-1: Manufacturer: syz [ 985.682331][ T34] usb 6-1: SerialNumber: syz [ 985.712947][ T34] usb 6-1: config 0 descriptor?? [ 985.719502][T12929] EXT4-fs (loop6): unmounting filesystem. [ 985.742443][ T34] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 986.142937][ T34] usb 6-1: USB disconnect, device number 37 [ 986.652496][T31810] loop4: detected capacity change from 0 to 8 [ 986.763338][T31810] SQUASHFS error: zlib decompression failed, data probably corrupt [ 986.845365][T31810] SQUASHFS error: Failed to read block 0x4e8: -5 [ 986.906382][T31810] SQUASHFS error: zlib decompression failed, data probably corrupt [ 986.914516][T31810] SQUASHFS error: Failed to read block 0x4ee: -5 [ 986.943040][T31810] SQUASHFS error: zlib decompression failed, data probably corrupt [ 986.948243][T31817] IPv6: sit2: Disabled Multicast RS [ 986.991068][T31810] SQUASHFS error: Failed to read block 0x4ef: -5 [ 987.046253][ T26] audit: type=1800 audit(1747273029.269:1943): pid=31810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.12158" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 987.083458][T31823] loop6: detected capacity change from 0 to 512 [ 987.177603][T31823] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 987.245594][T31823] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 987.337242][T31823] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 987.385254][T31823] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 987.416384][T31823] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000] [ 987.434791][T31823] EXT4-fs (loop6): failed to initialize system zone (-117) [ 987.479726][T31830] loop4: detected capacity change from 0 to 1024 [ 987.485761][T31834] loop1: detected capacity change from 0 to 4096 [ 987.506367][T31834] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 987.516524][T31823] EXT4-fs (loop6): mount failed [ 987.578003][T31834] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 987.597647][T31830] hfsplus: bad catalog entry type [ 987.851317][ T4252] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 988.224578][T31852] loop4: detected capacity change from 0 to 16 [ 988.302980][T31852] erofs: (device loop4): mounted with root inode @ nid 36. [ 988.406870][T31852] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 988.496480][T31852] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -24 in[52, 4044] out[1851] [ 988.564875][T31852] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 988.799560][T31870] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12189'. [ 988.945262][T31876] loop1: detected capacity change from 0 to 512 [ 989.071448][T31876] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 989.115945][T31876] ext4 filesystem being mounted at /2348/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 989.586311][ T4252] EXT4-fs (loop1): unmounting filesystem. [ 989.791375][T31899] netlink: 88 bytes leftover after parsing attributes in process `syz.6.12202'. [ 990.099522][T31910] ALSA: mixer_oss: invalid OSS volume '' [ 990.355721][T31921] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12212'. [ 990.406418][ T34] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 990.584839][T31928] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12216'. [ 990.606524][ T34] usb 7-1: Using ep0 maxpacket: 32 [ 990.613595][ T34] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 990.626466][T31928] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12216'. [ 990.635275][ T34] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 990.656017][ T34] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 990.666406][T31928] netlink: 'syz.1.12216': attribute type 6 has an invalid length. [ 990.685052][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 990.739326][ T34] hub 7-1:4.0: USB hub found [ 990.789523][T31933] netlink: 'syz.5.12217': attribute type 10 has an invalid length. [ 990.841168][T31933] team0: Cannot enslave team device to itself [ 990.862685][T31935] netlink: 'syz.4.12219': attribute type 1 has an invalid length. [ 990.886373][T31935] netlink: 134744 bytes leftover after parsing attributes in process `syz.4.12219'. [ 990.956246][ T34] hub 7-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 991.126727][T31937] loop1: detected capacity change from 0 to 4096 [ 991.161487][T31937] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 991.212263][T31937] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 991.278552][T31937] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 991.297895][ T4301] usb 7-1: USB disconnect, device number 26 [ 991.354313][T31937] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 991.404945][T31937] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 991.465323][T31937] ntfs: volume version 3.1. [ 991.497870][T31937] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 991.532681][T31937] ntfs: (device loop1): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 991.620456][T31937] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 991.686389][T31937] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 991.714145][T31937] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 992.538052][T31979] netlink: 65051 bytes leftover after parsing attributes in process `syz.5.12239'. [ 992.870031][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 992.876523][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 992.967533][ T4301] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 993.039988][T31964] loop3: detected capacity change from 0 to 32768 [ 993.090856][T31964] (syz.3.12233,31964,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 993.129776][T31964] (syz.3.12233,31964,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 993.186389][ T4301] usb 7-1: Using ep0 maxpacket: 16 [ 993.193503][ T4301] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 993.220509][T31964] JBD2: Ignoring recovery information on journal [ 993.227177][ T4301] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 993.229985][ T4301] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 993.339570][ T4301] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 993.391599][T31964] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 993.414272][ T4301] usb 7-1: Product: syz [ 993.426738][T31973] loop1: detected capacity change from 0 to 32768 [ 993.437483][ T4301] usb 7-1: Manufacturer: syz [ 993.442148][ T4301] usb 7-1: SerialNumber: syz [ 993.459833][T31973] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 993.500326][ T4301] r8152-cfgselector 7-1: config 0 descriptor?? [ 993.743546][ T4301] usbip-host 7-1: 7-1 is not in match_busid table... skip! [ 993.906041][ T4383] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 993.921802][T32006] xt_nfacct: accounting object `syz0' does not exists [ 993.987775][ T126] usb 7-1: USB disconnect, device number 27 [ 994.017491][ T4262] ocfs2: Unmounting device (7,3) on (node local) [ 994.252077][T32012] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12256'. [ 994.295873][T32012] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12256'. [ 994.317836][T32012] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12256'. [ 994.617599][T32019] netlink: 44 bytes leftover after parsing attributes in process `syz.4.12260'. [ 994.641035][T32021] loop3: detected capacity change from 0 to 2048 [ 994.670358][T32019] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 994.710537][T32021] NILFS (loop3): invalid segment: Checksum error in segment payload [ 994.737698][T32021] NILFS (loop3): trying rollback from an earlier position [ 994.788360][T32021] NILFS (loop3): recovery complete [ 994.855808][T32028] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 995.979775][T32069] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12283'. [ 996.549928][T32091] overlayfs: conflicting options: nfs_export=on,index=off [ 996.804345][T32099] fuse: Bad value for 'fd' [ 996.812686][ T34] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 997.019301][ T34] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 997.062115][ T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 997.096710][ T34] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 997.148843][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 997.177236][ T34] usb 5-1: config 0 descriptor?? [ 997.614432][ T34] Bluetooth: Can't get state to change to load configuration err [ 997.634381][ T34] Bluetooth: Loading sysconfig file failed [ 997.653174][ T34] ath3k: probe of 5-1:0.0 failed with error -16 [ 997.693780][ T34] usb 5-1: USB disconnect, device number 53 [ 998.033013][T32110] loop6: detected capacity change from 0 to 32768 [ 998.111057][T32135] loop3: detected capacity change from 0 to 64 [ 998.157285][T32110] JBD2: Ignoring recovery information on journal [ 998.318091][T32110] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 998.446930][T32110] OCFS2: ERROR (device loop6): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 998.447321][T32110] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 998.585682][T32110] OCFS2: Returning error to the calling process. [ 998.608097][T32150] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12322'. [ 998.636697][T32110] (syz.6.12303,32110,0):ocfs2_calc_xattr_init:642 ERROR: status = -117 [ 998.710343][T32110] (syz.6.12303,32110,0):ocfs2_mknod:334 ERROR: status = -117 [ 998.794559][T32110] (syz.6.12303,32110,0):ocfs2_mknod:502 ERROR: status = -117 [ 998.835298][T32110] (syz.6.12303,32110,0):ocfs2_create:676 ERROR: status = -117 [ 998.931025][T32159] loop3: detected capacity change from 0 to 256 [ 999.056863][T12929] ocfs2: Unmounting device (7,6) on (node local) [ 999.276854][T32167] loop1: detected capacity change from 0 to 164 [ 999.363206][T32167] iso9660: Corrupted directory entry in block 0 of inode 1792 [ 1000.036538][T32193] x_tables: unsorted underflow at hook 3 [ 1000.152368][T32195] loop6: detected capacity change from 0 to 1024 [ 1000.406986][T32204] kernel read not supported for file / 7âW)s!Qfsl{Tr)rO2:"T+͟v|ղDvc֠6xc: (pid: 32204 comm: syz.1.12350) [ 1000.546741][T26770] hfsplus: b-tree write err: -5, ino 4 [ 1000.546785][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 1000.546797][ T26] audit: type=1800 audit(1747273042.779:1948): pid=32204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.12350" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=119968 res=0 errno=0 [ 1000.743737][T32211] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12354'. [ 1000.943328][T32219] netlink: 'syz.5.12356': attribute type 13 has an invalid length. [ 1001.035167][T32224] netlink: get zone limit has 4 unknown bytes [ 1001.425342][T32219] 8021q: adding VLAN 0 to HW filter on device team0 [ 1001.451422][T32219] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1001.477620][T32237] QAT: failed to copy from user. [ 1001.556857][ T4301] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 1001.760807][T32244] netlink: 68 bytes leftover after parsing attributes in process `syz.4.12370'. [ 1001.776450][ T4301] usb 2-1: Using ep0 maxpacket: 16 [ 1001.777382][T32245] loop3: detected capacity change from 0 to 16 [ 1001.784105][ T4301] usb 2-1: config 0 has an invalid interface number: 79 but max is 0 [ 1001.811016][ T4301] usb 2-1: config 0 has no interface number 0 [ 1001.847274][ T4301] usb 2-1: New USB device found, idVendor=0402, idProduct=5632, bcdDevice=c3.6f [ 1001.856776][T32245] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1001.897164][ T4301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1001.925691][ T4301] usb 2-1: Product: syz [ 1001.940268][ T4301] usb 2-1: Manufacturer: syz [ 1001.944969][ T4301] usb 2-1: SerialNumber: syz [ 1001.988260][ T4301] usb 2-1: config 0 descriptor?? [ 1002.235329][ T4301] cdc_subset 2-1:0.79 usb0: register 'cdc_subset' at usb-dummy_hcd.1-1, ALi M5632, 9e:73:b8:91:ed:bf [ 1002.476400][ T34] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 1002.499537][ T4586] usb 2-1: USB disconnect, device number 48 [ 1002.522245][ T4586] cdc_subset 2-1:0.79 usb0: unregister 'cdc_subset' usb-dummy_hcd.1-1, ALi M5632 [ 1002.626613][T32265] loop3: detected capacity change from 0 to 4096 [ 1002.666262][ T34] usb 7-1: Using ep0 maxpacket: 32 [ 1002.675808][ T34] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 1002.707875][ T34] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1002.737385][T32265] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1002.776418][ T34] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1002.812524][ T4262] EXT4-fs (loop3): unmounting filesystem. [ 1002.847343][ T34] usb 7-1: config 1 has no interface number 0 [ 1002.853544][ T34] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1002.895359][ T34] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1002.928399][ T34] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1002.996721][ T34] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1003.005932][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1003.088769][ T34] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 1003.288415][ T34] snd_usb_pod 7-1:1.1: cannot start listening: -90 [ 1003.295336][ T34] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 1003.332662][ T34] snd_usb_pod: probe of 7-1:1.1 failed with error -90 [ 1003.566586][ T34] usb 7-1: USB disconnect, device number 28 [ 1003.636620][T32292] loop3: detected capacity change from 0 to 512 [ 1003.664598][T32292] EXT4-fs: Ignoring removed orlov option [ 1003.671284][T32294] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12390'. [ 1003.703173][T32292] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1003.769020][T32292] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1003.876445][T32292] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 1003.939154][T32292] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.12389: Corrupt directory, running e2fsck is recommended [ 1004.148481][T32292] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 1004.191321][T32292] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.12389: corrupted in-inode xattr [ 1004.277396][T32292] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.12389: couldn't read orphan inode 15 (err -117) [ 1004.346650][T32292] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1004.540009][ T4262] EXT4-fs (loop3): unmounting filesystem. [ 1004.721972][T32283] loop4: detected capacity change from 0 to 32768 [ 1004.893221][T32323] bridge7: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 1005.023984][ T4586] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 1005.256521][ T4586] usb 4-1: Using ep0 maxpacket: 16 [ 1005.264861][ T4586] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 1005.346764][ T4586] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1005.392294][ T4586] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.430175][ T4586] usb 4-1: Product: syz [ 1005.446507][ T4586] usb 4-1: Manufacturer: syz [ 1005.471702][ T4586] usb 4-1: SerialNumber: syz [ 1005.514632][ T4586] cdc_ether: probe of 4-1:1.0 failed with error -22 [ 1005.743911][ T5194] usb 4-1: USB disconnect, device number 44 [ 1006.861270][T32371] x_tables: duplicate underflow at hook 4 [ 1007.217372][T32386] cgroup: Unexpected value for 'cpuset_v2_mode' [ 1007.923228][T32413] SET target dimension over the limit! [ 1008.354605][T32417] loop1: detected capacity change from 0 to 4096 [ 1008.444878][T32417] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 1008.512020][T32430] loop4: detected capacity change from 0 to 512 [ 1008.580098][T32430] EXT4-fs error (device loop4): __ext4_fill_super:5390: inode #2: comm syz.4.12443: casefold flag without casefold feature [ 1008.728637][T32417] ntfs3: loop1: failed to convert "c46c" to euc-jp [ 1008.747420][T32430] EXT4-fs (loop4): get root inode failed [ 1008.753148][T32430] EXT4-fs (loop4): mount failed [ 1008.882193][T32440] netlink: 'syz.3.12448': attribute type 11 has an invalid length. [ 1008.927297][T32441] overlayfs: missing 'lowerdir' [ 1008.970261][T32440] netlink: 428 bytes leftover after parsing attributes in process `syz.3.12448'. [ 1009.238382][T32449] loop3: detected capacity change from 0 to 16 [ 1009.247842][T32447] IPVS: Error joining to the multicast group [ 1009.322246][T32449] erofs: (device loop3): mounted with root inode @ nid 36. [ 1010.066013][T32475] xt_socket: unknown flags 0x50 [ 1010.206498][T32478] sctp: [Deprecated]: syz.5.12469 (pid 32478) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1010.206498][T32478] Use struct sctp_sack_info instead [ 1010.629270][T32490] netlink: 'syz.5.12475': attribute type 8 has an invalid length. [ 1010.662982][T32491] loop6: detected capacity change from 0 to 1024 [ 1010.989165][T12929] hfsplus: bad catalog entry type [ 1011.206025][T32472] loop1: detected capacity change from 0 to 32768 [ 1011.267977][T32504] loop4: detected capacity change from 0 to 256 [ 1011.349878][T32472] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 1011.349878][T32472] [ 1011.374657][T32504] FAT-fs (loop4): Directory bread(block 64) failed [ 1011.402292][T32504] FAT-fs (loop4): Directory bread(block 65) failed [ 1011.466767][T32472] ERROR: (device loop1): remounting filesystem as read-only [ 1011.497501][T32504] FAT-fs (loop4): Directory bread(block 66) failed [ 1011.504917][T32504] FAT-fs (loop4): Directory bread(block 67) failed [ 1011.519232][T32472] xtLookup: xtSearch returned -5 [ 1011.566628][T32504] FAT-fs (loop4): Directory bread(block 68) failed [ 1011.577895][T32504] FAT-fs (loop4): Directory bread(block 69) failed [ 1011.621338][ T11] hfsplus: b-tree write err: -5, ino 4 [ 1011.636605][T32504] FAT-fs (loop4): Directory bread(block 70) failed [ 1011.644350][T32504] FAT-fs (loop4): Directory bread(block 71) failed [ 1011.725443][T32504] FAT-fs (loop4): Directory bread(block 72) failed [ 1011.766536][T32504] FAT-fs (loop4): Directory bread(block 73) failed [ 1011.805279][T32511] loop3: detected capacity change from 0 to 256 [ 1011.812945][ T4586] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 1011.948620][T32511] FAT-fs (loop3): Directory bread(block 64) failed [ 1011.955881][T32511] FAT-fs (loop3): Directory bread(block 65) failed [ 1012.006229][ T4586] usb 6-1: Using ep0 maxpacket: 32 [ 1012.018153][ T4586] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1012.040881][T32511] FAT-fs (loop3): Directory bread(block 66) failed [ 1012.059224][T32511] FAT-fs (loop3): Directory bread(block 67) failed [ 1012.072121][ T4586] usb 6-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01 [ 1012.111105][T32511] FAT-fs (loop3): Directory bread(block 68) failed [ 1012.136335][ T4586] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1012.137179][ T46] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1012.164918][T32511] FAT-fs (loop3): Directory bread(block 69) failed [ 1012.176899][ T4586] usb 6-1: Product: syz [ 1012.182111][ T4586] usb 6-1: Manufacturer: syz [ 1012.198670][T32511] FAT-fs (loop3): Directory bread(block 70) failed [ 1012.205795][T32511] FAT-fs (loop3): Directory bread(block 71) failed [ 1012.229217][ T4586] usb 6-1: SerialNumber: syz [ 1012.246635][ T46] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 1012.257332][T32511] FAT-fs (loop3): Directory bread(block 72) failed [ 1012.277546][ T4586] usb 6-1: config 0 descriptor?? [ 1012.304733][T32511] FAT-fs (loop3): Directory bread(block 73) failed [ 1012.494561][ T4586] cxacru 6-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1012.619148][ T46] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1012.684181][ T46] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 1012.797265][ T4586] usb 6-1: USB disconnect, device number 38 [ 1013.018830][ T46] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1013.076239][ T46] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 1013.168645][T32513] loop1: detected capacity change from 0 to 32768 [ 1013.274273][T32513] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1013.316936][ T46] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1013.328899][ T46] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 1013.511295][T32513] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has an invalid fs_generation of #131491009 [ 1013.672856][T32513] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1013.725573][T32513] OCFS2: File system is now read-only. [ 1013.768879][T32513] (syz.1.12488,32513,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 1013.823054][ T4268] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1013.839664][T32513] (syz.1.12488,32513,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 1013.862029][ T4268] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1013.875588][ T4268] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1013.876745][T32513] (syz.1.12488,32513,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 1013.905757][T32536] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1013.918606][T32536] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1013.928583][T32513] (syz.1.12488,32513,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 1013.956551][T32536] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1014.008608][T32513] (syz.1.12488,32513,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 1014.038339][T32513] (syz.1.12488,32513,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 1014.071835][T32513] (syz.1.12488,32513,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 1014.082549][T32513] (syz.1.12488,32513,0):ocfs2_mknod:385 ERROR: status = -30 [ 1014.092814][T32513] (syz.1.12488,32513,0):ocfs2_mknod:502 ERROR: status = -30 [ 1014.169186][T32513] (syz.1.12488,32513,0):ocfs2_create:676 ERROR: status = -30 [ 1014.301101][T32534] team0 speed is unknown, defaulting to 1000 [ 1014.401284][ T4252] ocfs2: Unmounting device (7,1) on (node local) [ 1015.098850][T32567] loop1: detected capacity change from 0 to 16 [ 1015.148891][T32567] erofs: (device loop1): mounted with root inode @ nid 36. [ 1015.242870][T32534] vxcan1 speed is unknown, defaulting to 1000 [ 1015.473474][T32579] loop1: detected capacity change from 0 to 128 [ 1015.628592][T32579] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 1015.975368][T32588] netlink: 'syz.5.12517': attribute type 7 has an invalid length. [ 1016.066631][T32536] Bluetooth: hci1: command 0x0409 tx timeout [ 1016.086520][T32583] xt_CT: No such helper "pptp" [ 1016.566844][T32600] netlink: 80 bytes leftover after parsing attributes in process `syz.3.12522'. [ 1017.226870][ T46] IPVS: stopping backup sync thread 27630 ... [ 1017.471583][T32620] loop1: detected capacity change from 0 to 764 [ 1017.520654][T32620] Symlink component flag not implemented [ 1017.542937][T32620] Symlink component flag not implemented (7) [ 1017.857559][ T46] team0: Port device wlan1 removed [ 1018.146553][T32536] Bluetooth: hci1: command 0x041b tx timeout [ 1018.200308][T32638] loop3: detected capacity change from 0 to 16 [ 1018.223072][T32638] erofs: (device loop3): mounted with root inode @ nid 36. [ 1018.357662][T32638] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 1018.447959][T32638] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 1018.479021][T32642] loop1: detected capacity change from 0 to 256 [ 1018.615642][T32642] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x19066d23, utbl_chksum : 0xe619d30d) [ 1018.912091][T32534] chnl_net:caif_netlink_parms(): no params data found [ 1019.590182][T32534] bridge0: port 1(bridge_slave_0) entered blocking state [ 1019.625082][T32534] bridge0: port 1(bridge_slave_0) entered disabled state [ 1019.682603][T32534] device bridge_slave_0 entered promiscuous mode [ 1019.716713][T32534] bridge0: port 2(bridge_slave_1) entered blocking state [ 1019.760788][T32534] bridge0: port 2(bridge_slave_1) entered disabled state [ 1019.793557][T32631] loop4: detected capacity change from 0 to 32768 [ 1019.827452][T32534] device bridge_slave_1 entered promiscuous mode [ 1019.974417][T32674] cgroup: name respecified [ 1020.027931][T32631] XFS (loop4): Mounting V5 Filesystem [ 1020.226519][T32536] Bluetooth: hci1: command 0x040f tx timeout [ 1020.314286][T32631] XFS (loop4): Ending clean mount [ 1020.398146][ T46] device hsr_slave_0 left promiscuous mode [ 1020.486479][ T46] device hsr_slave_1 left promiscuous mode [ 1020.506920][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1020.515685][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1020.567695][T32690] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12551'. [ 1020.617666][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1020.628419][T32692] netlink: 202920 bytes leftover after parsing attributes in process `syz.5.12550'. [ 1020.646909][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1020.659166][ T4261] XFS (loop4): Unmounting Filesystem [ 1020.686831][ T46] device veth0_to_bridge left promiscuous mode [ 1020.719579][ T46] bridge0: port 3(veth0_to_bridge) entered disabled state [ 1020.769015][ T46] device bridge_slave_1 left promiscuous mode [ 1020.807472][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 1020.888985][ T46] device bridge_slave_0 left promiscuous mode [ 1020.916476][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 1021.333665][ T46] device veth0_macvtap left promiscuous mode [ 1021.346501][ T46] device veth1_vlan left promiscuous mode [ 1022.171636][T32720] dlm: Unknown command passed to DLM device : 0 [ 1022.171636][T32720] [ 1022.306626][T32536] Bluetooth: hci1: command 0x0419 tx timeout [ 1023.134937][T32724] loop1: detected capacity change from 0 to 32768 [ 1023.304212][T32724] ERROR: (device loop1): diAllocAG: nfreeinos = 0, but iag on freelist [ 1023.304212][T32724] [ 1023.366264][T32724] ialloc: diAlloc returned -5! [ 1023.476519][ T4581] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 1023.574837][ T46] bond1 (unregistering): Released all slaves [ 1023.676514][ T4581] usb 6-1: Using ep0 maxpacket: 16 [ 1023.685076][ T4581] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 1023.716879][ T4581] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1023.780318][ T4581] usb 6-1: config 0 descriptor?? [ 1023.800473][ T4581] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected [ 1024.031023][ T4581] usb 6-1: Detected FT232B [ 1024.238827][ T4581] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 1024.256701][ T4581] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 1024.279236][ T5194] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 1024.304245][ T4581] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1024.358749][ T4581] usb 6-1: USB disconnect, device number 39 [ 1024.382489][ T4581] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1024.397456][ T4581] ftdi_sio 6-1:0.0: device disconnected [ 1024.502777][ T5194] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1024.514285][ T5194] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1024.524794][ T5194] usb 2-1: Product: syz [ 1024.530395][ T5194] usb 2-1: Manufacturer: syz [ 1024.536830][ T5194] usb 2-1: SerialNumber: syz [ 1024.550746][ T5194] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1024.701307][ T5194] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1025.153663][ T4581] usb 2-1: USB disconnect, device number 49 [ 1025.374087][ T46] team0 (unregistering): Port device team_slave_1 removed [ 1025.598550][ T46] team0 (unregistering): Port device team_slave_0 removed [ 1025.814023][ T26] audit: type=1326 audit(1747273068.039:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32747 comm="syz.5.12575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 1025.840390][ T5194] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1025.848498][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1025.857263][ T5194] ath9k_htc: Failed to initialize the device [ 1025.902618][ T26] audit: type=1326 audit(1747273068.099:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32747 comm="syz.5.12575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 1025.903235][ T4581] usb 2-1: ath9k_htc: USB layer deinitialized [ 1025.986247][ T26] audit: type=1326 audit(1747273068.099:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32747 comm="syz.5.12575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 1026.057308][ T26] audit: type=1326 audit(1747273068.099:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32747 comm="syz.5.12575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e2d8e969 code=0x7ffc0000 [ 1026.129327][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1027.521759][ T46] bond0 (unregistering): Released all slaves [ 1027.656988][T32534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1027.667910][T32714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12559'. [ 1027.702087][T32718] netlink: 'syz.4.12553': attribute type 13 has an invalid length. [ 1027.736341][T32718] netlink: 'syz.4.12553': attribute type 14 has an invalid length. [ 1027.776430][T32718] netlink: 156 bytes leftover after parsing attributes in process `syz.4.12553'. [ 1027.836541][T32752] netlink: 40 bytes leftover after parsing attributes in process `syz.5.12577'. [ 1027.863309][T32752] netlink: 40 bytes leftover after parsing attributes in process `syz.5.12577'. [ 1027.893926][T32534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1028.106603][T32758] loop3: detected capacity change from 0 to 256 [ 1028.178210][T32534] team0: Port device team_slave_0 added [ 1028.227131][T32534] team0: Port device team_slave_1 added [ 1028.409897][T32534] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1028.449667][T32534] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1028.576330][T32534] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1028.657735][T32534] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1028.665186][T32534] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1028.880583][T32534] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1029.166096][T32534] device hsr_slave_0 entered promiscuous mode [ 1029.187318][ T26] audit: type=1326 audit(1747273071.419:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=313 comm="syz.4.12589" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x0 [ 1029.227364][T32534] device hsr_slave_1 entered promiscuous mode [ 1029.336868][T32534] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1029.345491][T32534] Cannot create hsr debugfs directory [ 1029.675521][ T328] loop3: detected capacity change from 0 to 256 [ 1029.772194][ T332] ax25_connect(): syz.1.12596 uses autobind, please contact jreuter@yaina.de [ 1029.812506][ T328] FAT-fs (loop3): Directory bread(block 64) failed [ 1029.822832][ T328] FAT-fs (loop3): Directory bread(block 65) failed [ 1029.884610][ T328] FAT-fs (loop3): Directory bread(block 66) failed [ 1029.918538][ T328] FAT-fs (loop3): Directory bread(block 67) failed [ 1029.925614][ T328] FAT-fs (loop3): Directory bread(block 68) failed [ 1030.005319][ T328] FAT-fs (loop3): Directory bread(block 69) failed [ 1030.054889][ T328] FAT-fs (loop3): Directory bread(block 70) failed [ 1030.136251][ T328] FAT-fs (loop3): Directory bread(block 71) failed [ 1030.143837][ T328] FAT-fs (loop3): Directory bread(block 72) failed [ 1030.250425][ T328] FAT-fs (loop3): Directory bread(block 73) failed [ 1030.512155][ T26] audit: type=1800 audit(1747273072.739:1954): pid=328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.12594" name="file1" dev="loop3" ino=1048757 res=0 errno=0 [ 1030.569466][ T341] netlink: 'syz.1.12599': attribute type 21 has an invalid length. [ 1030.607973][ T341] netlink: 132 bytes leftover after parsing attributes in process `syz.1.12599'. [ 1030.854105][T32534] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1030.920103][T32534] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1030.955817][T32534] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1031.008997][T32534] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1031.057685][ T352] netlink: 'syz.1.12605': attribute type 10 has an invalid length. [ 1031.114378][ T352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1031.140744][ T352] team0: Port device bond0 added [ 1031.157937][ T355] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12603'. [ 1031.197200][ T355] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12603'. [ 1031.579958][T32534] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1031.656584][T26770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1031.702570][T26770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1031.747335][T32534] 8021q: adding VLAN 0 to HW filter on device team0 [ 1031.900513][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1031.930612][ T374] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem [ 1031.954538][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1031.996497][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 1032.004268][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1032.044157][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1032.106953][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1032.167814][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 1032.178207][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1032.257198][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1032.287735][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1032.378083][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1032.398060][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1032.469258][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1032.507601][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1032.551158][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1032.627114][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1032.660468][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1032.702678][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1032.773695][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1032.810538][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1032.840121][T32534] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1032.861554][ T391] netlink: 52 bytes leftover after parsing attributes in process `syz.3.12621'. [ 1032.888399][ T394] netlink: 48 bytes leftover after parsing attributes in process `syz.4.12622'. [ 1032.906373][ T394] tc_dump_action: action bad kind [ 1033.885510][ T426] loop4: detected capacity change from 0 to 128 [ 1033.936507][ T431] netlink: 36 bytes leftover after parsing attributes in process `syz.5.12637'. [ 1033.950860][ T426] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1034.017940][ T426] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1034.037326][ T426] ext4 filesystem being mounted at /2523/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1034.331784][ T4261] EXT4-fs (loop4): unmounting filesystem. [ 1034.490201][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1034.506538][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1034.557437][T32534] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1035.041262][ T461] loop3: detected capacity change from 0 to 256 [ 1035.088136][ T461] exfat: Deprecated parameter 'utf8' [ 1035.094408][ T461] exfat: Deprecated parameter 'utf8' [ 1035.212088][ T461] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1035.926325][ T4581] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 1036.140097][ T4581] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1036.171797][ T4581] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 1036.226449][ T4581] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1036.312800][ T4581] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 1036.636937][T26772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1036.649945][T26772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1036.758932][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1036.808880][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1036.839710][T32534] device veth0_vlan entered promiscuous mode [ 1036.848209][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1036.884172][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1036.913874][T32534] device veth1_vlan entered promiscuous mode [ 1037.049756][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1037.068159][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1037.098550][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1037.135131][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1037.169399][T32534] device veth0_macvtap entered promiscuous mode [ 1037.212917][T32534] device veth1_macvtap entered promiscuous mode [ 1037.326545][T32534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1037.406161][T32534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1037.427213][ T4581] stv0680 5-1:4.0: STV(e): camera ping failed!! [ 1037.438457][T32534] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1037.458109][T26770] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1037.477593][T26770] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1037.497714][T26770] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1037.536954][T26770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1037.603834][T32534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1037.631088][ T4581] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 1037.641259][T32534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1037.679109][ T4581] stv0680 5-1:4.0: last error: 0, command = 0x0 [ 1037.700459][T32534] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1037.728255][ T4581] usb 5-1: USB disconnect, device number 54 [ 1037.754786][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1037.789137][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1037.837944][T32534] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1037.864375][T32534] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1037.901069][T32534] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1037.947150][T32534] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1038.416807][T26772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1038.468818][T26772] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1038.571221][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1038.623817][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1038.658079][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1038.777356][T26772] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1039.404937][ T563] delete_channel: no stack [ 1039.863324][ T581] loop7: detected capacity change from 0 to 256 [ 1040.021044][ T581] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1040.057139][ T586] netlink: 200 bytes leftover after parsing attributes in process `syz.1.12694'. [ 1040.576878][ T599] netlink: 96 bytes leftover after parsing attributes in process `syz.7.12699'. [ 1041.869469][ T631] loop4: detected capacity change from 0 to 4096 [ 1042.105337][ T646] netlink: 'syz.5.12716': attribute type 15 has an invalid length. [ 1042.547623][ T656] netlink: 5 bytes leftover after parsing attributes in process `syz.1.12722'. [ 1042.593128][ T659] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12721'. [ 1042.646370][ T661] raw_sendmsg: syz.3.12723 forgot to set AF_INET. Fix it! [ 1043.957390][ T688] loop4: detected capacity change from 0 to 4096 [ 1044.044987][ T688] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 1044.122659][ T701] cifs: Unknown parameter 'no'aN[Gzob,er;%j [ 1044.122659][ T701] z,@qJ#"h/.W1ȱnNC"C׈E)8+' [ 1044.926235][ T4302] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 1045.137120][ T26] audit: type=1326 audit(1747273087.369:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=725 comm="syz.7.12750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5262f8e969 code=0x7ffc0000 [ 1045.184958][ T4302] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 1045.229601][ T4302] usb 5-1: config 220 has an invalid descriptor of length 9, skipping remainder of the config [ 1045.276217][ T4302] usb 5-1: config 220 has no interface number 2 [ 1045.283330][ T4302] usb 5-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 1045.315463][ T26] audit: type=1326 audit(1747273087.369:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=725 comm="syz.7.12750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5262f8e969 code=0x7ffc0000 [ 1045.383159][ T4302] usb 5-1: config 220 interface 0 has no altsetting 0 [ 1045.406258][ T26] audit: type=1326 audit(1747273087.459:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=725 comm="syz.7.12750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f5262f8e969 code=0x7ffc0000 [ 1045.436487][ T4302] usb 5-1: config 220 interface 76 has no altsetting 0 [ 1045.469603][ T729] loop1: detected capacity change from 0 to 4096 [ 1045.478913][ T4302] usb 5-1: config 220 interface 1 has no altsetting 0 [ 1045.510593][ T4302] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1045.537063][ T26] audit: type=1326 audit(1747273087.459:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=725 comm="syz.7.12750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5262f8e969 code=0x7ffc0000 [ 1045.581107][ T729] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1045.591947][ T4302] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1045.591982][ T4302] usb 5-1: Product: syz [ 1045.592000][ T4302] usb 5-1: Manufacturer: syz [ 1045.592018][ T4302] usb 5-1: SerialNumber: syz [ 1045.724636][ T26] audit: type=1326 audit(1747273087.459:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=725 comm="syz.7.12750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5262f8e969 code=0x7ffc0000 [ 1045.737391][ T729] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1045.863429][ T4302] usb 5-1: selecting invalid altsetting 0 [ 1045.865234][ T729] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1045.897065][ T4302] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 1045.904589][ T4302] usb 5-1: No valid video chain found. [ 1045.988376][ T729] ntfs: volume version 3.1. [ 1046.010799][ T4302] usb 5-1: selecting invalid altsetting 0 [ 1046.031345][ T4302] usbtest: probe of 5-1:220.1 failed with error -22 [ 1046.080692][ T4302] usb 5-1: USB disconnect, device number 55 [ 1046.183584][ T742] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check. [ 1046.325119][ T729] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28). [ 1046.397360][ T729] ntfs: (device loop1): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because the allocation of clusters failed with error code -28. [ 1047.039970][ T756] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12761'. [ 1047.079423][ T728] loop3: detected capacity change from 0 to 32768 [ 1047.377859][ T728] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1047.528242][ T728] (syz.3.12751,728,1):ocfs2_find_entry:1086 ERROR: status = -117 [ 1047.583812][ T728] (syz.3.12751,728,1):ocfs2_find_entry:1086 ERROR: status = -117 [ 1047.643085][ T728] (syz.3.12751,728,1):ocfs2_mknod:502 ERROR: status = -117 [ 1047.665152][ T773] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12765'. [ 1047.728941][ T728] (syz.3.12751,728,1):ocfs2_create:676 ERROR: status = -117 [ 1048.049335][ T4262] ocfs2: Unmounting device (7,3) on (node local) [ 1048.116913][ T782] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12769'. [ 1048.325248][ T786] loop4: detected capacity change from 0 to 1024 [ 1048.644820][T26770] hfsplus: b-tree write err: -5, ino 4 [ 1048.684277][ T782] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12769'. [ 1049.843866][ T819] loop7: detected capacity change from 0 to 4096 [ 1049.922824][ T819] ntfs: volume version 3.1. [ 1050.608337][ T4586] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 1050.806410][ T4586] usb 4-1: Using ep0 maxpacket: 8 [ 1050.825410][ T4586] usb 4-1: config 0 has an invalid interface number: 31 but max is 0 [ 1050.882930][ T4586] usb 4-1: config 0 has no interface number 0 [ 1050.952484][ T4586] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 1051.037708][ T4586] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1051.087514][ T4586] usb 4-1: Product: syz [ 1051.092120][ T4586] usb 4-1: Manufacturer: syz [ 1051.140130][ T4586] usb 4-1: SerialNumber: syz [ 1051.167643][ T4586] usb 4-1: config 0 descriptor?? [ 1051.400681][ T4586] usb 4-1: Found UVC 0.04 device syz (046d:08c3) [ 1051.434125][ T4586] usb 4-1: No valid video chain found. [ 1051.506772][ T4586] usb 4-1: USB disconnect, device number 45 [ 1051.632789][ T865] loop7: detected capacity change from 0 to 1024 [ 1051.677367][ T865] EXT4-fs: Ignoring removed orlov option [ 1051.701921][ T865] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1051.758562][ T865] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002] [ 1051.783691][ T865] System zones: 0-1, 3-36 [ 1051.838330][ T865] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 1052.217820][T32534] EXT4-fs (loop7): unmounting filesystem. [ 1053.599750][ T934] netlink: 'syz.5.12823': attribute type 10 has an invalid length. [ 1053.982104][ T943] loop1: detected capacity change from 0 to 1024 [ 1054.011065][ T934] team0: Device veth1_macvtap failed to register rx_handler [ 1054.311034][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.318519][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.633097][ T955] loop3: detected capacity change from 0 to 16 [ 1054.681723][ T955] erofs: (device loop3): mounted with root inode @ nid 36. [ 1055.427183][ T976] loop7: detected capacity change from 0 to 1764 [ 1055.459067][ T938] loop4: detected capacity change from 0 to 32768 [ 1055.511281][ T981] netlink: 'syz.1.12842': attribute type 10 has an invalid length. [ 1055.624230][ T938] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1055.686981][ T981] team0: Port device veth1_macvtap added [ 1055.699046][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1055.768934][ T53] infiniband syz1: set active [ 1056.027813][ T4261] ocfs2: Unmounting device (7,4) on (node local) [ 1056.037095][ T995] overlayfs: unrecognized mount option "\n" or missing value [ 1056.860019][ T1032] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12858'. [ 1057.955990][ T1066] netlink: 'syz.3.12875': attribute type 15 has an invalid length. [ 1058.671038][ T1092] netlink: 'syz.4.12884': attribute type 30 has an invalid length. [ 1058.929333][ T26] kauditd_printk_skb: 21 callbacks suppressed [ 1058.929354][ T26] audit: type=1326 audit(1747273101.159:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1097 comm="syz.1.12888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81f138e969 code=0x7ffc0000 [ 1059.074615][ T26] audit: type=1326 audit(1747273101.159:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1097 comm="syz.1.12888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81f138e969 code=0x7ffc0000 [ 1059.181822][ T26] audit: type=1326 audit(1747273101.199:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1097 comm="syz.1.12888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f81f138e969 code=0x7ffc0000 [ 1059.332341][ T26] audit: type=1326 audit(1747273101.199:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1097 comm="syz.1.12888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81f138e969 code=0x7ffc0000 [ 1059.410978][ T26] audit: type=1326 audit(1747273101.199:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1097 comm="syz.1.12888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81f138e969 code=0x7ffc0000 [ 1059.794211][ T1079] loop7: detected capacity change from 0 to 32768 [ 1059.839326][ T1079] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 scanned by syz.7.12879 (1079) [ 1059.856498][ T1122] netlink: 164 bytes leftover after parsing attributes in process `syz.3.12897'. [ 1059.939589][ T1079] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1059.976506][ T1079] BTRFS info (device loop7): using sha256 (sha256-avx2) checksum algorithm [ 1060.037269][ T1079] BTRFS info (device loop7): turning on sync discard [ 1060.047922][ T1079] BTRFS info (device loop7): using free space tree [ 1060.468620][ T1079] BTRFS info (device loop7): enabling ssd optimizations [ 1060.787307][T32534] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1061.407418][ T1180] loop1: detected capacity change from 0 to 64 [ 1061.819946][ T1186] loop4: detected capacity change from 0 to 64 [ 1061.880754][ T1186] Bad inode number on dev loop4: 6 is out of range [ 1062.203046][ T1195] netlink: 'syz.1.12922': attribute type 13 has an invalid length. [ 1062.246411][ T1195] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12922'. [ 1062.308152][ T1195] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (6) [ 1062.454151][ T1204] autofs4:pid:1204:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(4294967071.1), cmd(0xc018937e) [ 1062.546412][ T1204] autofs4:pid:1204:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 1062.674266][ T1209] device bridge_slave_0 entered promiscuous mode [ 1062.907828][ T1215] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1064.465886][ T1207] loop7: detected capacity change from 0 to 32768 [ 1064.631673][ T1263] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12946'. [ 1064.650554][ T1207] XFS (loop7): Mounting V5 Filesystem [ 1065.000333][ T1207] XFS (loop7): Ending clean mount [ 1066.913427][ T1280] loop4: detected capacity change from 0 to 32768 [ 1067.027811][ T1280] [ 1067.027811][ T1280] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1067.027811][ T1280] [ 1067.121978][ T1280] ERROR: (device loop4): diWrite: ixpxd invalid [ 1067.121978][ T1280] [ 1067.228308][ T1280] ERROR: (device loop4): txCommit: [ 1067.228308][ T1280] [ 1067.541899][ T4261] [ 1067.541899][ T4261] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1067.541899][ T4261] [ 1067.576525][ T4261] [ 1067.576525][ T4261] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1067.576525][ T4261] [ 1068.300932][ T1347] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 1068.516274][T30825] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 1068.545360][ T1314] loop3: detected capacity change from 0 to 32768 [ 1068.613214][ T1314] (syz.3.12965,1314,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1068.704174][ T1314] (syz.3.12965,1314,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1068.758504][T30825] usb 5-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 1068.813714][ T1314] JBD2: Ignoring recovery information on journal [ 1068.876350][T30825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1068.957712][ T1364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12984'. [ 1068.970234][T30825] usb 5-1: config 0 descriptor?? [ 1069.037658][ T1314] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1069.067824][T30825] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 1069.418232][T30825] gspca_sn9c2028: read1 error -71 [ 1069.436380][T30825] gspca_sn9c2028: read1 error -71 [ 1069.441817][T30825] sn9c2028: probe of 5-1:0.0 failed with error -71 [ 1069.491739][ T4262] ocfs2: Unmounting device (7,3) on (node local) [ 1069.498447][T30825] usb 5-1: USB disconnect, device number 56 [ 1069.769252][ T1382] loop1: detected capacity change from 0 to 8 [ 1070.297195][ T126] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 1070.506316][ T126] usb 2-1: Using ep0 maxpacket: 32 [ 1070.514277][ T126] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1070.571440][ T126] usb 2-1: config 7 has an invalid interface number: 128 but max is 0 [ 1070.629046][ T126] usb 2-1: config 7 contains an unexpected descriptor of type 0x1, skipping [ 1070.683597][ T126] usb 2-1: config 7 has an invalid descriptor of length 148, skipping remainder of the config [ 1070.748360][ T126] usb 2-1: config 7 has no interface number 0 [ 1070.755357][ T126] usb 2-1: config 7 interface 128 altsetting 2 has an invalid endpoint with address 0x17, skipping [ 1070.832638][ T126] usb 2-1: config 7 interface 128 altsetting 2 endpoint 0x87 has an invalid bInterval 209, changing to 11 [ 1070.886668][ T126] usb 2-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 1070.941206][ T126] usb 2-1: config 7 interface 128 has no altsetting 0 [ 1071.019315][ T126] usb 2-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13 [ 1071.077372][ T126] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1071.116465][ T126] usb 2-1: Product: syz [ 1071.136799][ T126] usb 2-1: Manufacturer: syz [ 1071.172044][ T126] usb 2-1: SerialNumber: syz [ 1071.208184][ T1382] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1071.458913][ T126] usb 2-1: MIDIStreaming interface descriptor not found [ 1071.609786][ T126] usb 2-1: USB disconnect, device number 50 [ 1072.013006][ T1434] loop3: detected capacity change from 0 to 4096 [ 1072.086646][ T1434] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 10) do not match. Run ntfsfix or chkdsk. [ 1072.107302][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:7.128/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1072.172744][ T1434] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1072.236723][ T1434] ntfs: (device loop3): ntfs_read_locked_inode(): $STANDARD_INFORMATION attribute is missing. [ 1072.288839][ T1434] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1072.376449][ T1434] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1072.458412][ T1434] ntfs: volume version 3.1. [ 1073.406469][ T1473] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13027'. [ 1073.424029][ T1472] loop3: detected capacity change from 0 to 1024 [ 1073.462219][ T1473] netlink: 312 bytes leftover after parsing attributes in process `syz.4.13027'. [ 1073.507305][ T1473] netlink: 'syz.4.13027': attribute type 1 has an invalid length. [ 1073.688969][ T1478] netlink: 'syz.7.13028': attribute type 1 has an invalid length. [ 1073.796481][ T1478] netlink: 128 bytes leftover after parsing attributes in process `syz.7.13028'. [ 1074.183633][ T1493] netlink: 48 bytes leftover after parsing attributes in process `syz.1.13034'. [ 1074.276588][ T1493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13034'. [ 1074.463901][ T1497] loop3: detected capacity change from 0 to 512 [ 1074.557629][ T1497] EXT4-fs: Ignoring removed nobh option [ 1074.563175][ T1501] netlink: 48 bytes leftover after parsing attributes in process `syz.5.13037'. [ 1074.630458][ T1497] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #3: comm syz.3.13036: corrupted inode contents [ 1074.725770][ T1507] loop1: detected capacity change from 0 to 512 [ 1074.766488][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1074.773818][ T1497] EXT4-fs error (device loop3): ext4_dirty_inode:6118: inode #3: comm syz.3.13036: mark_inode_dirty error [ 1074.829478][ T1507] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1074.903367][ T1507] EXT4-fs (loop1): required journal recovery suppressed and not mounted read-only [ 1074.915916][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1074.944631][ T1497] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #3: comm syz.3.13036: corrupted inode contents [ 1075.067731][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1075.110808][ T1497] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz.3.13036: mark_inode_dirty error [ 1075.170970][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1075.283920][ T1497] Quota error (device loop3): write_blk: dquota write failed [ 1075.382803][ T1497] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1075.437997][ T1497] EXT4-fs error (device loop3): ext4_acquire_dquot:6802: comm syz.3.13036: Failed to acquire dquot type 0 [ 1075.590888][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1075.617613][ T126] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 1075.657052][ T1497] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #16: comm syz.3.13036: corrupted inode contents [ 1075.714572][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1075.756790][ T1497] EXT4-fs error (device loop3): ext4_dirty_inode:6118: inode #16: comm syz.3.13036: mark_inode_dirty error [ 1075.801378][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1075.828918][ T126] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1075.849448][ T1497] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #16: comm syz.3.13036: corrupted inode contents [ 1075.910199][ T126] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1075.937758][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1075.958048][ T126] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1075.976022][ T1497] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.13036: mark_inode_dirty error [ 1076.007132][ T126] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1076.015806][ T126] usb 5-1: SerialNumber: syz [ 1076.047515][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1076.077852][ T1497] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #16: comm syz.3.13036: corrupted inode contents [ 1076.166908][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1076.216914][ T1497] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1076.297441][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1076.318039][ T126] usb 5-1: 0:2 : does not exist [ 1076.318697][ T1497] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #16: comm syz.3.13036: corrupted inode contents [ 1076.381383][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1076.429236][ T126] usb 5-1: USB disconnect, device number 57 [ 1076.456421][ T1497] EXT4-fs error (device loop3): ext4_truncate:4312: inode #16: comm syz.3.13036: mark_inode_dirty error [ 1076.516283][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1076.574667][ T1497] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1076.631108][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1076.657870][ T1497] EXT4-fs (loop3): 1 truncate cleaned up [ 1076.665932][ T1497] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1076.707968][ T7176] udevd[7176]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1076.748356][ T1497] ext4 filesystem being mounted at /2631/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1076.989522][ T1555] xt_ecn: cannot match TCP bits for non-tcp packets [ 1077.254349][ T1497] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #12: block 13: comm syz.3.13036: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0 [ 1077.376619][ T1497] EXT4-fs (loop3): Remounting filesystem read-only [ 1077.611195][ T4262] EXT4-fs (loop3): unmounting filesystem. [ 1077.672485][ T4931] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 1077.776275][ T4931] EXT4-fs error (device loop3): ext4_release_dquot:6838: comm kworker/u4:8: Failed to release dquot type 1 [ 1077.845073][ T4931] EXT4-fs (loop3): Remounting filesystem read-only [ 1078.706445][T30825] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 1078.916663][T30825] usb 4-1: Using ep0 maxpacket: 16 [ 1078.935224][T30825] usb 4-1: config 0 has an invalid interface number: 41 but max is 0 [ 1078.977007][T30825] usb 4-1: config 0 has no interface number 0 [ 1079.016212][T30825] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 1079.046540][T30825] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 1079.078227][T30825] usb 4-1: config 0 interface 41 has no altsetting 0 [ 1079.119604][T30825] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 1079.191997][T30825] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1079.258704][T30825] usb 4-1: Product: syz [ 1079.299218][T30825] usb 4-1: Manufacturer: syz [ 1079.304862][T30825] usb 4-1: SerialNumber: syz [ 1079.363740][T30825] usb 4-1: config 0 descriptor?? [ 1079.399309][ T1596] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1079.434533][ T1596] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1079.707563][ T1596] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1079.756587][ T1596] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1080.014220][T30825] CoreChips 4-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71 [ 1080.016596][ T126] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 1080.047960][T30825] CoreChips: probe of 4-1:0.41 failed with error -71 [ 1080.107639][T30825] usb 4-1: USB disconnect, device number 46 [ 1080.267401][ T126] usb 2-1: Using ep0 maxpacket: 16 [ 1080.308009][ T126] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7 [ 1080.328642][ T126] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1080.354357][ T126] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1080.397857][ T4302] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 1080.408099][ T126] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1080.446454][ T126] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1080.470935][ T126] usb 2-1: Product: syz [ 1080.475718][ T126] usb 2-1: Manufacturer: syz [ 1080.481443][ T126] usb 2-1: SerialNumber: syz [ 1080.621569][ T1644] vivid-003: disconnect [ 1080.633209][ T4302] usb 6-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 1080.648675][ T1643] vivid-003: reconnect [ 1080.674184][ T4302] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1080.702130][ T4302] usb 6-1: Product: syz [ 1080.719322][ T4302] usb 6-1: Manufacturer: syz [ 1080.749751][ T126] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1080.766438][ T4302] usb 6-1: SerialNumber: syz [ 1080.805455][ T4302] r8152-cfgselector 6-1: config 0 descriptor?? [ 1080.829948][ T126] usb 2-1: USB disconnect, device number 51 [ 1080.961823][ T4381] udevd[4381]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1081.122908][ T1653] loop3: detected capacity change from 0 to 128 [ 1081.239583][ T1653] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 1081.267304][ T4302] r8152-cfgselector 6-1: Unknown version 0x0000 [ 1081.297255][ T4302] r8152-cfgselector 6-1: USB disconnect, device number 40 [ 1081.340292][ T1653] FAT-fs (loop3): Filesystem has been set read-only [ 1082.296872][ T1680] netlink: 32 bytes leftover after parsing attributes in process `syz.7.13105'. [ 1082.516759][ T1686] netlink: 3 bytes leftover after parsing attributes in process `syz.5.13108'. [ 1084.273953][ T1737] device bridge1 entered promiscuous mode [ 1084.327220][ T1720] infiniband syz!: set down [ 1084.356321][ T1720] infiniband syz!: added team_slave_0 [ 1084.552063][ T1720] RDS/IB: syz!: added [ 1084.580334][ T1720] smc: adding ib device syz! with port count 1 [ 1084.626462][ T1720] smc: ib device syz! port 1 has pnetid [ 1084.978316][ T1757] netlink: 48 bytes leftover after parsing attributes in process `syz.5.13135'. [ 1085.063737][ T1762] device team_slave_1 entered promiscuous mode [ 1085.101104][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1085.418694][ T1770] loop3: detected capacity change from 0 to 256 [ 1085.490655][ T1769] loop1: detected capacity change from 0 to 1024 [ 1085.556614][ T1770] exfat: Deprecated parameter 'namecase' [ 1085.562829][ T1770] exfat: Deprecated parameter 'utf8' [ 1085.710147][ T1770] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d) [ 1085.879356][T26772] hfsplus: b-tree write err: -5, ino 4 [ 1086.556648][ T1790] IPv6: Can't replace route, no match found [ 1086.977120][ T1800] netlink: 'syz.1.13152': attribute type 1 has an invalid length. [ 1087.046329][ T1800] netlink: 'syz.1.13152': attribute type 2 has an invalid length. [ 1088.262120][ T1077] block nbd5: Attempted send on invalid socket [ 1088.269898][ T1077] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1088.284828][ T1830] vxfs: unable to read disk superblock at 1 [ 1088.294948][ T1077] block nbd5: Attempted send on invalid socket [ 1088.302045][ T1077] I/O error, dev nbd5, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1088.314105][ T1830] vxfs: unable to read disk superblock at 8 [ 1088.354175][ T1830] vxfs: can't find superblock. [ 1088.564585][ T1837] loop3: detected capacity change from 0 to 1024 [ 1088.933729][T26772] hfsplus: b-tree write err: -5, ino 4 [ 1089.416547][ T1853] netlink: 'syz.4.13173': attribute type 3 has an invalid length. [ 1089.477061][ T1853] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.13173'. [ 1089.494699][ T1856] loop3: detected capacity change from 0 to 256 [ 1089.618108][ T26] audit: type=1800 audit(1089.590:1970): pid=1856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.13175" name="file0" dev="loop3" ino=1048762 res=0 errno=0 [ 1090.280556][ T1875] netlink: 16 bytes leftover after parsing attributes in process `syz.7.13181'. [ 1090.899159][ T1896] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13190'. [ 1091.825280][ T1920] loop4: detected capacity change from 0 to 256 [ 1091.913858][ T1920] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb107716d, utbl_chksum : 0xe619d30d) [ 1093.242211][ T1958] netlink: 'syz.3.13218': attribute type 13 has an invalid length. [ 1093.327566][ T1958] device veth0_macvtap left promiscuous mode [ 1093.381586][ T1958] device macvtap0 entered promiscuous mode [ 1093.481416][ T1958] macvtap0: refused to change device tx_queue_len [ 1093.597712][ T1969] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 1094.600303][ T1998] netlink: 1392 bytes leftover after parsing attributes in process `syz.5.13239'. [ 1095.022485][ T2010] netlink: 'syz.1.13245': attribute type 1 has an invalid length. [ 1095.518231][ T2024] loop3: detected capacity change from 0 to 64 [ 1096.347645][ T2042] loop4: detected capacity change from 0 to 2048 [ 1097.819975][ T2090] loop4: detected capacity change from 0 to 64 [ 1097.935844][ T2090] Trying to free block not in datazone [ 1098.408377][ T2104] loop4: detected capacity change from 0 to 2048 [ 1098.497363][ T2104] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1098.562722][ T2108] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 1098.597168][ T2111] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13295'. [ 1098.641004][ T2111] netlink: 16 bytes leftover after parsing attributes in process `syz.3.13295'. [ 1099.987171][ T2148] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13314'. [ 1100.016618][ T2148] netlink: 48 bytes leftover after parsing attributes in process `syz.5.13314'. [ 1100.285936][ T2158] loop1: detected capacity change from 0 to 64 [ 1100.581065][ T4931] kworker/u4:8: attempt to access beyond end of device [ 1100.581065][ T4931] loop1: rw=1, sector=268435468, nr_sectors = 2 limit=64 [ 1100.615932][ T4931] Buffer I/O error on dev loop1, logical block 134217734, lost async page write [ 1101.396972][ T2189] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1102.008728][ T2206] netlink: 168864 bytes leftover after parsing attributes in process `syz.5.13342'. [ 1102.104565][ T2206] netlink: zone id is out of range [ 1102.247902][ T4243] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 1102.476241][ T4243] usb 8-1: Using ep0 maxpacket: 8 [ 1102.484144][ T4243] usb 8-1: New USB device found, idVendor=1737, idProduct=0039, bcdDevice=af.02 [ 1102.533656][ T4243] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1102.573441][ T4243] usb 8-1: config 0 descriptor?? [ 1102.816843][ T4243] asix 8-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 1103.032729][ T4243] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1103.067747][ T4243] asix 8-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1103.108602][ T4243] asix: probe of 8-1:0.0 failed with error -71 [ 1103.160500][ T4243] usb 8-1: USB disconnect, device number 2 [ 1103.921344][ T2258] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1104.824361][ T2260] vxcan1 speed is unknown, defaulting to 1000 [ 1105.245392][ T2286] loop1: detected capacity change from 0 to 2048 [ 1105.314186][ T2286] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1105.496506][ T26] audit: type=1326 audit(1105.460:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2289 comm="syz.4.13383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 1105.628857][ T26] audit: type=1326 audit(1105.460:1972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2289 comm="syz.4.13383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 1105.782030][ T26] audit: type=1326 audit(1105.500:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2289 comm="syz.4.13383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 1105.933694][ T26] audit: type=1326 audit(1105.500:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2289 comm="syz.4.13383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 1106.100432][ T26] audit: type=1326 audit(1105.500:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2289 comm="syz.4.13383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58ccf8e969 code=0x7ffc0000 [ 1106.698141][ T2317] netlink: 16 bytes leftover after parsing attributes in process `syz.7.13394'. [ 1108.090972][ T2356] sctp: [Deprecated]: syz.7.13413 (pid 2356) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1108.090972][ T2356] Use struct sctp_sack_info instead [ 1108.256773][ T4243] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 1108.307895][ T2359] netlink: 'syz.1.13415': attribute type 11 has an invalid length. [ 1108.327386][ T2359] netlink: 140 bytes leftover after parsing attributes in process `syz.1.13415'. [ 1108.459943][ T4243] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1108.496961][ T4243] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1108.565303][ T4243] usb 6-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1108.600880][ T4243] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1108.668525][ T4243] usb 6-1: config 0 descriptor?? [ 1108.837982][ T2369] loop4: detected capacity change from 0 to 1024 [ 1109.154641][ T2369] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1109.175706][ T4243] Bluetooth: Can't get version to change to load ram patch err [ 1109.236225][ T4243] Bluetooth: Loading patch file failed [ 1109.253813][ T4243] ath3k: probe of 6-1:0.0 failed with error -71 [ 1109.311103][ T4243] usb 6-1: USB disconnect, device number 41 [ 1109.342247][ T2369] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 623: comm syz.4.13418: Attempting to read directory block (623) that is past i_size (638464) [ 1109.683804][ T4261] EXT4-fs (loop4): unmounting filesystem. [ 1109.976287][ T2405] netlink: 28 bytes leftover after parsing attributes in process `syz.5.13433'. [ 1110.732698][ T2429] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1110.854278][ T2429] overlayfs: missing 'lowerdir' [ 1111.184104][ T2417] vxcan1 speed is unknown, defaulting to 1000 [ 1111.616818][ T2452] loop1: detected capacity change from 0 to 1024 [ 1111.641471][ T2452] EXT4-fs: Ignoring removed orlov option [ 1111.762803][ T2452] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1112.058008][ T4252] EXT4-fs (loop1): unmounting filesystem. [ 1113.248470][ T2466] loop3: detected capacity change from 0 to 32768 [ 1113.326822][ T2466] [ 1113.326822][ T2466] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1113.326822][ T2466] [ 1113.528300][ T2466] [ 1113.528300][ T2466] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1113.528300][ T2466] [ 1113.597651][ T2466] [ 1113.597651][ T2466] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1113.597651][ T2466] [ 1113.721398][ T106] [ 1113.721398][ T106] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1113.721398][ T106] [ 1113.947248][ T4931] [ 1113.947248][ T4931] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1113.947248][ T4931] [ 1113.970795][ T4931] [ 1113.970795][ T4931] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1113.970795][ T4931] [ 1114.044627][ T4262] [ 1114.044627][ T4262] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1114.044627][ T4262] [ 1114.104252][ T4262] [ 1114.104252][ T4262] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1114.104252][ T4262] [ 1114.158494][ T106] [ 1114.158494][ T106] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1114.158494][ T106] [ 1114.211159][ T106] ================================================================== [ 1114.222097][ T106] BUG: KASAN: use-after-free in txEnd+0x329/0x520 [ 1114.229151][ T106] Write of size 8 at addr ffff888077d42040 by task jfsCommit/106 [ 1114.237894][ T106] [ 1114.240291][ T106] CPU: 0 PID: 106 Comm: jfsCommit Not tainted 6.1.138-syzkaller #0 [ 1114.250779][ T106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1114.268508][ T106] Call Trace: [ 1114.275394][ T106] [ 1114.278933][ T106] dump_stack_lvl+0x168/0x22e [ 1114.283956][ T106] ? __lock_acquire+0x7c50/0x7c50 [ 1114.290074][ T106] ? show_regs_print_info+0x12/0x12 [ 1114.295913][ T106] ? load_image+0x3b0/0x3b0 [ 1114.300953][ T106] ? _raw_spin_lock_irqsave+0xb0/0xf0 [ 1114.307453][ T106] ? __virt_addr_valid+0x188/0x540 [ 1114.313141][ T106] ? __virt_addr_valid+0x465/0x540 [ 1114.319445][ T106] ? txEnd+0x329/0x520 [ 1114.323857][ T106] print_report+0xa8/0x220 [ 1114.328856][ T106] kasan_report+0x10b/0x140 [ 1114.334518][ T106] ? txEnd+0x329/0x520 [ 1114.339165][ T106] kasan_check_range+0x27b/0x290 [ 1114.344623][ T106] txEnd+0x329/0x520 [ 1114.349789][ T106] jfs_lazycommit+0x5a2/0xa50 [ 1114.354718][ T106] ? txFreelock+0x5a0/0x5a0 [ 1114.359758][ T106] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 1114.367437][ T106] ? do_task_dead+0xd0/0xd0 [ 1114.367479][ T106] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 1114.367514][ T106] ? __kthread_parkme+0x162/0x1c0 [ 1114.367550][ T106] kthread+0x29d/0x330 [ 1114.367582][ T106] ? txFreelock+0x5a0/0x5a0 [ 1114.367611][ T106] ? kthread_blkcg+0xd0/0xd0 [ 1114.367646][ T106] ret_from_fork+0x1f/0x30 [ 1114.367683][ T106] [ 1114.367692][ T106] [ 1114.367697][ T106] Allocated by task 2466: [ 1114.367707][ T106] kasan_set_track+0x4b/0x70 [ 1114.367738][ T106] __kasan_kmalloc+0x8e/0xa0 [ 1114.367782][ T106] lmLogOpen+0x2c0/0xf90 [ 1114.367810][ T106] jfs_mount_rw+0xf2/0x5c0 [ 1114.367839][ T106] jfs_fill_super+0x58e/0xac0 [ 1114.367866][ T106] mount_bdev+0x287/0x3c0 [ 1114.367889][ T106] legacy_get_tree+0xe6/0x180 [ 1114.367913][ T106] vfs_get_tree+0x88/0x270 [ 1114.367937][ T106] do_new_mount+0x24a/0xa40 [ 1114.367959][ T106] __se_sys_mount+0x2d6/0x3c0 [ 1114.367981][ T106] do_syscall_64+0x4c/0xa0 [ 1114.368009][ T106] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1114.368043][ T106] [ 1114.368048][ T106] Freed by task 4262: [ 1114.368058][ T106] kasan_set_track+0x4b/0x70 [ 1114.368089][ T106] kasan_save_free_info+0x2d/0x50 [ 1114.368110][ T106] ____kasan_slab_free+0x126/0x1e0 [ 1114.368141][ T106] slab_free_freelist_hook+0x131/0x1a0 [ 1114.368169][ T106] __kmem_cache_free+0xb6/0x1f0 [ 1114.368191][ T106] lmLogClose+0x293/0x520 [ 1114.368214][ T106] jfs_umount+0x28f/0x360 [ 1114.368252][ T106] jfs_put_super+0x88/0x190 [ 1114.368280][ T106] generic_shutdown_super+0x130/0x340 [ 1114.368304][ T106] kill_block_super+0x7c/0xe0 [ 1114.368328][ T106] deactivate_locked_super+0x93/0xf0 [ 1114.368360][ T106] cleanup_mnt+0x463/0x4f0 [ 1114.368385][ T106] task_work_run+0x1ca/0x250 [ 1114.368416][ T106] exit_to_user_mode_loop+0xe6/0x110 [ 1114.368446][ T106] exit_to_user_mode_prepare+0xb1/0x140 [ 1114.368482][ T106] syscall_exit_to_user_mode+0x16/0x40 [ 1114.368512][ T106] do_syscall_64+0x58/0xa0 [ 1114.368538][ T106] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1114.368571][ T106] [ 1114.368576][ T106] Last potentially related work creation: [ 1114.368583][ T106] kasan_save_stack+0x3a/0x60 [ 1114.368613][ T106] __kasan_record_aux_stack+0xb2/0xc0 [ 1114.368633][ T106] call_rcu+0x14b/0x970 [ 1114.368661][ T106] dev_shutdown+0x34b/0x440 [ 1114.368687][ T106] unregister_netdevice_many+0xa32/0x1840 [ 1114.368717][ T106] default_device_exit_batch+0x9c3/0xa50 [ 1114.368749][ T106] cleanup_net+0x77b/0xb80 [ 1114.368775][ T106] process_one_work+0x898/0x1160 [ 1114.368797][ T106] worker_thread+0xaa2/0x1250 [ 1114.368823][ T106] kthread+0x29d/0x330 [ 1114.368852][ T106] ret_from_fork+0x1f/0x30 [ 1114.368880][ T106] [ 1114.368885][ T106] The buggy address belongs to the object at ffff888077d42000 [ 1114.368885][ T106] which belongs to the cache kmalloc-1k of size 1024 [ 1114.368905][ T106] The buggy address is located 64 bytes inside of [ 1114.368905][ T106] 1024-byte region [ffff888077d42000, ffff888077d42400) [ 1114.368926][ T106] [ 1114.368931][ T106] The buggy address belongs to the physical page: [ 1114.368941][ T106] page:ffffea0001df5000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77d40 [ 1114.368966][ T106] head:ffffea0001df5000 order:3 compound_mapcount:0 compound_pincount:0 [ 1114.368983][ T106] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 1114.369030][ T106] raw: 00fff00000010200 ffffea00015ae200 dead000000000002 ffff888017441dc0 [ 1114.369050][ T106] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 1114.369062][ T106] page dumped because: kasan: bad access detected [ 1114.369078][ T106] page_owner tracks the page as allocated [ 1114.369086][ T106] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4057, tgid 4057 (dhcpcd), ts 54847675074, free_ts 54844042841 [ 1114.369123][ T106] post_alloc_hook+0x173/0x1a0 [ 1114.369155][ T106] get_page_from_freelist+0x1a26/0x1ac0 [ 1114.369190][ T106] __alloc_pages+0x1df/0x4e0 [ 1114.369222][ T106] alloc_slab_page+0x5d/0x160 [ 1114.369257][ T106] new_slab+0x87/0x2c0 [ 1114.369282][ T106] ___slab_alloc+0xbc6/0x1220 [ 1114.369307][ T106] __kmem_cache_alloc_node+0x1a0/0x260 [ 1114.369331][ T106] __kmalloc_node+0xa0/0x240 [ 1114.369352][ T106] kvmalloc_node+0x6c/0x180 [ 1114.369371][ T106] bpf_jit_binary_pack_alloc+0x1aa/0x3f0 [ 1114.369405][ T106] bpf_int_jit_compile+0xb9b0/0xcd00 [ 1114.369436][ T106] bpf_prog_select_runtime+0x48b/0x7d0 [ 1114.369469][ T106] bpf_prepare_filter+0x1014/0x11c0 [ 1114.369488][ T106] bpf_prog_create_from_user+0x2ce/0x420 [ 1114.369508][ T106] do_seccomp+0x7a8/0xda0 [ 1114.369532][ T106] __se_sys_prctl+0x3b9/0x1080 [ 1114.369559][ T106] page last free stack trace: [ 1114.369566][ T106] free_unref_page_prepare+0x8b4/0x9a0 [ 1114.369598][ T106] free_unref_page+0x2e/0x3f0 [ 1114.369629][ T106] __unfreeze_partials+0x1a5/0x200 [ 1114.369664][ T106] put_cpu_partial+0x17c/0x250 [ 1114.369695][ T106] qlist_free_all+0x76/0xe0 [ 1114.369718][ T106] kasan_quarantine_reduce+0x144/0x160 [ 1114.369741][ T106] __kasan_slab_alloc+0x1e/0x80 [ 1114.369773][ T106] slab_post_alloc_hook+0x4b/0x480 [ 1114.369799][ T106] kmem_cache_alloc+0x123/0x2f0 [ 1114.369823][ T106] mas_alloc_nodes+0x2ec/0x890 [ 1114.369846][ T106] mas_preallocate+0x11e/0x340 [ 1114.369867][ T106] do_mas_align_munmap+0x1f3/0x1220 [ 1114.369898][ T106] do_mas_munmap+0x240/0x2b0 [ 1114.369934][ T106] __vm_munmap+0x18d/0x290 [ 1114.369964][ T106] __x64_sys_munmap+0x5c/0x70 [ 1114.369994][ T106] do_syscall_64+0x4c/0xa0 [ 1114.370022][ T106] [ 1114.370026][ T106] Memory state around the buggy address: [ 1114.370038][ T106] ffff888077d41f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1114.370060][ T106] ffff888077d41f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1114.370075][ T106] >ffff888077d42000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1114.370086][ T106] ^ [ 1114.370098][ T106] ffff888077d42080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1114.370112][ T106] ffff888077d42100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1114.370124][ T106] ================================================================== [ 1115.024116][ T106] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1115.024135][ T106] CPU: 0 PID: 106 Comm: jfsCommit Not tainted 6.1.138-syzkaller #0 [ 1115.024159][ T106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 1115.024172][ T106] Call Trace: [ 1115.024179][ T106] [ 1115.024188][ T106] dump_stack_lvl+0x168/0x22e [ 1115.024223][ T106] ? memcpy+0x3c/0x60 [ 1115.024264][ T106] ? show_regs_print_info+0x12/0x12 [ 1115.024297][ T106] ? load_image+0x3b0/0x3b0 [ 1115.024331][ T106] panic+0x2c9/0x710 [ 1115.024368][ T106] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 1115.024393][ T106] ? bpf_jit_dump+0xd0/0xd0 [ 1115.024428][ T106] ? _raw_spin_unlock_irqrestore+0xf6/0x100 [ 1115.024459][ T106] ? _raw_spin_unlock+0x40/0x40 [ 1115.024491][ T106] check_panic_on_warn+0x80/0xa0 [ 1115.024515][ T106] ? txEnd+0x329/0x520 [ 1115.024540][ T106] end_report+0x66/0x110 [ 1115.024578][ T106] kasan_report+0x118/0x140 [ 1115.024611][ T106] ? txEnd+0x329/0x520 [ 1115.024640][ T106] kasan_check_range+0x27b/0x290 [ 1115.024674][ T106] txEnd+0x329/0x520 [ 1115.024702][ T106] jfs_lazycommit+0x5a2/0xa50 [ 1115.024732][ T106] ? txFreelock+0x5a0/0x5a0 [ 1115.024757][ T106] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 1115.024788][ T106] ? do_task_dead+0xd0/0xd0 [ 1115.024816][ T106] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 1115.024847][ T106] ? __kthread_parkme+0x162/0x1c0 [ 1115.024879][ T106] kthread+0x29d/0x330 [ 1115.024909][ T106] ? txFreelock+0x5a0/0x5a0 [ 1115.024935][ T106] ? kthread_blkcg+0xd0/0xd0 [ 1115.024967][ T106] ret_from_fork+0x1f/0x30 [ 1115.025003][ T106] [ 1115.025421][ T106] Kernel Offset: disabled [ 1115.763343][ T106] Rebooting in 86400 seconds..