last executing test programs: 8m44.643450046s ago: executing program 2 (id=6943): r0 = gettid() rt_sigqueueinfo(r0, 0x21, &(0x7f0000000ac0)={0x0, 0xc6, 0xfffffffe}) 8m44.378629981s ago: executing program 2 (id=6947): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x0, 0x0, 0x20000000}, 0x2}, [{}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1ff}, {}, {}, {}, {}, {}, {}, {}, {0xffffffff}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffb}], [{}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) 8m44.133595465s ago: executing program 2 (id=6952): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000800)=@newsa={0x144, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@empty}, {@in6=@private0={0xfc, 0x0, '\x00', 0x20}, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {0x0, 0x3, 0xffffffffffffffff, 0x1}, {}, {}, 0x0, 0x3502, 0x2}, [@tfcpad={0x8, 0x16, 0xc}, @algo_auth_trunc={0x4c, 0x14, {{'sha1\x00'}}}]}, 0x144}}, 0x0) 8m43.892492169s ago: executing program 2 (id=6955): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000180)={[{@iocharset={'iocharset', 0x3d, 'cp869'}}, {@umask={'umask', 0x3d, 0x5}}, {@namecase}, {}, {@fmask={'fmask', 0x3d, 0xab}}, {@discard}, {@fmask={'fmask', 0x3d, 0x6}}, {@utf8}, {@umask={'umask', 0x3d, 0x6}}, {@allow_utime={'allow_utime', 0x3d, 0xce38}}]}, 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==") mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0) 8m43.346078788s ago: executing program 2 (id=6962): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000001c0)={@mcast1, @mcast2, @mcast2, 0x800000, 0xa, 0x0, 0x0, 0x7ffffffe, 0xa0ce0102}) 8m42.797943237s ago: executing program 2 (id=6970): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000b40)=ANY=[@ANYBLOB="840100001000010053ee7d67d80ddc0bac1414bb080000000000000000000000010101000000000000000000000000000000000000d800"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ac1efd01000000000000000000000000000000006c000000fe800000000000000000000000000044000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000070000000000000000000000020000022200000000000000480003006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c0012"], 0x184}}, 0x0) 8m42.390907104s ago: executing program 32 (id=6970): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000b40)=ANY=[@ANYBLOB="840100001000010053ee7d67d80ddc0bac1414bb080000000000000000000000010101000000000000000000000000000000000000d800"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ac1efd01000000000000000000000000000000006c000000fe800000000000000000000000000044000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000070000000000000000000000020000022200000000000000480003006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c0012"], 0x184}}, 0x0) 6m19.032819453s ago: executing program 3 (id=8889): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000001e80)={[{@inlinecrypt}]}, 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x3, 0x100000000, 0x2000000000000000, 0x0, 0x80000001, 0x2, 0x7b, 0xfffffffffffffffd, 0x2}) 6m18.59557913s ago: executing program 3 (id=8892): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r0, 0x0, 0x1, 0x0, 0x29) 6m18.350159274s ago: executing program 3 (id=8895): r0 = syz_open_procfs(0x0, &(0x7f0000006440)='attr\x00') getdents(r0, 0xfffffffffffffffd, 0x3b) 6m18.110903028s ago: executing program 3 (id=8898): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000019c0)=ANY=[@ANYBLOB='allow_utime=00000000000000000000304,namecase=1,errors=remount-ro,umask=00000000000000000000020,fmask=00000000000000000000005,iocharset=cp1251,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000003,errors=continue,fmask=00000000000000000000005,allow_utime=0000000000000002\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x1, 0x152a, &(0x7f0000000340)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+ZDzKSFJmiQJySlZ/2vC327X/vbe3+7Lvvbcv+t6r1n3u557Pet57/ewnuedmW+7DK3ZuFa1hkQE/xa88CMJAGIBYCAAXAMAAQCUiysXl9WfU2LSv7cT9sd6KPVKz4BdSVz/7I3rn71x/bM3rn/2xvXP3rj+2RvXP3vj+jOWnW2aXvBavmXfG1//z8748/+/SGbpsV+uLX19V4CYfzaF65+9cf3/awX/zEZc/+yN659dxV7pCbD/APz6zw5y/N0ern/2xvVnLDv7c683y/+47xsg8uc+Bgqu/DH/6vgZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLE/wWl/mQKAS+0rPS/GGGOMMcYYY4z9cXyOKz0DxhhjjDHGGGOM/d9DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+b/KfwF6wIvQE3pBEvSGPvAS9IV+0B8GwEB4GQbBKzAYXoVkGAJD4TUYBq/DcHgDRsBIGAVvwmh4C8bAWBgH4yEFJsBEeBsmwTswGabAVJgGqTAdZsC7MBNmwWx4D+bA+zAX5sF8WABp8AEshEWQDh/CYvgIMmAJLIVlsBxWwEpYBathDayFj2EdrIcNsBE2wWbYAlthG2yHHfAJ7IRPYRfshj3wGeyFz//F/FN/k98VAQEFClSoMAZjMBZjMRfmwtyYG/NgHoxgBOMwDvNiXsyH+bAAFsB4jMfCWBgNGiQkLIJFMIpRLIbFsDgWx5JYEh06TMAELIM3Y1ksi+WwHJbH8lgBK2JFrIyVsQpWwapYFathNayO1bEm1sS78W7sjXWwDtbFulgP6126PIUNsSE2wkbYGBtjE2yCTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI+JmIgdsAN2xI7YCTthZ+yMXbALdsVu2C3zhRyAL+KL2Auri97YB/tgX0zO0R8H4AB8GQfhK/gKvorJOASH4mv4Gr6Ow/EkjsCROApHYRXxFo7BsUhiPKZgCk7EiTgJJ+FknIJTcBqm4nScgTNwJs7CWfgezsH38X2ch/NwAaZhGi7ERZiO6bgYT2EGLsGluAyX4wpcjqtwNa7CtfgxrsX1uB434kbcjJtxK27F7bgdP0EFgJ/ibtyNybgX9+I+3If7cT8ewAOYiZl4EA/iITyEh/EwHsEjeBSP4XE8hifwBJ7EU3gaT+NZPIvn8Ln4rxt9UmJNMogsSigRI2JErIgVuUQukVvkFnlEHhEREREn4kRekVfkE/lEAVFAxIt4UVgUFkYYQSKMAQARFVFRTBQTxUVxUVKUFE44kSASRBlRRpQVZUU5casoL24TFURF0cZJUVlUEW1dVXGnqCaqieqihqgpaolaoraoLeqIOqKuqCvqiXqivnhANBC9sT8+JLIq01gMwSZiKDYVzYS8+A7WSgzH1qKNaCueECNxBLYXrVyieFp0EGOwo/iLGIvPis5iPHYRz4uuopvoLl4QPURr11P0EpOxt+gjpmFf0U/0FwPETKwh3sM5OWuKV0WyGCKGitfEAnxdDBdviBFipBgl3hSjxVtijBgrxonxIkVMEBPF22KSeEdMFlPEVDFNpIrpYoZ4V8wUs8Rs8Z6YI94Xc8U8MV8sEGniA7FQLBLp4kOxWHwkMsQSsVQsE8vFCrFSrBKrxRqxVnws1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BSfil1it9gjPhN7xedin/hC7BdfigPiK5EpvhYHxTfikPhWHBbfiSPie3FUHBPHxQ/ihPhRnBSnxGlxRpwVP4lz4mdxXngBEqWQUioZyBiZQ8bKnDKXvErmlsHFR/daGSevk3nl9TKfzC8LyIIyXhaShaWWRlpJMpRFZFEZlTfIYvJGWVyWkCVlKelkaZkgb5Jl5M2yrLxFlpO3yvLyNllBVpSVZGV5u6wi75AQubCP6rKGrClrybtlEtwj68h7ZV15n6wn75f15QOygXxQNpQPyUbyYdlYPiKbyEdlU9lMNpctZEv5mGwlH5etZRvZVj4h28knZXv5lEyUT8sO0l98ijwrO8vnZBf5vOwqu8nu8md5XnrZU/aS0BtkH/mS7Cv7yf5ygBwoX5aD5CtysHxVJsshcqh8TQ6Tr8vh8g05Qo6Uo+SbcrR8S46RY+U4OV6myAlyonxbTpLvyMlyipwqp8lUOV32vzjSbCn/Yf7bv5M/+Je9b5Sb5Ga5RW6V2+R2uUN+InfKnXKX3CX3yD1yr9wr98l9cr/cLw/IAzJTZsqD8qA8JA/Jw/KwPCKPyKPymDwjf5An5I/ypDwlT8kz8qw8K89dfAxAoRJKKqUCFaNyqFiVU+VSV6nc6mqVR12jIupaFaeuU3nV9Sqfyq8KqIIqXhVShZVWRllFKlRFVFEVVTfgxSeMKqlKKadKqwR107+Sr4qpG1VxVeJX+Zfml/R35tdStVStVCvVWrVWbVVb1U61U+1Ve5WoElUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJakk1Ue9pPqqfqq/GqAGqpfVIDVIDVaDVbJKVkPVUDVMDVPD1XA1Qo1Qo9QoNVqNVmPUGDVOjVMpKkVNVBPVJDVJTVaT1VQ1VaWqVDVDzVAz1Uw1W81Wc9QcNVfNVfPVfJWm0tRCtVClq3S1WC1WGWqJWqKWqWVqhVqhVqlVao1ao7LWX+vVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nLfsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBtcH+QL8gcFgoJBfFAoKBzowAQ2EBeLHg1uCIoFNwbFgxJByaBU4ILSQUJwU1AmuDkoG9wSlAtuDcoHtwUVgopBpaBycHtQJbgjqBrcGVQL7gqqBzWCmkGt4O6gdnBPUCe4N6gb3BfUC+4P6gcPBA2CB4OGwUNBo+DhoHHwSNAkeDRoGjQLmgctgpZ/6Pjen8z/uOupe+kk3Vv30S/pvrqf7q8H6IH6ZT1Iv6IH61d1sh6ih+rX9DD9uh6u39Aj9Eg9Sr+pR+u39Bg9Vo/T43WKnqAn6rf1JP2Onqyn6Kl6mk7V0/UM/a6eqWfp2fo9PUe/r+fqeXq+XqDT9Ad6oV6k0/WHerH+SGfoJXqpXqaX6xV6pV6lV+s1eq3+WK/T6/UGvVFv0pv1Fr1Vb9Pb9Q79id6pP9W79G69R3+m9+rP9T79hd6vv9QH9Fc6U3+tD+pv9CH9rT6sv9NH9Pf6qD6mj+sf9An9oz6pT+nT+ow+q3/S5/TP+rz2WYv7rI93o4wyMSbGxJpYk8vkMrlNbpPH5DEREzFxJs7kNXlNPpPPFDAFTLyJN4VNYZOFDJkipoiJmqgpZoqZ4qa4KWlKGmecSTAJpowpY8qasqacKWfKm/KmgqlgKplK5nZzu7nD3GHuNHeau8xdpoapYWqZWqa2qW3qmDqmrqlr6pl6pr6pbxqYBqahaWgamUamsWlsmpgmpqlpapqb5qalaWlamVamtWlt2pq2pp1pZ9qb9ibRJJoOpoPpaDqaTqaT6Ww6my6mi+lqupruprvpYXqYnqanSTJJpo/pY/qavqa/6W8GmoFmkBlkBpvBJtkkm6FmqBlmhpnhZrgZYUaaUVkLVfOWGWPGmnFmvEkxKWaimWgmmUlmsplsppqpJtWkmhlmhplpZprZZraZY+aYuWaumW/mmzSTZhaahSbdpJvFZrHJMBlmqVlqlpvlZqVZaVab1WatWWvWwTqzwWwwm8wms8VsMdvMNrPD7DA7zU6zy+wye8wes9fsNfvMPrPf7DcHzAGTaTLNQXPQHDKHzGFz2BwxR8xRc9QcN8fNCXPCnDQnzWlz2pw1+S9+XnoTa3PaXPYqm9tebfPYa+zfxgVsQRtvC9nCVtt8Nv+vYmOtLW5L2JK2lHW2tE2wN/0mrmAr2kq2sr3dVrF32Kq/iWvbe2wde6+ta++ztezdv4rr2fttffuIbYAIYJvZRraFbWwfsU3so7apbWab2xa2nX3StrdP2UT7tO1gn/lNvNAusqvtGrvWfmx32d32tD1jD9lv7Vn7k+1pe9mB9mU7yL5iB9tXbbId8pt4lH3TjrZv2TF2rB1nx/8mnmqn2VQ73c6w79qZdtZv4jT7gZ1j0+1cO8/Otwt+ibPmlG4/tIvtRzbDBrDULrPL7Qq70q76/3NdZtfbDXaj3Wk/tVvsVrvNbrc7Li2E7W67x35m99rP7UH7jd1vv7QH7GGbab/+Jc46vsP2O3vEfm+P2mP2uP3BnrA/qkvZWcf+g/3ZnrfeAiEBSVIUUAzloFjKSbnoKspNV1MeuoYidC3F0XWUl66nfJSfClBBiqdCVJg0GbJEFFIRKkpRuoEuTa8klSJHpSmBbqIydDOVpVuoHN1K5ek2qkAVqRJVptupCt1BVelOqkZ3UXWqQTWpFt1NtekeqkP3Ul26j+rR/VSfHqAG9CA1pIeoET1MjekRakKPUlNqRs2pBbWkx6gVPU6tqQ21pSeoHT1J7ekpSqSnqQM9Qx3pL9SJnqXO9Bx1oeepK3Wj7vQC9aAXqSf1oiTqTX3oJepL/ag/DaCB9DINoldoML1KyTSEhtJrNIxep+H0Bo2gkTSK3qTR9BaNobE0jsZTCk2gifQ2TaJ3aDJNoak0jVJpOs2gd2kmzaLZ9B7NofdpLs2j+bSA0ugDWkiLKJ0+pMX0EWXQElpKy2g5raCVtIpW0xpaSx/TOlpPG2gjbaLNtIW20jbaTjvoE9pJn9Iu2k176DPaS5/TPvqC9tOXdIC+okz6mg7SN3SIvqXD9J3vRd/TUTpGx+kHOkE/0kk6RafpDJ2ln+gc/UznyROEGIpQhioMwpgwRxgb5gxzhVeFucOrwzzhNWEkvDaMC68L84bXh/nC/GGBsGAYHxYKC4c6NKENKQzDImHRMBreEBYLbwyLhyXCkmGp0IWlw4TwprBMeHNYNrwlLBfeGpYPbwsrhBXDR+6rHN4eVgnvCKuGd4bVwrvC6mGNsGZYK7w7rB3eE9YJ7w3rhveFZcP7w/rhA2GD8MGwYfhQ2Ch8OGwcPhI2CR8Nm4bNwuZhi7Bl+FjYKnw8bB22CduGT4TtwifD9uFTYWL4dNghfOaX/vsX/f3+pLB32Cd8KXwp9P5eOT+6IJoW/SC6MLoomh79MLo4+lE0I7okujS6LLo8uiK6Mroqujq6Jro2+nF0XXR9dEN0Y9T7WjnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx13jIu5aF+euc3nd9S6fy+8KuIIu3hVyhZ12xllHLnRFXFEXdTe4Yu5GV9yVcCVdKedcaZfgWriWrqVr5R53rV0b19Y94Z5wT7on3VPuKfe06+CecR3dX1wn96zr7J5zz7nnXVfXzXV3L7gebkKeC6/JJNfH9XF9XV/X3/V3A91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfVTXWpLtXNcDPcTDfTVZl1YS9z3Vw33813aS7NLXRZa8Z0t9gtdhkuwy11S91yt9ytdCvdarfarXVr3Tq3zm1wG9wmt8ltcVvcNrfN7XA73E630+3y11wY1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5MiUyNTItEhqZHpkRuTdyMzIrMjsyHuROZH3I3Mj8yLzIwsiaZEPIgsjiyLpkQ8jiyMfRTIiSyJLI8siyyMrIt4X2hL6Ir6oj/obfDF/oy/uS/iSvpR3vrRP8Df5Mv5mX9bf4sv5W315f5uv4Cv6Sv5R39Q38819C9/SP+Zb+cd9a9/Gt/VP+Hb+Sd/eP+UT/dO+g3/Gd/R/8Z38s76zf8538c/7rr6b7+5f8D38i76n7+WTfG/fx7/k+/p+vr8f4Af6l/0g/4of7F/1yX6IH+pf88P86364f8OP8CP9qJg3/ehLp8gw3qf4CX6if9tP8u/4yX6Kn+qn+VQ/3c/w7/qZfpaf7d/zc/z7fq6f5+f7BT7Nf+AX+kU+3X/oF/uPfIZfcumisl/pV/nVfo1f6z/26/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w3/id/pP/S6/2+/xn/m9/nO/z3/h9/sv/QH/lc/0X/uD/ht/yH/rD/vv/BH/vT/qj/nj/gd/wv/oT/pT/rQ/48/6n/w5/7M/z3+zxhhjjDH2T5lwuSl+3XPhcn7v38kRf7VxHwC4emvBzL/uz1pRrst3od1PxLeLAMDTvbo8dOlWvXpSUtLFbTMkBEXnAVz6JihLDFyOl0BbeBISoQ2U+d359xPdztI/GD96K0Cuv8qJhcvx5fG/AMCk3xn/sSdGLSwfno77H8afB1C86OWcnHA5XgJtf7m+0gbK/p3552/1D+af88sUgNZ/lZMbLseX558Aj8MzkPirLRljjDHGGGOMsQv6iUqdLp1/XvqNz987P49Xl3NywOX4H52fM8YYY4wxxhhj7Mp7tlv3px5LTGzT6V9vVP1fZf3TjSbwfzUyN3634T3ApXsUAPybAwJkNeSfeRSb/5R9JV986fxt1/IzPoD/jFL+EY0r/MbEGGOMMcYY+8NdXvT/+n51pSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ3/GvxO70sfIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/LwAA//9+qv+4") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 6m17.687684125s ago: executing program 3 (id=8902): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r0, &(0x7f0000000140), &(0x7f0000000200)=""/221}, 0x20) 6m17.239870142s ago: executing program 3 (id=8907): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x2500, 0x2500, 0xe0000000, 0x1, {{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffe33, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @private}}}}) 6m16.804633969s ago: executing program 33 (id=8907): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x2500, 0x2500, 0xe0000000, 0x1, {{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffe33, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @private}}}}) 17.862799856s ago: executing program 1 (id=14095): r0 = syz_open_dev$vim2m(&(0x7f0000000a40), 0xfffe, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000010c0)={0x6, 0x1, 0x4, "13ea57ffff4f25c998cc0157d23700"}) 17.668094949s ago: executing program 1 (id=14100): r0 = socket$inet(0x2b, 0x801, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000080)={0x6, 0xfffffffa, 0xffffffff}, 0xc) 17.479495032s ago: executing program 1 (id=14103): r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_qrtr_TIOCOUTQ(r0, 0x8917, 0x0) 17.281437215s ago: executing program 1 (id=14108): syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4002, &(0x7f00000004c0)={[{@codepage={'codepage', 0x3d, 'cp775'}}, {@umask={'umask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp874'}}]}, 0x4, 0x33e, &(0x7f0000000540)="$eJzs3U1r1EAcBvBnkt1t1tYa20rBk1QLnkpbD4qXFil+Bg9SrO0WStcKWkGLYPUs4k0QPPbmWfQr6EX8AnrqQTzppXgwMpPJZrI7s0lf07LPD1yzybz8J8kkM7tsAyLqWTfmvm9d2Zb/RBWAD+A64AEIgAqAcxgNHq2t5xbkt5YE4pyiI83iWsOWNYDOoYXyXQUD5jo6HFEURT9yU/1OFp4fdjxUDmH2YIMH9OneqbYHRx7Zvs3YVm7G7eotxhEWO9jBYwyWGQ4REZVP3/89fZcY0ON3zwPG9Tj8pN7/E5nxzU55cRwLrfu/F7+PhNw/Z9QmOd9bWW82luIpnDz6XjJLtJVlPSeidHfXEJ9Zfr8x5DJqsVOxePXllWZjYlMV8AIzmpFsRL0uIWmI4oq2BkwBGOucmwrLdDWvtHz9qg1V2YZpR/zD3Wq0ToA//cQbe3XzXwrEJD6Lr2JehHiLpdb4rxIJuXPUkQrbukoc/6S7RNXKME6VaWUa/llVyXldAz6+T1tZd+3XAL6MxUaWItrH72ES5+uaOxeGkP1YIW7dlLt1KtcwUBFq1mDmmm4l+mvNNdJeV3252mxMLN5vuk76g2Wd0YlX4pYYwy98wJwx/vdk6nG4e2amlwuVUp8ZXdtTUSkdxzFDdeB77m5ILjczF79iXuIurmHw4ZON1YVms/Gg/IWkq+wx+4UDjic+EfXpKNfI/400CORCFYCznKp7k3XhXxRF1k0VHMUhqKqmXn2XNnljdUHoa97+qpBXzrZNs+7EAGYB6DXJFWEvtT9r5epLCyyU/Y882mqN/YRMojqCDpJUldnko69QT6l3rNnKyfX09N6uQnQCpUcfo7fLDobKIMcOIp7/GfOVSXXVkS9hl/lPlFe4UeKUYwY0pF5PFZvBtYp1jhP7k4WcOdfFy8Cltho9JDV2fNEV6jhxHL+V7PJVxqx9tZjDN9zh5/9ERERERERERERERERERERERERERCfNbn+N0PlzgvyFbI3bPfiHN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9sd4/i/gqyfG1GzP/+32pCbFj58QExzE83/9As//FZu7aCUR2fwPAAD//ycYXRM=") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 16.952338881s ago: executing program 1 (id=14112): r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='coredump_filter\x00') write$cgroup_int(r0, &(0x7f0000000280)=0x400000000000044, 0x12) 16.511459088s ago: executing program 1 (id=14118): ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000300)={0x3, &(0x7f0000000280)=[{}, {}, {0x0, 0x0, 0x0, 0x3f}]}) kexec_load(0x0, 0x10, &(0x7f00000001c0)=[{0x0}], 0x0) 16.198859503s ago: executing program 34 (id=14118): ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000300)={0x3, &(0x7f0000000280)=[{}, {}, {0x0, 0x0, 0x0, 0x3f}]}) kexec_load(0x0, 0x10, &(0x7f00000001c0)=[{0x0}], 0x0) 7.176080782s ago: executing program 6 (id=14204): r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000a"], 0x10b8}, 0xff00) 6.919766226s ago: executing program 6 (id=14207): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@usrjquota}, {@jqfmt_vfsv0}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@init_itable_val={'init_itable', 0x3d, 0x101}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x3}}]}, 0xfe, 0x451, &(0x7f00000016c0)="$eJzs3M9PHFUcAPDv7rK0tEWw/iy2ilYj8QcU+sMevNRo4kETEz3UeEKgDXZbTMHENkTRAx5NE+/Go4l/gRfrxagnE696NybEcLF6WjO7M3SBXVhgYWv380kG3tv3Nu99Z+btvn2zswF0rMHkTy7iUET8FhF91ezqCoPVf7eW5yf+WZ6fyEW5/OZfuUq9v5fnJ7Kq2fMOVjPl8gbtLr4TMV4qTV1N8yNzl98fmb12/fnpy+MXpy5OXRk7e/bUyWPdZ8ZOtyTO3qSvAx/NHD3y6ts3Xp84f+Pdn75J+nsoLa+No1UGq3u3rqda3Vib9dakc11t7AhbUoiI5HAVK+O/LwrRs1LWF6982tbOAbuqXM6X9zUuXigDd7Fkog50ouyNPvn8m217NPW4Iyydi5V1jFvpVi3pinxap5h+RtoNgxFxfuHfL5MtdmkdAgCg1s1zEfFcvflfPh6sqXdPem2oPyLujYjDEXFfRNwfEQ9EVOo+FBEPb7H9tVdI1s9/yn3bCqxJyfzvxfTa1ur5Xzb7i/5CmuutxF/MXZguTZ1I98lQFPcl+dEN2vj+5V8/b1RWO/9LtqT9bC6Y9uPPrjULdJPjc+M7ibnW0icRA1314s+tzHmT+fGRiBjYZhvTz3x9tFFZ/6bxb6AFk/LyVxFPV4//QqyJP5NreH1y9IUzY6dH9kdp6sRIdlas9/Mvi280an/z47+7lm6W40Dd838l/v7c/ojZa9cvVa7Xzm69jcXfP2v4mWa753937q1Kujt97MPxubmroxHdudfWPz52+7lZPqufnP9Dx+uP/8Nxe088EhHJSXwsIh6NiMfSvj8eEU9ExPEN4v/xpSff23r8G6zKt1AS/+Rmxz9qj//WE4VLP3xbt/Fis8f/VCU1lD7SzOtfsx3c4e4DAACA/4V85TvwufzwSjqfHx6OWKis7R7Il2Zm5569MPPBlcnqd+X7o5jPVrr6atZDR9O1vCw/tiZ/Ml03/qLQU8kPT8yUJtsdPHS4g9n4L6we/4k/Cu3uHbDr3K8Fncv4h85l/EPnMv6hcxn/0Lnqjf+P29APYO9t8v7fs1f9APae+T90LuMfOpfxDx2p4b3x+R3d8i/RpsR33Tv7rYbmE5G/Q0K+axLFqFvU1fSPWWwzsa9uUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrjvwAAAP//gk3jgQ==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) 6.359758495s ago: executing program 6 (id=14214): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=@ipv4_newroute={0x28, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@RTA_MULTIPATH={0xc, 0x9, {0x7, 0x0, 0x9}}]}, 0x28}}, 0x0) 2.203314354s ago: executing program 6 (id=14223): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000880)=@reiserfs_4={0x10, 0x4, {0x40, 0xe, 0x170a, 0x4}}, 0x200100) 1.960332717s ago: executing program 6 (id=14227): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000012c0)={0x10, 0x1401, 0x9, 0x70bd27, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x8884}, 0xc010) 1.80656852s ago: executing program 5 (id=14228): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) ioctl$USBDEVFS_GET_CAPABILITIES(r0, 0x8004551a, 0xfffffffffffffffd) 1.765797481s ago: executing program 6 (id=14230): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@inode64}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000340)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000d00)={0x7, 0x5, 0x2000000010000, 0x40000ffffffff, 0x5d1, 0xdd2, 0xfffffffffffffff8, 0x4, 0x1ff}) 1.522622205s ago: executing program 5 (id=14232): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e08951b0c"], 0xb) 1.475111916s ago: executing program 4 (id=14233): r0 = syz_open_dev$dri(&(0x7f0000000240), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_DIRTYFB(r0, 0xc01864b1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) 1.409715767s ago: executing program 0 (id=14234): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x8100, 0x3f00}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_ROLE={0x8, 0x4, 0x2}]}}}]}, 0x38}}, 0x0) 1.285856348s ago: executing program 5 (id=14235): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x3, 0x3}, 0x6) 1.21048024s ago: executing program 4 (id=14236): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x10, 0x90}, [@ldst={0x2, 0x0, 0xb}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.121062001s ago: executing program 0 (id=14237): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x268, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x198, 0xffffffff, 0xffffffff, 0x198, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev, [], [0xff000000, 0xff], '\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x4c00}}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2c8) 1.013711203s ago: executing program 5 (id=14238): r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_qrtr_TIOCINQ(r0, 0x891a, 0x0) 936.146174ms ago: executing program 4 (id=14239): syz_open_procfs$userns(0x0, &(0x7f00000000c0)) syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000100)) 810.183846ms ago: executing program 0 (id=14240): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x24, 0x4, 0x8, 0x3, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}]}, 0x24}}, 0x0) 764.141487ms ago: executing program 5 (id=14241): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002940)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e00010069703665727370616e0000001800028004001200050016000100200006000200ff"], 0x4c}}, 0x0) 662.709909ms ago: executing program 4 (id=14242): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x18, 0x3d, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@nested={0x4, 0x8}]}, 0x18}}, 0xc000) 542.603281ms ago: executing program 0 (id=14243): syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000002c0)={[{@errors_remount}, {@discard}, {@gid}, {@sys_tz}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@errors_continue}, {@keep_last_dots}, {@errors_remount}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@dmask={'dmask', 0x3d, 0x9}}]}, 0x1, 0x152a, &(0x7f0000000580)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL/T+Z1+x/mceb6fz/5Yz6z9rP287/Ne9t6YbzoOqtageuV6RAT/ErzwRxIAxAJAPwC4BgACACgdVzru/Hx2iUn/2kHYX+vh1CtdAbuSuP9ZG/c/a+P+Z23c/6yN+5+1cf+zNu5/1sb9Zywr2zg1/7W8Zd2N7///96vzhzP8/f9fJLPE6C9Wl7i+E0DMn03h/mdt3P//WsGf2Yn7n7Vx/7Oq2CtdAPsPwO//rCDbH85w/7M27j9jWdmVvv98pTeIZO3n4Eq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ2n/GUKAC6Nr3RdjDHGGGOMMcYY++v4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/ZP7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFY1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiSjOl/If5b/9O/oCfj75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/TL4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufOnfYEIRKACFcQEMUFsEBvkCHIEOYOcQa4gVxAJIkFcEBfkDq4P8gR5g3xB/iA+KBAUDHRgAhuIi02PBjcERYIbg6LBTUGxoHjgghJBQnBzUDK4JSgV3BqUDm4LygS3B2WDckH5oEJwR1AxuDOoFNwVVA7uDqoEVYNqQfXgnqBGcG9QM7gvqBXcH9QOHgjqBA8GdYOHgnrBw0H94JGgQfBo0DB4LGgUNA6aBE2DZn/p+t6fyPuE66a76yTdQ/fUL+teurfuo/vqfvoV3V+/qgfo13SyHqgH6df1YP2GHqLf1EP1MD1cv6VH6JF6lB6tx+ixOkWP0+P123qCfkdP1JP0ZD1Fp+qpepp+V0/XM/RM/Z6epd/Xs/UcPVfP02n6Az1fL9Dp+kO9UH+kM/QivVgv0Uv1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9XX+sd+hP9E69S+/Wn+o9+jO9V3+u9+kv9H79pc7UX+kD+mt9UH+jD+lv9WH9nT6ij+pj+nt9XP+gT+iT+pQ+rc/oH/VZ/ZM+p/35k/vzX+9GGWViTIyJNbEmh8lhcpqcJpfJZSImYuJMnMltcps8Jo/JZ/KZeBNvCpqC5jwyZAqZQiZqoqaIKWKKmqKmmClmnHEmwSSYkqakKWVKmdKmtCljypiypqwpb8qbO8wd5k5zp7nL3GXuNnebqqaqqW6qmxqmhqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWKamGammWlumpsWpoVpZVqZ1qa1aWPamESTaNqatqadaWfam/amg+lgOpqOppPpZLqYLqar6Wq6mW4mySSZnqan6WV6mT6mj+ln+pn+pr8ZYAaYZJNsBplBZrAZbIaYIWaoGWaGnz9RNSPNKDPajDFjTYpJMePNeDPBTDATzUQz2Uw2qSbVTDPTzHQz3cw0M80sM8vMNrPNXDPXpJk0M9/MN+km3Sw0C02GyTCLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJe/H70ptYm93msFfZnPZqm8teY/8+zmfz23hbwBa02uaxeX8VG2ttUXuTLWaLW2dL2AR782/isracLW8r2DtsRXunrfSbuIa919a099la9n5b3d7zq7i2fcDWsY/auogAtrGtb5vaBvZR29A+ZhvZxraJbWpb26dsG/u0TbTP2Lb22d/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbTfb3fazr9j+9lU7wL5mk+3A38TD7Vt2hB1pR9nRdowd+5t4sp1iU+1UO82+a6fbGb+J0+wHdpZNt7PtHDvXzvs5Pl9Tuv3QLrQf2QwbwGK7xC61y+xyu+L/17rErrPr7Qa7w35iN9stdqvdZrdfOhG2u+xu+6ndYz+zB+zXdp/9wu63h2ym/ern+PzjO2S/tYftd/aIPWqP2e/tcfuD+jl3ZC8A+6P93v5kz1lvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCXyitGxclRCUqgm6kk3UKl6FYqTbdRGbqdylI5Kk8V6A6qSHdSJbqLKtPdVIWqUjWqTvdQDbqXatJ9VIvup9r0ANWhB6kuPUT16GGqT49QA3qUGtJj1IgaUxNqSs3ocWpOT1ALakmt6ElqTU9RG3qaEukZakvPUjv6G7Wn56gDPU8d6QXqRJ2pC71IXekl6kbdKYl6UE96mXpRb+pDfakfvUL96VUaQK9RMg2kQfQ6DaY3aAi9SUNpGA2nt2gEjaRRNJrG0FhKoXE0nt6mCfQOTaRJNJmmUCpNpWn0Lk2nGTST3qNZ9D7Npjk0l+ZRGn1A82kBpdOHtJA+ogxaRItpCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ0+ph30Ce2kXbSbPqU99Bntpc9pH31B++lLyqSv6AB9TQfpGzpE3/ru9B0doaN0jL6n4/QDnaCTdIpO0xn6kc7ST3SOPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoiGGxsHjowhJhQnhzWDK8JSwV3hqWDm8Ly4S3h2XDcuGj91cI7wgrhneGlcK7wsrh3WGVsGpYLawe3hPWCO8Na4b3hbXC+8NS4QNhnfDBsG74UFgvfDisHz4SNggfDRuGj4WNwsZhk7Bp2Cx8PGwePhG2CFuGrcInw9bhU2Gb8OkwMXwmbBs++/P8Awv+eD4p7BH2DF8OXw69v0/Ojc6LpkU/iM6PLoimRz+MLox+FM2ILoouji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Iel89Gzh0wkmnXOBiXDYX67K7HO4ql9Nd7XK5a1zEXevi3HUut7ve5XF5XT6X38W7Aq6g084468iFrpAr7KLuBlfE3eiKuptcMVfcOVfCJbimrplr5pq7J1wL19K1ck+6J91T7in3tHvaPePaumddO/c319495zq4593z7gXXyXV2XdyLrqsbl+vCezLJ9XQ9XS/Xy/VxfVw/18/1d/3dADfAJbtkN8gNcoPdYDfEDXFD3VA33A13I9wIN8qNcmPcGJfiUtx4N95NcBPcRDfRTXaTXapLddPcNDfdTXcVZ1w4ymw32811c12aS3Pz3flzxnS30C10GS7DLXaL3VK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7fTXXFjU7XF73V63z+1z+92XLtN95Q64r91B94075L51h9137og76o65791x94M74U66U+60O+N+dGfdT+6c8y4lMi4yPvJ2ZELkncjEyKTI5MiUSGpkamRa5N3I9MiMyMzIe5FZkfcjsyNzInMj8yJpkQ8i8yMLIumRDyMLIx9FMiKLIosjSyJLI8si3hfYHPpCvrCP+ht8EX+jL+pv8sV8ce98CZ/gb/Yl/S2+lL/Vl/a3+TL+dl/Wl/Pl/WO+kW/sm/imvpl/3Df3T/gWvqVv5Z/0rf1Tvo1/2if6Z3xb/6xv5//m2/vnfAf/vO/oX/CdfGffxb/ou/qXfDff3Sf5Hr6nf9n38r19H9/X9/Ov+P7+VT/Av+aT/UA/yL/uB/s3/BD/ph/qh/nhMW/5EZcukWGsT/Hj/Hj/tp/g3/ET/SQ/2U/xqX6qn+bf9dP9DD/Tv+dn+ff9bD/Hz/XzfJr/wM/3C3y6/9Av9B/5DL/o0k1lv9yv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+x3+E/8Tr/L7/af+j3+M7/Xf+73+S/8fv+lz/Rf+QP+a3/Qf+MP+W/9Yf+dP+KP+mP+e3/c/+BP+JP+lD/tz/gf/Vn/kz/H/2eNMcYYY+xPGXd5KH49c+F2fo/fyRG/2LknAFy9JX/mL+fPn1GuzXNh3FvEt44AwDPdOz58aatSJSkp6eK+GRKCwnMALv1N0HkxcDleBK3gKUiEllDyd+vvLTqfoX+wfvQ2gBy/yImFy/Hl9T8HwKTfWf/xJ4fPLxOeivsf1p8DULTw5ZzscDleBK1+vr/SEkr9Qf15m/+y/tjfrp/9ixSAFr/IyQmX48v1J8AT8Cwk/mpPxhhjjDHGGGPsgt6ifPtL15+X/sXn712fx6vLOdngcvyPrs8ZY4wxxhhjjDF25T3XucvTjycmtmz/zw8q/a+y/vSgIfxfrcyD3x14D3DpJwoA/sUFAc4P5L/zUWz6txwr+eJb5++nlp72AfxntPKvGFzhDybGGGOMMcbYX+7ySf+vf66uVEGMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlgW9O/4dWJX+jEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CwAA///UxgMC") mkdir(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x1a3) 411.778453ms ago: executing program 4 (id=14244): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f0000000880)=[{0x6, 0x0, 0x0, 0x7fff0200}]}) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 225.889006ms ago: executing program 0 (id=14245): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'tunl0\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x20, 0x7800, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x3d, 0x14, 0x64, 0x0, 0x20, 0x4, 0x0, @empty, @empty}}}}) 224.684716ms ago: executing program 5 (id=14246): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000480)="d80000001c0081064e81f782db44b9040a1d08041000000000000aa1180015000600142603600e1208000f0000810401a8001600200001400300000007391bd06b3c70", 0x43}, {&(0x7f0000000840)="5c4875c6cad162c8a030dbf75c317dad4320e1bb556d3b3e131b77de8bd885166fc0c25d69226ae9915eccf9551f804eae36cf2327896a817179f04f35d9a7deed88adf4ca13a5a0c36a7496d22b9adf2c0fa13e1572ad237e2677a2797d5dd9307bff0bc01e4fd69c546e17a7118272ace242bc6025d0b60a12b3788fa6a7649045e4af16ba69df4bd43527a3d09bb308ac7073e1", 0x95}], 0x2, 0x0, 0x0, 0x7400}, 0x0) 11.921499ms ago: executing program 4 (id=14247): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x258, 0x4c, 0x232, 0x258, 0x0, 0x388, 0x2e8, 0x2e8, 0x388, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [], [], 'veth1_to_bond\x00', 'ip6gre0\x00', {}, {}, 0x6, 0x0, 0x3}, 0x0, 0x230, 0x258, 0x0, {}, [@common=@unspec=@cluster={{0x30}}, @common=@inet=@policy={{0x158}, {[{@ipv4=@dev={0xac, 0x14, 0x14, 0x38}, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [0x0, 0x0, 0xffffff00], 0x0, 0x0, 0x0, 0x1}, {@ipv6=@remote, [], @ipv4=@broadcast}, {@ipv4=@multicast2, [], @ipv4=@loopback, [], 0x0, 0x0, 0x0, 0x1}, {@ipv6=@loopback, [], @ipv6=@private2}], 0x1, 0xfffc}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0xf8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c9) 0s ago: executing program 0 (id=14248): r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f0000000280)={0x98f904, 0x0, @name="416d5e5cd810d70e4f6043dfa18679c4ec1c41422d1b3a7e19a7338256223345"}) kernel console output (not intermixed with test programs): b 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.879191][T31823] EXT4-fs: Ignoring removed nobh option [ 974.903313][ T4298] usb 6-1: Product: syz [ 974.907650][ T4298] usb 6-1: Manufacturer: syz [ 974.930491][ T4298] usb 6-1: SerialNumber: syz [ 974.937893][T31823] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.12492: invalid indirect mapped block 256 (level 2) [ 974.986369][ T4298] usb 6-1: config 0 descriptor?? [ 975.025192][T31823] EXT4-fs (loop6): 2 truncates cleaned up [ 975.032998][T31823] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 975.062244][T31823] EXT4-fs error (device loop6): empty_inline_dir:1877: inode #12: block 7: comm syz.6.12492: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 975.105714][T31831] loop4: detected capacity change from 0 to 256 [ 975.116499][T31823] EXT4-fs warning (device loop6): empty_inline_dir:1884: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 975.224391][T31831] FAT-fs (loop4): Directory bread(block 64) failed [ 975.225473][ T4298] asix 6-1:0.104 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 975.266425][ T4298] asix: probe of 6-1:0.104 failed with error -71 [ 975.290663][T31831] FAT-fs (loop4): Directory bread(block 65) failed [ 975.297424][T31831] FAT-fs (loop4): Directory bread(block 66) failed [ 975.317457][ T4298] usb 6-1: USB disconnect, device number 26 [ 975.353414][T23980] EXT4-fs (loop6): unmounting filesystem. [ 975.377249][T31831] FAT-fs (loop4): Directory bread(block 67) failed [ 975.405847][T31831] FAT-fs (loop4): Directory bread(block 68) failed [ 975.413593][T31831] FAT-fs (loop4): Directory bread(block 69) failed [ 975.421827][T31831] FAT-fs (loop4): Directory bread(block 70) failed [ 975.428600][T31831] FAT-fs (loop4): Directory bread(block 71) failed [ 975.462432][T31831] FAT-fs (loop4): Directory bread(block 72) failed [ 975.469367][T31831] FAT-fs (loop4): Directory bread(block 73) failed [ 975.573560][T31839] loop6: detected capacity change from 0 to 1024 [ 975.656798][T31839] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 975.877319][T23980] EXT4-fs (loop6): unmounting filesystem. [ 976.326197][T31863] loop6: detected capacity change from 0 to 512 [ 976.353805][T31863] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 976.396779][T31863] EXT4-fs (loop6): 1 truncate cleaned up [ 976.461089][T31863] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 976.579119][T31863] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2195: inode #15: comm syz.6.12512: corrupted in-inode xattr [ 976.595156][T31870] xfrm0 speed is unknown, defaulting to 1000 [ 976.617000][T31870] xfrm0 speed is unknown, defaulting to 1000 [ 976.625018][T31863] EXT4-fs warning (device loop6): ext4_xattr_set_entry:1732: inode #15: comm syz.6.12512: unable to update i_inline_off [ 976.639433][T31870] xfrm0 speed is unknown, defaulting to 1000 [ 976.656071][T31863] EXT4-fs error (device loop6): ext4_xattr_ibody_get:603: inode #15: comm syz.6.12512: corrupted in-inode xattr [ 976.681299][T31873] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12517'. [ 976.691399][T31870] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 976.700425][T31873] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12517'. [ 976.735710][T31870] xfrm0 speed is unknown, defaulting to 1000 [ 976.774862][T31870] xfrm0 speed is unknown, defaulting to 1000 [ 976.813552][T31870] xfrm0 speed is unknown, defaulting to 1000 [ 976.823262][T23980] EXT4-fs (loop6): unmounting filesystem. [ 976.910732][T31870] xfrm0 speed is unknown, defaulting to 1000 [ 976.917846][T31870] xfrm0 speed is unknown, defaulting to 1000 [ 977.316239][T31892] overlayfs: workdir and upperdir must be separate subtrees [ 977.979540][T31884] loop1: detected capacity change from 0 to 32768 [ 978.073492][T31884] read_mapping_page failed! [ 978.166509][T31920] loop4: detected capacity change from 0 to 256 [ 978.180622][ T4302] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 978.220635][T31920] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 978.288871][T31920] fuse: Bad value for 'fd' [ 978.304571][T31923] loop6: detected capacity change from 0 to 256 [ 978.379533][T31926] xt_cluster: you have exceeded the maximum number of cluster nodes (4095 > 32) [ 978.385044][T31923] FAT-fs (loop6): Directory bread(block 64) failed [ 978.402462][ T4302] usb 6-1: config index 0 descriptor too short (expected 147, got 72) [ 978.411270][T31923] FAT-fs (loop6): Directory bread(block 65) failed [ 978.442933][ T4302] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 978.464776][ T4302] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 978.480471][T31923] FAT-fs (loop6): Directory bread(block 66) failed [ 978.491021][T31923] FAT-fs (loop6): Directory bread(block 67) failed [ 978.511793][ T4302] usb 6-1: Product: syz [ 978.516350][T31923] FAT-fs (loop6): Directory bread(block 68) failed [ 978.526126][ T4302] usb 6-1: Manufacturer: syz [ 978.540327][ T4302] usb 6-1: SerialNumber: syz [ 978.549337][T31923] FAT-fs (loop6): Directory bread(block 69) failed [ 978.571031][ T4302] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 978.585265][T31923] FAT-fs (loop6): Directory bread(block 70) failed [ 978.603920][T31929] netlink: 'syz.1.12545': attribute type 10 has an invalid length. [ 978.612366][T31923] FAT-fs (loop6): Directory bread(block 71) failed [ 978.648914][T31923] FAT-fs (loop6): Directory bread(block 72) failed [ 978.658288][ T4302] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 978.680509][T31923] FAT-fs (loop6): Directory bread(block 73) failed [ 978.701505][T31929] device veth0_macvtap left promiscuous mode [ 978.744188][T31929] batman_adv: batadv0: Adding interface: macvtap0 [ 978.790333][T31929] batman_adv: batadv0: The MTU of interface macvtap0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 978.920325][T31929] batman_adv: batadv0: Not using interface macvtap0 (retrying later): interface not active [ 979.108241][ T4600] usb 6-1: USB disconnect, device number 27 [ 979.210542][T31942] netlink: 'syz.4.12552': attribute type 1 has an invalid length. [ 979.453553][T31948] netlink: 'syz.4.12555': attribute type 10 has an invalid length. [ 979.560118][T31948] team0: Device veth0_vlan failed to register rx_handler [ 979.612439][T31956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12557'. [ 979.710615][ T4302] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 979.720170][ T4302] ath9k_htc: Failed to initialize the device [ 979.733633][T31958] netlink: 'syz.0.12558': attribute type 10 has an invalid length. [ 979.754442][ T4600] usb 6-1: ath9k_htc: USB layer deinitialized [ 979.802152][T31961] xt_nat: multiple ranges no longer supported [ 979.826284][T31958] device wlan1 entered promiscuous mode [ 979.874396][T31958] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 980.616816][T31994] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551610) [ 980.668896][T31994] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 980.690571][T31997] netlink: 'syz.5.12574': attribute type 10 has an invalid length. [ 980.770121][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 980.770138][ T27] audit: type=1326 audit(2000000708.239:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31998 comm="syz.0.12579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 980.876336][ T27] audit: type=1326 audit(2000000708.279:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31998 comm="syz.0.12579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 980.905256][T31997] team0: Device veth0_vlan failed to register rx_handler [ 980.948038][ T27] audit: type=1326 audit(2000000708.279:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31998 comm="syz.0.12579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 981.029774][ T27] audit: type=1326 audit(2000000708.279:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31998 comm="syz.0.12579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 981.127638][T32001] netlink: 'syz.1.12578': attribute type 10 has an invalid length. [ 981.181259][T32001] device wlan1 entered promiscuous mode [ 981.225596][T32001] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 981.271371][T13831] bridge0: port 5(macvlan0) entered disabled state [ 981.433874][T32016] loop5: detected capacity change from 0 to 16 [ 981.453524][T32017] netlink: 28 bytes leftover after parsing attributes in process `syz.6.12587'. [ 981.471881][T32016] erofs: (device loop5): mounted with root inode @ nid 36. [ 981.504255][T32017] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12587'. [ 981.561759][T32016] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 981.610423][T32016] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -35 in[64, 4032] out[1851] [ 981.638138][T32016] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117] [ 982.029137][T32037] netlink: 'syz.0.12597': attribute type 27 has an invalid length. [ 982.093710][T32036] loop1: detected capacity change from 0 to 2048 [ 982.184065][T32042] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 982.307926][T32037] bond0: (slave bond_slave_0): Releasing backup interface [ 982.342989][T32037] device bond_slave_0 left promiscuous mode [ 982.395914][T32039] netlink: 'syz.4.12600': attribute type 10 has an invalid length. [ 982.433878][ T27] audit: type=1326 audit(2000000709.909:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32047 comm="syz.1.12604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 982.448899][T32039] team0: Device veth0_vlan failed to register rx_handler [ 982.464653][T14602] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 982.495755][ T27] audit: type=1326 audit(2000000709.949:2588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32047 comm="syz.1.12604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 982.566531][ T27] audit: type=1326 audit(2000000709.949:2589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32047 comm="syz.1.12604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 982.596383][T32041] netlink: 'syz.5.12601': attribute type 10 has an invalid length. [ 982.643678][ T27] audit: type=1326 audit(2000000709.949:2590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32047 comm="syz.1.12604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 982.660356][T14602] usb 7-1: Using ep0 maxpacket: 32 [ 982.695851][T32041] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 982.720608][T14602] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 982.740047][T14602] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 982.750136][T14602] usb 7-1: Product: syz [ 982.755100][T14602] usb 7-1: Manufacturer: syz [ 982.759786][T14602] usb 7-1: SerialNumber: syz [ 982.771045][T14602] usb 7-1: config 0 descriptor?? [ 982.775260][ T27] audit: type=1326 audit(2000000709.949:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32047 comm="syz.1.12604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 982.988155][T14602] snd-usb-6fire 7-1:0.0: unknown device firmware state received from device: [ 983.010641][T14602] eb 00 00 00 00 00 00 00 [ 983.015243][T14602] snd-usb-6fire: probe of 7-1:0.0 failed with error -5 [ 983.060360][ T22] usb 1-1: new high-speed USB device number 54 using dummy_hcd [ 983.202495][T23011] usb 7-1: USB disconnect, device number 17 [ 983.252342][ T22] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 983.286595][ T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 983.316262][ T22] usb 1-1: config 0 descriptor?? [ 983.350157][ T22] cp210x 1-1:0.0: cp210x converter detected [ 983.489803][T32056] loop1: detected capacity change from 0 to 32768 [ 983.514493][T32070] ieee802154 phy0 wpan0: encryption failed: -22 [ 983.543873][T32056] JBD2: Ignoring recovery information on journal [ 983.557318][ T22] usb 1-1: cp210x converter now attached to ttyUSB0 [ 983.654382][T32073] netlink: 'syz.4.12617': attribute type 27 has an invalid length. [ 983.697163][T32056] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 983.787989][T32056] (syz.1.12608,32056,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10 [ 983.839254][T32056] (syz.1.12608,32056,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 983.849441][ T22] usb 1-1: USB disconnect, device number 54 [ 983.871120][ T22] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 983.900349][T32056] (syz.1.12608,32056,1):ocfs2_mknod:298 ERROR: status = -2 [ 983.907832][T32056] (syz.1.12608,32056,1):ocfs2_mknod:502 ERROR: status = -2 [ 983.928649][ T22] cp210x 1-1:0.0: device disconnected [ 983.966780][T32073] bond0: (slave bond_slave_0): Releasing backup interface [ 983.974122][T32056] (syz.1.12608,32056,1):ocfs2_mkdir:659 ERROR: status = -2 [ 984.014346][T32073] device bond_slave_0 left promiscuous mode [ 984.076920][ T4257] ocfs2: Unmounting device (7,1) on (node local) [ 984.186818][T32080] netlink: 'syz.6.12618': attribute type 10 has an invalid length. [ 984.200821][T32080] device veth0_vlan left promiscuous mode [ 984.211203][T32080] device veth0_vlan entered promiscuous mode [ 984.240385][T32080] team0: Device veth0_vlan failed to register rx_handler [ 984.546508][T32086] netlink: 'syz.6.12620': attribute type 10 has an invalid length. [ 984.579951][T32088] loop4: detected capacity change from 0 to 1024 [ 984.646878][T32086] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 984.753149][T32091] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12624'. [ 985.069699][ T27] audit: type=1326 audit(2000000712.539:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32098 comm="syz.1.12629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 985.284783][T32106] netlink: 24 bytes leftover after parsing attributes in process `syz.4.12632'. [ 985.311198][T32107] netlink: 'syz.1.12631': attribute type 27 has an invalid length. [ 985.622619][T32107] bond0: (slave bond_slave_0): Releasing backup interface [ 985.651220][T32107] device bond_slave_0 left promiscuous mode [ 985.883362][T32123] netlink: 'syz.5.12638': attribute type 10 has an invalid length. [ 986.151559][T32128] netlink: 'syz.1.12641': attribute type 5 has an invalid length. [ 986.193571][T32128] netlink: 7 bytes leftover after parsing attributes in process `syz.1.12641'. [ 986.198785][T32111] loop6: detected capacity change from 0 to 32768 [ 986.288481][T32111] JBD2: Ignoring recovery information on journal [ 986.417346][T32111] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 986.511615][T32111] (syz.6.12630,32111,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10 [ 986.569731][T32111] (syz.6.12630,32111,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 986.580474][T32111] (syz.6.12630,32111,1):ocfs2_mknod:298 ERROR: status = -2 [ 986.591444][T32111] (syz.6.12630,32111,1):ocfs2_mknod:502 ERROR: status = -2 [ 986.598725][T32111] (syz.6.12630,32111,1):ocfs2_mkdir:659 ERROR: status = -2 [ 986.682244][T32142] loop5: detected capacity change from 0 to 256 [ 986.748378][T23980] ocfs2: Unmounting device (7,6) on (node local) [ 986.809793][T32144] loop1: detected capacity change from 0 to 256 [ 986.849060][T32146] siw: device registration error -23 [ 986.872982][T32142] FAT-fs (loop5): Directory bread(block 64) failed [ 986.900849][T32144] FAT-fs (loop1): Directory bread(block 64) failed [ 986.918840][T32144] FAT-fs (loop1): Directory bread(block 65) failed [ 986.920320][T32142] FAT-fs (loop5): Directory bread(block 65) failed [ 986.968814][T32144] FAT-fs (loop1): Directory bread(block 66) failed [ 986.970400][T32142] FAT-fs (loop5): Directory bread(block 66) failed [ 986.996706][T32144] FAT-fs (loop1): Directory bread(block 67) failed [ 987.022853][T32142] FAT-fs (loop5): Directory bread(block 67) failed [ 987.026109][T32144] FAT-fs (loop1): Directory bread(block 68) failed [ 987.029543][T32142] FAT-fs (loop5): Directory bread(block 68) failed [ 987.071289][T32142] FAT-fs (loop5): Directory bread(block 69) failed [ 987.087748][T32144] FAT-fs (loop1): Directory bread(block 69) failed [ 987.095653][T32142] FAT-fs (loop5): Directory bread(block 70) failed [ 987.117014][T32144] FAT-fs (loop1): Directory bread(block 70) failed [ 987.124272][T32144] FAT-fs (loop1): Directory bread(block 71) failed [ 987.140669][T32142] FAT-fs (loop5): Directory bread(block 71) failed [ 987.167965][T32142] FAT-fs (loop5): Directory bread(block 72) failed [ 987.174907][T32144] FAT-fs (loop1): Directory bread(block 72) failed [ 987.200628][T32144] FAT-fs (loop1): Directory bread(block 73) failed [ 987.240980][T32142] FAT-fs (loop5): Directory bread(block 73) failed [ 987.331289][T32144] FAT-fs (loop1): Filesystem has been set read-only [ 987.338623][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 987.338638][ T27] audit: type=1800 audit(2000000714.809:2597): pid=32144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.12650" name="cpu.stat" dev="loop1" ino=1048752 res=0 errno=0 [ 987.359283][T32144] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006c61) [ 987.395416][T32156] netlink: 'syz.0.12654': attribute type 10 has an invalid length. [ 987.740464][T32164] program syz.1.12657 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 987.786479][T32168] loop5: detected capacity change from 0 to 512 [ 987.834883][T32168] EXT4-fs: Ignoring removed bh option [ 987.861077][T32168] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 987.950989][T32168] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 987.974584][T32174] loop4: detected capacity change from 0 to 256 [ 988.012181][T32174] exfat: Deprecated parameter 'namecase' [ 988.023239][T32168] EXT4-fs (loop5): 1 truncate cleaned up [ 988.029116][T32168] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 988.115487][T32180] siw: device registration error -23 [ 988.160832][T32174] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 988.318798][T19516] EXT4-fs (loop5): unmounting filesystem. [ 988.680524][T32193] netlink: 'syz.6.12670': attribute type 10 has an invalid length. [ 988.981705][T32199] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12675'. [ 989.448730][T32218] netlink: 16 bytes leftover after parsing attributes in process `syz.6.12685'. [ 990.096495][T32214] loop1: detected capacity change from 0 to 32768 [ 990.134498][T32214] XFS: ikeep mount option is deprecated. [ 990.317300][T32214] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 990.331185][T32214] XFS (loop1): Mounting V5 Filesystem [ 990.468965][T32214] XFS (loop1): Ending clean mount [ 990.474363][ T22] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 990.670376][ T22] usb 5-1: Using ep0 maxpacket: 16 [ 990.679177][ T22] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 990.734985][ T4257] XFS (loop1): Unmounting Filesystem [ 990.736363][ T22] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 990.759214][ T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 990.773555][ T22] usb 5-1: Product: syz [ 990.777831][ T22] usb 5-1: Manufacturer: syz [ 990.782604][ T22] usb 5-1: SerialNumber: syz [ 990.789165][ T22] usb 5-1: config 0 descriptor?? [ 990.804853][ T22] hub 5-1:0.0: bad descriptor, ignoring hub [ 990.811214][ T22] hub: probe of 5-1:0.0 failed with error -5 [ 990.819787][ T22] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input45 [ 991.310927][ T4298] usb 5-1: USB disconnect, device number 48 [ 991.369754][T32271] netlink: 288 bytes leftover after parsing attributes in process `syz.5.12705'. [ 991.486719][T32275] netlink: 48 bytes leftover after parsing attributes in process `syz.5.12708'. [ 991.752688][T32281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12709'. [ 991.936286][T32289] ieee802154 phy0 wpan0: encryption failed: -22 [ 992.484072][T32314] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12721'. [ 992.510493][ T4298] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 992.525981][T32314] netlink: 60 bytes leftover after parsing attributes in process `syz.4.12721'. [ 992.568820][ T27] audit: type=1326 audit(2000000720.039:2598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32315 comm="syz.0.12738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 992.603852][ T27] audit: type=1326 audit(2000000720.049:2599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32315 comm="syz.0.12738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 992.636520][ T27] audit: type=1326 audit(2000000720.049:2600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32315 comm="syz.0.12738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 992.700412][ T27] audit: type=1326 audit(2000000720.049:2601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32315 comm="syz.0.12738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 992.723498][ T4298] usb 6-1: Using ep0 maxpacket: 32 [ 992.730895][ T4298] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 992.791968][ T4298] usb 6-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 992.810723][ T4298] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 992.819068][ T4298] usb 6-1: Product: syz [ 992.826638][T32320] loop6: detected capacity change from 0 to 2048 [ 992.833271][ T4298] usb 6-1: Manufacturer: syz [ 992.837932][ T4298] usb 6-1: SerialNumber: syz [ 992.871917][T32326] loop4: detected capacity change from 0 to 256 [ 992.889669][ T4298] usb 6-1: config 0 descriptor?? [ 992.934573][ T4298] usb 6-1: bad CDC descriptors [ 992.960170][ T4298] usb 6-1: unsupported MDLM descriptors [ 993.003423][T32326] FAT-fs (loop4): Directory bread(block 64) failed [ 993.010147][T32326] FAT-fs (loop4): Directory bread(block 65) failed [ 993.033176][T32326] FAT-fs (loop4): Directory bread(block 66) failed [ 993.050032][T32326] FAT-fs (loop4): Directory bread(block 67) failed [ 993.068507][T32326] FAT-fs (loop4): Directory bread(block 68) failed [ 993.095866][T32326] FAT-fs (loop4): Directory bread(block 69) failed [ 993.120658][T32326] FAT-fs (loop4): Directory bread(block 70) failed [ 993.127368][T32326] FAT-fs (loop4): Directory bread(block 71) failed [ 993.161805][ T4302] usb 6-1: USB disconnect, device number 28 [ 993.179402][T32326] FAT-fs (loop4): Directory bread(block 72) failed [ 993.203906][T32326] FAT-fs (loop4): Directory bread(block 73) failed [ 993.632765][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.639224][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.647739][T32342] loop6: detected capacity change from 0 to 128 [ 993.679225][T32346] program syz.0.12743 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 993.704992][T32342] FAT-fs (loop6): error, corrupted directory (invalid entries) [ 994.059698][T32356] loop6: detected capacity change from 0 to 1024 [ 994.131353][T32363] netdevsim netdevsim4: Firmware load for '..' refused, path contains '..' component [ 994.160486][T32356] hfsplus: cannot replace xattr [ 994.257490][T32358] loop1: detected capacity change from 0 to 4096 [ 994.368173][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 994.391671][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 994.447070][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 994.489076][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 994.530715][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffc1c00 [ 994.538810][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffc2c00 [ 994.657996][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffc4c00 [ 994.680367][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffc8c00 [ 994.708716][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffd0c00 [ 994.737442][T32376] loop5: detected capacity change from 0 to 1024 [ 994.757595][T32358] ntfs3: loop1: try to read out of volume at offset 0x3fffffe0c00 [ 994.787186][T32376] EXT4-fs: Ignoring removed nomblk_io_submit option [ 994.837659][T32376] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 995.004547][T32376] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 995.253394][T19516] EXT4-fs (loop5): unmounting filesystem. [ 995.300619][ T4302] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 995.510299][ T4302] usb 5-1: Using ep0 maxpacket: 16 [ 995.538426][ T4302] usb 5-1: config 166 has an invalid interface number: 177 but max is 1 [ 995.548988][ T4302] usb 5-1: config 166 has an invalid interface number: 34 but max is 1 [ 995.559660][ T4302] usb 5-1: config 166 has an invalid descriptor of length 0, skipping remainder of the config [ 995.570988][ T4302] usb 5-1: config 166 has no interface number 0 [ 995.577384][ T4302] usb 5-1: config 166 has no interface number 1 [ 995.584707][ T4302] usb 5-1: config 166 interface 177 altsetting 4 has an invalid endpoint with address 0x0, skipping [ 995.612174][ T4302] usb 5-1: config 166 interface 177 altsetting 4 has an invalid endpoint with address 0x0, skipping [ 995.630448][ T4302] usb 5-1: config 166 interface 34 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 4 [ 995.660377][ T4302] usb 5-1: config 166 interface 177 has no altsetting 0 [ 995.668715][ T4302] usb 5-1: config 166 interface 34 has no altsetting 0 [ 995.704415][ T4302] usb 5-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12 [ 995.724498][ T4302] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 995.748504][ T4302] usb 5-1: Product: syz [ 995.760831][T32413] loop5: detected capacity change from 0 to 256 [ 995.770280][ T4302] usb 5-1: Manufacturer: syz [ 995.775103][ T4302] usb 5-1: SerialNumber: syz [ 996.022101][ T4302] ums-realtek 5-1:166.177: USB Mass Storage device detected [ 996.132133][ T4302] ums-realtek 5-1:166.34: USB Mass Storage device detected [ 996.237985][ T4302] usb 5-1: Found UVC 0.00 device syz (0bda:0138) [ 996.253980][ T4302] usb 5-1: No valid video chain found. [ 996.286706][ T4302] usb 5-1: USB disconnect, device number 49 [ 996.482854][T32431] loop1: detected capacity change from 0 to 4096 [ 996.550483][T32431] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 997.105656][T32461] No such timeout policy "syz0" [ 997.776056][ T27] audit: type=1326 audit(2000000725.249:2602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32487 comm="syz.6.12808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 997.840355][ T27] audit: type=1326 audit(2000000725.269:2603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32487 comm="syz.6.12808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 997.930332][ T27] audit: type=1326 audit(2000000725.279:2604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32487 comm="syz.6.12808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 998.030585][ T27] audit: type=1326 audit(2000000725.279:2605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32487 comm="syz.6.12808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 998.066063][T32496] loop4: detected capacity change from 0 to 16 [ 998.092563][ T27] audit: type=1326 audit(2000000725.279:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32487 comm="syz.6.12808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 998.141592][T32496] erofs: (device loop4): mounted with root inode @ nid 36. [ 998.317511][T32502] Unsupported ieee802154 address type: 0 [ 998.467677][T32511] loop1: detected capacity change from 0 to 64 [ 998.778676][T32519] loop1: detected capacity change from 0 to 16 [ 998.840005][T32519] erofs: (device loop1): mounted with root inode @ nid 36. [ 998.915051][T32519] erofs: (device loop1): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36 [ 998.926718][T32521] loop6: detected capacity change from 0 to 16 [ 998.957195][T32519] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 998.980436][T32521] erofs: (device loop6): mounted with root inode @ nid 36. [ 998.998262][T32519] erofs: (device loop1): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36 [ 999.017176][T32521] erofs: (device loop6): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36 [ 999.038971][T32519] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 999.059124][T32521] erofs: (device loop6): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36 [ 999.065646][T32519] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 999.139800][T32521] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117] [ 999.199790][T32531] netlink: 'syz.4.12831': attribute type 3 has an invalid length. [ 999.219878][T32531] netlink: 132 bytes leftover after parsing attributes in process `syz.4.12831'. [ 999.555466][T32543] netlink: 'syz.4.12836': attribute type 10 has an invalid length. [ 999.730669][T32543] device batadv0 left promiscuous mode [ 999.736635][T32543] bridge0: port 3(batadv0) entered disabled state [ 999.773164][T32543] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 999.820641][T32543] team0: Port device batadv0 added [ 999.832696][T32553] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12841'. [ 1000.078819][T32559] netlink: 'syz.6.12844': attribute type 1 has an invalid length. [ 1000.117273][T32559] netlink: 192 bytes leftover after parsing attributes in process `syz.6.12844'. [ 1000.160161][T32563] loop5: detected capacity change from 0 to 512 [ 1000.217134][T32563] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 1000.262914][T32563] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 1000.312837][T32563] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec02c, mo2=0002] [ 1000.326535][T32563] System zones: 0-2, 18-18, 34-34 [ 1000.362417][T32563] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 1000.440663][T32563] EXT4-fs (loop5): 1 truncate cleaned up [ 1000.446524][T32563] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1000.522467][T32563] EXT4-fs error (device loop5): ext4_generic_delete_entry:2729: inode #2: block 3: comm syz.5.12847: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 1000.541942][ C1] vkms_vblank_simulate: vblank timer overrun [ 1000.617621][T32563] EXT4-fs (loop5): Remounting filesystem read-only [ 1000.638826][T32563] EXT4-fs error (device loop5) in ext4_delete_entry:2800: Corrupt filesystem [ 1000.658378][T32580] netlink: 'syz.0.12853': attribute type 5 has an invalid length. [ 1000.685788][T32580] netlink: 156 bytes leftover after parsing attributes in process `syz.0.12853'. [ 1000.709207][T32563] EXT4-fs (loop5): Remounting filesystem read-only [ 1000.851436][T19516] EXT4-fs (loop5): unmounting filesystem. [ 1000.973587][T32586] netlink: 'syz.1.12857': attribute type 10 has an invalid length. [ 1001.031232][T32586] bridge0: port 4(batadv0) entered disabled state [ 1001.071034][T32586] device batadv0 left promiscuous mode [ 1001.076904][T32586] bridge0: port 4(batadv0) entered disabled state [ 1001.126363][T32586] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1001.145400][T32586] device batadv0 entered promiscuous mode [ 1001.171028][T32594] binder: BC_ACQUIRE_RESULT not supported [ 1001.177879][T32586] team0: Port device batadv0 added [ 1001.190622][T32594] binder: 32593:32594 ioctl c0306201 200000000080 returned -22 [ 1001.380360][ T4298] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 1001.600504][ T4298] usb 5-1: Using ep0 maxpacket: 16 [ 1001.608743][ T4298] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1001.667677][ T4298] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1001.691498][ T4298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1001.746864][ T4298] usb 5-1: config 0 descriptor?? [ 1001.795642][ T4298] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input46 [ 1002.005255][ T3608] bcm5974 5-1:0.0: could not read from device [ 1002.074991][ T4298] bcm5974 5-1:0.0: could not read from device [ 1002.116238][ T3608] bcm5974 5-1:0.0: could not read from device [ 1002.157095][ T4298] input: failed to attach handler mousedev to device input46, error: -5 [ 1002.184876][ T4298] usb 5-1: USB disconnect, device number 50 [ 1002.184926][ T3608] bcm5974 5-1:0.0: could not read from device [ 1002.220773][T32621] netlink: 'syz.1.12872': attribute type 21 has an invalid length. [ 1002.251498][T32621] netlink: 132 bytes leftover after parsing attributes in process `syz.1.12872'. [ 1002.514709][T32629] netlink: 'syz.6.12875': attribute type 10 has an invalid length. [ 1002.563457][T32629] bridge0: port 3(batadv0) entered disabled state [ 1002.575753][T32629] device batadv0 left promiscuous mode [ 1002.582237][T32629] bridge0: port 3(batadv0) entered disabled state [ 1002.596953][T32629] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1002.607211][ T4600] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 1002.622281][T32629] team0: Port device batadv0 added [ 1002.790351][ T4600] usb 6-1: Using ep0 maxpacket: 32 [ 1002.797523][ T4600] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 1002.836493][ T4600] usb 6-1: config 0 has no interface number 0 [ 1002.860409][ T4600] usb 6-1: config 0 interface 1 altsetting 9 has an invalid endpoint with address 0x0, skipping [ 1002.890101][T32635] loop1: detected capacity change from 0 to 1024 [ 1002.910348][ T4600] usb 6-1: config 0 interface 1 has no altsetting 0 [ 1002.923026][ T4600] usb 6-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 1002.939249][ T4600] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1002.965905][ T4600] usb 6-1: Product: syz [ 1002.985960][ T4600] usb 6-1: Manufacturer: syz [ 1003.007305][ T4600] usb 6-1: SerialNumber: syz [ 1003.032120][ T4600] usb 6-1: config 0 descriptor?? [ 1003.108866][T13821] hfsplus: b-tree write err: -5, ino 4 [ 1003.247145][ T4600] cx231xx 6-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 1003.276726][ T4600] cx231xx 6-1:0.1: Not found matching IAD interface [ 1003.310629][ T4600] usb 6-1: USB disconnect, device number 29 [ 1003.464773][T32653] ntfs3: nbd0: try to read out of volume at offset 0x0 [ 1003.604983][T32657] loop1: detected capacity change from 0 to 4096 [ 1003.622193][T32657] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 1003.658798][T32657] ntfs3: loop1: failed to convert "c46c" to euc-jp [ 1003.930823][T32667] netlink: 'syz.5.12891': attribute type 10 has an invalid length. [ 1003.982088][T32667] bridge0: port 4(batadv0) entered disabled state [ 1004.001391][T32667] device batadv0 left promiscuous mode [ 1004.007188][T32667] bridge0: port 4(batadv0) entered disabled state [ 1004.161601][T32667] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1004.204265][T32667] team0: Port device batadv0 added [ 1004.543522][T32690] netlink: 76 bytes leftover after parsing attributes in process `syz.1.12905'. [ 1004.590489][T32690] netlink: 20 bytes leftover after parsing attributes in process `syz.1.12905'. [ 1004.632231][T32690] netlink: 20 bytes leftover after parsing attributes in process `syz.1.12905'. [ 1004.962409][T32703] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1005.561133][ T4298] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 1005.609624][T32689] loop4: detected capacity change from 0 to 32768 [ 1005.675276][T32689] XFS (loop4): Mounting V5 Filesystem [ 1005.787014][ T4298] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05 [ 1005.850398][ T4298] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.885280][ T4298] usb 2-1: Product: syz [ 1005.889613][ T4298] usb 2-1: Manufacturer: syz [ 1005.895050][ T4298] usb 2-1: SerialNumber: syz [ 1005.902730][T32689] XFS (loop4): Ending clean mount [ 1005.917934][ T4298] usb 2-1: config 0 descriptor?? [ 1005.941227][ T4298] go7007: probe of 2-1:0.0 failed with error -12 [ 1006.124596][ T4250] XFS (loop4): Unmounting Filesystem [ 1006.136617][ T22] usb 2-1: USB disconnect, device number 42 [ 1006.815047][ T308] netlink: 'syz.6.12946': attribute type 1 has an invalid length. [ 1006.830503][ T308] netlink: 'syz.6.12946': attribute type 2 has an invalid length. [ 1006.851192][ T308] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12946'. [ 1007.062312][ T316] loop6: detected capacity change from 0 to 1024 [ 1007.121671][ T316] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 1007.198151][ T316] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 1007.240561][ T316] jbd2_journal_init_inode: Cannot locate journal superblock [ 1007.254016][ T316] EXT4-fs (loop6): Could not load journal inode [ 1007.404328][ T316] loop6: detected capacity change from 0 to 512 [ 1007.465434][ T316] EXT4-fs (loop6): failed to initialize system zone (-117) [ 1007.527245][ T316] EXT4-fs (loop6): mount failed [ 1007.863645][ T340] tmpfs: Bad value for 'mpol' [ 1008.098732][ T349] netlink: 'syz.0.12973': attribute type 6 has an invalid length. [ 1008.299595][ T355] vivid-002: disconnect [ 1008.315866][ T354] vivid-002: reconnect [ 1008.390320][T23011] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 1008.434855][ T361] loop4: detected capacity change from 0 to 128 [ 1008.508963][ T361] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1008.540871][ T361] ext4 filesystem being mounted at /2538/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1008.590581][T23011] usb 7-1: Using ep0 maxpacket: 32 [ 1008.597619][T23011] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 219 [ 1008.630110][T23011] usb 7-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 1008.649964][T23011] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1008.658218][T23011] usb 7-1: Product: syz [ 1008.662737][T23011] usb 7-1: Manufacturer: syz [ 1008.667396][T23011] usb 7-1: SerialNumber: syz [ 1008.683910][T23011] usb 7-1: config 0 descriptor?? [ 1008.689633][ T352] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1008.844689][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 1008.976096][T23011] usb 7-1: USB disconnect, device number 18 [ 1009.046333][ T375] loop4: detected capacity change from 0 to 1024 [ 1009.093301][ T375] EXT4-fs: Ignoring removed bh option [ 1009.215301][ T375] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1009.311523][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 1009.362066][ T377] loop1: detected capacity change from 0 to 8192 [ 1009.390625][ T377] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1009.439531][ T377] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 1009.439600][ T377] FAT-fs (loop1): Filesystem has been set read-only [ 1009.574187][ T4257] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 1009.716614][ T395] loop6: detected capacity change from 0 to 128 [ 1010.471718][ T27] audit: type=1326 audit(2000000737.949:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=414 comm="syz.4.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1010.477333][ T27] audit: type=1326 audit(2000000737.949:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=414 comm="syz.4.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1010.510832][ T27] audit: type=1326 audit(2000000737.979:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=414 comm="syz.4.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1010.510892][ T27] audit: type=1326 audit(2000000737.979:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=414 comm="syz.4.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1010.510931][ T27] audit: type=1326 audit(2000000737.979:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=414 comm="syz.4.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1010.785691][ T425] netlink: 14 bytes leftover after parsing attributes in process `syz.0.13000'. [ 1010.842709][ C1] vkms_vblank_simulate: vblank timer overrun [ 1010.900999][ T427] netlink: 288 bytes leftover after parsing attributes in process `syz.6.13001'. [ 1010.943024][ C1] vkms_vblank_simulate: vblank timer overrun [ 1010.963185][ T423] loop4: detected capacity change from 0 to 4096 [ 1010.973831][ T423] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1011.068043][ T423] ntfs: volume version 3.1. [ 1011.913846][ T93] block nbd0: Attempted send on invalid socket [ 1011.920150][ T93] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2 [ 1011.921634][ T27] audit: type=1326 audit(2000000739.399:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=461 comm="syz.6.13016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 1011.984056][ T27] audit: type=1326 audit(2000000739.429:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=461 comm="syz.6.13016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 1012.034318][ T27] audit: type=1326 audit(2000000739.439:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=461 comm="syz.6.13016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 1012.538537][ T477] loop6: detected capacity change from 0 to 64 [ 1014.009007][ T526] netlink: 32 bytes leftover after parsing attributes in process `syz.6.13048'. [ 1014.046264][ T529] netlink: 48 bytes leftover after parsing attributes in process `syz.4.13049'. [ 1014.227588][ T495] loop1: detected capacity change from 0 to 32768 [ 1014.296213][ T538] xt_TCPMSS: Only works on TCP SYN packets [ 1014.370792][ T495] XFS (loop1): Mounting V5 Filesystem [ 1014.398092][ T27] audit: type=1326 audit(2000000741.869:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=545 comm="syz.5.13054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f6b8e929 code=0x7ffc0000 [ 1014.470240][ T495] XFS (loop1): Ending clean mount [ 1014.482269][ T495] XFS (loop1): Quotacheck needed: Please wait. [ 1014.531024][T24136] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 1014.657286][ T495] XFS (loop1): Quotacheck: Done. [ 1014.783366][T24136] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1014.813208][T24136] usb 7-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.40 [ 1014.834762][T24136] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1014.856973][T24136] usb 7-1: Product: syz [ 1014.862165][T24136] usb 7-1: Manufacturer: syz [ 1014.870530][T24136] usb 7-1: SerialNumber: syz [ 1014.902198][ T4257] XFS (loop1): Unmounting Filesystem [ 1014.913261][T24136] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/input/input47 [ 1015.205820][ T537] loop6: detected capacity change from 0 to 4096 [ 1015.250500][ T537] ntfs3: loop6: Different NTFS' sector size (1024) and media sector size (512) [ 1015.351865][ T3608] bcm5974 7-1:1.0: could not read from device [ 1015.391168][T24136] usb 7-1: USB disconnect, device number 19 [ 1015.410663][ T3608] bcm5974 7-1:1.0: could not read from device [ 1015.535133][ T577] loop5: detected capacity change from 0 to 512 [ 1015.619753][ T577] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 1015.710063][ T577] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ce01c, mo2=0002] [ 1015.750661][ T577] System zones: 1-12 [ 1015.755740][ T577] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1015.845710][ T577] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.13067: invalid indirect mapped block 12 (level 1) [ 1015.945278][ T577] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.13067: invalid indirect mapped block 2 (level 2) [ 1016.006973][ T577] EXT4-fs (loop5): 1 truncate cleaned up [ 1016.041063][ T577] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1016.138157][ T592] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.13074'. [ 1016.179936][ T592] netlink: zone id is out of range [ 1016.189368][ T594] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1016.380896][T19516] EXT4-fs (loop5): unmounting filesystem. [ 1016.428259][ T4298] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 1016.634165][ T4298] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1016.660928][ T4298] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1016.669090][ T4298] usb 7-1: Product: syz [ 1016.692245][ T4298] usb 7-1: Manufacturer: syz [ 1016.697107][ T4298] usb 7-1: SerialNumber: syz [ 1016.741733][ T4298] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1016.779880][ T4298] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1017.104627][ T616] loop4: detected capacity change from 0 to 128 [ 1017.206567][ T616] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 1017.220675][ T616] FAT-fs (loop4): Filesystem has been set read-only [ 1017.268942][ T4302] usb 7-1: USB disconnect, device number 20 [ 1017.760439][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 1017.760459][ T27] audit: type=1326 audit(2000000745.229:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=637 comm="syz.0.13095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 1017.789158][ C1] vkms_vblank_simulate: vblank timer overrun [ 1017.870611][ T4298] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 1017.878384][ T27] audit: type=1326 audit(2000000745.229:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=637 comm="syz.0.13095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 1017.886906][ T4298] ath9k_htc: Failed to initialize the device [ 1017.967202][ T641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13096'. [ 1017.968101][ T4302] usb 7-1: ath9k_htc: USB layer deinitialized [ 1018.000480][ T27] audit: type=1326 audit(2000000745.279:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=637 comm="syz.0.13095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 1018.023128][ C1] vkms_vblank_simulate: vblank timer overrun [ 1018.030694][ T641] netlink: 24 bytes leftover after parsing attributes in process `syz.4.13096'. [ 1018.080507][ T27] audit: type=1326 audit(2000000745.279:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=637 comm="syz.0.13095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 1018.149308][ T27] audit: type=1326 audit(2000000745.279:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=637 comm="syz.0.13095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87af18e929 code=0x7ffc0000 [ 1018.692261][ T661] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 1018.793764][ T664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13107'. [ 1018.975794][ T619] loop5: detected capacity change from 0 to 32768 [ 1019.090051][ T619] __jfs_setxattr: xattr_size = 74, new_size = 12053 [ 1019.207516][ T679] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 1019.678296][ T695] netlink: 24 bytes leftover after parsing attributes in process `syz.4.13122'. [ 1019.758379][ T699] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 1019.993934][ T709] tmpfs: Bad value for 'mpol' [ 1020.349198][ T720] loop6: detected capacity change from 0 to 512 [ 1020.498755][ T720] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.13133: bg 0: block 481: padding at end of block bitmap is not set [ 1020.522558][ T720] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 1020.531728][ T4298] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 1020.541580][ T720] EXT4-fs (loop6): 1 orphan inode deleted [ 1020.547589][ T720] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1020.560505][T13831] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 1020.597811][T13831] EXT4-fs error (device loop6): ext4_release_dquot:6850: comm kworker/u4:13: Failed to release dquot type 1 [ 1020.620500][ T720] ext4 filesystem being mounted at /789/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1020.731613][ T4298] usb 2-1: Using ep0 maxpacket: 8 [ 1020.754871][ T4298] usb 2-1: config 2 has an invalid interface number: 31 but max is 0 [ 1020.789092][ T4298] usb 2-1: config 2 has no interface number 0 [ 1020.802505][ T4298] usb 2-1: config 2 interface 31 has no altsetting 0 [ 1020.809828][T23980] EXT4-fs (loop6): unmounting filesystem. [ 1020.837958][ T4298] usb 2-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 1020.867719][ T4298] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1020.882649][ T4298] usb 2-1: Product: syz [ 1020.887050][ T4298] usb 2-1: Manufacturer: syz [ 1020.898981][ T703] loop5: detected capacity change from 0 to 32768 [ 1020.927803][ T4298] usb 2-1: SerialNumber: syz [ 1020.964590][ T703] [ 1020.964590][ T703] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1020.964590][ T703] [ 1021.042534][ T740] openvswitch: netlink: Unknown key attributes 1 [ 1021.074836][ T742] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13142'. [ 1021.094596][ T703] __jfs_setxattr: xattr_size = 243, new_size = 337 [ 1021.140501][ T742] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13142'. [ 1021.200407][ T742] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13142'. [ 1021.260158][ T742] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13142'. [ 1021.298661][T13827] [ 1021.298661][T13827] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1021.298661][T13827] [ 1021.319213][T13827] [ 1021.319213][T13827] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1021.319213][T13827] [ 1021.336056][T19516] [ 1021.336056][T19516] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1021.336056][T19516] [ 1021.353330][ T108] [ 1021.353330][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1021.353330][ T108] [ 1021.379632][ T4298] ch9200: probe of 2-1:2.31 failed with error -22 [ 1021.427217][ T4298] usb 2-1: USB disconnect, device number 43 [ 1021.433658][T19516] [ 1021.433658][T19516] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1021.433658][T19516] [ 1021.738923][ T760] x_tables: ip_tables: osf match: only valid for protocol 6 [ 1021.961917][ T767] netlink: 32 bytes leftover after parsing attributes in process `syz.4.13155'. [ 1022.032028][ T27] audit: type=1326 audit(2000000749.489:2629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=770 comm="syz.6.13157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 1022.085518][ T27] audit: type=1326 audit(2000000749.509:2630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=770 comm="syz.6.13157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 1022.108154][ C1] vkms_vblank_simulate: vblank timer overrun [ 1022.209655][ T27] audit: type=1326 audit(2000000749.509:2631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=770 comm="syz.6.13157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 1022.326013][ T27] audit: type=1326 audit(2000000749.509:2632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=770 comm="syz.6.13157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f558e929 code=0x7ffc0000 [ 1022.520566][ T789] rdma_rxe: rxe creation allowed on top of a real device only [ 1022.778799][ T797] loop6: detected capacity change from 0 to 256 [ 1022.871645][ T797] FAT-fs (loop6): Directory bread(block 64) failed [ 1022.898230][ T803] loop1: detected capacity change from 0 to 1024 [ 1022.898617][ T797] FAT-fs (loop6): Directory bread(block 65) failed [ 1022.936610][ T803] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1022.966436][ T797] FAT-fs (loop6): Directory bread(block 66) failed [ 1022.971316][ T803] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1023.010576][ T797] FAT-fs (loop6): Directory bread(block 67) failed [ 1023.011395][ T803] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1023.044958][ T797] FAT-fs (loop6): Directory bread(block 68) failed [ 1023.056420][ T803] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1023.094404][ T797] FAT-fs (loop6): Directory bread(block 69) failed [ 1023.130759][ T797] FAT-fs (loop6): Directory bread(block 70) failed [ 1023.162293][ T797] FAT-fs (loop6): Directory bread(block 71) failed [ 1023.196785][ T797] FAT-fs (loop6): Directory bread(block 72) failed [ 1023.200403][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 1023.248128][ T810] loop4: detected capacity change from 0 to 2048 [ 1023.250339][ T797] FAT-fs (loop6): Directory bread(block 73) failed [ 1023.355527][ T813] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1023.397878][ T810] NILFS error (device loop4): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=128, inode=18302628885633695744, rec_len=65535, name_len=255 [ 1023.541105][ T810] Remounting filesystem read-only [ 1023.843284][ T821] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus [ 1024.156417][ T827] loop4: detected capacity change from 0 to 1764 [ 1024.254709][ T827] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1024.267447][ T831] netlink: 'syz.0.13183': attribute type 5 has an invalid length. [ 1024.320075][ T831] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13183'. [ 1024.402726][ T812] loop5: detected capacity change from 0 to 32768 [ 1024.459221][ T812] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.13176 (812) [ 1024.523601][ T833] loop1: detected capacity change from 0 to 2048 [ 1024.547528][ T812] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1024.570857][ T833] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1024.599827][ T812] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 1024.618914][ T812] BTRFS info (device loop5): turning on flush-on-commit [ 1024.629020][ T833] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1024.646803][ T812] BTRFS info (device loop5): enabling disk space caching [ 1024.670280][ T812] BTRFS info (device loop5): turning off barriers [ 1024.676927][ T812] BTRFS info (device loop5): doing ref verification [ 1024.740459][ T812] BTRFS info (device loop5): enabling auto defrag [ 1024.755717][ T812] BTRFS info (device loop5): force clearing of disk cache [ 1024.810582][ T812] BTRFS info (device loop5): enabling ssd optimizations [ 1024.848281][ T812] BTRFS info (device loop5): using spread ssd allocation scheme [ 1024.888918][ T812] BTRFS info (device loop5): using default commit interval 30s [ 1024.910568][ T812] BTRFS info (device loop5): disk space caching is enabled [ 1025.187345][ T841] loop4: detected capacity change from 0 to 4096 [ 1025.249707][ T825] loop6: detected capacity change from 0 to 32768 [ 1025.267627][ T841] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 1025.387662][ T825] XFS (loop6): Mounting V5 Filesystem [ 1025.462140][ T812] BTRFS info (device loop5): rebuilding free space tree [ 1025.485431][ T841] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1025.577940][ T825] XFS (loop6): Ending clean mount [ 1025.587527][ T812] BTRFS info (device loop5): disabling free space tree [ 1025.618585][ T825] XFS (loop6): Quotacheck needed: Please wait. [ 1025.630580][ T812] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1025.690409][ T812] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1025.765204][ T825] XFS (loop6): Quotacheck: Done. [ 1026.015394][T23980] XFS (loop6): Unmounting Filesystem [ 1026.089429][ T896] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13200'. [ 1026.253238][ T902] netlink: 48 bytes leftover after parsing attributes in process `syz.0.13204'. [ 1026.268396][T19516] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1026.450297][ T4435] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop5 scanned by udevd (4435) [ 1027.444022][ T939] loop1: detected capacity change from 0 to 64 [ 1028.152230][ T961] loop5: detected capacity change from 0 to 2048 [ 1028.206273][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 1028.250732][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 1028.279618][ T961] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1028.289773][ T961] ext4 filesystem being mounted at /1158/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1028.323304][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready [ 1028.348189][T19516] EXT4-fs (loop5): unmounting filesystem. [ 1028.370741][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready [ 1028.412611][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 1028.443213][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 1028.485133][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 1028.519266][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 1028.556686][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 1028.588105][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 1028.622180][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready [ 1028.657089][ T963] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready [ 1028.704682][ T946] loop6: detected capacity change from 0 to 32768 [ 1028.736641][ T946] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 scanned by syz.6.13201 (946) [ 1028.778287][ T946] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1028.820546][ T946] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm [ 1028.838937][ T946] BTRFS info (device loop6): force zlib compression, level 3 [ 1028.860022][ T946] BTRFS info (device loop6): force clearing of disk cache [ 1028.868209][ T977] loop4: detected capacity change from 0 to 256 [ 1028.905834][ T946] BTRFS info (device loop6): setting nodatasum [ 1028.960822][ T946] BTRFS info (device loop6): doing ref verification [ 1028.967529][ T946] BTRFS info (device loop6): allowing degraded mounts [ 1029.017767][ T946] BTRFS info (device loop6): using free space tree [ 1029.164235][ T997] SET target dimension over the limit! [ 1029.283943][ T946] BTRFS info (device loop6): enabling ssd optimizations [ 1029.351567][ T946] BTRFS info (device loop6): rebuilding free space tree [ 1029.418809][ T1015] loop1: detected capacity change from 0 to 64 [ 1029.588170][ T1022] kernel profiling enabled (shift: 7) [ 1029.620817][T23980] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1029.835880][ T1028] loop1: detected capacity change from 0 to 128 [ 1029.925885][ T1028] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 1030.010800][ T1037] loop5: detected capacity change from 0 to 64 [ 1030.571669][ T1062] loop6: detected capacity change from 0 to 256 [ 1030.615451][ T1064] usb usb8: usbfs: process 1064 (syz.5.13251) did not claim interface 0 before use [ 1030.656115][ T1062] FAT-fs (loop6): Directory bread(block 64) failed [ 1030.656198][ T1068] netlink: 'syz.1.13255': attribute type 5 has an invalid length. [ 1030.690601][ T1062] FAT-fs (loop6): Directory bread(block 65) failed [ 1030.697799][ T1062] FAT-fs (loop6): Directory bread(block 66) failed [ 1030.740783][ T1062] FAT-fs (loop6): Directory bread(block 67) failed [ 1030.748063][ T1062] FAT-fs (loop6): Directory bread(block 68) failed [ 1030.770107][ T1062] FAT-fs (loop6): Directory bread(block 69) failed [ 1030.796121][ T1062] FAT-fs (loop6): Directory bread(block 70) failed [ 1030.850298][ T1062] FAT-fs (loop6): Directory bread(block 71) failed [ 1030.857318][ T1062] FAT-fs (loop6): Directory bread(block 72) failed [ 1030.900412][ T1062] FAT-fs (loop6): Directory bread(block 73) failed [ 1030.976296][ T1077] autofs4:pid:1077:autofs_fill_super: called with bogus options [ 1031.190698][ T1082] netlink: 'syz.0.13261': attribute type 1 has an invalid length. [ 1031.240317][ T1082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13261'. [ 1031.412910][ T1093] loop4: detected capacity change from 0 to 256 [ 1031.458387][ T1095] usb usb8: usbfs: process 1095 (syz.0.13268) did not claim interface 8 before use [ 1031.515667][ T1093] FAT-fs (loop4): Directory bread(block 64) failed [ 1031.553763][ T1093] FAT-fs (loop4): Directory bread(block 65) failed [ 1031.568672][ T1093] FAT-fs (loop4): Directory bread(block 66) failed [ 1031.596926][ T1093] FAT-fs (loop4): Directory bread(block 67) failed [ 1031.631779][ T1093] FAT-fs (loop4): Directory bread(block 68) failed [ 1031.657342][ T1093] FAT-fs (loop4): Directory bread(block 69) failed [ 1031.674594][ T1093] FAT-fs (loop4): Directory bread(block 70) failed [ 1031.686753][ T1093] FAT-fs (loop4): Directory bread(block 71) failed [ 1031.709377][ T1093] FAT-fs (loop4): Directory bread(block 72) failed [ 1031.717234][ T1093] FAT-fs (loop4): Directory bread(block 73) failed [ 1032.282514][ T1121] SET target dimension over the limit! [ 1032.305483][ T1123] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13280'. [ 1032.371543][ T1126] x_tables: duplicate underflow at hook 2 [ 1032.534900][ T1131] loop5: detected capacity change from 0 to 256 [ 1032.846797][ T1142] kernel read not supported for file /!selinuxwk1m9ɞ*T#jYmVvm(p-QZ#{ (pid: 1142 comm: syz.6.13291) [ 1033.000571][ T1146] netlink: 'syz.1.13293': attribute type 1 has an invalid length. [ 1033.008495][ T1146] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13293'. [ 1033.286626][ T1160] IPVS: length: 110 != 8 [ 1033.291248][ T1162] ieee802154 phy0 wpan0: encryption failed: -22 [ 1033.358805][ T1164] loop6: detected capacity change from 0 to 512 [ 1033.380556][T14606] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 1033.402147][ T1164] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 1033.494842][ T1164] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2195: inode #15: comm syz.6.13301: corrupted in-inode xattr [ 1033.550053][ T1164] EXT4-fs (loop6): Remounting filesystem read-only [ 1033.566652][ T1168] bridge9: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 1033.581317][ T1164] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.13301: couldn't read orphan inode 15 (err -117) [ 1033.588450][ T1172] netlink: 'syz.5.13303': attribute type 95 has an invalid length. [ 1033.602223][T14606] usb 5-1: config 0 has an invalid interface number: 199 but max is 1 [ 1033.620438][T14606] usb 5-1: config 0 has no interface number 1 [ 1033.626916][T14606] usb 5-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 1033.637592][ T1164] EXT4-fs (loop6): Remounting filesystem read-only [ 1033.637669][T14606] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1033.656986][T14606] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 1033.666448][T14606] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1033.675039][ T1164] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 1033.683934][T14606] usb 5-1: SerialNumber: syz [ 1033.712179][T14606] usb 5-1: config 0 descriptor?? [ 1033.750695][T14606] usb 5-1: Found UVC 0.00 device (0002:0000) [ 1033.767912][T14606] usb 5-1: No valid video chain found. [ 1033.800337][ T22] usb 1-1: new high-speed USB device number 55 using dummy_hcd [ 1033.834286][T23980] EXT4-fs (loop6): unmounting filesystem. [ 1033.949538][T14606] usb 5-1: USB disconnect, device number 51 [ 1033.992436][ T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1034.020429][ T22] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 1034.064875][ T22] usb 1-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18 [ 1034.094772][ T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1034.125217][ T22] usb 1-1: Product: syz [ 1034.139173][ T22] usb 1-1: Manufacturer: syz [ 1034.150958][ T22] usb 1-1: SerialNumber: syz [ 1034.162383][ T22] usb 1-1: config 0 descriptor?? [ 1034.517771][ T1197] loop5: detected capacity change from 0 to 8 [ 1034.561510][ T1197] SQUASHFS error: Failed to read block 0x6a4: -5 [ 1034.587796][ T1197] SQUASHFS error: Unable to read metadata cache entry [6a2] [ 1034.644946][T14606] usb 1-1: USB disconnect, device number 55 [ 1034.660731][ T1197] SQUASHFS error: Unable to read inode 0x87 [ 1034.961680][ T1057] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 1035.041752][ T1210] netlink: 'syz.5.13322': attribute type 3 has an invalid length. [ 1035.182937][ T1057] usb 2-1: config 0 has too many interfaces: 202, using maximum allowed: 32 [ 1035.202412][ T1057] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 202 [ 1035.237340][ T1057] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1035.271632][ T1057] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 1035.290482][ T1057] usb 2-1: New USB device strings: Mfr=33, Product=2, SerialNumber=3 [ 1035.320289][ T1057] usb 2-1: Product: syz [ 1035.334013][ T1057] usb 2-1: Manufacturer: syz [ 1035.338864][ T1057] usb 2-1: SerialNumber: syz [ 1035.383328][ T1057] usb 2-1: config 0 descriptor?? [ 1035.417587][ T1218] loop6: detected capacity change from 0 to 2048 [ 1035.477543][ T1218] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1035.731607][ T1230] loop5: detected capacity change from 0 to 16 [ 1035.808491][ T1230] erofs: (device loop5): mounted with root inode @ nid 36. [ 1035.822491][ T1057] usb 2-1: USB disconnect, device number 44 [ 1036.064782][ T1239] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 1036.139729][ T1244] loop4: detected capacity change from 0 to 512 [ 1036.180666][ T1244] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1036.287662][ T1244] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.13336: bg 0: block 16: invalid block bitmap [ 1036.325768][ T1244] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 1036.356137][ T1244] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.13336: invalid indirect mapped block 5 (level 0) [ 1036.444347][ T1244] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.13336: invalid indirect mapped block 4294967295 (level 1) [ 1036.467492][ T1254] (unnamed net_device) (uninitialized): option mode: invalid value (254) [ 1036.513801][ T1244] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.13336: invalid indirect mapped block 4294967295 (level 2) [ 1036.622735][ T1244] EXT4-fs (loop4): 1 truncate cleaned up [ 1036.630584][ T1244] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1036.872879][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 1036.889521][ T1271] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1036.913900][ T1271] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1037.205094][ T1281] loop5: detected capacity change from 0 to 1024 [ 1037.574502][ T1293] overlayfs: bad mount option "redirect_dir=nofollow::" [ 1037.783879][ T1266] loop1: detected capacity change from 0 to 32768 [ 1038.102532][ T1311] netlink: 24 bytes leftover after parsing attributes in process `syz.5.13367'. [ 1038.927131][ T4262] Bluetooth: hci0: unexpected event for opcode 0x1405 [ 1039.671396][ T1372] x_tables: duplicate entry at hook 3 [ 1040.146453][ T1388] loop1: detected capacity change from 0 to 1024 [ 1040.209578][ T1388] hfsplus: keylen 65060 too large [ 1040.466314][ T1399] loop1: detected capacity change from 0 to 1024 [ 1040.519319][ T1402] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13410'. [ 1040.573400][ T1399] syz.1.13409: attempt to access beyond end of device [ 1040.573400][ T1399] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 1041.111372][ T1423] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 1042.256411][ T1428] loop4: detected capacity change from 0 to 32768 [ 1042.258724][ T1455] loop6: detected capacity change from 0 to 256 [ 1042.394012][ T1428] XFS (loop4): Mounting V5 Filesystem [ 1042.400403][ T22] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 1042.472282][ T1428] XFS (loop4): Ending clean mount [ 1042.488995][ T1428] XFS (loop4): Quotacheck needed: Please wait. [ 1042.598990][ T22] usb 1-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=b5.55 [ 1042.614224][ T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1042.615469][ T1428] XFS (loop4): Quotacheck: Done. [ 1042.623054][ T22] usb 1-1: Product: syz [ 1042.632285][ T22] usb 1-1: Manufacturer: syz [ 1042.637185][ T22] usb 1-1: SerialNumber: syz [ 1042.644945][ T22] usb 1-1: config 0 descriptor?? [ 1042.654001][ T22] gspca_main: sonixb-2.14.0 probing 0c45:60a8 [ 1042.690616][ T1465] netlink: 32 bytes leftover after parsing attributes in process `syz.6.13438'. [ 1042.700047][ T1465] netlink: 9 bytes leftover after parsing attributes in process `syz.6.13438'. [ 1042.751446][ T4250] XFS (loop4): Unmounting Filesystem [ 1042.838949][ T1443] loop1: detected capacity change from 0 to 32768 [ 1042.901511][ T1443] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12 [ 1042.993258][ T1465] team0: Port device batadv0 removed [ 1043.011374][ T1465] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 1043.062046][ T22] sonixb 1-1:0.0: Error writing register 01: -71 [ 1043.082195][ T22] sonixb: probe of 1-1:0.0 failed with error -71 [ 1043.129787][ T22] usb 1-1: USB disconnect, device number 56 [ 1043.304506][ T1469] loop6: detected capacity change from 0 to 512 [ 1043.316724][ T4365] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12 [ 1043.349547][ T1469] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1043.443750][ T1469] EXT4-fs (loop6): 1 truncate cleaned up [ 1043.449571][ T1469] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1043.459485][ T1454] loop5: detected capacity change from 0 to 32768 [ 1043.673575][ T1454] XFS (loop5): Mounting V5 Filesystem [ 1043.682458][T23980] EXT4-fs (loop6): unmounting filesystem. [ 1043.848623][ T1454] XFS (loop5): Ending clean mount [ 1043.893397][ T1454] XFS (loop5): Quotacheck needed: Please wait. [ 1043.944263][ T1492] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1044.070093][ T1454] XFS (loop5): Quotacheck: Done. [ 1044.244742][T19516] XFS (loop5): Unmounting Filesystem [ 1044.405923][ T1504] loop6: detected capacity change from 0 to 1024 [ 1044.526026][ T1504] EXT4-fs (loop6): orphan cleanup on readonly fs [ 1044.649932][ T1504] EXT4-fs (loop6): 1 truncate cleaned up [ 1044.731291][ T1504] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1044.877938][T23980] EXT4-fs (loop6): unmounting filesystem. [ 1045.208733][ T1535] netlink: 2 bytes leftover after parsing attributes in process `syz.4.13468'. [ 1045.459401][ T1543] loop6: detected capacity change from 0 to 256 [ 1045.621403][ T1543] FAT-fs (loop6): Directory bread(block 64) failed [ 1045.659539][ T1543] FAT-fs (loop6): Directory bread(block 65) failed [ 1045.700547][ T1543] FAT-fs (loop6): Directory bread(block 66) failed [ 1045.707295][ T1543] FAT-fs (loop6): Directory bread(block 67) failed [ 1045.776870][ T1543] FAT-fs (loop6): Directory bread(block 68) failed [ 1045.806054][ T1543] FAT-fs (loop6): Directory bread(block 69) failed [ 1045.836683][ T1543] FAT-fs (loop6): Directory bread(block 70) failed [ 1045.894369][ T1543] FAT-fs (loop6): Directory bread(block 71) failed [ 1045.919426][ T1543] FAT-fs (loop6): Directory bread(block 72) failed [ 1045.947709][ T1555] loop4: detected capacity change from 0 to 256 [ 1045.960309][ T1543] FAT-fs (loop6): Directory bread(block 73) failed [ 1046.395848][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 1046.395866][ T27] audit: type=1326 audit(2000000773.869:2634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1564 comm="syz.4.13481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1046.424756][ C1] vkms_vblank_simulate: vblank timer overrun [ 1046.540514][ T27] audit: type=1326 audit(2000000773.869:2635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1564 comm="syz.4.13481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1046.640684][ T27] audit: type=1326 audit(2000000773.919:2636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1564 comm="syz.4.13481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1046.730672][ T27] audit: type=1326 audit(2000000773.919:2637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1564 comm="syz.4.13481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1046.839711][ T27] audit: type=1326 audit(2000000773.919:2638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1564 comm="syz.4.13481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1047.040390][ T1060] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 1047.118062][ T1589] MPI: mpi too large (124808 bits) [ 1047.146421][ T1594] loop4: detected capacity change from 0 to 64 [ 1047.240377][ T1060] usb 6-1: Using ep0 maxpacket: 32 [ 1047.247635][ T1060] usb 6-1: config 0 has an invalid interface number: 6 but max is 0 [ 1047.274915][ T1060] usb 6-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 1047.291154][ T1060] usb 6-1: config 0 has no interface number 1 [ 1047.346177][ T1060] usb 6-1: New USB device found, idVendor=10cf, idProduct=8061, bcdDevice=b7.12 [ 1047.380547][ T1060] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1047.390852][ T1060] usb 6-1: Product: syz [ 1047.395078][ T1060] usb 6-1: Manufacturer: syz [ 1047.399709][ T1060] usb 6-1: SerialNumber: syz [ 1047.431004][ T1060] usb 6-1: config 0 descriptor?? [ 1047.470348][ T1603] netlink: 28 bytes leftover after parsing attributes in process `syz.4.13500'. [ 1047.489563][ T1060] comedi comedi0: driver 'vmk80xx' has successfully auto-configured 'K8061 (VM140)'. [ 1047.510842][ T1603] netlink: 28 bytes leftover after parsing attributes in process `syz.4.13500'. [ 1047.590712][ T1060] vmk80xx 6-1:0.0: driver 'vmk80xx' failed to auto-configure device. [ 1047.611363][ T1605] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2 [ 1047.630981][ T1605] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0 [ 1047.697784][ T1060] usb 6-1: USB disconnect, device number 30 [ 1048.004605][ T1620] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13510'. [ 1048.136415][ T1627] loop6: detected capacity change from 0 to 1764 [ 1048.280313][ T1057] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 1048.335860][ T1631] loop5: detected capacity change from 0 to 64 [ 1048.342129][ T1629] loop6: detected capacity change from 0 to 1764 [ 1048.490330][ T1057] usb 5-1: Using ep0 maxpacket: 16 [ 1048.507979][ T1057] usb 5-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 1048.542127][ T1057] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1048.567727][ T1057] usb 5-1: Product: syz [ 1048.572886][ T1057] usb 5-1: Manufacturer: syz [ 1048.577550][ T1057] usb 5-1: SerialNumber: syz [ 1048.603417][ T1057] usb 5-1: config 0 descriptor?? [ 1048.819174][ T1641] loop5: detected capacity change from 0 to 16 [ 1048.826122][ T1057] speedtch 5-1:0.0: speedtch_bind: data interface not found! [ 1048.836141][ T1057] speedtch 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1048.870663][ T1641] erofs: (device loop5): mounted with root inode @ nid 36. [ 1048.913974][ T1641] erofs: (device loop5): erofs_read_inode: bogus i_mode (0) @ nid 0 [ 1049.034250][ T22] usb 5-1: USB disconnect, device number 52 [ 1049.241894][ T1653] netlink: 44 bytes leftover after parsing attributes in process `syz.6.13526'. [ 1049.267239][ T1653] netlink: 44 bytes leftover after parsing attributes in process `syz.6.13526'. [ 1049.307238][ T1653] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13526'. [ 1049.904008][ T1676] loop6: detected capacity change from 0 to 2048 [ 1049.958659][ T1676] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1050.228702][ T27] audit: type=1326 audit(2000000777.699:2639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1691 comm="syz.4.13545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1050.341036][ T1694] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13546'. [ 1050.361121][ T27] audit: type=1326 audit(2000000777.699:2640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1691 comm="syz.4.13545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1050.482675][ T27] audit: type=1326 audit(2000000777.699:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1691 comm="syz.4.13545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1050.505528][ C1] vkms_vblank_simulate: vblank timer overrun [ 1050.525509][ T1702] netlink: 16 bytes leftover after parsing attributes in process `syz.4.13550'. [ 1050.603522][ T27] audit: type=1326 audit(2000000777.699:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1691 comm="syz.4.13545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1050.610341][ T1702] netlink: 16 bytes leftover after parsing attributes in process `syz.4.13550'. [ 1050.641040][ T1704] netlink: 2 bytes leftover after parsing attributes in process `syz.6.13551'. [ 1050.975202][ T1720] netlink: 'syz.1.13558': attribute type 2 has an invalid length. [ 1051.041486][ T1720] netlink: 119 bytes leftover after parsing attributes in process `syz.1.13558'. [ 1051.293961][ T1722] xt_CT: No such helper "syz0" [ 1051.515546][ T1743] No such timeout policy "syz1" [ 1051.967429][ T1760] PKCS7: Unknown OID: [4] 0.0 [ 1051.980485][ T1760] PKCS7: Only support pkcs7_signedData type [ 1052.175559][ T1769] loop5: detected capacity change from 0 to 256 [ 1052.202132][T14610] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 1052.412995][T14610] usb 7-1: Using ep0 maxpacket: 32 [ 1052.421940][T14610] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 1052.449239][T14610] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 1052.478945][T14610] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 1052.499651][ T1057] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 1052.507633][T14610] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1052.538956][T14610] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 1052.569641][T14610] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1052.600314][T14610] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 1052.631056][T14610] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1052.675283][T14610] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 1052.702435][T14610] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1052.723486][ T1057] usb 6-1: config 0 has an invalid descriptor of length 47, skipping remainder of the config [ 1052.734387][T14610] usb 7-1: config 0 descriptor?? [ 1052.750327][ T1057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1052.759397][ T1057] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1052.818459][ T1057] usb 6-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5 [ 1052.876725][ T1057] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1052.896379][ T1057] usb 6-1: Product: syz [ 1052.910525][ T1057] usb 6-1: Manufacturer: syz [ 1052.915198][ T1057] usb 6-1: SerialNumber: syz [ 1052.944102][ T1057] usb 6-1: config 0 descriptor?? [ 1052.962122][T14610] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 21 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 1052.986560][T14610] usb 7-1: USB disconnect, device number 21 [ 1053.009395][T14610] usblp0: removed [ 1053.156356][ T1057] usb 6-1: Found UVC 34.00 device syz (8086:0b5b) [ 1053.177010][ T1057] usb 6-1: No valid video chain found. [ 1053.195542][ T1057] usb 6-1: USB disconnect, device number 31 [ 1053.762104][ T1821] loop4: detected capacity change from 0 to 8 [ 1053.948991][ T1828] netlink: 'syz.5.13612': attribute type 21 has an invalid length. [ 1053.957782][ T1828] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13612'. [ 1054.068974][ T1823] loop1: detected capacity change from 0 to 4096 [ 1054.145631][ T1823] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 1054.240107][ T1823] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1054.699718][ T1841] loop1: detected capacity change from 0 to 256 [ 1054.733350][ T1849] netlink: 'syz.0.13622': attribute type 39 has an invalid length. [ 1054.754292][ T1849] device veth0_macvtap left promiscuous mode [ 1055.075734][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.082439][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.598719][ T1871] netlink: 340 bytes leftover after parsing attributes in process `syz.4.13633'. [ 1055.630408][ T1871] netlink: 140 bytes leftover after parsing attributes in process `syz.4.13633'. [ 1055.707638][ T1875] sctp: [Deprecated]: syz.0.13635 (pid 1875) Use of int in max_burst socket option. [ 1055.707638][ T1875] Use struct sctp_assoc_value instead [ 1056.120750][ T1889] loop4: detected capacity change from 0 to 1024 [ 1056.164064][ T1855] loop6: detected capacity change from 0 to 40427 [ 1056.245944][ T1855] F2FS-fs (loop6): invalid crc value [ 1056.257279][ T1855] F2FS-fs (loop6): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 1056.318098][ T1855] F2FS-fs (loop6): Found nat_bits in checkpoint [ 1056.344142][T13842] hfsplus: b-tree write err: -5, ino 4 [ 1056.502549][ T1855] F2FS-fs (loop6): recover fsync data on readonly fs [ 1056.540639][ T1855] F2FS-fs (loop6): Cannot turn on quotas: -2 on 0 [ 1056.570767][ T1855] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 1057.014189][ T1915] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 1057.034355][ T1917] loop5: detected capacity change from 0 to 64 [ 1057.806319][ T1947] netlink: 'syz.4.13668': attribute type 1 has an invalid length. [ 1058.072875][ T4262] Bluetooth: hci0: unexpected event for opcode 0x2031 [ 1058.157462][ T1960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13676'. [ 1058.180739][ T1960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13676'. [ 1058.213642][ T1960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13676'. [ 1058.244870][ T1960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13676'. [ 1058.284314][ T1960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13676'. [ 1058.304524][ T1960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13676'. [ 1058.325044][ T1960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13676'. [ 1058.362296][ T1960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13676'. [ 1058.816532][ T1942] loop6: detected capacity change from 0 to 32768 [ 1058.937232][ T1942] ERROR: (device loop6): dbAlloc: the hint is outside the map [ 1058.937232][ T1942] [ 1059.067711][ T1942] ERROR: (device loop6): remounting filesystem as read-only [ 1059.883020][ T27] audit: type=1326 audit(2000000787.349:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2014 comm="syz.1.13702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 1059.908016][ C1] vkms_vblank_simulate: vblank timer overrun [ 1059.994797][ T27] audit: type=1326 audit(2000000787.399:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2014 comm="syz.1.13702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 1060.021894][ C1] vkms_vblank_simulate: vblank timer overrun [ 1060.092957][ T27] audit: type=1326 audit(2000000787.409:2645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2014 comm="syz.1.13702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 1060.126752][ C1] vkms_vblank_simulate: vblank timer overrun [ 1060.156899][ T27] audit: type=1326 audit(2000000787.409:2646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2014 comm="syz.1.13702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 1060.199572][ C1] vkms_vblank_simulate: vblank timer overrun [ 1060.257848][ T27] audit: type=1326 audit(2000000787.409:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2014 comm="syz.1.13702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef1f8e929 code=0x7ffc0000 [ 1060.290021][ C1] vkms_vblank_simulate: vblank timer overrun [ 1060.312959][ T2024] loop1: detected capacity change from 0 to 16 [ 1060.385011][ T2024] erofs: (device loop1): mounted with root inode @ nid 36. [ 1060.439982][ T2024] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 1060.505647][ T2024] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 1060.550468][ T2024] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 1060.749543][ T2033] IPv6: NLM_F_CREATE should be specified when creating new route [ 1060.759828][ T2034] loop4: detected capacity change from 0 to 24 [ 1060.831359][ T2034] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1060.923401][ T2034] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1061.299546][ T2055] loop6: detected capacity change from 0 to 16 [ 1061.354776][ T2055] erofs: (device loop6): mounted with root inode @ nid 36. [ 1061.436881][ T2055] erofs: (device loop6): erofs_fill_dentries: bogus dirent @ nid 36 [ 1062.093401][ T2082] __nla_validate_parse: 36 callbacks suppressed [ 1062.093422][ T2082] netlink: 24 bytes leftover after parsing attributes in process `syz.0.13733'. [ 1062.270428][ T2077] loop6: detected capacity change from 0 to 8192 [ 1062.357852][ T2077] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1062.760268][ T4494] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 1062.967463][ T4494] usb 6-1: Using ep0 maxpacket: 16 [ 1062.976597][ T4494] usb 6-1: config 0 has an invalid interface number: 79 but max is 0 [ 1063.000849][ T4494] usb 6-1: config 0 has no interface number 0 [ 1063.029648][ T4494] usb 6-1: New USB device found, idVendor=0402, idProduct=5632, bcdDevice=c3.6f [ 1063.048766][ T4494] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1063.058980][ T4494] usb 6-1: Product: syz [ 1063.070389][ T4494] usb 6-1: Manufacturer: syz [ 1063.075311][ T4494] usb 6-1: SerialNumber: syz [ 1063.119240][ T4494] usb 6-1: config 0 descriptor?? [ 1063.164092][ T2117] No such timeout policy "syz1" [ 1063.230505][T14606] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 1063.340018][ T4494] cdc_subset 6-1:0.79 usb0: register 'cdc_subset' at usb-dummy_hcd.5-1, ALi M5632, 76:51:fd:75:f6:0d [ 1063.360475][T14610] usb 2-1: new full-speed USB device number 45 using dummy_hcd [ 1063.420355][T14606] usb 5-1: Using ep0 maxpacket: 32 [ 1063.428159][T14606] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 1063.475246][T14606] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1063.509976][T14606] usb 5-1: config 0 descriptor?? [ 1063.533740][T14606] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 1063.562263][T14610] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1063.600552][T14610] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1063.619016][ T22] usb 6-1: USB disconnect, device number 32 [ 1063.628607][T14610] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1063.639912][ T22] cdc_subset 6-1:0.79 usb0: unregister 'cdc_subset' usb-dummy_hcd.5-1, ALi M5632 [ 1063.659729][T14610] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1063.688315][T14610] usb 2-1: Product: syz [ 1063.693442][T14610] usb 2-1: Manufacturer: syz [ 1063.698144][T14610] usb 2-1: SerialNumber: syz [ 1063.719615][T14610] usb 2-1: config 0 descriptor?? [ 1063.756128][T14610] usb 2-1: selecting invalid altsetting 0 [ 1063.949273][T14606] gspca_nw80x: reg_r err -71 [ 1063.960537][T14606] nw80x: probe of 5-1:0.0 failed with error -71 [ 1063.978724][T14606] usb 5-1: USB disconnect, device number 53 [ 1064.001514][ T1060] usb 2-1: USB disconnect, device number 45 [ 1064.010778][T14602] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 1064.208228][T14602] usb 7-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d [ 1064.233040][T14602] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=16 [ 1064.249643][T14602] usb 7-1: SerialNumber: syz [ 1064.269819][T14602] usb 7-1: config 0 descriptor?? [ 1064.693871][T14602] hackrf 7-1:0.0: usb_control_msg() failed -71 request 0f [ 1064.710363][T14602] hackrf 7-1:0.0: Could not detect board [ 1064.729813][T14602] hackrf: probe of 7-1:0.0 failed with error -71 [ 1064.761858][T14602] usb 7-1: USB disconnect, device number 22 [ 1065.330513][ T2176] libceph: resolve '. [ 1065.330513][ T2176] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 1065.330513][ T2176] ' (ret=-3): failed [ 1065.934012][ T2205] delete_channel: no stack [ 1066.275496][ T2216] loop4: detected capacity change from 0 to 1024 [ 1066.389157][ T2216] hfsplus: cannot replace xattr [ 1067.383230][ T2257] netlink: 'syz.0.13805': attribute type 29 has an invalid length. [ 1067.393302][ T2257] netlink: 'syz.0.13805': attribute type 29 has an invalid length. [ 1067.892108][ T2277] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 1068.524974][ T2293] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 1068.525006][ T2293] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 1068.565915][ T2269] loop5: detected capacity change from 0 to 32768 [ 1068.621211][ T2269] ERROR: (device loop5): dbAlloc: the hint is outside the map [ 1068.621211][ T2269] [ 1068.621422][ T2269] ialloc: diAlloc returned -5! [ 1068.845234][ T27] audit: type=1326 audit(2000000796.319:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2300 comm="syz.4.13829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1068.930441][ T27] audit: type=1326 audit(2000000796.319:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2300 comm="syz.4.13829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1068.953180][ C1] vkms_vblank_simulate: vblank timer overrun [ 1069.032026][ T27] audit: type=1326 audit(2000000796.369:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2300 comm="syz.4.13829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1069.054841][ C1] vkms_vblank_simulate: vblank timer overrun [ 1069.171626][ T27] audit: type=1326 audit(2000000796.369:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2300 comm="syz.4.13829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1069.290297][ T27] audit: type=1326 audit(2000000796.369:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2300 comm="syz.4.13829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79518e929 code=0x7ffc0000 [ 1069.379087][ T27] audit: type=1107 audit(2000000796.629:2653): pid=2310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='L<5' [ 1069.479657][ T2325] loop4: detected capacity change from 0 to 8 [ 1069.561352][ T2325] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1069.650813][ T2325] cramfs: Error -3 while decompressing! [ 1069.670437][ T2325] cramfs: ffffffff96b4c548(18)->ffff88804d027000(4096) [ 1069.705661][ T2325] cramfs: Error -3 while decompressing! [ 1069.724017][ T2325] cramfs: ffffffff96b4c548(18)->ffff88804d027000(4096) [ 1069.770567][ T27] audit: type=1800 audit(2000000797.249:2654): pid=2325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.13839" name="file1" dev="loop4" ino=324 res=0 errno=0 [ 1070.023037][ T2340] loop5: detected capacity change from 0 to 512 [ 1070.130527][ T2340] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1070.141703][ T2340] Quota error (device loop5): dq_insert_tree: Quota tree root isn't allocated! [ 1070.190484][ T2340] Quota error (device loop5): qtree_write_dquot: Error -5 occurred while creating quota [ 1070.220583][ T2340] EXT4-fs error (device loop5): ext4_acquire_dquot:6814: comm syz.5.13846: Failed to acquire dquot type 0 [ 1070.255550][ T2340] Quota error (device loop5): dq_insert_tree: Quota tree root isn't allocated! [ 1070.280021][ T2340] EXT4-fs error (device loop5): ext4_acquire_dquot:6814: comm syz.5.13846: Failed to acquire dquot type 0 [ 1070.362580][ T2340] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.13846: bg 0: block 64: padding at end of block bitmap is not set [ 1070.450878][ T2340] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 1070.494076][ T2340] EXT4-fs error (device loop5): ext4_acquire_dquot:6814: comm syz.5.13846: Failed to acquire dquot type 0 [ 1070.566979][ T2340] EXT4-fs (loop5): 1 orphan inode deleted [ 1070.588997][ T2340] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1070.724873][ T2368] netlink: 252 bytes leftover after parsing attributes in process `syz.6.13858'. [ 1070.807192][T19516] EXT4-fs (loop5): unmounting filesystem. [ 1070.881437][ T2372] netlink: 132 bytes leftover after parsing attributes in process `syz.4.13860'. [ 1071.612663][ T2404] [U] [ 1071.786633][ T2412] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13875'. [ 1072.302867][ T2439] loop1: detected capacity change from 0 to 16 [ 1072.360694][ T2439] erofs: (device loop1): mounted with root inode @ nid 36. [ 1072.395292][ T2439] erofs: (device loop1): z_erofs_readahead: readahead error at page 3 @ nid 89 [ 1072.430749][ T2439] erofs: (device loop1): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 1072.465823][ T2439] erofs: (device loop1): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 89 [ 1072.490412][ T2439] erofs: (device loop1): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 1072.515420][ T2446] loop6: detected capacity change from 0 to 1024 [ 1072.523546][ T4262] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8187] [ 1072.535893][ T2439] erofs: (device loop1): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 89 [ 1072.546507][ T2439] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 1072.713163][T13827] hfsplus: b-tree write err: -5, ino 4 [ 1072.730801][ T4494] usb 1-1: new high-speed USB device number 57 using dummy_hcd [ 1072.806110][ T2461] netlink: 'syz.5.13894': attribute type 1 has an invalid length. [ 1072.840947][ T2461] netlink: 'syz.5.13894': attribute type 2 has an invalid length. [ 1072.872734][ T2461] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13894'. [ 1072.942177][ T4494] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 1072.972000][ T4494] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1073.023619][ T4494] usb 1-1: config 0 descriptor?? [ 1073.044993][ T4494] gspca_main: spca508-2.14.0 probing 8086:0110 [ 1073.105534][ T2476] loop5: detected capacity change from 0 to 256 [ 1073.189711][ T2476] FAT-fs (loop5): Directory bread(block 64) failed [ 1073.200870][ T2476] FAT-fs (loop5): Directory bread(block 65) failed [ 1073.229397][ T2476] FAT-fs (loop5): Directory bread(block 66) failed [ 1073.277847][ T2476] FAT-fs (loop5): Directory bread(block 67) failed [ 1073.300313][ T2476] FAT-fs (loop5): Directory bread(block 68) failed [ 1073.323202][ T2476] FAT-fs (loop5): Directory bread(block 69) failed [ 1073.330110][ T2476] FAT-fs (loop5): Directory bread(block 70) failed [ 1073.345818][ T2476] FAT-fs (loop5): Directory bread(block 71) failed [ 1073.355671][ T2476] FAT-fs (loop5): Directory bread(block 72) failed [ 1073.369218][ T2476] FAT-fs (loop5): Directory bread(block 73) failed [ 1073.445059][ T4494] gspca_spca508: reg_read err -71 [ 1073.460596][ T4494] gspca_spca508: reg_read err -71 [ 1073.490959][ T4494] gspca_spca508: reg_read err -71 [ 1073.514110][ T4494] gspca_spca508: reg_read err -71 [ 1073.530347][ T4494] gspca_spca508: reg write: error -71 [ 1073.549482][ T4494] spca508: probe of 1-1:0.0 failed with error -71 [ 1073.591887][ T4494] usb 1-1: USB disconnect, device number 57 [ 1073.658422][ T2486] loop6: detected capacity change from 0 to 256 [ 1073.680990][ T2486] exfat: Deprecated parameter 'namecase' [ 1073.720083][ T2486] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 1073.788308][ T2486] UBIFS error (pid: 2486): cannot open "./file0", error -22 [ 1074.452731][ T2523] xt_cgroup: xt_cgroup: no path or classid specified [ 1074.679389][ T2529] qrtr: Invalid version 0 [ 1075.118095][ T2540] loop6: detected capacity change from 0 to 4096 [ 1075.165690][ T2540] ntfs3: loop6: Different NTFS' sector size (2048) and media sector size (512) [ 1075.539618][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 1075.539635][ T27] audit: type=1326 audit(2000000803.009:2662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2571 comm="syz.5.13940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f6b8e929 code=0x7ffc0000 [ 1075.569240][ C1] vkms_vblank_simulate: vblank timer overrun [ 1075.720330][ T27] audit: type=1326 audit(2000000803.049:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2571 comm="syz.5.13940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fd6f6b8e929 code=0x7ffc0000 [ 1075.804610][ T27] audit: type=1326 audit(2000000803.049:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2571 comm="syz.5.13940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f6b8e929 code=0x7ffc0000 [ 1075.900864][ T27] audit: type=1326 audit(2000000803.049:2665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2571 comm="syz.5.13940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f6b8e929 code=0x7ffc0000 [ 1076.274487][ T4494] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 1076.470410][ T4494] usb 2-1: Using ep0 maxpacket: 8 [ 1076.485225][ T4494] usb 2-1: too many configurations: 158, using maximum allowed: 8 [ 1076.498344][ T2606] loop4: detected capacity change from 0 to 512 [ 1076.513529][ T4494] usb 2-1: config 0 has no interfaces? [ 1076.522404][ T4494] usb 2-1: config 0 has no interfaces? [ 1076.554063][ T4494] usb 2-1: config 0 has no interfaces? [ 1076.568530][ T2606] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1076.575559][ T4494] usb 2-1: config 0 has no interfaces? [ 1076.602228][ T2606] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 1076.614928][ T4494] usb 2-1: config 0 has no interfaces? [ 1076.620549][ T2606] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 1076.620598][ T2606] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.13954: Failed to acquire dquot type 0 [ 1076.651273][ T2606] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 1076.669066][ T2606] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 1076.679949][ T2606] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.13954: Failed to acquire dquot type 0 [ 1076.702829][ T2606] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.13954: bg 0: block 64: padding at end of block bitmap is not set [ 1076.748919][ T2606] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 1076.759480][ T4494] usb 2-1: config 0 has no interfaces? [ 1076.779126][ T2606] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 1076.787931][ T4494] usb 2-1: config 0 has no interfaces? [ 1076.801268][ T4494] usb 2-1: config 0 has no interfaces? [ 1076.818552][ T2606] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 1076.843254][ T4494] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=73.60 [ 1076.859709][ T2606] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.13954: Failed to acquire dquot type 0 [ 1076.870233][ T4494] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=150 [ 1076.879890][ T4494] usb 2-1: Product: syz [ 1076.901532][ T2606] EXT4-fs (loop4): 1 orphan inode deleted [ 1076.910289][ T4494] usb 2-1: Manufacturer: syz [ 1076.920263][ T4494] usb 2-1: SerialNumber: syz [ 1076.931399][ T2606] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1077.007878][ T4494] r8152-cfgselector 2-1: config 0 descriptor?? [ 1077.130806][ T4250] EXT4-fs (loop4): unmounting filesystem. [ 1077.169398][ C1] vkms_vblank_simulate: vblank timer overrun [ 1077.258487][ T4494] usbip-host 2-1: 2-1 is not in match_busid table... skip! [ 1077.359184][ T2630] xt_hashlimit: size too large, truncated to 1048576 [ 1077.491005][ T1057] usb 2-1: USB disconnect, device number 46 [ 1077.875720][ T2654] loop6: detected capacity change from 0 to 512 [ 1077.887789][ T2656] loop5: detected capacity change from 0 to 16 [ 1077.923225][ T2656] erofs: (device loop5): mounted with root inode @ nid 36. [ 1077.966809][ T2654] EXT4-fs (loop6): orphan cleanup on readonly fs [ 1078.041747][ T2654] EXT4-fs error (device loop6): ext4_acquire_dquot:6814: comm syz.6.13973: Failed to acquire dquot type 0 [ 1078.069488][ T2654] EXT4-fs error (device loop6): ext4_acquire_dquot:6814: comm syz.6.13973: Failed to acquire dquot type 0 [ 1078.094582][ T2654] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.13973: bg 0: block 64: padding at end of block bitmap is not set [ 1078.127637][ T2654] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 1078.167835][ T2654] EXT4-fs error (device loop6): ext4_acquire_dquot:6814: comm syz.6.13973: Failed to acquire dquot type 0 [ 1078.193914][ T2654] EXT4-fs (loop6): 1 orphan inode deleted [ 1078.210716][ T2654] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1078.370343][T23980] EXT4-fs (loop6): unmounting filesystem. [ 1078.620269][T14606] usb 1-1: new high-speed USB device number 58 using dummy_hcd [ 1078.810483][T14606] usb 1-1: Using ep0 maxpacket: 8 [ 1078.819341][T14606] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1078.823884][ T2647] loop4: detected capacity change from 0 to 32768 [ 1078.871802][T14606] usb 1-1: config 4 has an invalid interface number: 147 but max is 0 [ 1078.919388][T14606] usb 1-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 1078.949816][ T2647] XFS (loop4): Mounting V5 Filesystem [ 1078.969733][T14606] usb 1-1: config 4 has no interface number 0 [ 1078.983230][T14606] usb 1-1: string descriptor 0 read error: -22 [ 1079.000374][T14606] usb 1-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1079.018185][T14606] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1079.045381][T14606] usb 1-1: Found UVC 0.02 device (04f2:b746) [ 1079.070384][T14606] usb 1-1: No valid video chain found. [ 1079.161816][ T2647] XFS (loop4): Ending clean mount [ 1079.186264][ T2647] XFS (loop4): Quotacheck needed: Please wait. [ 1079.274608][ T1057] usb 1-1: USB disconnect, device number 58 [ 1079.407046][ T2647] XFS (loop4): Quotacheck: Done. [ 1079.559876][ T4250] XFS (loop4): Unmounting Filesystem [ 1079.702019][ C1] vkms_vblank_simulate: vblank timer overrun [ 1079.743064][ T2687] loop5: detected capacity change from 0 to 32768 [ 1079.827873][ T2687] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1079.895120][ T2687] (syz.5.13985,2687,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=3298534883393, rec_len=0, name_len=1 [ 1080.002044][ T2687] (syz.5.13985,2687,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 1080.070412][ T2687] (syz.5.13985,2687,0):ocfs2_mknod:298 ERROR: status = -2 [ 1080.086415][ T2687] (syz.5.13985,2687,0):ocfs2_mknod:502 ERROR: status = -2 [ 1080.121153][ T2687] (syz.5.13985,2687,0):ocfs2_create:676 ERROR: status = -2 [ 1080.412411][T19516] ocfs2: Unmounting device (7,5) on (node local) [ 1081.090860][ T2756] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1081.104684][ T2759] netlink: 16 bytes leftover after parsing attributes in process `syz.1.14009'. [ 1081.347194][ T2764] loop1: detected capacity change from 0 to 128 [ 1081.361501][ T2732] loop6: detected capacity change from 0 to 32768 [ 1081.411929][ T2764] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 1081.451861][ T2764] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1081.540421][ T2732] ERROR: (device loop6): dbAlloc: unable to allocate blocks [ 1081.540421][ T2732] [ 1081.652474][ T2732] ERROR: (device loop6): remounting filesystem as read-only [ 1081.678803][ T2732] jfs_rename: dtInsert returned -EIO [ 1081.791739][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 1081.957514][ T2790] overlayfs: missing 'lowerdir' [ 1082.749840][ T2833] netlink: zone id is out of range [ 1083.039900][ T2849] netlink: 16 bytes leftover after parsing attributes in process `syz.5.14042'. [ 1083.281765][ T2857] netlink: 'syz.0.14046': attribute type 1 has an invalid length. [ 1083.952164][ T2883] loop5: detected capacity change from 0 to 4096 [ 1083.953870][ T2887] netlink: 'syz.1.14059': attribute type 2 has an invalid length. [ 1083.984761][ T2883] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1084.008937][ T2887] netlink: 'syz.1.14059': attribute type 1 has an invalid length. [ 1084.030902][ T2887] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14059'. [ 1084.100598][ T2883] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1084.141604][ T2883] ntfs3: loop5: mft corrupted [ 1084.167392][ T2883] ntfs3: loop5: Failed to load $Extend. [ 1084.178567][ T2889] loop4: detected capacity change from 0 to 256 [ 1084.309825][ T2891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14062'. [ 1084.343803][ T2889] FAT-fs (loop4): Directory bread(block 64) failed [ 1084.381891][ T2889] FAT-fs (loop4): Directory bread(block 65) failed [ 1084.388630][ T2889] FAT-fs (loop4): Directory bread(block 66) failed [ 1084.426580][ T2889] FAT-fs (loop4): Directory bread(block 67) failed [ 1084.457931][ T2889] FAT-fs (loop4): Directory bread(block 68) failed [ 1084.487039][ T2889] FAT-fs (loop4): Directory bread(block 69) failed [ 1084.536851][ T2889] FAT-fs (loop4): Directory bread(block 70) failed [ 1084.565983][ T2889] FAT-fs (loop4): Directory bread(block 71) failed [ 1084.607125][ T2889] FAT-fs (loop4): Directory bread(block 72) failed [ 1084.627264][ T2889] FAT-fs (loop4): Directory bread(block 73) failed [ 1084.938741][ T2905] loop6: detected capacity change from 0 to 128 [ 1085.006501][ T2905] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 1085.082191][ T2905] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 1085.301714][T23980] EXT4-fs (loop6): unmounting filesystem. [ 1085.688682][ T2928] overlayfs: missing 'lowerdir' [ 1085.697275][ T2931] trusted_key: encrypted_key: keylen parameter is missing [ 1085.723983][ T2934] netlink: 'syz.0.14082': attribute type 2 has an invalid length. [ 1086.765732][ T2970] loop4: detected capacity change from 0 to 4096 [ 1086.820377][ T2970] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 1086.901646][ T2970] ntfs3: loop4: mft corrupted [ 1086.906441][ T2970] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1086.946867][ T2985] loop1: detected capacity change from 0 to 64 [ 1086.952266][ T2970] ntfs3: loop4: Failed to load $MFT. [ 1087.728322][T13842] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.948028][T13842] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.999696][ T3010] loop5: detected capacity change from 0 to 1024 [ 1088.051169][ T3012] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14123'. [ 1088.256398][T13842] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1089.012346][ T4253] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1089.024805][ T4253] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1089.036243][ T4253] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1089.053439][ T4253] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1089.063734][ T4253] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1089.071697][ T4253] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1089.105679][ T3042] netlink: 'syz.6.14136': attribute type 2 has an invalid length. [ 1089.142818][T13842] device 0 left promiscuous mode [ 1089.168184][ T3044] ipt_CLUSTERIP: bad local_nodes[0] 0 [ 1089.372886][ T3049] delete_channel: no stack [ 1089.428628][ T3035] vxcan1 speed is unknown, defaulting to 1000 [ 1089.606177][ T3056] loop4: detected capacity change from 0 to 2048 [ 1089.710373][ T3063] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1090.035206][ C1] vkms_vblank_simulate: vblank timer overrun [ 1090.720347][ T22] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 1090.766462][ T3089] loop4: detected capacity change from 0 to 4096 [ 1090.797187][ T3089] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 1090.900878][ T3035] xfrm0 speed is unknown, defaulting to 1000 [ 1090.911185][ T22] usb 7-1: Using ep0 maxpacket: 16 [ 1090.927950][ T22] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1090.960318][ T22] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1090.992178][ T22] usb 7-1: Product: syz [ 1091.000620][ T22] usb 7-1: Manufacturer: syz [ 1091.005401][ T22] usb 7-1: SerialNumber: syz [ 1091.042220][ T22] r8152-cfgselector 7-1: config 0 descriptor?? [ 1091.150388][ T4262] Bluetooth: hci3: command 0x0409 tx timeout [ 1091.459421][ T3080] loop5: detected capacity change from 0 to 32768 [ 1091.483318][ T22] r8152-cfgselector 7-1: Unknown version 0x0000 [ 1091.490119][ T22] r8152-cfgselector 7-1: bad CDC descriptors [ 1091.513344][ T22] r8152-cfgselector 7-1: Unknown version 0x0000 [ 1091.543686][ T22] r8152-cfgselector 7-1: USB disconnect, device number 23 [ 1091.579425][ T3080] XFS (loop5): Mounting V5 Filesystem [ 1091.747585][ T3080] XFS (loop5): Ending clean mount [ 1091.763128][ T3080] XFS (loop5): Quotacheck needed: Please wait. [ 1091.961024][ T3080] XFS (loop5): Quotacheck: Done. [ 1092.271436][ T3035] chnl_net:caif_netlink_parms(): no params data found [ 1092.282411][T19516] XFS (loop5): Unmounting Filesystem [ 1092.651050][T13842] IPVS: stopping backup sync thread 24849 ... [ 1093.165340][T13842] bond0: (slave wlan1): Releasing backup interface [ 1093.218980][T13842] device wlan1 left promiscuous mode [ 1093.230679][ T4262] Bluetooth: hci3: command 0x041b tx timeout [ 1093.359691][ T3035] bridge0: port 1(bridge_slave_0) entered blocking state [ 1093.380877][ T3035] bridge0: port 1(bridge_slave_0) entered disabled state [ 1093.409589][ T3035] device bridge_slave_0 entered promiscuous mode [ 1093.441575][ T3035] bridge0: port 2(bridge_slave_1) entered blocking state [ 1093.480817][ T3035] bridge0: port 2(bridge_slave_1) entered disabled state [ 1093.529509][ T3035] device bridge_slave_1 entered promiscuous mode [ 1093.870822][ T3166] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14177'. [ 1093.931778][ T3035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1093.999997][ T3035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1094.260926][ T3035] team0: Port device team_slave_0 added [ 1094.331615][ T3035] team0: Port device team_slave_1 added [ 1094.522177][ T3035] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1094.529211][ T3035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1094.555787][ C1] vkms_vblank_simulate: vblank timer overrun [ 1094.665571][ T3035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1094.770487][T13842] device hsr_slave_0 left promiscuous mode [ 1094.781535][T13842] device hsr_slave_1 left promiscuous mode [ 1094.826289][T13842] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1094.871185][T13842] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1094.884395][T13842] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1094.923120][T13842] batman_adv: batadv0: Removing interface: macvtap0 [ 1094.950128][T13842] device macvlan0 left promiscuous mode [ 1094.960394][T13842] bridge0: port 3(macvlan0) entered disabled state [ 1094.991043][ T3172] loop4: detected capacity change from 0 to 32768 [ 1094.999048][T13842] device bridge_slave_1 left promiscuous mode [ 1095.007822][T13842] bridge0: port 2(bridge_slave_1) entered disabled state [ 1095.030922][ T3172] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.14180 (3172) [ 1095.048035][T13842] device bridge_slave_0 left promiscuous mode [ 1095.075011][T13842] bridge0: port 1(bridge_slave_0) entered disabled state [ 1095.105477][ T3172] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1095.149774][ T3172] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 1095.184395][ T3172] BTRFS info (device loop4): turning on sync discard [ 1095.210348][ T3172] BTRFS info (device loop4): max_inline at 0 [ 1095.226078][ T3172] BTRFS info (device loop4): enabling disk space caching [ 1095.264159][ T3172] BTRFS info (device loop4): setting nodatasum [ 1095.284274][ T3172] BTRFS info (device loop4): turning off barriers [ 1095.307043][ T3172] BTRFS info (device loop4): turning on flush-on-commit [ 1095.310438][ T4262] Bluetooth: hci3: command 0x040f tx timeout [ 1095.366076][ T3172] BTRFS info (device loop4): disabling disk space caching [ 1095.394984][ T3172] BTRFS info (device loop4): force clearing of disk cache [ 1095.447498][ T3172] BTRFS info (device loop4): enabling ssd optimizations [ 1095.721610][ T3172] BTRFS info (device loop4): rebuilding free space tree [ 1095.777965][T13842] infiniband syz2: set down [ 1095.804966][ T3172] BTRFS info (device loop4): disabling free space tree [ 1095.836624][ T3172] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1095.870423][ T3172] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1096.098429][ T4250] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1096.295511][ T3245] loop6: detected capacity change from 0 to 4096 [ 1096.330594][ T4332] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop4 scanned by udevd (4332) [ 1096.346274][ T3245] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 1096.744743][ T3245] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 1096.842196][ T3254] sock: sock_timestamping_bind_phc: sock not bind to device [ 1097.267015][ C1] vkms_vblank_simulate: vblank timer overrun [ 1097.284292][ T3262] loop6: detected capacity change from 0 to 512 [ 1097.390293][ T4262] Bluetooth: hci3: command 0x0419 tx timeout [ 1097.430468][ T3262] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 1097.493736][ T3262] EXT4-fs (loop6): 1 truncate cleaned up [ 1097.499562][ T3262] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 1097.564305][ T3262] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #2: block 4: comm syz.6.14207: lblock 0 mapped to illegal pblock 4 (length 1) [ 1097.607904][T13842] bond3 (unregistering): Released all slaves [ 1097.663325][T13842] bond2 (unregistering): Released all slaves [ 1097.738928][T23980] EXT4-fs (loop6): unmounting filesystem. [ 1098.468824][T13842] bond1 (unregistering): Released all slaves [ 1098.653187][T13842] device veth1_macvtap left promiscuous mode [ 1098.674818][T13842] team0 (unregistering): Port device veth1_macvtap removed [ 1098.811637][T13842] team0 (unregistering): Port device vlan0 removed [ 1099.221696][ C1] vkms_vblank_simulate: vblank timer overrun [ 1099.400285][ C1] vkms_vblank_simulate: vblank timer overrun [ 1099.471307][ C1] vkms_vblank_simulate: vblank timer overrun [ 1099.509823][ C1] vkms_vblank_simulate: vblank timer overrun [ 1099.597907][ C1] vkms_vblank_simulate: vblank timer overrun [ 1099.614624][T13842] device team_slave_1 left promiscuous mode [ 1099.631819][T13842] team0 (unregistering): Port device team_slave_1 removed [ 1099.807285][T13842] device team_slave_0 left promiscuous mode [ 1099.827059][T13842] team0 (unregistering): Port device team_slave_0 removed [ 1099.901647][ C1] vkms_vblank_simulate: vblank timer overrun [ 1099.963889][T13842] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1099.979663][T13842] device bond_slave_1 left promiscuous mode [ 1100.340257][ C1] vkms_vblank_simulate: vblank timer overrun [ 1100.514656][T13825] smc: removing ib device syz2 [ 1100.551297][T13842] device batadv0 left promiscuous mode [ 1100.564561][T13842] team0 (unregistering): Port device batadv0 removed [ 1100.662378][ C1] vkms_vblank_simulate: vblank timer overrun [ 1101.090611][T13842] bond0 (unregistering): (slave team0): Releasing backup interface [ 1101.106823][T13842] device team0 left promiscuous mode [ 1101.117922][T13842] device bridge0 left promiscuous mode [ 1101.149340][T13842] team0 (unregistering): Port device bridge0 removed [ 1101.522516][T13842] bond0 (unregistering): Released all slaves [ 1101.625228][ T3035] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1101.632535][ T3035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1101.658883][ C1] vkms_vblank_simulate: vblank timer overrun [ 1101.665679][ T3035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1101.680023][ T3197] IPv6: sit2: Disabled Multicast RS [ 1101.713713][ T4494] vxcan1 speed is unknown, defaulting to 1000 [ 1101.975973][ T3035] device hsr_slave_0 entered promiscuous mode [ 1101.995299][ T3035] device hsr_slave_1 entered promiscuous mode [ 1102.011208][ T3035] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1102.019150][ T3035] Cannot create hsr debugfs directory [ 1102.856481][ T3035] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1102.909221][ T3035] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1102.963312][ T3035] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1103.022192][ T3035] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1103.117647][ T3331] xt_TCPMSS: Only works on TCP SYN packets [ 1103.290791][ T3035] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1103.343721][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1103.383826][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1103.426727][ T3035] 8021q: adding VLAN 0 to HW filter on device team0 [ 1103.474574][T13835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1103.505552][T13835] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1103.538088][T13835] bridge0: port 1(bridge_slave_0) entered blocking state [ 1103.545570][T13835] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1103.577390][T13835] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1103.603215][ T3311] loop6: detected capacity change from 0 to 32768 [ 1103.613402][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1103.655835][ T3311] (syz.6.14230,3311,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1103.696946][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1103.716609][ T3311] (syz.6.14230,3311,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1103.746167][T13821] bridge0: port 2(bridge_slave_1) entered blocking state [ 1103.753452][T13821] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1103.827166][ T3311] JBD2: Ignoring recovery information on journal [ 1103.852365][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1103.901482][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1103.980620][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1104.008497][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1104.075255][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1104.112196][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1104.123510][ T3311] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 1104.156588][ T3367] netlink: 132 bytes leftover after parsing attributes in process `syz.5.14246'. [ 1104.213862][ T3372] xt_policy: too many policy elements [ 1104.227654][ T3035] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1104.253956][ T3311] [ 1104.256642][ T3311] ====================================================== [ 1104.263701][ T3311] WARNING: possible circular locking dependency detected [ 1104.270934][ T3311] 6.1.141-syzkaller #0 Not tainted [ 1104.276187][ T3311] ------------------------------------------------------ [ 1104.283277][ T3311] syz.6.14230/3311 is trying to acquire lock: [ 1104.289581][ T3311] ffff88807262c2c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}, at: ocfs2_lock_global_qf+0x1c7/0x270 [ 1104.302373][ T3311] [ 1104.302373][ T3311] but task is already holding lock: [ 1104.309976][ T3311] ffff8880724ae0a8 (&dquot->dq_lock){+.+.}-{3:3}, at: ocfs2_acquire_dquot+0x293/0xb10 [ 1104.319632][ T3311] [ 1104.319632][ T3311] which lock already depends on the new lock. [ 1104.319632][ T3311] [ 1104.330177][ T3311] [ 1104.330177][ T3311] the existing dependency chain (in reverse order) is: [ 1104.339271][ T3311] [ 1104.339271][ T3311] -> #6 (&dquot->dq_lock){+.+.}-{3:3}: [ 1104.347157][ T3311] __mutex_lock+0x120/0xaf0 [ 1104.352326][ T3311] dquot_commit+0x5a/0x410 [ 1104.357315][ T3311] ext4_write_dquot+0x1f0/0x360 [ 1104.362748][ T3311] mark_all_dquot_dirty+0x1e3/0x400 [ 1104.368522][ T3311] __dquot_free_space+0x7ec/0xbc0 [ 1104.374126][ T3311] ext4_free_blocks+0x1bab/0x2640 [ 1104.379903][ T3311] ext4_ext_remove_space+0x1f0d/0x4490 [ 1104.386031][ T3311] ext4_ext_truncate+0x211/0x370 [ 1104.391632][ T3311] ext4_truncate+0xa0b/0x1230 [ 1104.396890][ T3311] ext4_evict_inode+0xb35/0x1100 [ 1104.402399][ T3311] evict+0x485/0x870 [ 1104.406867][ T3311] ext4_orphan_cleanup+0xbd3/0x1400 [ 1104.412801][ T3311] ext4_fill_super+0x7b78/0x8110 [ 1104.416518][ T3035] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1104.418465][ T3311] get_tree_bdev+0x3f1/0x610 [ 1104.418497][ T3311] vfs_get_tree+0x88/0x270 [ 1104.418520][ T3311] do_new_mount+0x24a/0xa40 [ 1104.418549][ T3311] __se_sys_mount+0x2d6/0x3c0 [ 1104.418573][ T3311] do_syscall_64+0x4c/0xa0 [ 1104.454923][ T3311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1104.461492][ T3311] [ 1104.461492][ T3311] -> #5 (&ei->i_data_sem){++++}-{3:3}: [ 1104.469288][ T3311] down_write+0x36/0x60 [ 1104.474033][ T3311] ext4_truncate+0x987/0x1230 [ 1104.479383][ T3311] ext4_setattr+0x10cb/0x19f0 [ 1104.484636][ T3311] notify_change+0xc74/0xf40 [ 1104.489805][ T3311] do_truncate+0x197/0x220 [ 1104.494791][ T3311] do_sys_ftruncate+0x312/0x3c0 [ 1104.500215][ T3311] do_syscall_64+0x4c/0xa0 [ 1104.505390][ T3311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1104.512133][ T3311] [ 1104.512133][ T3311] -> #4 (jbd2_handle){++++}-{0:0}: [ 1104.519581][ T3311] start_this_handle+0x1f49/0x2150 [ 1104.525536][ T3311] jbd2__journal_start+0x2b7/0x5a0 [ 1104.531314][ T3311] jbd2_journal_start+0x26/0x30 [ 1104.536835][ T3311] ocfs2_start_trans+0x372/0x6c0 [ 1104.542354][ T3311] ocfs2_modify_bh+0xe5/0x460 [ 1104.547695][ T3311] ocfs2_local_read_info+0x13b1/0x16e0 [ 1104.550974][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1104.553807][ T3311] dquot_load_quota_sb+0x756/0xac0 [ 1104.566997][ T3311] dquot_load_quota_inode+0x2d8/0x5d0 [ 1104.573209][ T3311] ocfs2_enable_quotas+0x1c3/0x440 [ 1104.576936][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1104.578864][ T3311] ocfs2_fill_super+0x409f/0x4d00 [ 1104.592536][ T3311] mount_bdev+0x287/0x3c0 [ 1104.597440][ T3311] legacy_get_tree+0xe6/0x180 [ 1104.598202][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1104.602755][ T3311] vfs_get_tree+0x88/0x270 [ 1104.602786][ T3311] do_new_mount+0x24a/0xa40 [ 1104.602808][ T3311] __se_sys_mount+0x2d6/0x3c0 [ 1104.602830][ T3311] do_syscall_64+0x4c/0xa0 [ 1104.602858][ T3311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1104.602893][ T3311] [ 1104.602893][ T3311] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 1104.602926][ T3311] down_read+0x42/0x2d0 [ 1104.602949][ T3311] ocfs2_start_trans+0x366/0x6c0 [ 1104.602970][ T3311] ocfs2_modify_bh+0xe5/0x460 [ 1104.602992][ T3311] ocfs2_local_read_info+0x13b1/0x16e0 [ 1104.603014][ T3311] dquot_load_quota_sb+0x756/0xac0 [ 1104.603040][ T3311] dquot_load_quota_inode+0x2d8/0x5d0 [ 1104.603065][ T3311] ocfs2_enable_quotas+0x1c3/0x440 [ 1104.603083][ T3311] ocfs2_fill_super+0x409f/0x4d00 [ 1104.603102][ T3311] mount_bdev+0x287/0x3c0 [ 1104.603124][ T3311] legacy_get_tree+0xe6/0x180 [ 1104.603158][ T3311] vfs_get_tree+0x88/0x270 [ 1104.603181][ T3311] do_new_mount+0x24a/0xa40 [ 1104.603203][ T3311] __se_sys_mount+0x2d6/0x3c0 [ 1104.603224][ T3311] do_syscall_64+0x4c/0xa0 [ 1104.627190][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1104.631299][ T3311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1104.631346][ T3311] [ 1104.631346][ T3311] -> #2 (sb_internal#3){.+.+}-{0:0}: [ 1104.631383][ T3311] ocfs2_start_trans+0x267/0x6c0 [ 1104.639470][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1104.646406][ T3311] ocfs2_write_info+0x117/0x350 [ 1104.646444][ T3311] dquot_set_dqinfo+0x459/0x6c0 [ 1104.646469][ T3311] quota_setinfo+0x2a4/0x2b0 [ 1104.773188][ T3311] __se_sys_quotactl+0x295/0x6b0 [ 1104.778854][ T3311] do_syscall_64+0x4c/0xa0 [ 1104.783822][ T3311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1104.790288][ T3311] [ 1104.790288][ T3311] -> #1 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}: [ 1104.799162][ T3311] down_write+0x36/0x60 [ 1104.803948][ T3311] ocfs2_lock_global_qf+0x1e5/0x270 [ 1104.809700][ T3311] ocfs2_write_info+0xd0/0x350 [ 1104.815014][ T3311] dquot_set_dqinfo+0x459/0x6c0 [ 1104.820405][ T3311] quota_setinfo+0x2a4/0x2b0 [ 1104.825621][ T3311] __se_sys_quotactl+0x295/0x6b0 [ 1104.831191][ T3311] do_syscall_64+0x4c/0xa0 [ 1104.836257][ T3311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1104.842807][ T3311] [ 1104.842807][ T3311] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}: [ 1104.853534][ T3311] __lock_acquire+0x2cf8/0x7c50 [ 1104.859109][ T3311] lock_acquire+0x1b4/0x490 [ 1104.864169][ T3311] down_write+0x36/0x60 [ 1104.868949][ T3311] ocfs2_lock_global_qf+0x1c7/0x270 [ 1104.874681][ T3311] ocfs2_acquire_dquot+0x2a0/0xb10 [ 1104.880680][ T3311] dqget+0x778/0xeb0 [ 1104.885278][ T3311] dquot_set_dqblk+0x27/0xf90 [ 1104.890689][ T3311] quota_setquota+0x4ac/0x530 [ 1104.895951][ T3311] __se_sys_quotactl+0x295/0x6b0 [ 1104.901646][ T3311] do_syscall_64+0x4c/0xa0 [ 1104.906699][ T3311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1104.913315][ T3311] [ 1104.913315][ T3311] other info that might help us debug this: [ 1104.913315][ T3311] [ 1104.923729][ T3311] Chain exists of: [ 1104.923729][ T3311] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4 --> &ei->i_data_sem --> &dquot->dq_lock [ 1104.923729][ T3311] [ 1104.939884][ T3311] Possible unsafe locking scenario: [ 1104.939884][ T3311] [ 1104.947449][ T3311] CPU0 CPU1 [ 1104.953036][ T3311] ---- ---- [ 1104.958430][ T3311] lock(&dquot->dq_lock); [ 1104.962978][ T3311] lock(&ei->i_data_sem); [ 1104.969931][ T3311] lock(&dquot->dq_lock); [ 1104.976920][ T3311] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4); [ 1104.984659][ T3311] [ 1104.984659][ T3311] *** DEADLOCK *** [ 1104.984659][ T3311] [ 1104.992896][ T3311] 2 locks held by syz.6.14230/3311: [ 1104.998097][ T3311] #0: ffff88807b6680e0 (&type->s_umount_key#81){++++}-{3:3}, at: user_get_super+0x118/0x240 [ 1105.008581][ T3311] #1: ffff8880724ae0a8 (&dquot->dq_lock){+.+.}-{3:3}, at: ocfs2_acquire_dquot+0x293/0xb10 [ 1105.018807][ T3311] [ 1105.018807][ T3311] stack backtrace: [ 1105.024933][ T3311] CPU: 1 PID: 3311 Comm: syz.6.14230 Not tainted 6.1.141-syzkaller #0 [ 1105.033463][ T3311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1105.043550][ T3311] Call Trace: [ 1105.046842][ T3311] [ 1105.049784][ T3311] dump_stack_lvl+0x168/0x22e [ 1105.054503][ T3311] ? load_image+0x3b0/0x3b0 [ 1105.059063][ T3311] ? show_regs_print_info+0x12/0x12 [ 1105.064376][ T3311] ? print_circular_bug+0x12b/0x1a0 [ 1105.069624][ T3311] check_noncircular+0x274/0x310 [ 1105.074868][ T3311] ? add_chain_block+0x940/0x940 [ 1105.079847][ T3311] ? lockdep_lock+0xdc/0x1e0 [ 1105.084478][ T3311] ? lockdep_unlock+0x133/0x2d0 [ 1105.089369][ T3311] ? lockdep_lock+0x1e0/0x1e0 [ 1105.094083][ T3311] ? _find_first_zero_bit+0xcf/0x100 [ 1105.099733][ T3311] __lock_acquire+0x2cf8/0x7c50 [ 1105.104978][ T3311] ? verify_lock_unused+0x140/0x140 [ 1105.110499][ T3311] ? ocfs2_inode_lock_full_nested+0xcb3/0x1b20 [ 1105.116787][ T3311] lock_acquire+0x1b4/0x490 [ 1105.121335][ T3311] ? ocfs2_lock_global_qf+0x1c7/0x270 [ 1105.126742][ T3311] ? __might_sleep+0xd0/0xd0 [ 1105.131460][ T3311] ? read_lock_is_recursive+0x10/0x10 [ 1105.137047][ T3311] ? do_raw_spin_lock+0x11d/0x280 [ 1105.142238][ T3311] ? __rwlock_init+0x140/0x140 [ 1105.147063][ T3311] down_write+0x36/0x60 [ 1105.151253][ T3311] ? ocfs2_lock_global_qf+0x1c7/0x270 [ 1105.156763][ T3311] ocfs2_lock_global_qf+0x1c7/0x270 [ 1105.162011][ T3311] ? lock_buffer+0x80/0x80 [ 1105.166467][ T3311] ? trace_contention_end+0x5f/0x170 [ 1105.171893][ T3311] ocfs2_acquire_dquot+0x2a0/0xb10 [ 1105.177210][ T3311] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 1105.182877][ T3311] ? from_kuid+0x155/0x670 [ 1105.187596][ T3311] ? ocfs2_destroy_dquot+0x40/0x40 [ 1105.193042][ T3311] dqget+0x778/0xeb0 [ 1105.197091][ T3311] dquot_set_dqblk+0x27/0xf90 [ 1105.201981][ T3311] quota_setquota+0x4ac/0x530 [ 1105.206789][ T3311] ? quota_getnextquota+0x450/0x450 [ 1105.212114][ T3311] ? bpf_lsm_capable+0x5/0x10 [ 1105.216920][ T3311] ? do_quotactl+0x4f3/0x710 [ 1105.221543][ T3311] __se_sys_quotactl+0x295/0x6b0 [ 1105.226602][ T3311] ? __x64_sys_quotactl+0xa0/0xa0 [ 1105.231660][ T3311] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1105.237972][ T3311] ? lock_chain_count+0x20/0x20 [ 1105.242878][ T3311] ? lockdep_hardirqs_on+0x94/0x140 [ 1105.248202][ T3311] do_syscall_64+0x4c/0xa0 [ 1105.252750][ T3311] ? clear_bhb_loop+0x60/0xb0 [ 1105.257457][ T3311] ? clear_bhb_loop+0x60/0xb0 [ 1105.262367][ T3311] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1105.268550][ T3311] RIP: 0033:0x7fd5f558e929 [ 1105.273018][ T3311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1105.293086][ T3311] RSP: 002b:00007fd5f635d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 1105.301541][ T3311] RAX: ffffffffffffffda RBX: 00007fd5f57b5fa0 RCX: 00007fd5f558e929 [ 1105.309721][ T3311] RDX: 0000000000000000 RSI: 0000200000000340 RDI: ffffffff80000800 [ 1105.317898][ T3311] RBP: 00007fd5f5610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1105.325892][ T3311] R10: 0000200000000d00 R11: 0000000000000246 R12: 0000000000000000 [ 1105.334069][ T3311] R13: 0000000000000000 R14: 00007fd5f57b5fa0 R15: 00007ffebf76fb38 [ 1105.342257][ T3311] [ 1105.345402][ C1] vkms_vblank_simulate: vblank timer overrun [ 1105.397842][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1105.536603][T23980] ocfs2: Unmounting device (7,6) on (node local) [ 1105.871081][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1105.879236][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1105.895409][ T3035] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1106.205268][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1106.217246][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1106.236518][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1106.245234][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1106.258224][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1106.269861][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1106.286680][ T3035] device veth0_vlan entered promiscuous mode [ 1106.301811][ T3035] device veth1_vlan entered promiscuous mode [ 1106.326265][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1106.334609][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1106.345024][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1106.355644][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1106.370600][ T3035] device veth0_macvtap entered promiscuous mode [ 1106.379902][ T3035] device veth1_macvtap entered promiscuous mode [ 1106.400706][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1106.409202][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1106.418884][ T3035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1106.439839][ T3035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1106.453893][ T3035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1106.464695][ T3035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1106.478255][ T3035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1106.488907][ T3035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1106.503750][ T3035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1106.515736][ T3035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1106.530060][ T3035] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1106.544020][T13842] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1106.554289][T13842] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1106.570116][ T3035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1106.583722][ T3035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1106.594777][ T3035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1106.606366][ T3035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1106.617261][ T3035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1106.628945][ T3035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1106.639027][ T3035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1106.650020][ T3035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1106.661710][ T3035] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1106.669816][T13842] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1106.683545][T13842] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1106.697276][ T3035] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1106.706655][ T3035] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1106.716996][ T3035] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1106.726731][ T3035] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1106.761618][ T3035] ieee80211 phy32: Selected rate control algorithm 'minstrel_ht' [ 1106.785359][ T3035] ieee80211 phy33: Selected rate control algorithm 'minstrel_ht' [ 1106.794350][T13842] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1106.808003][T13842] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1106.818108][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1106.828185][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1106.837860][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1106.846249][T13821] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready