last executing test programs: 1m36.94603565s ago: executing program 0 (id=1509): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000300)={&(0x7f0000b02000/0x1000)=nil}) 1m36.829427191s ago: executing program 0 (id=1513): syz_mount_image$hfs(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1214080, &(0x7f00000002c0)={[{@uid={'uid', 0x3d, 0xee01}}, {@codepage={'codepage', 0x3d, 'iso8859-14'}}, {@gid}, {@dir_umask={'dir_umask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}, {@part={'part', 0x3d, 0x800}}, {@creator={'creator', 0x3d, "5863953a"}}]}, 0x11, 0x31c, &(0x7f0000000940)="$eJzs3U1P1EAcBvBn2u6yKwQrYEg8oiSeCOBB40ViiBe/gAdDRFgTQsVEMVES4+rZGG8mJh69eTb6FfRi/AJ64mA86YV4sGZmOn1Zpt2ywBayzy9h2bbz8p9OX2aWLAURDayri9/fXdiWP6IGwAVwGXAANAAPwGlMNh5ubK5tBq3VooJclUP+COicYlealY2WLavMp3JEfLnkYSS9jg5HGIbhj66pfvclFqqO0Of+Lg4wFJ2danuj75EdjrZu12BJ9bDYwQ4eYbTKcIiIqHrR/d+J7hIj0fjdcYDpaBx+3O//mfHNTnVxHAnx/d/Ry6GQ++ek2pTM99QUTva+Y2aJtrL0MTGSXRkmu7sOfWRlOkB0m1WqWJzmnbWgNdNWBTzHlUgq2YR6XYVpiJIXbV3/mrLMTQsUtb3YsGpDTbZhPif+8T3X+OknXturW/pSIibxWXwVS8LHG6zG4z8vFHLnqP3jd/SUjn82v0TVSl+nyrQymb+fUpWcMT3w8X3Symbefm3AlbHYyFJE5/jdN3G+qufnwhiyHyvo1s3lt07lGrfmmo+X/1pzTXTmanq1oDWzci8o/CjlwFhndOKluCGm8AsfsJga/zsy9TTyz8zMlV+olNGRUdgeT6XM6ccMdQLftZyZTonMA+2ataOLvcBtXMLog8db68tB0Lpf/RtzqhyRePSBGB2Oco38nUqDhnxTA3Bglf4Lw9C6yUM/mlxTTb34Nmny1vqyaOvF/VWBdlyg2bSQnxjAAoBojbki9FL70zjXUFJgqex/ZG+rNfYD0kTVhwPSVJXZ5GKo1JnS7KHS60/Wl4OerkR0zCSdjsmbVQdDVZDDK6Hnf6n5yqy66sgXv2A2EnYrPFXiXM4MaEy9nig3g4uLzZ3BDZs3XeZcZ88D5zpqdGBqfNZZrB/FiaP4V8m9/ylDLOIbbvHzfyIiIiIiIiIiIiIiIiIiIiIiIiKi42av30bo5esE2Rq3B/AfbxARERERERERERERERERERERERERERER7U/q+b+Aq54YU6/8+b9uief/mudSEFHP/gcAAP//NBBgTQ==") mount$nfs(&(0x7f0000000540)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0) 1m36.696020513s ago: executing program 0 (id=1517): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2000000, &(0x7f0000000000)={[{@codepage={'codepage', 0x3d, 'cp936'}}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@type={'type', 0x3d, "67369671"}}]}, 0x5, 0x2db, &(0x7f0000000200)="$eJzs3T9v004cx/HPOUmb/lF//rVFSCygQiVYKgoMiCUIZWVnQkCTShVREW2RgIWCGBEPgJ2nwINgAfEEYGLiAXQzusvZdRrbaUsT98/7JTWyz3fn7+ns+L6WIAJwZt1r/vx887f9M1JFFUl3pEBSXapKOqfz9RfrW2tbnXarqKOKa2H/jLotTV+dlfV2VlPbzrXwQrtX1XS6LM3094xDiqLo7q+yg0Dp3N2fIZDG/X3ojtdHHNewbEsXy45h1NITbHa0o5eaKTEcAMAx4J//gX9MTLsioyCQFv1j/1Q9/3fKDuBo3er0FUWFDVLPf7e6i4yd3//cod18zyVa9ngQZ4n7Caa2Z39M3SurZ4FpBmWVLpZgYnWtqqWVt2oFeqeGl6o27z5b3Us3NiDahYzctEB+bzXdn+yOxq0o94pDWl3rtMftRir+OIK5g53x35mv5rt5aEJ9UitZ/1UjY6fJzVS4Z6aCmo3/en6PU66VrSU/sEajEfRU+d+d5II/gzdglPXsjCTdZ/yCYDuJoChOd+5Z9b5W6I5ueUCruaxWYbKX02q+p1XFXwlLK886ha9ShiMeovloHpgF/dEXNVPr/8DGt6jUnVn0VW9cTX9ldMczll2z6mqGfU+O3dvlUhKBN37gsUHKe1uW44Oe6LZmNl+9flrpdNobduNxxsbz6Q3jS2rvpcw6w9+oqKCOtndLIutNFO2352iYwV870g7t90dSYm+frMr2LktKglFP01nZaH5T0QV5cjaiSMo5NLTvKRwjmyaedLdb1UTZEWHE7LrLdPM/t5L3qzqXoNiPsGCdXpxkqqfH5SSD610KzrrPyQNlcFP5GVzqjDdyckaXc12+Kl1JFRoVnjH0cZ4SpqkfesT7fwAAAAAAAAAAAAAAAAAAgJNmFP/SoOwxAgAAAAAAAAAAAAAAAAAAAABw0h3q93+z/o949/u/4Uh+/xfA0fgbAAD//wA5eM4=") mount(&(0x7f0000000240), &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x805, 0x0) 1m36.528819806s ago: executing program 0 (id=1525): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000240)={[{@iocharset={'iocharset', 0x3d, 'macromanian'}}, {@keep_last_dots}, {@namecase}, {@allow_utime={'allow_utime', 0x3d, 0x6}}, {@errors_remount}, {@sys_tz}, {@umask={'umask', 0x3d, 0x400}}, {@discard}, {@utf8}, {@errors_continue}]}, 0x1, 0x1527, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSbxNcllWGu9my+5LJMkuSTJJUkqSZJbQpLkSELFEJI0JCG5DEkMIblMTBr3+/0akqRJktxyS9b/mfB3Op3z71z65zxn3t/z7GfWO3uvtd/9vd/+vrX3fPN912VwzUa1qjUgIviP4IUfSQAQCwD9ASAPAAQAUC6+XHzW+pwSk/6znbA/1kOpVzoDdiVx/bM3rn/2xvXP3rj+2RvXP3vj+mdvXP/sjevPWHa2YUrBa3jJvgvf/8/O+P3/f0hm6dFfrSp9XVeAmH+2C9c/e+P6/88K/pmNuP7ZG9c/u4q90gmw/wJ8/mcHOf7hGq5/9sb1Zyw7u9L3n6/0ApH/ssfgcM4Lhfmzjp8xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGPsTnPaXKQC41L7SeTHGGGOMMcYYY+yP43Nc6QwYY4wxxhhjjDH2/x+CAAkKAoiBHBALOSEOBABcDbkhD0TgGoiHayEvXAf5ID8UgIKQAIWgMGgwYIEghCJQFKJwPRSDG6A4lICSUAoclIZEuBHKwE1QFm6GcnALlIdboQJUhEpQGW6DKnA7VIU7oBrcCdWhBtSEWnAX1Ia7oQ7cA3XhXqgH98H98ADUhwehATwEDeFhaASPQGN4FJpAU2gGzaHFv9X/BXgRXoIe0BOSoBf0hpehD/SFfvAK9IdXYQC8BgPhdUiGQTAY3oAh8CYMhbdgGAyHEfA2jIR3YBSMhjEwFlJgHIyHd2ECvAcT4X2YBJMhFabAVPgApsF0mAEfwkz4CGbBbJgDcyENPoZ5MB/S4RNYAJ9CBiyERbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtthB3wGO2EX7IbPYQ988S/2P/U3/bsiIKBAgQoVxmAMxmIsxmEc5sJcmBtzYwQjGI/xmBfzYj7MhwWwACZgAhbGwmjQICFhESyCUYxiMSyGxbE4lsSS6NBhIiZiGbwJy2JZLIflsDyWxwpYEStiZayMVbAKVsWqWA2rYXWsjjWxJt6Fd2EvrIN1sC7WxXpY79LtKWyADbAhNsRG2AgbY2Nsgk2wGTbDFtgCW2JLbIWtsA22wbbYNnLpid0BO2BH7IidsBN2xs7YBbtgV+yG3TJfyAH4Er6EPbG66IW9sTf2weQc/fAVfAVfxQH4Gr6Gr2MyDsLB+Aa+gW/iUDyJw3A4jsARWEW8g6NwNJIYiymYguNxPE7ACZi10/dxMqbiFJyKU3EaTsfp+CHOxI/wI5yNs3EupmEazsP5mI7puABPYQYuxEW4GJfgUlyCy3EFLsdVuBpX4Vpci+txPW7EjbgZN+NW3IrbUQHgZ7gLd2Ey7sE9uBf34j7ch/txP2ZiJh7AA3gQD+IhPISH8TAewaN4DI/iCTyBJ/EUnsbTeBbP4jl8LuGbhttLrEwGkUUJJWJEjIgVsSJOxIlcIpfILXKLiIiIeBEv8oq8Ip/IJwqIAiJBJIjCorAwwggSYQwAiKiIimKimCguiouSoqRwwolEkSjKiDKirCgryolbRHlxq6ggKorWrrKoLKqINq6quENUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPXG/eEDUF72wHz4ksirTSAzCxmIwNhFNhbxY6JZiKLYSrUUb8YQYjsOwnWjp2ounRQcxCjuKv4jR+KzoLMZiF/G86Cq6ie7iBfGiaOV6iJ5iIvYSvcVk7CP6in7iFTENa4gPcWbOmuJ1kSwGicHiDTEX3xRDxVtimBguRoi3xUjxjhglRosxYqxIEePEePGumCDeExPF+2KSmCxSxRQxVXwgponpYob4UMwUH4lZYraYI+aKNPGxmCfmi3TxiVggPhUZYqFYJBaLJWKpWCaWixVipVglVos1Yq1YJ9aLDWKj2CRiYYvYKraJ7WKH+EzsFLvEbvG52CO+EHvFl2Kf+ErsF1+LTPGNOCC+FQfFd+KQ+F4cFj+II+KoOCaOixPiR3FSnBKnxRlxVvwkzomfxXnhBUiUQkqpZCBjZA4ZK3PKOHmVzCWDi4/uNTJeXivzyutkPplfFpAFZYIsJAtLLY20kmQoi8iiMiqvl8XkDbK4LCFLylLSydIyUd4oy8ibZFl5sywnb5Hl5a2ygqwoK8nK8jZZRd4u4eK5Wl3WkDVlLXmXTIK7ZR15j6wr75X15H3yfvmArC8flA3kQ7KhfFg2ko/IxvJR2UQ2lc1kc9lCPiZbysdlK9latpFPyLbySdlOPiXby6dlB+kvPkWelZ3lc7KLfF52ld1kd/mzPC+97CF7SugFsrd8WfaRfWW/WACQr8oB8jU5UL4uk+UgOVi+IYfIN+VQ+ZYcJofLEfJtOVK+I0fJ0XKMHCtT5Dg5Xr4rJ8j35ET5vpwkJ8tUOUX2k/1/GWmGlL/b/92/6e/xQtaD5Hq5QW6Um+RmuUVuldvkdrlD7pA75U65W+6We+QeuVfulfvkPrlf7peZMlMekAfkQXlQHpKH5GF5WB7JeVSekcflCfmjPClPyVPyjDwrz8pzFx8DUKiEkkqpQMWoHCpW5VRx6iqVS12tcqs8KqKuUfHqWpVXXafyqfyqgCqoElQhVVhpZZRVpEJVRBVVUXX9xaxBlVSllFOlVaK68V/pr4qpG1RxVeJX/S/ll/QP8muhWqiWqqVqpVqpNqqNaqvaqnaqnWqv2qsOqoPqqDqqTqqT6qw6qy6qi+qquqrupU5e/MBjD5WkklRv9bLqo/qqfuoV1V+9qgaoAWqgGqiSVbIarAarIWqIGqqGqmFqmBqhRqiRaqQapUapMWqMSlEparwaryaoCWqimqgmqUkqVaWqqWqqmqamqRlqhpqpZqpZapaao+aoNJWm5ql5Kl2lqwVqgcpQC9VCtVgtVkvVUrVcLVcr1Uq1Wq1Wa9ValaE2qA1qk9qktqgtapvapnaoHWqn2Kl2q91qj9qj9qq9ap/ap/ar/SpTZaoD6oA6qA6qQ+qQOqwOqyPqiDqmjqkT6oQ6qU6q0+q0OqvOqnPqnDqvzmdN+wIRiEAFKogJYoLYIDaIC+KCXEGuIHeQO4gEkSA+iA/yBtcF+YL8QYGgYJAQFAoKBzowgQ3ExaJHg+uDYsENQfGgRFAyKBW4oHSQGNwYlAluCsoGNwflgluC8sGtQYWgYlApqBzcFlQJbg+qBncE1YI7g+pBjaBmUCu4K6gd3B3UCe4J6gb3BvWC+4L7gweC+sGDQYPgoaBh8HDQKHgkaBw8GjQJmgbNguZBiz90fO9P5n/c9dA9dZLupXvrl3Uf3Vf306/o/vpVPUC/pgfq13WyHqQH6zf0EP2mHqrf0sP0cD1Cv61H6nf0KD1aj9FjdYoep8frd/UE/Z6eqN/Xk/Rknaqn6Kn6Az1NT9cz9Id6pv5Iz9Kz9Rw9V6fpj/U8PV+n60/0Av2pztAL9SK9WC/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1Nr1d79Cf6Z16l96tP9d79Bd6r/5S79Nf6f36a52pv9EH9Lf6oP5OH9Lf68P6B31EH9XH9HF9Qv+oT+pT+rQ+o8/qn/Q5/bM+r33W5D7r7d0oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTV6T1+Qz+UwBU8AkmART2BQ2WciQKWKKmKiJmmKmmCluipuSpqRxxplEk2jKmDKmrClryplyprwpbyqYCqaSqWRuM7eZ283t5g5zh7nT3GlqmBqmlqllapvapo6pY+qauqaeqWfuN/eb+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadaW/amw6mg+loOppOppPpbDqbLqaL6Wq6mu6mu3nRvGh6mB4mySSZ3qa36WP6mH6mn+lv+psBZoAZaAaaZJNsBpvBZogZYoaaoWaYGW5GZE1UzTtmlBltxpixJsWkmPFmvJlgJpiJZqKZZCaZVJNqppqpZpqZZmaYGWammWlmmVlmjplj0kyamWfmmXSTbhaYBSbDZJhFZpFZYpaYZWaZWWFWmFVmlVkDa8w6s85sMBvMJrPJbDFbzDazzewwO8xOs9PsNrvNHrPH7DV7zT6zz+w3+02myTQHzAFz0Bw0h8whc9gcNkfMEXPMHDMnzAlz0pw0p81pc9bkv/h+6U2szWnj7FU2l73a5rZ57N/GBWxBm2AL2cJW23w2/69iY60tbkvYkraUdba0TbQ3/iauYCvaSrayvc1Wsbfbqr+Ja9u7bR17j61r77W17F2/iuvZ+2zW7KQ+IoBtahva5raRfcQ2to/aJrapbWab27b2SdvOPmXb26dtB/vMb+J5dr5dYVfaVXa13Wl32dP2jD1ov7Nn7U+2h+1p+9tX7QD7mh1oX7fJdtBv4hH2bTvSvmNH2dF2jB37m3iSnWxT7RQ71X5gp9npv4nT7Md2pk23s+xsO8fO/SXOyindfmIX2E9thg1gkV1sl9ildpldfilXn8eutevservDfmY32c12i91qt12aCNtddrf93O6xX9gD9lu7z35l99tDNtN+80ucdXyH7Pf2sP3BHrFH7TF73J6wP6pLvbOO/bj92Z633gIhAUlSFFAM5aBYyklxdBXloqspN+WhCF1D8XQt5aXrKB/lpwJUkBKoEBUmTYYsEYVUhIpSlK6nS+mVpFLkqDQl0o1Uhm6isnQzlaNbqDzdShWoIlWiynQbVaHbqSrdQdXoTqpONagm1aK7qDbdTXXoHqpL91I9uo/upweoPj1IDeghakgPUyN6hBrTo9SEmlIzak4t6DFqSY9TK2pNbegJaktPUjt6itrT09SBnqGO9BfqRM9SZ3qOutDz1JW6UXd6gV6kl6gH9aQk6kW96WXqQ32pH71C/elVGkCv0UB6nZJpEA2mN2gIvUlD6S0aRsNpBL1NI+kdGkWjaQyNpRQaR+PpXZpA79FEep8m0WRKpSk0lT6gaTSdZtCHNJM+olk0m+bQXEqjj2kezad0+oQW0KeUQQtpES2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/RTtpFu+lz2kNfENKXtI++ov30NWXSN3SAvqWD9B0dou99T/qBjtBROkbH6QT9SCfpFJ2mM3SWfqJz9DOdJ08QYihCGaowCGPCHGFsmDOMC68Kc4VXh7nDPGEkvCaMD68N84bXhfnC/GGBsGCYEBYKC4c6NKENKQzDImHRMBpeHxYLbwiLhyXCkmGp0IWlw8TwxrBMeFNYNrw5LBfeEpYPbw0rhBXDR+6tHN4WVglvD6uGd4TVwjvD6mGNsGZYK7wrrB3eHdYJ7wnrhveGZcP7wvvDB8L64YNhg/ChsGH4cNgofCRsHD4aNgmbhs3C5mGL8LGwZfh42CpsHbYJnwjbhk+G7cKnwvbh02GH8Jlf1t83/x+vTwp7hb3Dl8OXQ+/vkXOic6Np0Y+j86Lzo+nRT6ILop9GM6ILo4uii6NLokujy6LLoyuiK6Oroquja6Jro+ui66Pe18oBDp1w0ikXuBiXw8W6nC7OXeVyuatdbpfHRdw1Lt5d6/K661w+l98VcAVdgivkCjvtjLOOXOiKuKIu6q53xdwNrrgr4Uq6Us650i7RNXctXAvX0j3uWrnWro17wj3hnnRPuqfcU+5p18E94zq6v7hO7lnX2T3nnnPPu66um+vuXnAvunG5L5yTSa636+36uD6un+vn+rv+boAb4Aa6gS7ZJbvBbrAb4oa4oW6oG+aGuRFuhBvpRrpRbpQb48a4FJfixrvxboKb4Ca6iW6Sm+RSXaqb6qa6aW6aqzL9wl5muVlujpvj0lyam+ey5ozpboFb4DJchlvkFrklbolb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vp81wY1O1xe91et8/tc/vd1y7TfeMOuG/dQfedO+S+d4fdD+6IO+qOuePuhPvRnXSn3Gl3xp11P7lz7md33nmXEhkXGR95NzIh8l5kYuT9yKTI5EhqZEpkauSDyLTI9MiMyIc5L754ReZE5kbSIh9H5kXmR9Ijn0QWRD6NZEQWRhZFFkeWRJZGvC+0KfRFfFEf9df7Yv4GX9yX8CV9Ke98aZ/ob/Rl/E2+rL/Zl/O3+PL+Vl/BV/SV/KO+iW/qm/nmvoV/zLf0j/tWvrVv45/wbf2Tvp1/yrf3T/sO/hnf0f/Fd/LP+s7+Od/FP++7+m6+u3/Bv+hf8j18T5/ke/ne/mXfx/f1/fwrvr9/1Q/wr/mB/nWf7Af5wf4NP8S/6Yf6t/wwP9yPiHnbj7x0iQxjfYof58f7d/0E/56f6N/3k/xkn+qn+Kn+Az/NT/cz/Id+pv/Iz/Kz/Rw/16f5j/08P9+n+0/8Av+pz/ALL91U9sv8cr/Cr/Sr/Gq/xq/16/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w3/md/pdfrf/3O/xX/i9/ku/z3/l9/uvfab/xh/w3/qD/jt/yH/vD/sf/BF/1B/zx/0J/6M/6U/50/6MP+t/8uf8z/48/88aY4wxxtg/Zdzlpvj1mgu383v9nT7irzbuDQBXby6Y+dfrs2aUa/JdaPcVCb/8Qfbpnl0eurRUr56UlHRx2wwJQdHZWfPry/1j4HK8ENrAk9AeWkOZv5t/X9HtLP3O+NFbAOL+qk8sXI4vj/8lACb9nfEfe2LEvPLh6fj/x/izAYoXvdwn65LhUrwQ2vxyf6U1lP0H+edv+Tv55/wqBaDVX/XJBZfjy/knwuPwDLT/1ZaMMcYYY4wxxtgFfUWlTpeuPy994vPvXZ8nqMt9csDl+PeuzxljjDHGGGOMMXblPdut+1OPtW/futO/3qj6+9uof2/kXxqN4d9NjBv/VsN7gP9bOAD4DwcEyGrIP/MoNv4p+0q+eOr87aolZ3wA/x2l/CMaV/iFiTHGGGOMMfaHuzzp//Xv1ZVKiDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYy4b+0+94g3/iW/qu9DEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CQAA//8OCvjj") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 1m36.27457727s ago: executing program 0 (id=1531): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt(r0, 0xff, 0x1, 0x0, 0xfffffffffffffffe) 1m35.788764067s ago: executing program 0 (id=1542): r0 = syz_open_dev$video(&(0x7f0000000040), 0x800, 0x0) ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000080)={0x400000, "486a982344300cf8aeb47f7415be587da0ac50d70680394ccac6b38f3745fe1b"}) 1m35.57577171s ago: executing program 32 (id=1542): r0 = syz_open_dev$video(&(0x7f0000000040), 0x800, 0x0) ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000080)={0x400000, "486a982344300cf8aeb47f7415be587da0ac50d70680394ccac6b38f3745fe1b"}) 1.654458165s ago: executing program 2 (id=3853): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'bond_slave_0\x00', &(0x7f0000000200)=@ethtool_gstrings={0x1b, 0x7}}) 1.516704767s ago: executing program 2 (id=3857): openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x169142, 0x0) syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000000)='./file1\x00', 0x2000c12, &(0x7f0000000300)={[{@check_strict}, {@overriderock}, {@session={'session', 0x3d, 0x12}}]}, 0x3, 0x9f5, &(0x7f0000000900)="$eJzs3c9vm2cdAPDv6yRtlk1tt1VjVNv6tqNdNkLqJKwl2oGltpN6JDFKUmkVh3WsKaoWGGwgbRMSnYQ4MYEE4gC3iROnSbuwC9oNbnDigIT2L0ycyinofW0nTmLHSUjirPt8Itvvj+/7PN/X748ntl/7CT5fVk9uGFtdzW97HL/+p0PImCPsavnTDz58P7u9dzeORV88n/w5YjAi0oj+iHg8YqBUXqjNbV9OEhE3I+KT+uDxxqQduRnJr+Kh9fFPIvlDVm9Hx3ZaMt2s8oXW6/0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOoqRULhbHkmNRnb/+cloXkW5RKi/Uklhd3TqnuUzdx3mv38nHXeuNSLJbDA42u/p+/PT67MciIj0fT9THnsg7JI/BePfBx0698Gh/obl8p2z+L8d3Xuxb77z7+qsrK8tvHkgiR99MZb66WKvOTc1U0upiLZ28fLl46dr0Yjpdna0s3lhcqsylpYXK1FJtIR0uPZuOTU5OpJXRG7Xr8zPl0dlKc+KVr40Xi5fTl0a/XZlaWKzNX3ppdLF0rTo7W52fyWOy2VnMlWxH/FZ1KV2qTM2l6e07K8sTm3Lqi037bxY01m1NsqDxbkHjxfHxsbHx8bH3Gr1nr024/Pzk81eKxf7iJrEl4oB2Wo6WBzpv5v0/icMeFertf8RsVGM+rsfLkbb9K0U5FqIWcx3mNzTb/wuXKtvW29r+N1r5/pbZZ7K78/FUY3SwQ/vfIZfD+3sr3ol34/V4NVZiJZbjzZ5ndLh/M1GJ+ajGYtSiGnMxlU9JG1PSmIzLcTmK8UpcW12NxUhjOqoxG5VYjBuxGEtRyfeoUixEJaZiKWqxEGkMRymejTTGYjImYyLSqMRo3IhaXI/5mIlyTOWl3I47+fM+sU2Oa0FjOwka3yZoS2O+6/a/svmfE75w9v8kDnu02mj/j3UPHS4dRkIAAADAvvvy3+LE6Uf++u+IJJ7M35efrs5Wir1OCwAAANhH+eV6T2QPA9nQk5F4/Q8AAAD3myT/jl0SEUNxtj7U/CaUNwEAAADgPpF//v9UJGfXJ3j9DwAAAPeZ7r+x3zUiGWn+/G96q/54qxFRH0uGpquzldFSbfaFsbiY/8pA/k2DLaX1RSQD+dcPnotz9ahzQ/XHofUSszoHs6ix0RfG4rk431iR4aezh6eH20SO1yOfqUc+0xrZFxsiJ7JIALjfnd+mPd5p+/9cjNQjRs7kTX7/mTZtcFHLCgBHxVofO/9tdGnWpv1vRDzVqf3/+jav/7OIR+L22folBaPxWrwRK3ErRqJxxcHZdqU2eyOoX4Yw0uXdgKHGJQv/uFKIkS3vBwyurWtr7HKMx0jbdwRayk2aOUzU4/oOZhsAwGE7v207vLP2f6TL6/8hlxQCwJGy1oP9AQ70eh0BgI200gAAAAAAAAAAAAAAAAAAAAAAAAAAALD/dvQD/n+/GLGyshxxCJ0FrA0M7ibD7QcKcUg593ygLyJ6Vfs3Y9dLZdv4qDx1BjYO9PjEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKFIIvraTS9EHI+IYkRcOvysDs7dXiewX9K9LZbci3vxdpzY73QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7oGr//X4j644P1SdFfiLgQETcj4ju9znE/3et1Aj3z/fy+5ff/CxEDsZpEf32zRzJQKi/U5rLNnxzP5n/6wYfvZ7fuZW/tVSErIKthQ+cSjRpapgxsXOrhfKmh8vJbr//4jR+m5av5jnl1aXq2PDez8OJ64GPJR/UuEFq7QWjm+9MLf/l1y+Rjjco/yta0vc31Tuf1lrfW+6V2S3eodwfurCyPZzUtVV5e+skP7rzdMuuROBfx9HAkwxtr+l5261DTuc3P50bJZ8kvkhPxu7iZb//s2UhWk2wTnczX/4Hbd1aWR197Y+XWWk4/25DTqTgbEbciBnee09n8fNLWg9mcwkBWazEPyu5OdylvW/l+XC9xrMPz+nC+ywztah3SzuuQ6/K8NzKaaJvRb370aFzMt3TsYktf7FJjW8lnyb+Sa/HP+HlL/x+FbPtfiLZHZ5si8siWPaV13obDq1CPzNd8vHXGK5vL7HhUtvXArqLvcy/ufpFfxnfjG2vbv9By/m9sqy7no93spdscFy01tj8uInZ/XPzx5JYWZV3eIp3e1CI1zj6dlmnkeboe1TbPZut4ZldnlK92OaMc1PH/+2Q4/hN39f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcfUlEX7vphYgLEXEqIk5m42nE6uaYu3uorzCU7CXNfbOXnD9/ko4rmtyLe/F2nDjsjAAAAAAAAAA4GFfLn37w4fvZLf88vi++UmjMSSP6I+JU8tuBUnmhNteloIGBuNn8SH9wdznczO4eWh//JBt7vMtCvb18AAA+1/4XAAD//8fTcN8=") 1.31065162s ago: executing program 2 (id=3862): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) preadv2(r0, &(0x7f0000000000)=[{&(0x7f0000001200)=""/4096, 0x24000}], 0x2, 0x0, 0x0, 0x9) 1.115369493s ago: executing program 2 (id=3867): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x5c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x10044000) 1.009329035s ago: executing program 4 (id=3870): r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000000)="480000001400190c09004beafd0d3602028447000b4e230f00000001a2bc5603ca00000f7f89000000200000495101ff0000000309ff5bffff04000000000000005839c97b910000", 0x48}], 0x1) 942.311356ms ago: executing program 1 (id=3872): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$AUTOFS_IOC_CATATONIC(r0, 0x400443c8, 0x20000002) 941.965696ms ago: executing program 2 (id=3873): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x42641, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000004800)=@t={0x81, 0x3, 0xf9, 0x1, @generic=0x4de}) 873.933317ms ago: executing program 3 (id=3874): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x2906200, 0x0, 0x0, 0x0, 0x0, 0x0) 873.477107ms ago: executing program 4 (id=3875): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) getresuid(&(0x7f00000002c0), 0xffffffffffffffff, 0x0) 815.621778ms ago: executing program 2 (id=3876): syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x8, 0x80000000, 0x6f, 0x6, 0x2000000000005, 0x8000000000000001, 0xfffffffffffffffd, 0x9f3}) 790.409568ms ago: executing program 3 (id=3877): r0 = getpid() capget(&(0x7f0000000100)={0x20080522, r0}, &(0x7f0000000180)={0x5, 0x8, 0xfffffffc, 0x7, 0xd, 0x9}) 741.785759ms ago: executing program 1 (id=3879): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x318, 0xffffffff, 0x190, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x280, 0x280, 0x280, 0xffffffff, 0x4, 0x0, {[{{@ip={@local, @remote, 0xff000000, 0x0, 'syzkaller1\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa8, 0x0, {0x88000000}}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {0xffffffffffffffff}}}}, {{@ip={@remote, @empty, 0x0, 0x0, 'bridge_slave_0\x00', 'veth0_to_hsr\x00', {}, {}, 0x0, 0x0, 0x38}, 0x0, 0xc0, 0xe8, 0x0, {0x122}, [@common=@inet=@dscp={{0x28}}, @common=@unspec=@pkttype={{0x28}, {0xffffffff}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x90, 0xf0, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x8}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x378) 741.668859ms ago: executing program 4 (id=3880): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x24, 0x3, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x8}, @NFTA_SET_ELEM_EXPRESSIONS={0x18, 0xb, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @counter={{0x10}, @val={0x4}}}]}]}]}]}], {0x14, 0x10}}, 0xd0}}, 0x0) 691.15332ms ago: executing program 1 (id=3881): setresuid(0xee00, 0x0, 0x0) keyctl$restrict_keyring(0xb, 0xfffffffffffffffc, 0x0, 0x0) 660.33587ms ago: executing program 5 (id=3882): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x8}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x3, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x38}}, 0x0) 597.968061ms ago: executing program 3 (id=3883): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000001240)={0x0, "1cf11f0cf3df06723d68cf2e34bec1fe7aeb2e4f9bdca646c4d338b97ec131354c136ec6cf21a7fd51f27fb956a8ae3885ea642da767ac5f7080830a09b0ff10a4e89e9067691bc9d0c78817f1b777a16c084308ced3efc24ca6c31102220f5d34355338afe106101839c316ef0f88d2fcca226daf1c10a3b4d5bfc8a48d752e7f4a193c4b146ed8108bd5fbac85d2de914e1e1f4fd94decd9fdf1c7af946b07ccce200a7e5e20ac043bf7f8dcb806487be03132bf1f4ea1dc15bfee959c453bd5382b93ec14d8cd22c31ae731cbe7526b49c83607a4d6d0184af37286c08c9572e8b83c8dac93d59d5bf5767d5cd3c023cd121bc6894b0449b66a83345f8720f9113d0363314516e93cb1156ed299e6311c6c27c40a082795958fdfbc97243266bff54d143624911e7dd42e6cfc53bdace1643feecdf2b236a43f15c815cc95c6dd597a69d1e43791827ad87ec72c556ca24bbdfaa226f2367b76559dfb4b668d9b18bb089124f45be9c870cab5973d8a7488703e0c0704777129845591622a696f225bb81d93f5c72683e9778690770fab6750f3d8ff3162cbf04eb0be6477baa460b3f8e457a7b8bfdda324330accb61d513420c4db90797203eaf78e28160ebda297f435c87ba621e550ecbae53a8e48fa9ce5b40d578f6d20778fb060b7c6706d2b842596148cc25a33b5beb9071468af7ca3cebc7b57391b6b34f8d7b9"}) 564.809301ms ago: executing program 4 (id=3884): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001480)=@newtaction={0x13c, 0x30, 0x83d79f1e8021ba05, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ife={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}, {0xf8, 0x1, [@m_nat={0xf4, 0x1, 0x0, 0x0, {{0x8}, {0xcc, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @broadcast}}, @TCA_NAT_PARMS={0xffffffffffffff16, 0x1, {{}, @multicast2, @dev}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @dev, @multicast1}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @rand_addr, @multicast2}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0x13c}}, 0x0) 542.944962ms ago: executing program 1 (id=3885): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x3, 0x1, 0x1, 0x0, 0xffffffff}}) 481.906313ms ago: executing program 5 (id=3886): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2e0, 0xb, 0x5, 0x148, 0x128, 0x0, 0x248, 0x2a8, 0x2a8, 0x248, 0x2a8, 0x3, 0x0, {[{{@ip={@remote, @loopback, 0x0, 0x0, 'wg0\x00', 'nr0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00', {}, 0x4, 0x6}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@local, @multicast2, 0x0, 0x0, 'xfrm0\x00', 'team0\x00'}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@socket0={{0x20}}, @common=@ah={{0x30}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="6f79fb339557"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x340) 481.557193ms ago: executing program 3 (id=3887): r0 = syz_open_dev$video(&(0x7f0000000040), 0x8, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc040565e, &(0x7f00000003c0)={0x2, 0x1, 0x7, {0x80000004, 0x7, 0x2, 0x8000001}}) 404.204844ms ago: executing program 4 (id=3888): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0), 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000002c0)={0x5, 0x5, 0x3, 0x0, 0x67, 0x7811bdba, 0x0, 0x0, 0x2}) 373.837784ms ago: executing program 3 (id=3889): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="300000001900010000000000000000000a80000000000000000000ef07001e00"], 0x30}}, 0x0) 281.900605ms ago: executing program 1 (id=3890): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') move_mount(r0, &(0x7f0000000000)='./mnt\x00', r0, &(0x7f0000000100)='./mnt\x00', 0x137) 281.499856ms ago: executing program 5 (id=3891): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xb9, &(0x7f0000000000), &(0x7f0000000240)=0x4) 220.750557ms ago: executing program 1 (id=3892): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020500200a0000000000000500000000030006000000000002004e2000000000000000000000000002000100000000000000000000000000030005000000000002"], 0x50}, 0x1, 0x7}, 0x0) 209.863277ms ago: executing program 3 (id=3893): r0 = socket(0xf, 0x3, 0x2) write(r0, &(0x7f0000000380)="020b00", 0x33fe0) 98.119688ms ago: executing program 5 (id=3894): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, 0x0) 97.755599ms ago: executing program 4 (id=3895): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x2, 0x6, 0x101, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) 86.451759ms ago: executing program 5 (id=3896): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206030000000000000000000000000a050001000700000011000300686173683a69702c6d61726b000000000c00078008001200000004c305000500020000000900020073797a3100000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000) 0s ago: executing program 5 (id=3897): r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f00000006c0)="c4", 0x1}], 0x1, 0xffff, 0x9) kernel console output (not intermixed with test programs): bnode 0(1) [ 106.256776][ T7769] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.262047][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 106.264503][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 106.278405][ T8034] loop4: detected capacity change from 0 to 1764 [ 106.299933][ T7786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 106.302604][ T7786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 106.304960][ T7786] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.306994][ T7786] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.340019][ T11] hfsplus: b-tree write err: -5, ino 4 [ 106.380802][ T7786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 106.383314][ T7786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 106.386351][ T7786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 106.420108][ T7786] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.421961][ T7786] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.426465][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 106.463190][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 106.472300][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 106.488579][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 106.499351][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 106.507832][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 106.523696][ T7769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 106.526491][ T7769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 106.559657][ T4352] device hsr_slave_0 left promiscuous mode [ 106.574692][ T8041] loop1: detected capacity change from 0 to 4096 [ 106.625134][ T4352] device hsr_slave_1 left promiscuous mode [ 106.644909][ T8041] ntfs: volume version 3.1. [ 106.689942][ T8046] loop2: detected capacity change from 0 to 4096 [ 106.711817][ T8046] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 106.714865][ T8046] ntfs3: loop2: mft corrupted [ 106.715402][ T4352] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.716067][ T8046] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 106.718627][ T4352] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.725570][ T4352] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.728829][ T8041] ntfs: (device loop1): ntfs_nlstoucs(): Name using character set cp936 contains characters that cannot be converted to Unicode. [ 106.732495][ T8041] ntfs: (device loop1): ntfs_lookup(): Failed to convert name to Unicode. [ 106.739015][ T8046] ntfs3: loop2: Failed to load $LogFile. [ 106.751013][ T4352] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 106.761519][ T4352] device bridge_slave_1 left promiscuous mode [ 106.764511][ T4352] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.874475][ T4352] device bridge_slave_0 left promiscuous mode [ 106.876610][ T4352] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.047209][ T47] Bluetooth: hci2: command 0x040f tx timeout [ 107.120933][ T8035] loop3: detected capacity change from 0 to 32768 [ 107.144732][ T8035] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 107.152036][ T8035] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 107.162803][ T8062] loop4: detected capacity change from 0 to 256 [ 107.173390][ T8035] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 107.197568][ T4352] device veth1_macvtap left promiscuous mode [ 107.199524][ T4352] device veth0_macvtap left promiscuous mode [ 107.201239][ T4352] device veth1_vlan left promiscuous mode [ 107.202906][ T4352] device veth0_vlan left promiscuous mode [ 107.213885][ T6859] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 107.215870][ T6859] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 107.320259][ T6859] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 104ms [ 107.339654][ T6859] gfs2: fsid=syz:syz.0: jid=0: Done [ 107.341309][ T8035] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 107.591029][ T8077] netlink: 'syz.3.1667': attribute type 3 has an invalid length. [ 108.113126][ T8103] loop4: detected capacity change from 0 to 64 [ 108.650894][ T8105] loop3: detected capacity change from 0 to 32768 [ 108.745313][ T8118] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1689'. [ 109.127304][ T47] Bluetooth: hci2: command 0x0419 tx timeout [ 109.149974][ T8138] loop3: detected capacity change from 0 to 1764 [ 109.165367][ T8138] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 109.406289][ T8144] loop3: detected capacity change from 0 to 4096 [ 109.416570][ T8144] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 109.476720][ T8144] ntfs3: loop3: failed to convert "c46c" to cp866 [ 109.850890][ T4352] team0 (unregistering): Port device team_slave_1 removed [ 110.029350][ T4352] team0 (unregistering): Port device team_slave_0 removed [ 110.208784][ T4352] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 110.419164][ T4352] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.768903][ T4352] bond0 (unregistering): Released all slaves [ 112.995166][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 112.997711][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 113.000330][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 113.002962][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 113.005362][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 113.007971][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 113.014648][ T8095] netlink: 'syz.2.1677': attribute type 10 has an invalid length. [ 113.018415][ T8095] device syz_tun entered promiscuous mode [ 113.042000][ T8095] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 113.360256][ T8177] xt_TCPMSS: Only works on TCP SYN packets [ 113.362763][ T8167] loop1: detected capacity change from 0 to 4096 [ 113.395259][ T8167] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 113.588460][ T7769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.590927][ T291] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 113.592969][ T291] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 113.790768][ T8203] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967282 > 32) [ 114.144581][ T8219] loop1: detected capacity change from 0 to 1024 [ 114.167138][ T8219] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 114.238210][ T8219] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 114.358872][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 114.447875][ T8189] loop3: detected capacity change from 0 to 32768 [ 114.451865][ T8240] netlink: 'syz.1.1734': attribute type 1 has an invalid length. [ 114.456125][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 114.478319][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 114.549683][ T7769] device veth0_vlan entered promiscuous mode [ 114.556753][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 114.559827][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 114.562882][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 114.574613][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 114.606288][ T7769] device veth1_vlan entered promiscuous mode [ 114.696287][ T7769] device veth0_macvtap entered promiscuous mode [ 114.700115][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 114.702497][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 114.704883][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 114.720575][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 114.728387][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 114.755971][ T7769] device veth1_macvtap entered promiscuous mode [ 114.758879][ T8251] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1739'. [ 114.795448][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.815576][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.819197][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.821867][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.824326][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.846929][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.852763][ T7769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.855879][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 114.867804][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 114.870481][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 114.882926][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.885867][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.890513][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.893614][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.896169][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.925912][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.946046][ T7769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.962336][ T8018] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 114.965231][ T8018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 114.966748][ T8261] loop4: detected capacity change from 0 to 1024 [ 114.973692][ T7769] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.993778][ T7769] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.995923][ T7769] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.013022][ T7769] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.157714][ T4352] hfsplus: b-tree write err: -5, ino 4 [ 115.242925][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.245107][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.250519][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 115.262935][ T8279] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1749'. [ 115.307606][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.309827][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.314527][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 115.423359][ T8288] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1752'. [ 115.425643][ T8288] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 115.456134][ T8288] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 115.657794][ T8307] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 115.743529][ T8313] loop2: detected capacity change from 0 to 256 [ 115.769401][ T8313] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 115.849020][ T8313] fuse: Bad value for 'fd' [ 116.140527][ T8339] loop3: detected capacity change from 0 to 128 [ 116.259565][ T8333] netlink: 10 bytes leftover after parsing attributes in process `syz.2.1768'. [ 116.664556][ T8375] netlink: set zone limit has 8 unknown bytes [ 116.824374][ T8388] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1793'. [ 117.022932][ T8402] loop2: detected capacity change from 0 to 512 [ 117.057212][ T8402] EXT4-fs: journaled quota format not specified [ 117.349036][ T8425] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1808'. [ 117.511601][ T8434] netlink: 'syz.1.1812': attribute type 2 has an invalid length. [ 117.513605][ T8434] netlink: 46 bytes leftover after parsing attributes in process `syz.1.1812'. [ 117.684910][ T8446] loop1: detected capacity change from 0 to 64 [ 117.727052][ T8447] sock: sock_timestamping_bind_phc: sock not bind to device [ 117.971441][ T8419] loop2: detected capacity change from 0 to 32768 [ 118.035075][ T8419] XFS (loop2): Mounting V5 Filesystem [ 118.188220][ T8419] XFS (loop2): Ending clean mount [ 118.190981][ T8419] XFS (loop2): Quotacheck needed: Please wait. [ 118.241355][ T8419] XFS (loop2): Quotacheck: Done. [ 118.406763][ T4300] XFS (loop2): Unmounting Filesystem [ 118.601239][ T8511] netlink: 'syz.5.1840': attribute type 10 has an invalid length. [ 118.693944][ T8517] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1842'. [ 118.694343][ T8511] team0: Port device vlan0 added [ 118.767358][ T8520] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 118.800196][ T8516] loop1: detected capacity change from 0 to 4096 [ 118.815973][ T8516] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 118.878461][ T8516] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 118.970345][ T8516] ntfs3: loop1: ino=5, "/" The size of extended attributes must not exceed 64KiB [ 119.033499][ T47] Bluetooth: Wrong link type (-22) [ 119.056035][ T8537] loop5: detected capacity change from 0 to 512 [ 119.109267][ T8537] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 119.235268][ T8553] netlink: 'syz.1.1855': attribute type 1 has an invalid length. [ 119.246494][ T8537] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 119.305119][ T8537] EXT4-fs error (device loop5): ext4_xattr_block_list:719: inode #15: comm syz.5.1850: corrupted xattr block 19 [ 119.350123][ T8537] EXT4-fs (loop5): Remounting filesystem read-only [ 119.422942][ T8558] netlink: 'syz.4.1856': attribute type 4 has an invalid length. [ 119.425237][ T8558] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1856'. [ 119.451290][ T8558] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 119.456804][ T7769] EXT4-fs (loop5): unmounting filesystem. [ 119.497685][ T8565] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1861'. [ 119.562392][ T8568] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 119.662713][ T8569] loop5: detected capacity change from 0 to 4096 [ 119.721049][ T8569] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 119.724095][ T8569] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 119.745879][ T8569] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 119.770768][ T8569] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 119.774197][ T8569] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 119.793214][ T8569] ntfs: volume version 3.1. [ 119.794521][ T8584] mmap: syz.4.1868 (8584) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 119.811659][ T8569] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 119.814566][ T8569] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 119.823629][ T8569] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 119.824982][ T8591] loop2: detected capacity change from 0 to 16 [ 119.832079][ T8569] ntfs: (device loop5): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is corrupt. [ 119.862607][ T8591] erofs: (device loop2): mounted with root inode @ nid 36. [ 119.869433][ T8569] ntfs: (device loop5): ntfs_read_locked_index_inode(): Failed with error code -5 while reading index inode (mft_no 0x18, name_len 2. [ 120.020552][ T8597] loop3: detected capacity change from 0 to 4096 [ 120.026334][ T8597] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 120.141167][ T8604] loop2: detected capacity change from 0 to 2048 [ 120.148832][ T8607] loop1: detected capacity change from 0 to 16 [ 120.159445][ T8597] ntfs3: loop3: failed to convert "c46c" to cp737 [ 120.180707][ T8607] erofs: (device loop1): mounted with root inode @ nid 36. [ 120.183210][ T8604] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 120.245900][ T8607] erofs: (device loop1): init_inode_xattrs: xattr_isize 12 of nid 86 is not supported yet [ 120.263008][ T8611] SET target dimension over the limit! [ 120.432582][ T8625] loop1: detected capacity change from 0 to 764 [ 120.481185][ T8625] Symlink component flag not implemented [ 120.497347][ T8625] Symlink component flag not implemented [ 120.498968][ T8625] Symlink component flag not implemented (129) [ 120.500468][ T8625] Symlink component flag not implemented (6) [ 120.586024][ T8635] netlink: 'syz.5.1888': attribute type 1 has an invalid length. [ 120.839810][ T8651] loop2: detected capacity change from 0 to 64 [ 120.961934][ T8661] loop1: detected capacity change from 0 to 256 [ 121.047434][ T8661] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 121.978920][ T8674] loop5: detected capacity change from 0 to 40427 [ 122.003156][ T8674] F2FS-fs (loop5): invalid crc value [ 122.075125][ T8674] F2FS-fs (loop5): Found nat_bits in checkpoint [ 122.147580][ T8722] loop4: detected capacity change from 0 to 16 [ 122.156106][ T8674] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 122.175234][ T8722] erofs: (device loop4): mounted with root inode @ nid 36. [ 122.188359][ T8722] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 122.205630][ T8722] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 122.208264][ T8722] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 122.210646][ T8722] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 122.213252][ T8722] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 122.216111][ T8674] F2FS-fs (loop5): Corrupted max_depth of 3: 4294967295 [ 122.476290][ T8701] loop2: detected capacity change from 0 to 40427 [ 122.489188][ T8701] F2FS-fs (loop2): invalid crc value [ 122.490534][ T8701] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 122.527913][ T8701] F2FS-fs (loop2): Found nat_bits in checkpoint [ 122.547620][ T8701] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 122.549446][ T8701] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 122.552871][ T8741] binder: 8739:8741 ioctl c018620c 9999999999999999 returned -14 [ 122.574824][ T8701] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 123.033938][ T8776] loop3: detected capacity change from 0 to 64 [ 123.090456][ T8776] syz.3.1952: attempt to access beyond end of device [ 123.090456][ T8776] loop3: rw=0, sector=8192, nr_sectors = 2 limit=64 [ 123.107122][ T8776] Buffer I/O error on dev loop3, logical block 4096, async page read [ 123.109777][ T8776] syz.3.1952: attempt to access beyond end of device [ 123.109777][ T8776] loop3: rw=0, sector=8192, nr_sectors = 2 limit=64 [ 123.113195][ T8776] Buffer I/O error on dev loop3, logical block 4096, async page read [ 123.309549][ T8794] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1962'. [ 123.312042][ T8794] bond0: (slave bond_slave_0): Slave does not support ipsec offload [ 123.327309][ T8790] device bond1 entered promiscuous mode [ 123.329064][ T8790] 8021q: adding VLAN 0 to HW filter on device bond1 [ 123.675630][ T8817] Soft offlining pfn 0x13fcc9 at process virtual address 0x204c9000 [ 123.697564][ T8820] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1974'. [ 123.699979][ T8817] Memory failure: 0x13fcc9: unhandlable page. [ 123.863410][ T8832] vhci_hcd: invalid port number 254 [ 123.864814][ T8832] vhci_hcd: invalid port number 254 [ 123.965538][ T8839] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.1983'. [ 124.122298][ T8849] loop1: detected capacity change from 0 to 2048 [ 124.188016][ T8849] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 124.255856][ T8849] EXT4-fs error (device loop1): ext4_find_extent:936: inode #2: comm syz.1.1987: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 124.303715][ T8861] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1992'. [ 124.305919][ T8861] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1992'. [ 124.329149][ T8861] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1992'. [ 124.334748][ T8867] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1995'. [ 124.485067][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 125.056145][ T8917] binder: 8916:8917 ioctl 40046210 0 returned -14 [ 125.095635][ T8919] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2020'. [ 125.104737][ T8919] tc_dump_action: action bad kind [ 125.252516][ T8928] loop2: detected capacity change from 0 to 1764 [ 125.309528][ T8928] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 125.378748][ T8937] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2029'. [ 125.708571][ T8960] loop2: detected capacity change from 0 to 256 [ 125.774613][ T8965] loop5: detected capacity change from 0 to 164 [ 125.784370][ T8967] loop1: detected capacity change from 0 to 8 [ 125.786561][ T8967] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 125.928991][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.930652][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.236438][ T8999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2056'. [ 126.805755][ T9025] ubi31: attaching mtd0 [ 126.820297][ T9025] ubi31: scanning is finished [ 126.821537][ T9025] ubi31: empty MTD device detected [ 127.034169][ T9025] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 127.036403][ T9025] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 127.047573][ T9025] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 127.049441][ T9025] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 127.051183][ T9025] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 127.073118][ T8995] loop2: detected capacity change from 0 to 40427 [ 127.075650][ T9025] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 127.079287][ T9025] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1253821130 [ 127.081967][ T9025] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 127.085754][ T9033] ubi31: background thread "ubi_bgt31d" started, PID 9033 [ 127.093126][ T8995] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 127.094725][ T8995] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 127.108612][ T9002] loop3: detected capacity change from 0 to 32768 [ 127.119556][ T8995] F2FS-fs (loop2): Found nat_bits in checkpoint [ 127.164711][ T8995] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 127.166531][ T8995] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 127.186757][ T8995] F2FS-fs (loop2): switch extent_cache option is not allowed [ 127.209702][ T9002] XFS (loop3): Mounting V5 Filesystem [ 127.360581][ T9002] XFS (loop3): Ending clean mount [ 127.365097][ T9002] XFS (loop3): Quotacheck needed: Please wait. [ 127.420259][ T9002] XFS (loop3): Quotacheck: Done. [ 127.479970][ T9064] loop5: detected capacity change from 0 to 256 [ 127.665966][ T9021] loop4: detected capacity change from 0 to 32768 [ 127.724108][ T4305] XFS (loop3): Unmounting Filesystem [ 127.785700][ T9021] XFS (loop4): Mounting V5 Filesystem [ 127.948059][ T9021] XFS (loop4): Ending clean mount [ 127.955721][ T9021] XFS (loop4): Quotacheck needed: Please wait. [ 128.009328][ T9021] XFS (loop4): Quotacheck: Done. [ 128.190984][ T4303] XFS (loop4): Unmounting Filesystem [ 128.950639][ T9148] loop4: detected capacity change from 0 to 2048 [ 128.986209][ T9148] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 129.049564][ T9160] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 129.082081][ T9158] loop2: detected capacity change from 0 to 764 [ 129.084622][ T9148] NILFS error (device loop4): nilfs_check_page: size of directory #2 is not a multiple of chunk size [ 129.093596][ T9148] Remounting filesystem read-only [ 129.124045][ T9158] rock: directory entry would overflow storage [ 129.125663][ T9158] rock: sig=0x4654, size=5, remaining=4 [ 129.134114][ T9158] isofs: Unable to find the ".." directory for NFS. [ 129.160578][ T9165] loop1: detected capacity change from 0 to 64 [ 129.234599][ T9163] loop5: detected capacity change from 0 to 8192 [ 129.262366][ T9167] loop4: detected capacity change from 0 to 16 [ 129.285891][ T9167] erofs: (device loop4): mounted with root inode @ nid 36. [ 129.300627][ T9167] erofs: (device loop4): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36 [ 129.303085][ T9167] erofs: (device loop4): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36 [ 129.305450][ T9167] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 129.368872][ T9163] loop5: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 [ 129.370675][ T9163] loop5: p3 start 327168 is beyond EOD, truncated [ 129.371147][ T9163] loop5: p5 start 327168 is beyond EOD, truncated [ 129.371166][ T9163] loop5: p6 start 327168 is beyond EOD, truncated [ 129.371183][ T9163] loop5: p7 start 327168 is beyond EOD, truncated [ 129.371199][ T9163] loop5: p8 start 327168 is beyond EOD, truncated [ 129.371225][ T9163] loop5: p9 start 327168 is beyond EOD, truncated [ 129.371242][ T9163] loop5: p10 start 327168 is beyond EOD, truncated [ 129.371258][ T9163] loop5: p11 start 327168 is beyond EOD, truncated [ 129.371275][ T9163] loop5: p12 start 327168 is beyond EOD, truncated [ 129.371291][ T9163] loop5: p13 start 327168 is beyond EOD, truncated [ 129.371308][ T9163] loop5: p14 start 327168 is beyond EOD, truncated [ 129.371324][ T9163] loop5: p15 start 327168 is beyond EOD, truncated [ 129.371340][ T9163] loop5: p16 start 327168 is beyond EOD, truncated [ 129.371356][ T9163] loop5: p17 start 327168 is beyond EOD, truncated [ 129.371373][ T9163] loop5: p18 start 327168 is beyond EOD, truncated [ 129.371389][ T9163] loop5: p19 start 327168 is beyond EOD, truncated [ 129.371405][ T9163] loop5: p20 start 327168 is beyond EOD, truncated [ 129.371422][ T9163] loop5: p21 start 327168 is beyond EOD, truncated [ 129.371438][ T9163] loop5: p22 start 327168 is beyond EOD, truncated [ 129.371454][ T9163] loop5: p23 start 327168 is beyond EOD, truncated [ 129.371470][ T9163] loop5: p24 start 327168 is beyond EOD, truncated [ 129.371487][ T9163] loop5: p25 start 327168 is beyond EOD, truncated [ 129.371503][ T9163] loop5: p26 start 327168 is beyond EOD, truncated [ 129.371520][ T9163] loop5: p27 start 327168 is beyond EOD, truncated [ 129.371536][ T9163] loop5: p28 start 327168 is beyond EOD, truncated [ 129.371553][ T9163] loop5: p29 start 327168 is beyond EOD, truncated [ 129.371569][ T9163] loop5: p30 start 327168 is beyond EOD, truncated [ 129.371585][ T9163] loop5: p31 start 327168 is beyond EOD, truncated [ 129.371602][ T9163] loop5: p32 start 327168 is beyond EOD, truncated [ 129.371618][ T9163] loop5: p33 start 327168 is beyond EOD, truncated [ 129.371634][ T9163] loop5: p34 start 327168 is beyond EOD, truncated [ 129.371650][ T9163] loop5: p35 start 327168 is beyond EOD, truncated [ 129.371676][ T9163] loop5: p36 start 327168 is beyond EOD, truncated [ 129.371693][ T9163] loop5: p37 start 327168 is beyond EOD, truncated [ 129.371709][ T9163] loop5: p38 start 327168 is beyond EOD, truncated [ 129.371726][ T9163] loop5: p39 start 327168 is beyond EOD, truncated [ 129.371742][ T9163] loop5: p40 start 327168 is beyond EOD, truncated [ 129.371758][ T9163] loop5: p41 start 327168 is beyond EOD, truncated [ 129.371775][ T9163] loop5: p42 start 327168 is beyond EOD, truncated [ 129.371791][ T9163] loop5: p43 start 327168 is beyond EOD, truncated [ 129.371807][ T9163] loop5: p44 start 327168 is beyond EOD, truncated [ 129.371824][ T9163] loop5: p45 start 327168 is beyond EOD, truncated [ 129.371840][ T9163] loop5: p46 start 327168 is beyond EOD, truncated [ 129.371856][ T9163] loop5: p47 start 327168 is beyond EOD, truncated [ 129.371872][ T9163] loop5: p48 start 327168 is beyond EOD, truncated [ 129.371889][ T9163] loop5: p49 start 327168 is beyond EOD, truncated [ 129.371905][ T9163] loop5: p50 start 327168 is beyond EOD, truncated [ 129.371921][ T9163] loop5: p51 start 327168 is beyond EOD, truncated [ 129.371938][ T9163] loop5: p52 start 327168 is beyond EOD, truncated [ 129.371954][ T9163] loop5: p53 start 327168 is beyond EOD, truncated [ 129.371971][ T9163] loop5: p54 start 327168 is beyond EOD, truncated [ 129.371987][ T9163] loop5: p55 start 327168 is beyond EOD, truncated [ 129.372003][ T9163] loop5: p56 start 327168 is beyond EOD, truncated [ 129.372019][ T9163] loop5: p57 start 327168 is beyond EOD, truncated [ 129.372036][ T9163] loop5: p58 start 327168 is beyond EOD, truncated [ 129.372052][ T9163] loop5: p59 start 327168 is beyond EOD, truncated [ 129.372069][ T9163] loop5: p60 start 327168 is beyond EOD, truncated [ 129.372085][ T9163] loop5: p61 start 327168 is beyond EOD, truncated [ 129.372102][ T9163] loop5: p62 start 327168 is beyond EOD, truncated [ 129.372118][ T9163] loop5: p63 start 327168 is beyond EOD, truncated [ 129.372134][ T9163] loop5: p64 start 327168 is beyond EOD, truncated [ 129.372151][ T9163] loop5: p65 start 327168 is beyond EOD, truncated [ 129.372167][ T9163] loop5: p66 start 327168 is beyond EOD, truncated [ 129.372183][ T9163] loop5: p67 start 327168 is beyond EOD, truncated [ 129.372199][ T9163] loop5: p68 start 327168 is beyond EOD, truncated [ 129.372220][ T9163] loop5: p69 start 327168 is beyond EOD, truncated [ 129.372237][ T9163] loop5: p70 start 327168 is beyond EOD, truncated [ 129.372253][ T9163] loop5: p71 start 327168 is beyond EOD, truncated [ 129.372270][ T9163] loop5: p72 start 327168 is beyond EOD, truncated [ 129.372286][ T9163] loop5: p73 start 327168 is beyond EOD, truncated [ 129.372303][ T9163] loop5: p74 start 327168 is beyond EOD, truncated [ 129.372319][ T9163] loop5: p75 start 327168 is beyond EOD, truncated [ 129.372336][ T9163] loop5: p76 start 327168 is beyond EOD, truncated [ 129.372352][ T9163] loop5: p77 start 327168 is beyond EOD, truncated [ 129.372368][ T9163] loop5: p78 start 327168 is beyond EOD, truncated [ 129.372385][ T9163] loop5: p79 start 327168 is beyond EOD, truncated [ 129.372401][ T9163] loop5: p80 start 327168 is beyond EOD, truncated [ 129.372417][ T9163] loop5: p81 start 327168 is beyond EOD, truncated [ 129.372434][ T9163] loop5: p82 start 327168 is beyond EOD, truncated [ 129.372450][ T9163] loop5: p83 start 327168 is beyond EOD, truncated [ 129.372466][ T9163] loop5: p84 start 327168 is beyond EOD, truncated [ 129.372483][ T9163] loop5: p85 start 327168 is beyond EOD, truncated [ 129.372499][ T9163] loop5: p86 start 327168 is beyond EOD, truncated [ 129.372515][ T9163] loop5: p87 start 327168 is beyond EOD, truncated [ 129.372531][ T9163] loop5: p88 start 327168 is beyond EOD, truncated [ 129.372548][ T9163] loop5: p89 start 327168 is beyond EOD, truncated [ 129.372564][ T9163] loop5: p90 start 327168 is beyond EOD, truncated [ 129.372580][ T9163] loop5: p91 start 327168 is beyond EOD, truncated [ 129.372597][ T9163] loop5: p92 start 327168 is beyond EOD, truncated [ 129.372613][ T9163] loop5: p93 start 327168 is beyond EOD, truncated [ 129.372629][ T9163] loop5: p94 start 327168 is beyond EOD, truncated [ 129.372646][ T9163] loop5: p95 start 327168 is beyond EOD, truncated [ 129.372662][ T9163] loop5: p96 start 327168 is beyond EOD, truncated [ 129.372685][ T9163] loop5: p97 start 327168 is beyond EOD, truncated [ 129.372701][ T9163] loop5: p98 start 327168 is beyond EOD, truncated [ 129.372717][ T9163] loop5: p99 start 327168 is beyond EOD, truncated [ 129.372733][ T9163] loop5: p100 start 327168 is beyond EOD, truncated [ 129.372750][ T9163] loop5: p101 start 327168 is beyond EOD, truncated [ 129.372766][ T9163] loop5: p102 start 327168 is beyond EOD, truncated [ 129.372782][ T9163] loop5: p103 start 327168 is beyond EOD, truncated [ 129.372799][ T9163] loop5: p104 start 327168 is beyond EOD, truncated [ 129.372815][ T9163] loop5: p105 start 327168 is beyond EOD, truncated [ 129.372832][ T9163] loop5: p106 start 327168 is beyond EOD, truncated [ 129.372848][ T9163] loop5: p107 start 327168 is beyond EOD, truncated [ 129.372864][ T9163] loop5: p108 start 327168 is beyond EOD, truncated [ 129.372881][ T9163] loop5: p109 start 327168 is beyond EOD, truncated [ 129.372897][ T9163] loop5: p110 start 327168 is beyond EOD, truncated [ 129.372914][ T9163] loop5: p111 start 327168 is beyond EOD, truncated [ 129.372930][ T9163] loop5: p112 start 327168 is beyond EOD, truncated [ 129.372946][ T9163] loop5: p113 start 327168 is beyond EOD, truncated [ 129.372963][ T9163] loop5: p114 start 327168 is beyond EOD, truncated [ 129.372979][ T9163] loop5: p115 start 327168 is beyond EOD, truncated [ 129.372996][ T9163] loop5: p116 start 327168 is beyond EOD, truncated [ 129.373012][ T9163] loop5: p117 start 327168 is beyond EOD, truncated [ 129.373029][ T9163] loop5: p118 start 327168 is beyond EOD, truncated [ 129.373045][ T9163] loop5: p119 start 327168 is beyond EOD, truncated [ 129.373061][ T9163] loop5: p120 start 327168 is beyond EOD, truncated [ 129.373078][ T9163] loop5: p121 start 327168 is beyond EOD, truncated [ 129.373094][ T9163] loop5: p122 start 327168 is beyond EOD, truncated [ 129.373110][ T9163] loop5: p123 start 327168 is beyond EOD, truncated [ 129.373127][ T9163] loop5: p124 start 327168 is beyond EOD, truncated [ 129.373143][ T9163] loop5: p125 start 327168 is beyond EOD, truncated [ 129.373159][ T9163] loop5: p126 start 327168 is beyond EOD, truncated [ 129.373176][ T9163] loop5: p127 start 327168 is beyond EOD, truncated [ 129.373192][ T9163] loop5: p128 start 327168 is beyond EOD, truncated [ 129.373209][ T9163] loop5: p129 start 327168 is beyond EOD, truncated [ 129.373229][ T9163] loop5: p130 start 327168 is beyond EOD, truncated [ 129.373245][ T9163] loop5: p131 start 327168 is beyond EOD, truncated [ 129.373262][ T9163] loop5: p132 start 327168 is beyond EOD, truncated [ 129.373278][ T9163] loop5: p133 start 327168 is beyond EOD, truncated [ 129.373295][ T9163] loop5: p134 start 327168 is beyond EOD, truncated [ 129.373311][ T9163] loop5: p135 start 327168 is beyond EOD, truncated [ 129.373327][ T9163] loop5: p136 start 327168 is beyond EOD, truncated [ 129.373344][ T9163] loop5: p137 start 327168 is beyond EOD, truncated [ 129.373360][ T9163] loop5: p138 start 327168 is beyond EOD, truncated [ 129.373376][ T9163] loop5: p139 start 327168 is beyond EOD, truncated [ 129.373393][ T9163] loop5: p140 start 327168 is beyond EOD, truncated [ 129.373409][ T9163] loop5: p141 start 327168 is beyond EOD, truncated [ 129.373426][ T9163] loop5: p142 start 327168 is beyond EOD, truncated [ 129.373442][ T9163] loop5: p143 start 327168 is beyond EOD, truncated [ 129.373459][ T9163] loop5: p144 start 327168 is beyond EOD, truncated [ 129.373475][ T9163] loop5: p145 start 327168 is beyond EOD, truncated [ 129.373492][ T9163] loop5: p146 start 327168 is beyond EOD, truncated [ 129.373508][ T9163] loop5: p147 start 327168 is beyond EOD, truncated [ 129.373524][ T9163] loop5: p148 start 327168 is beyond EOD, truncated [ 129.373541][ T9163] loop5: p149 start 327168 is beyond EOD, truncated [ 129.373557][ T9163] loop5: p150 start 327168 is beyond EOD, truncated [ 129.373573][ T9163] loop5: p151 start 327168 is beyond EOD, truncated [ 129.373590][ T9163] loop5: p152 start 327168 is beyond EOD, truncated [ 129.373606][ T9163] loop5: p153 start 327168 is beyond EOD, truncated [ 129.373622][ T9163] loop5: p154 start 327168 is beyond EOD, truncated [ 129.373639][ T9163] loop5: p155 start 327168 is beyond EOD, truncated [ 129.373655][ T9163] loop5: p156 start 327168 is beyond EOD, truncated [ 129.373678][ T9163] loop5: p157 start 327168 is beyond EOD, truncated [ 129.373695][ T9163] loop5: p158 start 327168 is beyond EOD, truncated [ 129.373711][ T9163] loop5: p159 start 327168 is beyond EOD, truncated [ 129.373727][ T9163] loop5: p160 start 327168 is beyond EOD, truncated [ 129.373744][ T9163] loop5: p161 start 327168 is beyond EOD, truncated [ 129.373760][ T9163] loop5: p162 start 327168 is beyond EOD, truncated [ 129.373776][ T9163] loop5: p163 start 327168 is beyond EOD, truncated [ 129.373793][ T9163] loop5: p164 start 327168 is beyond EOD, truncated [ 129.373809][ T9163] loop5: p165 start 327168 is beyond EOD, truncated [ 129.373825][ T9163] loop5: p166 start 327168 is beyond EOD, truncated [ 129.373842][ T9163] loop5: p167 start 327168 is beyond EOD, truncated [ 129.373858][ T9163] loop5: p168 start 327168 is beyond EOD, truncated [ 129.373875][ T9163] loop5: p169 start 327168 is beyond EOD, truncated [ 129.373891][ T9163] loop5: p170 start 327168 is beyond EOD, truncated [ 129.373907][ T9163] loop5: p171 start 327168 is beyond EOD, truncated [ 129.373924][ T9163] loop5: p172 start 327168 is beyond EOD, truncated [ 129.373940][ T9163] loop5: p173 start 327168 is beyond EOD, truncated [ 129.373957][ T9163] loop5: p174 start 327168 is beyond EOD, truncated [ 129.373973][ T9163] loop5: p175 start 327168 is beyond EOD, truncated [ 129.373989][ T9163] loop5: p176 start 327168 is beyond EOD, truncated [ 129.374006][ T9163] loop5: p177 start 327168 is beyond EOD, truncated [ 129.374022][ T9163] loop5: p178 start 327168 is beyond EOD, truncated [ 129.374039][ T9163] loop5: p179 start 327168 is beyond EOD, truncated [ 129.374055][ T9163] loop5: p180 start 327168 is beyond EOD, truncated [ 129.374071][ T9163] loop5: p181 start 327168 is beyond EOD, truncated [ 129.374088][ T9163] loop5: p182 start 327168 is beyond EOD, truncated [ 129.374104][ T9163] loop5: p183 start 327168 is beyond EOD, truncated [ 129.374121][ T9163] loop5: p184 start 327168 is beyond EOD, truncated [ 129.374137][ T9163] loop5: p185 start 327168 is beyond EOD, truncated [ 129.374153][ T9163] loop5: p186 start 327168 is beyond EOD, truncated [ 129.374170][ T9163] loop5: p187 start 327168 is beyond EOD, truncated [ 129.374186][ T9163] loop5: p188 start 327168 is beyond EOD, truncated [ 129.374202][ T9163] loop5: p189 start 327168 is beyond EOD, truncated [ 129.374222][ T9163] loop5: p190 start 327168 is beyond EOD, truncated [ 129.374239][ T9163] loop5: p191 start 327168 is beyond EOD, truncated [ 129.374255][ T9163] loop5: p192 start 327168 is beyond EOD, truncated [ 129.374272][ T9163] loop5: p193 start 327168 is beyond EOD, truncated [ 129.374288][ T9163] loop5: p194 start 327168 is beyond EOD, truncated [ 129.374305][ T9163] loop5: p195 start 327168 is beyond EOD, truncated [ 129.374321][ T9163] loop5: p196 start 327168 is beyond EOD, truncated [ 129.374338][ T9163] loop5: p197 start 327168 is beyond EOD, truncated [ 129.374527][ T9163] loop5: p198 start 327168 is beyond EOD, truncated [ 129.374547][ T9163] loop5: p199 start 327168 is beyond EOD, truncated [ 129.374563][ T9163] loop5: p200 start 327168 is beyond EOD, truncated [ 129.374580][ T9163] loop5: p201 start 327168 is beyond EOD, truncated [ 129.374596][ T9163] loop5: p202 start 327168 is beyond EOD, truncated [ 129.374613][ T9163] loop5: p203 start 327168 is beyond EOD, truncated [ 129.374629][ T9163] loop5: p204 start 327168 is beyond EOD, truncated [ 129.374646][ T9163] loop5: p205 start 327168 is beyond EOD, truncated [ 129.374662][ T9163] loop5: p206 start 327168 is beyond EOD, truncated [ 129.374688][ T9163] loop5: p207 start 327168 is beyond EOD, truncated [ 129.374704][ T9163] loop5: p208 start 327168 is beyond EOD, truncated [ 129.374721][ T9163] loop5: p209 start 327168 is beyond EOD, truncated [ 129.374737][ T9163] loop5: p210 start 327168 is beyond EOD, truncated [ 129.374754][ T9163] loop5: p211 start 327168 is beyond EOD, truncated [ 129.374770][ T9163] loop5: p212 start 327168 is beyond EOD, truncated [ 129.374787][ T9163] loop5: p213 start 327168 is beyond EOD, truncated [ 129.374803][ T9163] loop5: p214 start 327168 is beyond EOD, truncated [ 129.374819][ T9163] loop5: p215 start 327168 is beyond EOD, truncated [ 129.374836][ T9163] loop5: p216 start 327168 is beyond EOD, truncated [ 129.374852][ T9163] loop5: p217 start 327168 is beyond EOD, truncated [ 129.374869][ T9163] loop5: p218 start 327168 is beyond EOD, truncated [ 129.374896][ T9163] loop5: p219 start 327168 is beyond EOD, truncated [ 129.374913][ T9163] loop5: p220 start 327168 is beyond EOD, truncated [ 129.374929][ T9163] loop5: p221 start 327168 is beyond EOD, truncated [ 129.374946][ T9163] loop5: p222 start 327168 is beyond EOD, truncated [ 129.374962][ T9163] loop5: p223 start 327168 is beyond EOD, truncated [ 129.374979][ T9163] loop5: p224 start 327168 is beyond EOD, truncated [ 129.374995][ T9163] loop5: p225 start 327168 is beyond EOD, truncated [ 129.375011][ T9163] loop5: p226 start 327168 is beyond EOD, truncated [ 129.375028][ T9163] loop5: p227 start 327168 is beyond EOD, truncated [ 129.375044][ T9163] loop5: p228 start 327168 is beyond EOD, truncated [ 129.375061][ T9163] loop5: p229 start 327168 is beyond EOD, truncated [ 129.375077][ T9163] loop5: p230 start 327168 is beyond EOD, truncated [ 129.375094][ T9163] loop5: p231 start 327168 is beyond EOD, truncated [ 129.375110][ T9163] loop5: p232 start 327168 is beyond EOD, truncated [ 129.375127][ T9163] loop5: p233 start 327168 is beyond EOD, truncated [ 129.375144][ T9163] loop5: p234 start 327168 is beyond EOD, truncated [ 129.375160][ T9163] loop5: p235 start 327168 is beyond EOD, truncated [ 129.375176][ T9163] loop5: p236 start 327168 is beyond EOD, truncated [ 129.375193][ T9163] loop5: p237 start 327168 is beyond EOD, truncated [ 129.375209][ T9163] loop5: p238 start 327168 is beyond EOD, truncated [ 129.375234][ T9163] loop5: p239 start 327168 is beyond EOD, truncated [ 129.375251][ T9163] loop5: p240 start 327168 is beyond EOD, truncated [ 129.375267][ T9163] loop5: p241 start 327168 is beyond EOD, truncated [ 129.375284][ T9163] loop5: p242 start 327168 is beyond EOD, truncated [ 129.375300][ T9163] loop5: p243 start 327168 is beyond EOD, truncated [ 129.375317][ T9163] loop5: p244 start 327168 is beyond EOD, truncated [ 129.375333][ T9163] loop5: p245 start 327168 is beyond EOD, truncated [ 129.375349][ T9163] loop5: p246 start 327168 is beyond EOD, truncated [ 129.375365][ T9163] loop5: p247 start 327168 is beyond EOD, truncated [ 129.375382][ T9163] loop5: p248 start 327168 is beyond EOD, truncated [ 129.375398][ T9163] loop5: p249 start 327168 is beyond EOD, truncated [ 129.375414][ T9163] loop5: p250 start 327168 is beyond EOD, truncated [ 129.375431][ T9163] loop5: p251 start 327168 is beyond EOD, truncated [ 129.375447][ T9163] loop5: p252 start 327168 is beyond EOD, truncated [ 129.375463][ T9163] loop5: p253 start 327168 is beyond EOD, truncated [ 129.375480][ T9163] loop5: p254 start 327168 is beyond EOD, truncated [ 129.375496][ T9163] loop5: p255 start 327168 is beyond EOD, truncated [ 129.525124][ T9176] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2113'. [ 129.525153][ T9176] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2113'. [ 129.610274][ T9156] loop3: detected capacity change from 0 to 32768 [ 129.750244][ T9156] XFS (loop3): Mounting V5 Filesystem [ 129.923690][ T9156] XFS (loop3): Ending clean mount [ 130.623321][ T9156] XFS (loop3): Quotacheck needed: Please wait. [ 130.667184][ T9156] XFS (loop3): Quotacheck: Done. [ 130.778478][ T4305] XFS (loop3): Unmounting Filesystem [ 130.906595][ T9254] loop1: detected capacity change from 0 to 16 [ 130.919923][ T9254] erofs: (device loop1): mounted with root inode @ nid 36. [ 130.933811][ T9254] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 130.941551][ T9254] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851] [ 130.944328][ T9254] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 131.084624][ T9262] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2145'. [ 131.086837][ T9262] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2145'. [ 131.167318][ T9265] netlink: 'syz.5.2146': attribute type 2 has an invalid length. [ 131.169388][ T9265] netlink: 207496 bytes leftover after parsing attributes in process `syz.5.2146'. [ 131.330981][ T9277] loop5: detected capacity change from 0 to 128 [ 131.340273][ T9277] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 131.488940][ T9286] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2153'. [ 131.506526][ T9286] device xfrm1 entered promiscuous mode [ 131.788481][ T9306] nft_compat: unsupported protocol 5 [ 132.042239][ T9320] tmpfs: Bad value for 'size' [ 132.114660][ T9325] loop3: detected capacity change from 0 to 64 [ 132.282324][ T9338] loop5: detected capacity change from 0 to 16 [ 132.317259][ T9338] erofs: (device loop5): mounted with root inode @ nid 36. [ 132.432921][ T9337] loop4: detected capacity change from 0 to 4096 [ 132.470056][ T8161] udevd[8161]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 132.478612][ T9337] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 132.484807][ T8157] udevd[8157]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 132.492948][ T9348] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2179'. [ 132.509061][ T9351] loop3: detected capacity change from 0 to 64 [ 132.706503][ T9361] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2184'. [ 132.716598][ T9361] netlink: 31 bytes leftover after parsing attributes in process `syz.5.2184'. [ 132.719266][ T9361] netlink: 'syz.5.2184': attribute type 3 has an invalid length. [ 132.721187][ T9361] netlink: 'syz.5.2184': attribute type 2 has an invalid length. [ 132.723063][ T9361] netlink: 31 bytes leftover after parsing attributes in process `syz.5.2184'. [ 133.022959][ T9381] netlink: 'syz.1.2191': attribute type 1 has an invalid length. [ 133.093622][ T9390] loop5: detected capacity change from 0 to 256 [ 133.095686][ T9385] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 133.100535][ T9388] netlink: 'syz.4.2194': attribute type 27 has an invalid length. [ 133.660352][ T9424] loop3: detected capacity change from 0 to 256 [ 133.662492][ T9424] exfat: Deprecated parameter 'namecase' [ 133.698531][ T9424] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 133.929206][ T9434] loop4: detected capacity change from 0 to 4096 [ 134.015753][ T4297] Bluetooth: hci4: link tx timeout [ 134.017389][ T4297] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 134.036000][ T9434] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 134.207804][ T9462] loop2: detected capacity change from 0 to 22 [ 134.216686][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 134.239109][ T9462] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 134.254338][ T9462] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 134.842163][ T9502] loop1: detected capacity change from 0 to 64 [ 135.131518][ T9469] loop4: detected capacity change from 0 to 32768 [ 135.156661][ T9469] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop4 scanned by syz.4.2222 (9469) [ 135.157559][ T9521] loop2: detected capacity change from 0 to 164 [ 135.200820][ T9521] Unable to read rock-ridge attributes [ 135.209076][ T9469] BTRFS info (device loop4): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 135.211688][ T9469] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm [ 135.213730][ T9469] BTRFS info (device loop4): enabling ssd optimizations [ 135.215394][ T9469] BTRFS info (device loop4): use no compression [ 135.220025][ T9521] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 135.237501][ T9469] BTRFS info (device loop4): using free space tree [ 135.278315][ T9534] ieee802154 phy0 wpan0: encryption failed: -22 [ 135.623303][ T9564] __nla_validate_parse: 2 callbacks suppressed [ 135.623316][ T9564] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2255'. [ 135.628358][ T9564] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check. [ 135.721910][ T9573] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2256'. [ 135.914191][ T4303] BTRFS info (device loop4): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 136.087369][ T47] Bluetooth: hci4: command 0x0406 tx timeout [ 136.206001][ T9036] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop4 scanned by udevd (9036) [ 136.235538][ T9597] loop5: detected capacity change from 0 to 4096 [ 136.569978][ T9616] loop2: detected capacity change from 0 to 4096 [ 136.577260][ T9616] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 136.753323][ T9584] loop1: detected capacity change from 0 to 32768 [ 136.835401][ T9584] XFS (loop1): Mounting V5 Filesystem [ 136.996093][ T9584] XFS (loop1): Ending clean mount [ 137.068682][ T4550] XFS (loop1): Metadata CRC error detected at xfs_agfl_read_verify+0x14c/0x220, xfs_agfl block 0x3 [ 137.071595][ T4550] XFS (loop1): Unmount and run xfs_repair [ 137.073087][ T4550] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 137.074900][ T4550] 00000000: 58 41 46 4c ff ff ff ff ff ff ff ff 54 0d 4c 72 XAFL........T.Lr [ 137.084782][ T4550] 00000010: b5 91 04 d7 9d 8b 4e eb 00 00 00 00 00 00 00 00 ......N......... [ 137.100504][ T4550] 00000020: 4e 45 7d e8 ff ff ff ff 00 00 04 44 00 00 04 45 NE}........D...E [ 137.102804][ T4550] 00000030: 00 00 04 46 00 00 04 47 ff ff ff ff ff ff ff ff ...F...G........ [ 137.104920][ T4550] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 137.119593][ T4550] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 137.126475][ T4550] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 137.141413][ T4550] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 137.154456][ T9584] XFS (loop1): metadata I/O error in "xfs_alloc_read_agfl+0x19c/0x330" at daddr 0x3 len 1 error 74 [ 137.184508][ T9584] XFS (loop1): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x170c/0x1f10 (fs/xfs/libxfs/xfs_defer.c:580). Shutting down filesystem. [ 137.188920][ T9584] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 137.428621][ T4296] XFS (loop1): Unmounting Filesystem [ 137.555416][ T9691] No such timeout policy "syz0" [ 138.129182][ T9726] loop5: detected capacity change from 0 to 64 [ 138.224367][ T9731] netlink: 'syz.1.2317': attribute type 10 has an invalid length. [ 138.257918][ T9731] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.260056][ T9731] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.311940][ T9731] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.313958][ T9731] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.317607][ T9731] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.319595][ T9731] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.380674][ T9731] team0: Port device bridge0 added [ 138.513458][ T9748] loop3: detected capacity change from 0 to 256 [ 138.561295][ T9748] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x909a8a77, utbl_chksum : 0xe619d30d) [ 138.634959][ T9756] netlink: 3016 bytes leftover after parsing attributes in process `syz.1.2328'. [ 138.851524][ T9767] xt_hashlimit: Unknown mode mask 7221DE3B, kernel too old? [ 139.046651][ T9753] loop5: detected capacity change from 0 to 32768 [ 139.059304][ T9753] BTRFS info (device loop5): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 139.061971][ T9753] BTRFS info (device loop5): using sha256 (sha256-ce) checksum algorithm [ 139.063975][ T9753] BTRFS info (device loop5): enabling ssd optimizations [ 139.065740][ T9753] BTRFS info (device loop5): use no compression [ 139.067383][ T9753] BTRFS info (device loop5): using free space tree [ 139.150682][ T9757] loop2: detected capacity change from 0 to 32768 [ 139.160539][ T9757] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 139.163184][ T9757] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 139.165630][ T9757] BTRFS info (device loop2): force zlib compression, level 3 [ 139.184330][ T9757] BTRFS info (device loop2): force clearing of disk cache [ 139.186204][ T9757] BTRFS info (device loop2): setting nodatasum [ 139.188256][ T9757] BTRFS info (device loop2): allowing degraded mounts [ 139.190029][ T9757] BTRFS info (device loop2): enabling disk space caching [ 139.191833][ T9757] BTRFS info (device loop2): disk space caching is enabled [ 139.233394][ T9796] netlink: 'syz.1.2342': attribute type 1 has an invalid length. [ 139.235535][ T9796] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2342'. [ 139.426563][ T9823] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 139.430788][ T7769] BTRFS info (device loop5): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 139.470027][ T9757] BTRFS info (device loop2): rebuilding free space tree [ 139.476885][ T9757] BTRFS info (device loop2): disabling free space tree [ 139.541564][ T9757] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 139.544131][ T9757] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 139.683638][ T9757] BTRFS error (device loop2): balance: mixed groups data and metadata options must be the same [ 139.693378][ T9835] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2347'. [ 139.756888][ T9839] loop3: detected capacity change from 0 to 512 [ 139.765370][ T4300] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 139.876556][ T9846] loop4: detected capacity change from 0 to 256 [ 139.893177][ T9839] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 139.954453][ T4305] EXT4-fs (loop3): unmounting filesystem. [ 140.114445][ T9858] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2360'. [ 140.116836][ T9858] openvswitch: netlink: Flow key attr not present in new flow. [ 140.120484][ T8161] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop5 scanned by udevd (8161) [ 140.174724][ T9862] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2362'. [ 140.192137][ T9864] xt_hashlimit: invalid rate [ 140.200773][ T9862] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511) [ 140.237254][ T9862] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 140.293881][ T9869] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2365'. [ 140.525181][ T9876] loop4: detected capacity change from 0 to 4096 [ 140.565993][ T9876] __ntfs_error: 4 callbacks suppressed [ 140.566005][ T9876] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 140.575156][ T9876] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 140.586304][ T9876] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 140.607083][ T9876] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 140.617286][ T9876] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 140.648704][ T9876] ntfs: volume version 3.1. [ 140.651645][ T9876] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 140.654582][ T9876] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 140.664884][ T9876] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 140.671296][ T9876] ntfs: (device loop4): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is missing. [ 140.673901][ T9876] ntfs: (device loop4): ntfs_read_locked_index_inode(): Failed with error code -2 while reading index inode (mft_no 0x9, name_len 2. [ 140.692965][ T9058] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop2 scanned by udevd (9058) [ 141.169980][ T9918] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 141.292493][ T9922] netlink: 260 bytes leftover after parsing attributes in process `syz.1.2390'. [ 141.939774][ T9957] netlink: 'syz.5.2407': attribute type 10 has an invalid length. [ 141.945596][ T9957] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.947584][ T9957] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.970124][ T9957] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.972091][ T9957] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.976017][ T9957] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.977933][ T9957] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.023416][ T9957] team0: Port device bridge0 added [ 142.082947][ T9966] loop4: detected capacity change from 0 to 64 [ 142.266512][ T9978] loop3: detected capacity change from 0 to 256 [ 142.333733][ T9984] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.668528][T10010] ip6t_rpfilter: unknown options [ 142.725435][T10003] loop5: detected capacity change from 0 to 8192 [ 142.798586][T10003] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.801865][T10003] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 142.804117][T10003] REISERFS (device loop5): using ordered data mode [ 142.805949][T10003] reiserfs: using flush barriers [ 142.831633][T10003] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.859314][T10003] REISERFS (device loop5): checking transaction log (loop5) [ 142.923054][T10015] loop2: detected capacity change from 0 to 4096 [ 142.953043][T10003] REISERFS (device loop5): Using tea hash to sort names [ 142.955106][T10003] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 142.964723][T10003] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 142.968898][T10019] loop1: detected capacity change from 0 to 4096 [ 143.003232][T10015] ntfs: volume version 3.1. [ 143.003276][T10025] No such timeout policy "syz0" [ 143.055035][T10019] ntfs: volume version 3.1. [ 143.357197][T10042] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2443'. [ 143.382502][T10044] netlink: 'syz.3.2450': attribute type 10 has an invalid length. [ 143.416127][T10044] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.419589][T10044] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.440866][T10044] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.442894][T10044] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.446229][T10044] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.448176][T10044] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.536719][T10044] team0: Port device bridge0 added [ 143.715848][T10057] binder: 10056:10057 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 143.724340][T10057] binder: 10057 RLIMIT_NICE not set [ 143.948340][T10047] loop1: detected capacity change from 0 to 32768 [ 144.000244][T10047] XFS (loop1): Mounting V5 Filesystem [ 144.117686][T10047] XFS (loop1): Ending clean mount [ 144.210252][T10087] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2468'. [ 144.232037][T10089] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2467'. [ 144.285245][ T4296] XFS (loop1): Unmounting Filesystem [ 144.418906][T10066] loop5: detected capacity change from 0 to 32768 [ 144.445130][T10066] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 11 [ 144.534258][T10103] loop3: detected capacity change from 0 to 256 [ 144.561743][T10103] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 144.586703][ T9036] I/O error, dev loop5, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 144.959187][T10122] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2484'. [ 144.980034][T10125] xt_ecn: cannot match TCP bits for non-tcp packets [ 145.135222][T10136] xt_ecn: cannot match TCP bits for non-tcp packets [ 145.652596][ T27] kauditd_printk_skb: 6 callbacks suppressed [ 145.652609][ T27] audit: type=1400 audit(145.630:5): apparmor="DENIED" operation="change_onexec" info="label not found" error=-22 profile="unconfined" name="&" pid=10173 comm="syz.4.2511" [ 145.701576][T10179] loop5: detected capacity change from 0 to 512 [ 145.740145][T10179] EXT4-fs (loop5): orphan cleanup on readonly fs [ 145.792586][T10179] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.2513: bg 0: block 248: padding at end of block bitmap is not set [ 145.873103][T10179] Quota error (device loop5): write_blk: dquota write failed [ 145.875109][T10179] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 145.902981][T10186] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.911940][T10179] EXT4-fs error (device loop5): ext4_acquire_dquot:6802: comm syz.5.2513: Failed to acquire dquot type 1 [ 145.938522][T10179] EXT4-fs (loop5): 1 truncate cleaned up [ 145.953973][T10179] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 146.035282][T10179] EXT4-fs error (device loop5): ext4_lookup:1862: inode #2: comm syz.5.2513: deleted inode referenced: 12 [ 146.079456][T10190] loop2: detected capacity change from 0 to 256 [ 146.136427][T10186] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 146.156566][T10190] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d) [ 146.162184][ T7769] EXT4-fs (loop5): unmounting filesystem. [ 146.366809][T10196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2521'. [ 146.376830][T10196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2521'. [ 146.748064][T10221] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2533'. [ 146.864306][T10227] delete_channel: no stack [ 147.115279][T10246] loop3: detected capacity change from 0 to 2048 [ 147.155019][T10249] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 147.164661][T10246] NILFS error (device loop3): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 147.176108][T10246] Remounting filesystem read-only [ 147.179946][T10248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2547'. [ 147.265007][T10251] loop3: detected capacity change from 0 to 512 [ 147.308010][T10251] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 147.383062][T10235] loop4: detected capacity change from 0 to 32768 [ 147.385336][T10235] XFS: noikeep mount option is deprecated. [ 147.390402][T10251] EXT4-fs (loop3): 1 truncate cleaned up [ 147.391874][T10251] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 147.465099][ T4305] EXT4-fs (loop3): unmounting filesystem. [ 147.509024][T10235] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 147.511600][T10235] XFS (loop4): Mounting V5 Filesystem [ 147.598439][T10235] XFS (loop4): Ending clean mount [ 147.601143][T10235] XFS (loop4): Quotacheck needed: Please wait. [ 147.645866][T10235] XFS (loop4): Quotacheck: Done. [ 147.682801][T10280] loop1: detected capacity change from 0 to 4096 [ 147.684880][T10283] random: crng reseeded on system resumption [ 147.695392][T10280] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match. Run ntfsfix or chkdsk. [ 147.730128][ T4303] XFS (loop4): Unmounting Filesystem [ 147.740635][T10280] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 147.784738][T10280] ntfs: volume version 3.1. [ 147.789927][T10280] ntfs: (device loop1): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4). Marking corrupt inode and base inode 0x1a as bad. Run chkdsk. [ 147.798826][T10280] ntfs: (device loop1): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute. [ 147.801316][T10280] ntfs: (device loop1): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 148.068882][T10299] loop1: detected capacity change from 0 to 1024 [ 148.137840][T10299] hfsplus: inconsistency in B*Tree (0,1,255,1,0) [ 148.155713][T10303] ieee802154 phy0 wpan0: encryption failed: -22 [ 148.177637][T10293] infiniband syz!: set down [ 148.180565][T10293] infiniband syz!: added team_slave_0 [ 148.248845][T10293] RDS/IB: syz!: added [ 148.250010][T10293] smc: adding ib device syz! with port count 1 [ 148.251693][T10293] smc: ib device syz! port 1 has pnetid [ 148.467348][T10319] netlink: 'syz.1.2575': attribute type 9 has an invalid length. [ 148.553904][T10321] netlink: 'syz.4.2577': attribute type 1 has an invalid length. [ 148.555873][T10321] netlink: 'syz.4.2577': attribute type 2 has an invalid length. [ 148.570181][T10321] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2577'. [ 148.871180][T10298] loop5: detected capacity change from 0 to 40427 [ 148.888041][T10298] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 148.890311][T10298] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 148.909300][T10339] loop4: detected capacity change from 0 to 736 [ 148.948864][T10298] F2FS-fs (loop5): Found nat_bits in checkpoint [ 148.974070][T10339] rock: directory entry would overflow storage [ 148.975723][T10339] rock: sig=0x3b10, size=4, remaining=3 [ 149.013021][T10298] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 149.014758][T10298] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 149.098066][T10298] fscrypt (loop5, inode 3): Error -61 getting encryption context [ 149.357143][T10365] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2598'. [ 149.586804][T10381] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 149.607970][T10381] CIFS mount error: No usable UNC path provided in device string! [ 149.607970][T10381] [ 149.610621][T10381] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 149.684986][T10389] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2609'. [ 149.707121][T10389] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2609'. [ 149.922984][ T3606] block nbd1: Attempted send on invalid socket [ 149.924610][ T3606] I/O error, dev nbd1, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 149.937208][T10401] VFS: could not find a valid V7 on nbd1. [ 149.972377][T10399] loop3: detected capacity change from 0 to 4096 [ 150.062508][T10399] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 150.320506][T10417] loop5: detected capacity change from 0 to 2048 [ 150.351310][T10422] loop1: detected capacity change from 0 to 64 [ 150.353912][T10422] hfs: part requires an argument [ 150.354268][T10417] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 150.355230][T10422] hfs: unable to parse mount options [ 150.362344][T10423] loop2: detected capacity change from 0 to 128 [ 150.364747][T10423] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 150.366450][T10397] loop4: detected capacity change from 0 to 32768 [ 150.386544][T10423] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 150.389228][T10424] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 150.438469][T10397] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 150.517508][T10417] NILFS (loop5): failed to count free inodes: err=-34 [ 150.627332][ T4303] ocfs2: Unmounting device (7,4) on (node local) [ 150.703653][T10438] loop2: detected capacity change from 0 to 2048 [ 150.714752][ T7769] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 150.721929][ T7769] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=16) [ 150.732132][ T7769] Remounting filesystem read-only [ 150.733401][ T7769] NILFS (loop5): error -5 truncating bmap (ino=16) [ 150.760895][ T7769] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 150.769939][T10444] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 150.787217][T10438] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 150.795110][T10438] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 151.131977][T10466] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 151.186598][T10470] 8021q: adding VLAN 0 to HW filter on device bond1 [ 151.255813][T10479] loop4: detected capacity change from 0 to 1024 [ 151.542614][T10497] netlink: 'syz.3.2661': attribute type 13 has an invalid length. [ 151.553150][T10497] device veth0_macvtap left promiscuous mode [ 151.558995][T10499] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2662'. [ 151.561194][T10499] netlink: 'syz.5.2662': attribute type 2 has an invalid length. [ 151.626642][T10497] macvtap0: refused to change device tx_queue_len [ 151.824824][T10514] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2669'. [ 151.829179][T10513] SET target dimension over the limit! [ 151.837610][T10514] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2669'. [ 152.071822][T10525] tc_dump_action: action bad kind [ 152.250372][T10537] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2680'. [ 152.252655][T10537] netlink: 'syz.3.2680': attribute type 1 has an invalid length. [ 152.254552][T10537] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2680'. [ 152.304368][T10493] loop4: detected capacity change from 0 to 32768 [ 152.306551][T10493] XFS: attr2 mount option is deprecated. [ 152.419163][T10551] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 152.421408][T10551] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 152.511516][T10493] XFS (loop4): Mounting V5 Filesystem [ 152.539206][T10560] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2691'. [ 152.658027][T10493] XFS (loop4): Ending clean mount [ 152.660805][T10493] XFS (loop4): Quotacheck needed: Please wait. [ 152.736289][T10493] XFS (loop4): Quotacheck: Done. [ 152.764026][T10573] netlink: 'syz.3.2694': attribute type 11 has an invalid length. [ 152.765967][T10573] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2694'. [ 152.848923][T10577] netlink: 'syz.1.2696': attribute type 3 has an invalid length. [ 152.929258][ T4303] XFS (loop4): Unmounting Filesystem [ 153.286011][T10596] loop2: detected capacity change from 0 to 4096 [ 153.385811][T10609] netlink: 'syz.5.2709': attribute type 21 has an invalid length. [ 153.415176][T10609] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2709'. [ 153.538997][T10617] loop5: detected capacity change from 0 to 64 [ 153.541207][T10617] hfs: invalid gid -1 [ 153.542179][T10617] hfs: unable to parse mount options [ 153.674402][T10628] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2718'. [ 153.971863][T10649] netlink: 'syz.3.2729': attribute type 21 has an invalid length. [ 154.233861][T10670] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2738'. [ 154.483121][T10688] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 154.600514][T10702] loop4: detected capacity change from 0 to 256 [ 154.630293][T10702] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d) [ 154.635542][T10703] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 154.655447][T10705] netlink: 'syz.3.2756': attribute type 21 has an invalid length. [ 154.834471][T10716] loop2: detected capacity change from 0 to 512 [ 154.886937][T10716] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 33619980: comm syz.2.2762: invalid block [ 154.909131][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 154.925911][T10725] netlink: 'syz.1.2765': attribute type 10 has an invalid length. [ 154.964782][T10716] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.2762: Invalid block bitmap block 0 in block_group 0 [ 155.003827][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.017642][T10716] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 155.033498][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.036688][T10716] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.2762: attempt to clear invalid blocks 983261 len 1 [ 155.072106][T10725] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 155.075055][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.076745][T10716] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.2762: invalid indirect mapped block 2683928664 (level 0) [ 155.097583][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.099264][T10716] EXT4-fs error (device loop2): __ext4_get_inode_loc:4507: comm syz.2.2762: Invalid inode table block 0 in block_group 0 [ 155.127295][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.129154][T10716] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 155.132797][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.141966][T10716] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 155.147799][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.155309][T10716] EXT4-fs error (device loop2): __ext4_get_inode_loc:4507: comm syz.2.2762: Invalid inode table block 0 in block_group 0 [ 155.176276][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.185056][T10716] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 155.199020][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.206327][T10716] EXT4-fs error (device loop2): ext4_truncate:4312: inode #13: comm syz.2.2762: mark_inode_dirty error [ 155.221607][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.227395][T10716] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 155.237208][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.243577][T10716] EXT4-fs error (device loop2): __ext4_get_inode_loc:4507: comm syz.2.2762: Invalid inode table block 0 in block_group 0 [ 155.256550][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.264547][T10716] EXT4-fs (loop2): 1 truncate cleaned up [ 155.277108][T10716] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 155.329276][T10716] EXT4-fs error (device loop2): __ext4_get_inode_loc:4507: comm syz.2.2762: Invalid inode table block 0 in block_group 0 [ 155.370888][T10716] EXT4-fs (loop2): Remounting filesystem read-only [ 155.432163][ T4300] EXT4-fs (loop2): unmounting filesystem. [ 155.473289][T10753] x_tables: duplicate entry at hook 3 [ 156.277926][T10801] loop5: detected capacity change from 0 to 128 [ 156.287853][T10801] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 156.330580][T10801] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 156.381529][T10801] UBIFS error (pid: 10801): cannot open "./file0", error -22 [ 156.413994][T10776] loop2: detected capacity change from 0 to 32768 [ 156.433531][T10805] loop3: detected capacity change from 0 to 4096 [ 156.456776][T10805] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 156.622588][ T4305] ntfs3: loop3: ntfs_sync_fs r=1a failed, -22. [ 156.625560][ T4305] ntfs3: loop3: ntfs_evict_inode r=1a failed, -22. [ 156.627686][ T4305] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 156.764009][T10824] loop1: detected capacity change from 0 to 512 [ 156.766037][T10824] EXT4-fs: Ignoring removed oldalloc option [ 156.792282][T10824] EXT4-fs: Ignoring removed nobh option [ 156.860096][T10824] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 156.950773][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 157.035441][T10841] loop4: detected capacity change from 0 to 256 [ 157.040593][T10837] loop1: detected capacity change from 0 to 1024 [ 157.042909][T10837] EXT4-fs: Ignoring removed nomblk_io_submit option [ 157.044622][T10837] EXT4-fs: inline encryption not supported [ 157.046063][T10837] EXT4-fs: Ignoring removed nomblk_io_submit option [ 157.075515][T10841] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 157.078632][T10841] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 157.113630][T10837] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 157.120800][T10841] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 157.193387][T10852] netlink: 'syz.2.2824': attribute type 13 has an invalid length. [ 157.245588][T10854] qrtr: Invalid version 0 [ 157.246431][T10850] __nla_validate_parse: 8 callbacks suppressed [ 157.246443][T10850] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2822'. [ 157.262025][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 157.299334][T10850] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 157.845918][T10895] loop4: detected capacity change from 0 to 256 [ 157.860250][T10895] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 158.344895][T10924] loop5: detected capacity change from 0 to 4096 [ 158.350227][T10924] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 158.353200][T10924] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 158.373277][T10924] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 158.376276][T10924] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 158.411793][T10924] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 158.440464][T10924] ntfs: volume version 3.1. [ 158.445936][T10924] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 158.474084][T10924] ntfs: (device loop5): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 158.478203][T10924] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 158.480803][T10924] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 158.483601][T10924] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 158.710414][T10958] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2877'. [ 158.712650][T10958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2877'. [ 158.737363][ T47] Bluetooth: hci0: command 0x0406 tx timeout [ 158.845197][T10967] loop4: detected capacity change from 0 to 64 [ 158.874488][T10967] hfs: unable to locate alternate MDB [ 158.875912][T10967] hfs: continuing without an alternate MDB [ 158.933939][T10973] netlink: 'syz.1.2884': attribute type 1 has an invalid length. [ 159.409925][T11010] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2903'. [ 159.412246][T11010] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2903'. [ 160.095172][T11005] loop5: detected capacity change from 0 to 32768 [ 160.399883][T11071] netlink: 'syz.2.2935': attribute type 10 has an invalid length. [ 160.401886][T11071] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2935'. [ 160.404843][T11071] batman_adv: batadv0: Adding interface: vlan1 [ 160.406455][T11071] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.450039][T11071] batman_adv: batadv0: Interface activated: vlan1 [ 160.604145][T11076] loop1: detected capacity change from 0 to 8192 [ 160.622740][T11076] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 160.720714][T11092] loop2: detected capacity change from 0 to 8 [ 160.787327][T11097] sctp: [Deprecated]: syz.4.2945 (pid 11097) Use of int in maxseg socket option. [ 160.787327][T11097] Use struct sctp_assoc_value instead [ 160.924993][T11108] ipt_rpfilter: unknown options [ 161.180012][T11125] trusted_key: encrypted_key: keyword 'newauÿÿ' not recognized [ 161.889789][T11121] loop2: detected capacity change from 0 to 40427 [ 161.905401][T11121] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 161.915529][T11121] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 161.971535][T11121] F2FS-fs (loop2): Found nat_bits in checkpoint [ 162.027282][T11164] loop4: detected capacity change from 0 to 128 [ 162.030123][T11164] EXT4-fs: Ignoring removed bh option [ 162.053511][T11121] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 162.055376][T11121] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 162.111564][T11164] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 162.128455][T11121] fscrypt (loop2, inode 3): Error -61 getting encryption context [ 162.279703][T11142] loop1: detected capacity change from 0 to 40427 [ 162.288437][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 162.309272][T11173] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 162.312075][T11173] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 162.316339][T11142] F2FS-fs (loop1): invalid crc value [ 162.373880][T11142] F2FS-fs (loop1): Found nat_bits in checkpoint [ 162.413244][T11142] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 162.438691][T11142] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 163.043651][T11213] tc_dump_action: action bad kind [ 163.163067][T11221] xt_hashlimit: max too large, truncated to 1048576 [ 163.404431][T11193] loop4: detected capacity change from 0 to 32768 [ 163.440458][T11234] loop2: detected capacity change from 0 to 2048 [ 163.462411][T11234] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 163.494798][T11234] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 163.509971][T11193] XFS (loop4): Mounting V5 Filesystem [ 163.655746][T11193] XFS (loop4): Ending clean mount [ 163.685081][T11258] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3017'. [ 163.810335][T11264] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3019'. [ 163.826495][ T4303] XFS (loop4): Unmounting Filesystem [ 163.857190][ T47] Bluetooth: hci1: command 0x0406 tx timeout [ 163.858761][ T47] Bluetooth: hci3: command 0x0406 tx timeout [ 163.860297][ T47] Bluetooth: hci4: command 0x0406 tx timeout [ 163.921123][T11270] loop1: detected capacity change from 0 to 64 [ 163.923424][T11270] hfs: invalid gid -1 [ 163.924470][T11270] hfs: unable to parse mount options [ 164.169213][T11286] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3032'. [ 164.171534][T11286] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3032'. [ 164.358372][T11292] loop4: detected capacity change from 0 to 4096 [ 164.534280][T11310] loop3: detected capacity change from 0 to 16 [ 164.549295][T11310] erofs: (device loop3): mounted with root inode @ nid 36. [ 164.635098][T11314] cifs: Unknown parameter 'no9á ‘ýPƒ¹G!8°‰™…E' [ 164.763900][T11320] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead [ 164.766516][T11320] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD [ 165.007338][T11333] loop1: detected capacity change from 0 to 512 [ 165.073029][T11333] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 165.269830][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 165.289631][T11306] loop5: detected capacity change from 0 to 32768 [ 165.299892][T11306] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 165.301944][T11306] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 165.355564][T11306] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 165.396056][ T22] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 165.397777][ T22] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 165.398137][T11358] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3075'. [ 165.472549][ T22] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 74ms [ 165.474480][ T22] gfs2: fsid=syz:syz.0: jid=0: Done [ 165.482848][T11306] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 165.560550][T11365] loop3: detected capacity change from 0 to 256 [ 166.536332][T11382] loop2: detected capacity change from 0 to 32768 [ 166.551196][T11382] [ 166.551196][T11382] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 166.551196][T11382] [ 166.586271][T11426] netlink: 'syz.1.3098': attribute type 1 has an invalid length. [ 166.623967][T11382] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 166.623967][T11382] [ 166.633903][T11382] ERROR: (device loop2): remounting filesystem as read-only [ 166.944166][T11444] loop1: detected capacity change from 0 to 64 [ 167.057165][T11450] binder: 11449:11450 ioctl c00c620f 0 returned -14 [ 167.189351][T11420] loop4: detected capacity change from 0 to 32768 [ 167.315371][T11466] xt_l2tp: v2 tid > 0xffff: 4294967295 [ 167.398475][T11469] loop5: detected capacity change from 0 to 512 [ 167.447182][T11469] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 167.451732][T11469] EXT4-fs (loop5): 1 truncate cleaned up [ 167.453225][T11469] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 167.498096][T11469] EXT4-fs error (device loop5): ext4_append:79: inode #2: comm syz.5.3121: Logical block already allocated [ 167.504704][T11469] EXT4-fs (loop5): Remounting filesystem read-only [ 167.631980][ T7769] EXT4-fs (loop5): unmounting filesystem. [ 168.227174][T11526] netlink: 'syz.3.3148': attribute type 12 has an invalid length. [ 168.646893][ T3606] block nbd3: Attempted send on invalid socket [ 168.648880][ T3606] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.659503][ T51] block nbd3: Attempted send on invalid socket [ 168.661211][ T51] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.667921][ T51] block nbd3: Attempted send on invalid socket [ 168.669510][ T51] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.672817][ T51] block nbd3: Attempted send on invalid socket [ 168.674386][ T51] I/O error, dev nbd3, sector 18 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.676905][ T51] block nbd3: Attempted send on invalid socket [ 168.679283][ T51] I/O error, dev nbd3, sector 30 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.682256][ T51] block nbd3: Attempted send on invalid socket [ 168.683848][ T51] I/O error, dev nbd3, sector 36 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.795905][T11573] loop5: detected capacity change from 0 to 1024 [ 168.922648][ T8018] hfsplus: b-tree write err: -5, ino 4 [ 169.093862][T11590] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3182'. [ 169.246580][T11599] loop4: detected capacity change from 0 to 1024 [ 169.335685][T11599] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 169.437862][T11599] EXT4-fs error (device loop4): ext4_get_first_dir_block:3605: inode #11: comm syz.4.3185: directory missing '..' [ 169.545638][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 169.564643][T11594] loop5: detected capacity change from 0 to 32768 [ 169.577274][T11594] XFS: noikeep mount option is deprecated. [ 169.607485][T11617] loop1: detected capacity change from 0 to 4096 [ 169.610358][T11617] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 169.685642][T11617] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 169.711158][T11594] XFS (loop5): Mounting V5 Filesystem [ 169.874667][T11594] XFS (loop5): Ending clean mount [ 169.882002][T11594] XFS (loop5): Quotacheck needed: Please wait. [ 169.937154][T11644] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3200'. [ 169.941999][T11594] XFS (loop5): Quotacheck: Done. [ 170.066464][ T7769] XFS (loop5): Unmounting Filesystem [ 170.197586][T11658] loop2: detected capacity change from 0 to 64 [ 170.317865][T11663] device xfrm1 entered promiscuous mode [ 170.527214][T11677] netlink: 'syz.1.3220': attribute type 10 has an invalid length. [ 170.532900][T11677] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3220'. [ 170.535888][T11677] batman_adv: batadv0: Adding interface: vlan1 [ 170.546237][T11677] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.568171][T11677] batman_adv: batadv0: Interface activated: vlan1 [ 170.766908][T11694] loop1: detected capacity change from 0 to 512 [ 170.780380][T11694] EXT2-fs (loop1): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 170.812610][T11694] EXT2-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 170.815490][T11694] EXT2-fs (loop1): 0.5b, 95/08/09, bs=2048, gc=1, bpg=16384, ipg=32, mo=8021c] [ 170.910141][T11705] netlink: 'syz.5.3232': attribute type 33 has an invalid length. [ 171.074840][T11707] loop1: detected capacity change from 0 to 4096 [ 171.147989][T11715] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 171.156647][T11707] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=11 [ 171.412890][T11728] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 171.507157][T11691] loop4: detected capacity change from 0 to 32768 [ 171.535535][T11691] jfs_mount: dbMount failed w/rc = -22 [ 171.538378][T11691] Mount JFS Failure: -22 [ 171.539494][T11691] jfs_mount failed w/return code = -22 [ 171.772241][T11751] netlink: 'syz.5.3253': attribute type 21 has an invalid length. [ 172.110389][T11773] loop1: detected capacity change from 0 to 128 [ 172.112765][T11773] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 172.145041][T11773] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 172.262311][T11779] loop4: detected capacity change from 0 to 2048 [ 172.289447][T11779] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 172.522176][T11791] loop2: detected capacity change from 0 to 1764 [ 172.567107][T11791] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 172.573935][T11792] loop5: detected capacity change from 0 to 4096 [ 172.589477][T11763] loop3: detected capacity change from 0 to 32768 [ 172.599308][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 172.601287][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 172.603403][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 172.605382][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 172.627236][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffc1c00 [ 172.629717][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffc2c00 [ 172.631875][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffc4c00 [ 172.637103][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffc8c00 [ 172.639093][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffd0c00 [ 172.641240][T11792] ntfs3: loop5: try to read out of volume at offset 0x3fffffe0c00 [ 172.642350][T11763] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 172.896603][ T4305] ocfs2: Unmounting device (7,3) on (node local) [ 173.097377][T11825] set match dimension is over the limit! [ 173.141535][T11822] loop2: detected capacity change from 0 to 4096 [ 173.170787][T11822] __ntfs_warning: 6 callbacks suppressed [ 173.170800][T11822] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 173.221451][T11822] ntfs: volume version 3.1. [ 173.343066][T11833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3292'. [ 173.481918][T11842] loop4: detected capacity change from 0 to 256 [ 173.784901][T11823] loop5: detected capacity change from 0 to 40427 [ 173.807587][T11823] F2FS-fs (loop5): Invalid Fs Meta Ino: node(1) meta(262146) root(3) [ 173.809643][T11823] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 173.896502][T11823] F2FS-fs (loop5): Found nat_bits in checkpoint [ 173.946300][T11823] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0 [ 173.956442][T11823] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 173.997075][T11870] xt_recent: hitcount (16385) is larger than allowed maximum (255) [ 174.238155][T11884] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3317'. [ 174.294828][T11890] netlink: 'syz.2.3320': attribute type 7 has an invalid length. [ 174.385399][T11892] netlink: 'syz.1.3321': attribute type 46 has an invalid length. [ 174.445233][T11898] loop3: detected capacity change from 0 to 64 [ 174.571426][ T4297] Bluetooth: hci2: unexpected event 0x06 length: 4 > 3 [ 175.297168][T11949] netlink: 'syz.2.3349': attribute type 3 has an invalid length. [ 175.301159][T11949] netlink: 114680 bytes leftover after parsing attributes in process `syz.2.3349'. [ 175.646712][T11978] loop3: detected capacity change from 0 to 256 [ 175.675809][T11980] device wg1 entered promiscuous mode [ 175.678647][T11978] FAT-fs (loop3): Directory bread(block 64) failed [ 175.680305][T11978] FAT-fs (loop3): Directory bread(block 65) failed [ 175.682209][T11978] FAT-fs (loop3): Directory bread(block 66) failed [ 175.683852][T11978] FAT-fs (loop3): Directory bread(block 67) failed [ 175.685547][T11978] FAT-fs (loop3): Directory bread(block 68) failed [ 175.688107][T11982] netlink: 'syz.5.3364': attribute type 10 has an invalid length. [ 175.709539][T11978] FAT-fs (loop3): Directory bread(block 69) failed [ 175.713578][T11978] FAT-fs (loop3): Directory bread(block 70) failed [ 175.718644][T11978] FAT-fs (loop3): Directory bread(block 71) failed [ 175.720615][T11978] FAT-fs (loop3): Directory bread(block 72) failed [ 175.726912][T11978] FAT-fs (loop3): Directory bread(block 73) failed [ 175.737087][T11982] device macvlan0 entered promiscuous mode [ 175.774074][T11982] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 175.882406][T11988] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3367'. [ 176.226272][T12016] loop2: detected capacity change from 0 to 512 [ 176.263642][T12016] EXT4-fs: Ignoring removed orlov option [ 176.282542][T12016] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 176.316515][T12016] EXT4-fs (loop2): orphan cleanup on readonly fs [ 176.337306][T12016] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.3381: bg 0: block 248: padding at end of block bitmap is not set [ 176.381585][T12016] Quota error (device loop2): write_blk: dquota write failed [ 176.383495][T12016] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 176.385924][T12016] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.3381: Failed to acquire dquot type 1 [ 176.402457][T12016] EXT4-fs (loop2): 1 truncate cleaned up [ 176.404419][T12016] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 176.418766][T12016] EXT4-fs: Ignoring removed orlov option [ 176.420250][T12016] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 176.422418][T12016] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 176.460233][T12016] EXT4-fs error (device loop2): __ext4_remount:6611: comm syz.2.3381: Abort forced by user [ 176.477307][T12016] EXT4-fs (loop2): Remounting filesystem read-only [ 176.479028][T12016] EXT4-fs (loop2): re-mounted. Quota mode: writeback. [ 176.546642][ T4300] EXT4-fs (loop2): unmounting filesystem. [ 176.558096][T12031] loop4: detected capacity change from 0 to 256 [ 176.600706][T12031] FAT-fs (loop4): Directory bread(block 64) failed [ 176.602465][T12031] FAT-fs (loop4): Directory bread(block 65) failed [ 176.604173][T12031] FAT-fs (loop4): Directory bread(block 66) failed [ 176.617234][T12031] FAT-fs (loop4): Directory bread(block 67) failed [ 176.618975][T12031] FAT-fs (loop4): Directory bread(block 68) failed [ 176.620598][T12031] FAT-fs (loop4): Directory bread(block 69) failed [ 176.637599][T12031] FAT-fs (loop4): Directory bread(block 70) failed [ 176.639398][T12031] FAT-fs (loop4): Directory bread(block 71) failed [ 176.641146][T12031] FAT-fs (loop4): Directory bread(block 72) failed [ 176.680968][T12031] FAT-fs (loop4): Directory bread(block 73) failed [ 176.826134][T12049] loop5: detected capacity change from 0 to 8 [ 176.951273][T12053] loop3: detected capacity change from 0 to 2048 [ 176.973056][T12053] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 176.974279][ T27] audit: type=1400 audit(176.950:6): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=22 pid=12056 comm="syz.2.3400" [ 177.024718][T12061] kernel profiling enabled (shift: 63) [ 177.062426][T12061] profiling shift: 63 too large [ 177.526873][T12095] 9pnet_fd: Insufficient options for proto=fd [ 177.574089][T12101] kcapi: manufacturer command 3 unknown. [ 177.713830][T12109] loop2: detected capacity change from 0 to 512 [ 177.759306][T12109] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.3424: bad orphan inode 15 [ 177.766043][T12109] ext4_test_bit(bit=14, block=5) = 0 [ 177.788983][T12109] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 177.811457][T12113] xt_ipcomp: unknown flags 2 [ 177.866025][T12100] loop3: detected capacity change from 0 to 32768 [ 177.874942][T12109] EXT4-fs error (device loop2): __ext4_new_inode:1075: comm syz.2.3424: reserved inode found cleared - inode=1 [ 177.896197][T12100] JBD2: Ignoring recovery information on journal [ 177.966194][T12100] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 177.979774][ T4300] EXT4-fs (loop2): unmounting filesystem. [ 178.008616][T12100] OCFS2: ERROR (device loop3): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 178.008681][T12100] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 178.015158][T12100] OCFS2: File system is now read-only. [ 178.016520][T12100] (syz.3.3422,12100,1):ocfs2_calc_xattr_init:642 ERROR: status = -117 [ 178.049295][T12100] (syz.3.3422,12100,1):ocfs2_mknod:334 ERROR: status = -117 [ 178.056861][T12100] (syz.3.3422,12100,1):ocfs2_mknod:502 ERROR: status = -117 [ 178.092092][T12100] (syz.3.3422,12100,1):ocfs2_create:676 ERROR: status = -117 [ 178.099480][T12123] loop1: detected capacity change from 0 to 512 [ 178.130638][T12123] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 178.180791][ T4305] ocfs2: Unmounting device (7,3) on (node local) [ 178.258841][T12123] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 178.261184][T12123] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.3431: invalid indirect mapped block 2683928664 (level 1) [ 178.307159][T12123] EXT4-fs (loop1): Remounting filesystem read-only [ 178.309073][T12123] EXT4-fs (loop1): 1 truncate cleaned up [ 178.310498][T12123] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 178.338586][T12125] loop5: detected capacity change from 0 to 4096 [ 178.360441][T12122] loop2: detected capacity change from 0 to 32768 [ 178.363915][T12122] (syz.2.3430,12122,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 178.380049][T12122] (syz.2.3430,12122,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 178.403991][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 178.421633][T12122] JBD2: Ignoring recovery information on journal [ 178.428895][T12125] ntfs: volume version 3.1. [ 178.536635][T12125] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 178.543636][T12122] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 178.563410][T12125] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 178.569096][T12122] (syz.2.3430,12122,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 178.584854][T12125] ntfs: (device loop5): ntfs_cluster_alloc(): Failed to map page. [ 178.596295][T12125] ntfs: (device loop5): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 178.605045][T12125] ntfs: (device loop5): ntfs_truncate(): Cannot truncate inode 0x43, attribute type 0x80, because the conversion from resident to non-resident attribute failed with error code -5. [ 178.661359][ T4300] ocfs2: Unmounting device (7,2) on (node local) [ 178.721618][ T7769] ntfs: (device loop5): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 178.875158][T12144] netlink: 'syz.5.3440': attribute type 21 has an invalid length. [ 178.899017][T12144] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3440'. [ 179.100114][T12130] loop3: detected capacity change from 0 to 32768 [ 179.103807][T12158] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3447'. [ 179.123954][T12130] BTRFS info (device loop3): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 179.136788][T12130] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm [ 179.150751][T12130] BTRFS info (device loop3): enabling ssd optimizations [ 179.152637][T12130] BTRFS info (device loop3): turning off barriers [ 179.154315][T12130] BTRFS info (device loop3): use no compression [ 179.155909][T12130] BTRFS info (device loop3): using free space tree [ 179.400272][T12185] loop4: detected capacity change from 0 to 4096 [ 179.405106][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 179.422767][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 179.424604][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 179.426530][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 179.468375][ T4305] BTRFS info (device loop3): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 179.473815][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffc1c00 [ 179.476003][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffc2c00 [ 179.478239][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffc4c00 [ 179.480560][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffc8c00 [ 179.482473][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffd0c00 [ 179.485007][T12185] ntfs3: loop4: try to read out of volume at offset 0x3fffffe0c00 [ 179.706629][T12207] loop5: detected capacity change from 0 to 512 [ 179.722618][ T8159] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 9 /dev/loop3 scanned by udevd (8159) [ 179.764532][T12207] EXT4-fs: Ignoring removed mblk_io_submit option [ 179.793826][T12207] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 179.815473][T12207] EXT4-fs (loop5): 1 truncate cleaned up [ 179.816933][T12207] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 179.974449][ T7769] EXT4-fs (loop5): unmounting filesystem. [ 180.208576][T12242] netlink: 'syz.2.3478': attribute type 1 has an invalid length. [ 180.584747][T12272] libceph: resolve '0..' (ret=-3): failed [ 180.796776][T12286] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3499'. [ 180.939981][T12293] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3503'. [ 180.995636][T12294] loop3: detected capacity change from 0 to 2048 [ 181.044620][T12294] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 181.056863][T12299] netlink: 'syz.4.3506': attribute type 10 has an invalid length. [ 181.079582][T12299] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.081794][T12299] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.109894][T12299] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.111902][T12299] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.113851][T12299] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.115821][T12299] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.162542][T12299] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 181.744290][T12343] xt_CT: You must specify a L4 protocol and not use inversions on it [ 181.908472][T12352] SET target dimension over the limit! [ 181.911688][T12349] loop4: detected capacity change from 0 to 164 [ 182.223265][T12366] loop4: detected capacity change from 0 to 1024 [ 182.275005][T12366] Quota error (device loop4): do_check_range: Getting block 64 out of range 1-5 [ 182.299784][T12366] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 182.302498][T12366] EXT4-fs error (device loop4): ext4_acquire_dquot:6802: comm syz.4.3540: Failed to acquire dquot type 0 [ 182.327495][T12366] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 182.329816][T12367] loop3: detected capacity change from 0 to 8192 [ 182.372684][T12338] loop2: detected capacity change from 0 to 32768 [ 182.375075][T12367] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 182.375373][T12338] XFS: ikeep mount option is deprecated. [ 182.378728][T12367] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 182.380001][T12338] XFS: noikeep mount option is deprecated. [ 182.382190][T12367] REISERFS (device loop3): using ordered data mode [ 182.385100][T12367] reiserfs: using flush barriers [ 182.394315][T12366] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #13: comm syz.4.3540: corrupted inode contents [ 182.408774][T12367] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 182.413555][T12367] REISERFS (device loop3): checking transaction log (loop3) [ 182.416153][T12366] EXT4-fs error (device loop4): ext4_dirty_inode:6118: inode #13: comm syz.4.3540: mark_inode_dirty error [ 182.420376][T12366] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #13: comm syz.4.3540: corrupted inode contents [ 182.431905][T12382] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3545'. [ 182.440092][T12338] XFS (loop2): Mounting V5 Filesystem [ 182.442002][T12366] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #13: comm syz.4.3540: mark_inode_dirty error [ 182.461897][T12366] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #13: comm syz.4.3540: corrupted inode contents [ 182.495438][T12366] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 182.522169][T12366] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #13: comm syz.4.3540: corrupted inode contents [ 182.547430][T12366] EXT4-fs error (device loop4): ext4_truncate:4312: inode #13: comm syz.4.3540: mark_inode_dirty error [ 182.565871][T12338] XFS (loop2): Ending clean mount [ 182.568497][T12338] XFS (loop2): Quotacheck needed: Please wait. [ 182.575993][T12393] netlink: 'syz.1.3549': attribute type 21 has an invalid length. [ 182.578822][T12366] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 182.597702][T12393] netlink: 'syz.1.3549': attribute type 4 has an invalid length. [ 182.611176][T12366] EXT4-fs (loop4): 1 truncate cleaned up [ 182.612600][T12366] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 182.625381][T12338] XFS (loop2): Quotacheck: Done. [ 182.656042][T12366] Quota error (device loop4): do_check_range: Getting block 64 out of range 0-5 [ 182.724014][T12367] REISERFS (device loop3): Using tea hash to sort names [ 182.727718][ T4300] XFS (loop2): Unmounting Filesystem [ 182.740184][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 182.754719][T12367] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 182.776501][T12399] netlink: 'syz.5.3551': attribute type 1 has an invalid length. [ 182.778661][T12367] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 182.859288][T12404] loop5: detected capacity change from 0 to 8 [ 182.916448][T12404] SQUASHFS error: Failed to read block 0x2d7: -5 [ 182.918360][T12404] SQUASHFS error: Unable to read metadata cache entry [2d5] [ 182.996859][T12409] loop4: detected capacity change from 0 to 1024 [ 183.149703][ T144] hfsplus: b-tree write err: -5, ino 4 [ 183.277710][T12424] netlink: 3576 bytes leftover after parsing attributes in process `syz.2.3563'. [ 183.466079][T12437] netlink: 'syz.2.3569': attribute type 1 has an invalid length. [ 183.520039][T12433] loop3: detected capacity change from 0 to 4096 [ 183.523367][T12433] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 183.593105][T12433] ntfs3: loop3: failed to convert "c46c" to macceltic [ 183.870035][T12457] loop2: detected capacity change from 0 to 736 [ 184.004577][T12463] netlink: 216 bytes leftover after parsing attributes in process `syz.1.3582'. [ 184.473775][T12489] loop4: detected capacity change from 0 to 4096 [ 184.535052][T12489] ntfs: volume version 3.1. [ 184.577668][T12489] ntfs: (device loop4): ntfs_truncate(): Inode 0x43 has unknown attribute type 0x80. Aborting truncate. [ 184.732485][T12494] loop3: detected capacity change from 0 to 4096 [ 184.735120][T12494] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 184.742257][T12497] xt_CT: You must specify a L4 protocol and not use inversions on it [ 185.097243][T12491] loop5: detected capacity change from 0 to 32768 [ 185.099943][T12491] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 11 [ 185.126064][T12486] loop1: detected capacity change from 0 to 40427 [ 185.150938][T12486] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 185.153024][T12486] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 185.178212][T12486] F2FS-fs (loop1): invalid crc value [ 185.199189][T12486] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669) [ 185.264548][T12486] F2FS-fs (loop1): recover fsync data on readonly fs [ 185.275273][T12486] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30 [ 185.287847][T12486] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 185.337323][T12495] loop2: detected capacity change from 0 to 40427 [ 185.352087][T12495] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff [ 185.357639][T12495] F2FS-fs (loop2): invalid crc value [ 185.376354][T12495] F2FS-fs (loop2): Found nat_bits in checkpoint [ 185.417107][T12495] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 185.501830][T12508] loop5: detected capacity change from 0 to 256 [ 185.557774][T12508] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 186.220027][T12546] kAFS: No cell specified [ 186.279987][T12549] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3621'. [ 186.724859][T12578] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3634'. [ 186.872645][T12588] loop5: detected capacity change from 0 to 64 [ 187.145144][T12601] loop1: detected capacity change from 0 to 256 [ 187.147709][T12593] infiniband syz1: set active [ 187.155993][T12593] infiniband syz1: added bond_slave_0 [ 187.185847][T12601] FAT-fs (loop1): Directory bread(block 64) failed [ 187.191420][T12593] RDS/IB: syz1: added [ 187.192591][T12593] smc: adding ib device syz1 with port count 1 [ 187.194308][T12593] smc: ib device syz1 port 1 has pnetid [ 187.231075][T12601] FAT-fs (loop1): Directory bread(block 65) failed [ 187.232942][T12601] FAT-fs (loop1): Directory bread(block 66) failed [ 187.234634][T12601] FAT-fs (loop1): Directory bread(block 67) failed [ 187.236269][T12601] FAT-fs (loop1): Directory bread(block 68) failed [ 187.238532][T12601] FAT-fs (loop1): Directory bread(block 69) failed [ 187.240286][T12601] FAT-fs (loop1): Directory bread(block 70) failed [ 187.241860][T12601] FAT-fs (loop1): Directory bread(block 71) failed [ 187.243463][T12601] FAT-fs (loop1): Directory bread(block 72) failed [ 187.245085][T12601] FAT-fs (loop1): Directory bread(block 73) failed [ 187.369830][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.371646][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.754401][T12589] loop3: detected capacity change from 0 to 32768 [ 187.756602][T12589] XFS: attr2 mount option is deprecated. [ 187.758597][T12589] XFS: noikeep mount option is deprecated. [ 187.806322][T12589] XFS (loop3): Mounting V5 Filesystem [ 187.887279][T12635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3659'. [ 187.889515][T12635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3659'. [ 187.963300][T12640] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3661'. [ 188.003931][T12589] XFS (loop3): Ending clean mount [ 188.011054][T12589] XFS (loop3): Quotacheck needed: Please wait. [ 188.115107][T12589] XFS (loop3): Quotacheck: Done. [ 188.188797][ T4305] XFS (loop3): Unmounting Filesystem [ 188.370812][T12661] netlink: 616 bytes leftover after parsing attributes in process `syz.1.3672'. [ 188.418274][T12665] trusted_key: encrypted_key: keylen parameter is missing [ 188.775270][T12651] loop2: detected capacity change from 0 to 32768 [ 188.812562][T12651] jfs_strtoUCS: char2uni returned -22. [ 188.814003][T12651] charset = cp936, char = 0xd4 [ 189.088582][T12705] netlink: 'syz.5.3693': attribute type 21 has an invalid length. [ 189.090590][T12705] netlink: 128 bytes leftover after parsing attributes in process `syz.5.3693'. [ 189.092922][T12705] netlink: 'syz.5.3693': attribute type 5 has an invalid length. [ 189.116381][T12705] netlink: 3 bytes leftover after parsing attributes in process `syz.5.3693'. [ 189.367326][T12720] delete_channel: no stack [ 189.655435][T12743] loop2: detected capacity change from 0 to 256 [ 189.688529][T12743] FAT-fs (loop2): Directory bread(block 64) failed [ 189.690299][T12743] FAT-fs (loop2): Directory bread(block 65) failed [ 189.691970][T12743] FAT-fs (loop2): Directory bread(block 66) failed [ 189.693526][T12743] FAT-fs (loop2): Directory bread(block 67) failed [ 189.695169][T12743] FAT-fs (loop2): Directory bread(block 68) failed [ 189.714558][T12743] FAT-fs (loop2): Directory bread(block 69) failed [ 189.716380][T12743] FAT-fs (loop2): Directory bread(block 70) failed [ 189.732331][T12743] FAT-fs (loop2): Directory bread(block 71) failed [ 189.734092][T12743] FAT-fs (loop2): Directory bread(block 72) failed [ 189.765130][T12743] FAT-fs (loop2): Directory bread(block 73) failed [ 189.874264][T12753] netlink: 23 bytes leftover after parsing attributes in process `syz.5.3717'. [ 189.981704][T12727] loop4: detected capacity change from 0 to 32768 [ 190.014626][T12727] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11 [ 190.204639][T12773] loop3: detected capacity change from 0 to 512 [ 190.231667][T12773] EXT4-fs: Ignoring removed mblk_io_submit option [ 190.233279][T12773] EXT4-fs: inline encryption not supported [ 190.234686][T12773] EXT4-fs: Ignoring removed mblk_io_submit option [ 190.255171][T12773] EXT4-fs (loop3): Test dummy encryption mode enabled [ 190.283148][T12773] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 190.334753][T12773] EXT4-fs (loop3): 1 truncate cleaned up [ 190.336272][T12773] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 190.345971][T12773] EXT4-fs (loop3): unmounting filesystem. [ 190.591509][T12801] loop1: detected capacity change from 0 to 1024 [ 190.593745][T12801] EXT4-fs: Ignoring removed nobh option [ 190.595190][T12801] EXT4-fs: Ignoring removed bh option [ 190.673313][T12808] futex_wake_op: syz.4.3742 tries to shift op by -1; fix this program [ 190.683021][T12809] overlayfs: './file0' not a directory [ 190.699095][T12801] EXT4-fs: Mount option(s) incompatible with ext3 [ 190.755467][T12610] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 190.839679][T12819] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3748'. [ 190.945602][T12825] loop5: detected capacity change from 0 to 512 [ 190.953148][T12825] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 190.961206][T12825] EXT4-fs (loop5): can't mount with commit=4194313, fs mounted w/o journal [ 191.126023][T12837] loop3: detected capacity change from 0 to 8 [ 191.328099][T12847] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3761'. [ 191.426846][T12853] ip6t_REJECT: ECHOREPLY is not supported [ 191.535104][T12859] loop5: detected capacity change from 0 to 1764 [ 191.550989][T12801] loop1: detected capacity change from 0 to 40427 [ 191.568530][T12801] F2FS-fs (loop1): Unrecognized mount option "nobh" or missing value [ 191.569489][T12859] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 191.725318][T12867] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3773'. [ 191.995639][T12885] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3782'. [ 192.011408][T12885] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 192.099499][T12894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3785'. [ 192.281571][T12907] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3791'. [ 192.661785][T12929] IPv6: ADDRCONF(NETDEV_CHANGE): bridge3: link becomes ready [ 193.092287][T12957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3816'. [ 193.175644][T12919] loop1: detected capacity change from 0 to 32768 [ 193.182663][T12919] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.3798 (12919) [ 193.217197][T12919] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 193.220276][T12919] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 193.222839][T12919] BTRFS info (device loop1): using free space tree [ 193.426089][T12978] cgroup: name respecified [ 193.515035][T12983] loop5: detected capacity change from 0 to 1024 [ 193.557180][T12989] delete_channel: no stack [ 193.562517][T12919] BTRFS info (device loop1): enabling ssd optimizations [ 193.595715][T12996] netlink: 'syz.3.3828': attribute type 9 has an invalid length. [ 193.671514][ T4296] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 193.695769][ T36] hfsplus: b-tree write err: -5, ino 4 [ 193.775061][T13004] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3833'. [ 193.850499][T13007] netlink: 'syz.1.3830': attribute type 17 has an invalid length. [ 193.852646][T13007] netlink: 'syz.1.3830': attribute type 16 has an invalid length. [ 193.854543][T13007] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3830'. [ 194.366213][T13042] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3849'. [ 194.379727][T13042] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3849'. [ 194.396324][ T9058] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by udevd (9058) [ 194.487546][T13047] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 194.676656][T13057] loop2: detected capacity change from 0 to 1764 [ 194.773828][T13066] loop4: detected capacity change from 0 to 16 [ 194.870575][T13066] erofs: (device loop4): mounted with root inode @ nid 36. [ 194.940189][T13066] erofs: (device loop4): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 194.943365][T13066] syz.4.3861: attempt to access beyond end of device [ 194.943365][T13066] loop4: rw=524288, sector=7864328, nr_sectors = 8 limit=16 [ 194.946868][T13066] syz.4.3861: attempt to access beyond end of device [ 194.946868][T13066] loop4: rw=524288, sector=524296, nr_sectors = 8 limit=16 [ 194.992975][T13066] syz.4.3861: attempt to access beyond end of device [ 194.992975][T13066] loop4: rw=0, sector=7864328, nr_sectors = 8 limit=16 [ 195.168600][T13087] loop5: detected capacity change from 0 to 64 [ 195.358123][T13103] Cannot find add_set index 0 as target [ 195.775206][T13126] loop4: detected capacity change from 0 to 512 [ 195.777358][T13125] netlink: 'syz.3.3889': attribute type 30 has an invalid length. [ 195.858503][T13126] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 195.907424][T13098] loop2: detected capacity change from 0 to 32768 [ 195.916905][T13098] (syz.2.3876,13098,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 195.925345][T13098] (syz.2.3876,13098,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 195.979093][T13098] JBD2: Ignoring recovery information on journal [ 196.018691][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 196.038706][T13098] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 196.098595][T13098] [ 196.099274][T13098] ====================================================== [ 196.101076][T13098] WARNING: possible circular locking dependency detected [ 196.102910][T13098] 6.1.138-syzkaller #0 Not tainted [ 196.104287][T13098] ------------------------------------------------------ [ 196.106138][T13098] syz.2.3876/13098 is trying to acquire lock: [ 196.107719][T13098] ffff0000e22a3f60 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1a8/0x22c [ 196.110686][T13098] [ 196.110686][T13098] but task is already holding lock: [ 196.112716][T13098] ffff0000e22a42c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8){+.+.}-{3:3}, at: ocfs2_lock_global_qf+0x18c/0x22c [ 196.116047][T13098] [ 196.116047][T13098] which lock already depends on the new lock. [ 196.116047][T13098] [ 196.118768][T13098] [ 196.118768][T13098] the existing dependency chain (in reverse order) is: [ 196.121096][T13098] [ 196.121096][T13098] -> #6 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8){+.+.}-{3:3}: [ 196.124036][T13098] down_write+0x5c/0x88 [ 196.124891][T13098] ocfs2_lock_global_qf+0x18c/0x22c [ 196.126391][T13098] ocfs2_acquire_dquot+0x268/0xac4 [ 196.127830][T13098] dqget+0x654/0xccc [ 196.129020][T13098] dquot_set_dqblk+0x40/0xe50 [ 196.130391][T13098] quota_setquota+0x400/0x490 [ 196.131810][T13098] do_quotactl+0x65c/0x738 [ 196.133136][T13098] __arm64_sys_quotactl+0x2ac/0x730 [ 196.134680][T13098] invoke_syscall+0x98/0x2bc [ 196.136057][T13098] el0_svc_common+0x138/0x258 [ 196.137437][T13098] do_el0_svc+0x58/0x13c [ 196.138658][T13098] el0_svc+0x58/0x138 [ 196.139806][T13098] el0t_64_sync_handler+0x84/0xf0 [ 196.141274][T13098] el0t_64_sync+0x18c/0x190 [ 196.142649][T13098] [ 196.142649][T13098] -> #5 (&dquot->dq_lock){+.+.}-{3:3}: [ 196.144762][T13098] __mutex_lock_common+0x190/0x1f38 [ 196.146302][T13098] mutex_lock_nested+0x38/0x44 [ 196.147706][T13098] dquot_commit+0x50/0x1c4 [ 196.148991][T13098] ext4_write_dquot+0x1b4/0x31c [ 196.150475][T13098] ext4_mark_dquot_dirty+0xe8/0x140 [ 196.152026][T13098] mark_all_dquot_dirty+0x1f8/0x424 [ 196.153529][T13098] __dquot_free_space+0x744/0xa80 [ 196.154988][T13098] ext4_free_blocks+0x18c8/0x23cc [ 196.156397][T13098] ext4_ext_remove_space+0x1698/0x39c4 [ 196.157936][T13098] ext4_ext_truncate+0x164/0x20c [ 196.159343][T13098] ext4_truncate+0x9dc/0x1078 [ 196.160684][T13098] ext4_evict_inode+0xbf0/0x124c [ 196.162125][T13098] evict+0x3c8/0x810 [ 196.163235][T13098] iput+0x764/0x7f4 [ 196.164314][T13098] do_unlinkat+0x360/0x4e8 [ 196.165560][T13098] __arm64_sys_unlinkat+0xe0/0xfc [ 196.167016][T13098] invoke_syscall+0x98/0x2bc [ 196.168286][T13098] el0_svc_common+0x138/0x258 [ 196.169619][T13098] do_el0_svc+0x58/0x13c [ 196.170804][T13098] el0_svc+0x58/0x138 [ 196.171908][T13098] el0t_64_sync_handler+0x84/0xf0 [ 196.173365][T13098] el0t_64_sync+0x18c/0x190 [ 196.174787][T13098] [ 196.174787][T13098] -> #4 (&ei->i_data_sem){++++}-{3:3}: [ 196.176770][T13098] down_write+0x5c/0x88 [ 196.178007][T13098] ext4_truncate+0x7bc/0x1078 [ 196.179360][T13098] ext4_setattr+0xda8/0x150c [ 196.180749][T13098] notify_change+0xb0c/0xdcc [ 196.182074][T13098] do_truncate+0x178/0x1f0 [ 196.183397][T13098] do_sys_ftruncate+0x284/0x31c [ 196.184802][T13098] __arm64_sys_ftruncate+0x60/0x74 [ 196.186295][T13098] invoke_syscall+0x98/0x2bc [ 196.187635][T13098] el0_svc_common+0x138/0x258 [ 196.188979][T13098] do_el0_svc+0x58/0x13c [ 196.190197][T13098] el0_svc+0x58/0x138 [ 196.191344][T13098] el0t_64_sync_handler+0x84/0xf0 [ 196.192912][T13098] el0t_64_sync+0x18c/0x190 [ 196.194199][T13098] [ 196.194199][T13098] -> #3 (jbd2_handle){++++}-{0:0}: [ 196.196100][T13098] start_this_handle+0xfe0/0x122c [ 196.197571][T13098] jbd2__journal_start+0x288/0x51c [ 196.199023][T13098] jbd2_journal_start+0x3c/0x4c [ 196.200433][T13098] ocfs2_start_trans+0x380/0x6c4 [ 196.201943][T13098] ocfs2_mknod+0xc7c/0x1f18 [ 196.203241][T13098] vfs_mknod+0x3c4/0x44c [ 196.204479][T13098] do_mknodat+0x320/0x54c [ 196.205734][T13098] __arm64_sys_mknodat+0xb0/0xcc [ 196.207220][T13098] invoke_syscall+0x98/0x2bc [ 196.208613][T13098] el0_svc_common+0x138/0x258 [ 196.210051][T13098] do_el0_svc+0x58/0x13c [ 196.211288][T13098] el0_svc+0x58/0x138 [ 196.212504][T13098] el0t_64_sync_handler+0x84/0xf0 [ 196.213967][T13098] el0t_64_sync+0x18c/0x190 [ 196.215373][T13098] [ 196.215373][T13098] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 196.217646][T13098] down_read+0x64/0x304 [ 196.218896][T13098] ocfs2_start_trans+0x374/0x6c4 [ 196.220308][T13098] ocfs2_mknod+0xc7c/0x1f18 [ 196.221638][T13098] vfs_mknod+0x3c4/0x44c [ 196.222904][T13098] do_mknodat+0x320/0x54c [ 196.224162][T13098] __arm64_sys_mknodat+0xb0/0xcc [ 196.225614][T13098] invoke_syscall+0x98/0x2bc [ 196.226903][T13098] el0_svc_common+0x138/0x258 [ 196.228260][T13098] do_el0_svc+0x58/0x13c [ 196.229562][T13098] el0_svc+0x58/0x138 [ 196.230723][T13098] el0t_64_sync_handler+0x84/0xf0 [ 196.232275][T13098] el0t_64_sync+0x18c/0x190 [ 196.233695][T13098] [ 196.233695][T13098] -> #1 (sb_internal#3){.+.+}-{0:0}: [ 196.235604][T13098] ocfs2_start_trans+0x20c/0x6c4 [ 196.237037][T13098] ocfs2_write_info+0x114/0x324 [ 196.238405][T13098] dquot_set_dqinfo+0x370/0x5d8 [ 196.239828][T13098] quota_setinfo+0x2f8/0x380 [ 196.241161][T13098] do_quotactl+0x59c/0x738 [ 196.242511][T13098] __arm64_sys_quotactl+0x2ac/0x730 [ 196.243991][T13098] invoke_syscall+0x98/0x2bc [ 196.245299][T13098] el0_svc_common+0x138/0x258 [ 196.246666][T13098] do_el0_svc+0x58/0x13c [ 196.247956][T13098] el0_svc+0x58/0x138 [ 196.249110][T13098] el0t_64_sync_handler+0x84/0xf0 [ 196.250544][T13098] el0t_64_sync+0x18c/0x190 [ 196.251937][T13098] [ 196.251937][T13098] -> #0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}: [ 196.254260][T13098] __lock_acquire+0x293c/0x6544 [ 196.255778][T13098] lock_acquire+0x20c/0x644 [ 196.257091][T13098] down_write+0x5c/0x88 [ 196.258310][T13098] ocfs2_lock_global_qf+0x1a8/0x22c [ 196.259912][T13098] ocfs2_acquire_dquot+0x268/0xac4 [ 196.261460][T13098] dqget+0x654/0xccc [ 196.262646][T13098] dquot_set_dqblk+0x40/0xe50 [ 196.264064][T13098] quota_setquota+0x400/0x490 [ 196.265362][T13098] do_quotactl+0x65c/0x738 [ 196.266622][T13098] __arm64_sys_quotactl+0x2ac/0x730 [ 196.268041][T13098] invoke_syscall+0x98/0x2bc [ 196.269335][T13098] el0_svc_common+0x138/0x258 [ 196.270679][T13098] do_el0_svc+0x58/0x13c [ 196.271952][T13098] el0_svc+0x58/0x138 [ 196.273153][T13098] el0t_64_sync_handler+0x84/0xf0 [ 196.274617][T13098] el0t_64_sync+0x18c/0x190 [ 196.276004][T13098] [ 196.276004][T13098] other info that might help us debug this: [ 196.276004][T13098] [ 196.278695][T13098] Chain exists of: [ 196.278695][T13098] &ocfs2_quota_ip_alloc_sem_key --> &dquot->dq_lock --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8 [ 196.278695][T13098] [ 196.283254][T13098] Possible unsafe locking scenario: [ 196.283254][T13098] [ 196.285215][T13098] CPU0 CPU1 [ 196.286587][T13098] ---- ---- [ 196.287958][T13098] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8); [ 196.289871][T13098] lock(&dquot->dq_lock); [ 196.291776][T13098] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8); [ 196.294254][T13098] lock(&ocfs2_quota_ip_alloc_sem_key); [ 196.295726][T13098] [ 196.295726][T13098] *** DEADLOCK *** [ 196.295726][T13098] [ 196.297853][T13098] 3 locks held by syz.2.3876/13098: [ 196.299164][T13098] #0: ffff0000d4e660e0 (&type->s_umount_key#62){++++}-{3:3}, at: user_get_super+0x118/0x234 [ 196.301916][T13098] #1: ffff0000e22f20a8 (&dquot->dq_lock){+.+.}-{3:3}, at: ocfs2_acquire_dquot+0x25c/0xac4 [ 196.304528][T13098] #2: ffff0000e22a42c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8){+.+.}-{3:3}, at: ocfs2_lock_global_qf+0x18c/0x22c [ 196.308024][T13098] [ 196.308024][T13098] stack backtrace: [ 196.309509][T13098] CPU: 0 PID: 13098 Comm: syz.2.3876 Not tainted 6.1.138-syzkaller #0 [ 196.311639][T13098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 196.314264][T13098] Call trace: [ 196.315126][T13098] dump_backtrace+0x1c8/0x1f4 [ 196.316299][T13098] show_stack+0x2c/0x3c [ 196.317438][T13098] __dump_stack+0x30/0x40 [ 196.318643][T13098] dump_stack_lvl+0xf8/0x160 [ 196.319886][T13098] dump_stack+0x1c/0x5c [ 196.320963][T13098] print_circular_bug+0x148/0x1b0 [ 196.322324][T13098] check_noncircular+0x240/0x2d4 [ 196.323646][T13098] __lock_acquire+0x293c/0x6544 [ 196.324886][T13098] lock_acquire+0x20c/0x644 [ 196.326166][T13098] down_write+0x5c/0x88 [ 196.327240][T13098] ocfs2_lock_global_qf+0x1a8/0x22c [ 196.328659][T13098] ocfs2_acquire_dquot+0x268/0xac4 [ 196.329921][T13098] dqget+0x654/0xccc [ 196.330933][T13098] dquot_set_dqblk+0x40/0xe50 [ 196.332177][T13098] quota_setquota+0x400/0x490 [ 196.333435][T13098] do_quotactl+0x65c/0x738 [ 196.334649][T13098] __arm64_sys_quotactl+0x2ac/0x730 [ 196.336003][T13098] invoke_syscall+0x98/0x2bc [ 196.337181][T13098] el0_svc_common+0x138/0x258 [ 196.338467][T13098] do_el0_svc+0x58/0x13c [ 196.339522][T13098] el0_svc+0x58/0x138 [ 196.340615][T13098] el0t_64_sync_handler+0x84/0xf0 [ 196.341961][T13098] el0t_64_sync+0x18c/0x190 [ 196.343150][ C0] vkms_vblank_simulate: vblank timer overrun [ 196.379923][T13147] syz.5.3897 (13147): drop_caches: 0 [ 196.446468][ T4300] ocfs2: Unmounting device (7,2) on (node local)