last executing test programs: 1m30.14267451s ago: executing program 5 (id=6505): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000300)=ANY=[@ANYBLOB="24000000680001002dbd7000fcffff7f00400000000000000a0002"], 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040184) 1m29.76554463s ago: executing program 5 (id=6509): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0) 1m29.43332622s ago: executing program 5 (id=6513): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000021401002bbd7000fddbdf2508004400", @ANYRES32, @ANYBLOB="080010"], 0x20}, 0x1, 0x0, 0x0, 0x40004}, 0x4080) 1m29.265827502s ago: executing program 5 (id=6515): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1010006, &(0x7f0000006840)={[{@gid}, {@gid}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@quota}, {@nodiscard}, {@nointegrity}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@nodiscard}, {@nodiscard}]}, 0x1, 0x626d, &(0x7f0000000380)="$eJzs3cuOHFcZB/Cv+jaXYMfKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffvLMj/7+p+GZ//7lVv+NScvdvv3b//z17qNvLwAAAHRRWZZlkT7mn4yIQfpsDwA8/fLrf5nk29VzV2/OWX/UarVavYB1XTne3XoREZv1dar3DA7HA8CC2YxP2u4CLZJ/pw0i4pm2OwHMtaLtDnAk7j+4s16kfIv668HaTns+F2RP/pvF7vUdk6bTNM8xmdXjayv68dyE/qzMqA/zJOffa+Z/Zad9lJY76vxnZVL+o51Lnzon599v5t/w9OTfG5t/V+X8B4fKvy9/AAAAAACYY/nv/ydaPv679PibciD7Hf9dm1EfAAAAAAAAAOBJO+z4f4PG+H+7jP8HAAAAc6v6rF753fGHt036Lrbq9stFxLHG8kDHpItlVtvuBwAAAAAAAAAAAAB0yWDnHN7LRcQwIo6trpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJq9eHqY3PWH7VarVaPq+vK8e7Wi4jYrK9TvWcwHD8ALJjN+KTtLtAi+XfaICJeaLsTwFwr2u4AR+L+gzvrRcq3qL8epPHd87kge/LfLLbXy+uPm07TPMdkVo+vrejHcxP68/yM+jBPcv69Zv5XdtpHabnHz7/c82fCts4xmpR/tZ0nWuhP23L+/Wb+DUe9/8/KVvTG5t9VOf/BofLvyx8AAAAAAOZY/vv/ibk6/jt61M2Zar/jv2tj1zi6vgAAAAAAAADAk3L/wZ31fN1rPv7/hTHLuf7z6ZTzL+TfSTn/XiP/rzaW69fm7739MP9/P7iz/sdb//p8nh40/6U8U6RHVpEeEUW6p2KQpo+zdZ+1NeyPqnsaFr3+IJ3zUw7fjWtxPTbi7J5le+n/42H7uT3tVU+H2+1lf6f9/J72wW57Xv/CnvZhOruoXMntp2M9fh7X453t9qptacr2L09pL6e05/z79v9OyvkPaj9V/qupvWhMK/c+6n1mv69Px93PW9e++JuzR785U21Ff3fb6qrte6mF/mz/nzwzil/e3Lhx+vbVW7dunIs02XPr+UiTJyznP0w/u8//L++05+f9+v5676PRofOfF1sxmJj/y7X5antfmXHf2pDzH6WfnP87qX38/r/I+U/e/19toT8AAAAAAAAAAAAAAACwn7Isty8RfSsiLqbrf9q6NhMAmK38+l8m+fZZ1f0Z359aveB1MWf9eVL10kGW/7Scm/6q1Qtb15XjvVkvIuJv9XWq9wy/HvfLAIB59mlE/LPtTtAa+XdY/r6/anqq7c4AM3Xzgw9/evX69Y0bN9vuCQAAAAAAAADwqPL4n2u18Z9PlWV5t7HcnvFf3461xx3/c5BndgcYnTBQdf/w27Sfrd6o36sNN/5iTBr/e7g7t9/434Mp9zec0j6a0r40pX15SvvYCz1qcv4v1sY7PxURJxvDr3dh/NfmmPddkPN/qfZ4rvL/SmO5ev7l7xc5/96e/M/cev8XZ25+8OFr196/+t7Gexs/u3Du3NkLFy9eunTpzLvXrm+c3fm3xR4frZx/HvvaeaDdkvPPmcu/W3L+X0q1/Lsl5//lVMu/W3L++f2e/Lsl558/+8i/W3L+r6Ra/t2S8/9aquXfLTn/V1Mt/27J+X891fLvlpz/a6mWf7fk/E+nWv7dkvM/k+oD5r9y1P1iNnL++QiX/b9bcv75zAb5d0vO/3yq5d8tOf8LqZZ/t+T8X0+1/Lsl5/+NVMu/W3L+F1Mt/27J+X8z1fLvlpz/pVTLv1ty/t9Ktfy7Jef/7VTLv1ty/m+kWv7dkvP/Tqrl3y05/++mWv7dkvP/Xqrl3y05/zdTLf9uefj9/2bMmDGTZ9p+ZgIAAAAAAAAAAAAAmmZxOnHb2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2Lu7GLnO+n7gZ9a767UDiYGQv5O/AxvHhJBssms78QttigmvDW8lEAp9wXa9a7Pg2MZrl0Aj2TRQImFUVNE2XLQFhNrcVKQSF7QClAvUCqkStFLpDaJC5SKqAgpIlWgF2WrOeZ5nZ2bnZde7Xp855/OR7J935pw5z5x5ztn57fo7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWt3yurlPNbIsa/7J/9qWZS9o/nvL5Lb8tldf7RECAAAAa/XL/O/nrks3HFrBSi3L/NPLvvPVxcXFxey9m/507HOLi+mOySwb25xl+X3RUz98X6N1meCxbKIx0vL1yIDNbxpw/+iA+8cG3D8+4P7NA+6fGHD/sh2wzJbi5zH5g+3K/7mt2KXZ9dlYft+uLms91tg8MhJ/lpNr5Ossjh3P5rOT2Vw207Z8sWwjX/7rtzS39eYsbmukZVs7mjPkp48ei2NohH28q21bS48Z/fi12eTPfvrosb8+9+yN3erA3dD2eMU4b9/ZHOcnwi3FWBvZ5rRP4jhHWsa5o8trsqltnI18vea/O8f53ArHuWlpmBuq8zWfyEbyf38330+jrT/WS/tpR7jt57dmWXZxadidyyzbVjaSbW27ZWTp9ZkoZmTzMZpT6cXZ6Krm6S0rmKfNOrurfZ52HhPx9b8lrDfaYwytL9OPPz7e8rr/YvFy5mnUfNa9jpXOObjex0pZ5mCcF9/Nn/TjXefgrvD8H72t9xzsOne6zMH0vFvm4M5Bc3BkfFM+5vQiNPJ1lubg7rblN+VbauT1mdv6z8Hpcw+fmV746Mfumn/46Im5E3On9u7ePbN3374DBw5MH58/OTdT/H2Ze7v8tmYj6RjYGfZdPAZe2bFs61Rd/OL4svPv5R6HE32Ow20dy673cTja+eQaG3NALp/TxbHx7uZOn7g0kvU4xvLX5461H4fpebcch6Mtx2HX7yldjsPRFRyHzWXO3LGy9yyjLX+6jaH394K1zcFtLXOw8/1I5xxc7/cjZZmDE2FefP+O3t8LdoTxPj612vcjm5bNwfR0w7mneUt6vz9xIC/d5uVNzTuuGc/OL8ydvfuRo+fOnd2dhbIhXtIyVzrn69aW55Qtm68jq56vh+Zf9vhNXW7fFvbVxF3NvyZ6vlbNZe65u/9rlX93674/227dk4WyzjZ6f3b7bt7cn+NZ9vlvffzBbzz6+df13J/NfvMT02t/Lx760sXChfwxxnqcf2Pf/3yxvfRQj20aGy2O301p74y1nY/bX6rR/NzVyLf93PTKzsdj4c9Gn4+v73M+3t6x7Hqfj8c6n1w8HzcG/bRjbTpfz4kwT07O9D8fN5fZvme1c3K07/n41lAbYf+/KnQKqS9qmTu95m3a1ujoWHheo3EL7fN0b9vyY6E3a27ryT3hTWEa5crm6e23Fstvalkv2qh5Otmx7HrP0/Szr17ztDHop2+Xp/P1nAjz4vq9/edpc5mn71n7uXNL/GfLe9fxQXNwbNN4c8xjaRLm5/tscUucg3dnx7LT2clsNr93PJ9PjXxbU/eu7Fw5Hv5s9Llye585eHvHsus9B9PPV3vNvcbo8ie/Djpfz4kwL564t/8cbC7z+v3r+9719nBLWqblvWvnz9d6/czrpo7ddKXmymgY57f29//ZbHOZkwdW22f23093hluu6bKfOo/fXsfUbLYx+2l7GOezB3rvp+Z4mst87uAK59OhLMsufPj+/Oe94fcrF85/76ttv3fp9judCx++/ycvPP6Pqxk/AMPv+aJsLb7XtfxmaiW//wcAAACGQuz7R0JN9P8AAABQGbHvj/8rPNH/AwAAQGXEvn801KQK/f8fDl5k++ufnX/+QpaS+eFDE1JmLu2GB4rlYsZ1Jnw9ubikefv9X57773+4sLLhjWRZ9osH/qDr8tsfiOMqTIZxPvWG9tuX+epdK9r2kYcupO225te/EB4/Pp+VToNuEdyZLMu+ft1n8u1Mvu9SXp9+4EheH7z4+GPNZZ47WHwd13/mJcXyfxHCv4eOH21b/5mwH34U6sxbuu+PuN5XLr1qx/73LG0vrtfYeW3+tJ94f/G48XNyPvtYsXzcz73G/41PP/mV5vKPvKL7+C+MdB//k+Fxvxzq/9xcLN/6GjS/jut9Mow/bi+ud/eXvtl1/E99qlj+zBuL5Y6EGrd/e/h61xufnW/dX480jrY9r+xNxXJx+zPf++P8/vh48fE7xz9x+FLb/uicH0//a/E40x3Lx9vjdqK/79h+83Fa52fc/pN/dKRtPw/a/lMPPnNz83E7t39nx3JnPnxHvv2lx2v/xKa//ORnum4vjufQ355pez6H3hmO47D9J94f5mO4/3+fKh6v89MVjryz/fwTl//Ctgttzyd688+K7T/1mhN53TyxZes1L3jhtRdf3tx3WfbdzcXjDdr+ib863Tb+L95Q7I94f8zod26/l7j9sx+ZOnV64fz8bNqrj16Xf3bOW4vxxPFeF86tnV8fPn3uA3NnJ2cmZ7JssrofoXfZvhTqT4pysf/Si8vOoHc8FF7Pm/7861tv+5dPx9v//d3F7ZfeUnzfemVY7rPh9m3h9Vvd9pd74pYb8uO78XQY4eLyzwteix27/uvAihYMz7/zfUGc72de+oF8PzTvy79vxON6jeP/wWzxOF8L+3UxfDLzzhuWtte6fPxshEvvKo73Ne+/cJqLr+vfhNf7bT8qHj+OKz7fH4T3Md/c3n6+i/PjaxdGOh8//xSPi+F8kl0s7o9Lxf196bkbug4vfg5JdvHG/Os/SY9z46qeZi8LH12YPjl/6vwj0+fmFs5NL3z0Y4cfPn3+1LnD+Wd5Hv7goPWXzk9b8/PT7Ny+e7L8bHW6KFfY1R7/mYeOze6fuW127vjR88fPPXRm7uyJYwsLx+ZmF247evz43EcGrT8/e9/uPQf37t8zdWJ+9r4DBw/uPTg1f+p0cxjFoAbYN/OhqVNnD+erLNx3z8Hd9957z8zUw6dn5+7bPzMzdX7Q+vn3pqnm2r8/dXbu5NFz8w/PTS3Mf2zuvt0H9+3bM/DTAB8+c3xhcvrs+VPT5xfmzk4Xz2XyXH5z83vfoPWppoX/KN7PdmoUH8SXvePOfenzWZu+/PGeD1Us0vEBos+Gz6L59ovOHFjJ17HvHws1qUL/DwAAAORi3z8eaqL/BwAAgMqIff/mUBP9PwAAAFRG7PsnQk3/JaAm/X/l8v/bL6xo+/L/8v+t+0v+v2b5/3eVLf9fnC9S/j/Lspvl/y/bWvP31cv/j7Z9Jf8/gPy//L/8v/w/66ps+f/Y92/JMr//BwAAgIqKff/WUBP9PwAAAFRG7PuvCTXR/wMAAEBlxL7/BaEmNen/5f/l/+X/5f/l/7tv/6rl/13/f03k//uT/x9A/n86q1f+/+J6jv8q5P+3tH4h/08ZlS3/H/v+F4aa1KT/BwAAgCHW+6cGHWLff22oif4fAAAAKiP2/deFmuj/AQAAoDJi378t1KQm/b/8/5ry/ylzJf/fPn75/3by/2E+yP/L/28A+f/+5P8HkP93/f/hyv+3kf+njMqW/499/4tCTWrS/wMAAEAdxL7/xaEm+n8AAAAon9HLWy32/S8JNVnW/1/mBgAAAICrLvb912cdQfCa/P5f/t/1/+X/5f/l/7tvf+X5/02Z/H95yP/3J/8/gPy//L/8/6ry/42WNwHy/3RTtvx/3vdnE9lLQ01q0v8DAABAHcS+/4ZQE/0/AAAAVEbs+/9fqIn+HwAAACoj9v3bQ01q0v/L/1cm///z1pdO/l/+v9/25f9d/7/K5P/7k/8fQP5f/l/+3/X/WVdly//Hvv/GUJOa9P8AAABQB7HvvynURP8PAAAAlRH7/v8faqL/BwAAgMqIff+OUJOa9P/y/yXP/8fkqOv/y//L/5cy/z8h/1868v/9yf8PIP8v/y//L//Puipb/j/2/TeHmtSk/wcAAIA6iH3/y0JN9P8AAABQGbHvf3moif4fAAAAKiP2/ZPZv7XfUZP+fzX5/8ZF+f9ervD1/8dXcP3/NvL/8v/9ti//7/r/VSb/35/8/wDy//L/8v/y/6yrsuX/J/O1JrJbQk1q0v8DAABAHcS+f2eoif4fAAAAKiP2/beGmuj/AQAAoDJi378r1KQm/b/r/w9F/j+T/5f/l/+X/5f/Xxn5//7k/weQ/5f/l/+X/2ddlS3/H/v+V4Sa1KT/BwAAgDqIff9toSb6fwAAAKiM2Pe/MtRE/w8AAACVEfv+20NNatL/y//L/8v/y//L/3ffvvz/cJL/70/+fwD5f/l/+X/5f9ZV2fL/se9/VahJTfp/AAAAqIPY998RaqL/BwAAgMqIff+doSb6fwAAAKiM2PdPhZrUpP+X/5f/l/+X/5f/7759+f/hJP/fn/z/APL/8v/y//L/rKuy5f9j339XqElN+n8AAACog9j33x1qov8HAACAyoh9/3Soif4fAAAAKiP2/TOhJjXp/+X/5f/l/+X/V5X/f/nS48r/F+T/y0X+vz/5/wHk/+X/r3r+f0z+n0opW/4/9v27Q01q0v8DAABAHcS+f0+oif4fAAAAKiP2/XtDTfT/AAAAUBmx778n1KQm/X+V8v/5M5D/b1tP/l/+v9v2Xf9f/r/K5P/7W//8f3yK8v/y//L/rv8v/89yZcv/x77/3lCTmvT/AAAAUAex798XaqL/BwAAgMqIff/+UBP9PwAAAFRG7PsPhJrUpP+vUv6/WFH+PytR/j+S/y/I/8v/y/9fefL//bn+/wDy//L/Q5z/b84t+X/Kpmz5/9j3Hww1qUn/DwAAAHUQ+/5Xh5ro/wEAAKAyYt//K6Em+n8AAACojNj3/2qoSU36f/l/+X/X/5f/L3v+f1z+X/5/FeT/+5P/H0D+X/5/iPP/rv9PGZUt/x/7/vtCTWrS/wMAAEAdxL7/10JN9P8AAABQGbHvf02oif4fAAAAKiP2/YdCTWrS/w9v/n+8xxMqaf4/3ij/L/8v/+/6//L/V9S65P//Tv5f/l/+X/5f/l/+n/VQtvx/7PtfG2pSk/4fAAAA6iD2/feHmuj/AQAAoDJi3/+6UBP9PwAAAFRG7PtfH2pSk/5/ePP/vZ5QSfP/Nbn+/9hl5f/H2sYu/7+0nvx/Qf5f/n81XP+/P/n/AeT/5f/l/+X/WVdly//Hvv8NoSY16f8BAACgDmLf/8ZQE/0/AAAAVEbs+98UaqL/BwAAgMqIff+bQ01q0v/L/8v/u/6//L/8f/fty/8PJ/n//uT/B5D/l/+X/5f/Z12VLf8f+/5fDzWpSf8PAAAAdRD7/gdCTfT/AAAAUBmx739LqIn+HwAAACoj9v1vDTWpSf8v/y//L/8v/y//33378v/DSf6/vyHL///y2nC7/H9B/r/c419t/n+04+srkv//Ya/8/+LmzvXl/7kSypb/j33/20JNatL/AwAAQB3Evv/toSb6fwAAAKiM2Pe/I9RE/w8AAACVEfv+3wg1qUn/L//fHMdSeln+X/4/v0H+X/5f/n9oyf/3N2T5f9f/7yD/X+7xu/6//D/LlS3/H/v+d4aa1KT/BwAAgDqIff+DoSb6fwAAAKiM2Pe/K9RE/w8AAACVEfv+d4ea1KT/l/93/X/5f/l/+f/u25f/H07y//3J/w8g/y//X7b8/3/K/zPcypb/j33/Q6EmNen/AQAAoA5i3/+eUBP9PwAAAFRG7Pt/M9RE/w8AAACVEfv+94aa1KT/l/8flvz/pPz/KvP/4+E2+X/5f/n/epH/70/+fwD5f/n/suX/y3j9/4nu68v/003Z8v+x739fqMnK+/8eRwAAAABQFrHv/61Qk5r8/h8AAADqIPb9vx1qov8HAACAyoh9/++EmtSk/5f/H5b8v+v/Z67/L//f8Xzk/+X/u9m4/H8888j/y//L/0fy/zXJ//cg/083Zcv/x77/d0NNatL/AwAAQB3Evv/9oSb6fwAAABgK3f5PdqfY9x8ONdH/AwAAQGXEvv9IqElN+n/5f/l/+f+S5v//bOc/f/87bz+yW/5f/l/+f1U29Pr/zYPf9f/l/+X/E/l/+X/5fzqVLf8f+/6joSZLjd9bXeAfAAAAhlvs+38v1KQmv/8HAACAOoh9/7FQE/0/AAAAVEbs+2dDTWrS/8v/y//L/5c0/z/E1/+P+2OY8v9Tm4co/x9PuvL/XW1o/v89Szlx+f/V5v/Hu97amf9vyP+3kf9f9fi/nWWZ/L/8P1dR2fL/se+fCzWpSf8PAAAAdRD6/pHjRV26Q/8PAAAAlRH7/hOhJvp/AAAAqIzY938g1KQm/b/8v/y//L/8v+v/d99+afP/rv/fl/x/f+XJ/3fn+v/y/8M8fvl/+X+WK1v+P/b986EmNen/AQAAoA5i3//BUBP9PwAAAFRG7Ps/FGqi/wcAAIDKiH3/yVCTmvT/8v/y//L/8v/y/923/3/s3cezpmWZx/H3QFN0D0XN7GYxi3HvyoUrFrJwpX+ACzYutMqySlAxJxpzxJwDBlQMGEARE5gDmFDMomLOATNqtQV9XVef0+c5z3tO93vO+zz3/fks5sKGnvcw1QP+aL596//nSf8/Tv+/hP5f/6//1/+zUlPr/3P3PyRu6WT/AwAAQA9y918Yt9j/AAAA0Izc/RfFLfY/AAAANCN3/0Pjlk72v/5f/99s/38v/f9On6//1/+3TP8/Tv+/hP5f/6//1/+zUlPr/3P3Pyxu6WT/AwAAQA9y9z88brH/AQAAoBm5+y+OW+x/AAAAaEbu/kfELZ3s/5P6/41Fn/1/Zrz6/5b6f+//7/j5+n/9f8sOtv+/9M6/8un/9f/6/6D/1//r/znZ1Pr/3P2PjFs62f8AAADQg9z9j4pb7H8AAABoRu7+R8ct9j8AAAA0I3f/Y+KWTva/9/+9/z+t/v8M/b/+X/+v/z8t3v8f11P/f/Et51x4+7X/d91ePl//r//X/+v/Wa2p9f+5+x8bt3Sy/wEAAKAHufsfF7fY/wAAANCM3P2Pj1vsfwAAAJihI4Pfmrv/CXFLJ/tf/6//n1b/v8b3/w9Psv/P39T/6//1/7uk/x/XU/9/Kp+v/9f/6//1/6zW1Pr/3P1PjFs62f8AAADQg9z9T4pb7H8AAACYrqF/EXtE7v5L4hb7HwAAAJqRu/9o3NLJ/tf/73///2/9/zz6f+//6//1/03Q/4/T/y+h/9f/6//1/6zU1Pr/3P2Xxi2d7H8AAADoQe7+J8ct9j8AAAA0I3f/U+IW+x8AAACakbv/qXFLJ/tf/+/9f/1/z/3/PeP36P+HPl//P0/6/3HT7f+P/3+W/n/2/f9Z+n/9v/6fzfbY/98x8pftlfT/ufufFrd0sv8BAACgB7n7nx632P8AAADQjNz9z4hb7H8AAABoRu7+Z8Ytnex//b/+X//fc/9/mu//b/+hdxf9/zD9/8HQ/4+bTP+/cWjwm/X/6+7/j/239//1//p/Vmlq7//n7n9W3NLJ/gcAAIAe5O5/dtwysv/3/A/zAQAAgLXK3f+cuMXP/wMAAMDsZXWWu/+5cUsn+1//r//X/+v/T7n/7/j9/+s2fX36/2nR/4+bTP+/A/3/uvv/9fbzc//69f/6f7abWv+fu/95cUsn+x8AAAB6kLv/srjF/gcAAIBm5O5/ftxi/wMAAEAzcve/IG7pZP8P9/8nfr/+f3f0/1u/fv3/8I+PVfX/+b9R/z/a/5/v/f8+6f/H6f+X0P/r//X/O/X/R5Z9f/0/Q6bW/+fuf2Hc0sn+BwAAgB7k7n9R3GL/AwAAQDNy9784brH/AQAAoBm5+18St3Sy/73/r//X/8+v/5/H+//bM8GW3v9fHHj/f0j/v0v6/3H6/yX0/5v6+Y2F/r/j/v/cHd7/H/lVAPT/DJla/5+7/6VxSyf7HwAAAHqQu/9lcYv9DwAAAPOw+d8dOPlfKA25+18et9j/AAAA0Izc/a+IW9rZ/6Nvder/9f/6f/1/o+//N9b/e/9/t/T/4/T/S+j/96OfP9RY/3/5Tt9/Cv3/Jfv3/v89ln1//T9DtvT/15/49nX1/7n7Xxm3tLP/AQAAoHu5+18Vt9j/AAAA0Izc/a+OW+x/AAAAaEbu/tfELZ3s/33v/0d+9QH9v/5f/6//1//r/1dN/z9O/7+E/n+t7+fP/eufQv+/svf/9f+syJb+f5N19f+5+18bt3Sy/wEAAKAHuftfF7fY/wAAANCM3P2Xxy32PwAAADQjd//r45ZO9r/3//X/+n/9v/5/+PP1//N0Wv39Gfr/ov/X/+v/9f/6f1Zgav1/7v43xC2d7H8AAADoQe7+N8Yt9j8AAAA0I3f/m+IW+x8AAACakbv/irilk/2v/9/f/j+/Xf+v/1/o//X/+v8D0e37/xtDfyfabof+/6YHHb3v1m/R/+v/9f/6f/0/u/Q/I79vEv3/sRP/7TJ3/5vjlk72PwAAAPQgd/9b4hb7HwAAAJqRu/+tcYv9DwAAAM3I3X9l3LLH/T/WPEyZ/t/7//p//b/+f/jz9f/z1G3/v0ve/19C/6//1//nD0f9Pysxif5/03/O3f+2uMXP/wMAAEAzcve/PW6x/wEAAKAZufvfEbfY/wAAANCM3P3vjFs62f/6f/2//l//r/8f/nz9/zzp/8fp/5eYU/9/5Wn0/4eGv3nd/fzpWvfX30j/7/1/Vmpq/X/u/qvilk72PwAAAPQgd/+74hb7HwAAAJqRu//dcYv9DwAAAM3I3f+euKWT/a//1//r//X/+v/hz9f/z5P+f5z+f7FYXD3yBQz1/8fOnmb/7/3/yX39+n/9P9tNrf/P3f/euKWT/Q8AAAA9yN1/ddxi/wMAAEAzcvdfE7fY/wAAANCM3P3vi1s62f/6f/2//l//r/8f/nz9/zzp/8fp/5eY0/v/+v/Jff36f/0/202t/8/d//64pZP9DwAAAD3I3X9t3GL/AwAAQDNy938gbrH/AQAAoBm5+6+LWzrZ//p//b/+X/8/q/7/TP2//n/c/vX/C/2//l//v4T+X/+v/+dkU+v/c/d/MG7pZP8DAABAD3L3fyhusf8BAACgGbn7Pxy32P8AAADQjNz9H4lbOtn/+n/9v/5f/z+r/t/7//r/Jbz/P07/v4T+X/+v/9f/s1LD/f8la+v/c/d/NG7pZP8DAABAD3L3Xx+32P8AAADQjNz9N8Qt9j8AAAA0I3f/x+KWTva//l//v7X/Xyz0//p//f9xY/3/4dX0/4cX+v+V29f+/4qI0fX/+n/9/6DJ9v9nLBrq/4/s+P31/0zR1N7/z93/8bilk/0PAAAAPcjd/4m4xf4HAACAZuTu/2TcYv8DAABAM3L3fypu6WT/6//1/97/1//r/4c/3/v/8+T9/3H6/yX0/232/97/1/+zNjf81/FfX+xk6+r/c/d/Om7pZP8DAABAD3L3fyZusf8BAACgGbn7Pxu32P8AAADQjNz9n4tbOtn/+n/9v/5f/6//H/58/f886f/H6f+X0P/r//X/+n9Wamrv/+fu/3zc0sn+BwAAgB7k7r8xbrH/AQAAoBm5+2+KW+x/AAAAaEbu/i/ELZ3sf/2//l//P8/+/7D+X/+v/x80lf7/vPPuc7P+X/+v/9f/6//1/72bWv+fu/+LcUsn+x8AAAB6kLv/S3GL/Q8AAADNyN3/5bjF/gcAAIBm5O7/StzSyf7f3v+ftTheqB431P9Ho6b/30T/v/Xr1/8P//jw/r/+X/+//6bS/3v//9S+fv2//n/OX/+e+v+7bf/++n9aNLX+P3f/zXFLJ/sfAAAAepC7/6txi/0PAAAAzcjd/7W4xf4HAACAZuTuvyVu6WT/e/9f/6//1//r/4c/X/8/T/r/cfr/JfT/+n/v/1/0gDP1/6zO1Pr/3P1fj1s62f8AAADQg9z934hb7H8AAABoRu7+b8Yt9j8AAAA0I3f/t+KWTva//l//r//X/+v/hz9f/z9P+v9x+v9y8p/acf30/4eHvnHd/fzpWvfX30z/7/1/Vmhq/X/u/m/HLZ3sfwAAAOhB7v7vxC32PwAAADQjd/934xb7HwAAAJqRu/97cUsn+1//r/9vv/+/v/7/pM/X/+v/W6b/z7+jD9P/L9FP/z9o3f383L9+/b/+n+2m1v/n7r81bulk/wMAAEAPcvd/P26x/wEAAKAZuft/ELfY/wAAANCM3P0/jFs62f/6/776/41Fj/2/9//1//r/nuj/x+n/l9D/6//1//p/Vmpq/X/u/ts2DnW5/wEAAGCu7nf3B9+62z/2trv+5+HFj+KW8xfHdvnT2AAAAMDE3bn7Nw4tFj++6z/5+X8AAABoUe7+n8Qtnex//X9f/X+f7//r//X/+v+e6P/H6f+X0P/r/3f6+o/p/5d9f/0/Q6bW/+fu/2ncsmn4HdrznyUAAAAwJbn7fxa3dPLz/wAAANCD3P0/j1u27X+/HCAAAADMVe7+X8Qts/35/3P39Efr/yfe/y/2qf+PP07/f5z+X/8/9Pn6/3nS/487zf7/2Ib+X/8/oun+3/v/+n9OydT6/9z9v4xbZrv/AQAAgMViseWfKOTu/1XcYv8DAABAM3L3/zpusf8BAACgGbn7fxO3dLL/9f8H3v9nqr6P7/8fqd/y/n/n/f9lhwc/X/+v/2+Z/n9c3+//33v5k876/1b6/7P1//p/pmFq/X/u/t/GLZ3sfwAAAOhB7v7fxS32PwAAADQjd//v4xb7HwAAAJqRu/8PcUsn+1//P/H3/0+p/9/F+//6/z76/x0+v53+/3/POXrjBQ+85ir9PyccZP+fPxb0/3Pp/3dB/99K/+/9f/0/E7H6/n/rL+Wy1/4/d/8f45ZO9j8AAAD0IHf/7XGL/Q8AAADNyN3/p7jF/gcAAIBm5O7/c9zSyf7X/+v/p9L/5/+t19D/Hz3l/v/IYrFYS/+fTXHv/b/3//X/23n/f5z+fwn9v/5f/6//Z6VW3/9v/ca99v+5+/8St3Sy/wEAAKAHufv/Grfk/t/Y8z+6BwAAACYmd//f4hY//w8AAADNyN3/97ilk/2v/9f/T6X/T97/P/H92nr//4KKU/vs//+/fkv/v7/0/+P0/0vo//X/+n/9Pys1tf4/d/8/4pZO9j8AAAD0IHf/HXGL/Q8AAADNyN3/z7jF/gcAAIBm5O7/V9zSyf7X/7fa/2cRr//X/0+l//f+v/f/D4b+f5z+fwn9v/5f/6//Z6Wm1v/n7v9PAAAA//8si2f+") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) 1m27.837166863s ago: executing program 5 (id=6531): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) ioctl$SNDCTL_DSP_GETFMTS(r0, 0x8004500b, &(0x7f0000000180)=0x5) 1m26.818119047s ago: executing program 5 (id=6544): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000980)={{0x2000000, 0x2000005}, {0x2000000, 0x2000005}, 0x5, 0x6}) 1m26.287554703s ago: executing program 32 (id=6544): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000980)={{0x2000000, 0x2000005}, {0x2000000, 0x2000005}, 0x5, 0x6}) 18.426588677s ago: executing program 4 (id=7387): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) getxattr(0x0, 0x0, 0x0, 0x0) 18.029115073s ago: executing program 4 (id=7391): r0 = fsopen(&(0x7f0000000100)='tmpfs\x00', 0x0) readv(r0, &(0x7f0000001680)=[{&(0x7f0000000040)=""/48, 0x30}, {0x0}], 0x2) 17.623153922s ago: executing program 4 (id=7394): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x3, &(0x7f00000001c0), 0x4) 17.381734965s ago: executing program 4 (id=7398): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x4, &(0x7f0000000140)={[{@uid}, {@nodecompose}, {@umask={'umask', 0x3d, 0x1}}, {@barrier}, {@gid={'gid', 0x3d, 0xee00}}, {@nodecompose}, {@gid}, {@nls={'nls', 0x3d, 'cp1251'}}, {}, {@barrier}]}, 0xfc, 0x6ea, &(0x7f0000000f80)="$eJzs3c1vHGcdB/Dv7K7fUtG6bdIWVImoEQURkfhFKQQJJSCEfKhQBAckbiZxGitOWtkuuBEC837toX9Ae8iNExL3oHKGC4KjxakSohdOvi2a2dn12t71S5zEMXw+1ew8M8/7b2dmdza1JsD/rbnzaT1Ikbnzb66V2xv3Z5c27s+O1dlLScp0I2l1VinuJsXHydV0lny23FmXL4b188Hi5e/9/T8bn3S2WvVSlW/srvfzdpIvHHwW6/WSs0ma9Xq3kR3bY8n4/u1dH9De+PZWegbPv+jllAE71w0cHLf2LuuHqT70fAdOjiLf+Myg/ZPJqfrzrvqcq68OjSc7ukfvUFc5AAAAOGZz/z4zc5jyE/X6uc1sZu3E38YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAE1Ukzc6qWhrd9NkU3ef/j9b7UqdPtAfHPQAAAAAAAAAA2GVk29ZokrHuxpXBNT6/mc2s5dnudruo/s3/tWrjdPX6TN7NShaynAtZy3xWs5rlTCeZ7O9sbX51dXl6WM1iPalrzgysObN9XM2DTXj8YMUAAAAAAAAA4H/eLzO39e//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwNCiSZmdVLae76ck0WknGk4yW5daTv3bTJ0QxaOeDJz8OAAAAOJLxh6jz3GY2s5Znu9vtorrnf6m6Xx7Pu7mb1SxmNUtZyI36Hrq8629s3J9d2rg/e6dcjjz0qsV0fnsY3PMrVYmJ3MxitedCrleDuZFGVbP0zyR3umPaPa5ffFq2faXjJwcc2Y16XXb2fvdXhLEjT/gRmExajYz0IjJVja1zEDzfH4Xdkfjmp8MavdpZtXb2lP6eptPo/fJzutNDmdw35lcOOLNT9bqcz2+H/XLzqI1vdbo+tFAvEo1UkZjpO/pe2jvmyRf/+Pv3by3dvX3r5sr5JzKlx2nnMTHbF4mXDxCJHzy1kWjtnd3YuWOq2nmmu/nRM0m+n/M5m2tZzmJ+nPmsZiFFPdP5+nguXyf3jtTVbVvXhgygZ7R+X5p1ud6YMpfvDBzT2Xy7Ss3ntarus1lMkbdzIwt5o/pvJtP5ai7lUi73vcNnho67mlt11jcOd9af+1KdmEjyu3p93DoXhTKuz/fFtf+aO1nlbe0Z6YvSC3u/u7uvjftPufW5OlH28as9j4YnbWckpvsi8eLekfioXb6uLN29vXxr/p0Bn67tYqRa/+1c0m539r1e55VH3G/2//rzp6PObx9917HyeHkh4/WV5PmMdIbW7Oa92LvKVPEa7a93upe3/RN3NOPl+dzo9NQ5U7879Ewdrb/D7W5ppsp7eWDebJX3Sl9e//et5O0s9b4PAfAUO/XlU6MT/5r4y8SHE7+euDXx5vi3xr429upoRv488vXWVPP1xqvFH/JhfrZ1/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy8lffu3Z5fWlpYHpxoNIdmDUmkfe/2fPdJPgetlZWifpLOofoammgcrfp+id4jfx5fF8efKHbtKWf8aLroPvnocLWmdh9RV48zUP84bK2M9025ObTwqTrRfq4TpUN1MbnzyEyGFB7rBLM55Dyt36KHebgocCJcXL3zzsWV9+59ZfHO/FsLby3cHbl06fLU5UtvzF68ubi0MNV5Pe5RAo/D1vd2AAAAAAAAAAAA4KQ44N8VXPvhj6r/Q/Ch/l7iuOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnGxz59N6kCLTUxemyu2N+7NL5dJNb5VsJWk0kuKnSfFxcjWdJZN9zRXD+vlg8XIzySdbbbW65Rt71GuPHWgW6/WSs0ma9foItrV3/cjtFb0ZlgE71w0cHLf/BgAA//+iRulF") mount$bind(&(0x7f0000000200)='./file1\x00', &(0x7f0000000340)='./file1\x00', 0x0, 0x883042, 0x0) 16.798424037s ago: executing program 4 (id=7404): r0 = socket(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020b06050e020909430016003f00064c0a0006000d0085a178d0bf46d32345653600648d0a000500ebec0cff3959547f509058ba86c902000000004a32000400160009000a0000000000e000e218d1ddf66ed538f252325012f567fb276a4d98cde2ea79", 0x78, 0x0, 0x0, 0x0) 16.080607438s ago: executing program 4 (id=7412): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xf0) sendmmsg(r0, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x48050) 15.114670953s ago: executing program 33 (id=7412): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xf0) sendmmsg(r0, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x48050) 2.448289275s ago: executing program 1 (id=7542): r0 = syz_open_dev$video4linux(&(0x7f0000001600), 0x5, 0xe0c61) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000040)={0x0, 0x4, 0x2005, 0x1}) 2.370684429s ago: executing program 6 (id=7545): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xd3}, @IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x0) 2.096046199s ago: executing program 1 (id=7547): r0 = socket(0x10, 0x3, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newqdisc={0x68, 0x14, 0xf0b, 0xfffdfffe, 0x0, {0x2, 0x0, 0x0, 0x0, {0xfff2, 0xb}, {0xfff2, 0x5}, {0x6, 0xffff}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x0, 0x4, 0x80000001, 0x0, 0x0, 0x8}}, {0x4}}, {{0x1c, 0x1, {0x9, 0x66, 0xc, 0x800, 0x1, 0x0, 0xfffffffc}}, {0x4}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8001}, 0x4000000) 2.086307626s ago: executing program 0 (id=7548): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000007c0)=@newtaction={0x84, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x70, 0x1, [@m_tunnel_key={0x6c, 0x1, 0x0, 0x0, {{0xf}, {0x3c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0xe, @ipv4={'\x00', '\xff\xff', @broadcast}}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e23}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0) 2.074561148s ago: executing program 6 (id=7549): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="6c000000020601000000000600000000000000000e0003006269746d61703a697000000005000400000000000900020073797a3000000000240007800c00028008000140000000000c00018008000140ffffffff050014001e00000005000500020000000500010006"], 0x6c}}, 0x0) 1.895374929s ago: executing program 3 (id=7551): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000c00)=@filter={'filter\x00', 0x42, 0x4, 0x348, 0xffffffff, 0x0, 0x0, 0x1c8, 0xffffffff, 0xffffffff, 0x2b0, 0x2b0, 0x2b0, 0xffffffff, 0x5, 0x0, {[{{@uncond, 0x3127, 0xd0, 0xf8, 0x1ba, {0x46010000}, [@common=@addrtype={{0x30}}, @common=@addrtype={{0x30}, {0x1c0}}]}, @REJECT={0x28}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x11}, @broadcast, 0xffffffff, 0xff000000, 'vlan1\x00', 'macvlan1\x00', {}, {0xff}, 0x16, 0x0, 0x8}, 0x287, 0x70, 0xd0, 0x0, {0x0, 0x4}}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x4, 0x1], 0x4, 0x1}, {0x0, [0x4, 0x11, 0x5, 0x1, 0x1600, 0x9], 0x4, 0x3}}}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00', 0x0, 0x5, 0x1, 0x1}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8) 1.726083131s ago: executing program 1 (id=7553): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000040000701fcffffff00000100017c0000040042800c0001800600060065580000100002800c000380080009"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 1.698626682s ago: executing program 2 (id=7554): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000088010000060a010400000000000000000100000008000b400000000060010480340001800b000100657874686472000024000280080001400000000c080003400000000208000440000000220500020007000000280101800c0001006269747769736500180102800800034000000004080001400000001408000240000000120800064000000002f4000480080001006eee7e00e5000100918f73aab025c6d0e89efc9e626f9112348816741c52db8bd2bc53250b012ffc4545d400eb3555bcae7fccd5e14d2de998fadcdf56a5812b1493abc152fa93e546dd1b70f51985fb6c09c07be953ee195525211070cd131eec1db796a3d484125f94b8385fe13afa18af7c0bb371f6fe96c5d451e837afff7e5a8bfc1ac783ea54d0ac2b4ed68ee9249bc91af49c343c3479e9b8a7c897b6ca89f4d6073fe3b830d1dc3f718ad65cc6d9156274032140e4357e19661184eac0c17ef8763bce33afdc8e2d8ff3e36187d86f8f1a1ae5e21a7bdbb94e60a8d13b89d55e60af6b33320000000900010073797a30"], 0x1fc}}, 0x0) 1.660400762s ago: executing program 6 (id=7555): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0) 1.516756617s ago: executing program 0 (id=7556): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/105, 0x69}], 0x1, 0xfffffffd, 0x80000002) 1.420958643s ago: executing program 3 (id=7557): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0006}]}) mlockall(0x2) 1.40271416s ago: executing program 6 (id=7558): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20101, 0x10}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}, @IFLA_BOND_ARP_VALIDATE={0x8, 0x9, 0x1}]}}}]}, 0x44}}, 0x0) 1.354331532s ago: executing program 2 (id=7559): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x5, 0x0, 0x83, 0xffffffff}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f00000025c0)=ANY=[@ANYBLOB="b7000000010003c3bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000065040200000000ff2d400500000000002000000001ed00007b030000000000001d440000000000007a0a00fe00ffffffdb03000040000000b500feff000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec36574a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2400000000000000800643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d64364c82770c8204a0deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f4720082f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691df8b4b7ecd27ce82f7df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd0000000069ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a4dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737371cdf8f681dd7a2685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e140792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f271bad21d688af35a2bd02c15d20f3d62a50e20260642c25f304c8034a5f4d8e45e701dbd84294d1096e715662b8223e10e98c4c38451fc5c702084e3fa9b184e0d0fba44acf3bb8a846cf680dfbf312cddfdb2043288fa6b67fa762c8b75d4478756ef240f2b314e4d77a3afb4fcec92248327004d1dac7ac87a6f8cb04d82acc307d60e4713bd9a8f29091d3048c669a5f5439e0a906ce098d177b9579882586511cfe6a23e57c44d1654899f077b5636e4181f3de6b814bedcac5290ad8018bbe4424edc6d9b0e61b404bb7a2d4883bbc200de8332029cbc04a0bc52d9870cdfb950b139625fa88f5c9088fc9032a5ea07415029c74354f54e37427a4b26e559cd240b7950630d7d4da9cb8d256356bee8c827db43313e75da9c36d0f7bef4fcf23469d8c9104a917959c3bc791a54d1882f532d2597ff50d4a10fe3b80a3d67d3c3dca0dfe0e4eb039df7480542f841313ad2ec26fe7d03829f80c6f3e028d2f4495c3c523929b203048ac9ba20b012c005e36b93eb5a02768503c6c41f50d2a04999bba560f86c7c9a78e4b337983cbdb5d71be3090208a1f7eaa3edc840ea0da5f4cc01f3e87c7566176981a738bcd4dd8b8a137e7a15e57054ebf1d9ba227361be11a7d155054e154364041468e6268ea23e74eacbb5200e2d8f8919402ca20794a29dd986c6593d47b47d5cd70153908a77039a995a44e960ad037f4d2569751eea3ae70fc49f32c30d6be0594bfda189f0be84d1eaf70e0e90223a3c97ade9973e9219c5a2e1c68efe6adf744710eb0ad8e555be26855496bc6b5e13078380230728b1862f0d93397b88ebf5197b61d27b6c555502aed27d2f2b127aeeae41dd4324fad2e7a962"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) 1.292607487s ago: executing program 1 (id=7560): r0 = syz_open_dev$radio(&(0x7f0000000140), 0x0, 0x2) ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f00000000c0)={0x0, 0x1, 0xfffffffd, 0x200, 0x5, 0x100059f, 0xbfc4bb97dfede4bd}) 1.053956625s ago: executing program 3 (id=7561): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000380)={0xa0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x1, 0x0, {}, {0x0, 0x0, 0xffffffff}, {}, {}, 0x0, 0x0, 0x0, 0x9, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x0, 0x202, 0x2, 0xc}) 1.036336845s ago: executing program 0 (id=7562): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x401, 0x4000, 0x101, {0x0, 0x0, 0x0, 0x0, 0x20009}, [@IFLA_XDP={0x4}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'batadv_slave_0\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x404c055}, 0x8010) 996.257223ms ago: executing program 2 (id=7563): r0 = fsopen(&(0x7f0000000040)='debugfs\x00', 0x0) vmsplice(r0, &(0x7f0000000300)=[{&(0x7f0000000400)="7ec40508ca", 0x5}], 0x1, 0x9) 937.065603ms ago: executing program 1 (id=7564): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000880)={0x2, 0x400000000000003, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3, 0x0, 0xfffffffffffffffd, 0x7}, @sadb_address={0x5, 0x6, 0x6c, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_lifetime={0x4, 0x4, 0x0, 0x7}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, @sadb_address={0x5, 0x5, 0x0, 0x80, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0xb0}}, 0x0) 738.598346ms ago: executing program 3 (id=7565): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0xd, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf092000000000005d090100000000009500000000000000c791000000000000b7020000020000008500000000000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x6, 0xfa, &(0x7f0000000440)=""/250, 0x0, 0x48}, 0x94) 737.463631ms ago: executing program 6 (id=7566): pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}]}}) 732.460403ms ago: executing program 2 (id=7567): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000180)={0x3, @output={0x0, 0x1, {0xffffff72, 0x1}, 0x9b, 0x7}}) 639.611043ms ago: executing program 0 (id=7568): r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, 0x0, &(0x7f00000000c0)) 477.146099ms ago: executing program 3 (id=7569): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x4007}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x4}}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x5c}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x60}}, 0x80) 476.356407ms ago: executing program 1 (id=7570): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbb6, &(0x7f0000000c00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtIxk5nEZDLHpr8fvDnve96TeZ4nJ5nzHpiTAJ5ak9mXNOJIRJxPIsbr+9OIGKj2hiLWa8c9vH91NmtJVCpv/5ZEEhEP7l+dbbxWUt+O1gdDEXH7tST+/VFr3OXVtcWZcrm0VB8fX7l45fjy6torCxdnLpQulC6dmn711PTp6eku1nr3yntfPPPDG89fv/nx1JufH/ouibMxVp9rrqNbJmNy42fSrBARM90OlpO+ej3NdSaFHBMCAKCjtGkN998Yj754vHgbj29/zDU5AAAAoCsqfREVAAAA4IBL3P8DAADAAdf4HMCD+1dnGy3fTyT01r1zETFRq7/xfHNtphDr1e1Q9EfEyO9JND/WmtS+bc8ms0hff1/KWmz3HPJwFwJusn4tIv6/1flPqvVPVJ/ibq0/jYipLsSf3DTu9e/fXuo/24X4edcPwNPp1rnahaz1+pfW1j+DtdHm619hi2vXbuR9/Wus/x62rP/SjfVfX5v131s7jHH00Uu32801r//e/eTnuSx+tt1TUX/DvWsRRwtb1Z9s1J+0qf/8DmOMzt690W4uqz+rt9F6XX/lZsSx6mqutf6GpNP/Jzo+v1AuTdW+bvH6q6c7x28+/1nL4jfuBXohO/8jsbvzf2WHMSb+9+uRdnPb15/+MpC8U+0N1Pd8OLOysnQiYiB5vXX/yc65NI5pvEZW/4vPdf7736r+7D1hvf5zyH57rtW32fj6ppijx05+tfv691dW/9wuz/+nO4zx5Tc33m83l3f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ0ogYiyQtbvTTtFiMGI2I/8RIWr68vPLy/OUPLs1lcxET0Z/OL5RLUxExXhsn2fhEtf94fHLTeDoiDkfEZ+PD1XFx9nJ5Lu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DAaEWORpMWISCPij/E0LRbzzgoAAADouom8EwAAAAD2nft/AAAAOPha7v8LfxkN9TIXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqTDz966k0TE+pnhassM1Of6c80M2G/pzg4b2e88gN7ryzsBIDeFpn6lUqnkmArQY+7xgWSb+aG2M4NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf64Xjty6k0TE+pnhassM1Of6c80M2G9p3gkAuenrNJlsuwN4ghXyTgDIjXt8oLayf1SpaZ0favudg3uOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTY6zakrQYEWm1n6bFYsS/ImIi+pP5hXJpKiIORcRP4/2D2fhE3kkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdcura4sz5XJpSUdHp4ud4ehZrOH6H3ObYwbbT3Xo5PzGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALpZX1xZnyuXS0nLemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5W15dW5wpl0tL+9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzZwAAAP//0L4Jug==") fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0xee01, 0x1000) 417.651695ms ago: executing program 0 (id=7571): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, &(0x7f0000000080)=0x12, 0x4) 417.068481ms ago: executing program 2 (id=7572): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cubic', 0x30) 156.965148ms ago: executing program 0 (id=7573): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) setuid(0xee01) 156.161943ms ago: executing program 3 (id=7574): r0 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x80081) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, 0x0) 154.111473ms ago: executing program 6 (id=7575): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f00000001c0)={0x8, 0x2, 0xac77, 0x200, 'syz0\x00', 0x5}) 0s ago: executing program 2 (id=7576): r0 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x4000) ioctl$BLKTRACESETUP(r0, 0xc0401273, 0x0) kernel console output (not intermixed with test programs): [ T5815] usb 5-1: New USB device found, idVendor=0763, idProduct=1041, bcdDevice=da.59 [ 698.121003][ T5815] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 698.153874][ T5815] usb 5-1: Product: syz [ 698.168482][ T5815] usb 5-1: Manufacturer: syz [ 698.188218][ T5815] usb 5-1: SerialNumber: syz [ 698.212336][T20317] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 698.226355][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 698.226373][ T30] audit: type=1326 audit(2000001096.755:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 698.279560][T20317] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm [ 698.399489][ T30] audit: type=1326 audit(2000001096.755:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 698.462323][ T30] audit: type=1326 audit(2000001096.785:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 698.503794][ T30] audit: type=1326 audit(2000001096.785:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 698.527233][ T30] audit: type=1326 audit(2000001096.805:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 698.563276][ T30] audit: type=1326 audit(2000001096.805:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 698.576337][ T5815] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 698.719586][T20317] BTRFS info (device loop5): enabling ssd optimizations [ 698.725179][ T5815] usb 5-1: USB disconnect, device number 82 [ 698.736747][T20317] BTRFS info (device loop5): turning on async discard [ 698.753890][ T30] audit: type=1326 audit(2000001096.805:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 698.778643][T20317] BTRFS info (device loop5): enabling free space tree [ 698.798576][T20392] loop1: detected capacity change from 0 to 64 [ 698.872214][ T30] audit: type=1326 audit(2000001096.815:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 698.936998][ T5826] udevd[5826]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:9.95/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 699.024804][ T30] audit: type=1326 audit(2000001096.815:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.2.6336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0f42b8f6c9 code=0x7ffc0000 [ 699.112526][ T5879] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 699.143730][T20397] nftables ruleset with unbound chain [ 699.387253][T20401] overlayfs: missing 'lowerdir' [ 699.433107][T20404] loop4: detected capacity change from 0 to 16 [ 699.487236][T20404] erofs (device loop4): mounted with root inode @ nid 36. [ 699.540321][T20404] erofs (device loop4): readahead error at folio 2 @ nid 89 [ 699.610555][T20404] erofs (device loop4): unknown algorithm 8 @ pos 0 for nid 89, please upgrade kernel [ 699.678706][T20404] erofs (device loop4): readahead error at folio 1 @ nid 89 [ 699.715074][T20404] erofs (device loop4): unknown algorithm 8 @ pos 0 for nid 89, please upgrade kernel [ 699.749196][T20413] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6353'. [ 699.768502][T20404] erofs (device loop4): readahead error at folio 0 @ nid 89 [ 699.807098][T20404] syz.4.6350: attempt to access beyond end of device [ 699.807098][T20404] loop4: rw=524288, sector=524296, nr_sectors = 8 limit=16 [ 699.869718][T20404] erofs (device loop4): unknown algorithm 8 @ pos 0 for nid 89, please upgrade kernel [ 699.930983][T20404] erofs (device loop4): unknown algorithm 8 @ pos 0 for nid 89, please upgrade kernel [ 700.003237][T20404] erofs (device loop4): read error -95 @ 0 of nid 89 [ 700.043296][ T30] audit: type=1800 audit(2000001098.575:120): pid=20404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6350" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 700.227240][T20421] loop0: detected capacity change from 0 to 4096 [ 700.295078][T20390] loop3: detected capacity change from 0 to 32768 [ 700.305194][T20421] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 700.369327][T20390] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 700.571989][T20434] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 700.634809][T20390] XFS (loop3): Ending clean mount [ 700.879492][ T5881] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 701.636817][T20422] loop2: detected capacity change from 0 to 32768 [ 701.736880][T20464] loop4: detected capacity change from 0 to 16 [ 701.781634][T20464] erofs (device loop4): mounted with root inode @ nid 36. [ 701.796368][T20463] loop3: detected capacity change from 0 to 1024 [ 701.839902][T20422] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 701.862208][T20465] loop0: detected capacity change from 0 to 512 [ 701.929718][T20422] (syz.2.6357,20422,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72 [ 701.955358][T20465] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 701.986061][T20465] EXT4-fs (loop0): Test dummy encryption mode enabled [ 702.063100][T20465] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.6373: inode has both inline data and extents flags [ 702.102595][T20422] ocfs2: Unmounting device (7,2) on (node local) [ 702.123526][ T12] hfsplus: b-tree write err: -5, ino 4 [ 702.219132][T20465] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.6373: couldn't read orphan inode 15 (err -117) [ 702.292161][T20465] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 702.441782][T20478] netlink: 5 bytes leftover after parsing attributes in process `syz.5.6378'. [ 702.564787][T20483] loop2: detected capacity change from 0 to 512 [ 702.630441][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 702.688138][T20483] EXT4-fs: Ignoring removed oldalloc option [ 702.811655][T20483] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 702.874667][T20483] ext4 filesystem being mounted at /1013/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 702.928699][T20497] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 703.144789][ T5874] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 703.175782][T20503] CIFS mount error: No usable UNC path provided in device string! [ 703.175782][T20503] [ 703.247405][T20503] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 703.388577][T20509] netlink: 'syz.5.6393': attribute type 9 has an invalid length. [ 703.396553][T20509] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6393'. [ 703.782153][T20521] usb usb1: usbfs: process 20521 (syz.4.6398) did not claim interface 0 before use [ 704.115025][T20529] netlink: 256 bytes leftover after parsing attributes in process `syz.4.6402'. [ 704.310435][T20505] loop1: detected capacity change from 0 to 32768 [ 704.412741][T20505] ERROR: (device loop1): diAllocBit: iag inconsistent [ 704.412741][T20505] [ 704.413474][T20537] loop4: detected capacity change from 0 to 764 [ 704.450743][T20537] rock: directory entry would overflow storage [ 704.457100][T20537] rock: sig=0x4654, size=5, remaining=4 [ 704.479300][T20505] ialloc: diAlloc returned -5! [ 704.564269][T20541] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6408'. [ 704.680215][ T30] audit: type=1326 audit(2000001103.214:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.0.6410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 704.768158][T20513] loop2: detected capacity change from 0 to 32768 [ 704.779667][ T30] audit: type=1326 audit(2000001103.254:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.0.6410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 704.879830][ T30] audit: type=1326 audit(2000001103.264:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.0.6410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 704.884001][T20513] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.6391 (20513) [ 704.912217][ T30] audit: type=1326 audit(2000001103.264:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.0.6410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 705.026524][T20513] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 705.060191][ T30] audit: type=1326 audit(2000001103.264:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.0.6410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 705.093117][T20555] loop3: detected capacity change from 0 to 8 [ 705.094917][T20513] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 705.163064][T20555] cramfs: empty filesystem [ 705.306754][ T6476] udevd[6476]: incorrect cramfs checksum on /dev/loop3 [ 705.406492][T12600] udevd[12600]: incorrect cramfs checksum on /dev/loop3 [ 705.451285][T20513] BTRFS info (device loop2): enabling ssd optimizations [ 705.458263][T20513] BTRFS info (device loop2): turning on async discard [ 705.501730][T20513] BTRFS info (device loop2): enabling free space tree [ 705.513589][T20513] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 705.622560][T20583] loop5: detected capacity change from 0 to 1024 [ 705.969931][ T50] hfsplus: b-tree write err: -5, ino 4 [ 706.221522][T20599] sctp: [Deprecated]: syz.5.6428 (pid 20599) Use of int in maxseg socket option. [ 706.221522][T20599] Use struct sctp_assoc_value instead [ 706.976131][T20623] comedi: No check for data length of config insn id -158 is implemented [ 707.006010][T20625] gre1: entered promiscuous mode [ 707.016452][T20623] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c [ 707.034707][T20625] gre1: entered allmulticast mode [ 707.069783][T20623] comedi: Assuming n=15 is correct [ 707.772784][T20605] loop4: detected capacity change from 0 to 32768 [ 707.980410][T20651] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 708.090862][T20620] loop3: detected capacity change from 0 to 32768 [ 708.129384][T20620] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.6439 (20620) [ 708.208424][T20620] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 708.269762][T20620] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 708.451594][T20664] overlay: Bad value for 'workdir' [ 708.516749][T20637] loop5: detected capacity change from 0 to 32768 [ 708.669160][T20620] BTRFS info (device loop3): enabling ssd optimizations [ 708.714653][T20637] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 708.729868][T20620] BTRFS info (device loop3): turning on async discard [ 708.778781][T20620] BTRFS info (device loop3): enabling free space tree [ 709.116731][T20637] XFS (loop5): Ending clean mount [ 709.194319][ T5881] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 709.220086][T20637] XFS (loop5): Quotacheck needed: Please wait. [ 709.385507][T20703] loop1: detected capacity change from 0 to 2048 [ 709.419378][T20703] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 709.545300][T20637] XFS (loop5): Quotacheck: Done. [ 709.557195][ T5143] Bluetooth: hci2: unexpected event for opcode 0x2060 [ 709.813707][ T5879] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 710.459049][T20699] loop2: detected capacity change from 0 to 32768 [ 710.539521][T20699] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.6465 (20699) [ 710.617656][T20726] loop4: detected capacity change from 0 to 2048 [ 710.636407][T20699] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 710.650397][T20730] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 710.710126][T20699] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 710.749058][T20726] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 710.836578][T20726] ext4 filesystem being mounted at /1031/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 710.937074][T20750] netlink: 'syz.5.6485': attribute type 3 has an invalid length. [ 711.074655][T20699] BTRFS info (device loop2): enabling ssd optimizations [ 711.095229][T20699] BTRFS info (device loop2): turning on async discard [ 711.115200][T20699] BTRFS info (device loop2): enabling free space tree [ 711.130537][T20726] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.6482: bg 0: block 345: padding at end of block bitmap is not set [ 711.245274][T20726] EXT4-fs (loop4): Remounting filesystem read-only [ 711.281216][T20726] EXT4-fs warning (device loop4): ext4_xattr_inode_lookup_create:1602: inode #18: comm syz.4.6482: cleanup dec ref error -117 [ 711.553176][ T5874] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 711.614507][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 711.657350][T20771] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 712.140701][T20786] netlink: 1 bytes leftover after parsing attributes in process `syz.1.6501'. [ 712.382268][T20789] loop4: detected capacity change from 0 to 2048 [ 712.483598][T20789] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 712.518652][T20800] loop1: detected capacity change from 0 to 8 [ 712.557544][T20789] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 712.645069][ T6091] udevd[6091]: incorrect cramfs checksum on /dev/loop1 [ 712.691794][T20800] cramfs: bad data blocksize 3222268820 [ 712.697605][T20800] cramfs: Error -3 while decompressing! [ 712.770663][ T6091] udevd[6091]: incorrect cramfs checksum on /dev/loop1 [ 712.773304][T20800] cramfs: ffffffff998cef5c(16)->ffff88806a787000(4096) [ 712.872494][T20800] cramfs: bad data blocksize 3222268820 [ 712.890417][ T30] audit: type=1800 audit(2000001111.403:126): pid=20800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6507" name="file2" dev="loop1" ino=348 res=0 errno=0 [ 713.041308][ T5815] usb 3-1: new high-speed USB device number 98 using dummy_hcd [ 713.220456][ T5815] usb 3-1: Using ep0 maxpacket: 32 [ 713.239065][ T5815] usb 3-1: config 4 has an invalid interface number: 128 but max is 0 [ 713.279648][ T5815] usb 3-1: config 4 has no interface number 0 [ 713.299205][ T5815] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 713.330378][ T5815] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 713.360450][ T5815] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 713.369531][ T5815] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.455058][ T5815] hub 3-1:4.128: USB hub found [ 713.550582][T20824] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6518'. [ 713.593534][T20792] loop0: detected capacity change from 0 to 32768 [ 713.664536][ T5815] hub 3-1:4.128: 2 ports detected [ 713.669681][ T5815] hub 3-1:4.128: Using single TT (err -22) [ 713.724675][T20828] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6521'. [ 713.785643][T20828] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6521'. [ 713.869438][ T5815] hub 3-1:4.128: hub_hub_status failed (err = -71) [ 713.878422][T20832] loop3: detected capacity change from 0 to 16 [ 713.901564][ T5815] hub 3-1:4.128: config failed, can't get hub status (err -71) [ 713.906295][T20832] erofs (device loop3): mounted with root inode @ nid 36. [ 713.960766][ T5815] usb 3-1: USB disconnect, device number 98 [ 714.018341][T20832] erofs (device loop3): readahead error at folio 2 @ nid 89 [ 714.076890][T20832] erofs (device loop3): readahead error at folio 1 @ nid 89 [ 714.109597][T20832] erofs (device loop3): read error -117 @ 1 of nid 89 [ 714.130457][ T30] audit: type=1800 audit(2000001112.653:127): pid=20832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6523" name="file3" dev="loop3" ino=89 res=0 errno=0 [ 714.190058][T20836] loop1: detected capacity change from 0 to 16 [ 714.235634][T20836] erofs (device loop1): mounted with root inode @ nid 36. [ 714.288700][T20818] loop5: detected capacity change from 0 to 32768 [ 714.582936][ T5879] read_mapping_page failed! [ 714.592201][ T5879] ERROR: (device loop5): txCommit: [ 714.592201][ T5879] [ 714.606226][T20846] loop1: detected capacity change from 0 to 8 [ 714.623789][T20844] loop4: detected capacity change from 0 to 1024 [ 714.624163][ T5879] ERROR: (device loop5): remounting filesystem as read-only [ 714.649863][T20848] xt_hashlimit: size too large, truncated to 1048576 [ 714.668109][T20844] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 714.687777][T20846] SQUASHFS error: Failed to read block 0x1ec: -5 [ 714.724618][T20846] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 714.767883][T20844] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #3: block 1: comm syz.4.6530: lblock 1 mapped to illegal pblock 1 (length 1) [ 714.864099][T20844] Quota error (device loop4): write_blk: dquota write failed [ 714.876263][T20844] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 714.888408][T20844] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.6530: Failed to acquire dquot type 0 [ 714.943074][T20844] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.6530: Freeing blocks not in datazone - block = 0, count = 4096 [ 714.992630][T20844] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.6530: Invalid inode bitmap blk 0 in block_group 0 [ 715.011537][ T3001] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 715.038386][T20844] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 715.082987][T20844] EXT4-fs (loop4): 1 orphan inode deleted [ 715.090569][ T3001] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 715.103084][T20844] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 715.125497][ T3001] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:9: Failed to release dquot type 0 [ 715.195806][T20854] loop3: detected capacity change from 0 to 4096 [ 715.203611][T20844] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #2: block 16: comm syz.4.6530: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 715.235679][T20854] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 715.271647][T20863] netlink: 156 bytes leftover after parsing attributes in process `syz.2.6539'. [ 715.316046][T20854] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 715.344814][T20854] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 715.411493][T20866] sctp: [Deprecated]: syz.0.6540 (pid 20866) Use of int in maxseg socket option. [ 715.411493][T20866] Use struct sctp_assoc_value instead [ 715.467730][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 715.494854][ T50] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 715.899514][ T50] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 716.009655][ T50] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 716.148340][ T50] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 716.179603][T20882] loop0: detected capacity change from 0 to 512 [ 716.220425][T20882] EXT4-fs: Ignoring removed oldalloc option [ 716.266014][T20882] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.6548: inode has both inline data and extents flags [ 716.366929][T20882] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.6548: couldn't read orphan inode 15 (err -117) [ 716.390205][T20882] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 716.542470][T20895] loop2: detected capacity change from 0 to 16 [ 716.588350][T20895] erofs (device loop2): mounted with root inode @ nid 36. [ 716.670874][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 716.765776][ T50] bridge0: port 3(team0) entered disabled state [ 716.941185][ T8334] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 716.959248][ T8334] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 716.969429][ T8334] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 716.981334][ T50] bridge_slave_1: left allmulticast mode [ 716.987519][ T50] bridge_slave_1: left promiscuous mode [ 717.005328][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 717.013090][ T8334] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 717.025092][ T8334] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 717.080652][ T50] bridge_slave_0: left allmulticast mode [ 717.101158][ T50] bridge_slave_0: left promiscuous mode [ 717.106917][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 717.868627][T20935] loop1: detected capacity change from 0 to 512 [ 717.889039][T20935] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 717.928312][T20935] EXT4-fs (loop1): 1 truncate cleaned up [ 717.961822][T20935] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 718.032445][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 718.219501][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 718.243472][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 718.264704][ T50] bond0 (unregistering): Released all slaves [ 718.324090][ T50] bond1 (unregistering): Released all slaves [ 718.358675][ T50] bond2 (unregistering): Released all slaves [ 718.655984][T20957] ip6t_srh: unknown srh match flags 4000 [ 718.727924][T20959] loop2: detected capacity change from 0 to 1024 [ 719.032559][T20959] syz.2.6582: attempt to access beyond end of device [ 719.032559][T20959] loop2: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 719.103594][ T8334] Bluetooth: hci4: command tx timeout [ 719.146743][T20959] Buffer I/O error on dev loop2, logical block 100663296, async page read [ 719.172767][T20959] hfsplus: unable to mark blocks free: error -5 [ 719.184796][T20959] hfsplus: can't free extent: start 0, count 1 [ 719.486720][T20985] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in; [ 719.486720][T20985] program syz.4.6592 not setting count and/or reply_len properly [ 719.654553][T20988] xt_bpf: check failed: parse error [ 720.282166][ T50] hsr_slave_0: left promiscuous mode [ 720.351189][ T50] hsr_slave_1: left promiscuous mode [ 720.357586][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 720.393096][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 720.518105][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 720.531725][ T975] usb 4-1: new full-speed USB device number 89 using dummy_hcd [ 720.548525][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 720.604402][T21028] loop1: detected capacity change from 0 to 1024 [ 720.652352][ T50] veth1_macvtap: left promiscuous mode [ 720.668373][ T50] veth0_macvtap: left promiscuous mode [ 720.678548][ T50] veth1_vlan: left promiscuous mode [ 720.689686][ T50] veth0_vlan: left promiscuous mode [ 720.699308][T16137] hfsplus: b-tree write err: -5, ino 4 [ 720.706399][ T975] usb 4-1: config 0 has an invalid interface number: 25 but max is 0 [ 720.717753][ T975] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 720.755962][ T975] usb 4-1: config 0 has no interface number 0 [ 720.762706][ T5815] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 720.787066][ T975] usb 4-1: config 0 interface 25 altsetting 2 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 720.834274][ T975] usb 4-1: config 0 interface 25 altsetting 2 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 720.870336][ T975] usb 4-1: config 0 interface 25 altsetting 2 endpoint 0x8F has invalid wMaxPacketSize 0 [ 720.891235][ T975] usb 4-1: config 0 interface 25 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 720.920591][ T975] usb 4-1: config 0 interface 25 has no altsetting 0 [ 720.939046][ T5815] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 720.968631][ T975] usb 4-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.9f [ 720.980110][T21036] loop2: detected capacity change from 0 to 256 [ 720.983725][ T5815] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 721.000360][ T975] usb 4-1: New USB device strings: Mfr=0, Product=16, SerialNumber=3 [ 721.017093][ T5815] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 721.030420][ T975] usb 4-1: Product: syz [ 721.039768][ T5815] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 721.048729][ T975] usb 4-1: SerialNumber: syz [ 721.069613][ T975] usb 4-1: config 0 descriptor?? [ 721.074895][ T5815] usb 5-1: SerialNumber: syz [ 721.087660][T21036] FAT-fs (loop2): Directory bread(block 64) failed [ 721.116530][T21036] FAT-fs (loop2): Directory bread(block 65) failed [ 721.141795][T21036] FAT-fs (loop2): Directory bread(block 66) failed [ 721.153358][T21036] FAT-fs (loop2): Directory bread(block 67) failed [ 721.160224][T21036] FAT-fs (loop2): Directory bread(block 68) failed [ 721.170162][T21036] FAT-fs (loop2): Directory bread(block 69) failed [ 721.178194][T21036] FAT-fs (loop2): Directory bread(block 70) failed [ 721.181711][ T8334] Bluetooth: hci4: command tx timeout [ 721.184888][T21036] FAT-fs (loop2): Directory bread(block 71) failed [ 721.197802][T21036] FAT-fs (loop2): Directory bread(block 72) failed [ 721.204509][T21036] FAT-fs (loop2): Directory bread(block 73) failed [ 721.297327][ T975] usb 4-1: USB disconnect, device number 89 [ 721.337709][ T5815] usb 5-1: 0:2 : does not exist [ 721.348684][ T5815] usb 5-1: unit 5 not found! [ 721.451154][ T5815] usb 5-1: USB disconnect, device number 83 [ 721.568396][ T5878] udevd[5878]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 721.831493][ T50] team_slave_1 (unregistering): left promiscuous mode [ 721.839212][ T50] team_slave_1 (unregistering): left allmulticast mode [ 721.849088][ T50] team0 (unregistering): Port device team_slave_1 removed [ 721.997470][ T50] team_slave_0 (unregistering): left promiscuous mode [ 722.016480][ T50] team_slave_0 (unregistering): left allmulticast mode [ 722.030796][T21046] loop4: detected capacity change from 0 to 512 [ 722.040348][ T50] team0 (unregistering): Port device team_slave_0 removed [ 722.053086][T21046] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 722.079264][T21046] EXT4-fs (loop4): 1 truncate cleaned up [ 722.087052][T21046] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 722.147908][T21046] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 722.191058][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.280291][T21050] loop4: detected capacity change from 0 to 128 [ 722.308590][T21050] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 722.322763][T21050] ext4 filesystem being mounted at /1055/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 722.403872][ T5872] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 722.679531][T21057] netlink: 'syz.4.6622': attribute type 3 has an invalid length. [ 722.917309][T21015] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6603'. [ 722.928658][T21015] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6603'. [ 723.266620][ T8334] Bluetooth: hci4: command tx timeout [ 723.499314][T21081] loop2: detected capacity change from 0 to 1024 [ 723.550151][T20902] chnl_net:caif_netlink_parms(): no params data found [ 723.860038][T21096] libceph: resolve '0' (ret=-3): failed [ 724.428382][T20902] bridge0: port 1(bridge_slave_0) entered blocking state [ 724.470761][T21120] loop1: detected capacity change from 0 to 164 [ 724.480674][T21123] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6648'. [ 724.481010][T20902] bridge0: port 1(bridge_slave_0) entered disabled state [ 724.528936][T21120] Unsupported NM flag settings (240) [ 724.557140][T20902] bridge_slave_0: entered allmulticast mode [ 724.605920][T20902] bridge_slave_0: entered promiscuous mode [ 724.653131][T20902] bridge0: port 2(bridge_slave_1) entered blocking state [ 724.660317][T20902] bridge0: port 2(bridge_slave_1) entered disabled state [ 724.751915][T20902] bridge_slave_1: entered allmulticast mode [ 724.791010][T20902] bridge_slave_1: entered promiscuous mode [ 724.830226][T21133] loop0: detected capacity change from 0 to 128 [ 725.102521][T20902] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 725.165911][T20902] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 725.342295][ T8334] Bluetooth: hci4: command tx timeout [ 725.379276][T20902] team0: Port device team_slave_0 added [ 725.405831][T20902] team0: Port device team_slave_1 added [ 725.575028][T21150] loop2: detected capacity change from 0 to 8192 [ 725.618729][T21150] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 725.628126][T21150] FAT-fs (loop2): Filesystem has been set read-only [ 725.637697][T21150] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 725.648063][T21150] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 725.664552][T21150] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 725.676088][T21150] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 725.677619][T20902] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 725.687012][ T30] audit: type=1800 audit(2000001124.222:128): pid=21150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6659" name="file2" dev="loop2" ino=1048685 res=0 errno=0 [ 725.712531][ C0] vkms_vblank_simulate: vblank timer overrun [ 725.719672][T20902] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 725.761650][T20902] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 725.814328][T20902] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 725.833600][T20902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 725.892089][T20902] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 726.120283][T21136] loop1: detected capacity change from 0 to 32768 [ 726.139980][T21136] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.6652 (21136) [ 726.281182][T21136] BTRFS info (device loop1 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 726.353424][T21136] BTRFS info (device loop1 state S): using crc32c (crc32c-lib) checksum algorithm [ 726.419578][T20902] hsr_slave_0: entered promiscuous mode [ 726.450254][T21179] loop0: detected capacity change from 0 to 128 [ 726.471702][T21179] FAT-fs (loop0): Directory bread(block 162) failed [ 726.482063][T21179] FAT-fs (loop0): Directory bread(block 163) failed [ 726.488699][T21179] FAT-fs (loop0): Directory bread(block 164) failed [ 726.500630][T20902] hsr_slave_1: entered promiscuous mode [ 726.515420][T21189] netlink: 'syz.4.6671': attribute type 2 has an invalid length. [ 726.538606][T20902] debugfs: 'hsr0' already exists in 'hsr' [ 726.548077][ T60] BTRFS warning (device loop1 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0x5afefc99 level 0, ignored [ 726.602455][T20902] Cannot create hsr debugfs directory [ 726.632074][T21179] FAT-fs (loop0): Directory bread(block 165) failed [ 726.666264][T21179] FAT-fs (loop0): Directory bread(block 166) failed [ 726.675256][ T3001] BTRFS warning (device loop1 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x23b2bbff level 0, ignored [ 726.686572][T21189] : entered promiscuous mode [ 726.726146][T21179] FAT-fs (loop0): Directory bread(block 167) failed [ 726.734148][ T60] BTRFS warning (device loop1 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored [ 726.761984][T21179] FAT-fs (loop0): Directory bread(block 168) failed [ 726.784564][T21179] FAT-fs (loop0): Directory bread(block 169) failed [ 726.806354][T21136] BTRFS error (device loop1 state CS): block group 5242880 len 1638400 mismatch with chunk 5242880 len 3298536521728 [ 726.848732][T21179] FAT-fs (loop0): Directory bread(block 162) failed [ 726.895091][T21179] FAT-fs (loop0): Directory bread(block 163) failed [ 726.919021][ T50] BTRFS warning (device loop1 state CS): checksum verify failed on logical 5267456 mirror 1 wanted 0x22fa3277 found 0xa0eee3fd level 0, ignored [ 726.953698][T21179] syz.0.6670: attempt to access beyond end of device [ 726.953698][T21179] loop0: rw=3, sector=226, nr_sectors = 6 limit=128 [ 726.989883][T21136] BTRFS info (device loop1 state CS): setting nodatasum [ 727.051945][T21136] BTRFS info (device loop1 state CS): enabling ssd optimizations [ 727.052151][T21179] syz.0.6670: attempt to access beyond end of device [ 727.052151][T21179] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 727.063359][T21136] BTRFS info (device loop1 state CS): turning off barriers [ 727.122877][T21136] BTRFS info (device loop1 state CS): disabling log replay at mount time [ 727.169332][T21136] BTRFS info (device loop1 state CS): turning on async discard [ 727.198780][T21136] BTRFS info (device loop1 state CS): enabling free space tree [ 727.234733][T21205] netlink: 'syz.2.6676': attribute type 3 has an invalid length. [ 727.260374][T21136] BTRFS info (device loop1 state CS): ignoring bad roots [ 727.288656][T21136] BTRFS info (device loop1 state CS): ignoring data csums [ 727.320282][T21136] BTRFS info (device loop1 state CS): ignoring meta csums [ 727.358199][T21136] BTRFS info (device loop1 state CS): ignoring unknown super block flags [ 727.411943][T21136] BTRFS info (device loop1 state CS): force zlib compression, level 3 [ 727.686847][ T5867] BTRFS info (device loop1 state CS): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 727.970108][T21194] loop3: detected capacity change from 0 to 32768 [ 728.044861][T21194] (syz.3.6673,21194,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 728.104366][T21194] (syz.3.6673,21194,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 728.135523][ T9] usb 3-1: new high-speed USB device number 99 using dummy_hcd [ 728.158938][T20902] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 728.189243][T21194] (syz.3.6673,21194,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 728.261583][T21194] JBD2: Ignoring recovery information on journal [ 728.323150][T21236] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 728.366078][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 728.387020][T20902] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 728.405846][ T9] usb 3-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 728.432879][ T9] usb 3-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 728.486828][T21194] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 728.501660][ T9] usb 3-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 728.516643][T20902] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 728.582132][ T9] usb 3-1: config 1 interface 0 has no altsetting 0 [ 728.615700][T20902] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 728.640725][ T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 728.702327][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 728.716382][ T9] usb 3-1: Product: syz [ 728.720549][ T9] usb 3-1: Manufacturer: syz [ 728.757462][ T9] usb 3-1: SerialNumber: syz [ 729.001865][ T5881] ocfs2: Unmounting device (7,3) on (node local) [ 729.025702][ T9] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 99 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 729.070322][T20902] 8021q: adding VLAN 0 to HW filter on device bond0 [ 729.207281][T20902] 8021q: adding VLAN 0 to HW filter on device team0 [ 729.243077][ T9] usb 3-1: USB disconnect, device number 99 [ 729.319343][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 729.326548][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 729.355808][ T9] usblp0: removed [ 729.409047][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 729.416297][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 729.650681][T21272] openvswitch: netlink: IP tunnel dst address not specified [ 729.988214][T21282] loop1: detected capacity change from 0 to 256 [ 730.085263][T21282] FAT-fs (loop1): Directory bread(block 64) failed [ 730.114622][T21282] FAT-fs (loop1): Directory bread(block 65) failed [ 730.152409][T21282] FAT-fs (loop1): Directory bread(block 66) failed [ 730.163083][T21264] loop0: detected capacity change from 0 to 32768 [ 730.181072][T21282] FAT-fs (loop1): Directory bread(block 67) failed [ 730.200005][T21282] FAT-fs (loop1): Directory bread(block 68) failed [ 730.212405][ T5940] usb 5-1: new high-speed USB device number 84 using dummy_hcd [ 730.233483][T21282] FAT-fs (loop1): Directory bread(block 69) failed [ 730.256798][T21282] FAT-fs (loop1): Directory bread(block 70) failed [ 730.256838][T21282] FAT-fs (loop1): Directory bread(block 71) failed [ 730.256929][T21282] FAT-fs (loop1): Directory bread(block 72) failed [ 730.256958][T21282] FAT-fs (loop1): Directory bread(block 73) failed [ 730.306152][T21264] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 730.312472][T21264] (syz.0.6696,21264,1):ocfs2_mknod:505 ERROR: status = -2 [ 730.312538][T21264] (syz.0.6696,21264,1):ocfs2_mkdir:661 ERROR: status = -2 [ 730.433218][ T5940] usb 5-1: Using ep0 maxpacket: 16 [ 730.465031][T20902] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 730.524178][ T5940] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 730.530485][ T5870] (syz-executor,5870,1):ocfs2_inode_is_valid_to_delete:928 ERROR: Skipping delete of root inode. [ 730.548080][ T5940] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 730.617967][ T5870] ocfs2: Unmounting device (7,0) on (node local) [ 730.669369][ T5940] usb 5-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00 [ 730.724374][ T5940] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 730.795188][ T5940] usb 5-1: config 0 descriptor?? [ 730.845987][ T5940] xbox_remote_probe: endpoint_in message size==0? [ 730.982943][T21309] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 731.032094][ T5940] usbhid 5-1:0.0: can't add hid device: -71 [ 731.044658][ T5940] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 731.146922][ T5940] usb 5-1: USB disconnect, device number 84 [ 731.435163][T21324] loop3: detected capacity change from 0 to 64 [ 731.497812][T21324] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 731.908081][T21338] bond0: (slave bond_slave_1): Releasing backup interface [ 731.994289][T21338] bond_slave_1: left promiscuous mode [ 732.105266][T20902] veth0_vlan: entered promiscuous mode [ 732.152328][T20902] veth1_vlan: entered promiscuous mode [ 732.329191][T20902] veth0_macvtap: entered promiscuous mode [ 732.393917][T20902] veth1_macvtap: entered promiscuous mode [ 732.441390][T20902] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 732.495662][T20902] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 732.595074][ T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 732.633924][ T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 732.700024][ T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 732.734611][ T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 732.814418][T21356] loop2: detected capacity change from 0 to 4096 [ 732.837217][T21356] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 732.889931][T21367] netlink: 80 bytes leftover after parsing attributes in process `syz.3.6732'. [ 732.962378][T21367] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 733.156195][T21343] loop4: detected capacity change from 0 to 32768 [ 733.212355][T21343] (syz.4.6721,21343,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 733.234896][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 733.277030][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 733.287966][T21343] (syz.4.6721,21343,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 733.448669][T21343] JBD2: Ignoring recovery information on journal [ 733.477702][T21382] loop3: detected capacity change from 0 to 1024 [ 733.539543][T21387] loop0: detected capacity change from 0 to 16 [ 733.545941][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 733.569444][T21382] EXT4-fs: Ignoring removed bh option [ 733.576766][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 733.598784][T21382] EXT4-fs: inline encryption not supported [ 733.623478][T21387] erofs (device loop0): mounted with root inode @ nid 36. [ 733.647006][T21382] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 733.670898][T21343] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 733.722074][T21382] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 733.731629][ T975] usb 2-1: new high-speed USB device number 97 using dummy_hcd [ 733.777987][ T12] ocfs2: Finishing quota recovery on device (7,4) for slot 0 [ 733.867137][T21382] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.6737: lblock 2 mapped to illegal pblock 2 (length 1) [ 733.938976][T21382] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 733.981197][ T975] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 733.991445][T21382] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.6737: lblock 0 mapped to illegal pblock 48 (length 1) [ 734.023151][ T975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 734.034244][ T975] usb 2-1: Product: syz [ 734.040184][ T975] usb 2-1: Manufacturer: syz [ 734.048880][T21382] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 734.069980][ T975] usb 2-1: SerialNumber: syz [ 734.075548][ T5872] ocfs2: Unmounting device (7,4) on (node local) [ 734.105233][T21382] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.6737: Failed to acquire dquot type 0 [ 734.121784][ T975] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 734.158407][ T5815] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 734.190428][T21382] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 734.271218][T21382] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.6737: mark_inode_dirty error [ 734.322359][T21382] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 734.324064][T21400] loop0: detected capacity change from 0 to 4096 [ 734.333272][T21382] EXT4-fs (loop3): 1 orphan inode deleted [ 734.348861][T21403] loop6: detected capacity change from 0 to 256 [ 734.349765][T21382] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 734.373433][ T50] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 734.419930][T21400] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 734.432119][ C1] usb 2-1: ath: unknown panic pattern! [ 734.449904][ T50] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 734.469701][ T50] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0 [ 734.634791][ T12] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm kworker/u8:0: lblock 2 mapped to illegal pblock 2 (length 1) [ 734.688365][ T5969] usb 2-1: USB disconnect, device number 97 [ 734.708160][T21400] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 734.734316][T21400] ntfs3(loop0): mft corrupted [ 734.739116][T21400] ntfs3(loop0): Failed to load $Extend (-22). [ 734.764202][ T12] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 734.785927][ T12] EXT4-fs error (device loop3): ext4_write_dquot:6925: comm kworker/u8:0: Failed to commit dquot type 0 [ 734.795089][T21400] ntfs3(loop0): Failed to initialize $Extend. [ 734.827465][ T12] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync! [ 734.905554][T21400] ntfs3(loop0): ino=1e, mi_enum_attr [ 734.906416][ T5881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 734.937952][T21400] ntfs3(loop0): ino=1e, mi_enum_attr [ 734.949207][ T5881] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 735.000334][ T5881] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 735.053745][ T5881] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error [ 735.186863][ T5815] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 735.222986][ T5815] ath9k_htc: Failed to initialize the device [ 735.242752][ T5969] usb 2-1: ath9k_htc: USB layer deinitialized [ 735.339686][T21422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6752'. [ 735.553047][ T975] usb 1-1: new high-speed USB device number 102 using dummy_hcd [ 735.611744][T21430] sit1: entered promiscuous mode [ 735.647619][T21430] sit1: entered allmulticast mode [ 735.718054][ T975] usb 1-1: Using ep0 maxpacket: 8 [ 735.734986][ T975] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 735.779528][ T975] usb 1-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 735.819740][ T975] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 735.848293][ T975] usb 1-1: Product: syz [ 735.883011][ T975] usb 1-1: Manufacturer: syz [ 735.887712][ T975] usb 1-1: SerialNumber: syz [ 735.922612][ T975] usb 1-1: config 0 descriptor?? [ 735.958568][T21443] xt_hashlimit: overflow, try lower: 3/0 [ 735.969649][ T975] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 736.001258][ T975] usb 1-1: selecting invalid altsetting 1 [ 736.261555][T21455] xt_cgroup: path and classid specified [ 736.397048][ T975] usb 1-1: USB disconnect, device number 102 [ 736.437497][T21460] loop1: detected capacity change from 0 to 256 [ 736.446115][T21458] loop2: detected capacity change from 0 to 1764 [ 736.533314][T21458] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 736.603659][T21460] FAT-fs (loop1): Directory bread(block 64) failed [ 736.632894][T21460] FAT-fs (loop1): Directory bread(block 65) failed [ 736.659198][T21460] FAT-fs (loop1): Directory bread(block 66) failed [ 736.692955][T21460] FAT-fs (loop1): Directory bread(block 67) failed [ 736.713771][T21460] FAT-fs (loop1): Directory bread(block 68) failed [ 736.720357][T21460] FAT-fs (loop1): Directory bread(block 69) failed [ 736.764151][T21460] FAT-fs (loop1): Directory bread(block 70) failed [ 736.788391][T21460] FAT-fs (loop1): Directory bread(block 71) failed [ 736.818058][T21460] FAT-fs (loop1): Directory bread(block 72) failed [ 736.835034][T21460] FAT-fs (loop1): Directory bread(block 73) failed [ 737.726042][T21509] loop0: detected capacity change from 0 to 8 [ 737.736503][T21508] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6795'. [ 737.772326][T21509] SQUASHFS error: zlib decompression failed, data probably corrupt [ 737.851521][T21509] SQUASHFS error: Failed to read block 0x9b: -5 [ 737.881968][T21509] SQUASHFS error: Unable to read metadata cache entry [99] [ 737.915912][T21509] SQUASHFS error: Unable to read inode 0x104 [ 738.017198][ T975] IPVS: starting estimator thread 0... [ 738.136481][T21521] IPVS: using max 25 ests per chain, 60000 per kthread [ 738.204412][ T5815] usb 1-1: new full-speed USB device number 103 using dummy_hcd [ 738.404902][ T5815] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 738.421677][ T5815] usb 1-1: config 0 has no interface number 0 [ 738.443577][ T5815] usb 1-1: config 0 interface 2 altsetting 2 endpoint 0x6 has invalid maxpacket 512, setting to 64 [ 738.464593][ T5815] usb 1-1: config 0 interface 2 altsetting 2 has an endpoint descriptor with address 0x6D, changing to 0xD [ 738.532242][ T5815] usb 1-1: config 0 interface 2 altsetting 2 endpoint 0xD has invalid maxpacket 14309, setting to 64 [ 738.573220][ T5815] usb 1-1: config 0 interface 2 has no altsetting 0 [ 738.628165][ T5815] usb 1-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f [ 738.649855][ T5815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 738.680885][ T5815] usb 1-1: Product: syz [ 738.705515][ T5815] usb 1-1: Manufacturer: syz [ 738.710140][ T5815] usb 1-1: SerialNumber: syz [ 738.751032][ T5815] usb 1-1: config 0 descriptor?? [ 738.784085][T21509] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 738.803559][T21509] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 739.005469][T21556] bond0: (slave gretap0): Opening slave failed [ 739.063386][ T5815] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 739.083461][T21561] loop4: detected capacity change from 0 to 256 [ 739.113887][ T5815] usb 1-1: invalid MIDI in EP 0 [ 739.151819][T21561] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 739.334138][ T5815] snd-usb-audio 1-1:0.2: probe with driver snd-usb-audio failed with error -22 [ 739.388776][ T5815] usb 1-1: USB disconnect, device number 103 [ 739.502405][T21568] loop6: detected capacity change from 0 to 4096 [ 739.512612][ T6121] udevd[6121]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 739.617818][T21568] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 739.637846][T21575] loop1: detected capacity change from 0 to 256 [ 739.685835][T21575] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 739.712733][T21568] ntfs3(loop6): Failed to initialize $Extend/$Reparse. [ 740.244611][ T5960] usb 5-1: new high-speed USB device number 85 using dummy_hcd [ 740.439104][ T5960] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD6, changing to 0x86 [ 740.516707][ T5960] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 740.599471][ T5960] usb 5-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24 [ 740.617005][ T5960] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 740.645803][ T5960] usb 5-1: Product: syz [ 740.661329][ T5960] usb 5-1: Manufacturer: syz [ 740.670549][ T5960] usb 5-1: SerialNumber: syz [ 740.707889][ T5960] usb 5-1: config 0 descriptor?? [ 740.964721][ T5960] powermate: unknown product id 0240 [ 741.022374][ T5960] input: Griffin SoundKnob as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input53 [ 741.126294][ C1] powermate: config urb returned -71 [ 741.132034][ C1] powermate: config urb returned -71 [ 741.137616][ C1] powermate: config urb returned -71 [ 741.143095][ C1] powermate: config urb returned -71 [ 741.193376][ T5960] usb 5-1: USB disconnect, device number 85 [ 741.193448][ C1] powermate 5-1:0.0: powermate_irq - usb_submit_urb failed with result: -19 [ 741.458890][T21592] loop6: detected capacity change from 0 to 32768 [ 741.609730][T21592] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 741.673726][T21634] netlink: 'syz.3.6853': attribute type 4 has an invalid length. [ 741.685179][T21637] loop1: detected capacity change from 0 to 2048 [ 741.685362][T21638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6855'. [ 741.716644][T21637] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 741.826487][T12600] udevd[12600]: incorrect nilfs2 checksum on /dev/loop1 [ 741.831705][T21641] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 741.889703][T20902] ocfs2: Unmounting device (7,6) on (node local) [ 742.867728][T21677] netlink: 'syz.4.6875': attribute type 10 has an invalid length. [ 743.004815][T21677] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 743.256254][T21686] loop2: detected capacity change from 0 to 2048 [ 743.316515][T21686] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 743.532094][T21701] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 743.659703][T21704] loop4: detected capacity change from 0 to 256 [ 743.694278][ T6061] usb 3-1: new full-speed USB device number 100 using dummy_hcd [ 743.804382][T21704] FAT-fs (loop4): Directory bread(block 64) failed [ 743.810964][T21704] FAT-fs (loop4): Directory bread(block 65) failed [ 743.863572][T21704] FAT-fs (loop4): Directory bread(block 66) failed [ 743.901070][T21704] FAT-fs (loop4): Directory bread(block 67) failed [ 743.923026][ T6061] usb 3-1: config index 0 descriptor too short (expected 539, got 27) [ 743.933539][ T6061] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 48, changing to 4 [ 743.964741][T21704] FAT-fs (loop4): Directory bread(block 68) failed [ 744.002582][ T6061] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 12336, setting to 1023 [ 744.032173][T21704] FAT-fs (loop4): Directory bread(block 69) failed [ 744.062875][T21704] FAT-fs (loop4): Directory bread(block 70) failed [ 744.079998][ T6061] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 744.109499][ T6061] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 744.133561][T21704] FAT-fs (loop4): Directory bread(block 71) failed [ 744.151725][T21704] FAT-fs (loop4): Directory bread(block 72) failed [ 744.160437][ T6061] usb 3-1: Product: syz [ 744.178748][ T6061] usb 3-1: Manufacturer: syz [ 744.183397][ T6061] usb 3-1: SerialNumber: syz [ 744.196839][T21704] FAT-fs (loop4): Directory bread(block 73) failed [ 744.249016][ T6061] usb 3-1: config 0 descriptor?? [ 744.301116][ T6061] hub 3-1:0.0: bad descriptor, ignoring hub [ 744.307348][ T6061] hub 3-1:0.0: probe with driver hub failed with error -5 [ 744.372665][ T6061] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input54 [ 744.426214][ T6061] usbtouchscreen 3-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -22 [ 744.590385][T21730] xt_CT: You must specify a L4 protocol and not use inversions on it [ 744.609564][T21690] loop1: detected capacity change from 0 to 32768 [ 744.654617][ T6061] usbtouchscreen 3-1:0.0: probe with driver usbtouchscreen failed with error -22 [ 744.699371][T21690] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.6880 (21690) [ 744.727146][T21733] netlink: 'syz.3.6898': attribute type 49 has an invalid length. [ 744.746365][ T6061] usb 3-1: USB disconnect, device number 100 [ 744.833554][T21690] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 744.878092][T21690] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 744.940483][T21690] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 745.082134][T21747] loop4: detected capacity change from 0 to 64 [ 745.133720][T21747] hfs: unable to locate alternate MDB [ 745.139162][T21747] hfs: continuing without an alternate MDB [ 745.433878][T21690] BTRFS info (device loop1): rebuilding free space tree [ 745.518514][T21690] BTRFS info (device loop1): disabling free space tree [ 745.548652][T21769] loop3: detected capacity change from 0 to 2048 [ 745.562624][T21690] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 745.602387][T21774] netlink: 'syz.0.6907': attribute type 21 has an invalid length. [ 745.622552][T21690] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 745.644804][T21776] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 745.663839][T21774] netlink: 128 bytes leftover after parsing attributes in process `syz.0.6907'. [ 745.672973][T21774] netlink: 'syz.0.6907': attribute type 4 has an invalid length. [ 745.686078][T21777] loop4: detected capacity change from 0 to 16 [ 745.698000][T21690] BTRFS info (device loop1): setting nodatasum [ 745.704755][T21774] netlink: 'syz.0.6907': attribute type 5 has an invalid length. [ 745.753938][T21774] netlink: 3 bytes leftover after parsing attributes in process `syz.0.6907'. [ 745.777166][T21777] erofs (device loop4): mounted with root inode @ nid 36. [ 745.793729][T21690] BTRFS info (device loop1): allowing degraded mounts [ 745.811074][T21690] BTRFS info (device loop1): turning on async discard [ 745.811563][T21769] NILFS (loop3): error -2 truncating bmap (ino=16) [ 745.873877][T21690] BTRFS info (device loop1): enabling disk space caching [ 745.904292][T21776] NILFS (loop3): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 745.913635][T21690] BTRFS info (device loop1): force clearing of disk cache [ 745.971676][T21776] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=16) [ 745.984023][T21690] BTRFS info (device loop1): force zlib compression, level 3 [ 746.048963][T21776] Remounting filesystem read-only [ 746.163884][T21788] loop0: detected capacity change from 0 to 256 [ 746.239133][ T5881] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 746.323427][T21791] netlink: 'syz.4.6913': attribute type 2 has an invalid length. [ 746.369185][ T5867] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 746.543905][ T6061] usb 3-1: new high-speed USB device number 101 using dummy_hcd [ 746.753875][ T6061] usb 3-1: Using ep0 maxpacket: 8 [ 746.762913][T21807] loop6: detected capacity change from 0 to 256 [ 746.785439][ T6061] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 746.811195][ T6061] usb 3-1: config 179 has no interface number 0 [ 746.841538][ T6061] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 746.897204][ T6061] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 746.963808][ T6061] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 746.991658][T21807] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 747.032182][ T6061] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 747.034745][ T975] usb 5-1: new high-speed USB device number 86 using dummy_hcd [ 747.053856][T21807] FAT-fs (loop6): Filesystem has been set read-only [ 747.063876][ T6061] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 747.092471][T21807] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 747.110767][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.117457][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.163108][T21807] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 747.176865][ T6061] usb 3-1: config 179 interface 65 has no altsetting 0 [ 747.209626][ T6061] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 747.263835][ T6061] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 747.289671][ T975] usb 5-1: Using ep0 maxpacket: 32 [ 747.317148][ T975] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 747.343618][ T6061] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input55 [ 747.373335][ T975] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 128, using maximum allowed: 30 [ 747.450223][ T975] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 128 [ 747.568300][ T975] usb 5-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=33.c7 [ 747.623476][T21827] loop3: detected capacity change from 0 to 256 [ 747.633583][ T975] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 747.693477][ T975] usb 5-1: Product: syz [ 747.718487][ T975] usb 5-1: Manufacturer: syz [ 747.723156][ T975] usb 5-1: SerialNumber: syz [ 747.773995][ T5866] usb 3-1: USB disconnect, device number 101 [ 747.780147][ C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 747.813190][ T975] usb 5-1: config 0 descriptor?? [ 747.848796][ T975] hub 5-1:0.0: bad descriptor, ignoring hub [ 747.888615][ T975] hub 5-1:0.0: probe with driver hub failed with error -5 [ 747.926579][ T975] keyspan 5-1:0.0: Keyspan - (without firmware) converter detected [ 748.133371][T21838] netlink: 5 bytes leftover after parsing attributes in process `syz.3.6932'. [ 748.192600][T21838] openvswitch: netlink: IP tunnel attribute has 1026 unknown bytes. [ 748.195492][ T975] usb 5-1: USB disconnect, device number 86 [ 748.224774][ T975] keyspan 5-1:0.0: device disconnected [ 748.587298][ T5866] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 748.775714][ T5866] usb 7-1: Using ep0 maxpacket: 32 [ 748.804319][ T5866] usb 7-1: config 0 has an invalid interface number: 244 but max is 0 [ 748.833101][ T5866] usb 7-1: config 0 has no interface number 0 [ 748.850755][ T5866] usb 7-1: config 0 interface 244 has no altsetting 0 [ 748.896007][ T5866] usb 7-1: New USB device found, idVendor=0e41, idProduct=4750, bcdDevice=26.9c [ 748.915859][ T5866] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 748.957005][ T5866] usb 7-1: Product: syz [ 748.971953][ T5866] usb 7-1: Manufacturer: syz [ 748.992248][ T5866] usb 7-1: SerialNumber: syz [ 748.994786][T21869] xt_hashlimit: max too large, truncated to 1048576 [ 749.034426][ T5866] usb 7-1: config 0 descriptor?? [ 749.049148][T21869] Cannot find add_set index 1 as target [ 749.088173][ T5866] snd_usb_toneport 7-1:0.244: Line 6 GuitarPort found [ 749.102067][T21875] loop2: detected capacity change from 0 to 256 [ 749.205494][T21878] netlink: 'syz.4.6948': attribute type 2 has an invalid length. [ 749.213264][T21878] netlink: 'syz.4.6948': attribute type 1 has an invalid length. [ 749.266752][T21875] FAT-fs (loop2): Directory bread(block 64) failed [ 749.289793][ T5866] snd_usb_toneport 7-1:0.244: cannot get proper max packet size [ 749.301357][T21875] FAT-fs (loop2): Directory bread(block 65) failed [ 749.308205][T21878] netlink: 'syz.4.6948': attribute type 1 has an invalid length. [ 749.341798][T21875] FAT-fs (loop2): Directory bread(block 66) failed [ 749.344022][ T5866] snd_usb_toneport 7-1:0.244: Line 6 GuitarPort now disconnected [ 749.380436][T21875] FAT-fs (loop2): Directory bread(block 67) failed [ 749.422680][ T5866] snd_usb_toneport 7-1:0.244: probe with driver snd_usb_toneport failed with error -22 [ 749.444930][T21875] FAT-fs (loop2): Directory bread(block 68) failed [ 749.466234][T21875] FAT-fs (loop2): Directory bread(block 69) failed [ 749.486417][T21875] FAT-fs (loop2): Directory bread(block 70) failed [ 749.506910][ T5866] usb 7-1: USB disconnect, device number 2 [ 749.541990][T21875] FAT-fs (loop2): Directory bread(block 71) failed [ 749.576655][T21875] FAT-fs (loop2): Directory bread(block 72) failed [ 749.593969][T21875] FAT-fs (loop2): Directory bread(block 73) failed [ 749.829153][ T30] audit: type=1800 audit(2000001148.339:129): pid=21875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6947" name="bus" dev="loop2" ino=1048703 res=0 errno=0 [ 749.950678][T21902] kernel profiling enabled (shift: 0) [ 751.188679][T21948] loop6: detected capacity change from 0 to 64 [ 751.612988][T21960] loop0: detected capacity change from 0 to 256 [ 751.630410][T21902] syz.1.6957: vmalloc error: size 690495488, failed to allocated page array size 1348624, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 751.727978][T21902] CPU: 0 UID: 0 PID: 21902 Comm: syz.1.6957 Not tainted syzkaller #0 PREEMPT(full) [ 751.728007][T21902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 751.728020][T21902] Call Trace: [ 751.728029][T21902] [ 751.728039][T21902] dump_stack_lvl+0x189/0x250 [ 751.728078][T21902] ? __pfx_dump_stack_lvl+0x10/0x10 [ 751.728109][T21902] ? __pfx__printk+0x10/0x10 [ 751.728131][T21902] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 751.728162][T21902] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 751.728194][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.728218][T21902] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 751.728252][T21902] warn_alloc+0x214/0x310 [ 751.728293][T21902] ? __pfx_warn_alloc+0x10/0x10 [ 751.728333][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.728359][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.728382][T21902] ? __get_vm_area_node+0x28f/0x300 [ 751.728415][T21902] ? profile_init+0xb4/0x100 [ 751.728444][T21902] __vmalloc_node_range_noprof+0x690/0x12d0 [ 751.728478][T21902] ? __asan_memset+0x22/0x50 [ 751.728525][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.728549][T21902] ? policy_nodemask+0x27c/0x720 [ 751.728567][T21902] ? __kasan_kmalloc_large+0x1c/0xa0 [ 751.728605][T21902] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 751.728638][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.728668][T21902] ? alloc_pages_mpol+0x3cd/0x4a0 [ 751.728694][T21902] ? profile_init+0xb4/0x100 [ 751.728717][T21902] vzalloc_noprof+0xb2/0xf0 [ 751.728748][T21902] ? profile_init+0xb4/0x100 [ 751.728773][T21902] profile_init+0xb4/0x100 [ 751.728796][T21902] profiling_store+0x70/0x120 [ 751.728825][T21902] ? __pfx_sysfs_kf_write+0x10/0x10 [ 751.728849][T21902] kernfs_fop_write_iter+0x3af/0x540 [ 751.728881][T21902] iter_file_splice_write+0x975/0x10e0 [ 751.728949][T21902] ? __pfx_iter_file_splice_write+0x10/0x10 [ 751.728990][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.729017][T21902] ? rcu_read_lock_any_held+0xb3/0x120 [ 751.729059][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.729090][T21902] ? __pfx_iter_file_splice_write+0x10/0x10 [ 751.729128][T21902] direct_splice_actor+0x101/0x160 [ 751.729168][T21902] splice_direct_to_actor+0x5a8/0xcc0 [ 751.729228][T21902] ? __pfx_direct_splice_actor+0x10/0x10 [ 751.729263][T21902] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 751.729309][T21902] do_splice_direct+0x181/0x270 [ 751.729342][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.729371][T21902] ? __pfx_do_splice_direct+0x10/0x10 [ 751.729408][T21902] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 751.729438][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.729463][T21902] ? rw_verify_area+0x255/0x4d0 [ 751.729495][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.729527][T21902] do_sendfile+0x4da/0x7e0 [ 751.729562][T21902] ? __pfx_do_sendfile+0x10/0x10 [ 751.729593][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.729623][T21902] ? __se_sys_futex+0x36f/0x400 [ 751.729676][T21902] __se_sys_sendfile64+0x13e/0x190 [ 751.729709][T21902] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 751.729743][T21902] ? do_syscall_64+0xbe/0xfa0 [ 751.729780][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.729817][T21902] do_syscall_64+0xfa/0xfa0 [ 751.729853][T21902] ? lockdep_hardirqs_on+0x9c/0x150 [ 751.729890][T21902] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.729915][T21902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 751.729946][T21902] ? exc_page_fault+0xab/0x100 [ 751.729984][T21902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.730011][T21902] RIP: 0033:0x7fbbea98f6c9 [ 751.730034][T21902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 751.730057][T21902] RSP: 002b:00007fbbeb8e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 751.730086][T21902] RAX: ffffffffffffffda RBX: 00007fbbeabe5fa0 RCX: 00007fbbea98f6c9 [ 751.730107][T21902] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 751.730123][T21902] RBP: 00007fbbeaa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 751.730140][T21902] R10: 0000000000000401 R11: 0000000000000246 R12: 0000000000000000 [ 751.730157][T21902] R13: 00007fbbeabe6038 R14: 00007fbbeabe5fa0 R15: 00007ffd0633e018 [ 751.730200][T21902] [ 751.730211][T21902] Mem-Info: [ 752.186307][T21902] active_anon:12334 inactive_anon:0 isolated_anon:0 [ 752.186307][T21902] active_file:3987 inactive_file:40558 isolated_file:0 [ 752.186307][T21902] unevictable:768 dirty:279 writeback:0 [ 752.186307][T21902] slab_reclaimable:11558 slab_unreclaimable:108055 [ 752.186307][T21902] mapped:35857 shmem:5488 pagetables:1775 [ 752.186307][T21902] sec_pagetables:0 bounce:0 [ 752.186307][T21902] kernel_misc_reclaimable:0 [ 752.186307][T21902] free:1267588 free_pcp:13645 free_cma:0 [ 752.231752][ C1] vkms_vblank_simulate: vblank timer overrun [ 752.245442][T21902] Node 0 active_anon:49436kB inactive_anon:0kB active_file:15948kB inactive_file:162028kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:143428kB dirty:1112kB writeback:0kB shmem:20416kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12724kB pagetables:6884kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 752.277379][ C1] vkms_vblank_simulate: vblank timer overrun [ 752.286413][T21975] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6986'. [ 752.316070][T21972] bond3: option primary_reselect: invalid value (65) [ 752.323188][T21902] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 752.369308][T21902] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 752.420014][T21972] bond3 (unregistering): Released all slaves [ 752.429001][T21978] loop2: detected capacity change from 0 to 64 [ 752.514821][T21902] lowmem_reserve[]: 0 2505 2505 2505 2505 [ 752.530887][T21902] Node 0 DMA32 free:1150732kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:49536kB inactive_anon:0kB active_file:15948kB inactive_file:162028kB unevictable:1536kB writepending:1212kB zspages:0kB present:3129332kB managed:2565168kB mlocked:0kB bounce:0kB free_pcp:46068kB local_pcp:24048kB free_cma:0kB [ 752.722950][T21902] lowmem_reserve[]: 0 0 0 0 0 [ 752.742103][T21902] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 752.856752][T21986] delete_channel: no stack [ 752.892116][T21902] lowmem_reserve[]: 0 0 0 0 0 [ 752.912394][T21902] Node 1 Normal free:3904260kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:10372kB local_pcp:10368kB free_cma:0kB [ 753.039447][T21902] lowmem_reserve[]: 0 0 0 0 0 [ 753.081082][T21902] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 753.096150][T21902] Node 0 DMA32: 936*4kB (UM) 577*8kB (UME) 230*16kB (UME) 246*32kB (UME) 114*64kB (UME) 51*128kB (UME) 54*256kB (UME) 26*512kB (M) 14*1024kB (UME) 4*2048kB (M) 261*4096kB (UM) = 1152456kB [ 753.134633][T21902] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 753.204396][T21902] Node 1 Normal: 201*4kB (UME) 46*8kB (UME) 45*16kB (UME) 257*32kB (UME) 76*64kB (UME) 19*128kB (UME) 7*256kB (UME) 4*512kB (UME) 2*1024kB (UM) 1*2048kB (E) 947*4096kB (UM) = 3904260kB [ 753.243740][T21998] bond2: peer notification delay (9) is not a multiple of miimon (100), value rounded to 0 ms [ 753.261520][T22004] loop6: detected capacity change from 0 to 512 [ 753.305381][T21902] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 753.356980][T22004] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 753.375962][T21902] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 753.407331][T22004] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 753.420962][T21902] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 753.455890][T22011] loop0: detected capacity change from 0 to 8 [ 753.488426][T21902] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 753.521534][T22011] SQUASHFS error: lzo decompression failed, data probably corrupt [ 753.544462][T21902] 49925 total pagecache pages [ 753.567956][T21902] 0 pages in swap cache [ 753.572149][T21902] Free swap = 124996kB [ 753.584501][T22011] SQUASHFS error: Failed to read block 0x91: -5 [ 753.590904][T22011] SQUASHFS error: Unable to read metadata cache entry [8f] [ 753.596251][T21902] Total swap = 124996kB [ 753.620463][T21902] 2097051 pages RAM [ 753.634216][T21902] 0 pages HighMem/MovableOnly [ 753.646284][T22011] SQUASHFS error: Unable to read inode 0x11f [ 753.647186][T21902] 424117 pages reserved [ 753.676888][T21902] 0 pages cma reserved [ 753.717508][T20902] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 753.793420][T22015] loop4: detected capacity change from 0 to 8192 [ 753.919010][T22015] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 753.954036][T22015] FAT-fs (loop4): Filesystem has been set read-only [ 754.332498][ T30] audit: type=1400 audit(2000001152.849:130): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=22033 comm="syz.4.7012" [ 754.796235][T22049] loop6: detected capacity change from 0 to 164 [ 754.899917][T22051] tmpfs: Bad value for 'mpol' [ 755.039427][T22047] loop3: detected capacity change from 0 to 4096 [ 755.093948][T22047] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 755.576406][T22065] loop4: detected capacity change from 0 to 16 [ 755.631942][T22065] erofs (device loop4): mounted with root inode @ nid 36. [ 755.804064][T22036] loop0: detected capacity change from 0 to 32768 [ 755.864756][T22036] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.7014 (22036) [ 755.974942][T22036] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 756.033956][T22036] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 756.115368][T22082] loop1: detected capacity change from 0 to 256 [ 756.383668][T22082] FAT-fs (loop1): Directory bread(block 64) failed [ 756.474589][T22082] FAT-fs (loop1): Directory bread(block 65) failed [ 756.495792][T22036] BTRFS info (device loop0): turning on flush-on-commit [ 756.502772][T22036] BTRFS info (device loop0): turning on async discard [ 756.514530][T22036] BTRFS info (device loop0): enabling free space tree [ 756.521555][T22082] FAT-fs (loop1): Directory bread(block 66) failed [ 756.561847][T22082] FAT-fs (loop1): Directory bread(block 67) failed [ 756.614089][T22082] FAT-fs (loop1): Directory bread(block 68) failed [ 756.679531][T22082] FAT-fs (loop1): Directory bread(block 69) failed [ 756.720756][T22082] FAT-fs (loop1): Directory bread(block 70) failed [ 756.754613][T22082] FAT-fs (loop1): Directory bread(block 71) failed [ 756.761294][T22082] FAT-fs (loop1): Directory bread(block 72) failed [ 756.790827][ T5870] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 756.802377][T22082] FAT-fs (loop1): Directory bread(block 73) failed [ 756.812814][T22116] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 757.164806][T22122] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7048'. [ 757.404980][T22130] openvswitch: netlink: Missing valid actions attribute. [ 757.442743][T22130] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 758.224945][T22124] loop0: detected capacity change from 0 to 32768 [ 758.285789][T22124] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 758.444083][T22124] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 758.446103][T22132] loop2: detected capacity change from 0 to 32768 [ 758.547732][T22124] XFS (loop0): Starting recovery (logdev: internal) [ 758.593676][T22128] loop6: detected capacity change from 0 to 32768 [ 758.613058][T22124] XFS (loop0): Ending recovery (logdev: internal) [ 758.665859][T22124] XFS (loop0): AG 0: Corrupt finobt pointer at level 1 index 0. [ 758.673682][T22124] XFS (loop0): Failed to initialize disk quotas, err -117. [ 758.744269][T22124] XFS (loop0): AG 0: Corrupt finobt pointer at level 1 index 0. [ 758.759698][T22128] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 758.842483][ T5870] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 758.891889][ T5870] XFS (loop0): Uncorrected metadata errors detected; please run xfs_repair. [ 758.893147][T22128] OCFS2: ERROR (device loop6): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 2048 but claims that 39166 are free [ 758.968180][T22128] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 758.998461][T22128] OCFS2: File system is now read-only. [ 759.064785][T22128] (syz.6.7049,22128,0):ocfs2_search_chain:1817 ERROR: status = -30 [ 759.135254][T22128] (syz.6.7049,22128,0):ocfs2_search_chain:1940 ERROR: status = -30 [ 759.208443][T22128] (syz.6.7049,22128,0):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30 [ 759.329054][T22128] (syz.6.7049,22128,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30 [ 759.377317][T22128] (syz.6.7049,22128,0):ocfs2_claim_new_inode:2298 ERROR: status = -30 [ 759.424829][T22128] (syz.6.7049,22128,0):ocfs2_claim_new_inode:2313 ERROR: status = -30 [ 759.433047][T22128] (syz.6.7049,22128,0):ocfs2_mknod_locked:641 ERROR: status = -30 [ 759.495206][T22128] (syz.6.7049,22128,0):ocfs2_mknod:388 ERROR: status = -30 [ 759.502807][T22128] (syz.6.7049,22128,0):ocfs2_mknod:505 ERROR: status = -30 [ 759.575174][T22128] (syz.6.7049,22128,0):ocfs2_create:678 ERROR: status = -30 [ 759.720717][T22154] loop1: detected capacity change from 0 to 32768 [ 759.760891][T20902] ocfs2: Unmounting device (7,6) on (node local) [ 760.166517][ T30] audit: type=1800 audit(2000001158.689:131): pid=22188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.7072" name="/newroot/1237/file0" dev="tmpfs" ino=6403 res=0 errno=0 [ 760.191501][T22199] loop1: detected capacity change from 0 to 256 [ 760.294734][ T6061] usb 3-1: new high-speed USB device number 102 using dummy_hcd [ 760.347919][T22201] netlink: 'syz.4.7080': attribute type 2 has an invalid length. [ 760.379103][T22201] netlink: 'syz.4.7080': attribute type 1 has an invalid length. [ 760.405543][T22201] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7080'. [ 760.463406][T22204] loop0: detected capacity change from 0 to 1024 [ 760.503438][T22205] loop3: detected capacity change from 0 to 2048 [ 760.505731][T22204] EXT4-fs: Ignoring removed oldalloc option [ 760.516466][ T6061] usb 3-1: Using ep0 maxpacket: 32 [ 760.524893][T22204] EXT4-fs: Ignoring removed bh option [ 760.532263][ T6061] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 760.544500][ T6061] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 760.568680][T22205] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 760.579153][ T6061] usb 3-1: config 0 descriptor?? [ 760.594475][T22204] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 760.609077][ T6061] as10x_usb: device has been detected [ 760.654213][T22212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7083'. [ 760.703261][ T6061] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 760.750968][T22204] cgroup: release_agent respecified [ 760.759047][T22214] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7085'. [ 760.806381][T22214] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7085'. [ 760.895259][ T6061] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 760.958283][ T5870] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 761.062502][ T6061] as10x_usb: error during firmware upload part1 [ 761.115457][ T6061] Registered device nBox DVB-T Dongle [ 761.126350][ T6061] usb 3-1: USB disconnect, device number 102 [ 761.214212][T22227] loop4: detected capacity change from 0 to 256 [ 761.229328][T22224] loop1: detected capacity change from 0 to 1024 [ 761.261155][ T6061] Unregistered device nBox DVB-T Dongle [ 761.279505][ T6061] as10x_usb: device has been disconnected [ 761.433583][T22224] hfsplus: inconsistency in B*Tree (1,0,1,0,1) [ 761.446128][T22224] hfsplus: inconsistency in B*Tree (1,0,1,0,1) [ 761.686587][ T12] hfsplus: b-tree write err: -5, ino 4 [ 761.932120][T22245] loop4: detected capacity change from 0 to 512 [ 762.068025][T22245] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 762.185078][T22245] ext4 filesystem being mounted at /1149/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 762.474552][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 762.626690][T22273] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7110'. [ 762.748029][T22278] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7111'. [ 762.792098][T22278] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7111'. [ 763.051333][T22286] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 763.096106][T22285] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 763.221286][T22285] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 763.657007][T22308] SET target dimension over the limit! [ 764.069512][T22318] netlink: 64 bytes leftover after parsing attributes in process `syz.0.7129'. [ 764.175066][ T5960] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 764.373053][ T5960] usb 4-1: Using ep0 maxpacket: 32 [ 764.392204][ T5960] usb 4-1: unable to get BOS descriptor or descriptor too short [ 764.415771][ T5960] usb 4-1: config 7 has an invalid interface number: 187 but max is 0 [ 764.451598][ T5960] usb 4-1: config 7 has no interface number 0 [ 764.460124][ T5960] usb 4-1: config 7 interface 187 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0 [ 764.500825][ T5960] usb 4-1: config 7 interface 187 has no altsetting 0 [ 764.537446][ T5960] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 764.566661][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 764.605061][ T5960] usb 4-1: Product: syz [ 764.619765][ T5960] usb 4-1: Manufacturer: syz [ 764.638084][ T5960] usb 4-1: SerialNumber: syz [ 764.902899][ T5960] usb 4-1: Unknown endpoint type found, address 0x07 [ 764.933261][ T5960] usb 4-1: Unknown endpoint type found, address 0x03 [ 764.970193][ T5960] usb 4-1: Not enough endpoints found in device, aborting! [ 765.035636][T22350] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7146'. [ 765.071501][T22350] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7146'. [ 765.173331][ T5969] usb 4-1: USB disconnect, device number 90 [ 765.485941][T22362] loop2: detected capacity change from 0 to 128 [ 765.518733][T22364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7152'. [ 765.587516][T22362] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 765.805558][T22362] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.7153: checksumming directory block 0 [ 765.960608][T22378] loop0: detected capacity change from 0 to 256 [ 766.022319][T22378] exfat: Deprecated parameter 'namecase' [ 766.071299][T22378] exfat: Deprecated parameter 'namecase' [ 766.104254][ T5874] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 766.141490][T22378] exfat: Deprecated parameter 'namecase' [ 766.147936][T22384] loop6: detected capacity change from 0 to 128 [ 766.216614][T22378] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 766.281386][T22384] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100) [ 766.304705][T22378] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 766.320234][T22384] FAT-fs (loop6): Filesystem has been set read-only [ 766.526564][ T5969] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 766.743756][ T5969] usb 5-1: config 0 has an invalid interface number: 36 but max is 0 [ 766.757888][ T5969] usb 5-1: config 0 has no interface number 0 [ 766.795753][ T5969] usb 5-1: New USB device found, idVendor=0733, idProduct=0430, bcdDevice=ce.72 [ 766.835737][ T5969] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 766.843794][ T5969] usb 5-1: Product: syz [ 766.885396][ T5969] usb 5-1: Manufacturer: syz [ 766.890091][ T5969] usb 5-1: SerialNumber: syz [ 766.912624][T22399] loop0: detected capacity change from 0 to 4096 [ 766.936748][ T5969] usb 5-1: config 0 descriptor?? [ 766.973295][ T5969] gspca_main: spca505-2.14.0 probing 0733:0430 [ 767.024933][T22399] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 767.195710][ T60] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 767.236077][ T5870] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 767.245249][ T5870] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 767.290322][ T5870] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 767.308568][ T12] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 767.373728][ T5969] gspca_spca505: reg write: error -71 [ 767.393808][ T5969] spca505 5-1:0.36: probe with driver spca505 failed with error -5 [ 767.441362][ T5969] usb 5-1: USB disconnect, device number 87 [ 767.518479][T22422] netlink: 288 bytes leftover after parsing attributes in process `syz.0.7179'. [ 767.969212][T22436] loop3: detected capacity change from 0 to 128 [ 768.017959][T22436] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 768.060077][T22436] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 768.120139][T22439] loop1: detected capacity change from 0 to 2048 [ 768.265747][T22443] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 768.347043][T22439] NILFS (loop1): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3) [ 768.401310][T22439] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=16) [ 768.450317][T22439] Remounting filesystem read-only [ 768.458251][T22439] NILFS (loop1): error -5 truncating bmap (ino=16) [ 768.469016][T22449] loop4: detected capacity change from 0 to 64 [ 768.480293][T22447] loop6: detected capacity change from 0 to 512 [ 768.540761][T22447] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002] [ 768.556072][T22447] System zones: 1-12 [ 768.625003][T22447] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.7192: invalid indirect mapped block 8 (level 2) [ 768.704521][ T5867] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 768.806687][T22447] EXT4-fs (loop6): Remounting filesystem read-only [ 768.813483][T22447] EXT4-fs (loop6): 1 truncate cleaned up [ 768.869940][T22453] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 768.871181][T22447] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 768.903713][T22418] loop2: detected capacity change from 0 to 32768 [ 769.159926][T22418] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 769.307563][T20902] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 769.563390][ T5874] ocfs2: Unmounting device (7,2) on (node local) [ 769.786089][ T30] audit: type=1326 audit(2000001168.308:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22480 comm="syz.0.7208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 769.895868][ T30] audit: type=1326 audit(2000001168.328:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22480 comm="syz.0.7208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 769.948949][T22486] openvswitch: netlink: Actions may not be safe on all matching packets [ 769.995742][ T30] audit: type=1326 audit(2000001168.338:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22480 comm="syz.0.7208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 770.115702][ T30] audit: type=1326 audit(2000001168.338:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22480 comm="syz.0.7208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 770.165243][T22490] loop1: detected capacity change from 0 to 256 [ 770.225589][ T30] audit: type=1326 audit(2000001168.338:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22480 comm="syz.0.7208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 770.329725][T22488] loop6: detected capacity change from 0 to 4096 [ 770.358038][T22495] bond1: Unable to set up delay as MII monitoring is disabled [ 770.451180][T22495] bond1 (unregistering): Released all slaves [ 770.585226][T22488] ntfs3(loop6): Failed to initialize $Extend/$ObjId. [ 770.594915][T22505] netlink: 272 bytes leftover after parsing attributes in process `syz.4.7218'. [ 770.792681][T22510] openvswitch: netlink: Message has -2 unknown bytes. [ 771.048233][T22515] fuse: Bad value for 'user_id' [ 771.082429][T22515] fuse: Bad value for 'user_id' [ 771.167868][T22523] loop3: detected capacity change from 0 to 16 [ 771.223491][T22523] erofs (device loop3): mounted with root inode @ nid 36. [ 771.266461][T22525] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7228'. [ 771.288312][T22523] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 771.301238][T22525] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7228'. [ 771.338101][T22523] erofs (device loop3): failed to decompress -43 in[46, 4050] out[1851] [ 771.344197][T22525] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 771.347335][T22529] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7230'. [ 771.381689][T22523] erofs (device loop3): read error -117 @ 43 of nid 36 [ 771.559326][T22528] bridge0: port 1(bridge_slave_0) entered disabled state [ 771.602148][T22528] bridge0: port 2(bridge_slave_1) entered disabled state [ 771.781279][T22537] netlink: 'syz.3.7233': attribute type 21 has an invalid length. [ 771.790009][T22537] netlink: 100 bytes leftover after parsing attributes in process `syz.3.7233'. [ 771.917583][T22529] bond1: option resend_igmp: invalid value (511) [ 771.923980][T22529] bond1: option resend_igmp: allowed values 0 - 255 [ 772.051577][T22529] bond1 (unregistering): Released all slaves [ 772.232133][T22546] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7236'. [ 772.285240][T22548] geneve2: entered promiscuous mode [ 772.327227][ T1093] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 772.359640][ T1093] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 772.422896][ T1093] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 772.449934][ T1093] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 772.596943][T22522] loop2: detected capacity change from 0 to 32768 [ 772.685151][T22522] syz.2.7226: attempt to access beyond end of device [ 772.685151][T22522] loop2: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 772.709169][T22561] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7245'. [ 772.769766][T22522] metapage_write_end_io: I/O error [ 772.846080][T22522] ERROR: (device loop2): release_metapage: metapage_write_one() failed [ 772.846080][T22522] [ 772.910376][T22522] ERROR: (device loop2): remounting filesystem as read-only [ 772.959614][T22522] blkno = 8ed2c, nblocks = 1 [ 772.990631][T22522] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 772.990631][T22522] [ 773.047211][T22556] loop0: detected capacity change from 0 to 8192 [ 773.070905][T22522] UFO tlock:0xffffc900028ea0d8 [ 773.097903][T22568] loop6: detected capacity change from 0 to 512 [ 773.150643][T22556] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1) [ 773.182424][T22556] FAT-fs (loop0): Filesystem has been set read-only [ 773.213859][T22568] EXT4-fs error (device loop6): ext4_xattr_inode_iget:446: comm syz.6.7249: error while reading EA inode 32 err=-116 [ 773.277415][T22568] EXT4-fs (loop6): Remounting filesystem read-only [ 773.284442][T22568] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 773.295686][T22568] EXT4-fs (loop6): 1 orphan inode deleted [ 773.309046][T22568] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 773.374431][ T111] blkno = 8ed2c, nblocks = 4 [ 773.383440][ T111] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 773.383440][ T111] [ 773.412760][ T5874] syz-executor: attempt to access beyond end of device [ 773.412760][ T5874] loop2: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 773.431719][T22568] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 773.436284][T22578] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7253'. [ 773.496557][ T5874] metapage_write_end_io: I/O error [ 773.526619][ T5874] JFS: metapage_get_blocks failed [ 773.577755][ T5874] JFS: metapage_get_blocks failed [ 773.582945][ T5874] JFS: metapage_get_blocks failed [ 773.623322][ T5874] JFS: metapage_get_blocks failed [ 774.045692][ T5815] usb 2-1: new high-speed USB device number 98 using dummy_hcd [ 774.245617][ T5815] usb 2-1: Using ep0 maxpacket: 16 [ 774.281617][ T5815] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 774.315613][ T5815] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 774.357865][ T5815] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 774.394550][ T5815] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice=4f.14 [ 774.415610][ T5815] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 774.444038][ T5815] usb 2-1: Product: syz [ 774.459104][ T5815] usb 2-1: Manufacturer: syz [ 774.463749][ T5815] usb 2-1: SerialNumber: syz [ 774.507195][ T5815] usb 2-1: config 0 descriptor?? [ 774.543048][T22586] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 774.568488][ T5815] mceusb 2-1:0.0: mceusb_dev_probe: device setup failed! [ 774.592249][ T5815] mceusb 2-1:0.0: probe with driver mceusb failed with error -12 [ 774.783184][ T5815] usb 2-1: USB disconnect, device number 98 [ 774.955270][T22626] C: renamed from team_slave_0 [ 775.044789][T22626] netlink: 'syz.0.7277': attribute type 3 has an invalid length. [ 775.075898][T22626] netlink: 152 bytes leftover after parsing attributes in process `syz.0.7277'. [ 775.126440][T22626] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 775.199894][T22632] loop6: detected capacity change from 0 to 1024 [ 775.487671][ T50] hfsplus: b-tree write err: -5, ino 4 [ 776.132110][T22658] loop2: detected capacity change from 0 to 512 [ 776.170613][T22658] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 776.212070][T22658] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002] [ 776.237980][T22658] System zones: 1-12 [ 776.242216][T22658] EXT4-fs (loop2): orphan cleanup on readonly fs [ 776.277874][T22658] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7291: bg 0: block 361: padding at end of block bitmap is not set [ 776.298100][T22662] loop0: detected capacity change from 0 to 256 [ 776.322698][T22658] EXT4-fs (loop2): Remounting filesystem read-only [ 776.370773][T22658] EXT4-fs (loop2): 1 truncate cleaned up [ 776.412864][T22658] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 776.488332][T22658] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 776.950316][T22684] lo: entered promiscuous mode [ 776.955349][T22684] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 778.203482][T22728] xt_hashlimit: max too large, truncated to 1048576 [ 778.266343][T22728] No such timeout policy "syz1" [ 778.348387][T22731] loop4: detected capacity change from 0 to 512 [ 778.454012][T22731] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 778.496376][T22731] ext4 filesystem being mounted at /1190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 778.603525][T22731] EXT4-fs error (device loop4): ext4_xattr_block_find:1874: inode #12: comm syz.4.7324: corrupted xattr block 6: invalid header [ 778.916147][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 779.326723][T22720] loop1: detected capacity change from 0 to 32768 [ 779.365534][T22720] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.7320 (22720) [ 779.406730][T22772] openvswitch: netlink: Message has 4 unknown bytes. [ 779.465045][T22720] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 779.535963][T22720] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 779.677761][T22782] usb usb3: usbfs: process 22782 (syz.2.7342) did not claim interface 0 before use [ 779.887149][T22720] BTRFS info (device loop1): enabling ssd optimizations [ 779.894310][T22720] BTRFS info (device loop1): turning on async discard [ 779.953721][T22720] BTRFS info (device loop1): enabling free space tree [ 780.149799][T22801] loop0: detected capacity change from 0 to 4096 [ 780.170090][T22801] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 780.193989][T22802] loop6: detected capacity change from 0 to 4096 [ 780.275440][T22802] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512). [ 780.352322][ T5867] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 780.506760][T22802] ntfs3(loop6): MFT: r=18, expect seq=1 instead of 0! [ 780.513695][T22802] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 780.556191][T22802] ntfs3(loop6): Failed to initialize $Extend/$ObjId. [ 780.566194][T22816] openvswitch: netlink: Actions may not be safe on all matching packets [ 780.896733][T22827] kAFS: No cell specified [ 781.126497][ T5815] usb 5-1: new high-speed USB device number 88 using dummy_hcd [ 781.140695][T22832] loop0: detected capacity change from 0 to 16 [ 781.186815][ C0] vkms_vblank_simulate: vblank timer overrun [ 781.237298][T22832] erofs (device loop0): mounted with root inode @ nid 36. [ 781.326175][ T5815] usb 5-1: Using ep0 maxpacket: 8 [ 781.342918][ T5815] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 781.388129][ T5815] usb 5-1: config 179 has no interface number 0 [ 781.439107][ T5815] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 781.495114][ T5815] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 781.546415][ T5815] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 781.561350][ C0] vkms_vblank_simulate: vblank timer overrun [ 781.687879][ T5815] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 781.787835][ T5815] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 781.807360][ T5815] usb 5-1: config 179 interface 65 has no altsetting 0 [ 781.816772][ T5815] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 781.833044][ T5815] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 782.033335][ T5815] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input57 [ 782.146184][ T5178] input input57: unable to receive magic message: -110 [ 782.227016][ T5178] input input57: unable to receive magic message: -32 [ 782.374528][ T6476] input input57: unable to receive magic message: -32 [ 782.413598][ C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 782.413605][ T5969] usb 5-1: USB disconnect, device number 88 [ 782.413669][ C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 782.780288][T22820] loop3: detected capacity change from 0 to 32768 [ 782.888517][T22820] ERROR: (device loop3): xtSearch: xt_getpage: xtree page corrupt [ 782.888517][T22820] [ 782.927899][T22820] xtLookup: xtSearch returned -5 [ 782.956977][T22820] add_index: get/read_metapage failed! [ 783.374537][T22839] loop2: detected capacity change from 0 to 32768 [ 783.576406][T22888] xt_recent: Unsupported userspace flags (000000b1) [ 783.579176][T22839] ERROR: (device loop2): dbAllocNext: Corrupt dmap page [ 783.579176][T22839] [ 783.672626][T22839] ialloc: diAlloc returned -5! [ 784.144206][ T30] audit: type=1326 audit(2000001182.657:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22899 comm="syz.4.7387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbf8f6c9 code=0x7ffc0000 [ 784.150364][T22905] loop1: detected capacity change from 0 to 16 [ 784.245375][ T30] audit: type=1326 audit(2000001182.667:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22899 comm="syz.4.7387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbf8f6c9 code=0x7ffc0000 [ 784.277280][T22905] erofs (device loop1): mounted with root inode @ nid 36. [ 784.351291][T22905] syz.1.7388: attempt to access beyond end of device [ 784.351291][T22905] loop1: rw=524288, sector=167772159, nr_sectors = 1 limit=16 [ 784.385981][ T30] audit: type=1326 audit(2000001182.667:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22899 comm="syz.4.7387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7fb1fbf8f6c9 code=0x7ffc0000 [ 784.435112][T22905] syz.1.7388: attempt to access beyond end of device [ 784.435112][T22905] loop1: rw=0, sector=167772159, nr_sectors = 1 limit=16 [ 784.511878][ T30] audit: type=1326 audit(2000001182.667:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22899 comm="syz.4.7387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbf8f6c9 code=0x7ffc0000 [ 784.628382][ T5979] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 784.647713][ T30] audit: type=1326 audit(2000001182.667:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22899 comm="syz.4.7387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbf8f6c9 code=0x7ffc0000 [ 784.701413][T22916] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7393'. [ 784.738382][ T30] audit: type=1800 audit(2000001183.067:142): pid=22905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.7388" name="file1" dev="loop1" ino=86 res=0 errno=0 [ 784.828406][ T5979] usb 7-1: config 0 has an invalid interface number: 160 but max is 0 [ 784.846189][ T5979] usb 7-1: config 0 has no interface number 0 [ 784.857504][ T5979] usb 7-1: config 0 interface 160 has no altsetting 0 [ 784.882224][ T5979] usb 7-1: New USB device found, idVendor=a6da, idProduct=1e78, bcdDevice=56.e4 [ 784.892505][ T5979] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 784.901027][ T5979] usb 7-1: Product: syz [ 784.910837][ T5979] usb 7-1: Manufacturer: syz [ 784.921231][ T5979] usb 7-1: SerialNumber: syz [ 784.940039][ T5979] usb 7-1: config 0 descriptor?? [ 784.963472][ T5979] usb-storage 7-1:0.160: USB Mass Storage device detected [ 785.204790][ T5979] usb 7-1: USB disconnect, device number 3 [ 785.287483][T22932] loop4: detected capacity change from 0 to 1024 [ 785.551686][ T5872] hfsplus: walked past end of dir [ 785.579372][T22938] bridge0: port 3(veth0_to_bridge) entered blocking state [ 785.610894][T22938] bridge0: port 3(veth0_to_bridge) entered disabled state [ 785.640617][T22938] veth0_to_bridge: entered allmulticast mode [ 785.685641][T22938] veth0_to_bridge: entered promiscuous mode [ 785.782840][T22901] loop3: detected capacity change from 0 to 32768 [ 786.036874][ T5872] bond0: (slave syz_tun): Releasing backup interface [ 786.272125][T22931] loop1: detected capacity change from 0 to 32768 [ 786.291621][T22952] netlink: 1 bytes leftover after parsing attributes in process `syz.6.7410'. [ 786.326746][T22931] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.7399 (22931) [ 786.375642][T22931] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 786.407450][T22931] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 786.631607][T22931] BTRFS info (device loop1): enabling ssd optimizations [ 786.653929][T22931] BTRFS info (device loop1): turning on async discard [ 786.668910][T22956] loop2: detected capacity change from 0 to 4096 [ 786.686447][T22931] BTRFS info (device loop1): enabling free space tree [ 786.730298][ T1093] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 786.797453][T22973] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 786.845717][T22956] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=0, inode=3, rec_len=16, name_len=1 [ 786.925797][ T5867] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 786.970433][T22956] Remounting filesystem read-only [ 787.091840][ T1093] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 787.356332][T22978] ieee802154 phy0 wpan0: encryption failed: -22 [ 787.462038][ T1093] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 787.692834][T22986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7421'. [ 787.727181][T22986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7421'. [ 787.827626][T22986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7421'. [ 787.901381][T22989] loop6: detected capacity change from 0 to 64 [ 787.998592][ T1093] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 788.586086][ T5143] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 788.605961][ T5143] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 788.616723][ T5143] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 788.648097][ T5143] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 788.661515][ T5143] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 788.826956][ T1093] bridge_slave_1: left allmulticast mode [ 788.840886][T23024] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7436'. [ 788.866414][ T1093] bridge_slave_1: left promiscuous mode [ 788.874359][ T1093] bridge0: port 2(bridge_slave_1) entered disabled state [ 788.967895][ T1093] bridge_slave_0: left allmulticast mode [ 789.000878][ T1093] bridge_slave_0: left promiscuous mode [ 789.032147][ T1093] bridge0: port 1(bridge_slave_0) entered disabled state [ 790.002236][T23054] loop2: detected capacity change from 0 to 4096 [ 790.066651][T23054] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 790.207890][T23054] ntfs3(loop2): ino=19, mi_enum_attr [ 790.216599][T23054] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 790.261918][T23054] ntfs3(loop2): mft corrupted [ 790.301320][T23054] ntfs3(loop2): ino=1a, mi_enum_attr [ 790.375864][T23074] loop3: detected capacity change from 0 to 256 [ 790.461894][T23077] netlink: 'syz.6.7458': attribute type 84 has an invalid length. [ 790.488961][T23074] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 790.712900][ T5143] Bluetooth: hci2: command tx timeout [ 791.764205][T23109] netlink: 'syz.6.7473': attribute type 16 has an invalid length. [ 791.774533][T23109] netlink: 'syz.6.7473': attribute type 17 has an invalid length. [ 791.785118][ T1093] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 791.799027][T23111] loop2: detected capacity change from 0 to 512 [ 791.806068][ T1093] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 791.813680][T23111] EXT4-fs: Ignoring removed nobh option [ 791.829223][T23111] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 791.840355][ T1093] bond0 (unregistering): Released all slaves [ 791.852019][T23111] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e02c, mo2=0002] [ 791.862316][T23111] EXT4-fs (loop2): orphan cleanup on readonly fs [ 791.881906][T23111] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.7472: attempt to clear invalid blocks 1024 len 1 [ 791.899956][T23111] EXT4-fs (loop2): Remounting filesystem read-only [ 791.910401][T23111] EXT4-fs (loop2): 1 truncate cleaned up [ 791.918244][T23111] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 791.969094][ T5874] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 791.995823][ T1093] bond1 (unregistering): Released all slaves [ 792.030007][ T1093] bond2 (unregistering): Released all slaves [ 792.215284][T23109] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 792.269097][ T1093] : left promiscuous mode [ 792.375428][T23116] loop1: detected capacity change from 0 to 1024 [ 792.687965][ T1089] hfsplus: b-tree write err: -5, ino 4 [ 792.788693][ T5143] Bluetooth: hci2: command tx timeout [ 793.176443][T23137] loop6: detected capacity change from 0 to 1024 [ 793.231886][T23137] EXT4-fs: inline encryption not supported [ 793.288100][T23137] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 793.434140][T23137] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 2: comm syz.6.7483: lblock 2 mapped to illegal pblock 2 (length 1) [ 793.456990][T23137] EXT4-fs (loop6): Remounting filesystem read-only [ 793.469251][T23137] Quota error (device loop6): qtree_write_dquot: dquota write failed [ 793.529645][T23137] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 793.552004][T23120] loop0: detected capacity change from 0 to 32768 [ 793.557327][T23137] EXT4-fs (loop6): 1 orphan inode deleted [ 793.631833][T23137] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 793.709835][T23137] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 793.734223][T23119] loop3: detected capacity change from 0 to 32768 [ 793.749314][T23147] loop1: detected capacity change from 0 to 2048 [ 793.775266][T23119] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.7477 (23119) [ 793.836090][T23147] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 793.886716][ T5979] usb 3-1: new full-speed USB device number 103 using dummy_hcd [ 793.906443][T23119] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 793.956993][T23119] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 794.109920][ T5979] usb 3-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76 [ 794.145061][ T5979] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 794.223041][ T5979] usb 3-1: Product: syz [ 794.256652][ T5979] usb 3-1: Manufacturer: syz [ 794.261398][ T5979] usb 3-1: SerialNumber: syz [ 794.283355][T23119] BTRFS info (device loop3): enabling ssd optimizations [ 794.342499][T23119] BTRFS info (device loop3): turning on sync discard [ 794.356500][T23119] BTRFS info (device loop3): enabling free space tree [ 794.428638][ T5979] usb 3-1: config 0 descriptor?? [ 794.667822][ T5979] usb 3-1: ignoring: not an USB2CAN converter [ 794.679966][T23119] BTRFS info (device loop3): balance: start -sdrange=7..107,limit=4294967293..3,stripes=1855..4 [ 794.747828][T23119] BTRFS info (device loop3): balance: ended with status: 0 [ 794.868100][ T5143] Bluetooth: hci2: command tx timeout [ 794.884079][ T5979] usb 3-1: USB disconnect, device number 103 [ 795.145175][ T1093] hsr_slave_0: left promiscuous mode [ 795.193965][ T1093] hsr_slave_1: left promiscuous mode [ 795.233247][ T1093] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 795.272190][ T1093] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 795.293357][ T5881] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 795.305694][T23195] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7497'. [ 795.316980][ T1093] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 795.367119][ T1093] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 795.519719][ T1093] veth1_macvtap: left promiscuous mode [ 795.525323][ T1093] veth0_macvtap: left promiscuous mode [ 795.636882][T23205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7498'. [ 795.693527][T23205] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7498'. [ 796.348119][ T6061] usb 3-1: new high-speed USB device number 104 using dummy_hcd [ 796.379062][ T30] audit: type=1326 audit(2000001194.907:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23226 comm="syz.6.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1358f6c9 code=0x7ffc0000 [ 796.418447][ T30] audit: type=1326 audit(2000001194.927:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23226 comm="syz.6.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1358f6c9 code=0x7ffc0000 [ 796.446940][ T30] audit: type=1326 audit(2000001194.937:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23226 comm="syz.6.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f7b1358f6c9 code=0x7ffc0000 [ 796.508212][ T30] audit: type=1326 audit(2000001194.937:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23226 comm="syz.6.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1358f6c9 code=0x7ffc0000 [ 796.560353][ T6061] usb 3-1: config index 0 descriptor too short (expected 39, got 27) [ 796.573803][ T30] audit: type=1326 audit(2000001194.937:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23226 comm="syz.6.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1358f6c9 code=0x7ffc0000 [ 796.574449][ T6061] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 796.609753][T23229] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7513'. [ 796.624693][ T6061] usb 3-1: config 0 interface 0 has no altsetting 0 [ 796.672092][ T6061] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 796.692734][ T6061] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 796.714569][ T6061] usb 3-1: Product: syz [ 796.728841][ T6061] usb 3-1: Manufacturer: syz [ 796.733601][ T6061] usb 3-1: SerialNumber: syz [ 796.743859][ T6061] usb 3-1: config 0 descriptor?? [ 796.759497][T23231] loop0: detected capacity change from 0 to 16 [ 796.773865][ T6061] hub 3-1:0.0: bad descriptor, ignoring hub [ 796.813315][ T6061] hub 3-1:0.0: probe with driver hub failed with error -5 [ 796.825401][ T6061] usb 3-1: selecting invalid altsetting 0 [ 796.842542][T23231] erofs (device loop0): mounted with root inode @ nid 36. [ 796.892255][T23231] erofs (device loop0): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 796.951720][ T5143] Bluetooth: hci2: command tx timeout [ 796.979496][T23231] syz.0.7514: attempt to access beyond end of device [ 796.979496][T23231] loop0: rw=524288, sector=128, nr_sectors = 1 limit=16 [ 797.007507][T23231] syz.0.7514: attempt to access beyond end of device [ 797.007507][T23231] loop0: rw=524288, sector=0, nr_sectors = 1024 limit=16 [ 797.088379][T23231] syz.0.7514: attempt to access beyond end of device [ 797.088379][T23231] loop0: rw=0, sector=128, nr_sectors = 1 limit=16 [ 797.137247][ T6061] usb 3-1: USB disconnect, device number 104 [ 797.154606][T23231] syz.0.7514: attempt to access beyond end of device [ 797.154606][T23231] loop0: rw=0, sector=0, nr_sectors = 1024 limit=16 [ 797.244235][T23231] erofs (device loop0): read error -5 @ 0 of nid 89 [ 797.284372][ T30] audit: type=1800 audit(2000001195.807:148): pid=23231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7514" name="file2" dev="loop0" ino=89 res=0 errno=0 [ 797.918300][T23249] loop6: detected capacity change from 0 to 2048 [ 797.927369][T23249] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=27485, location=27485 [ 797.969560][T23249] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 798.282992][T23259] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7528'. [ 798.601582][ T1093] team0 (unregistering): Port device team_slave_1 removed [ 798.778646][T23271] netlink: 'syz.2.7534': attribute type 30 has an invalid length. [ 798.886703][ T1093] team0 (unregistering): Port device team_slave_0 removed [ 799.043843][T23275] loop2: detected capacity change from 0 to 512 [ 799.068325][T23275] EXT4-fs (loop2): Test dummy encryption mode enabled [ 799.091449][T23275] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 799.166703][T23275] EXT4-fs (loop2): 1 orphan inode deleted [ 799.173696][T23275] EXT4-fs (loop2): 1 truncate cleaned up [ 799.181626][T23275] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 799.258686][ T5874] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 799.562770][T23287] netlink: 5 bytes leftover after parsing attributes in process `syz.2.7541'. [ 799.848816][T23253] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7525'. [ 799.877530][T23287] 0ªî{X¹¦: renamed from macvtap0 (while UP) [ 799.905464][T23287] 0ªî{X¹¦: entered allmulticast mode [ 799.916930][T23287] veth0_macvtap: entered allmulticast mode [ 799.923340][T23287] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 799.981529][T23009] chnl_net:caif_netlink_parms(): no params data found [ 800.306061][T23294] netdevsim netdevsim3: Firmware load for './cgroup/../file0' refused, path contains '..' component [ 800.731292][T23315] SET target dimension over the limit! [ 800.853813][T23323] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 800.933324][T23009] bridge0: port 1(bridge_slave_0) entered blocking state [ 800.994279][T23009] bridge0: port 1(bridge_slave_0) entered disabled state [ 801.044489][T23009] bridge_slave_0: entered allmulticast mode [ 801.069383][T23009] bridge_slave_0: entered promiscuous mode [ 801.232731][T23328] bond1: option arp_validate: mode dependency failed, not supported in mode balance-alb(6) [ 801.309655][T23328] bond1 (unregistering): Released all slaves [ 801.412342][T23009] bridge0: port 2(bridge_slave_1) entered blocking state [ 801.425765][T23009] bridge0: port 2(bridge_slave_1) entered disabled state [ 801.459526][T23009] bridge_slave_1: entered allmulticast mode [ 801.503709][T23009] bridge_slave_1: entered promiscuous mode [ 801.544241][ T1093] IPVS: stop unused estimator thread 0... [ 801.557464][T23342] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 801.961344][T23009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 802.005821][T23009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 802.143195][T23361] loop1: detected capacity change from 0 to 4096 [ 802.259555][T23361] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 802.297088][ T30] audit: type=1326 audit(2000001200.806:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23369 comm="syz.0.7573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 802.399212][T23361] [ 802.401579][T23361] ====================================================== [ 802.408660][T23361] WARNING: possible circular locking dependency detected [ 802.415702][T23361] syzkaller #0 Not tainted [ 802.420126][T23361] ------------------------------------------------------ [ 802.427146][T23361] syz.1.7570/23361 is trying to acquire lock: [ 802.433220][T23361] ffff88804d31b928 (&dquot->dq_lock){+.+.}-{4:4}, at: dqget+0x72a/0xf10 [ 802.441645][T23361] [ 802.441645][T23361] but task is already holding lock: [ 802.449018][T23361] ffff88804fc67388 (&ei->xattr_sem){++++}-{4:4}, at: ext4_setattr+0x855/0x1bc0 [ 802.458029][T23361] [ 802.458029][T23361] which lock already depends on the new lock. [ 802.458029][T23361] [ 802.468443][T23361] [ 802.468443][T23361] the existing dependency chain (in reverse order) is: [ 802.477461][T23361] [ 802.477461][T23361] -> #5 (&ei->xattr_sem){++++}-{4:4}: [ 802.485036][T23361] lock_acquire+0x120/0x360 [ 802.490060][T23361] down_read+0x46/0x2e0 [ 802.494746][T23361] ext4_setattr+0x855/0x1bc0 [ 802.499939][T23361] notify_change+0xc1a/0xf40 [ 802.505053][T23361] chown_common+0x40c/0x5c0 [ 802.510105][T23361] do_fchownat+0x161/0x270 [ 802.515038][T23361] __x64_sys_chown+0x82/0xa0 [ 802.520143][T23361] do_syscall_64+0xfa/0xfa0 [ 802.525172][T23361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.531584][T23361] [ 802.531584][T23361] -> #4 (jbd2_handle){++++}-{0:0}: [ 802.538893][T23361] lock_acquire+0x120/0x360 [ 802.544002][T23361] start_this_handle+0x1fa7/0x21c0 [ 802.549643][T23361] jbd2__journal_start+0x2c1/0x5b0 [ 802.555301][T23361] jbd2_journal_start+0x2a/0x40 [ 802.560828][T23361] ocfs2_start_trans+0x376/0x6d0 [ 802.566348][T23361] ocfs2_shutdown_local_alloc+0x200/0xa10 [ 802.572773][T23361] ocfs2_dismount_volume+0x201/0x8d0 [ 802.578694][T23361] generic_shutdown_super+0x135/0x2c0 [ 802.584637][T23361] kill_block_super+0x44/0x90 [ 802.589977][T23361] deactivate_locked_super+0xbc/0x130 [ 802.595930][T23361] cleanup_mnt+0x425/0x4c0 [ 802.600892][T23361] task_work_run+0x1d4/0x260 [ 802.606103][T23361] exit_to_user_mode_loop+0xe9/0x130 [ 802.612001][T23361] do_syscall_64+0x2bd/0xfa0 [ 802.617135][T23361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.623558][T23361] [ 802.623558][T23361] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}: [ 802.632099][T23361] lock_acquire+0x120/0x360 [ 802.637146][T23361] down_read+0x46/0x2e0 [ 802.642493][T23361] ocfs2_start_trans+0x36a/0x6d0 [ 802.647966][T23361] ocfs2_shutdown_local_alloc+0x200/0xa10 [ 802.654237][T23361] ocfs2_dismount_volume+0x201/0x8d0 [ 802.660062][T23361] generic_shutdown_super+0x135/0x2c0 [ 802.665969][T23361] kill_block_super+0x44/0x90 [ 802.671174][T23361] deactivate_locked_super+0xbc/0x130 [ 802.677067][T23361] cleanup_mnt+0x425/0x4c0 [ 802.681999][T23361] task_work_run+0x1d4/0x260 [ 802.687119][T23361] exit_to_user_mode_loop+0xe9/0x130 [ 802.692913][T23361] do_syscall_64+0x2bd/0xfa0 [ 802.698023][T23361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.704438][T23361] [ 802.704438][T23361] -> #2 (sb_internal#3){.+.+}-{0:0}: [ 802.711935][T23361] lock_acquire+0x120/0x360 [ 802.716978][T23361] ocfs2_start_trans+0x26b/0x6d0 [ 802.722444][T23361] ocfs2_acquire_dquot+0x455/0xb30 [ 802.728083][T23361] dqget+0x7b1/0xf10 [ 802.732495][T23361] dquot_set_dqblk+0x2b/0xfa0 [ 802.737694][T23361] quota_setquota+0x4b7/0x540 [ 802.742888][T23361] __se_sys_quotactl+0x279/0x950 [ 802.748347][T23361] do_syscall_64+0xfa/0xfa0 [ 802.753369][T23361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.759828][T23361] [ 802.759828][T23361] -> #1 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}: [ 802.768696][T23361] lock_acquire+0x120/0x360 [ 802.773723][T23361] down_write+0x96/0x1f0 [ 802.778480][T23361] ocfs2_create_local_dquot+0x19d/0x1a40 [ 802.784636][T23361] ocfs2_acquire_dquot+0x80f/0xb30 [ 802.790264][T23361] dqget+0x7b1/0xf10 [ 802.794675][T23361] dquot_set_dqblk+0x2b/0xfa0 [ 802.799873][T23361] quota_setquota+0x4b7/0x540 [ 802.805060][T23361] __se_sys_quotactl+0x279/0x950 [ 802.810551][T23361] do_syscall_64+0xfa/0xfa0 [ 802.815594][T23361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.822003][T23361] [ 802.822003][T23361] -> #0 (&dquot->dq_lock){+.+.}-{4:4}: [ 802.829658][T23361] validate_chain+0xb9b/0x2140 [ 802.834965][T23361] __lock_acquire+0xab9/0xd20 [ 802.840165][T23361] lock_acquire+0x120/0x360 [ 802.845200][T23361] __mutex_lock+0x187/0x1350 [ 802.850318][T23361] dqget+0x72a/0xf10 [ 802.854733][T23361] dquot_transfer+0x2f8/0x6d0 [ 802.859946][T23361] ext4_setattr+0x865/0x1bc0 [ 802.865079][T23361] notify_change+0xc1a/0xf40 [ 802.870208][T23361] chown_common+0x40c/0x5c0 [ 802.875237][T23361] do_fchownat+0x161/0x270 [ 802.880178][T23361] __x64_sys_fchownat+0xb5/0xd0 [ 802.885561][T23361] do_syscall_64+0xfa/0xfa0 [ 802.890595][T23361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.897091][T23361] [ 802.897091][T23361] other info that might help us debug this: [ 802.897091][T23361] [ 802.907309][T23361] Chain exists of: [ 802.907309][T23361] &dquot->dq_lock --> jbd2_handle --> &ei->xattr_sem [ 802.907309][T23361] [ 802.919944][T23361] Possible unsafe locking scenario: [ 802.919944][T23361] [ 802.927398][T23361] CPU0 CPU1 [ 802.932852][T23361] ---- ---- [ 802.938210][T23361] rlock(&ei->xattr_sem); [ 802.942625][T23361] lock(jbd2_handle); [ 802.949210][T23361] lock(&ei->xattr_sem); [ 802.956057][T23361] lock(&dquot->dq_lock); [ 802.960477][T23361] [ 802.960477][T23361] *** DEADLOCK *** [ 802.960477][T23361] [ 802.968692][T23361] 3 locks held by syz.1.7570/23361: [ 802.973899][T23361] #0: ffff88804cbe6420 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 802.983081][T23361] #1: ffff88804fc676a0 (&type->i_mutex_dir_key#3){++++}-{4:4}, at: chown_common+0x313/0x5c0 [ 802.993298][T23361] #2: ffff88804fc67388 (&ei->xattr_sem){++++}-{4:4}, at: ext4_setattr+0x855/0x1bc0 [ 803.002720][T23361] [ 803.002720][T23361] stack backtrace: [ 803.008603][T23361] CPU: 1 UID: 0 PID: 23361 Comm: syz.1.7570 Not tainted syzkaller #0 PREEMPT(full) [ 803.008631][T23361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 803.008645][T23361] Call Trace: [ 803.008658][T23361] [ 803.008692][T23361] dump_stack_lvl+0x189/0x250 [ 803.008732][T23361] ? __pfx_dump_stack_lvl+0x10/0x10 [ 803.008764][T23361] ? __pfx__printk+0x10/0x10 [ 803.008788][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.008816][T23361] ? print_lock_name+0xde/0x100 [ 803.008840][T23361] print_circular_bug+0x2ee/0x310 [ 803.008873][T23361] check_noncircular+0x134/0x160 [ 803.008905][T23361] validate_chain+0xb9b/0x2140 [ 803.008933][T23361] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 803.008964][T23361] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 803.008995][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009023][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009050][T23361] ? look_up_lock_class+0x74/0x170 [ 803.009081][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009108][T23361] ? register_lock_class+0x51/0x320 [ 803.009133][T23361] __lock_acquire+0xab9/0xd20 [ 803.009159][T23361] ? dqget+0x72a/0xf10 [ 803.009185][T23361] lock_acquire+0x120/0x360 [ 803.009205][T23361] ? dqget+0x72a/0xf10 [ 803.009237][T23361] __mutex_lock+0x187/0x1350 [ 803.009270][T23361] ? dqget+0x72a/0xf10 [ 803.009298][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009328][T23361] ? dqget+0x72a/0xf10 [ 803.009354][T23361] ? __pfx___mutex_lock+0x10/0x10 [ 803.009390][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009419][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009450][T23361] dqget+0x72a/0xf10 [ 803.009481][T23361] dquot_transfer+0x2f8/0x6d0 [ 803.009512][T23361] ? __pfx_dquot_transfer+0x10/0x10 [ 803.009541][T23361] ? ext4_journal_check_start+0x1cf/0x2b0 [ 803.009570][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009597][T23361] ? down_read+0x1ad/0x2e0 [ 803.009632][T23361] ext4_setattr+0x865/0x1bc0 [ 803.009660][T23361] ? __pfx_current_time+0x10/0x10 [ 803.009692][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009718][T23361] ? try_break_deleg+0x79/0x130 [ 803.009748][T23361] ? __pfx_ext4_setattr+0x10/0x10 [ 803.009772][T23361] notify_change+0xc1a/0xf40 [ 803.009809][T23361] chown_common+0x40c/0x5c0 [ 803.009838][T23361] ? __pfx_chown_common+0x10/0x10 [ 803.009862][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009894][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009921][T23361] ? mnt_get_write_access+0x213/0x280 [ 803.009950][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.009980][T23361] do_fchownat+0x161/0x270 [ 803.010005][T23361] ? __pfx_do_fchownat+0x10/0x10 [ 803.010029][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.010061][T23361] __x64_sys_fchownat+0xb5/0xd0 [ 803.010086][T23361] do_syscall_64+0xfa/0xfa0 [ 803.010119][T23361] ? lockdep_hardirqs_on+0x9c/0x150 [ 803.010150][T23361] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.010172][T23361] ? srso_alias_return_thunk+0x5/0xfbef5 [ 803.010199][T23361] ? exc_page_fault+0xab/0x100 [ 803.010230][T23361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.010254][T23361] RIP: 0033:0x7fbbea98f6c9 [ 803.010275][T23361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 803.010295][T23361] RSP: 002b:00007fbbeb8e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104 [ 803.010319][T23361] RAX: ffffffffffffffda RBX: 00007fbbeabe5fa0 RCX: 00007fbbea98f6c9 [ 803.010337][T23361] RDX: 000000000000ee01 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 803.010354][T23361] RBP: 00007fbbeaa11f91 R08: 0000000000001000 R09: 0000000000000000 [ 803.010370][T23361] R10: 000000000000ee01 R11: 0000000000000246 R12: 0000000000000000 [ 803.010385][T23361] R13: 00007fbbeabe6038 R14: 00007fbbeabe5fa0 R15: 00007ffd0633e018 [ 803.010412][T23361] [ 803.047807][ T30] audit: type=1326 audit(2000001200.806:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23369 comm="syz.0.7573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 803.329018][T23009] team0: Port device team_slave_0 added [ 803.384721][ T30] audit: type=1326 audit(2000001200.806:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23369 comm="syz.0.7573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 803.427162][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 803.451116][ T30] audit: type=1326 audit(2000001200.866:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23369 comm="syz.0.7573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 803.482924][T23009] team0: Port device team_slave_1 added [ 803.489936][ T30] audit: type=1326 audit(2000001200.866:153): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=23369 comm="syz.0.7573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 803.497359][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 803.533295][ T30] audit: type=1326 audit(2000001200.866:154): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=23369 comm="syz.0.7573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 803.567424][ T30] audit: type=1326 audit(2000001200.866:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23369 comm="syz.0.7573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 803.606052][T23009] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 803.624058][ T30] audit: type=1326 audit(2000001200.866:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23369 comm="syz.0.7573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f067298f6c9 code=0x7ffc0000 [ 803.627644][T23009] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 803.682009][T23009] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 803.694576][T23009] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 803.701827][T23009] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 803.728835][T23009] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 803.769113][T23009] hsr_slave_0: entered promiscuous mode [ 803.775533][T23009] hsr_slave_1: entered promiscuous mode [ 803.783243][T23009] debugfs: 'hsr0' already exists in 'hsr' [ 803.789238][T23009] Cannot create hsr debugfs directory [ 803.923070][T23009] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 803.933603][T23009] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 803.944168][T23009] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 803.954471][T23009] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 804.035029][T23009] 8021q: adding VLAN 0 to HW filter on device bond0 [ 804.061063][T23009] 8021q: adding VLAN 0 to HW filter on device team0 [ 804.078341][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.086219][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 804.104016][ T1093] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.111316][ T1093] bridge0: port 2(bridge_slave_1) entered forwarding state [ 804.351992][T23009] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 804.562904][T23009] veth0_vlan: entered promiscuous mode [ 804.580265][T23009] veth1_vlan: entered promiscuous mode [ 804.613273][T23009] veth0_macvtap: entered promiscuous mode [ 804.621864][T23009] veth1_macvtap: entered promiscuous mode [ 804.638339][T23009] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 804.651683][T23009] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 804.664512][ T1089] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.673854][ T1089] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.688972][ T1089] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.698980][ T1089] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.727479][T23009] ieee80211 phy40: Selected rate control algorithm 'minstrel_ht' [ 804.753088][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 804.755253][T23009] ieee80211 phy41: Selected rate control algorithm 'minstrel_ht' [ 804.772886][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 804.794628][T16137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 804.803096][T16137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 808.550221][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.556564][ T1294] ieee802154 phy1 wpan1: encryption failed: -22