last executing test programs: 2m44.859453547s ago: executing program 3 (id=3249): mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x7, 0x44, 0x0) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x7, 0x44, 0x0) 2m44.547673889s ago: executing program 3 (id=3256): r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x3, 0x2) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)=@userptr={0x0, 0x1, 0x4, 0x2, 0x0, {0x0, 0x2710}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '#\x00'}, 0x0, 0x2, {0x0}}) 2m44.354010401s ago: executing program 3 (id=3260): unshare(0x4020400) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x2) 2m44.202469911s ago: executing program 3 (id=3263): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x401, 0x703d2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1c0c}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IGNORE_DF={0x5, 0x13, 0x1}]}}}]}, 0x3c}}, 0x0) 2m43.956987663s ago: executing program 3 (id=3269): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m42.897048649s ago: executing program 3 (id=3283): r0 = gettid() rt_sigqueueinfo(r0, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb}) 2m27.754481962s ago: executing program 32 (id=3283): r0 = gettid() rt_sigqueueinfo(r0, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb}) 2m22.278075566s ago: executing program 2 (id=3605): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="3000000011140125080003000000000008"], 0x30}, 0x1, 0x0, 0x0, 0x20000800}, 0xc4) 2m22.162815007s ago: executing program 2 (id=3607): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001000010024bd7000fc0ddf2500000000", @ANYRES32=0x0, @ANYBLOB="1b0b040003"], 0x28}, 0x1, 0x0, 0x0, 0x68010}, 0x0) syz_usb_connect(0x2, 0x60, &(0x7f0000000080)=ANY=[@ANYBLOB="12010003c3d10a08dc17020250f10102030109024e000104e9000909042000000e0100ff0a240102000502010209240703deec9e701b789b22e603009d0924030106030501f90c24080201000dacf34b44910524040606092403"], &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0}) 2m20.523476776s ago: executing program 2 (id=3625): r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010000081000418e00000004fcff", 0x58}], 0x1) 2m20.225081318s ago: executing program 2 (id=3627): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0xc02, &(0x7f0000000280)={[{@iocharset={'iocharset', 0x3d, 'macturkish'}}, {}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@keep_last_dots}, {@keep_last_dots}, {@namecase}, {@errors_continue}, {}]}, 0x1, 0x1524, &(0x7f0000007640)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO") mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0) 2m19.732232892s ago: executing program 2 (id=3633): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$UI_END_FF_UPLOAD(r0, 0x406855c9, &(0x7f0000000480)={0x0, 0x0, {0x0, 0x0, 0x0, {}, {}, @cond}, {0x0, 0x0, 0x0, {}, {}, @ramp}}) 2m19.297114824s ago: executing program 2 (id=3641): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000340)='GPL\x00'}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, &(0x7f00000005c0)="e09afae1dce77994ff13ca6b6699614b23f670b5f873198b190248e8cac922ff12af2414057103402d12e455390500000037b5e1c2fbc3967bc4f34e6efbe88a892e23227f8edf02a0f5a962466ac603dd00000013a368b35e08f01138fa6d0557", 0x0}, 0x50) 2m18.934652427s ago: executing program 33 (id=3641): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000340)='GPL\x00'}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, &(0x7f00000005c0)="e09afae1dce77994ff13ca6b6699614b23f670b5f873198b190248e8cac922ff12af2414057103402d12e455390500000037b5e1c2fbc3967bc4f34e6efbe88a892e23227f8edf02a0f5a962466ac603dd00000013a368b35e08f01138fa6d0557", 0x0}, 0x50) 2.307585166s ago: executing program 4 (id=5497): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)={0x18, 0x14, 0x1, 0x70bd26, 0x25dfdbfb, {0x23, 0x5}, [@INET_DIAG_REQ_BYTECODE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x1000}, 0x80040) 2.119896677s ago: executing program 4 (id=5500): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000000280)=@assoc_value, &(0x7f00000002c0)=0x8) 1.869782348s ago: executing program 4 (id=5506): r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000000c0)={'\x00@\x00', 0x0, 0x6, 0x3, 0x2000000, 0x0, "f700", '\x00', "030200", "fcffffff", ["50d5c2a7c5ae5cace40000b6", "808e88e2e9ffffbdae00", "0c436d743c97c443084000", "ff81000000008000"]}) 1.746643609s ago: executing program 4 (id=5510): r0 = socket$nl_audit(0x10, 0x3, 0x9) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000001700)=0x7, 0x4) 1.6212637s ago: executing program 0 (id=5512): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='oom_score_adj\x00') pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}, {&(0x7f0000000140)='2', 0x1}], 0x2, 0x0, 0x0) 1.55650564s ago: executing program 4 (id=5513): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clock_adjtime(0xffffffd3, 0x0) 1.441507961s ago: executing program 5 (id=5516): r0 = socket$pppl2tp(0x18, 0x1, 0x1) accept4$alg(r0, 0x0, 0x0, 0x800) 1.409048251s ago: executing program 0 (id=5517): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x9fd, 0x84, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x803, r0}, 0x38) 1.362987671s ago: executing program 4 (id=5518): syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x3010012, &(0x7f00000001c0)={[{@discard}, {@nodatacow}, {@nobarrier}, {@usebackuproot}, {@fatal_errors_bug}, {@autodefrag}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x65, 0x31, 0x7c62609ececfee28, 0x32, 0x37]}}]}, 0x3, 0x510e, &(0x7f00000196c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlVRGht7TRYv2LFNiVGIjE1EIwSlDVLyoQijKKr5ALUCEUkB4SLFESqPiKoogEChNURBpJQkIk2Q4mr23jN759ydhx9rvPT3k7xzZv7ncc+Zh+fce+dcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/+HQV67622bxh397wdPPXTxx2d51F798zQVnPh7C5OzjHVm4o//6Wyd+fuf5d+29b81t9xy58P29ebk8HgaqfzrzO9fFWo8sDeHejhC608DKwSzQk98fjPW9YzCEM8JcoFZiqj8rkTYcvt8Xwv4wF6hV9b2+EAYLgYueeOjBG6uJW/pCWBZCqKRtPFvJ2uhLA+f0ZoH+NLCtOwv86mimFvhuZxaAExbfDLUX/cHJ+gwj85dr8PrrOWkb9sZKu9cVEyON8/1s3QJvVEFv+sDkCT1tpepYEKW3xyHvtkXwbiuN882etuIXqfwbytG5UCV0bp7asvHKmV3xkc4wNtbVqKYFep6fevVLm44lvWheh3EDRk7K6/Cmx5bd2bXiE4/es3LZiwc+sO+lE93MHxWGtJheaJWQv+YWzfMYTfg8WQRvv9K3pFFfukIIWz7/e59sFi/N/0eaz//jyznedtbljrW+PpTNzeMjgzHxylA2NwcAAIBFYzHsNd029sBHCsWHK0l9pfn/aHvH/+Mh/3wyn/X2UAgTs4l9wyGcNft4FrgjNnfJcAjvnk1N1gfWJYFDIbx9NrGiVlVSYkksMZoEfjKUByaSwOEYmEwC34qBm5PAdTFwMAlsioFDSeD8GAjT9f34/aG8H20H+mJgQzaIB+NZCL8Yiq0lY/VMrSoAAICTJJ8d9tTfLZzrcKIZ4vTyYF+rDPEM7IYZKkkN6Qy2Nq1qWEN3qxo6W9VQ6/ee5t0v1dzRqubSaRgd9Rlu/eXffCo0UZr/jzef/1fm2ZCO0vH/ENbP/o25O/PITC2+YbIuAwAAAHACBv73+W82i5fm/xPtnf8f94l0FTKHR+JuiK3DIYzXB7Jq/7AcyI56D+QBAAAAWAxqx+Nrx8Kn89vsFO10Pl3OP3mM+eOB/4l58/ceun9Ds+0tzf8n2zv/v7/+NtuIw3ErvjYcwpJC4AdxK6uBWaMx8OOP1gfy/h+OA3BDrCo/MaFW1Q2xxIYYGE8C+xuV+GGtxFn1gfzJqjW+r9aP6bxEIQAAAACnXNwdEI/Lx/P/3/ObNVc1K1ea/284tvP/Z+fBpdP7ZwZCWNUdQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwjnVTuWVvV8vv5/d7rG4BN9WVUxcNZ7Drx6TjXxzb4QVhUDT37m9g9WE7uSQK3xv+wL4V3V3qaNf2dJ1nhP2vjXl4TwzkKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEshUKvqQ5UQdgcAFqn4X+nm4oM7d1+9dePMzNSOBUzEffh9Ycv0zNTYpm0zmysNtmlzss11yxhdW+5Tu1e+eSZfoujTd68fbCdd+53geLGtfD9+6cTB/H78LtQz2881PXV316Zdft97y02EwjepRl3uXOAu9xcrmXsSS/XH/L1hICy5cufUjrEvbty1a8fq7G+72ddkf+NhpmysVqdj1T/ftrXx8mi4WlbieMdqebGSVbsu375q5+6rV05fvvHSqUunrlj9oTXj546vHf/wuauqvRrP/rbo6vL5qk66evT2Nvt1Ert6dnehklPxqSEhIbHYEtsGljf9P7k0/9/efP4fP3XiJ3++PkOj4/8j8TB/9vjcYf4NMbC/3eP/I42O5tdODBhNAntiYI/D/AAAALw5xEl+3JsZ90r/dMV3XmxWrjT/39Pe7/9P0vr/taXrL2y0zP+KWGK80fr/6TL/tfX/9zRa/z9d5r+2/v/+N2D9/ytrgWRIfmH9fwAA4M3g1K3/33J5//QCAaUMLZf3Ty8QUMrQchn/di8QcMzr/z/7n3/136GJ0vz/5vbm/xbuBwAAgNPHl//sqt9pFi/N//e3N/8/9ev/hUbn/482Ckw2WhjQ+n8AAAAsUo3W/xu5vv9zzcqV5v8H25v/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYG+tpM2/dyqjrjr/Np/KlQJuli57/kyPHdv7/ofbm/3W/y7jpsWV3dq34xKOv37Ny2YsHPrDvpbnj/wAAAMDCaXe/BAAAAAAAAAAAAAAA8MZ7/j/2rm0WL/3+P6yffbzR7//jdf/i7wveWpc71tp6/b/8/kUfv2v37JKFjwyF8N5iYOverWeE/Nr8y4uBBz+74m3VxN60xP3Pnf9CNfG5NPCxlWe+Vk2clwQ2xEUS354G4lUVX1uaBOLyiv+eBuJ4HEwDvXngq0uzfnSkY/XTwWysOtKxenowhOFCoDZW9w5mbXSkHbwlCdQ6+IU0EDv453mgM92quwayrYqBwVj0toFsqwAAOG3Fb4E9Ycv0zNR4/Aofb8/urr+N6pYsu7ZcbUebzT+TL0326bvXD7aT7kq/i85da7wnVKpdWF36ulrM0jHby5NTS4uhe2uDLrda7a2zQbnUsQ5db+Me9WU9Gtu0bWZzT8uOr22dZU13yyyrS5OdYpbO2SFto5Y2tqWNHrU5Nm1scrzfGcbGupJcfxCDI6FOq1dEu7/XL67z1+hVUMxzxZF9v2pWX2n+P9Le/L9S7Ndr+cUA9sQr6/3dsGX+AQAAYGF9dd2vvxH/fer6h59slrc0/x9tb/4f92Dlh4KzvR2H4vX/9w2HMHtp/ZEscEds7pLhEN49m5qMJbIL6l8YS4xngTviDpMVscSGyfqqlsTAwSTwk6E8cCgJHI6BfC/FgZDvyvn7oRA+OJtaX19ieywxkgQ+GQOjSWAsBsaTwNIYmEgCLy/NA5NJ4N9iIEzXj9XdS/OxAgAAOBb5PKun/m5I53kHu1tl6GiVob9Vhs5WGSpNM/SEg416Ee9/O2bo6SiPQnyoJ222L6mllCFeDL/hhrcc3drh/x/W50wLlpqO5x/UzjfoqM9w30e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qdy8r8VTx0dj4McfrQ/kOwYOx8nuDbWqJvMS+aT9hlhiIgZGk8D2GJhIAhvW54H9b6sP5DPtWuP7ao1P5yUKAQAAADjl4g6CuJsmzv9v2/mVgWblSvP/ifbm/7G9gWJj18VajywN4d6Oua2pBVYOZoG4H2Mw/jz+HYMhnFHYwVErMdWflehNGg7f78t+od6bVvW9vuzHB/H+RU889OCN1cQtfSEsK+x9qbXxbCVroy8NnNObBfrTwLbuLBD3/NQC3+3MAnDCansF4wsqP9WlZmT+cg1ef2+Wa4Km3SvtA50n33y/uVoopR2u+T7VmmN72pruv+WkKb09Dnm3LcZ324h3W/GLVP4N5ehcqBI6N09t2XjlzK74SPGXrCUL9DwXf6XaTvokvA73HP/WtlZJN2A8+fgYn7/c/K/DjljdTY8tu7NrxScevWflshcPfGDfS21vRgPxh8IPXfOvgz8qDO9Cq4T8NbfoPk8mfZ4siv8Gknf3qKcthLD+5a/f0Cxemv9Ptjf/705uZ/06DubO4RDeVxjcR+Lw//Fw9jlYCGSfkm8pB7JD7v811PCTEwAAAE622u6O2v6C6fw2OyE8nSeX80+GcHT4GPLH/RUT8+Zvd7v7//qzy5rFS/P/Dc3n/0uSzXT83/F/Fojj//M63XdFL0kf2HNCu6JL1bEgHP+f1+n+bnP8f16O/zv+Px/H/1tw/H9ep/vTVvqWtN2XrhDCi3/0wNPN4qX5//b25v/W/5t/0b7a+n8bGq3/t73R+n97rP8HAAAsqAYLzaXzvNLqfaUM6ep9pQwtFwhsucRg8/X/mqyz96ZZ/680qK3W/3vh7Gd/E5oozf/3tDf/jy+HgWLri2X9v9H1Daq6OQa2WxgQAACA01GjfRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8se77h//Z3Cz+8G8vePq5iycu27vu4pevueDMx0OYnn28Iwt39F9/68TP7zz/rr33rbntniMXvr+Sl+vJb3+3Lnes9fWhEPYXHhmMiVeGqnfmAhd9/K7d3dXEI0MhvLcY2Lp36xnVxLeGQlheDDz42RVvqyb2piXuf+78F6qJz6WBj60887Vq4rw80JFu7j8uzTa3I93cG5eGMFwI1Db3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4bwQQnda1XO9WVXdac8f782qioGz3nPg1XOqif29IawqBp78zO0frCa+kARqjf9Fbwjvqr5k0sa/3ZM13pM2fktPCO8MIfSmJX7ZnZXoTUs83x3CWwqBWuOf7w5hd+BNIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kmxTIx2F9NFrj7/vz7z6pU3V20/fvX6wnXR3Xq5ndpPX9NTdXXu6b33crv5iJXPPR6n+mL83DIQlV+6c2jH2xY27du1Ynf1tN/ua7G9XHs3GavViGavlxUpW7bp8+6qdu69eOX35xkunLp26YvWH1oyfO752/MPnrqr2ajz7ezK6evup7+rZ3YVKTsUHgISExGJLdNZ9uo2f7h/kpS/6cxvaEyqzH9ClaUUxS8dsL09Gp9cdZ4+P53tKyx6tLk0cSlnWzJPl2vosa0uTibla+rIss9/rSpPDYmOds0Ma73eGsbGuRuMwUn+3OLw/O4HhfSofunbTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP+xAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswLEAAAAAgDB/6zB6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//56HJTY=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) 1.213722002s ago: executing program 5 (id=5521): r0 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, &(0x7f0000000200)={0x0, [0x9, 0xffff1339, 0x5], [{0x0, 0x6}, {0x33, 0x88}, {0x1, 0xffff, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0xfffffefc}, {}, {0xea1, 0x9}, {0x0, 0xfff}, {}, {0x2}, {0x1, 0x8}, {0x0, 0x1}], 0x4}) 1.096693923s ago: executing program 1 (id=5522): r0 = socket(0x22, 0x3, 0x0) accept4$inet(r0, 0x0, 0x0, 0x0) 1.065611923s ago: executing program 6 (id=5523): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0xfffb, 0x8}, &(0x7f0000000040)=0x8) 1.021249053s ago: executing program 5 (id=5524): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x400) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f00000000c0)={0x0, 0x8000, 0x5ae4, {0x100, 0xb}, 0x100000, 0x5b50}) 893.760054ms ago: executing program 1 (id=5525): r0 = syz_open_dev$radio(&(0x7f0000000080), 0x3, 0x2) ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f0000000100)={0x98f904, 0x0, @value=0xffffffffffffffff}) 891.979764ms ago: executing program 0 (id=5526): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x13}]}, 0x24}}, 0x0) 878.488994ms ago: executing program 6 (id=5527): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000006a00010500000000fddbdf25000000000000000008000500", @ANYBLOB="f47129a6", @ANYBLOB='\b\x00\n'], 0x28}}, 0x0) 770.331825ms ago: executing program 5 (id=5528): r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000080)={0x0, "df96fa5be04b45b302868ada66ff0cad254fefdc0eefb01d42550773cf7928deecc5a7a322557411f6d0cb6e42a4e17edce52bde15496d9f6f4c2f2e10c50b21", 0x32}, 0x48, 0xfffffffffffffffe) add_key(&(0x7f0000000240)='logon\x00', 0x0, 0x0, 0x0, r0) 741.056115ms ago: executing program 1 (id=5529): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000000a00ecff0800010073797a300000000074000000160a010100000000000000000a00000008000740000000014000038008000140000000002c000380140001006e657464657673696d300000000000001400010076657468305f766c616e00000000000008000240000000070900010073797a3000000000090002"], 0xbc}}, 0x0) 636.184026ms ago: executing program 0 (id=5530): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCADDRT(r0, 0x8918, 0x0) 598.990826ms ago: executing program 6 (id=5531): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, 0xd, 0x6, 0x101, 0x0, 0x0, {0x3}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x8000) 597.172106ms ago: executing program 5 (id=5532): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x31a39, 0x59629}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0xffffffff}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48094}, 0x240400c0) 529.368836ms ago: executing program 1 (id=5533): r0 = socket(0x1d, 0x2, 0x6) getpeername$l2tp6(r0, 0x0, 0x0) 423.791017ms ago: executing program 6 (id=5534): r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a067fbc45ff620500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000ffd9dd000000100001000b0808004149004006040800", 0x58}], 0x1) 423.052267ms ago: executing program 0 (id=5535): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000008c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3f8, 0x2c0, 0x228, 0x228, 0x0, 0x2c0, 0x360, 0x360, 0x360, 0x360, 0x360, 0x6, 0x0, {[{{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x190}}, {{@ip={@private=0xa010101, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00', {}, {0xff}}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x11, 0x7, 0x1100]}, {0x0, [0x2, 0x0, 0x0, 0x2, 0x4]}}}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@private=0xa010102, @multicast1, 0x0, 0xffffff00, 'syzkaller0\x00', 'bond0\x00', {}, {0xff}}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x8000, 0x400, @remote, 0x4e24}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458) 353.881128ms ago: executing program 1 (id=5536): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendto(r0, 0x0, 0x0, 0x80, 0x0, 0x0) 212.534368ms ago: executing program 5 (id=5537): syz_usb_ep_write(0xffffffffffffffff, 0x81, 0x7, &(0x7f0000000280)="1000a8631eabc8") syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040e04043d20"], 0x7) 175.793619ms ago: executing program 6 (id=5538): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ALL_SLAVES_ACTIVE={0x5}]}}}]}, 0x3c}}, 0x0) 168.922979ms ago: executing program 0 (id=5539): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2b109, 0x40}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x0) 109.341909ms ago: executing program 1 (id=5540): mlockall(0x3) mlockall(0x7) 0s ago: executing program 6 (id=5541): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="02037f02210000000000000000000000030006000000000002000000ac14142e00000000000000000200010000000000000006007fffffff030005002b00000002000000ac1414aa0000000000000000170008007805"], 0x108}, 0x1, 0x7}, 0x0) kernel console output (not intermixed with test programs): 'hsr' already present! [ 333.600475][T12697] Cannot create hsr debugfs directory [ 333.685652][T12887] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709518846) [ 333.726686][T12887] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 333.856950][T12890] loop4: detected capacity change from 0 to 256 [ 334.230889][ T26] audit: type=1326 audit(1762325814.551:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12900 comm="syz.0.3731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96bb18f6c9 code=0x7ffc0000 [ 334.312759][ T26] audit: type=1326 audit(1762325814.551:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12900 comm="syz.0.3731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96bb18f6c9 code=0x7ffc0000 [ 334.339709][ T4871] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 334.410465][T12697] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 334.415906][ T26] audit: type=1326 audit(1762325814.591:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12900 comm="syz.0.3731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f96bb18f6c9 code=0x7ffc0000 [ 334.459004][T12697] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 334.501136][T12697] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 334.539819][ T26] audit: type=1326 audit(1762325814.591:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12900 comm="syz.0.3731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96bb18f6c9 code=0x7ffc0000 [ 334.566686][ T4871] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 334.584701][T12697] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 334.604146][ T4871] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.632275][ T26] audit: type=1326 audit(1762325814.591:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12900 comm="syz.0.3731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96bb18f6c9 code=0x7ffc0000 [ 334.642053][ T4871] usb 2-1: Product: syz [ 334.683192][ T4871] usb 2-1: Manufacturer: syz [ 334.687908][ T4871] usb 2-1: SerialNumber: syz [ 334.692436][T12874] loop5: detected capacity change from 0 to 32768 [ 334.716409][T12910] loop4: detected capacity change from 0 to 1024 [ 334.742295][ T4871] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 334.785624][T12874] ERROR: (device loop5): dbAllocNext: Corrupt dmap page [ 334.785624][T12874] [ 334.866504][ T4871] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 334.909008][T12910] hfsplus: cannot replace xattr [ 335.261741][T12697] 8021q: adding VLAN 0 to HW filter on device bond0 [ 335.337982][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 335.360560][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 335.410320][ T4870] usb 2-1: USB disconnect, device number 11 [ 335.426116][T12697] 8021q: adding VLAN 0 to HW filter on device team0 [ 335.453178][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 335.489996][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 335.517100][ T4707] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.524358][ T4707] bridge0: port 1(bridge_slave_0) entered forwarding state [ 335.564239][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 335.584041][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 335.600850][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 335.620223][ T4707] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.627459][ T4707] bridge0: port 2(bridge_slave_1) entered forwarding state [ 335.662512][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 335.717202][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 335.726369][T12935] loop0: detected capacity change from 0 to 512 [ 335.736891][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 335.800342][T12938] netlink: 'syz.5.3742': attribute type 1 has an invalid length. [ 335.816686][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 335.831881][T12935] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 335.832575][T12938] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3742'. [ 335.864677][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 335.909791][T12935] EXT4-fs error (device loop0): ext4_quota_enable:7013: comm syz.0.3741: Bad quota inum: 2, type: 1 [ 335.932553][ T4871] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 335.932876][T12935] EXT4-fs warning (device loop0): ext4_enable_quotas:7061: Failed to enable quota tracking (type=1, err=-117, ino=2). Please run e2fsck to fix. [ 335.941258][ T4871] ath9k_htc: Failed to initialize the device [ 335.963297][ T4870] usb 2-1: ath9k_htc: USB layer deinitialized [ 335.977350][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 336.050559][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 336.089605][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 336.120303][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 336.152422][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 336.164648][T12945] loop1: detected capacity change from 0 to 256 [ 336.172963][ T4269] EXT4-fs (loop0): unmounting filesystem. [ 336.185337][T12945] exfat: Deprecated parameter 'namecase' [ 336.204581][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 336.236581][T12697] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 336.260542][T12945] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 336.514400][ T26] audit: type=1326 audit(1762325816.841:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12955 comm="syz.4.3749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 336.602068][ T26] audit: type=1326 audit(1762325816.871:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12955 comm="syz.4.3749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 336.658280][T12960] loop0: detected capacity change from 0 to 2048 [ 336.714196][ T26] audit: type=1326 audit(1762325816.871:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12955 comm="syz.4.3749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 336.742715][T12960] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 336.812076][ T26] audit: type=1326 audit(1762325816.871:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12955 comm="syz.4.3749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 337.105487][T12976] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3756'. [ 337.155797][T12976] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3756'. [ 337.211629][T12976] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3756'. [ 337.240708][T12979] loop4: detected capacity change from 0 to 512 [ 337.254917][T12976] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3756'. [ 337.276147][T12979] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 337.323462][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 337.331050][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 337.369859][T12979] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.3757: bg 0: block 384: padding at end of block bitmap is not set [ 337.436401][T12697] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 337.485694][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 337.525807][T12979] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 337.556624][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 337.582095][T12979] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #11: comm syz.4.3757: attempt to clear invalid blocks 983260 len 1 [ 337.620717][T12994] syz.0.3760 uses obsolete (PF_INET,SOCK_PACKET) [ 337.672922][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 337.680425][T12979] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.3757: Invalid inode table block 0 in block_group 0 [ 337.740685][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 337.758120][T12979] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5929: Corrupt filesystem [ 337.782541][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 337.799349][T12979] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 337.827834][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 337.858491][ T26] audit: type=1326 audit(1762325818.181:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13003 comm="syz.1.3765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 337.893333][T12979] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.3757: Invalid inode table block 0 in block_group 0 [ 337.932513][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 337.939107][T12979] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5929: Corrupt filesystem [ 338.001318][T13008] netlink: 676 bytes leftover after parsing attributes in process `syz.5.3767'. [ 338.002530][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 338.043846][T12979] EXT4-fs error (device loop4): ext4_truncate:4318: inode #11: comm syz.4.3757: mark_inode_dirty error [ 338.088891][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 338.116105][T12979] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 338.142579][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 338.149375][T12979] EXT4-fs (loop4): 1 truncate cleaned up [ 338.195938][T12979] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 338.350891][T12979] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz.4.3757: Invalid inode table block 0 in block_group 0 [ 338.401202][T12979] EXT4-fs (loop4): Remounting filesystem read-only [ 338.538467][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 339.083623][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 339.114155][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 339.138120][T13045] loop5: detected capacity change from 0 to 1024 [ 339.174940][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 339.193132][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 339.213582][T12697] device veth0_vlan entered promiscuous mode [ 339.230640][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 339.246121][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 339.280210][T12697] device veth1_vlan entered promiscuous mode [ 339.323409][T13050] (unnamed net_device) (uninitialized): peer notification delay (10) is not a multiple of miimon (100), value rounded to 0 ms [ 339.406203][T13050] device bond5 entered promiscuous mode [ 339.412330][T13050] 8021q: adding VLAN 0 to HW filter on device bond5 [ 339.438125][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 339.483750][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 339.587423][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 339.639610][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 339.676367][T12697] device veth0_macvtap entered promiscuous mode [ 339.719907][T12697] device veth1_macvtap entered promiscuous mode [ 339.783285][T12697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.818003][T12697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.866146][T12697] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 339.900736][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 339.956425][T13070] loop5: detected capacity change from 0 to 256 [ 339.963817][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 339.988224][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 340.021015][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 340.054029][T12697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.091948][T12697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.106151][T13070] FAT-fs (loop5): Directory bread(block 64) failed [ 340.133714][T13070] FAT-fs (loop5): Directory bread(block 65) failed [ 340.143725][T12697] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 340.149816][T13038] loop0: detected capacity change from 0 to 32768 [ 340.157736][T13070] FAT-fs (loop5): Directory bread(block 66) failed [ 340.172547][ T4678] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 340.187078][ T4678] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 340.231042][T13070] FAT-fs (loop5): Directory bread(block 67) failed [ 340.257195][T13070] FAT-fs (loop5): Directory bread(block 68) failed [ 340.261236][T12697] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.287029][T13070] FAT-fs (loop5): Directory bread(block 69) failed [ 340.300658][T13070] FAT-fs (loop5): Directory bread(block 70) failed [ 340.309017][T12697] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.309062][T13038] (syz.0.3778,13038,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 340.351599][T12697] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.362065][T13070] FAT-fs (loop5): Directory bread(block 71) failed [ 340.383323][T12697] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.383332][T13070] FAT-fs (loop5): Directory bread(block 72) failed [ 340.406388][T13038] (syz.0.3778,13038,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 340.438209][T13070] FAT-fs (loop5): Directory bread(block 73) failed [ 340.544651][T13038] JBD2: Ignoring recovery information on journal [ 340.613873][ T4711] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 340.654458][T13038] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 340.673457][ T4711] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 340.827885][ T4711] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 340.855142][ T4352] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 340.888310][ T4352] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 340.961365][ T4709] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 341.069009][ T4269] ocfs2: Unmounting device (7,0) on (node local) [ 341.325650][T13101] loop6: detected capacity change from 0 to 1024 [ 342.664067][T13153] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 343.060169][T13117] loop0: detected capacity change from 0 to 32768 [ 343.098187][T13161] loop1: detected capacity change from 0 to 4096 [ 343.116942][T13117] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 343.169100][T13117] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 343.195285][T13117] BTRFS info (device loop0): using free space tree [ 343.262227][ T4306] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 343.285946][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 343.285961][ T26] audit: type=1800 audit(1762325823.611:157): pid=13161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3824" name="bus" dev="loop1" ino=33 res=0 errno=0 [ 343.432490][T13117] BTRFS info (device loop0): enabling ssd optimizations [ 343.435378][T13181] loop4: detected capacity change from 0 to 1024 [ 343.458600][T13181] hfsplus: unable to parse mount options [ 343.502057][ T4306] usb 6-1: Using ep0 maxpacket: 16 [ 343.503890][ T4306] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 343.503916][ T4306] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 343.506235][ T4306] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 343.506265][ T4306] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.506286][ T4306] usb 6-1: Product: syz [ 343.506301][ T4306] usb 6-1: Manufacturer: syz [ 343.506316][ T4306] usb 6-1: SerialNumber: syz [ 343.547370][ T4269] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 343.716582][ T4306] usb 6-1: 0:2 : does not exist [ 343.764889][ T4306] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 343.879910][ T4306] usb 6-1: USB disconnect, device number 3 [ 343.925000][T13200] loop4: detected capacity change from 0 to 512 [ 344.008186][T13200] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 344.082417][T13200] ext4 filesystem being mounted at /761/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 344.162776][ T4517] udevd[4517]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 344.379549][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 345.102637][T13239] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 345.460555][T13257] xt_l2tp: v2 doesn't support IP mode [ 345.481747][T13259] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3855'. [ 345.828034][T13270] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3860'. [ 345.889373][T13274] loop6: detected capacity change from 0 to 8 [ 346.115240][T13279] comedi comedi0: pcm3724: a I/O base address must be specified [ 346.215446][T13285] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 346.394083][T13291] loop1: detected capacity change from 0 to 512 [ 346.478588][T13291] EXT4-fs: Ignoring removed orlov option [ 346.584387][T13291] EXT4-fs (loop1): orphan cleanup on readonly fs [ 346.607077][T13291] EXT4-fs error (device loop1): ext4_find_extent:900: inode #4: comm syz.1.3868: inode has invalid extent depth: 7 [ 346.635942][T13291] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=-117 [ 346.728371][T13291] EXT4-fs warning (device loop1): ext4_enable_quotas:7061: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 346.792002][T13291] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 346.798687][T13291] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 346.845083][T13310] netlink: 'syz.0.3876': attribute type 10 has an invalid length. [ 346.877952][T13310] bond0: (slave wlan1): Releasing backup interface [ 346.931324][T13312] erofs: (device loop9): erofs_read_superblock: cannot find valid erofs superblock [ 346.956669][T13291] EXT4-fs error (device loop1): ext4_lookup:1855: inode #2: comm syz.1.3868: 'file0' linked to parent dir [ 347.144017][ T4263] EXT4-fs (loop1): unmounting filesystem. [ 347.168488][T13319] loop0: detected capacity change from 0 to 256 [ 347.245019][T13319] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d) [ 347.598078][T13336] netlink: 340 bytes leftover after parsing attributes in process `syz.4.3887'. [ 347.651068][T13336] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3887'. [ 348.118821][T13354] loop6: detected capacity change from 0 to 2048 [ 348.162548][T13362] loop1: detected capacity change from 0 to 1024 [ 348.185695][T13354] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 348.260738][T13354] UDF-fs: error (device loop6): udf_read_inode: (ino 1345) failed !bh [ 348.288334][T13362] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 348.485778][T13372] loop4: detected capacity change from 0 to 128 [ 348.538707][ T4263] EXT4-fs (loop1): unmounting filesystem. [ 348.568749][T13375] loop5: detected capacity change from 0 to 128 [ 348.689148][T13375] autofs4:pid:13375:autofs_fill_super: called with bogus options [ 348.720597][T13379] loop1: detected capacity change from 0 to 64 [ 349.067947][T13388] loop5: detected capacity change from 0 to 8 [ 349.156486][T13388] SQUASHFS error: Failed to read block 0x6e6: -5 [ 349.195383][T13388] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 349.222249][T13388] SQUASHFS error: Unable to read directory block [631:26] [ 349.899725][T13416] loop6: detected capacity change from 0 to 4096 [ 349.944080][T13416] ntfs3: loop6: Different NTFS' sector size (1024) and media sector size (512) [ 350.631304][T13440] loop1: detected capacity change from 0 to 4096 [ 350.736356][T13454] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 350.761650][T13440] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=11 [ 350.926817][T13456] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.3937'. [ 350.992149][T13456] netlink: zone id is out of range [ 351.028444][T13456] netlink: del zone limit has 4 unknown bytes [ 351.351551][T13466] loop1: detected capacity change from 0 to 4096 [ 351.420766][T13466] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 351.705223][T13484] loop4: detected capacity change from 0 to 1764 [ 352.161129][T13495] loop5: detected capacity change from 0 to 2048 [ 352.241018][T13502] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 352.297652][T13495] NILFS error (device loop5): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 352.338723][T13507] loop6: detected capacity change from 0 to 256 [ 352.407646][T13507] FAT-fs (loop6): Directory bread(block 64) failed [ 352.435859][T13495] Remounting filesystem read-only [ 352.444436][T13507] FAT-fs (loop6): Directory bread(block 65) failed [ 352.481768][T13507] FAT-fs (loop6): Directory bread(block 66) failed [ 352.524220][T13507] FAT-fs (loop6): Directory bread(block 67) failed [ 352.532486][T13507] FAT-fs (loop6): Directory bread(block 68) failed [ 352.554708][T13507] FAT-fs (loop6): Directory bread(block 69) failed [ 352.589671][T13507] FAT-fs (loop6): Directory bread(block 70) failed [ 352.624300][T13507] FAT-fs (loop6): Directory bread(block 71) failed [ 352.644815][T13507] FAT-fs (loop6): Directory bread(block 72) failed [ 352.651426][T13507] FAT-fs (loop6): Directory bread(block 73) failed [ 352.766075][T13520] wg1 speed is unknown, defaulting to 1000 [ 352.792155][T13520] wg1 speed is unknown, defaulting to 1000 [ 352.799536][T13520] wg1 speed is unknown, defaulting to 1000 [ 352.828251][T13520] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 352.852820][T13520] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 352.902187][ T4862] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 352.933279][T13520] wg1 speed is unknown, defaulting to 1000 [ 352.957430][T13520] wg1 speed is unknown, defaulting to 1000 [ 353.001683][T13520] wg1 speed is unknown, defaulting to 1000 [ 353.015386][T13520] wg1 speed is unknown, defaulting to 1000 [ 353.036908][T13520] wg1 speed is unknown, defaulting to 1000 [ 353.076641][T13520] wg1 speed is unknown, defaulting to 1000 [ 353.108917][ T4862] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 353.132020][ T4862] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 353.182782][ T4862] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 353.203871][ T4862] usb 2-1: config 220 has no interface number 2 [ 353.210242][ T4862] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 353.237352][T13534] loop0: detected capacity change from 0 to 256 [ 353.284655][ T4862] usb 2-1: config 220 interface 0 has no altsetting 0 [ 353.322225][ T4862] usb 2-1: config 220 interface 76 has no altsetting 0 [ 353.358088][ T4862] usb 2-1: config 220 interface 1 has no altsetting 0 [ 353.383905][ T4862] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 353.404115][ T4862] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.428894][ T4862] usb 2-1: Product: syz [ 353.446511][ T4862] usb 2-1: Manufacturer: syz [ 353.451181][ T4862] usb 2-1: SerialNumber: syz [ 353.714407][ T4862] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 353.720831][ T4862] usb 2-1: No valid video chain found. [ 353.737690][ T4862] usb 2-1: selecting invalid altsetting 0 [ 353.797015][ T4862] usb 2-1: selecting invalid altsetting 0 [ 353.822077][ T4862] usbtest: probe of 2-1:220.1 failed with error -22 [ 353.840291][ T4862] usb 2-1: USB disconnect, device number 12 [ 353.846398][ T4269] cgroup: fork rejected by pids controller in /syz0 [ 353.959394][T13555] loop4: detected capacity change from 0 to 2048 [ 353.990096][T13555] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 354.119983][T13557] loop6: detected capacity change from 0 to 4096 [ 354.178562][T13557] ntfs3: loop6: Failed to load $Extend. [ 354.505647][ T4711] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.543434][T13569] Cannot find del_set index 2 as target [ 354.709353][ T4711] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.816350][ T4711] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.834690][T13573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3990'. [ 354.970667][ T4711] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.161180][T13584] loop1: detected capacity change from 0 to 1024 [ 355.177837][T13588] loop4: detected capacity change from 0 to 256 [ 355.251522][T13588] exfat: Deprecated parameter 'namecase' [ 355.292354][T13588] exfat: Deprecated parameter 'namecase' [ 355.363857][T13588] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 355.572475][ T4352] hfsplus: b-tree write err: -5, ino 4 [ 355.876392][ T4275] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 355.887706][ T4275] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 355.896442][ T4275] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 355.906639][ T4275] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 355.916124][ T4275] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 355.923608][ T4275] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 355.999993][ T26] audit: type=1400 audit(1762325836.375:158): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=13606 comm="syz.6.4005" [ 356.129813][T13602] wg1 speed is unknown, defaulting to 1000 [ 357.326443][T13647] loop1: detected capacity change from 0 to 4096 [ 357.368646][T13647] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 357.394514][T13602] chnl_net:caif_netlink_parms(): no params data found [ 357.415136][T13647] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 357.471858][T13647] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 357.525880][T13647] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 357.584130][T13647] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 357.626785][T13647] ntfs: volume version 3.1. [ 357.649885][T13647] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 357.692255][T13647] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 357.751761][T13647] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 357.862797][T13647] ntfs: (device loop1): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is corrupt. [ 358.022377][ T47] Bluetooth: hci2: command 0x0409 tx timeout [ 358.441491][T13674] loop1: detected capacity change from 0 to 4096 [ 358.472658][T13674] ntfs: volume version 3.1. [ 358.577272][T13602] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.585019][T13602] bridge0: port 1(bridge_slave_0) entered disabled state [ 358.623262][T13602] device bridge_slave_0 entered promiscuous mode [ 358.651796][T13602] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.664431][T13602] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.673726][T13602] device bridge_slave_1 entered promiscuous mode [ 358.823253][ T4711] device hsr_slave_0 left promiscuous mode [ 358.843820][ T4711] device hsr_slave_1 left promiscuous mode [ 358.864589][ T4711] device bridge_slave_1 left promiscuous mode [ 358.871008][ T4711] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.950107][ T4711] bridge0: port 1(bridge_slave_0) entered disabled state [ 359.103029][ T4711] device veth1_vlan left promiscuous mode [ 359.131148][ T4711] device veth0_vlan left promiscuous mode [ 359.251129][T13709] loop5: detected capacity change from 0 to 512 [ 359.361357][T13709] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 359.380858][T13709] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 359.399210][T13709] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.4042: corrupted xattr block 33 [ 359.432013][T13709] EXT4-fs error (device loop5): ext4_xattr_block_get:546: inode #15: comm syz.5.4042: corrupted xattr block 33 [ 359.465250][T13709] fscrypt (loop5, inode 15): Error -117 getting encryption context [ 359.552713][T12430] EXT4-fs (loop5): unmounting filesystem. [ 359.581205][T13718] loop6: detected capacity change from 0 to 4096 [ 359.703514][T13718] ntfs: volume version 3.1. [ 359.731272][T13722] loop1: detected capacity change from 0 to 1764 [ 360.047787][T13731] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4052'. [ 360.068449][T13731] netlink: 'syz.4.4052': attribute type 1 has an invalid length. [ 360.103152][ T4275] Bluetooth: hci2: command 0x041b tx timeout [ 360.179869][T13734] netlink: 'syz.1.4054': attribute type 32 has an invalid length. [ 360.363367][ T4711] bond1 (unregistering): Released all slaves [ 360.754101][ T4862] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 360.789858][T13748] loop1: detected capacity change from 0 to 4096 [ 360.822382][T13748] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 360.908255][T13748] ntfs3: loop1: failed to convert "c46c" to ascii [ 360.942092][ T4862] usb 5-1: Using ep0 maxpacket: 8 [ 360.949466][ T4862] usb 5-1: config 0 has an invalid interface number: 150 but max is 0 [ 360.985287][ T4862] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 360.994726][ T4862] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 361.008585][ T4862] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 361.019462][ T4862] usb 5-1: config 0 has no interface number 0 [ 361.030339][ T4862] usb 5-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 361.047729][ T4862] usb 5-1: config 0 interface 150 has no altsetting 0 [ 361.055302][ T4862] usb 5-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 361.064873][ T4862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.094072][ T4862] usb 5-1: config 0 descriptor?? [ 361.391327][T13758] loop6: detected capacity change from 0 to 256 [ 361.556853][ T4862] usb 5-1: USB disconnect, device number 17 [ 361.598038][ T4711] team0 (unregistering): Port device team_slave_1 removed [ 361.759778][ T4711] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 361.850841][ T4711] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 362.172668][ T4275] Bluetooth: hci2: command 0x040f tx timeout [ 362.213778][T13768] x_tables: ip_tables: osf match: only valid for protocol 6 [ 362.329274][T13770] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4071'. [ 362.608704][ T4711] bond0 (unregistering): Released all slaves [ 362.691448][T13602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 362.707913][T13724] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 362.717992][T13724] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4048'. [ 362.727889][T13724] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 362.783072][T13766] device veth3 entered promiscuous mode [ 362.791319][T13602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 362.991578][T13777] overlayfs: unrecognized mount option "obj_role=(‹&À!+/$:\(" or missing value [ 363.019107][T13602] team0: Port device team_slave_0 added [ 363.062388][T13778] netlink: 'syz.1.4073': attribute type 24 has an invalid length. [ 363.085617][T13602] team0: Port device team_slave_1 added [ 363.258508][T13602] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 363.279392][T13602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 363.305380][ C0] vkms_vblank_simulate: vblank timer overrun [ 363.379253][T13602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 363.403868][T13602] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 363.411190][T13602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 363.437149][ C0] vkms_vblank_simulate: vblank timer overrun [ 363.491941][T13602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 363.523618][T13788] device ip6erspan0 entered promiscuous mode [ 363.733976][T13602] device hsr_slave_0 entered promiscuous mode [ 363.754769][T13602] device hsr_slave_1 entered promiscuous mode [ 363.797050][T13602] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 363.824895][T13602] Cannot create hsr debugfs directory [ 364.129128][T13814] xt_ecn: cannot match TCP bits for non-tcp packets [ 364.254172][ T4275] Bluetooth: hci2: command 0x0419 tx timeout [ 364.525857][T13824] ax25_connect(): syz.5.4092 uses autobind, please contact jreuter@yaina.de [ 365.065743][T13799] loop4: detected capacity change from 0 to 40427 [ 365.138923][T13799] F2FS-fs (loop4): Corrupted extension count (64 + 1 > 64) [ 365.164522][T13799] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 365.277680][T13799] F2FS-fs (loop4): Found nat_bits in checkpoint [ 365.477163][T13799] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 365.486211][T13602] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 365.493567][T13799] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 365.556146][T13602] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 365.618621][T13602] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 365.663060][T13602] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 366.042862][T13602] 8021q: adding VLAN 0 to HW filter on device bond0 [ 366.098894][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 366.142769][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 366.192910][T13602] 8021q: adding VLAN 0 to HW filter on device team0 [ 366.285239][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 366.315910][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 366.351578][ T4707] bridge0: port 1(bridge_slave_0) entered blocking state [ 366.358820][ T4707] bridge0: port 1(bridge_slave_0) entered forwarding state [ 366.406433][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 366.449020][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 366.487556][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 366.529075][ T4707] bridge0: port 2(bridge_slave_1) entered blocking state [ 366.536358][ T4707] bridge0: port 2(bridge_slave_1) entered forwarding state [ 366.593937][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 366.635767][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 366.677133][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 366.739891][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 366.776594][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 366.830768][ T4709] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 366.846508][ T4709] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 366.877757][ T4709] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 366.907958][ T4709] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 366.945045][T13602] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 366.987149][T13602] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 367.013964][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 367.033100][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 367.420323][T13909] loop4: detected capacity change from 0 to 4096 [ 367.516564][T13909] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 367.584265][T13909] ntfs3: loop4: Failed to load $Extend. [ 367.659672][T13909] ntfs3: loop4: ino=5, "/" directory corrupted [ 368.002958][T13942] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4128'. [ 368.141441][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 368.167808][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 368.228218][T13602] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 368.304383][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 368.326471][T13954] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 368.334171][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 368.456567][ T4711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 368.470640][ T4711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 368.519396][ T4711] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 368.542416][T13957] tmpfs: Bad value for 'mpol' [ 368.574957][ T4711] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 368.616093][T13962] overlayfs: unrecognized mount option "\" or missing value [ 368.624672][T13602] device veth0_vlan entered promiscuous mode [ 368.654831][T13602] device veth1_vlan entered promiscuous mode [ 368.784829][T13602] device veth0_macvtap entered promiscuous mode [ 368.813605][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 368.850235][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 368.893189][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 368.909775][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 368.931260][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 368.957161][T13966] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4139'. [ 369.015981][T13602] device veth1_macvtap entered promiscuous mode [ 369.091569][T13602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 369.126739][T13602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.172013][T13602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 369.203303][T13980] loop6: detected capacity change from 0 to 8 [ 369.212399][T13602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.258841][T13602] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 369.283251][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 369.301388][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 369.331131][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 369.399265][T13602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 369.410389][ T4865] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 369.440961][T13602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.468463][T13602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 369.511143][T13602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.524462][T13602] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 369.563287][T13602] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.572888][T13602] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.585276][T13994] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4150'. [ 369.596654][T13602] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.611429][T13994] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4150'. [ 369.628298][T13602] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.637715][ T4865] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 369.655187][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 369.666449][ T4865] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 369.671810][ T4707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 369.678030][ T4865] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 369.712253][ T4865] usb 2-1: config 1 has no interface number 1 [ 369.718500][ T4865] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 369.748937][ T4865] usb 2-1: too many endpoints for config 1 interface 2 altsetting 0: 255, using maximum allowed: 30 [ 369.780802][ T4865] usb 2-1: config 1 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 369.807513][ T4865] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 369.833371][ T4865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 369.846745][ T4865] usb 2-1: Product: syz [ 369.851056][ T4865] usb 2-1: Manufacturer: syz [ 369.856049][ T4865] usb 2-1: SerialNumber: syz [ 370.007315][ T4352] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 370.050374][ T4707] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 370.082497][ T4352] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.093346][ T4707] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.110415][ T4865] usb 2-1: MIDIStreaming interface descriptor not found [ 370.137758][ T4709] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 370.187531][ T4709] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 370.207591][ T4865] usb 2-1: USB disconnect, device number 13 [ 371.198365][T14041] loop5: detected capacity change from 0 to 1024 [ 371.405431][T14007] loop6: detected capacity change from 0 to 32768 [ 371.720814][T14053] loop1: detected capacity change from 0 to 512 [ 372.012371][ T4862] usb 1-1: new full-speed USB device number 16 using dummy_hcd [ 372.222262][ T4862] usb 1-1: config 4 has an invalid interface number: 231 but max is 0 [ 372.240752][ T4862] usb 1-1: config 4 has no interface number 0 [ 372.290299][ T4862] usb 1-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 372.330181][ T4862] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.370782][ T4862] usb 1-1: Product: syz [ 372.392098][ T4862] usb 1-1: Manufacturer: syz [ 372.396767][ T4862] usb 1-1: SerialNumber: syz [ 372.456246][ T4862] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 372.641515][T14085] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4184'. [ 372.877620][ T4862] vp7045: USB control message 'in' went wrong. [ 372.888471][ T4862] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 372.914087][ T4862] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 372.944287][ T4862] usb 1-1: USB disconnect, device number 16 [ 373.563761][T14089] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 373.905263][T14134] loop1: detected capacity change from 0 to 1024 [ 374.147090][T14146] device vlan1 entered promiscuous mode [ 374.382043][ T4865] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 374.401501][T14155] netlink: 'syz.6.4207': attribute type 10 has an invalid length. [ 374.479737][T14155] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 374.524849][T14159] vivid-000: disconnect [ 374.545442][T14158] vivid-000: reconnect [ 374.580486][ T4865] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 374.606400][ T4865] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 374.632309][ T4865] usb 1-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 374.672227][ T4865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 374.713085][ T4865] usb 1-1: config 0 descriptor?? [ 375.148658][ T4865] Bluetooth: Can't get state to change to load configuration err [ 375.162069][ T4865] Bluetooth: Loading sysconfig file failed [ 375.168005][ T4865] ath3k: probe of 1-1:0.0 failed with error -16 [ 375.220034][ T4865] usb 1-1: USB disconnect, device number 17 [ 375.657709][T14199] loop5: detected capacity change from 0 to 512 [ 375.703460][T14199] EXT4-fs: Ignoring removed orlov option [ 375.762758][T14199] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 375.827596][T14199] EXT4-fs (loop5): orphan cleanup on readonly fs [ 375.899839][T14199] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.4226: bg 0: block 248: padding at end of block bitmap is not set [ 376.042340][T14199] __quota_error: 32 callbacks suppressed [ 376.042359][T14199] Quota error (device loop5): write_blk: dquota write failed [ 376.091016][T14199] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 376.134786][T14199] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.4226: Failed to acquire dquot type 1 [ 376.168918][T14218] loop1: detected capacity change from 0 to 64 [ 376.189034][T14199] EXT4-fs (loop5): 1 truncate cleaned up [ 376.208779][T14199] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 376.318174][T14199] EXT4-fs: Ignoring removed orlov option [ 376.353451][T14199] EXT4-fs: can't change dax mount option while remounting [ 376.502473][T12430] EXT4-fs (loop5): unmounting filesystem. [ 377.247430][T14263] loop4: detected capacity change from 0 to 512 [ 377.302889][T14263] EXT4-fs: Ignoring removed orlov option [ 377.359477][T14263] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 377.430116][T14263] EXT4-fs (loop4): orphan cleanup on readonly fs [ 377.509414][T14263] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.4249: bg 0: block 248: padding at end of block bitmap is not set [ 377.671282][T14263] Quota error (device loop4): write_blk: dquota write failed [ 377.680398][T14263] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 377.710736][T14263] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.4249: Failed to acquire dquot type 1 [ 377.747752][T14263] EXT4-fs (loop4): 1 truncate cleaned up [ 377.768757][T14263] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 377.878857][T14263] EXT4-fs: Ignoring removed orlov option [ 377.916215][T14263] EXT4-fs: can't change dax mount option while remounting [ 378.087884][T14293] loop1: detected capacity change from 0 to 1764 [ 378.103556][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 378.151412][T14298] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4264'. [ 378.563602][T14312] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4267'. [ 378.654768][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.654888][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.731491][T14319] loop1: detected capacity change from 0 to 256 [ 378.758151][T14319] exfat: Deprecated parameter 'namecase' [ 378.758215][T14319] exfat: Deprecated parameter 'namecase' [ 378.758302][T14319] exfat: Deprecated parameter 'utf8' [ 378.779503][T14319] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5417aa89, utbl_chksum : 0xe619d30d) [ 378.812290][ T4865] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 378.990721][T14324] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4274'. [ 378.992140][ T4865] usb 5-1: Using ep0 maxpacket: 32 [ 378.995206][ T4865] usb 5-1: config 0 interface 0 has no altsetting 0 [ 378.997457][ T4865] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 378.997488][ T4865] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 378.997508][ T4865] usb 5-1: Product: syz [ 378.997524][ T4865] usb 5-1: Manufacturer: syz [ 378.997539][ T4865] usb 5-1: SerialNumber: syz [ 378.999358][ T4865] usb 5-1: config 0 descriptor?? [ 379.291507][T14334] loop5: detected capacity change from 0 to 256 [ 379.408278][ T4865] gs_usb 5-1:0.0: Couldn't get device config: (err=-71) [ 379.408313][ T4865] gs_usb: probe of 5-1:0.0 failed with error -71 [ 379.422445][ T4865] usb 5-1: USB disconnect, device number 18 [ 379.838666][T14351] loop6: detected capacity change from 0 to 256 [ 380.462394][T14368] loop6: detected capacity change from 0 to 4096 [ 380.487379][T14376] netlink: 'syz.0.4296': attribute type 1 has an invalid length. [ 380.552189][ T4865] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 380.742151][ T4865] usb 6-1: Using ep0 maxpacket: 16 [ 380.755850][ T4865] usb 6-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4 [ 380.806067][ T4865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.842696][ T4865] usb 6-1: Product: syz [ 380.846959][ T4865] usb 6-1: Manufacturer: syz [ 380.884800][ T4865] usb 6-1: SerialNumber: syz [ 380.916275][ T4865] usb 6-1: config 0 descriptor?? [ 380.957690][ T4865] usb_ehset_test: probe of 6-1:0.0 failed with error -32 [ 381.135527][T14398] loop4: detected capacity change from 0 to 1024 [ 381.159537][ T4865] usb 6-1: USB disconnect, device number 4 [ 381.373828][T14407] loop1: detected capacity change from 0 to 256 [ 381.926288][T14427] netlink: 'syz.6.4316': attribute type 3 has an invalid length. [ 382.013385][T14434] netlink: 122896 bytes leftover after parsing attributes in process `syz.0.4318'. [ 382.155742][T14437] netlink: 'syz.6.4320': attribute type 11 has an invalid length. [ 382.236400][T14441] loop1: detected capacity change from 0 to 512 [ 382.287646][T14441] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 383.432075][ T6211] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 383.624016][ T6211] usb 5-1: config 0 has an invalid interface number: 120 but max is 0 [ 383.662059][ T6211] usb 5-1: config 0 has no interface number 0 [ 383.678726][ T6211] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 383.690367][T14501] loop5: detected capacity change from 0 to 2048 [ 383.706253][ T6211] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 383.716568][T14501] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=26504, location=26504 [ 383.758572][ T6211] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.778338][T14501] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 383.821729][ T6211] usb 5-1: config 0 descriptor?? [ 383.861586][ T6211] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.120/input/input23 [ 384.115191][ T4865] usb 5-1: USB disconnect, device number 19 [ 384.393034][T14523] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4352'. [ 384.474996][ T41] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 384.506276][T14519] loop6: detected capacity change from 0 to 4096 [ 384.549096][T14519] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 384.621472][T14519] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 384.682173][ T41] usb 1-1: Using ep0 maxpacket: 8 [ 384.689644][ T41] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 384.740246][ T41] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 384.801460][ T41] usb 1-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 384.850651][ T41] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 384.874505][ T41] usb 1-1: Product: syz [ 384.878854][ T41] usb 1-1: Manufacturer: syz [ 384.908595][ T41] usb 1-1: SerialNumber: syz [ 384.933242][ T41] usb 1-1: config 0 descriptor?? [ 385.147372][T14547] loop6: detected capacity change from 0 to 128 [ 385.160989][T14544] netlink: 12296 bytes leftover after parsing attributes in process `syz.4.4360'. [ 385.212752][T14547] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 385.226764][T14544] netlink: 164 bytes leftover after parsing attributes in process `syz.4.4360'. [ 385.279755][T14547] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 385.401368][ T6211] usb 1-1: USB disconnect, device number 18 [ 385.459207][T14554] xt_socket: unknown flags 0x50 [ 385.757491][T14564] netlink: 'syz.1.4368': attribute type 1 has an invalid length. [ 385.978343][T14578] netlink: 'syz.6.4373': attribute type 30 has an invalid length. [ 386.007862][T14578] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4373'. [ 386.043202][T14578] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 386.103168][T14578] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 386.351762][T14592] netlink: 'syz.6.4379': attribute type 5 has an invalid length. [ 386.372898][T14592] device ip6erspan0 entered promiscuous mode [ 386.382101][T14594] bond0: option arp_validate: invalid value (18446744073491447809) [ 386.390277][ T4711] bond0: (slave bond_slave_0): interface is now down [ 386.402935][ T4711] bond0: (slave bond_slave_1): interface is now down [ 386.437601][ T4709] bond0: (slave bond_slave_0): interface is now down [ 386.447094][ T4709] bond0: (slave bond_slave_1): interface is now down [ 386.521673][ T4709] bond0: now running without any active interface! [ 386.569775][T14599] loop1: detected capacity change from 0 to 512 [ 386.632936][T14599] EXT4-fs: Ignoring removed nobh option [ 386.689039][T14599] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.4382: inode #15: comm syz.1.4382: iget: illegal inode # [ 386.722623][T14599] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.4382: couldn't read orphan inode 15 (err -117) [ 386.793527][T14599] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 387.033219][T14617] netlink: 'syz.6.4389': attribute type 10 has an invalid length. [ 387.052825][ T4263] EXT4-fs (loop1): unmounting filesystem. [ 387.109548][T14617] team0: Port device macvlan0 added [ 387.197679][T14624] device netdevsim0 entered promiscuous mode [ 387.242767][T14624] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 387.415958][T14631] netlink: 'syz.1.4397': attribute type 24 has an invalid length. [ 387.529925][T14637] netlink: 'syz.5.4399': attribute type 4 has an invalid length. [ 387.596855][T14637] netlink: 152 bytes leftover after parsing attributes in process `syz.5.4399'. [ 387.635957][T14637] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 388.689426][T14686] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4423'. [ 388.751333][T14686] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4423'. [ 388.792898][T14651] loop5: detected capacity change from 0 to 32768 [ 389.324748][T14706] syz.5.4433 (14706): drop_caches: 0 [ 389.525637][T14715] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.799972][T14725] comedi comedi3: mpc624: a I/O base address must be specified [ 389.950715][T14723] loop6: detected capacity change from 0 to 4096 [ 389.980483][T14723] ntfs3: loop6: Different NTFS' sector size (2048) and media sector size (512) [ 390.162065][T14727] loop5: detected capacity change from 0 to 8192 [ 390.212592][T14727] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 390.318796][T14727] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 390.382146][T14727] REISERFS (device loop5): using ordered data mode [ 390.388768][T14727] reiserfs: using flush barriers [ 390.420683][T14727] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 390.494706][T14727] REISERFS (device loop5): checking transaction log (loop5) [ 390.503886][T14735] xt_CT: No such helper "snmp_trap" [ 390.567631][T14727] REISERFS (device loop5): Using r5 hash to sort names [ 390.597499][T14727] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 391.192358][T14765] netlink: 'syz.4.4461': attribute type 4 has an invalid length. [ 391.200170][T14765] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.4461'. [ 391.374335][T14770] loop5: detected capacity change from 0 to 4096 [ 391.436398][T14770] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 391.589505][T14787] xt_addrtype: ipv6 does not support BROADCAST matching [ 391.772583][T12430] EXT4-fs (loop5): unmounting filesystem. [ 391.840908][T14792] SET target dimension over the limit! [ 392.261557][T14813] netlink: 'syz.4.4483': attribute type 10 has an invalid length. [ 392.290728][T14815] ufs: You didn't specify the type of your ufs filesystem [ 392.290728][T14815] [ 392.290728][T14815] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 392.290728][T14815] [ 392.290728][T14815] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 392.357005][T14813] team0: Port device macvlan0 added [ 392.395249][T14815] ufs: ufstype=old is supported read-only [ 392.411281][T14815] ufs: ufs_fill_super(): bad magic number [ 392.809576][T14831] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4491'. [ 392.922205][T14806] loop1: detected capacity change from 0 to 32768 [ 392.950678][T14806] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 scanned by syz.1.4480 (14806) [ 392.997173][T14806] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 393.022757][T14806] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 393.058552][T14806] BTRFS info (device loop1): enabling ssd optimizations [ 393.074823][T14806] BTRFS info (device loop1): not using ssd optimizations [ 393.092003][T14806] BTRFS info (device loop1): turning off barriers [ 393.108856][T14806] BTRFS info (device loop1): using free space tree [ 393.142022][ T4862] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 393.332004][ T4862] usb 6-1: Using ep0 maxpacket: 16 [ 393.340104][ T4862] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 393.358885][ T4862] usb 6-1: config 0 has no interface number 0 [ 393.371386][ T4862] usb 6-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=34.12 [ 393.391282][ T4862] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.401395][ T4862] usb 6-1: Product: syz [ 393.446720][ T4862] usb 6-1: Manufacturer: syz [ 393.451399][ T4862] usb 6-1: SerialNumber: syz [ 393.458944][ T4263] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 393.471137][ T4862] usb 6-1: config 0 descriptor?? [ 393.489050][T14859] netlink: 'syz.0.4498': attribute type 10 has an invalid length. [ 393.759175][T14859] team0: Port device macvlan0 added [ 394.017814][ T4333] usb 6-1: USB disconnect, device number 5 [ 394.232162][T14867] device bond1 entered promiscuous mode [ 394.256747][T14867] 8021q: adding VLAN 0 to HW filter on device bond1 [ 394.320768][T14837] loop4: detected capacity change from 0 to 40427 [ 394.372218][ T126] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 394.388454][T14837] F2FS-fs (loop4): invalid crc value [ 394.430652][T14837] F2FS-fs (loop4): Found nat_bits in checkpoint [ 394.502379][T14837] F2FS-fs (loop4): Start checkpoint disabled! [ 394.527652][T14837] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 394.580170][ T126] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 394.609478][ T126] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 394.672734][ T126] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 394.702119][ T126] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 394.742849][ T126] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 394.781575][ T126] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.830337][ T126] usb 2-1: config 0 descriptor?? [ 395.031513][ T4352] kworker/u4:5: attempt to access beyond end of device [ 395.031513][ T4352] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 395.054029][ T126] hdpvr 2-1:0.0: firmware version 0x15 dated Š–¸&S¶3;¨“Ãx&X^„œ wÒΖŠ g/ƒ µn#»† [ 395.266385][ T126] hdpvr 2-1:0.0: device init failed [ 395.277620][ T126] hdpvr: probe of 2-1:0.0 failed with error -12 [ 395.318130][ T126] usb 2-1: USB disconnect, device number 14 [ 395.548166][T14907] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4511'. [ 395.557219][T14907] netlink: 74 bytes leftover after parsing attributes in process `syz.4.4511'. [ 395.763565][ T4333] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 395.965015][ T4333] usb 6-1: Using ep0 maxpacket: 16 [ 395.973866][ T4333] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 395.997667][ T4333] usb 6-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 396.027108][ T4333] usb 6-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 396.052387][ T4333] usb 6-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 396.073472][T14931] cgroup: subsys name conflicts with all [ 396.082672][ T4333] usb 6-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 396.116525][ T4333] usb 6-1: config 1 interface 0 has no altsetting 0 [ 396.136921][ T4333] usb 6-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 396.166413][ T4333] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.226841][ T4333] ums-sddr09 6-1:1.0: USB Mass Storage device detected [ 396.260906][T14933] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4531'. [ 396.378915][T14941] ieee802154 phy0 wpan0: encryption failed: -22 [ 396.509294][ T4333] ums-sddr09: probe of 6-1:1.0 failed with error -22 [ 396.543343][ T4333] usb 6-1: USB disconnect, device number 6 [ 396.606264][T14951] loop1: detected capacity change from 0 to 64 [ 397.117137][T14967] IPv6: NLM_F_CREATE should be specified when creating new route [ 398.260383][T15017] loop5: detected capacity change from 0 to 4096 [ 398.303997][T15017] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 398.382980][T15017] ntfs3: loop5: Failed to load root. [ 398.479293][T15031] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 399.024753][T15047] loop1: detected capacity change from 0 to 1764 [ 399.350081][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.373529][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.393457][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.413313][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.432152][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.450228][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.470595][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.495483][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.518783][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4593'. [ 399.539753][T15058] netlink: 'syz.0.4592': attribute type 1 has an invalid length. [ 399.646470][T15069] loop6: detected capacity change from 0 to 4096 [ 399.684306][T15069] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 400.522507][T15108] autofs4:pid:15108:autofs_fill_super: called with bogus options [ 401.147253][ C1] sd 0:0:1:0: [sda] tag#787 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 401.157762][ C1] sd 0:0:1:0: [sda] tag#787 CDB: Read(6) 08 00 00 00 03 44 [ 401.239709][T15132] dlm: Unknown command passed to DLM device : 8 [ 401.239709][T15132] [ 401.357305][T15099] loop5: detected capacity change from 0 to 32768 [ 401.449043][T15099] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 401.455988][T15142] netdevsim netdevsim0: Direct firmware load for ..€ failed with error -2 [ 401.486022][T15142] netdevsim netdevsim0: Falling back to sysfs fallback for: ..€ [ 401.494398][T15099] OCFS2: ERROR (device loop5): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 401.521578][T15099] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 401.532763][T15099] OCFS2: File system is now read-only. [ 401.538417][T15099] (syz.5.4613,15099,1):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 401.583760][T12430] ocfs2: Unmounting device (7,5) on (node local) [ 401.838078][ T26] audit: type=1326 audit(1762325882.215:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15153 comm="syz.1.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 401.929691][ T26] audit: type=1326 audit(1762325882.215:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15153 comm="syz.1.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 401.988452][T15160] netlink: 'syz.6.4642': attribute type 12 has an invalid length. [ 402.007002][T15160] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (255) [ 402.017483][ T26] audit: type=1326 audit(1762325882.275:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15153 comm="syz.1.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 402.087227][ T26] audit: type=1326 audit(1762325882.275:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15153 comm="syz.1.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 402.148573][ T26] audit: type=1326 audit(1762325882.275:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15153 comm="syz.1.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 402.259279][T15167] __nla_validate_parse: 38 callbacks suppressed [ 402.259298][T15167] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4645'. [ 402.626631][T15181] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4652'. [ 402.672254][T15181] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4652'. [ 403.356276][T15215] netlink: 'syz.4.4668': attribute type 3 has an invalid length. [ 403.418482][T15211] loop1: detected capacity change from 0 to 4096 [ 403.444210][T15211] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 403.487008][T15211] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 403.528924][T15211] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 403.591165][T15219] loop5: detected capacity change from 0 to 256 [ 403.597769][T15211] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 403.656434][T15211] ntfs: volume version 3.1. [ 404.441596][T15207] loop6: detected capacity change from 0 to 32768 [ 404.607545][T15207] XFS (loop6): DAX unsupported by block device. Turning off DAX. [ 404.629954][T15207] XFS (loop6): Mounting V5 Filesystem [ 404.767559][T15207] XFS (loop6): Ending clean mount [ 404.796719][T15207] XFS (loop6): Quotacheck needed: Please wait. [ 404.879532][T15207] XFS (loop6): Quotacheck: Done. [ 404.925687][T15263] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4688'. [ 405.001212][T15261] loop1: detected capacity change from 0 to 4096 [ 405.049020][T15261] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 405.260838][T12697] XFS (loop6): Unmounting Filesystem [ 405.472202][T15271] netlink: 'syz.4.4693': attribute type 3 has an invalid length. [ 405.652195][ T4333] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 405.846088][ T4333] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 405.868577][ T4333] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.907730][ T4333] usb 2-1: Product: syz [ 405.917861][ T4333] usb 2-1: Manufacturer: syz [ 405.930974][ T4333] usb 2-1: SerialNumber: syz [ 405.963985][ T4333] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 406.041004][ T4333] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 406.403827][ T26] audit: type=1326 audit(1762325886.785:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15302 comm="syz.5.4709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681d18f6c9 code=0x7ffc0000 [ 406.478742][ T41] usb 2-1: USB disconnect, device number 15 [ 406.649672][T15313] mmap: syz.4.4714 (15313) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 407.001225][T15325] xt_l2tp: invalid flags combination: 8 [ 407.131997][ T4333] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 407.145997][ T4333] ath9k_htc: Failed to initialize the device [ 407.187527][ T41] usb 2-1: ath9k_htc: USB layer deinitialized [ 407.206079][T15333] block nbd4: NBD_DISCONNECT [ 407.547179][T15347] xt_hashlimit: max too large, truncated to 1048576 [ 408.103356][T15367] loop4: detected capacity change from 0 to 64 [ 408.229156][T15332] loop1: detected capacity change from 0 to 32768 [ 408.377543][T15332] XFS (loop1): Mounting V5 Filesystem [ 408.497583][T15332] XFS (loop1): Ending clean mount [ 408.509344][T15387] dlm: plock device version mismatch: kernel (1.2.0), user (1.16121856.0) [ 408.721537][ T4263] XFS (loop1): Unmounting Filesystem [ 408.732879][T15393] x_tables: duplicate underflow at hook 4 [ 408.799857][T15396] netlink: 3648 bytes leftover after parsing attributes in process `syz.6.4750'. [ 408.831177][T15396] netlink: 3648 bytes leftover after parsing attributes in process `syz.6.4750'. [ 408.992514][T15403] netlink: 154020 bytes leftover after parsing attributes in process `syz.4.4754'. [ 409.018247][T15403] openvswitch: netlink: ufid size 48894 bytes exceeds the range (1, 16) [ 409.526282][T15420] netlink: 160 bytes leftover after parsing attributes in process `syz.4.4762'. [ 409.559475][T15423] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 409.632192][T15423] overlayfs: missing 'lowerdir' [ 409.903264][T15433] loop1: detected capacity change from 0 to 16 [ 409.946481][T15433] erofs: (device loop1): mounted with root inode @ nid 36. [ 409.986731][T15433] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 410.034107][T15433] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 410.071801][T15433] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 410.239848][T15441] openvswitch: netlink: Message has 4 unknown bytes. [ 410.408991][T15445] loop6: detected capacity change from 0 to 1024 [ 410.480454][T15445] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 410.523708][T15445] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (49802!=20869) [ 410.565436][T15445] EXT4-fs error (device loop6): ext4_get_journal_inode:5730: inode #5: comm syz.6.4775: unexpected bad inode w/o EXT4_IGET_BAD [ 410.584234][T15449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 410.602472][T15445] EXT4-fs (loop6): no journal found [ 410.607835][T15445] EXT4-fs (loop6): can't get journal size [ 410.622251][ T6211] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 410.643380][T15445] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 410.717244][T15429] loop4: detected capacity change from 0 to 32768 [ 410.761329][T12697] EXT4-fs (loop6): unmounting filesystem. [ 410.823808][ T6211] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 410.877432][ T6211] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 410.928674][ T6211] usb 2-1: config 220 has no interface number 2 [ 410.966156][ T6211] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 411.032402][ T6211] usb 2-1: config 220 interface 0 has no altsetting 0 [ 411.057848][ T6211] usb 2-1: config 220 interface 76 has no altsetting 0 [ 411.079432][ T6211] usb 2-1: config 220 interface 1 has no altsetting 0 [ 411.118873][T15429] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 411.121475][ T6211] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 411.156985][ T6211] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 411.186621][ T6211] usb 2-1: Product: syz [ 411.190862][ T6211] usb 2-1: Manufacturer: syz [ 411.212935][ T6211] usb 2-1: SerialNumber: syz [ 411.229688][T15429] XFS (loop4): Mounting V5 Filesystem [ 411.270982][T15478] netlink: 666 bytes leftover after parsing attributes in process `syz.6.4787'. [ 411.417521][T15429] XFS (loop4): Ending clean mount [ 411.438890][ T6211] usb 2-1: selecting invalid altsetting 0 [ 411.443778][T15484] overlayfs: missing 'lowerdir' [ 411.460423][ T6211] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 411.468436][T15486] netlink: 'syz.6.4791': attribute type 46 has an invalid length. [ 411.496034][ T6211] usb 2-1: No valid video chain found. [ 411.555889][ T6211] usb 2-1: selecting invalid altsetting 0 [ 411.565841][ T6211] usbtest: probe of 2-1:220.1 failed with error -22 [ 411.581119][ T6211] usb 2-1: USB disconnect, device number 16 [ 411.599345][T15429] XFS (loop4): Quotacheck needed: Please wait. [ 411.700101][T15429] XFS (loop4): Quotacheck: Done. [ 411.879905][ T4273] XFS (loop4): Unmounting Filesystem [ 412.407841][T15512] ip6t_rpfilter: unknown options [ 412.679124][T15527] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4812'. [ 412.698923][T15527] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4812'. [ 412.838776][T15533] loop1: detected capacity change from 0 to 256 [ 412.932487][T15533] FAT-fs (loop1): Directory bread(block 64) failed [ 412.992978][T15533] FAT-fs (loop1): Directory bread(block 65) failed [ 413.000356][T15533] FAT-fs (loop1): Directory bread(block 66) failed [ 413.024934][T15538] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4817'. [ 413.048830][T15533] FAT-fs (loop1): Directory bread(block 67) failed [ 413.061199][T15533] FAT-fs (loop1): Directory bread(block 68) failed [ 413.071369][T15533] FAT-fs (loop1): Directory bread(block 69) failed [ 413.078401][T15533] FAT-fs (loop1): Directory bread(block 70) failed [ 413.090473][T15533] FAT-fs (loop1): Directory bread(block 71) failed [ 413.098666][T15533] FAT-fs (loop1): Directory bread(block 72) failed [ 413.119340][T15533] FAT-fs (loop1): Directory bread(block 73) failed [ 413.535668][T15557] binder: 15555:15557 ioctl c00c6211 9999999999999999 returned -14 [ 413.965484][T15578] xt_ecn: cannot match TCP bits for non-tcp packets [ 413.968107][T15574] loop1: detected capacity change from 0 to 2048 [ 414.030233][T15574] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 414.420385][T15591] loop5: detected capacity change from 0 to 64 [ 414.735618][T15562] loop4: detected capacity change from 0 to 32768 [ 415.554243][T15625] netlink: 'syz.4.4860': attribute type 2 has an invalid length. [ 415.592551][T15625] netlink: 119 bytes leftover after parsing attributes in process `syz.4.4860'. [ 415.628841][T15627] netlink: 'syz.0.4861': attribute type 24 has an invalid length. [ 416.032686][T15647] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4871'. [ 416.890130][T15686] netlink: 'syz.4.4889': attribute type 10 has an invalid length. [ 416.900341][T15683] loop5: detected capacity change from 0 to 2048 [ 416.938027][T15686] team0: Device veth1_macvtap failed to register rx_handler [ 416.975236][T15689] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 417.047459][T15683] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 417.074880][T15683] Remounting filesystem read-only [ 417.115533][T15683] NILFS (loop5): error -2 truncating bmap (ino=16) [ 417.294433][T12430] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 417.500496][T15707] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4898'. [ 417.698267][T15715] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4903'. [ 417.748382][T15715] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4903'. [ 417.937193][T15724] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4907'. [ 418.030118][T15728] bridge0: port 3(netdevsim0) entered disabled state [ 418.680181][T15748] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4919'. [ 418.982429][T15725] loop4: detected capacity change from 0 to 32768 [ 419.071515][T15725] XFS (loop4): Mounting V5 Filesystem [ 419.186540][T15725] XFS (loop4): Ending clean mount [ 419.362820][ T4273] XFS (loop4): Unmounting Filesystem [ 419.519034][T15775] lo speed is unknown, defaulting to 1000 [ 419.543973][T15775] lo speed is unknown, defaulting to 1000 [ 419.553983][T15775] lo speed is unknown, defaulting to 1000 [ 419.599485][T15778] loop6: detected capacity change from 0 to 64 [ 419.608708][T15775] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 419.719128][T15778] Trying to free block not in datazone [ 419.743128][T15778] Trying to free block not in datazone [ 419.769556][T15778] Trying to free block not in datazone [ 419.783764][T15775] lo speed is unknown, defaulting to 1000 [ 419.799998][T15778] Trying to free block not in datazone [ 419.809201][T15778] minix_free_block (loop6:6): bit already cleared [ 419.825707][T15775] lo speed is unknown, defaulting to 1000 [ 419.839784][T15778] Trying to free block not in datazone [ 419.862229][T15778] Trying to free block not in datazone [ 419.868035][T15783] netlink: 'syz.1.4933': attribute type 1 has an invalid length. [ 419.870163][T15775] lo speed is unknown, defaulting to 1000 [ 419.893122][T15775] lo speed is unknown, defaulting to 1000 [ 419.913160][T15775] lo speed is unknown, defaulting to 1000 [ 419.914221][T15783] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4933'. [ 419.926039][T15775] lo speed is unknown, defaulting to 1000 [ 420.365201][T15799] loop6: detected capacity change from 0 to 256 [ 420.559290][T15807] loop1: detected capacity change from 0 to 256 [ 420.607165][T15807] exfat: Deprecated parameter 'utf8' [ 420.624989][T15807] exfat: Deprecated parameter 'namecase' [ 420.641765][T15807] exfat: Deprecated parameter 'namecase' [ 420.663098][T15807] exfat: Deprecated parameter 'utf8' [ 420.711330][T15807] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 421.014411][T15823] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 421.277035][T15835] loop1: detected capacity change from 0 to 256 [ 421.319352][T15835] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 421.355085][T15835] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 421.402962][T15835] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 421.646184][T15847] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 421.883274][T15855] loop4: detected capacity change from 0 to 16 [ 421.900022][T15855] erofs: (device loop4): mounted with root inode @ nid 36. [ 422.341458][T15859] loop1: detected capacity change from 0 to 8192 [ 422.397361][T15859] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 422.616490][T15877] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4979'. [ 422.779801][T15881] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4981'. [ 422.902105][ T4864] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 422.961116][T15886] netlink: 'syz.4.4983': attribute type 10 has an invalid length. [ 422.982067][ T6211] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 422.991129][T15886] team0: Cannot enslave team device to itself [ 423.116185][ T4864] usb 6-1: Using ep0 maxpacket: 32 [ 423.119548][T15892] tc_dump_action: action bad kind [ 423.124757][ T4864] usb 6-1: unable to get BOS descriptor or descriptor too short [ 423.146130][ T4864] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 423.162278][ T4864] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 423.182790][ T4864] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 423.195415][ T6211] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 423.205126][ T4864] usb 6-1: string descriptor 0 read error: -22 [ 423.211420][ T4864] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 423.228961][ T6211] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.245984][ T6211] usb 2-1: Product: syz [ 423.252321][ T6211] usb 2-1: Manufacturer: syz [ 423.256968][ T6211] usb 2-1: SerialNumber: syz [ 423.261767][ T4864] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.287558][ T6211] usb 2-1: config 0 descriptor?? [ 423.295508][ T4864] usb 6-1: 0:2 : does not exist [ 423.513118][ T6211] hso 2-1:0.0: Can't find BULK IN endpoint [ 423.519508][ T6211] usb-storage 2-1:0.0: USB Mass Storage device detected [ 423.547882][ T4864] usb 6-1: USB disconnect, device number 7 [ 423.637767][T15902] loop6: detected capacity change from 0 to 4096 [ 423.710177][T15902] ntfs: volume version 3.1. [ 423.728748][ T6211] usb 2-1: USB disconnect, device number 17 [ 423.758064][T15910] loop4: detected capacity change from 0 to 1024 [ 423.797293][T15902] __ntfs_error: 3 callbacks suppressed [ 423.797311][T15902] ntfs: (device loop6): ntfs_truncate(): Inode 0x43 has unknown attribute type 0x80. Aborting truncate. [ 424.316024][ T26] audit: type=1326 audit(1762325904.695:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15927 comm="syz.6.5002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58c58f6c9 code=0x7ffc0000 [ 424.399660][ T26] audit: type=1326 audit(1762325904.695:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15927 comm="syz.6.5002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7fb58c58f6c9 code=0x7ffc0000 [ 424.454663][T15932] netlink: 'syz.4.5005': attribute type 2 has an invalid length. [ 424.466416][T15932] netlink: 10 bytes leftover after parsing attributes in process `syz.4.5005'. [ 424.478479][ T26] audit: type=1326 audit(1762325904.695:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15927 comm="syz.6.5002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58c58f6c9 code=0x7ffc0000 [ 424.511763][T15934] siw: device registration error -23 [ 424.518211][ T26] audit: type=1326 audit(1762325904.695:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15927 comm="syz.6.5002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58c58f6c9 code=0x7ffc0000 [ 424.600409][T15936] loop6: detected capacity change from 0 to 16 [ 424.633273][T15938] loop5: detected capacity change from 0 to 64 [ 424.647128][T15936] erofs: (device loop6): mounted with root inode @ nid 36. [ 424.699270][T15938] MINIX-fs: mounting file system with errors, running fsck is recommended [ 425.196988][T15956] IPv6: Can't replace route, no match found [ 425.408005][T15964] loop6: detected capacity change from 0 to 164 [ 425.431824][T15964] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 425.470879][T15966] loop5: detected capacity change from 0 to 128 [ 425.531561][T15966] EXT4-fs: Ignoring removed orlov option [ 425.634948][T15966] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 425.752058][T15966] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 425.835736][T15977] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 425.843068][T15977] IPv6: NLM_F_CREATE should be set when creating new route [ 425.864567][T15966] EXT4-fs error (device loop5): ext4_empty_dir:3139: inode #2: comm syz.5.5022: Directory block failed checksum [ 426.035671][T12430] EXT4-fs (loop5): unmounting filesystem. [ 426.148682][T15986] siw: device registration error -23 [ 426.347506][T15992] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5034'. [ 427.033189][T16013] netlink: 'syz.6.5044': attribute type 1 has an invalid length. [ 427.061447][T16013] netlink: 224 bytes leftover after parsing attributes in process `syz.6.5044'. [ 427.218420][T16016] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5046'. [ 427.267272][T15988] loop5: detected capacity change from 0 to 32768 [ 427.279303][T16016] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5046'. [ 427.331602][T15988] ea_get: invalid extended attribute [ 427.332016][T16016] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5046'. [ 427.656475][T16024] overlayfs: missing 'lowerdir' [ 427.777372][T16006] loop1: detected capacity change from 0 to 32768 [ 427.846733][T16026] loop6: detected capacity change from 0 to 1024 [ 428.062051][T16026] Quota error (device loop6): do_check_range: Getting block 64 out of range 1-5 [ 428.142103][T16026] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0 [ 428.172054][T16026] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.5051: Failed to acquire dquot type 0 [ 428.245049][T16026] EXT4-fs error (device loop6): mb_free_blocks:1810: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 428.327840][T16026] EXT4-fs error (device loop6): ext4_do_update_inode:5268: inode #13: comm syz.6.5051: corrupted inode contents [ 428.350983][T16026] EXT4-fs error (device loop6): ext4_dirty_inode:6133: inode #13: comm syz.6.5051: mark_inode_dirty error [ 428.395847][T16026] EXT4-fs error (device loop6): ext4_do_update_inode:5268: inode #13: comm syz.6.5051: corrupted inode contents [ 428.408322][ T4275] Bluetooth: hci2: unexpected subevent 0x1a length: 10 > 6 [ 428.448369][T16026] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #13: comm syz.6.5051: mark_inode_dirty error [ 428.504384][T16026] EXT4-fs error (device loop6): ext4_do_update_inode:5268: inode #13: comm syz.6.5051: corrupted inode contents [ 428.552340][T16026] EXT4-fs error (device loop6) in ext4_orphan_del:301: Corrupt filesystem [ 428.571163][T16026] EXT4-fs error (device loop6): ext4_do_update_inode:5268: inode #13: comm syz.6.5051: corrupted inode contents [ 428.613326][T16026] EXT4-fs error (device loop6): ext4_truncate:4318: inode #13: comm syz.6.5051: mark_inode_dirty error [ 428.672833][T16026] EXT4-fs error (device loop6) in ext4_process_orphan:343: Corrupt filesystem [ 428.696951][T16026] EXT4-fs (loop6): 1 truncate cleaned up [ 428.741967][T16026] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 428.809894][T16026] Quota error (device loop6): do_check_range: Getting block 64 out of range 1-5 [ 428.863537][T16026] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0 [ 428.908663][T16026] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.5051: Failed to acquire dquot type 0 [ 429.220452][T16064] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma? [ 429.434071][T16072] netlink: 'syz.1.5074': attribute type 2 has an invalid length. [ 429.725255][T12697] EXT4-fs (loop6): unmounting filesystem. [ 429.765212][T16035] syz.4.5057 (16035): drop_caches: 2 [ 429.878718][T16086] netlink: 'syz.6.5069': attribute type 5 has an invalid length. [ 430.081135][T16095] device netdevsim0 left promiscuous mode [ 430.127083][T16095] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 430.338167][T16104] binder: 16103:16104 unknown command 0 [ 430.353282][T16104] binder: 16103:16104 ioctl c0306201 200000000480 returned -22 [ 430.706567][T16119] device gre0 entered promiscuous mode [ 431.051744][T16133] loop6: detected capacity change from 0 to 1024 [ 431.204377][T16133] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #3: block 2: comm syz.6.5104: lblock 2 mapped to illegal pblock 2 (length 1) [ 431.275326][T16140] loop4: detected capacity change from 0 to 128 [ 431.319406][T16140] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 431.338725][T16133] Quota error (device loop6): qtree_write_dquot: dquota write failed [ 431.376748][T16133] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #3: block 48: comm syz.6.5104: lblock 0 mapped to illegal pblock 48 (length 1) [ 431.392776][T16140] ext4 filesystem being mounted at /1027/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 431.427201][T16133] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 431.452033][T16140] EXT4-fs (loop4): resizing filesystem from 64 to 1 blocks [ 431.452369][T16133] EXT4-fs error (device loop6): ext4_acquire_dquot:6809: comm syz.6.5104: Failed to acquire dquot type 0 [ 431.501238][T16133] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5929: Corrupt filesystem [ 431.510276][T16140] EXT4-fs warning (device loop4): ext4_resize_fs:2051: can't shrink FS - resize aborted [ 431.562356][T16133] EXT4-fs error (device loop6): ext4_evict_inode:279: inode #11: comm syz.6.5104: mark_inode_dirty error [ 431.584500][T16133] EXT4-fs warning (device loop6): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 431.626349][T16133] EXT4-fs (loop6): 1 orphan inode deleted [ 431.639960][T16133] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 431.652057][ T4711] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:26: lblock 1 mapped to illegal pblock 1 (length 1) [ 431.731075][T16146] netlink: 'syz.1.5109': attribute type 1 has an invalid length. [ 431.739208][ T4711] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 431.769610][T16146] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5109'. [ 431.786865][ T4711] EXT4-fs error (device loop6): ext4_release_dquot:6845: comm kworker/u4:26: Failed to release dquot type 0 [ 431.855449][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 431.885637][T12697] EXT4-fs (loop6): unmounting filesystem. [ 431.915241][ T4678] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:13: lblock 1 mapped to illegal pblock 1 (length 1) [ 431.944944][ T4678] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 431.985453][ T4678] EXT4-fs error (device loop6): ext4_release_dquot:6845: comm kworker/u4:13: Failed to release dquot type 0 [ 431.995585][T16131] loop5: detected capacity change from 0 to 40427 [ 432.013863][T12697] EXT4-fs error (device loop6): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 432.037488][T16131] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x7 [ 432.056879][T12697] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5929: Corrupt filesystem [ 432.065996][T16131] F2FS-fs (loop5): inline encryption not supported [ 432.077179][T12697] EXT4-fs error (device loop6): ext4_quota_off:7115: inode #3: comm syz-executor: mark_inode_dirty error [ 432.122387][T16131] F2FS-fs (loop5): invalid crc value [ 432.183052][T16131] F2FS-fs (loop5): Found nat_bits in checkpoint [ 432.252764][T16155] loop4: detected capacity change from 0 to 128 [ 432.340767][T16155] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 432.390246][T16155] ext4 filesystem being mounted at /1029/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 432.401312][T16131] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 432.632422][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 432.691284][T16169] loop6: detected capacity change from 0 to 64 [ 432.748592][T16169] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 432.834610][T16169] syz.6.5117: attempt to access beyond end of device [ 432.834610][T16169] loop6: rw=0, sector=201326604, nr_sectors = 2 limit=64 [ 432.894541][T16169] Buffer I/O error on dev loop6, logical block 100663302, async page read [ 432.935876][T16169] syz.6.5117: attempt to access beyond end of device [ 432.935876][T16169] loop6: rw=0, sector=201326604, nr_sectors = 2 limit=64 [ 433.009538][T16169] Buffer I/O error on dev loop6, logical block 100663302, async page read [ 433.210004][T16183] loop4: detected capacity change from 0 to 2048 [ 433.277182][T16183] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d [ 433.330081][T16183] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 433.425603][T16183] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 1376) has entry at pos 100 with incorrect tag 6 [ 434.023662][T16209] misc userio: No port type given on /dev/userio [ 434.276515][T16214] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5139'. [ 434.342234][T16214] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5139'. [ 434.360441][T16214] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5139'. [ 434.849310][T16206] loop6: detected capacity change from 0 to 32768 [ 434.876358][T16206] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 11 [ 434.927208][T16200] syz.1.5132 (16200): drop_caches: 2 [ 435.329682][ T4394] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 11 [ 436.157924][T16258] syz.5.5159 (16258): drop_caches: 2 [ 436.414090][T16266] loop5: detected capacity change from 0 to 512 [ 436.453201][T16266] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 436.487363][T16268] netlink: 'syz.6.5164': attribute type 1 has an invalid length. [ 436.512011][T16268] netlink: 'syz.6.5164': attribute type 3 has an invalid length. [ 436.519930][T16268] netlink: 224 bytes leftover after parsing attributes in process `syz.6.5164'. [ 436.537116][T16266] EXT4-fs (loop5): 1 truncate cleaned up [ 436.548297][T16266] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 436.684075][T16242] loop1: detected capacity change from 0 to 32768 [ 436.708372][T12430] EXT4-fs (loop5): unmounting filesystem. [ 436.806211][T16242] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 436.858510][T16242] XFS (loop1): Mounting V5 Filesystem [ 436.885171][T16290] loop5: detected capacity change from 0 to 1024 [ 436.911443][T16290] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5 [ 436.922310][T16290] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 436.932486][T16290] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.5168: Failed to acquire dquot type 0 [ 436.957870][T16290] EXT4-fs error (device loop5): mb_free_blocks:1810: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 437.025000][T16290] EXT4-fs error (device loop5): ext4_do_update_inode:5268: inode #13: comm syz.5.5168: corrupted inode contents [ 437.067234][T16242] XFS (loop1): Ending clean mount [ 437.076336][T16290] EXT4-fs error (device loop5): ext4_dirty_inode:6133: inode #13: comm syz.5.5168: mark_inode_dirty error [ 437.146402][T16290] EXT4-fs error (device loop5): ext4_do_update_inode:5268: inode #13: comm syz.5.5168: corrupted inode contents [ 437.211774][T16290] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #13: comm syz.5.5168: mark_inode_dirty error [ 437.235205][ T4263] XFS (loop1): Unmounting Filesystem [ 437.243863][T16299] loop4: detected capacity change from 0 to 16 [ 437.245183][T16290] EXT4-fs error (device loop5): ext4_do_update_inode:5268: inode #13: comm syz.5.5168: corrupted inode contents [ 437.295316][T16301] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5175'. [ 437.298464][T16290] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem [ 437.314317][T16290] EXT4-fs error (device loop5): ext4_do_update_inode:5268: inode #13: comm syz.5.5168: corrupted inode contents [ 437.331191][T16290] EXT4-fs error (device loop5): ext4_truncate:4318: inode #13: comm syz.5.5168: mark_inode_dirty error [ 437.351998][T16290] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem [ 437.372868][T16299] erofs: (device loop4): mounted with root inode @ nid 36. [ 437.383710][T16290] EXT4-fs (loop5): 1 truncate cleaned up [ 437.389483][T16290] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 437.578833][T16290] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5 [ 437.655925][T16290] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 437.673537][T16290] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.5168: Failed to acquire dquot type 0 [ 437.828156][T12430] EXT4-fs (loop5): unmounting filesystem. [ 438.016391][T16317] bridge0: port 3(bond0) entered blocking state [ 438.036568][T16317] bridge0: port 3(bond0) entered disabled state [ 438.055325][T16317] device bond0 entered promiscuous mode [ 438.092620][T16317] device bond_slave_0 entered promiscuous mode [ 438.112097][T16317] device bond_slave_1 entered promiscuous mode [ 438.122900][T16317] bridge0: port 3(bond0) entered blocking state [ 438.129290][T16317] bridge0: port 3(bond0) entered forwarding state [ 438.408799][T16333] loop4: detected capacity change from 0 to 1764 [ 438.487836][T16338] comedi comedi0: dt2801: I/O port conflict (0xffffffffffffff7f,2) [ 438.896145][T16348] loop1: detected capacity change from 0 to 2048 [ 439.015701][T16357] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 439.068135][T16348] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=128, inode=18302628885633695744, rec_len=65535, name_len=255 [ 439.153344][T16348] Remounting filesystem read-only [ 439.287420][T16370] netlink: 'syz.6.5207': attribute type 3 has an invalid length. [ 439.873496][ T6211] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 440.015295][T16396] loop4: detected capacity change from 0 to 1024 [ 440.061131][T16396] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 440.095096][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.105885][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.133872][ T6211] usb 7-1: config 0 has an invalid interface number: 229 but max is 0 [ 440.153236][ T6211] usb 7-1: config 0 has no interface number 0 [ 440.172277][ T6211] usb 7-1: config 0 interface 229 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 440.194479][ T6211] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=1f.38 [ 440.213937][ T6211] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 440.228662][ T6211] usb 7-1: Product: syz [ 440.244768][ T6211] usb 7-1: Manufacturer: syz [ 440.249572][ T6211] usb 7-1: SerialNumber: syz [ 440.294125][ T6211] usb 7-1: config 0 descriptor?? [ 440.396418][T16403] netlink: 84 bytes leftover after parsing attributes in process `syz.5.5225'. [ 440.425976][T16403] netlink: 84 bytes leftover after parsing attributes in process `syz.5.5225'. [ 440.481820][T16406] bridge0: port 4(bond0) entered blocking state [ 440.491839][T16406] bridge0: port 4(bond0) entered disabled state [ 440.528681][ T6211] usb 7-1: USB disconnect, device number 2 [ 440.546641][T16406] device bond0 entered promiscuous mode [ 440.562171][T16406] device bond_slave_0 entered promiscuous mode [ 440.568634][T16406] device bond_slave_1 entered promiscuous mode [ 440.629230][T16406] bridge0: port 4(bond0) entered blocking state [ 440.635698][T16406] bridge0: port 4(bond0) entered forwarding state [ 440.875132][T16410] loop5: detected capacity change from 0 to 4096 [ 440.905896][T16410] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 441.005286][T16410] ntfs3: loop5: failed to convert "c46c" to iso8859-7 [ 441.324456][T16404] loop4: detected capacity change from 0 to 32768 [ 441.446592][T16404] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 441.513133][T16404] (syz.4.5224,16404,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 441.632248][T16404] ocfs2: Unmounting device (7,4) on (node local) [ 441.672592][T16436] loop6: detected capacity change from 0 to 1024 [ 441.711559][T16436] EXT4-fs: Ignoring removed nomblk_io_submit option [ 441.742449][T16436] EXT4-fs: Ignoring removed nomblk_io_submit option [ 441.765540][T16436] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 441.812087][T16436] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 441.840076][T16442] netlink: 'syz.1.5243': attribute type 1 has an invalid length. [ 441.876423][T16442] netlink: 'syz.1.5243': attribute type 3 has an invalid length. [ 441.887952][T16436] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 441.888414][T16442] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5243'. [ 442.108711][T16452] loop4: detected capacity change from 0 to 256 [ 442.176311][ T47] Bluetooth: hci5: command 0x0406 tx timeout [ 442.224733][ T26] audit: type=1326 audit(1762325922.605:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16455 comm="syz.1.5249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 442.226535][T16454] netlink: 88 bytes leftover after parsing attributes in process `syz.5.5248'. [ 442.247197][ C0] vkms_vblank_simulate: vblank timer overrun [ 442.267975][ T26] audit: type=1326 audit(1762325922.625:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16455 comm="syz.1.5249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 442.298119][T12697] EXT4-fs (loop6): unmounting filesystem. [ 442.378150][ T26] audit: type=1326 audit(1762325922.625:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16455 comm="syz.1.5249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 442.400573][ C0] vkms_vblank_simulate: vblank timer overrun [ 442.525465][ T26] audit: type=1326 audit(1762325922.625:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16455 comm="syz.1.5249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb2c18f6c9 code=0x7ffc0000 [ 442.547933][ C0] vkms_vblank_simulate: vblank timer overrun [ 442.568623][T16464] loop6: detected capacity change from 0 to 512 [ 442.639067][T16464] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 442.648507][T16464] ext4 filesystem being mounted at /330/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 442.790663][T12697] EXT4-fs (loop6): unmounting filesystem. [ 443.230149][T16493] netlink: 'syz.0.5266': attribute type 2 has an invalid length. [ 443.248407][T16493] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5266'. [ 443.312215][ T4864] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 443.513782][ T4864] usb 5-1: config 0 has an invalid interface number: 50 but max is 0 [ 443.532434][ T4864] usb 5-1: config 0 has no interface number 0 [ 443.548843][ T4864] usb 5-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 443.583140][ T4864] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 443.596235][ T4864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 443.615048][ T4864] usb 5-1: Product: syz [ 443.619295][ T4864] usb 5-1: Manufacturer: syz [ 443.635384][ T4864] usb 5-1: SerialNumber: syz [ 443.661209][ T4864] usb 5-1: config 0 descriptor?? [ 443.716953][ T4864] yurex 5-1:0.50: USB YUREX device now attached to Yurex #0 [ 443.719295][T16480] loop1: detected capacity change from 0 to 32768 [ 443.780274][T16480] jfs_lookup: dtSearch returned -5 [ 443.871590][T16510] loop6: detected capacity change from 0 to 128 [ 443.944900][ C1] yurex 5-1:0.50: yurex_interrupt - overflow with length 8, actual length is 8 [ 443.979981][T16510] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 444.033829][T16510] hpfs: filesystem error: improperly stopped [ 444.066202][T16510] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 444.080949][T16510] hpfs: You really don't want any checks? You are crazy... [ 444.112776][T16510] hpfs: hpfs_map_sector(): read error [ 444.118240][T16510] hpfs: code page support is disabled [ 444.146305][T16510] hpfs: hpfs_map_4sectors(): unaligned read [ 444.160260][ T126] usb 5-1: USB disconnect, device number 20 [ 444.172947][T16510] hpfs: hpfs_map_4sectors(): unaligned read [ 444.201554][ T126] yurex 5-1:0.50: USB YUREX #0 now disconnected [ 444.236967][T16510] hpfs: filesystem error: unable to find root dir [ 444.284518][T16510] hpfs: hpfs_map_4sectors(): unaligned read [ 444.297702][T16518] loop5: detected capacity change from 0 to 256 [ 444.327337][T16510] hpfs: hpfs_map_sector(): read error [ 444.364163][T16518] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 445.494368][T16553] loop4: detected capacity change from 0 to 16 [ 445.551718][T16553] erofs: (device loop4): mounted with root inode @ nid 36. [ 445.596943][T16553] syz.4.5296: attempt to access beyond end of device [ 445.596943][T16553] loop4: rw=524288, sector=7864328, nr_sectors = 8 limit=16 [ 445.658650][T16553] syz.4.5296: attempt to access beyond end of device [ 445.658650][T16553] loop4: rw=0, sector=7864328, nr_sectors = 8 limit=16 [ 445.712903][ T26] audit: type=1800 audit(1762325926.095:180): pid=16553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5296" name="file3" dev="loop4" ino=89 res=0 errno=0 [ 445.768737][T16563] sctp: [Deprecated]: syz.6.5301 (pid 16563) Use of struct sctp_assoc_value in delayed_ack socket option. [ 445.768737][T16563] Use struct sctp_sack_info instead [ 445.895241][T16559] loop5: detected capacity change from 0 to 4096 [ 445.922941][T16559] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 446.022543][T16559] ntfs3: loop5: failed to convert "c46c" to cp850 [ 446.041594][T16569] loop6: detected capacity change from 0 to 2048 [ 446.084991][T16569] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 446.326083][T16577] loop1: detected capacity change from 0 to 128 [ 446.537261][T16581] netlink: 129384 bytes leftover after parsing attributes in process `syz.4.5310'. [ 446.836068][T16595] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5317'. [ 447.031715][T16604] cgroup: Unknown subsys name 'pcr' [ 447.106289][T16608] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5323'. [ 447.128352][T16608] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5323'. [ 447.292301][ T47] Bluetooth: hci1: command 0x0406 tx timeout [ 447.562181][ T6211] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 447.762074][ T6211] usb 1-1: Using ep0 maxpacket: 32 [ 447.776505][ T6211] usb 1-1: unable to get BOS descriptor or descriptor too short [ 447.790938][T16603] loop5: detected capacity change from 0 to 40427 [ 447.803295][ T6211] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 447.831165][T16603] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 447.836699][ T6211] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 447.849710][T16603] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 447.887507][T16603] F2FS-fs (loop5): invalid crc value [ 447.891005][ T6211] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.920152][ T6211] usb 1-1: Product: syz [ 447.931453][T16603] F2FS-fs (loop5): Found nat_bits in checkpoint [ 447.935382][ T6211] usb 1-1: Manufacturer: syz [ 447.966252][ T6211] usb 1-1: SerialNumber: syz [ 448.077627][T16603] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 448.086266][T16603] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 448.168363][T16603] syz.5.5321: attempt to access beyond end of device [ 448.168363][T16603] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 448.205619][ T6211] usb 1-1: Limiting number of CPorts to U8_MAX [ 448.219087][ T6211] usb 1-1: Not enough endpoints found in device, aborting! [ 448.226679][T16607] loop4: detected capacity change from 0 to 32768 [ 448.412787][T16607] XFS (loop4): Mounting V5 Filesystem [ 448.427146][T16616] loop6: detected capacity change from 0 to 40427 [ 448.439765][ T41] usb 1-1: USB disconnect, device number 19 [ 448.451967][T16616] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12 [ 448.463098][T16616] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 448.500017][T16635] loop1: detected capacity change from 0 to 4096 [ 448.533295][T16616] F2FS-fs (loop6): invalid crc value [ 448.589763][T16616] F2FS-fs (loop6): Found nat_bits in checkpoint [ 448.694746][T16607] XFS (loop4): Ending clean mount [ 448.698241][T16635] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 448.716295][T16607] XFS (loop4): Quotacheck needed: Please wait. [ 448.716291][T16635] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 448.740113][T16616] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 448.752029][T16616] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 448.854738][T16607] XFS (loop4): Quotacheck: Done. [ 448.902436][T16607] XFS (loop4): Unmounting Filesystem [ 449.254392][T16646] ip6t_REJECT: ECHOREPLY is not supported [ 450.150058][T16672] netlink: 154788 bytes leftover after parsing attributes in process `syz.4.5347'. [ 450.211960][T16672] openvswitch: netlink: Message has 48126 unknown bytes. [ 450.510264][T16682] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 450.765112][T16658] loop1: detected capacity change from 0 to 32768 [ 450.813491][T16658] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 scanned by syz.1.5340 (16658) [ 450.879647][T16658] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 450.927291][T16658] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 450.967495][T16658] BTRFS info (device loop1): using free space tree [ 451.368664][T16658] BTRFS info (device loop1): enabling ssd optimizations [ 451.389415][T16716] loop4: detected capacity change from 0 to 136 [ 451.584130][ T4263] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 451.716629][ T4273] rock: directory entry would overflow storage [ 451.761640][T16676] loop5: detected capacity change from 0 to 32768 [ 451.772869][ T4273] rock: sig=0x4f50, size=4, remaining=3 [ 451.794315][ T4273] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 451.854455][T16676] ialloc: diAlloc returned -5! [ 452.221683][ T4273] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 452.612980][ T6218] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 452.640660][T16736] loop6: detected capacity change from 0 to 4096 [ 452.720662][T16736] ntfs: volume version 3.1. [ 452.766807][T16744] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5374'. [ 452.796236][T16744] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5374'. [ 452.828381][ T6218] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 452.870042][ T6218] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 452.905339][ T6218] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 452.920266][ T6218] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 452.931974][ T126] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 452.952901][T16748] tmpfs: Bad value for 'mpol' [ 452.957952][ T6218] usb 1-1: SerialNumber: syz [ 453.048194][T16751] netlink: 'syz.1.5377': attribute type 1 has an invalid length. [ 453.166114][ T126] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 453.182987][ T6218] usb 1-1: 0:2 : does not exist [ 453.198257][ T6218] usb 1-1: unit 5: unexpected type 0x03 [ 453.204278][ T126] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 453.240436][ T126] usb 6-1: Product: syz [ 453.245102][ T6218] usb 1-1: USB disconnect, device number 20 [ 453.252847][ T126] usb 6-1: Manufacturer: syz [ 453.260214][ T126] usb 6-1: SerialNumber: syz [ 453.302944][ T126] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 453.341219][ T4333] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 453.395986][T16760] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 453.493721][ T4394] udevd[4394]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 453.721810][T16770] UBIFS error (pid: 16770): cannot open "./file0", error -22 [ 453.776031][T16768] loop6: detected capacity change from 0 to 2364 [ 453.834200][ T126] usb 6-1: USB disconnect, device number 8 [ 453.943294][T16774] xt_CT: You must specify a L4 protocol and not use inversions on it [ 454.034363][T16776] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5390'. [ 454.054638][T16776] netlink: 7 bytes leftover after parsing attributes in process `syz.0.5390'. [ 454.474502][T16797] IPv6: NLM_F_CREATE should be specified when creating new route [ 454.652139][ T4333] usb 6-1: Service connection timeout for: 256 [ 454.660830][ T4333] ath9k_htc 6-1:1.0: ath9k_htc: Unable to initialize HTC services [ 454.697274][ T4333] ath9k_htc: Failed to initialize the device [ 454.718372][ T126] usb 6-1: ath9k_htc: USB layer deinitialized [ 454.973935][T16816] loop5: detected capacity change from 0 to 128 [ 455.009076][T16816] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 455.060172][T16816] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 455.187713][T16822] loop4: detected capacity change from 0 to 1764 [ 455.464662][T16830] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5417'. [ 455.756428][T16836] loop4: detected capacity change from 0 to 4096 [ 455.901747][T16849] sctp: [Deprecated]: syz.6.5428 (pid 16849) Use of int in max_burst socket option. [ 455.901747][T16849] Use struct sctp_assoc_value instead [ 455.979031][T16852] loop5: detected capacity change from 0 to 1024 [ 456.060013][T16852] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 456.154399][T16852] EXT4-fs error (device loop5): ext4_empty_dir:3166: inode #11: block 623: comm syz.5.5426: Attempting to read directory block (623) that is past i_size (638464) [ 456.243231][T16852] EXT4-fs (loop5): Remounting filesystem read-only [ 456.378059][T12430] EXT4-fs (loop5): unmounting filesystem. [ 456.434489][T16867] xt_CT: You must specify a L4 protocol and not use inversions on it [ 456.491404][T16870] x_tables: unsorted underflow at hook 2 [ 456.810488][T16885] binder: 16884:16885 ioctl c018620c 2000000002c0 returned -1 [ 456.947251][T16891] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5445'. [ 456.992174][T16891] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5445'. [ 457.358617][T16909] netlink: 'syz.5.5455': attribute type 8 has an invalid length. [ 458.230078][T16905] loop6: detected capacity change from 0 to 32768 [ 458.259731][T16905] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop6 scanned by syz.6.5453 (16905) [ 458.320444][T16905] BTRFS info (device loop6): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 458.364810][T16905] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 458.403303][T16905] BTRFS info (device loop6): turning on flush-on-commit [ 458.426687][T16905] BTRFS info (device loop6): turning off barriers [ 458.449529][T16905] BTRFS info (device loop6): turning on sync discard [ 458.470314][T16905] BTRFS info (device loop6): using free space tree [ 459.002481][T12697] BTRFS info (device loop6): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 459.126239][ T4333] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 459.319116][ T4333] usb 1-1: Using ep0 maxpacket: 32 [ 459.330847][ T4333] usb 1-1: config 0 has an invalid interface number: 35 but max is 0 [ 459.377548][ T4333] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 459.408470][ T4333] usb 1-1: config 0 has no interface number 0 [ 459.440652][ T4333] usb 1-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 459.481028][T16936] loop1: detected capacity change from 0 to 32768 [ 459.513157][ T4333] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 459.547509][ T4333] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.565935][ T4333] usb 1-1: Product: syz [ 459.570834][ T4333] usb 1-1: Manufacturer: syz [ 459.581933][ T4333] usb 1-1: SerialNumber: syz [ 459.588973][ T4333] usb 1-1: config 0 descriptor?? [ 459.602786][ T4333] radio-si470x 1-1:0.35: could not find interrupt in endpoint [ 459.616682][ T4333] radio-si470x: probe of 1-1:0.35 failed with error -5 [ 459.669635][T16936] XFS (loop1): Mounting V5 Filesystem [ 459.806614][ T4333] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 459.846493][ T26] audit: type=1326 audit(1762325940.225:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16996 comm="syz.5.5485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681d18f6c9 code=0x7ffc0000 [ 459.858957][T16936] XFS (loop1): Ending clean mount [ 459.880865][T16936] XFS (loop1): Quotacheck needed: Please wait. [ 459.952013][ T26] audit: type=1326 audit(1762325940.275:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16996 comm="syz.5.5485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681d18f6c9 code=0x7ffc0000 [ 459.986035][T16936] XFS (loop1): Quotacheck: Done. [ 460.012240][ T26] audit: type=1326 audit(1762325940.275:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16996 comm="syz.5.5485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f681d18f6c9 code=0x7ffc0000 [ 460.038757][ T4333] radio-raremono 1-1:0.35: raremono_cmd_main failed (-71) [ 460.069957][ T4333] radio-raremono 1-1:0.35: V4L2 device registered as radio48 [ 460.127239][ T4333] usb 1-1: USB disconnect, device number 21 [ 460.142167][ T26] audit: type=1326 audit(1762325940.275:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16996 comm="syz.5.5485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681d18f6c9 code=0x7ffc0000 [ 460.178522][ T4333] radio-raremono 1-1:0.35: Thanko's Raremono disconnected [ 460.208343][ T4263] XFS (loop1): Unmounting Filesystem [ 460.233195][ T26] audit: type=1326 audit(1762325940.275:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16996 comm="syz.5.5485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681d18f6c9 code=0x7ffc0000 [ 460.319828][T17006] netlink: 'syz.4.5489': attribute type 21 has an invalid length. [ 460.326829][ T26] audit: type=1326 audit(1762325940.315:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16998 comm="syz.4.5486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 460.378105][T17006] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5489'. [ 460.444157][ T26] audit: type=1326 audit(1762325940.365:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16998 comm="syz.4.5486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 460.492791][ T26] audit: type=1326 audit(1762325940.365:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16998 comm="syz.4.5486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 460.566712][ T26] audit: type=1326 audit(1762325940.365:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16998 comm="syz.4.5486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 460.696619][ T26] audit: type=1326 audit(1762325940.365:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16998 comm="syz.4.5486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fbb8f6c9 code=0x7ffc0000 [ 461.456271][T17044] cifs: Unknown parameter 'Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 461.456271][T17044] SÃȘØÈžZ§6ŸÂ' [ 461.744360][T17059] netlink: 'syz.6.5514': attribute type 32 has an invalid length. [ 462.492889][T17086] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5529'. [ 462.689406][T17092] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 462.752926][T17092] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 462.836176][T17098] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 462.858488][T17064] loop4: detected capacity change from 0 to 32768 [ 462.902283][T17064] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.5518 (17064) [ 462.948270][T17064] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 462.981821][T17064] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 463.019520][T17064] BTRFS info (device loop4): turning on sync discard [ 463.041685][T17064] BTRFS info (device loop4): setting nodatacow, compression disabled [ 463.060527][T17064] BTRFS info (device loop4): turning off barriers [ 463.085498][T17064] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 463.103367][T17064] BTRFS info (device loop4): trying to use backup root at mount time [ 463.111546][T17064] BTRFS info (device loop4): enabling auto defrag [ 463.132384][ T27] INFO: task syz-executor:4276 blocked for more than 143 seconds. [ 463.146646][ T27] Not tainted syzkaller #0 [ 463.151662][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 463.177818][T17064] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8) [ 463.187505][T17064] BTRFS info (device loop4): use lzo compression, level 0 [ 463.195013][T17064] BTRFS info (device loop4): max_inline at 0 [ 463.201146][T17064] BTRFS info (device loop4): using free space tree [ 463.209147][ T27] task:syz-executor state:D stack:22144 pid:4276 ppid:1 flags:0x00004004 [ 463.219798][ T27] Call Trace: [ 463.226067][ T27] [ 463.229158][ T27] __schedule+0x10ec/0x40b0 [ 463.236115][ T27] ? __sched_text_start+0x8/0x8 [ 463.248228][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 463.282046][ T27] ? lock_chain_count+0x20/0x20 [ 463.287143][ T27] ? _raw_spin_lock_irq+0xab/0xe0 [ 463.292692][ T27] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 463.298311][ T27] schedule+0xb9/0x180 [ 463.303875][ T27] io_schedule+0x7c/0xd0 [ 463.311232][ T27] folio_wait_bit_common+0x6e1/0xf60 [ 463.317089][ T27] ? folio_wait_bit+0x30/0x30 [ 463.336028][ T27] ? migration_entry_wait_on_locked+0xe50/0xe50 [ 463.347188][ T27] ? folio_mapping+0x1ba/0x4d0 [ 463.368289][ T27] truncate_inode_pages_range+0x9a2/0xff0 [ 463.393864][ T4352] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 463.416181][ T27] ? mapping_evict_folio+0x520/0x520 [ 463.438739][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 463.458605][T17064] BTRFS error (device loop4): failed to load root extent [ 463.471750][T17064] BTRFS warning (device loop4): try to load backup roots slot 1 [ 463.484975][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 463.493686][ T4701] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 463.521621][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 463.534051][T17064] BTRFS warning (device loop4): couldn't read tree root [ 463.543539][T17064] BTRFS warning (device loop4): try to load backup roots slot 2 [ 463.555527][ T27] evict+0x498/0x870 [ 463.567558][ T27] ? proc_nr_inodes+0x2f0/0x2f0 [ 463.568647][T17064] BTRFS error (device loop4): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7 [ 463.583944][ T27] ? do_raw_spin_unlock+0x11d/0x230 [ 463.584022][ T27] ? _raw_spin_unlock+0x24/0x40 [ 463.584063][ T27] ? do_raw_spin_unlock+0x11d/0x230 [ 463.584100][ T27] evict_inodes+0x604/0x690 [ 463.650866][T17064] BTRFS warning (device loop4): couldn't read tree root [ 463.650970][ T27] ? clear_inode+0x150/0x150 [ 463.676174][ T27] ? dput+0x1c9/0x1d0 [ 463.677262][T17064] BTRFS warning (device loop4): try to load backup roots slot 3 [ 463.686038][ T27] ? sync_filesystem+0x103/0x220 [ 463.707898][ T27] generic_shutdown_super+0x93/0x340 [ 463.737535][ T27] kill_block_super+0x7c/0xe0 [ 463.737946][T17064] BTRFS info (device loop4): enabling ssd optimizations [ 463.753154][T17064] BTRFS info (device loop4): rebuilding free space tree [ 463.787753][ T27] deactivate_locked_super+0x93/0xf0 [ 463.800931][T17064] BTRFS info (device loop4): checking UUID tree [ 463.801060][ T27] cleanup_mnt+0x463/0x4f0 [ 463.823751][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 463.829320][ T27] task_work_run+0x1ca/0x250 [ 463.839256][ T27] ? task_work_cancel+0x230/0x230 [ 463.845488][ T27] ? exit_to_user_mode_loop+0x3b/0x110 [ 463.851046][ T27] exit_to_user_mode_loop+0xe6/0x110 [ 463.860844][ T27] exit_to_user_mode_prepare+0xee/0x180 [ 463.867431][ T27] syscall_exit_to_user_mode+0x16/0x40 [ 463.877223][ T27] do_syscall_64+0x58/0xa0 [ 463.881786][ T27] ? clear_bhb_loop+0x60/0xb0 [ 463.887313][ T27] ? clear_bhb_loop+0x60/0xb0 [ 463.896919][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 463.903051][ T27] RIP: 0033:0x7fa2983909f7 [ 463.907523][ T27] RSP: 002b:00007ffc0d04c4e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 463.920196][ T27] RAX: 0000000000000000 RBX: 00007fa298411d7d RCX: 00007fa2983909f7 [ 463.929623][ T27] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc0d04c5a0 [ 463.945911][ T27] RBP: 00007ffc0d04c5a0 R08: 0000000000000000 R09: 0000000000000000 [ 463.954264][ T27] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc0d04d630 [ 463.966572][ T27] R13: 00007fa298411d7d R14: 000000000004948d R15: 00007ffc0d04d670 [ 463.975675][ T27] [ 463.978984][ T27] [ 463.978984][ T27] Showing all locks held in the system: [ 464.037452][ T27] 1 lock held by rcu_tasks_kthre/12: [ 464.056497][ T27] #0: ffffffff8cb2b630 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 464.081334][ T27] 1 lock held by rcu_tasks_trace/13: [ 464.088688][ T27] #0: ffffffff8cb2be50 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 464.104015][ T27] 1 lock held by khungtaskd/27: [ 464.108935][ T27] #0: ffffffff8cb2aca0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 464.120945][ T27] 2 locks held by getty/4027: [ 464.128927][ T27] #0: ffff88802ff5f098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 464.151904][ T27] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41b/0x1380 [ 464.168485][ T27] 1 lock held by syz-executor/4276: [ 464.176387][ T27] #0: ffff88804daa60e0 (&type->s_umount_key#60){+.+.}-{3:3}, at: deactivate_super+0xa0/0xd0 [ 464.187002][ T27] 2 locks held by kworker/u4:5/4352: [ 464.192796][ T27] 3 locks held by kworker/u4:24/4707: [ 464.198212][ T27] #0: ffff8880b8e3aad8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 464.208257][ T27] #1: ffff8880b8e27848 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x398/0x6d0 [ 464.219840][ T27] #2: ffff8880b8e28418 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270 [ 464.229310][ T27] 2 locks held by kworker/1:11/4864: [ 464.234749][ T27] #0: ffff888017472138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 464.245292][ T27] #1: ffffc9000ce2fd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 464.257582][ T27] [ 464.259974][ T27] ============================================= [ 464.259974][ T27] [ 464.269018][ T27] NMI backtrace for cpu 1 [ 464.273393][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 [ 464.280726][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 464.290824][ T27] Call Trace: [ 464.294232][ T27] [ 464.297226][ T27] dump_stack_lvl+0x168/0x22e [ 464.301958][ T27] ? irq_work_queue+0xb8/0x140 [ 464.306792][ T27] ? show_regs_print_info+0x12/0x12 [ 464.309844][ T4273] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 464.312023][ T27] ? load_image+0x3b0/0x3b0 [ 464.312059][ T27] ? vprintk_emit+0x571/0x680 [ 464.331533][ T27] ? printk_sprint+0x460/0x460 [ 464.336346][ T27] nmi_cpu_backtrace+0x3f4/0x470 [ 464.341307][ T27] ? nmi_trigger_cpumask_backtrace+0x450/0x450 [ 464.347478][ T27] ? _printk+0xcc/0x110 [ 464.351681][ T27] ? load_image+0x3b0/0x3b0 [ 464.356214][ T27] ? load_image+0x3b0/0x3b0 [ 464.360740][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 464.366847][ T27] nmi_trigger_cpumask_backtrace+0x1d4/0x450 [ 464.372846][ T27] watchdog+0xeee/0xf30 [ 464.377021][ T27] ? watchdog+0x1ed/0xf30 [ 464.381369][ T27] kthread+0x29d/0x330 [ 464.385463][ T27] ? hungtask_pm_notify+0x40/0x40 [ 464.390499][ T27] ? kthread_blkcg+0xd0/0xd0 [ 464.395111][ T27] ret_from_fork+0x1f/0x30 [ 464.399564][ T27] [ 464.403204][ T27] Sending NMI from CPU 1 to CPUs 0: [ 464.408466][ C0] NMI backtrace for cpu 0 [ 464.408477][ C0] CPU: 0 PID: 4352 Comm: kworker/u4:5 Not tainted syzkaller #0 [ 464.408494][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 464.408504][ C0] Workqueue: bat_events batadv_nc_worker [ 464.408536][ C0] RIP: 0010:batadv_nc_purge_paths+0x311/0x3b0 [ 464.408555][ C0] Code: ff ff e8 32 b0 9e f7 4c 89 f7 be 03 00 00 00 e8 05 fc 24 fa e9 87 fe ff ff e8 1b b0 9e f7 eb 05 e8 14 b0 9e f7 48 8b 7c 24 50 0a c4 3f 00 48 8b 44 24 48 42 0f b6 04 28 84 c0 4c 8b 74 24 40 [ 464.408569][ C0] RSP: 0018:ffffc90004417b48 EFLAGS: 00000293 [ 464.408581][ C0] RAX: ffffffff89e2264c RBX: ffffffff89e22810 RCX: ffff88802e12d940 [ 464.408594][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff888053b9d8c0 [ 464.408604][ C0] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000003 [ 464.408613][ C0] R10: fffff52000882f58 R11: 1ffff92000882f58 R12: ffff888074769318 [ 464.408625][ C0] R13: dffffc0000000000 R14: ffff88801a2e34c0 R15: ffff88801a2e34d0 [ 464.408638][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 464.408651][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 464.408662][ C0] CR2: 00007fb58c7b3ad8 CR3: 000000000c88e000 CR4: 00000000003506f0 [ 464.408677][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 464.408686][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 464.408696][ C0] Call Trace: [ 464.408701][ C0] [ 464.408714][ C0] batadv_nc_worker+0x365/0x600 [ 464.408743][ C0] ? process_one_work+0x7a1/0x1160 [ 464.408762][ C0] process_one_work+0x898/0x1160 [ 464.408787][ C0] ? worker_detach_from_pool+0x240/0x240 [ 464.408807][ C0] ? _raw_spin_lock_irq+0xab/0xe0 [ 464.408832][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 464.408857][ C0] ? kthread_data+0x4b/0xc0 [ 464.408882][ C0] worker_thread+0xaa2/0x1250 [ 464.408909][ C0] ? __kthread_parkme+0x162/0x1c0 [ 464.408935][ C0] kthread+0x29d/0x330 [ 464.408957][ C0] ? worker_clr_flags+0x1a0/0x1a0 [ 464.408973][ C0] ? kthread_blkcg+0xd0/0xd0 [ 464.408998][ C0] ret_from_fork+0x1f/0x30 [ 464.409027][ C0] [ 464.411195][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 464.630036][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 [ 464.637272][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 464.647376][ T27] Call Trace: [ 464.650740][ T27] [ 464.653713][ T27] dump_stack_lvl+0x168/0x22e [ 464.658451][ T27] ? memcpy+0x3c/0x60 [ 464.662510][ T27] ? show_regs_print_info+0x12/0x12 [ 464.667844][ T27] ? load_image+0x3b0/0x3b0 [ 464.672423][ T27] panic+0x2c9/0x710 [ 464.676386][ T27] ? schedule_preempt_disabled+0x20/0x20 [ 464.682069][ T27] ? bpf_jit_dump+0xd0/0xd0 [ 464.686642][ T27] ? __irq_work_queue_local+0x12c/0x190 [ 464.692243][ T27] ? nmi_trigger_cpumask_backtrace+0x35b/0x450 [ 464.698492][ T27] ? nmi_trigger_cpumask_backtrace+0x360/0x450 [ 464.704702][ T27] watchdog+0xf2d/0xf30 [ 464.708914][ T27] ? watchdog+0x1ed/0xf30 [ 464.713289][ T27] kthread+0x29d/0x330 [ 464.717556][ T27] ? hungtask_pm_notify+0x40/0x40 [ 464.722700][ T27] ? kthread_blkcg+0xd0/0xd0 [ 464.727313][ T27] ret_from_fork+0x1f/0x30 [ 464.731754][ T27] [ 464.735093][ T27] Kernel Offset: disabled [ 464.739426][ T27] Rebooting in 86400 seconds..