last executing test programs: 2m30.175988215s ago: executing program 3 (id=1286): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x5) syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x819, &(0x7f0000000240)={[{@nossd_spread}, {@ref_verify}, {@space_cache}, {@notreelog}, {@noflushoncommit}, {@datacow}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x36, 0x35, 0x67, 0x35, 0x33, 0x70]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=") 2m28.009013553s ago: executing program 3 (id=1297): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, 0x0) 2m27.26272934s ago: executing program 3 (id=1300): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0x20104, 0x4, 0x1, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r0, 0x0, 0x0, 0x4}, 0x20) 2m26.686859987s ago: executing program 3 (id=1302): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000200)={[{@allow_utime}, {@gid}, {@errors_continue}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'cp861'}}, {}, {@gid}, {@discard}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@keep_last_dots}, {@keep_last_dots}]}, 0x1, 0x152d, &(0x7f00000034c0)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSXLLLVn/Z8Lf6dT5dy79j/OceX/Psx/rtfZa+93f+13W3jPzfddlSK3Gtas3JCL4t+CFf5IAIBYABgBAXgAIAKB8XPm4rP6cEpP+vYOwP9dDqVc6A3Ylcf2zN65/9sb1z964/tkb1z974/pnb1z/7I3rz1h2tnFqoWt4y74b3//Pzvjz/39IZpkxX60uc11XgJh/dAjXP3vj+v/PCv6Rnbj+2RvXP7uKvdIJsP8C/PrPDnL83R6uf/bG9WcsO7vS95+v9AaR/7LH4HDOC4X5T50/Y4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDH2H3DaX6YA4FL7SufFGGOMMcYYY4yxP4/PcaUzYIwxxhhjjDHG2P9/CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgP7ocHoAE8CA3hIWgED0NjeASawKPQFJpBc2gBLf+l8S9AD3gRekIvSILe0Adegr7QD/rDyzAAXoGB8CoMgtcgGQbDEHgdhsIbMAzehOEwAkbCWzAK3obRMAbGwjhIgfEwAd6BifAuTIL3YDJMgVSYCtPgfZgOM2AmfACz4EOYDXNgLsyDNPgI5sMCSIePYSF8AhmwCBbDElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW2ArbYDt8CjvgM9gJu2A3fA574It/cvypvxnfFQEBBQpUqDAGYzAWYzEX5sLcmBvzYB6MYATjMA7zYT7Mj/mxIBbEeIzHIlgEDRokJCyKRTGKUSyOxbEElsBSWAodOkzABCyLN2E5LIflsTxWwApYESthJayCVbAqVsVqWA2rY3WsgTWwFtbCu/Au7I11sS7Ww3pYH+tfuj2FDbEhNsJG2BgbYxNsgk2xKTbH5tgSW2IrbIWtsTW2xbbYDtthe2yPiZiIHbADdsSO2Ak7YWfsjF2wC3bFbtgt84UcgC/ii9gLa4je2Af7YF9MztEfX8aX8RUciK/iq/gaJuNgHIKv4+v4Bg7DkzgcR+BIHIlVxds4GscgiXGYgik4ASfgRJyIWYm+h1MwFafiNJyG03EGzsAPcBZ+iB/iHJyD8zAN03A+LsB0TMeFeAozcBEuxiW4FJfhUlyBK3EFrsY1uBrX4TrcgBtwE27CLbgFt+E2/BQVAH6Gu3AXJuMe3IN7cS/uw324H/djJmbiATyAB/EgHsJDeBgP4xE8isfwKJ7AE3gST+FpPI1n8Syew+fiv2n0aclVySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBP5RD6RX+QXBUVBES/iRRFRRBhhBIkwBgBEVERFcVFclBAlRClRSjjhRIJIEGVFWVFOlBPlxS2igrhVVBSVRBtXRVQRVUVbV03cIaqL6qKGqClqidqitqgj6oi6oq6oJ+qJ+qK+uF88IBqI3tgfHxJZlWksBmMTMQSbimZCXnwHayWGYWvRRrQVT4gROBzbi1YuUTwtOojR2FH8RYzBZ0VnMQ67iOdFV9FNdBcviB6itespeolJ2Fv0EVOwr+gn+ouXxXSsKT7AWTlriddEshgshojXxTx8QwwTb4rhYoQYKd4So8TbYrQYI8aKcSJFjBcTxDtionhXTBLvicliikgVU8U08b6YLmaImeIDMUt8KGaLOWKumCfSxEdivlgg0sXHYqH4RGSIRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is4iFrWKb2C4+FTvEZ2Kn2CV2i8/FHvGF2Cu+FPvEV2K/+Fpkim/EAfGtOCi+E4fE9+Kw+EEcEUfFMXFcnBA/ipPilDgtzoiz4idxTvwszgsvQKIUUkolAxkjc8hYmVPmklfJ3DK4+OheI+PktTKfvE7mlwVkQVlIxsvCsojU0kgrSYayqCwmo/J6WVzeIEvIkrKULC2dLCMT5I2yrLxJlpM3y/LyFllB3iorykqysqwib5NV5e0SIheOUUPWlLVkbXmXTIK7ZV15j6wn75X15X3yfvmAbCAflA3lQ7KRfFg2lo/IJvJR2VQ2k81lC9lSPiZbycdla9lGtpVPyHbySdlePiUT5dOyg/QXnyLPys7yOdlFPi+7ym6yu/xZnpde9pS9JPQG2Ue+JPvKfrJ/LADIV+RA+aocJF+TyXKwHCJfl0PlG3KYfFMOlyPkSPmWHCXflqPlGDlWjpMpcrycIN+RE+W7cpJ8T06WU2SqnCr7ywG/zDRTyj8c/87vjB/0y9E3yI1yk9wst8itcpvcLj+VO+QOuVPulLvlbrlH7pF75V65T+6T++V+mSkz5QF5QB6UB+UheUgeloflEXlUnpHH5Qn5ozwpT8lT8ow8K8/KcxcfA1CohJJKqUDFqBwqVuVUudRVKre6WuVReVVEXaPi1LUqn7pO5VcFVEFVSMWrwqqI0sooq0iFqqgqpqLqerz4hFGlVGnlVBmVoG78Z8ar4uoGVUKV/NX4S/kl/Z38WqqWqpVqpVqr1qqtaqvaqXaqvWqvElWi6qA6qI6qo+qkOqnOqrPqorqorqqr6q66qx6qh+qpeqoklaT6qJdUX9VP9VcvqwHqFTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUydUCfUSXVSnVan1Vl1Vp1T59R5dT5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuC6IH9QICgYFArig8JBkUAHJrCBuFj0aHB9UDy4ISgRlAxKBaUDF5QJEoIbg7LBTUG54OagfHBLUCG4NagYVAoqB1WC24Kqwe1BteCOoHpwZ1AjqBnUCmoHdwV1gruDusE9Qb3g3qB+cF9wf/BA0CB4MGgYPBQ0Ch4OGgePBE2CR4OmQbOgedAiaPmnzu/9yQKPu566l07SvXUf/ZLuq/vp/vplPUC/ogfqV/Ug/ZpO1oP1EP26Hqrf0MP0m3q4HqFH6rf0KP22Hq3H6LF6nE7R4/UE/Y6eqN/Vk/R7erKeolP1VD1Nv6+n6xl6pv5Az9If6tl6jp6r5+k0/ZGerxfodP2xXqg/0Rl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1Tv0Z3qn3qV368/1Hv2F3qu/1Pv0V3q//lpn6m/0Af2tPqi/04f09/qw/kEf0Uf1MX1cn9A/6pP6lD6tz+iz+id9Tv+sz2uftbjP+ng3yigTY2JMrIk1uUwuk9vkNnlMHhMxERNn4kw+k8/kN/lNQVPQxJt4U8QUMVnIkClqipqoiZriprgpYUqYUqaUccaZBJNgypqyppwpZ8qb8qaCqWAqmoqmsqlsbjO3mdvN7eYOc4e509xpapqaprapbeqYOqauqWvqmXqmvqlv7jf3mwamgWloGppGppFpbBqbJqaJaWqamuamuWlpWppWppVpbVqbtqataWfamfamvUk0iaaD6WA6mo6mk+lkOpvOpovpYrqarqa76W56mB6mp+lpkkyS6WP6mL6mr+lv+psBZoAZaAaaQWaQSTbJZogZYoaaoWaYGWaGmxFmZNZC1bxtRpsxZqwZZ1JMiplgJpiJZqKZZCaZyWaySTWpZpqZZqab6WammWlmmVlmtplt5pq5Js2kmflmvkk36WahWWgyTIZZbBabpWapWW6Wm5VmpVltVpu1sNasN+vNRrPRbDabzVaz1Ww3280Os8PsNDvNbrPb7DF7zF6z1+wz+8x+s99kmkxzwBwwB81Bc8gcMofNYXPEHDHHzDFzwpwwJ81Jc9qcNmdNgYufl97E2pw2l73K5rZX2zw2r/3buKAtZONtYVvEapvfFvhVbKy1JWxJW8qWts6WsQn2xt/EFW0lW9lWsbfZqvZ2W+03cR17t61r77H17L22tr3rV3F9e5/NWp00QASwzWwj28I2to/YJvZR29Q2s81tC9vOPmnb26dson3adrDP/CaebxfYlXaVXW3X2J12lz1tz9iD9jt71v5ke9pedoB9xQ60r9pB9jWbbAf/Jh5p37Kj7Nt2tB1jx9pxv4kn2yk21U610+z7drqd8Zs4zX5kZ9l0O9vOsXPtvF/irJzS7cd2of3EZtgAFtsldqldZpfbFZdy9XntOrvebrA77Gd2s91it9ptdvulhbDdZXfbz+0e+4U9YL+1++xXdr89ZDPtN7/EWed3yH5vD9sf7BF71B6zx+0J+6O6NDrr3I/bn+156y0QEpAkRQHFUA6KpZyUi66i3HQ15aG8FKFrKI6upXx0HeWnAlSQClE8FaYipMmQJaKQilIxitL1dCm9UlSaHJWhBLqRytJNVI5upvJ0C1WgW6kiVaLKVIVuo6p0O1WjO6g63Uk1qCbVotp0F9Whu6ku3UP16F6qT/fR/fQANaAHqSE9RI3oYWpMj1ATepSaUjNqTi2oJT1Grehxak1tqC09Qe3oSWpPT1EiPU0d6BnqSH+hTvQsdabnqAs9T12pG3WnF6gHvUg9qRclUW/qQy9RX+pH/ellGkCv0EB6lQbRa5RMg2kIvU5D6Q0aRm/ScBpBI+ktGkVv02gaQ2NpHKXQeJpA79BEepcm0Xs0maZQKk2lafQ+TacZNJM+oFn0Ic2mOTSX5lEafUTzaQGl08e0kD6hDFpEi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6lHfQZ7aRdtJs+pz30BSF9SfvoK9pPX1MmfUMH6Fs6SN/RIfre96If6AgdpWN0nE7Qj3SSTtFpOkNn6Sc6Rz/TefIEIYYilKEKgzAmzBHGhjnDXOFVYe7w6jBPmDeMhNeEceG1Yb7wujB/WCAsGBYK48PCYZFQhya0IYVhWDQsFkbD68Pi4Q1hibBkWCosHbqwTJgQ3hiWDW8Ky4U3h+XDW8IK4a1hxbBS+Mi9VcLbwqrh7WG18I6wenhnWCOsGdYKa4d3hXXCu8O64T1hvfDesFx4X3h/+EDYIHwwbBg+FDYKHw4bh4+ETcJHw6Zhs7B52CJsGT4WtgofD1uHbcK24RNhu/DJsH34VJgYPh12CJ/5pf++BX+/PynsHfYJXwpfCr2/R86NzoumRT+Kzo8uiKZHP44ujH4SzYguii6OLokujS6LLo+uiK6Mroqujq6Jro2ui66Pboh6XzsHOHTCSadc4GJcDhfrcrpc7iqX213t8ri8LuKucXHuWpfPXefyuwKuoCvk4l1hV8RpZ5x15EJX1BVzUXe9K+5ucCVcSVfKlXbOlXEJroVr6Vq6Vu5x19q1cW3dE+4J96R70j3lnnJPuw7uGdfR/cV1cs+6zu4595x73nV13Vx394Lr4cbnufCaTHJ9XB/X1/V1/V1/N8ANcAPdQDfIDXLJLtkNcUPcUDfUDXPD3HA33I10I90oN8qNdqPdWDfWpbgUN8FNcBPdRDfJTXKT3WSX6lLdNDfNTXfTXdUZF44y2812c91cl+bS3HyXtWZMdwvdQpfhMtxit9gtdUvdcrfcrXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9xOn/fCpG6P2+v2un1un9vvvnaZ7ht3wH3rDrrv3CH3vTvsfnBH3FF3zB13J9yP7qQ75U67M+6s+8mdcz+78867lMj4yITIO5GJkXcjkyLvRSZHpkRSI1Mj0yLvR6ZHZkRmRj6IzIp8GJkdmROZG5kXSYt8FJkfWRBJj3wcWRj5JJIRWRRZHFkSWRpZFvG+8ObQF/XFfNRf74v7G3wJX9KX8qW982V8gr/Rl/U3+XL+Zl/e3+Ir+Ft9RV/JV/aP+qa+mW/uW/iW/jHfyj/uW/s2vq1/wrfzT/r2/imf6J/2HfwzvqP/i+/kn/Wd/XO+i3/ed/XdfHf/gu/hX/Q9fS+f5Hv7Pv4l39f38/39y36Af8UP9K/6Qf41n+wH+yH+dT/Uv+GH+Tf9cD/Cj4x5y4+6dIkM43yKH+8n+Hf8RP+un+Tf85P9FJ/qp/pp/n0/3c/wM/0Hfpb/0M/2c/xcP8+n+Y/8fL/Ap/uP/UL/ic/wiy7dVPbL/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1W/z2/2nfof/zO/0u/xu/7nf47/we/2Xfp//yu/3X/tM/40/4L/1B/13/pD/3h/2P/gj/qg/5o/7E/5Hf9Kf8qf9GX/W/+TP+Z/9ef6bNcYYY4yxf8j4y03x654Lt/N7/84Y8Vc79wGAq7cUyvzr/qwV5dr8F9r9RHy7CAA83avLQ5e2GjWSkpIu7pshISg2B+DST4KyxMDleBG0hSchEdpA2d/Nv5/odpb+YP7oLQC5/mpMLFyOL8//JQAm/c78jz0xcn6F8HTc/2P+OQAlil0ekxMux4ug7S/3V9pAub+Tf4FWf5B/zq9SAFr/1ZjccDm+nH8CPA7PQOKv9mSMMcYYY4wxxi7oJyp3unT9eek3Pn/v+jxeXR6TAy7Hf3R9zhhjjDHGGGOMsSvv2W7dn3osMbFNp3++Ue2P91H/2sy/NJrAv5oYN/6lhvcA/7dwAPBvTgiQ1ZD/ybPY9B85VvLFl87fdi094wP47yjln9G4wm9MjDHGGGOMsT/d5UX/r/9fXamEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxbOjf/Y43+Ae+pe9KnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2pf2fAAAA//+Bqfni") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 2m25.692336632s ago: executing program 3 (id=1306): capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) r0 = syz_open_dev$sg(&(0x7f00000000c0), 0xf9ba, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000002c0)={0x0, 0x405, 0x4}) 2m24.69933119s ago: executing program 3 (id=1312): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000001a0001000000000000000000020020000000b8"], 0x2c}}, 0x0) 2m22.384698298s ago: executing program 32 (id=1312): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000001a0001000000000000000000020020000000b8"], 0x2c}}, 0x0) 6.654375288s ago: executing program 2 (id=2070): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x1008002, &(0x7f0000000d00)={[{@grpjquota}]}, 0x3, 0x5ee, &(0x7f00000012c0)="$eJzs3c1vVFUbAPDnTj9oKXk7kDcqLqSJMZAoLS1gGuMCtoY0+BE3urDSgkiBhtZo0YSS4MbEuDHGxJUL8b9QIltWunLhxpUhIWpYmjjmztxbOu1Mv2jnEu7vlwxz7zlze86lfeace+acOwGU1lD6TyVif0TMJhGDyeJSXndkmUON193/+5Mz6SOJWu31P5NIsrT89Un2PJAd3BcRP/+UxL6u1eXOLVy9MDkzM30l2x+Zvzg7Mrdw9fD5i5Pnps9NXxp7cWz8+LHj46NHtnRe11qknbrx/oeDn0289d03/ySj3/82kcSJeCV74fLz2C5DMVT/P0lWZw2Mb3dhBenK/k5qtVotT0u6i60TG5f//noi4skYjK548MsbjE9fLbRywI6qJY33bqCMEvEPJZX3A/Jr+5XXwZVCeiVAJ9w72RgAWB3/3Y2xweirjw3svp/E8mGdJCK2NjLXbE9E3Lk9cePs7YkbsUPjcEBri9cj4qlW8Z/U478afVGtx3+lKf7TfsHp7DlNf22L5a8cKhb/0DmN+O9bM/6jTfy/kz5fa8Twu1ssv/pg873+pvjv3+opAQAAAAAAQGndOhkRL7T6/L+yNP8nWsz/GYiIE9tQ/tCK/dWf/1fubkMxQAv3Tka83HL+byWf/VvtWraEtRo9ydnzM9NHIuJ/EXEoenal+6NrlHH4831ft8sbyub/5Y+0/DvZXMCsHne7dzUfMzU5P/kQpwxk7l2PeLrl/N9kqf1PWrT/6TvD7AbL2PfczdPt8taPf2Cn1L6NONiy/X9w14pk7ftzjNT7AyN5r2C1Zz7+4od25W81/t1iAh5e2v7vXjv+q8ny+/XMbb6MowvdtXZ5W+3/9yZv1O8q1JulfTQ5P39lNKI3OdWVpjalj22+zvA4yuMhj5c0/g89u/b4X6v+f39ELK742clfzWuKc0/8O/B7u/ro/0Nx0vif2lT7v/mNsZvVH9uVv7H2/1i9rT+UpRj/g4av8jDtbU5vEY7drbI6XV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBxUImJPJJXhpe1KZXg4YiAi/h+7KzOX5+afP3v5g0tTaV79+/8r+Tf9Djb2k/z7/6vL9sdW7B+NiL0R8WVXf31/+MzlmamiTx4AAAAAAAAAAAAAAAAAAAAeEQNt1v+n/ugqunbAjusuugJAYVrE/y9F1APoPO0/lJf4h/IS/1Be4h/KS/xDea0d/2+Pd6wiQMdp/6G8xD8AAAAAADxW9h649WsSEYsv9dcfqd4sr6fQmgE7rVJ0BYDCuMUPlJepP1BervGBZJ38vrYHrXfkWmbPPMTBAAAAAAAAAAAAAFA6B/db/w9lZf0/lJf1/1Be+fr/AwXXA+g81/hArLOSv+X6/3WPAgAAAAAAAAAAAAC209zC1QuTMzPTV2y8+WhUo5MbtVrtWvpX8KjUZ/s3kmyGekcKzafCd/5Mezdygvlav4395OLekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGb/BQAA//8wviV5") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x11) quotactl_fd$Q_GETFMT(r0, 0xffffffff80000401, 0x0, &(0x7f0000000180)) 5.494753034s ago: executing program 2 (id=2074): rt_sigaction(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000380)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') lseek(r0, 0x9, 0x0) 5.264780401s ago: executing program 5 (id=2076): syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000e00)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0093d84f10fc3e1ec648b776cb7f8081d09ad0cc63a23840b824f920b21981285520a35f491e6934193661e8f46d"], 0x1, 0xd99, &(0x7f0000000e80)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff) ioctl$FITRIM(r0, 0x40086e8b, &(0x7f00000000c0)={0x200000, 0xfffffffffffffff7, 0x1}) 4.371746277s ago: executing program 0 (id=2077): write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, {0x0, 0x0, &(0x7f0000000140)=""/237, 0x2, 0x2}}, 0x48) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001f0001170000000000000000010100800c0001"], 0x114}], 0x1}, 0x0) 4.253589431s ago: executing program 1 (id=2078): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x22000402, &(0x7f0000000a40)={[{@dioread_lock}, {@noblock_validity}, {@noinit_itable}, {@discard}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@mb_optimize_scan}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x85, 0x4e6, &(0x7f00000001c0)="$eJzs3M1rHOUfAPDv7Oatr0n7Kz/ti3a1isFq0qRVe/CgotCLIuihHmMaS23aShvBlmKjSD2Kf0H1KAievHhSEFEvKl71LoUiuTR6kJXZndnsJptkN2kSm/18YHafZ+aZeeY7M8/uzDw7G0DHKqUvScT2iPgtIvqr2cYCperb7MzV8b9mro4nUS6/8mdSKXd75up4XjSfb1uWGSxEFD5IYn+Tei9dvnJ2bHJy4mKWH54699bwpctXHj9zbuz0xOmJ86PHjx87OvLUk6NPtBTHtWWmp3Hd3vfuhQN7T7z28Yvj5Xj9h8/T9d2eTa+Po2qgpXqXUopSlDNzY3sqrw+veun/LTvq0knXBq4IbSlGRLq7uivtvz+KMbfz+uOF92uZbzdoBYE1k3437Vowtpi9F2rfX8BmlGjj0KHyb/z0+jcf1vP8Y6PdejZ9najEP5sNP71U3TaF9Fp2oHrFXpw3X0/2/v8my+xLy1dnKPcvU//2iDg5/feNdIim9yGWkLRcEgCg5uv0/OexZud/hYZzm51ZH8pARByOiN0R8b+I2BOFWpl7IuLeNusvzcsvPP/5ZUubi2xLev73dNa3lQ/VKXlcSS23oxJ/d/LGmcmJI9k2GYzu3jQ/skQd3zz/60eLTSvVnf+lQ1p/fi6YrcfNrr7GeU6NTY2tIuQGt96L2NfVLP6k1hOQboG9EbFvBctPt9mZRz87kKZ3bls4ffn4F5FkHRerVP404pHq/p+OefHXVZXWtFj/5HBfTE4cGc6PioV+/Pn6y/X57rp0Q/x9rcXUt9Jgm0j3/9Z5x391+Vn8eTOY11873UYd13//cNFrmob4i3FjdiaJkw0LL9zs6o2ILXObLT3+e5JXK+n8OuydsampiyMRPdmIhvGjc0vL83n5NP7BQ83b/+6Ifz7J5tsfEelBfF9E3B8RB7N1fyAiHoyIQ0vE//1zD7259BZawfF/h6Txn2r6+Vc7/geS+v76FSSKZ7/7arH6W/r86z1WSQ1mY1r5/Gt1BVez7QAAAOBuUaj0QSeFoTxdd3NqT2wtTF64NHW4FG+fP1Xtqx6I7kJ+p6u/7n7oSHZvOM+PpumeufzRiNhV+aXRlkp+aPzC5I6NDByoPKuTt//ebNzQUPX9j/k/egE2n7b60ep/dPbFl3d+ZYB15XlN6FzaP3Qu7R86l/YPnatZ+78WMbsBqwKss9a+/8seN4dNyPk/dC7tHzqX9g8daeEj8fnfrazkSf+5xO4Tq5p9zRPl/jVZ8nT7cxXXKNKo+9OOxQsnEbGyKqKwdJmeuHylb532af7QSstzFZYt88xym6V7Vf+JkSYOZoneiGh1rmst7NM7d/ykErf9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9q/AQAA//9CaeBU") r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 4.245608237s ago: executing program 4 (id=2079): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x5, @dev={0xfe, 0x80, '\x00', 0x2c}, 0x7}, 0x1c) listen(r0, 0x3) 4.233739367s ago: executing program 2 (id=2080): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f00000000c0)=ANY=[], 0x1, 0x1513, &(0x7f0000002d00)="$eJzs3Au4TlW3OPAx5pxLm9Cb5D7HHIs3uUySJJeERJIkSZJbQpIkSUhscktCEnJPcg/JLST3+y33kHySJAkJSeb/0df3d77Td0595+sc5zl7/J5nPXuOvd4x1lh77Od911rPs/c37QdWrlulYm1mhn8J/vVLKgCkAEAfALgGACIAKJGlRBbAIZBeY+q/dhDx53poypXuQFxJMv+0Teaftsn80zaZf9om80/bZP5pm8w/bZP5C5GWbZma81rZ0u72P/f8H+T5//868vn/f8jhIqO+WFfk+g7/RIrMP22T+adtMv+0Teaftsn80zaZ//9xEUCF/2S3zD9tk/kLkZZd6efPsl3Z7Ur//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPxtfaX7EkIIIYQQQgghxJ8nXHWlOxBCCCGEEEIIIcR/PwQFGgxEkA6ughRIDxngasgImSAzXAMJuBaywHWQFa6HbJAdckBOyAW5IQ9YIHDAEENeyAdJuAHyw41QAApCISgMHopAUbgJisHNUBxugRJwK5SE26AUlIYyUBZuh3JwB5SHClAR7oRKcBdUhipwN1SFe6Aa3AvV4T6oAfdDTXgAasGDUBsegjrwMNSFR6AePAr1oQE0hEbQ+L+U/yJ0hpegC3SFVOgG3eFl6AE9oRf0hj7wCvSFV6EfvAb9YQAMhNdhELwBg+FNGAJDYRi8BcNhBIyEUTAaxsBYeBvGwTswHt6FCTARJsFkmAJTYRq8B9NhBsyE92EWfACzYQ7MhXkwHz6EBbAQFsFHsBg+hiWwFJbBclgBK2EVrIY1sBbWwXrYABthE2yGLfAJbIVtsB12wE7YBbvhU9gDe2EffAb74fN/Mv/sv8vvgICAChUaNJgO02EKpmAGzIAZMSNmxsyYwARmwSyYFbNiNsyGOTAH5sJcmAfzICEhI2NezItJTGJ+zI8FsAAWwkLo0WNRLIrF8GYsjsWxBJbAklgSS2FpLI1lsSyWw3JYHstjRayIlbASVsbKeDfejfdgNayG1REBoAbWxJpYC2thbayNdbAO1sW6WA/rYX2sjw2xITbGxtgEm2BTbIrNsTm2wBbYEltiK2yFrbE1tsE22BbbYjtsh+2xPXbAjtgRX8QX8SV8CbtiJdUNu2N37IE9sBf2xt74CvbFV/FVfA374wAciK/j6/gGDsYzOASH4jAchuXUCByJo5DVGByLY3EcjsPxOB4n4ESciJNxCk7FaTgNp+MMnIHv4yz8AD/AOTgH5+F8nI8LcCEuwkW4GM/iElyKy3A5rsCVuAJX4xpcjetwPa7DjbgRN+Nm/AQ/wW24DXfgDtyFu/BT/BT34l7sj/txPx7AA3gQD+IhPISH8TAewSN4FI/iMTyGx/E4nsCTeApP4mk8jWfwLJ7Dc3gez+MFfD7XV3V2FVzbH9QlRhmVTqVTKSpFZVAZVEaVUWVWmVVCJVQWlUVlVVlVNpVN5VA5VC6VS+VReRQpUqxilVflVUmVVPlVflVAFVCFVCHllVdFVVFVTBVTxVVxVULdqkqq21QpVVo182VVWVVONfflVQVVUVVUldRdqrKqoqqoqqqqqqaqqeqquqqhaqia6gFVS3XDXviQujSZumoA1lMDsb5qoBqqRuoNfEw1UYOxqWqmmqsn1FAcgi1VE99KPa1aq5HYRj2rRuFzqp0ag+3VC6qD6qg6qRdVZ9XUd0n361ugmow9VE/VS/VWmeAudWlildVrqr8aoAaq19U8fEMNVm+qIWqoGqbeUsPVCDVSjVKj1Rg1Vr2txql31Hj1rpqgJqpJarKaoqaqaeo9NV3NUDPV+2qW+kDNVnPUXDVPzVcfqgVqoVqkPlKL1cdqiVqqlqnlaoVaqVap1WqNWqvWqfVqg9qoNqnNaov6RG1V29R2tUPtVLvUbvWp2qP2qn3qM7Vffa4OqL+og+oLdUh9qQ6rr9QR9bU6qr5Rx9S36rj6Tp1QJ9Up9b06rX5QZ9RZdU79qM6rn9QF9bO6qIICjVpprY2OdDp9lU7R6XUGfbXOqDPpzPoandDX6iz6Op1VX6+z6ew6h86pc+ncOo+2mrTTrGOdV+fTSX2Dzq9v1AV0QV1IF9ZeF9FF9U26mL5ZF9e36BL6Vl1S36ZL6dK6jC6rb9fl9B26vK6gK+o7dSV9l66sq+i7dVV9j66m79XV9X26hr5f19QP6Fr6QV1bP6Tr6Id1Xf2Irqcf1fV1A91QN9KN9WO6iX5cN9XNdHP9hG6hn9Qt9VO6lX5at9bP6Db6Wd1WP6fb6ed1e/2C7qA76k76Z31RB91Fd9Wpupvurl/WPXRP3Uv31n30K7qvflX306/p/nqAHqhf14P0G3qwflMP0UP1MP2WHq5H6JF6lB6tx+ix+m09Tr+jx+t39QQ9UU/Sk/UUPVX3+rXSzD+Q/84/yO/3y9E36y36E71Vb9Pb9Q69U+/Su/VuvUfv0fv0Pr1f79cH9AF9UB/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/RJ/aP+Xp/WP+gz+qw+q3/U5/V5feHXnwEYNMpoY0xk0pmrTIpJbzKYq01Gk8lkNteYhLnWZDHXmazmepPNZDc5TE6Ty+Q2eYw1ZJxhE5u8Jp9JmhtMfnOjKWAKmkKmsPGmiClqbvqX83+vv8amsWlimpimpqlpbpqbFqaFaWlamlamlWltWps2po1pa9qadqadaW/amw6mg+lkOpnOprPpYrqYVJNqupuXTQ/T0/QyvU0f84rpa/qafqaf6W/6m4FmoBlkBpnBZrAZYoaYYWaYGW6Gm5FmpBltRpuxZqwZZ8aZ8Wa8mWAmmElmkplipphpZpqZbqabmWammWVmmdlmtplr5pr5Zr5ZYBaYRWaRWWwWmyVmqVlqlpvlZqVZaVab1WatWWvWm/Vmo9lolpgtZovZaraa7Wa72Wl2mt1mt9lj9ph9Zp/Zb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6OmxPmhDllTpnT5rQ5Y86Yc+acOW/OmwvmgrloLl667ItUpCITmShdlC5KiVKiDFGGKGOUMcocZY4SUSLKEmWJskbXR9mi7FGOKGeUK8odpYKNKHIRR3GUN8oXJaMbovzRjVGBqGBUKCoc+ahIVDS6KSoW3RwVj26JSkS3RiWj26JSUemoTFQ2uj0qF90RlY8qRBWjO6NK0V1R5ahKdHdUNbonqhbdG1WP7otqRPdHNaMHolrRg1Ht6KGoTvRwVDd6JKoXPRrVjxpEDaNGUeM/tX4IZ7I/7rvYrjbVdrPd7cu2h+1pe9neto99xfa1r9p+9jXb3w6wA+3rdpB9ww62b9ohdqgdZt+yw+0IO9KOsqPtGDvWvm3H2XfsePuunWAn2kl2sp1ip9pp9j073c6wM+37dpb9wM62c+xcO8/Otx/aBXahXWQ/sovtx3aJXWqX2eV2hV1pV9nVdo1da9fZ9XaD3Wg32c12i/3EbrXb7Ha7w+60u+xu+6ndY/faffYzu99+bg/Yv9iD9gt7yH5pD9uv7BH7tT1qv7HH7Lf2uP3OnrAn7Sn7vT1tf7Bn7Fl7zv5oz9uf7AX7s71ow6WL+0sf72TIUDpKRymUQhkoA2WkjJSZMlOCEpSFslBWykrZKBvloByUi3JRHspDlzAx5aW8lKQk5af8VIAKUCEqRJ48FaWiVIyKUXEqTiWoBJWkklSKSlEZKkO30+10B91BFagC3Ul30l10F1WhKlSVqlI1qkbVqTrVoBpUk2pSLapFtak21aE6VJfqUj2qR/WpPjWkhtSYGlMTakJNqSk1p+bUglpQS2pJragVtabW1IbaUFtqS+2oHbWn9tSBOlAn6kSdqTN1oS6USqnUnbpTD+pBvagX9aE+1Jf6Uj/qR/2pPw2kgTSIBtFgGkxDaCgNo7doOI2gkTSKRtMYGktjaRyNo/E0nibQBJpEk2gKTaFpNI2m03SaSTNpFs2i2TSb5tJcmk/zaQEtoEW0iBbTYlpCS2gZLaMVtIJW0SpaQ2toHa2jDbSBNtEm2kJbaCttpe20nXbSTtpNu2kP7aF9tI/20346QAfoIB2kQ3SIDtNhOkJH6CgdpWN0jI7TcTpBJ+gUnaLTdJrO0Bk6R+foPP1EF+hnukiBUpyCDO5ql9FlcpndNS7FpXcZ3F8vmC7FOVxOl8vldnmcddlc9r+LyTlXwBV0hVxh510RV9Td9Ju4lCvtyriy7nZXzt3hyv8mrurucdXcva66u89VcXf/XVzD3e9qukdcLfeoq+0auDqukavrHnH13KOuvmvgGrpGroV70rV0T7lW7mnX2j3zm3iBW+jWuLVunVvv9ri97pz70R1137jz7ifXxXV1fdwrrq971fVzr7n+bsBv4mHuLTfcjXAj3Sg32o35TTzJTXZT3FQ3zb3nprsZv4nnuw/dLLfIzXZz3Fw375f4Uk+L3EdusfvYLXFL3TK33K1wK90qt/r/97rcbXSb3Ga3233qtrptbrvb4Xa6Xb/El85jn/vM7XefuyPua3fQfeEOuWPusPvql/jS+R1z37rj7jt3wp10p9z37rT7wZ1xZ385/0vn/r372V10wQEjK9ZsOOJ0fBWncHrOwFdzRs7EmfkaTvC1nIWv46x8PWfj7JyDc3Iuzs152DKxY+aY83I+TvINnJ9v5AJckAtxYfZchIvyTVyMb+bifAuX4Fu5JN/Gpbg0l+GyfDuX4zu4PFfginwnVwqBK3MVvpur8j1cje/l6nwf1+D7uSY/wLX4Qa7ND3Edfpjr8iNcjx/l+tyAG3IjbsyPcRN+nJtyM27OT3ALfpJb8lPcip/m1vwMt+FnuS0/x+34eW7PL3AH7sid+EXuzC9xF+7KqdyNu/PL3IN7ci/uzX34Fe7Lr3I/fo378wAeyK/zIH6DB/ObPISH8jB+i4fzCB7Jo3g0j+Gx/DaP43d4PL/LE3giT+LJPIWn8jR+j6fzDJ7J7/Ms/oBn8xyey/N4Pn/IC3ghL+KPeDF/zEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW/gT3srbeDvv4J28i3fzp7yH9/I+/oz38+d8gP/CB/kLPsRf8mH+io/w13yUv+Fj/C0f5+/4BJ/kU/w9n+Yf+Ayf5XP8I5/nn/gC/8wXOTDEGKtYxyaO4nTxVXFKnD7OEF8dZ4wzxZnja+JEfG2cJb4uzhpfH2eLs8c54pxxrjh3nCe2McUu5jiO88b54mR8Q5w/vjEuEBeMC8WFYx8XiYvGN8XF4pvj4vEtcYn41rhkfFtcKi4dP3Jf2fj2uFx8R1w+rhBXjO+MK8V3xZXjKvHdcdX4nrhafG9cPb4vLh7fH9eMH4hrxQ/GteOH4jrxw3Hd+JG4XvxoXD9uEDeMG8WN48fiJvHjcdO4Wdw8fiJuET8Zt4yfilvFT8et42d+d39q3C3uHr8cvxyHcK+em5yXnJ/8MLkguTC5KPlRcnHy4+SS5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTmZAhVrgKPXnntjY98On+VT/HpfQZ/tc/oM/nM/hqf8Nf6LP46n9Vf77P57D6Hz+lz+dw+j7eevPPsY5/X5/NJf4PP72/0BXxBX8gX9t4X8UV9I9/YN/ZN/OO+qW/mm/sn/BP+Sf+kf8o/5Z/2rf0zvo1/1rf1z/l2/nn/vH/Bd/AdfSf/ou/sX/JdfFef6lN9d9/d9/A9fC/fy/fxfXxf39f38/18f9/fD/QD/SA/yA/2g/0QP8QP88P8cD/cj/Qj/Wg/2o/1Y/04P86P9+P9BD/BT/KT/BQ/xU/z0/x0P93P9DP9rAKz/Gw/28/1c/18P98v8Av8Ir/IL/aL/RK/xC/zy/wKv8Kv8qv8Gr/Gr/Pr/Aa/wW/ym/wWv8Vv9Vv9dr/d7/Q7/W6/2+/xe/w+v8/v9/v9AX/AH/QH/SH/pT/sv/JH/Nf+qP/GH/Pf+uP+O3/Cn/Sn/Pf+tP/Bn/Fn/Tn/oz/vf/IX/M/+og9+bOLtxLjEO4nxiXcTExITE5MSkxNTElMT0xLvJaYnZiRmJt5PzEp8kJidmJOYm5iXmJ/4MLEgsTCxKPFRYnHi48SSxNLEssTyxIrEykQIubfGIW/IF5LhhpA/3BgKhIKhUCgcfCgSioabQrFwcygebgklwq2hZLgtlAqlQ5nwaKgfGoSGoVFoHB4LTcLjoWloFpqHJ0KL8GRoGZ4KrcLToXV4JrQJz4a24bnQLjwf2ocXQofQMXQKL4bO4aXQJXQNqaFb6B5eDj1Cz9Ar9A59wiuhb3g19Auvhf5hQBgYXg+DwhthcHgzDAlDw7DwVhgeRoSRYVQYHcaEseHtMC68E8aHd8OEMDFMCpPDlDA1TAvvhelhRpgZ3g+zwgdhdpgT5oZ5YX74MCwIC8Oi8FFYHD4OS8LSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvCJ2Fr2Ba2hx1hZ9gVdodPw56wN+wLn4X94fNwIPwlHAxfhEPhy3A4fBWOhK/D0fBNOBa+DcfDd+FEOBlOhe/D6fBDOBPOhnPhx3A+/BQuhJ/DRfmbNSGEEEKIP0T/zv5u/+B76QBA/bruDgCZtuU8/O9rbsj213VPlatFAgCe7tr+ob9tlSqlpqb++tolGqJ8cwAg8ff1/xYvhebwJLSCZlDsH/bXU3U8z79TP3krQIZ/k5MCl+PL9W/+D+o/9sSwBSXjc1n+k/pzAArku5yTHi7Hl+sX/w/qZ2/yO/2n/2IsQNN/k5MRLseX6xeFx+EZaPV3r/wDAxZCCCGEEEIIkSb0VGXa/t7986X781zmcs5VcDn+vftzIYQQQgghhBBCXHnPdez01GOtWjVr+8cW+OtzgX8u609b1Nq299lLh78yR5fFf3mBAPC/oA1Z/PHFFX5jEkIIIYQQQvzpLl/0X+lOhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKItOt/4t+JXelzFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIa60/xcAAP//daA1bQ==") truncate(&(0x7f0000000900)='./file1\x00', 0xbf39) rmdir(&(0x7f0000000080)='./file0\x00') 3.799555657s ago: executing program 0 (id=2081): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0) write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0xfffffffe, 0xfffffffd, 0x0, 0xffffffff, 0x1, "e315bc1cc24ff7b7cdb242e1ff0aa6905446b3"}) 3.426294325s ago: executing program 2 (id=2082): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="f4000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000a000000c40004801300010062726f6164636173742d6c696e6b"], 0xf4}}, 0x0) 3.316978457s ago: executing program 5 (id=2083): r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x2000}) 2.950559661s ago: executing program 2 (id=2084): munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil) 2.906150189s ago: executing program 1 (id=2085): ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b04, &(0x7f0000000040)={'virt_wifi0\x00', @link_local}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r0, 0x8b27, &(0x7f0000000040)) 2.795879483s ago: executing program 4 (id=2086): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x4, 0x4) ppoll(&(0x7f0000000080)=[{r0, 0x10}], 0x1, 0x0, 0x0, 0x0) 2.627336208s ago: executing program 0 (id=2087): capset(0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0xfffffffc}) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f00000000c0)) 2.508452443s ago: executing program 5 (id=2088): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x26, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002002000000004000100080004"], 0x44}}, 0x10) 2.220949006s ago: executing program 1 (id=2089): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$sock_ifreq(0xffffffffffffffff, 0x8931, &(0x7f0000000080)={'virt_wifi0\x00', @ifru_map={0xc, 0x7, 0x9, 0x8, 0x9, 0xf}}) ioctl$sock_proto_private(r0, 0x8b24, &(0x7f0000000080)) 2.121407199s ago: executing program 4 (id=2090): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) setsockopt$sock_int(r0, 0x1, 0x1b, &(0x7f0000000600)=0xdfa, 0x4) 1.998390092s ago: executing program 5 (id=2091): r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/arp\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000017c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 1.931231504s ago: executing program 0 (id=2092): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={0x34, r1, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) 1.667418076s ago: executing program 4 (id=2093): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg1\x00', 0x1a003}) ioctl$TUNSETVNETLE(r0, 0x400454dc, 0x0) 1.601930019s ago: executing program 1 (id=2094): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @cmp={{0x8}, @void}}, {0x18, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x40480e0}, 0x4008014) 1.40783521s ago: executing program 0 (id=2095): r0 = timerfd_create(0x0, 0x0) ppoll(&(0x7f0000000100)=[{r0}], 0x1, 0x0, 0x0, 0x0) ioctl$TFD_IOC_SET_TICKS(r0, 0x40085400, &(0x7f0000000000)=0x400000007f) 1.357052987s ago: executing program 5 (id=2096): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000030000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000300)='GPL\x00', 0x8, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x62}, 0x94) 811.33591ms ago: executing program 1 (id=2097): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = memfd_create(&(0x7f0000000280)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x1) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 691.809854ms ago: executing program 4 (id=2098): ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={'wlan1\x00', {0x2, 0x4e23, @broadcast}}) r0 = socket$pppl2tp(0x18, 0x1, 0x1) writev(r0, &(0x7f0000000080)=[{&(0x7f00000003c0)="23cc", 0x2}], 0x20) 389.044823ms ago: executing program 2 (id=2099): unshare(0x24020400) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') lseek(r0, 0x8000000000008, 0x1) 256.280986ms ago: executing program 1 (id=2100): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000240)=0x2, 0x4) sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20044005}, 0x4000010) 116.010591ms ago: executing program 4 (id=2101): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x50, 0x20}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x8, 0x0, 0x3}]}, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) 74.229364ms ago: executing program 0 (id=2102): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000500)={r0, &(0x7f0000000380), &(0x7f0000000400)=""/236}, 0x20) 0s ago: executing program 5 (id=2103): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x10, &(0x7f00000001c0), 0x4) sendmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="ef", 0x1}], 0x1, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18, 0x4060019}, 0x20000041) kernel console output (not intermixed with test programs): ted capacity change from 0 to 4096 [ 398.406829][ T7423] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 398.727252][ T7423] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 399.832997][ T1862] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 400.077953][ T1862] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 400.092179][ T1862] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 400.102671][ T1862] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 400.112539][ T1862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.223875][ T1862] usb 5-1: config 0 descriptor?? [ 400.280202][ T7451] ieee802154 phy0 wpan0: encryption failed: -22 [ 400.692288][ T1862] kone 0003:1E7D:2CED.0005: report_id 0 is invalid [ 400.703448][ T1862] kone 0003:1E7D:2CED.0005: item 0 2 1 8 parsing failed [ 400.821532][ T1862] kone 0003:1E7D:2CED.0005: parse failed [ 400.827804][ T1862] kone 0003:1E7D:2CED.0005: probe with driver kone failed with error -22 [ 400.889868][ T1862] usb 5-1: USB disconnect, device number 3 [ 401.090120][ T30] audit: type=1326 audit(1750822693.642:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.0.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f375518e929 code=0x7ffc0000 [ 401.150729][ T30] audit: type=1326 audit(1750822693.692:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.0.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f375518e929 code=0x7ffc0000 [ 401.176611][ T30] audit: type=1326 audit(1750822693.702:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.0.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f375518e929 code=0x7ffc0000 [ 401.199737][ T30] audit: type=1326 audit(1750822693.712:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.0.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f375518e929 code=0x7ffc0000 [ 401.232221][ T30] audit: type=1326 audit(1750822693.712:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.0.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f375518e929 code=0x7ffc0000 [ 401.257247][ T30] audit: type=1326 audit(1750822693.712:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.0.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f375518e929 code=0x7ffc0000 [ 401.333135][ T30] audit: type=1326 audit(1750822693.852:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.0.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f375518e929 code=0x7ffc0000 [ 401.356576][ T30] audit: type=1326 audit(1750822693.852:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7459 comm="syz.0.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f375518e929 code=0x7ffc0000 [ 404.034319][ T7479] loop0: detected capacity change from 0 to 32768 [ 404.104473][ T7479] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 404.116594][ T7479] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 404.162252][ T7479] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 1 19, function = gfs2_check_internal_file_size, file = fs/gfs2/inode.h, line = 85 [ 404.189862][ T7479] gfs2: fsid=syz:syz.0: G: s:SH n:2/13 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 404.202262][ T7479] gfs2: fsid=syz:syz.0: H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0x124/0x510 [ 404.215076][ T7479] gfs2: fsid=syz:syz.0: I: n:1/19 t:8 f:0x00 d:0x00000200 s:49152 p:0 [ 404.224064][ T7479] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 404.231754][ T7479] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 404.240830][ T7479] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 404.251784][ T7479] gfs2: fsid=syz:syz.0: File system withdrawn [ 404.258255][ T7479] CPU: 0 UID: 0 PID: 7479 Comm: syz.0.646 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(undef) [ 404.258423][ T7479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 404.258523][ T7479] Call Trace: [ 404.258581][ T7479] [ 404.258637][ T7479] __dump_stack+0x26/0x30 [ 404.258843][ T7479] dump_stack_lvl+0x1df/0x270 [ 404.259061][ T7479] dump_stack+0x1e/0x25 [ 404.259247][ T7479] gfs2_withdraw+0x1d26/0x22e0 [ 404.259550][ T7479] gfs2_consist_inode_i+0x1b2/0x250 [ 404.259738][ T7479] gfs2_jdesc_check+0x170/0x440 [ 404.259949][ T7479] init_journal+0x1471/0x3a30 [ 404.260153][ T7479] ? init_inodes+0x124/0x510 [ 404.260318][ T7479] ? init_inodes+0x124/0x510 [ 404.260470][ T7479] ? kmsan_get_metadata+0xfb/0x160 [ 404.260694][ T7479] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 404.260939][ T7479] init_inodes+0x124/0x510 [ 404.261113][ T7479] gfs2_fill_super+0x384a/0x3f50 [ 404.261289][ T7479] ? init_locking+0xed/0x500 [ 404.261491][ T7479] get_tree_bdev_flags+0x6e3/0x920 [ 404.261734][ T7479] ? __pfx_gfs2_fill_super+0x10/0x10 [ 404.261906][ T7479] ? __pfx_gfs2_fill_super+0x10/0x10 [ 404.262063][ T7479] ? __pfx_gfs2_get_tree+0x10/0x10 [ 404.262222][ T7479] get_tree_bdev+0x38/0x50 [ 404.262431][ T7479] gfs2_get_tree+0x57/0x350 [ 404.262594][ T7479] ? __pfx_gfs2_get_tree+0x10/0x10 [ 404.262750][ T7479] vfs_get_tree+0xb0/0x5c0 [ 404.262966][ T7479] ? mount_capable+0x99/0x100 [ 404.263157][ T7479] do_new_mount+0x738/0x1610 [ 404.263366][ T7479] ? kmsan_get_metadata+0xfb/0x160 [ 404.263577][ T7479] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 404.263846][ T7479] path_mount+0x6db/0x1e90 [ 404.264083][ T7479] ? user_path_at+0x32d/0x3d0 [ 404.264296][ T7479] __se_sys_mount+0x6eb/0x7d0 [ 404.264523][ T7479] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 404.264764][ T7479] __x64_sys_mount+0xe4/0x150 [ 404.265010][ T7479] x64_sys_call+0xfa7/0x3db0 [ 404.265224][ T7479] do_syscall_64+0xd9/0x210 [ 404.265393][ T7479] ? irqentry_exit+0x16/0x60 [ 404.265538][ T7479] ? clear_bhb_loop+0x40/0x90 [ 404.265718][ T7479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.265913][ T7479] RIP: 0033:0x7f37551900ca [ 404.266052][ T7479] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 404.266183][ T7479] RSP: 002b:00007f3755ffce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 404.266329][ T7479] RAX: ffffffffffffffda RBX: 00007f3755ffcef0 RCX: 00007f37551900ca [ 404.266440][ T7479] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007f3755ffceb0 [ 404.266547][ T7479] RBP: 0000200000000400 R08: 00007f3755ffcef0 R09: 0000000000200001 [ 404.266651][ T7479] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500 [ 404.266750][ T7479] R13: 00007f3755ffceb0 R14: 00000000000125bb R15: 0000200000000240 [ 404.266890][ T7479] [ 404.565850][ T7479] gfs2: fsid=syz:syz.0: my journal (0) is bad: -5 [ 405.038657][ T7492] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 405.038657][ T7492] program syz.2.653 not setting count and/or reply_len properly [ 405.679161][ T7497] loop3: detected capacity change from 0 to 256 [ 405.747644][ T7497] exfat: Deprecated parameter 'utf8' [ 405.948132][ T7497] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d) [ 406.435386][ T7508] netlink: 24 bytes leftover after parsing attributes in process `syz.1.660'. [ 406.478821][ T7511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.662'. [ 407.047018][ T7518] loop1: detected capacity change from 0 to 512 [ 407.126117][ T7518] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 407.178122][ T7518] EXT4-fs (loop1): 1 truncate cleaned up [ 407.186757][ T7518] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 407.771637][ T5797] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.797772][ T7520] loop4: detected capacity change from 0 to 4096 [ 408.515507][ T7535] netlink: 28 bytes leftover after parsing attributes in process `syz.0.673'. [ 410.374659][ T7541] loop3: detected capacity change from 0 to 32768 [ 410.444591][ T7541] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 410.453424][ T7541] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 410.516598][ T7541] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 410.541446][ T5852] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 410.548516][ T5852] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 410.977818][ T5852] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 429ms [ 410.989313][ T5852] gfs2: fsid=syz:syz.0: jid=0: Done [ 410.995822][ T7541] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 411.470314][ T7566] usb usb8: usbfs: process 7566 (syz.0.688) did not claim interface 0 before use [ 412.086271][ T7574] loop0: detected capacity change from 0 to 1024 [ 412.234187][ T7574] syz.0.692: attempt to access beyond end of device [ 412.234187][ T7574] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 412.248302][ T7574] Buffer I/O error on dev loop0, logical block 2889, async page read [ 412.257080][ T7574] syz.0.692: attempt to access beyond end of device [ 412.257080][ T7574] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 412.274312][ T7574] Buffer I/O error on dev loop0, logical block 2889, async page read [ 412.302778][ T30] audit: type=1800 audit(1750822704.862:66): pid=7574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.692" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 412.393995][ T7576] syz.0.692: attempt to access beyond end of device [ 412.393995][ T7576] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 413.088880][ T7586] cifs: Bad value for 'cache' [ 414.064877][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 414.071898][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 414.556015][ T7611] x_tables: ip_tables: TPROXY target: only valid in mangle table, not syz0 [ 415.591765][ T7625] loop2: detected capacity change from 0 to 2048 [ 415.716143][ T7625] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 415.962810][ T7631] loop0: detected capacity change from 0 to 256 [ 416.475129][ T7631] FAT-fs (loop0): Directory bread(block 64) failed [ 416.483045][ T7631] FAT-fs (loop0): Directory bread(block 65) failed [ 416.491088][ T7631] FAT-fs (loop0): Directory bread(block 66) failed [ 416.498213][ T7631] FAT-fs (loop0): Directory bread(block 67) failed [ 416.507268][ T7631] FAT-fs (loop0): Directory bread(block 68) failed [ 416.514679][ T7631] FAT-fs (loop0): Directory bread(block 69) failed [ 416.521860][ T7631] FAT-fs (loop0): Directory bread(block 70) failed [ 416.528767][ T7631] FAT-fs (loop0): Directory bread(block 71) failed [ 416.536045][ T7631] FAT-fs (loop0): Directory bread(block 72) failed [ 416.543073][ T7631] FAT-fs (loop0): Directory bread(block 73) failed [ 417.660738][ T7647] loop4: detected capacity change from 0 to 1024 [ 417.813702][ T7645] loop3: detected capacity change from 0 to 32768 [ 417.844754][ T7645] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section [ 417.844754][ T7645] clean (size 2912): [ 417.844754][ T7645] flags: 0 [ 417.844754][ T7645] journal_seq: 10 [ 417.844754][ T7645] prio_ptrs: [ 417.844754][ T7645] usage: type=key_version v=0 [ 417.844754][ T7645] usage: type=reserved v=0 [ 417.844754][ T7645] [ 417.889194][ T7645] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean [ 418.452442][ T7647] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 418.502679][ T7661] atomic_op ffff88811b5bc928 conn xmit_atomic 0000000000000000 [ 418.978438][ T7665] loop2: detected capacity change from 0 to 512 [ 418.998311][ T7665] EXT4-fs: Ignoring removed nobh option [ 419.020851][ T5800] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 419.134704][ T7665] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c118, mo2=0002] [ 419.222388][ T7665] System zones: 0-2, 18-18, 34-34 [ 419.312400][ T7665] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 419.325958][ T7665] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 419.571915][ T7665] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 419.615749][ T7678] capability: warning: `syz.1.734' uses 32-bit capabilities (legacy support in use) [ 419.987298][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.351518][ T30] audit: type=1326 audit(1750822712.902:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7684 comm="syz.1.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 420.376161][ T30] audit: type=1326 audit(1750822712.912:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7684 comm="syz.1.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 420.399547][ T30] audit: type=1326 audit(1750822712.952:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7684 comm="syz.1.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 420.422712][ T30] audit: type=1326 audit(1750822712.952:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7684 comm="syz.1.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 420.445784][ T30] audit: type=1326 audit(1750822712.952:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7684 comm="syz.1.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 420.470237][ T30] audit: type=1326 audit(1750822712.952:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7684 comm="syz.1.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 420.493558][ T30] audit: type=1326 audit(1750822712.952:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7684 comm="syz.1.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 420.622039][ T7691] loop0: detected capacity change from 0 to 1024 [ 420.663961][ T7691] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 420.821837][ T7691] hfsplus: bad catalog entry type [ 421.598656][ T1862] IPVS: starting estimator thread 0... [ 421.607925][ T7704] loop3: detected capacity change from 0 to 256 [ 421.691848][ T7706] IPVS: using max 192 ests per chain, 9600 per kthread [ 421.721866][ T7707] netlink: 8 bytes leftover after parsing attributes in process `syz.4.748'. [ 421.880623][ T7710] sp0: Synchronizing with TNC [ 422.138778][ T7704] FAT-fs (loop3): Directory bread(block 64) failed [ 422.146181][ T7704] FAT-fs (loop3): Directory bread(block 65) failed [ 422.155925][ T7704] FAT-fs (loop3): Directory bread(block 66) failed [ 422.163116][ T7704] FAT-fs (loop3): Directory bread(block 67) failed [ 422.170090][ T7704] FAT-fs (loop3): Directory bread(block 68) failed [ 422.177155][ T7704] FAT-fs (loop3): Directory bread(block 69) failed [ 422.184460][ T7704] FAT-fs (loop3): Directory bread(block 70) failed [ 422.191492][ T7704] FAT-fs (loop3): Directory bread(block 71) failed [ 422.200652][ T7704] FAT-fs (loop3): Directory bread(block 72) failed [ 422.208345][ T7704] FAT-fs (loop3): Directory bread(block 73) failed [ 422.524403][ T7711] loop2: detected capacity change from 0 to 4096 [ 422.651626][ T7719] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 423.575600][ T30] audit: type=1400 audit(1750822716.122:74): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=7727 comm="syz.1.758" [ 423.859262][ T7722] loop4: detected capacity change from 0 to 32768 [ 423.902297][ T7722] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section journal_v2: journal buckets entry with bad nr: 21474967553+0 [ 423.902297][ T7722] journal_v2 (size 2912): [ 423.902297][ T7722] Buckets: 0-10 21474902017-21474902025 21474967553-21474967553 21474836481-21474836481 21491613697-21491613697 21508390913-21508390913 21525168129-21525168129 25769803778-25769806594 65795-25769869573 0-65794 25769803778-25769803794 65796-34359804197 0-0 0-83 0-0 25-6177 248-256 2048-2048 11-2827 0-1 16-256 0-0 0-0 0-0 0-0 0-0 0-0 0-0 0-30064771074 0-0 30064771074-30064771075 1280-4294968587 1179915-1179915 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 14322110933576210885-14322110933576210901 0-0 110593-4295143436 1179915-1179915 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 8469488994664696954-8469488994664696978 0-0 155649-4295254028 1179915-1179915 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 11142619451731364831-111426194517313 [ 423.903759][ T7722] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal [ 426.143983][ T7760] loop4: detected capacity change from 0 to 1024 [ 426.350953][ T7760] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 426.794392][ T5800] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 427.085797][ T7777] loop0: detected capacity change from 0 to 1024 [ 427.392179][ T7785] bridge0: entered promiscuous mode [ 427.397843][ T7785] macvlan2: entered promiscuous mode [ 427.410582][ T7785] bridge0: port 3(macvlan2) entered blocking state [ 427.417976][ T7785] bridge0: port 3(macvlan2) entered disabled state [ 427.428648][ T7785] macvlan2: entered allmulticast mode [ 427.434572][ T7785] bridge0: entered allmulticast mode [ 427.470746][ T7785] macvlan2: left allmulticast mode [ 427.476668][ T7785] bridge0: left allmulticast mode [ 427.485085][ T7785] bridge0: left promiscuous mode [ 427.597973][ T1845] hfsplus: b-tree write err: -5, ino 8 [ 428.206889][ T7800] netlink: 28 bytes leftover after parsing attributes in process `syz.1.787'. [ 429.402822][ T7818] loop1: detected capacity change from 0 to 16 [ 429.462454][ T7818] erofs (device loop1): mounted with root inode @ nid 36. [ 429.518168][ T7818] erofs (device loop1): bogus lookback distance 0 @ lcn 1 of nid 89 [ 429.526994][ T7818] erofs (device loop1): readahead error at folio 0 @ nid 89 [ 429.549884][ T7818] erofs (device loop1): bogus lookback distance 0 @ lcn 1 of nid 89 [ 429.558898][ T7818] erofs (device loop1): read error -117 @ 0 of nid 89 [ 429.599832][ T30] audit: type=1800 audit(1750822722.142:75): pid=7818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.795" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 429.722218][ T11] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 429.937049][ T11] usb 5-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00 [ 429.950361][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.013017][ T11] usb 5-1: config 0 descriptor?? [ 430.536058][ T7828] loop1: detected capacity change from 0 to 1024 [ 430.555541][ T11] uclogic 0003:28BD:0055.0006: interface is invalid, ignoring [ 430.701992][ T7834] autofs: Bad value for 'uid' [ 430.707245][ T7834] autofs: Bad value for 'uid' [ 430.727331][ T11] usb 5-1: USB disconnect, device number 4 [ 431.232727][ T7840] syz.2.806 uses old SIOCAX25GETINFO [ 431.778879][ T7851] loop4: detected capacity change from 0 to 128 [ 431.859363][ T7851] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 432.188465][ T7851] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 432.763630][ T7847] loop0: detected capacity change from 0 to 40427 [ 432.791529][ T7847] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 432.798829][ T7847] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 432.810741][ T7847] F2FS-fs (loop0): build fault injection rate: 17008 [ 432.830037][ T7847] F2FS-fs (loop0): invalid crc value [ 433.196703][ T7847] F2FS-fs (loop0): Start checkpoint disabled! [ 433.241609][ T7847] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 433.249012][ T7847] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 433.286901][ T7859] sctp: [Deprecated]: syz.1.813 (pid 7859) Use of struct sctp_assoc_value in delayed_ack socket option. [ 433.286901][ T7859] Use struct sctp_sack_info instead [ 433.517012][ T7866] lo speed is unknown, defaulting to 1000 [ 433.523622][ T7866] lo speed is unknown, defaulting to 1000 [ 433.530743][ T7866] lo speed is unknown, defaulting to 1000 [ 433.550180][ T7866] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 433.596610][ T7866] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 433.858292][ T7866] lo speed is unknown, defaulting to 1000 [ 433.880020][ T7866] lo speed is unknown, defaulting to 1000 [ 433.894892][ T7866] lo speed is unknown, defaulting to 1000 [ 433.905019][ T7866] lo speed is unknown, defaulting to 1000 [ 433.914327][ T7866] lo speed is unknown, defaulting to 1000 [ 434.310466][ T7871] loop3: detected capacity change from 0 to 256 [ 434.398548][ T7871] exfat: Deprecated parameter 'utf8' [ 434.404877][ T7871] exfat: Deprecated parameter 'utf8' [ 434.410789][ T7871] exfat: Deprecated parameter 'namecase' [ 434.808604][ T7871] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 435.038436][ T7869] loop1: detected capacity change from 0 to 32768 [ 435.070569][ T7869] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section journal: journal bucket 128 past end of device (nbuckets 128) [ 435.070569][ T7869] journal (size 40): [ 435.070569][ T7869] Buckets: 9 7 128 1 [ 435.070569][ T7869] [ 435.105782][ T7869] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal [ 437.279577][ T7900] loop0: detected capacity change from 0 to 16 [ 437.327864][ T7900] erofs (device loop0): mounted with root inode @ nid 36. [ 437.390573][ T7900] erofs (device loop0): readahead error at folio 26 @ nid 36 [ 437.398599][ T7900] erofs (device loop0): readahead error at folio 25 @ nid 36 [ 437.406899][ T7900] erofs (device loop0): readahead error at folio 24 @ nid 36 [ 437.417891][ T7900] erofs (device loop0): readahead error at folio 23 @ nid 36 [ 437.425808][ T7900] erofs (device loop0): readahead error at folio 22 @ nid 36 [ 437.433671][ T7900] erofs (device loop0): readahead error at folio 21 @ nid 36 [ 437.444456][ T7900] erofs (device loop0): readahead error at folio 20 @ nid 36 [ 437.452701][ T7900] erofs (device loop0): readahead error at folio 18 @ nid 36 [ 437.467944][ T7900] erofs (device loop0): readahead error at folio 16 @ nid 36 [ 437.482117][ T7900] erofs (device loop0): readahead error at folio 12 @ nid 36 [ 437.490327][ T7900] syz.0.817: attempt to access beyond end of device [ 437.490327][ T7900] loop0: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 437.507745][ T7900] syz.0.817: attempt to access beyond end of device [ 437.507745][ T7900] loop0: rw=524288, sector=525144, nr_sectors = 16 limit=16 [ 437.522274][ T7900] syz.0.817: attempt to access beyond end of device [ 437.522274][ T7900] loop0: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 437.539480][ T7900] syz.0.817: attempt to access beyond end of device [ 437.539480][ T7900] loop0: rw=524288, sector=13716630376, nr_sectors = 8 limit=16 [ 437.614391][ T7902] loop1: detected capacity change from 0 to 128 [ 437.757152][ T7902] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 437.852158][ T7902] ext4 filesystem being mounted at /170/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 437.906155][ T7908] netlink: 8 bytes leftover after parsing attributes in process `syz.2.833'. [ 437.975357][ T7902] EXT4-fs warning (device loop1): __ext4_ioctl:1259: Setting inode version is not supported with metadata_csum enabled. [ 438.414023][ T5797] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 438.441588][ T7913] netlink: 16 bytes leftover after parsing attributes in process `syz.3.836'. [ 438.547199][ T7918] loop0: detected capacity change from 0 to 128 [ 439.145602][ T7924] netlink: 32 bytes leftover after parsing attributes in process `syz.3.842'. [ 439.495479][ T7930] loop4: detected capacity change from 0 to 1024 [ 439.981876][ T1845] hfsplus: b-tree write err: -5, ino 4 [ 440.157646][ T7940] loop1: detected capacity change from 0 to 128 [ 440.417818][ T7944] loop4: detected capacity change from 0 to 8 [ 440.514810][ T7944] SQUASHFS error: zlib decompression failed, data probably corrupt [ 440.523334][ T7944] SQUASHFS error: Failed to read block 0x9b: -5 [ 440.538015][ T7944] SQUASHFS error: Unable to read metadata cache entry [99] [ 440.551488][ T7944] SQUASHFS error: Unable to read inode 0x127 [ 441.527658][ T7949] loop0: detected capacity change from 0 to 4096 [ 441.710885][ T7957] loop3: detected capacity change from 0 to 4096 [ 441.795124][ T7949] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 441.864649][ T7966] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 443.119134][ T7976] loop2: detected capacity change from 0 to 512 [ 443.183589][ T7978] new mount options do not match the existing superblock, will be ignored [ 443.209576][ T7976] EXT4-fs: Ignoring removed nomblk_io_submit option [ 443.302260][ T7979] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 "" [ 443.418204][ T7976] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.432173][ T7976] ext4 filesystem being mounted at /171/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 443.468706][ T7971] loop4: detected capacity change from 0 to 32768 [ 443.677866][ T7971] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=xxhash,data_checksum=none,compression=lz4,str_hash=crc64,norecovery,reconstruct_alloc [ 443.678013][ T7971] allowing incompatible features above 0.0: (unknown version) [ 443.678110][ T7971] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 443.732501][ T7971] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 443.746169][ T7971] bcachefs (loop4): invalid journal entry, version=1.7: mi_btree_bitmap type=data_usage in superblock: invalid journal entry usage: no devices in entry free: 0/0 [], fixing [ 443.764506][ T7971] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 443.776499][ T7971] bcachefs (loop4): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete [ 443.776499][ T7971] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive [ 443.776499][ T7971] running recovery passes: check_extents_to_backpointers,check_inodes [ 443.818425][ T7971] bcachefs (loop4): dropping and reconstructing all alloc info [ 443.854990][ T7971] bcachefs (loop4): btree node read error at btree extents level 0/0 [ 443.855101][ T7971] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 443.855220][ T7971] loop4 node offset 0/16 bset u64s 0: invalid bkey format: incorrect key_u64s: got 0, should be 3 [ 443.855324][ T7971] u64s 0 fields 64:0, 64:0, 32:0, 0:0, 0:0, 0:0 [ 443.855409][ T7971] running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0) [ 443.855512][ T7971] running recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0) [ 443.855606][ T7971] ret btree_node_read_validate_error [ 443.942536][ T7971] bcachefs (loop4): error reading btree root btree=extents level=0: btree_node_read_error, fixing [ 443.955083][ T30] audit: type=1800 audit(1750822736.462:76): pid=7976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.866" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 443.993031][ T7971] bcachefs (loop4): error reading btree root btree=dirents level=0: btree_node_read_error, fixing [ 444.025817][ T7971] bcachefs (loop4): btree node read error at btree xattrs level 0/0 [ 444.025923][ T7971] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0 [ 444.026051][ T7971] loop4 node offset 0/16: got wrong btree node: got [ 444.026159][ T7971] btree=xattrs level=0 seq ded0abe32 1 [ 444.026230][ T7971] min: POS_MIN [ 444.026295][ T7971] max: SPOS_MAX [ 444.026367][ T7971] ret btree_node_read_validate_error [ 444.081723][ T7971] bcachefs (loop4): error reading btree root btree=xattrs level=0: btree_node_read_error, fixing [ 444.139766][ T7971] bcachefs (loop4): btree node read error at btree snapshots level 0/0 [ 444.139879][ T7971] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0 [ 444.139996][ T7971] loop4 node offset 0/16: incorrect min_key: got 0:0:1023410176 should be POS_MIN [ 444.140089][ T7971] flagging btree snapshots lost data [ 444.140170][ T7971] running recovery pass reconstruct_snapshots (21), currently at recovery_pass_empty (0) [ 444.140264][ T7971] ret btree_node_read_validate_error [ 444.201445][ T7971] bcachefs (loop4): error reading btree root btree=snapshots level=0: btree_node_read_error, fixing [ 444.233932][ T7971] bcachefs (loop4): check_topology... [ 444.234399][ T7971] bcachefs (loop4): btree root extents unreadable, must recover from scan [ 444.249685][ T7971] bcachefs (loop4): no nodes found for btree extents, continuing [ 444.262073][ T7971] bcachefs (loop4): btree root dirents unreadable, must recover from scan [ 444.271631][ T7971] bcachefs (loop4): no nodes found for btree dirents, continuing [ 444.280122][ T7971] bcachefs (loop4): btree root xattrs unreadable, must recover from scan [ 444.292525][ T7971] bcachefs (loop4): no nodes found for btree xattrs, continuing [ 444.302389][ T7971] bcachefs (loop4): btree root snapshots unreadable, must recover from scan [ 444.312211][ T7971] bcachefs (loop4): no nodes found for btree snapshots, continuing [ 444.339185][ T7971] done [ 444.342395][ T7971] bcachefs (loop4): accounting_read... done [ 444.358673][ T7971] bcachefs (loop4): alloc_read... done [ 444.370166][ T7971] bcachefs (loop4): snapshots_read... done [ 444.379354][ T7971] bcachefs (loop4): Fixed errors, running fsck a second time to verify fs is clean [ 444.394880][ T7971] bcachefs (loop4): done starting filesystem [ 444.576783][ T7992] loop0: detected capacity change from 0 to 256 [ 444.593203][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 444.603564][ T5800] bcachefs (loop4): shutting down [ 444.746249][ T5800] bcachefs (loop4): shutdown complete [ 445.717259][ T8008] loop1: detected capacity change from 0 to 512 [ 445.888413][ T8008] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 445.902038][ T8008] ext4 filesystem being mounted at /180/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 446.115410][ T8008] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.877: corrupted inode contents [ 446.194296][ T8008] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.877: mark_inode_dirty error [ 446.232696][ T8008] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.877: corrupted inode contents [ 446.269198][ T8008] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.877: mark_inode_dirty error [ 446.685627][ T5797] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 447.773203][ T8030] loop2: detected capacity change from 0 to 2048 [ 447.893534][ T8030] EXT4-fs: Ignoring removed orlov option [ 447.907443][ T8030] EXT4-fs: Ignoring removed nomblk_io_submit option [ 448.037658][ T8030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 449.148802][ T8059] netlink: 'syz.0.898': attribute type 3 has an invalid length. [ 449.244185][ T8048] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 450.121711][ T11] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 450.382614][ T11] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11 [ 450.397963][ T11] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 450.408543][ T11] usb 1-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00 [ 450.418070][ T11] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.695620][ T11] usb 1-1: config 0 descriptor?? [ 450.823973][ T8072] loop1: detected capacity change from 0 to 32768 [ 450.860650][ T8072] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section journal: duplicate journal buckets 9 [ 450.860650][ T8072] journal (size 40): [ 450.860650][ T8072] Buckets: 9 7 24 9 [ 450.860650][ T8072] [ 450.886378][ T8072] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal [ 450.936341][ T8041] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 451.259136][ T11] elo 0003:04E7:0030.0007: item fetching failed at offset 0/3 [ 451.398408][ T11] elo 0003:04E7:0030.0007: parse failed [ 451.405206][ T11] elo 0003:04E7:0030.0007: probe with driver elo failed with error -22 [ 451.466335][ T11] usb 1-1: USB disconnect, device number 5 [ 451.651684][ T1862] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 451.831509][ T1862] usb 4-1: Using ep0 maxpacket: 32 [ 451.873320][ T1862] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 451.885235][ T1862] usb 4-1: config 0 interface 0 has no altsetting 0 [ 451.894410][ T1862] usb 4-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00 [ 451.904565][ T1862] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 452.085175][ T1862] usb 4-1: config 0 descriptor?? [ 452.626286][ T1862] cypress 0003:04B4:0001.0008: unknown main item tag 0x0 [ 452.634044][ T1862] cypress 0003:04B4:0001.0008: unknown main item tag 0x0 [ 452.642136][ T1862] cypress 0003:04B4:0001.0008: unknown main item tag 0x0 [ 452.649586][ T1862] cypress 0003:04B4:0001.0008: unknown main item tag 0x0 [ 452.657241][ T1862] cypress 0003:04B4:0001.0008: unknown main item tag 0x0 [ 452.912350][ T1862] cypress 0003:04B4:0001.0008: hidraw0: USB HID v0.09 Device [HID 04b4:0001] on usb-dummy_hcd.3-1/input0 [ 453.060736][ T1862] usb 4-1: USB disconnect, device number 3 [ 453.619166][ T8094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.914'. [ 454.318459][ T8102] sp0: Synchronizing with TNC [ 455.060399][ T8116] loop1: detected capacity change from 0 to 128 [ 455.746755][ T8126] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 455.785965][ T8127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.930'. [ 455.797136][ T8127] netlink: 4 bytes leftover after parsing attributes in process `syz.1.930'. [ 456.700771][ T8138] netlink: 332 bytes leftover after parsing attributes in process `syz.0.936'. [ 456.712738][ T8138] netlink: 160 bytes leftover after parsing attributes in process `syz.0.936'. [ 457.487672][ T8139] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 457.704091][ T8152] team0: Device gtp0 is of different type [ 458.711633][ T1862] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 458.744747][ T8168] netlink: 4 bytes leftover after parsing attributes in process `syz.2.949'. [ 458.922399][ T1862] usb 4-1: Using ep0 maxpacket: 32 [ 458.972816][ T1862] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 458.982235][ T1862] usb 4-1: config 0 has no interface number 0 [ 458.988660][ T1862] usb 4-1: config 0 interface 184 has no altsetting 0 [ 459.035470][ T1862] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 459.045323][ T1862] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.054013][ T1862] usb 4-1: Product: syz [ 459.058566][ T1862] usb 4-1: Manufacturer: syz [ 459.065865][ T1862] usb 4-1: SerialNumber: syz [ 459.160709][ T1862] usb 4-1: config 0 descriptor?? [ 459.192161][ T1862] smsc75xx v1.0.0 [ 459.342074][ T8177] loop4: detected capacity change from 0 to 64 [ 459.860404][ T1862] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 459.871989][ T1862] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 459.884801][ T1862] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind [ 459.897039][ T1862] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71 [ 460.063110][ T1862] usb 4-1: USB disconnect, device number 4 [ 460.507638][ T8192] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 460.979692][ T8198] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 461.582623][ T8208] netlink: 8 bytes leftover after parsing attributes in process `syz.3.968'. [ 461.591932][ T8208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.968'. [ 461.601047][ T8208] netlink: 'syz.3.968': attribute type 18 has an invalid length. [ 463.924845][ T8246] nbd: must specify at least one socket [ 464.045122][ T8252] netlink: 'syz.0.988': attribute type 1 has an invalid length. [ 464.069882][ T8249] loop1: detected capacity change from 0 to 512 [ 464.108237][ T8249] EXT4-fs: Ignoring removed nobh option [ 464.169638][ T8249] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.987: iget: bad i_size value: 38620345925642 [ 464.296009][ T8249] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.987: couldn't read orphan inode 15 (err -117) [ 464.399308][ T8249] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 464.546135][ T8260] CIFS mount error: No usable UNC path provided in device string! [ 464.546135][ T8260] [ 464.556901][ T8260] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 464.638400][ T8258] lo speed is unknown, defaulting to 1000 [ 464.862849][ T8264] loop0: detected capacity change from 0 to 512 [ 464.871998][ T5797] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 464.884071][ T8264] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 464.938187][ T8264] EXT4-fs (loop0): 1 truncate cleaned up [ 464.946929][ T8264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 465.537524][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.828160][ T8292] mkiss: ax0: crc mode is auto. [ 467.236480][ T8297] macvtap1: entered promiscuous mode [ 467.245304][ T8297] vlan0: entered promiscuous mode [ 467.316422][ T8297] vlan0: left promiscuous mode [ 467.726491][ T8305] loop3: detected capacity change from 0 to 512 [ 467.770576][ T8303] loop0: detected capacity change from 0 to 1764 [ 467.775859][ T8305] EXT4-fs: Ignoring removed i_version option [ 467.845770][ T8305] EXT4-fs (loop3): orphan cleanup on readonly fs [ 467.901774][ T8305] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1011: bg 0: block 131: padding at end of block bitmap is not set [ 467.985814][ T8305] EXT4-fs (loop3): Remounting filesystem read-only [ 468.006475][ T8305] EXT4-fs (loop3): 1 truncate cleaned up [ 468.015242][ T8305] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 468.212452][ T1862] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 468.436882][ T1862] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 468.447662][ T1862] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 468.457219][ T1862] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 468.466962][ T1862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.519359][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.530808][ T1862] usb 5-1: config 0 descriptor?? [ 468.562603][ T1862] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 468.569748][ T1862] dvb-usb: bulk message failed: -22 (3/0) [ 468.599433][ T1862] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 468.629067][ T1862] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 468.637248][ T1862] usb 5-1: media controller created [ 468.717990][ T1862] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 468.793558][ T1862] dvb-usb: bulk message failed: -22 (6/0) [ 468.800072][ T1862] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 468.849825][ T1862] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input7 [ 468.942926][ T1862] dvb-usb: schedule remote query interval to 150 msecs. [ 468.950200][ T1862] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 469.043700][ T1862] usb 5-1: USB disconnect, device number 5 [ 469.169973][ T1862] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 469.454496][ T8327] tipc: Started in network mode [ 469.459796][ T8327] tipc: Node identity ac14140f, cluster identity 4711 [ 469.474836][ T8327] tipc: Enabled bearer , priority 10 [ 469.940039][ T8333] loop4: detected capacity change from 0 to 256 [ 469.990685][ T8333] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 470.003196][ T8333] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 470.007470][ T8334] loop3: detected capacity change from 0 to 512 [ 470.044527][ T8334] EXT4-fs: Ignoring removed orlov option [ 470.306781][ T8334] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.1023: casefold flag without casefold feature [ 470.323858][ T8333] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 470.419679][ T8334] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1023: couldn't read orphan inode 15 (err -117) [ 470.564591][ T8334] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.587099][ T11] tipc: Node number set to 2886997007 [ 471.208030][ T8337] loop0: detected capacity change from 0 to 32768 [ 471.276154][ T8337] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 471.285109][ T8337] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 471.361509][ T8337] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 471.380154][ T1862] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 471.388111][ T1862] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 471.505083][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 471.897702][ T11] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 472.091939][ T1862] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 703ms [ 472.100240][ T1862] gfs2: fsid=syz:syz.0: jid=0: Done [ 472.106186][ T8337] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 472.118710][ T11] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.133532][ T11] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 472.143976][ T11] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 472.153457][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.260169][ T11] usb 5-1: config 0 descriptor?? [ 472.629679][ T8337] gfs2: fsid=syz:syz.0: found 1 quota changes [ 472.907026][ T11] wacom 0003:056A:0063.0009: ignoring exceeding usage max [ 472.926743][ T11] wacom 0003:056A:0063.0009: ignoring exceeding usage max [ 473.030651][ T11] usb 5-1: USB disconnect, device number 6 [ 475.011663][ T8389] loop1: detected capacity change from 0 to 1024 [ 475.105092][ T8389] EXT4-fs: Ignoring removed mblk_io_submit option [ 475.189636][ T8389] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 475.425415][ T30] audit: type=1326 audit(1750822767.982:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 475.482949][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 475.489724][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 475.593050][ T30] audit: type=1326 audit(1750822768.022:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 475.622516][ T30] audit: type=1326 audit(1750822768.052:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 475.648464][ T30] audit: type=1326 audit(1750822768.052:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 475.677647][ T30] audit: type=1326 audit(1750822768.052:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 475.702727][ T30] audit: type=1326 audit(1750822768.052:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 475.730228][ T30] audit: type=1326 audit(1750822768.072:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 475.762530][ T30] audit: type=1326 audit(1750822768.072:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 475.862509][ T5797] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 476.845415][ T8404] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 477.571856][ T11] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 477.807606][ T11] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 477.819144][ T11] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 477.832674][ T11] usb 5-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00 [ 477.842317][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.049394][ T11] usb 5-1: config 0 descriptor?? [ 478.705267][ T11] chicony 0003:04F2:1236.000A: item fetching failed at offset 0/1 [ 478.757250][ T11] chicony 0003:04F2:1236.000A: Chicony hid parse failed: -22 [ 478.768716][ T11] chicony 0003:04F2:1236.000A: probe with driver chicony failed with error -22 [ 478.944258][ T24] usb 5-1: USB disconnect, device number 7 [ 481.710243][ T8468] loop1: detected capacity change from 0 to 64 [ 482.343093][ T8466] loop4: detected capacity change from 0 to 4096 [ 482.875313][ T8478] loop3: detected capacity change from 0 to 1024 [ 482.945649][ T8478] EXT4-fs: Ignoring removed bh option [ 483.213973][ T8478] EXT4-fs (loop3): mounted filesystem 05000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 483.408930][ T8476] loop1: detected capacity change from 0 to 32768 [ 483.431101][ T8476] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1081 (8476) [ 483.460323][ T8476] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 483.472705][ T8476] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm [ 483.484423][ T8476] BTRFS error (device loop1): nologreplay must be used with ro mount option [ 483.493635][ T8476] BTRFS error (device loop1): cannot disable free-space-tree [ 483.505529][ T8476] BTRFS error (device loop1): open_ctree failed: -22 [ 484.240768][ T5799] EXT4-fs (loop3): unmounting filesystem 05000000-0000-0000-0000-000000000000. [ 485.478846][ T8496] loop3: detected capacity change from 0 to 32768 [ 485.512554][ T8496] (syz.3.1089,8496,1):ocfs2_verify_userspace_stack:858 ERROR: cluster stack passed to mount, but this filesystem does not support it [ 485.529741][ T8496] (syz.3.1089,8496,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 485.538037][ T8499] vlan0: entered promiscuous mode [ 485.570899][ T8499] team0: Port device vlan0 added [ 486.236694][ T8506] usb usb8: usbfs: process 8506 (syz.0.1095) did not claim interface 0 before use [ 487.704314][ T5857] IPVS: starting estimator thread 0... [ 487.811595][ T8530] IPVS: using max 192 ests per chain, 9600 per kthread [ 488.061587][ T5857] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 488.275823][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 488.290544][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 488.301009][ T5857] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 488.310644][ T5857] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.425318][ T5857] usb 5-1: config 0 descriptor?? [ 488.584865][ T8543] loop1: detected capacity change from 0 to 64 [ 488.895692][ T5857] isku 0003:1E7D:319C.000B: item fetching failed at offset 5/7 [ 488.919298][ T5857] isku 0003:1E7D:319C.000B: parse failed [ 488.929628][ T5857] isku 0003:1E7D:319C.000B: probe with driver isku failed with error -22 [ 489.066912][ T8545] xt_CT: No such helper "pptp" [ 489.106317][ T24] usb 5-1: USB disconnect, device number 8 [ 489.453889][ T8551] loop3: detected capacity change from 0 to 1024 [ 489.655666][ T8551] syz.3.1117: attempt to access beyond end of device [ 489.655666][ T8551] loop3: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 489.670278][ T8551] Buffer I/O error on dev loop3, logical block 100663296, async page read [ 489.688500][ T8551] hfsplus: unable to mark blocks free: error -5 [ 489.700506][ T8551] hfsplus: can't free extent [ 489.921704][ T8560] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1120'. [ 489.931341][ T8560] tipc: Enabling of bearer rejected, failed to enable media [ 490.663491][ T8570] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1124'. [ 490.676481][ T8570] netlink: 'syz.3.1124': attribute type 30 has an invalid length. [ 490.684984][ T8570] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1124'. [ 492.280938][ T8584] loop4: detected capacity change from 0 to 32768 [ 492.290957][ T8584] bcachefs: bch2_fs_parse_param() Error parsing option move_bytes_in_flight: option_value [ 493.238425][ T8595] overlayfs: statfs failed on './file0' [ 493.473651][ T8606] tipc: Enabling of bearer rejected, media not registered [ 493.546462][ T8607] tipc: Enabling of bearer rejected, failed to enable media [ 495.024956][ T8629] loop4: detected capacity change from 0 to 256 [ 495.077532][ T8629] exfat: Deprecated parameter 'namecase' [ 495.083931][ T8629] exfat: Deprecated parameter 'utf8' [ 495.089860][ T8629] exfat: Deprecated parameter 'namecase' [ 495.096190][ T8629] exfat: Deprecated parameter 'utf8' [ 495.097215][ T8631] overlayfs: missing 'workdir' [ 495.303298][ T8629] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 495.707600][ T8630] loop0: detected capacity change from 0 to 4096 [ 496.043317][ T8637] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1157'. [ 496.052876][ T8637] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1157'. [ 496.062476][ T8637] netlink: 'syz.3.1157': attribute type 11 has an invalid length. [ 497.106379][ T8650] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 497.532805][ T8656] netlink: 'syz.2.1164': attribute type 18 has an invalid length. [ 497.559426][ T8656] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 497.571485][ T8656] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 497.580594][ T8656] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 497.590699][ T8656] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 498.320799][ T8666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1169'. [ 498.330861][ T8666] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1169'. [ 498.341926][ T8666] netlink: 'syz.2.1169': attribute type 19 has an invalid length. [ 499.015508][ T8673] loop0: detected capacity change from 0 to 1024 [ 500.293511][ T8690] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1181'. [ 500.602942][ T8694] lo speed is unknown, defaulting to 1000 [ 502.065079][ T8715] sp0: Synchronizing with TNC [ 502.195931][ T8715] sp0: Found TNC [ 502.718773][ T8725] loop0: detected capacity change from 0 to 512 [ 502.791596][ T8725] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 502.860384][ T8728] dummy0: entered promiscuous mode [ 502.903747][ T8726] dummy0: left promiscuous mode [ 502.913653][ T8725] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 502.948526][ T8725] System zones: 0-2, 18-18, 34-34 [ 503.024797][ T8725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 503.038277][ T8725] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 503.509920][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 504.673660][ T8757] loop3: detected capacity change from 0 to 1024 [ 504.907005][ T30] audit: type=1800 audit(1750822797.452:85): pid=8757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1211" name="file1" dev="loop3" ino=20 res=0 errno=0 [ 504.974055][ T30] audit: type=1804 audit(1750822797.522:86): pid=8757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1211" name="/newroot/252/file0/file1" dev="loop3" ino=20 res=1 errno=0 [ 505.775763][ T30] audit: type=1326 audit(1750822798.332:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8774 comm="syz.2.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 505.910805][ T30] audit: type=1326 audit(1750822798.382:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8774 comm="syz.2.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 505.937575][ T30] audit: type=1326 audit(1750822798.382:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8774 comm="syz.2.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 505.972994][ T30] audit: type=1326 audit(1750822798.392:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8774 comm="syz.2.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 506.001896][ T30] audit: type=1326 audit(1750822798.392:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8774 comm="syz.2.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 506.367823][ T8782] loop0: detected capacity change from 0 to 1024 [ 506.503055][ T8782] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 506.525011][ T5857] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 506.742919][ T5857] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 506.752649][ T5857] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 506.760972][ T5857] usb 4-1: Product: syz [ 506.768646][ T5857] usb 4-1: Manufacturer: syz [ 506.773843][ T5857] usb 4-1: SerialNumber: syz [ 506.825562][ T5857] usb 4-1: config 0 descriptor?? [ 506.978751][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.014502][ T8794] loop4: detected capacity change from 0 to 512 [ 507.062409][ T5857] usb 4-1: ignoring: probably an ADSL modem [ 507.174264][ T8794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 507.188259][ T8794] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 507.426239][ T8794] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.1225: lblock 8 mapped to illegal pblock 3 (length 26) [ 507.485256][ T8801] Bluetooth: MGMT ver 1.23 [ 507.494555][ T5857] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 507.558038][ T5857] usb 4-1: USB disconnect, device number 5 [ 507.742767][ T5800] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 508.192651][ T8803] loop4: detected capacity change from 0 to 764 [ 508.514149][ T8803] rock: directory entry would overflow storage [ 508.522824][ T8803] rock: sig=0x4f50, size=4, remaining=3 [ 508.528649][ T8803] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 511.997364][ T8853] netlink: 'syz.2.1255': attribute type 3 has an invalid length. [ 513.277099][ T8877] loop4: detected capacity change from 0 to 128 [ 513.330797][ T8877] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 513.449086][ T8877] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 514.500856][ T8894] loop0: detected capacity change from 0 to 16 [ 514.595038][ T8894] erofs (device loop0): mounted with root inode @ nid 36. [ 514.646692][ T30] audit: type=1800 audit(1750822807.202:92): pid=8894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1274" name="file1" dev="loop0" ino=86 res=0 errno=0 [ 514.825220][ T8898] netlink: 'syz.3.1276': attribute type 3 has an invalid length. [ 515.230500][ T8906] program syz.0.1279 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 515.251523][ T8905] tipc: Enabling of bearer rejected, failed to enable media [ 515.411422][ T30] audit: type=1326 audit(1750822807.972:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.3.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 515.437411][ T30] audit: type=1326 audit(1750822807.982:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.3.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 515.460235][ T30] audit: type=1326 audit(1750822807.982:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.3.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981618e929 code=0x7ffc0000 [ 517.218135][ T8918] loop3: detected capacity change from 0 to 32768 [ 517.239556][ T8918] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1286 (8918) [ 517.267288][ T8918] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 517.278028][ T8918] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 517.290352][ T8918] BTRFS error (device loop3): cannot disable free-space-tree [ 517.298220][ T8918] BTRFS info (device loop3): disk space caching is enabled [ 517.305986][ T8918] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 517.324651][ T8918] BTRFS error (device loop3): open_ctree failed: -22 [ 517.443225][ T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 517.698236][ T24] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0 [ 517.710436][ T24] usb 2-1: config 0 interface 0 has no altsetting 0 [ 517.718372][ T24] usb 2-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00 [ 517.728114][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.982899][ T24] usb 2-1: config 0 descriptor?? [ 518.563741][ T24] magicmouse 0003:05AC:0269.000C: hidraw0: USB HID v10.00 Device [HID 05ac:0269] on usb-dummy_hcd.1-1/input0 [ 518.683663][ T24] usb 2-1: USB disconnect, device number 3 [ 519.286976][ T8950] loop0: detected capacity change from 0 to 64 [ 519.578741][ T8952] loop3: detected capacity change from 0 to 256 [ 519.807488][ T8952] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 520.249476][ T24] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 520.454076][ T24] usb 3-1: config index 0 descriptor too short (expected 126, got 72) [ 520.532171][ T24] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 520.542330][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 520.550666][ T24] usb 3-1: Product: syz [ 520.555431][ T24] usb 3-1: Manufacturer: syz [ 520.560350][ T24] usb 3-1: SerialNumber: syz [ 520.691725][ T24] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 521.033470][ T1862] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 521.309891][ T76] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 521.765787][ T76] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 521.889933][ T5857] usb 3-1: USB disconnect, device number 3 [ 522.036039][ T76] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.220632][ T76] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.438231][ T76] bridge_slave_1: left allmulticast mode [ 522.444679][ T76] bridge_slave_1: left promiscuous mode [ 522.455751][ T76] bridge0: port 2(bridge_slave_1) entered disabled state [ 522.500228][ T76] bridge_slave_0: left allmulticast mode [ 522.507391][ T76] bridge_slave_0: left promiscuous mode [ 522.514658][ T76] bridge0: port 1(bridge_slave_0) entered disabled state [ 522.981617][ T1862] usb 3-1: Service connection timeout for: 257 [ 522.988219][ T1862] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services [ 523.000505][ T1862] ath9k_htc: Failed to initialize the device [ 523.009173][ T5857] usb 3-1: ath9k_htc: USB layer deinitialized [ 523.158133][ T76] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 523.206253][ T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 523.239542][ T76] bond0 (unregistering): Released all slaves [ 523.945779][ T76] hsr_slave_0: left promiscuous mode [ 524.003250][ T76] hsr_slave_1: left promiscuous mode [ 524.012783][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 524.020611][ T76] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 524.115073][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 524.123056][ T76] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 524.155939][ T76] veth1_macvtap: left promiscuous mode [ 524.162185][ T76] veth0_macvtap: left promiscuous mode [ 524.168192][ T76] veth1_vlan: left promiscuous mode [ 524.176945][ T76] veth0_vlan: left promiscuous mode [ 525.238533][ T5807] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 525.280853][ T5807] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 525.320839][ T5807] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 525.465209][ T5807] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 525.478735][ T5807] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 525.498926][ T5812] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 525.509163][ T5812] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 525.524166][ T5812] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 525.538956][ T5812] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 525.552341][ T5812] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 525.601847][ T76] team0 (unregistering): Port device team_slave_1 removed [ 525.634147][ T76] team0 (unregistering): Port device team_slave_0 removed [ 526.332031][ T8989] lo speed is unknown, defaulting to 1000 [ 526.433043][ T8996] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1324'. [ 526.507914][ T8996] 8021q: VLANs not supported on lo [ 526.582782][ T76] IPVS: stop unused estimator thread 0... [ 527.304430][ T8989] chnl_net:caif_netlink_parms(): no params data found [ 527.415358][ T5857] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 527.624023][ T5807] Bluetooth: hci1: command tx timeout [ 527.700013][ T5857] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 527.710967][ T5857] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 527.720527][ T5857] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 527.733520][ T5857] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 527.807972][ T5857] usb 5-1: config 0 descriptor?? [ 527.859726][ T5857] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 527.869934][ T5857] dvb-usb: bulk message failed: -22 (3/0) [ 527.932779][ T5857] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 527.968137][ T5857] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 527.984101][ T5857] usb 5-1: media controller created [ 528.012564][ T5857] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 528.056585][ T9006] dvb-usb: bulk message failed: -22 (2/0) [ 528.130140][ T5857] dvb-usb: bulk message failed: -22 (6/0) [ 528.136772][ T5857] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 528.247094][ T5857] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input10 [ 528.302784][ T5857] dvb-usb: schedule remote query interval to 150 msecs. [ 528.310059][ T5857] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 528.407088][ T5857] usb 5-1: USB disconnect, device number 9 [ 528.524003][ T5857] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 528.983859][ T9030] loop1: detected capacity change from 0 to 256 [ 529.052739][ T8989] bridge0: port 1(bridge_slave_0) entered blocking state [ 529.060574][ T8989] bridge0: port 1(bridge_slave_0) entered disabled state [ 529.068945][ T8989] bridge_slave_0: entered allmulticast mode [ 529.080282][ T8989] bridge_slave_0: entered promiscuous mode [ 529.129248][ T9032] smc: net device bond0 applied user defined pnetid SYZ2 [ 529.194633][ T8989] bridge0: port 2(bridge_slave_1) entered blocking state [ 529.202592][ T8989] bridge0: port 2(bridge_slave_1) entered disabled state [ 529.214434][ T8989] bridge_slave_1: entered allmulticast mode [ 529.224769][ T8989] bridge_slave_1: entered promiscuous mode [ 529.508627][ T8989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 529.568168][ T8989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 529.709658][ T5807] Bluetooth: hci1: command tx timeout [ 529.846344][ T8989] team0: Port device team_slave_0 added [ 529.876922][ T8989] team0: Port device team_slave_1 added [ 530.367768][ T9048] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1347'. [ 530.380546][ T9048] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1347'. [ 530.515115][ T8989] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 530.522546][ T8989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 530.558733][ T8989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 530.755795][ T9050] sp0: Synchronizing with TNC [ 530.765036][ T8989] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 530.772548][ T8989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 530.802471][ T8989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 531.286291][ T8989] hsr_slave_0: entered promiscuous mode [ 531.300229][ T8989] hsr_slave_1: entered promiscuous mode [ 531.309700][ T8989] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 531.317699][ T8989] Cannot create hsr debugfs directory [ 531.796150][ T5807] Bluetooth: hci1: command tx timeout [ 532.930564][ T9065] loop4: detected capacity change from 0 to 32768 [ 533.066996][ T9065] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1356 (9065) [ 533.145252][ T9065] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 533.155978][ T9065] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm [ 533.167703][ T9065] BTRFS error (device loop4): ignoresuperflags must be used with ro mount option [ 533.180212][ T9065] BTRFS info (device loop4): using free-space-tree [ 533.188338][ T9065] BTRFS error (device loop4): open_ctree failed: -22 [ 533.668744][ T9075] loop0: detected capacity change from 0 to 4096 [ 533.864041][ T9075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 533.878641][ T5807] Bluetooth: hci1: command tx timeout [ 534.158972][ T8989] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 534.274935][ T8989] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 534.309919][ T8989] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 534.394883][ T8989] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 534.396090][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.609261][ T8989] 8021q: adding VLAN 0 to HW filter on device bond0 [ 535.785563][ T8989] 8021q: adding VLAN 0 to HW filter on device team0 [ 535.879511][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 535.887536][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 536.025375][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 536.033127][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 536.928398][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 536.935519][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 537.199461][ T9122] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1380'. [ 538.404384][ T8989] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 539.091073][ T9150] loop4: detected capacity change from 0 to 512 [ 539.187066][ T9150] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 539.251920][ T9150] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 539.309515][ T9150] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 539.332468][ T9150] EXT4-fs (loop4): orphan cleanup on readonly fs [ 539.371569][ T9144] loop0: detected capacity change from 0 to 4096 [ 539.372084][ T9150] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 539.452462][ T9150] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 539.466633][ T9150] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1391: Invalid block bitmap block 0 in block_group 0 [ 539.486354][ T9150] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 539.505449][ T9150] EXT4-fs (loop4): 1 orphan inode deleted [ 539.514211][ T9150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 539.596881][ T9144] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 540.037723][ T5800] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 541.054932][ T8989] veth0_vlan: entered promiscuous mode [ 541.159148][ T8989] veth1_vlan: entered promiscuous mode [ 541.515852][ T8989] veth0_macvtap: entered promiscuous mode [ 541.577634][ T8989] veth1_macvtap: entered promiscuous mode [ 541.749732][ T8989] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 541.854880][ T8989] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 541.922803][ T8989] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.935962][ T8989] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.945245][ T8989] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.954598][ T8989] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.986130][ T9179] tunl0: entered allmulticast mode [ 544.638126][ T30] audit: type=1326 audit(1750822837.172:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.4.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068358e929 code=0x7ffc0000 [ 544.758851][ T30] audit: type=1326 audit(1750822837.252:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.4.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068358e929 code=0x7ffc0000 [ 544.783668][ T30] audit: type=1326 audit(1750822837.262:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.4.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f068358e929 code=0x7ffc0000 [ 544.807695][ T30] audit: type=1326 audit(1750822837.262:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.4.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068358e929 code=0x7ffc0000 [ 544.832915][ T30] audit: type=1326 audit(1750822837.262:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.4.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068358e929 code=0x7ffc0000 [ 544.855896][ T30] audit: type=1326 audit(1750822837.292:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.4.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f068358e929 code=0x7ffc0000 [ 544.880844][ T30] audit: type=1326 audit(1750822837.292:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.4.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068358e929 code=0x7ffc0000 [ 545.516154][ T9227] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 545.516154][ T9227] program syz.4.1418 not setting count and/or reply_len properly [ 545.838543][ T9230] loop0: detected capacity change from 0 to 1024 [ 545.965970][ T9230] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 545.986297][ T9230] ext4 filesystem being mounted at /285/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 546.057571][ T30] audit: type=1800 audit(1750822838.612:103): pid=9230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1419" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 546.286006][ T9242] tipc: Enabled bearer , priority 10 [ 546.348969][ T9244] loop1: detected capacity change from 0 to 256 [ 546.439698][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 546.857953][ T9244] FAT-fs (loop1): Directory bread(block 64) failed [ 546.865807][ T9244] FAT-fs (loop1): Directory bread(block 65) failed [ 546.873129][ T9244] FAT-fs (loop1): Directory bread(block 66) failed [ 546.879957][ T9244] FAT-fs (loop1): Directory bread(block 67) failed [ 546.887248][ T9244] FAT-fs (loop1): Directory bread(block 68) failed [ 546.894382][ T9244] FAT-fs (loop1): Directory bread(block 69) failed [ 546.901595][ T9244] FAT-fs (loop1): Directory bread(block 70) failed [ 546.908437][ T9244] FAT-fs (loop1): Directory bread(block 71) failed [ 546.915785][ T9244] FAT-fs (loop1): Directory bread(block 72) failed [ 546.924879][ T9244] FAT-fs (loop1): Directory bread(block 73) failed [ 547.414647][ T5857] tipc: Node number set to 4294967295 [ 547.821782][ T24] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 547.998627][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 548.011462][ T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 548.025424][ T24] usb 3-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice= 0.00 [ 548.035007][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 548.083227][ T9256] loop4: detected capacity change from 0 to 4096 [ 548.162666][ T24] usb 3-1: config 0 descriptor?? [ 548.170929][ T9258] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 548.330308][ T9256] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 548.344058][ T9256] ntfs3(loop4): Failed to load $Extend (-22). [ 548.350838][ T9256] ntfs3(loop4): Failed to initialize $Extend. [ 548.707974][ T24] apple 0003:05AC:0264.000D: unknown main item tag 0x6 [ 548.787155][ T24] apple 0003:05AC:0264.000D: hidraw0: USB HID vff.fa Device [HID 05ac:0264] on usb-dummy_hcd.2-1/input0 [ 548.946403][ T24] usb 3-1: USB disconnect, device number 4 [ 548.994037][ T9271] loop1: detected capacity change from 0 to 256 [ 549.200712][ T9271] FAT-fs (loop1): Directory bread(block 64) failed [ 549.208071][ T9271] FAT-fs (loop1): Directory bread(block 65) failed [ 549.218548][ T9271] FAT-fs (loop1): Directory bread(block 66) failed [ 549.225574][ T9271] FAT-fs (loop1): Directory bread(block 67) failed [ 549.232682][ T9271] FAT-fs (loop1): Directory bread(block 68) failed [ 549.239491][ T9271] FAT-fs (loop1): Directory bread(block 69) failed [ 549.249958][ T9271] FAT-fs (loop1): Directory bread(block 70) failed [ 549.256967][ T9271] FAT-fs (loop1): Directory bread(block 71) failed [ 549.264238][ T9271] FAT-fs (loop1): Directory bread(block 72) failed [ 549.271065][ T9271] FAT-fs (loop1): Directory bread(block 73) failed [ 549.372759][ T2899] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 549.386392][ T2899] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 549.398152][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 549.398261][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 551.240690][ T30] audit: type=1326 audit(1750822843.802:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 551.341537][ T30] audit: type=1326 audit(1750822843.842:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 551.365719][ T30] audit: type=1326 audit(1750822843.852:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 551.389783][ T30] audit: type=1326 audit(1750822843.852:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 551.412952][ T30] audit: type=1326 audit(1750822843.862:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 551.703400][ T30] audit: type=1326 audit(1750822844.122:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 551.727968][ T30] audit: type=1326 audit(1750822844.122:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 553.037665][ T9307] loop5: detected capacity change from 0 to 32768 [ 553.157825][ T9307] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 553.157963][ T9307] allowing incompatible features above 0.0: (unknown version) [ 553.158061][ T9307] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 553.200422][ T9307] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 553.209896][ T9307] bcachefs (loop5): superblock marked clean but clean section not present, shutting down [ 553.210005][ T9307] error not marked as autofix and not in fsck [ 553.210088][ T9307] run fsck, and forward to devs so error can be marked for self-healing [ 553.210176][ T9307] emergency read only at seq 0 [ 553.241566][ T9307] bcachefs (loop5): error in recovery: fsck_errors_not_fixed [ 553.249284][ T9307] bcachefs (loop5): bch2_fs_start(): error starting filesystem fsck_errors_not_fixed [ 553.254508][ T9315] netlink: 'syz.0.1452': attribute type 322 has an invalid length. [ 553.259218][ T9307] bcachefs (loop5): shutting down [ 553.377976][ T9307] bcachefs (loop5): shutdown complete [ 554.116578][ T9307] bcachefs: bch2_fs_get_tree() error: fsck_errors_not_fixed [ 554.962239][ T9336] loop1: detected capacity change from 0 to 256 [ 554.983191][ T9336] exfat: Deprecated parameter 'namecase' [ 555.048265][ T9336] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 555.405793][ T9342] raw_sendmsg: syz.0.1464 forgot to set AF_INET. Fix it! [ 556.005135][ T9350] loop4: detected capacity change from 0 to 1024 [ 556.174527][ T30] audit: type=1800 audit(1750822848.732:111): pid=9350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1468" name="memory.events" dev="loop4" ino=26 res=0 errno=0 [ 556.255559][ T30] audit: type=1804 audit(1750822848.822:112): pid=9350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1468" name="/newroot/278/file2/memory.events" dev="loop4" ino=26 res=1 errno=0 [ 556.638076][ T3946] hfsplus: b-tree write err: -5, ino 4 [ 557.080029][ T9359] loop1: detected capacity change from 0 to 4096 [ 557.117615][ T9367] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1476'. [ 557.128742][ T9359] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 557.188454][ T9359] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096) [ 557.315648][ T9369] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 557.519530][ T9370] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1477'. [ 557.832103][ T9374] loop0: detected capacity change from 0 to 2048 [ 557.958317][ T9374] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 558.233519][ T9378] loop5: detected capacity change from 0 to 512 [ 558.307910][ T9378] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 558.316934][ T9378] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 558.442807][ T9378] System zones: 0-1, 15-15, 18-18, 34-34 [ 558.450082][ T9378] EXT4-fs (loop5): orphan cleanup on readonly fs [ 558.457370][ T9378] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0 [ 558.467344][ T9378] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 558.482744][ T9378] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 558.652655][ T9378] EXT4-fs (loop5): 1 truncate cleaned up [ 558.661006][ T9378] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 559.018152][ T8989] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.329615][ T9395] loop4: detected capacity change from 0 to 32768 [ 560.496702][ T9395] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,gc_reserve_percent=15,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,no_data_io [ 560.496874][ T9395] allowing incompatible features above 0.0: (unknown version) [ 560.496975][ T9395] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 560.552547][ T9395] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 560.565140][ T9395] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 560.574922][ T9395] bcachefs (loop4): Version upgrade required: [ 560.574922][ T9395] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 560.574922][ T9395] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 560.574922][ T9395] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 560.628873][ T9407] loop1: detected capacity change from 0 to 64 [ 560.661588][ T9406] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1490'. [ 560.757136][ T9395] bcachefs (loop4): accounting_read... done [ 560.768490][ T9395] bcachefs (loop4): alloc_read... done [ 560.779934][ T9395] bcachefs (loop4): snapshots_read... done [ 560.791567][ T9395] bcachefs (loop4): done starting filesystem [ 560.894917][ T9407] hfs: unable to locate alternate MDB [ 560.900637][ T9407] hfs: continuing without an alternate MDB [ 561.086496][ T5800] bcachefs (loop4): shutting down [ 561.183388][ T5800] bcachefs (loop4): shutdown complete [ 562.509969][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 563.812317][ T9437] binder: 9436:9437 ioctl c00c620f 200000000100 returned -22 [ 564.062985][ T9443] veth0_to_bond: entered allmulticast mode [ 565.848297][ T9470] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1523'. [ 565.893294][ T9470] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 566.005360][ T9470] netdevsim netdevsim5 netdevsim0: left promiscuous mode [ 567.295155][ T9491] tipc: Started in network mode [ 567.304268][ T9491] tipc: Node identity , cluster identity 4711 [ 567.316670][ T9491] tipc: Failed to obtain node identity [ 567.322875][ T9491] tipc: Enabling of bearer rejected, failed to enable media [ 567.915643][ T9503] binder: BINDER_SET_CONTEXT_MGR already set [ 567.922319][ T9503] binder: 9500:9503 ioctl 40046207 0 returned -16 [ 568.356801][ T9509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1542'. [ 568.387324][ T9509] erspan0: entered promiscuous mode [ 568.405267][ T9509] erspan0: left promiscuous mode [ 569.120028][ T9522] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1547'. [ 569.922956][ T9536] netlink: 6 bytes leftover after parsing attributes in process `syz.0.1554'. [ 570.261853][ T5857] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 570.541603][ T5857] usb 2-1: Using ep0 maxpacket: 8 [ 570.583366][ T9549] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1560'. [ 570.615088][ T5857] usb 2-1: unable to get BOS descriptor or descriptor too short [ 570.638375][ T5857] usb 2-1: config 4 interface 0 has no altsetting 0 [ 570.727141][ T5857] usb 2-1: string descriptor 0 read error: -22 [ 570.734609][ T5857] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 570.747425][ T5857] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 570.814392][ T5857] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 570.853004][ T5857] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 570.868202][ T5857] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 570.875882][ T5857] usb 2-1: media controller created [ 570.966918][ T5857] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 571.032498][ T9538] usb 2-1: dvb_usb_au6610: wlen=0, aborting [ 571.148388][ T5857] zl10353_read_register: readreg error (reg=127, ret==0) [ 571.519575][ T9558] loop5: detected capacity change from 0 to 128 [ 571.580478][ T9558] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 571.630433][ T9558] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 571.699304][ T9558] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:375: inode #2: comm syz.5.1565: No space for directory leaf checksum. Please run e2fsck -D. [ 571.725197][ T9558] EXT4-fs error (device loop5): htree_dirblock_to_tree:1051: inode #2: comm syz.5.1565: Directory block failed checksum [ 571.835429][ T5857] usb 2-1: USB disconnect, device number 4 [ 572.164333][ T8989] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 572.433066][ T9568] loop1: detected capacity change from 0 to 256 [ 572.583780][ T9568] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 573.080506][ T9574] lo speed is unknown, defaulting to 1000 [ 574.623062][ T9585] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 577.362819][ T9625] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1596'. [ 577.976701][ T9632] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 578.143087][ T9638] loop4: detected capacity change from 0 to 512 [ 578.327957][ T9638] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 578.341647][ T9638] ext4 filesystem being mounted at /301/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 578.939554][ T5800] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 578.954267][ T9650] rdma_op ffff88804c56e980 conn xmit_rdma 0000000000000000 [ 580.552235][ T9679] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1620'. [ 581.241646][ T30] audit: type=1326 audit(1750822873.782:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9687 comm="syz.4.1625" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f068358e929 code=0x0 [ 581.422098][ T9692] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1626'. [ 582.829635][ T9708] loop5: detected capacity change from 0 to 256 [ 582.906838][ T9708] exfat: Deprecated parameter 'namecase' [ 582.916425][ T9708] exfat: Deprecated parameter 'utf8' [ 582.922513][ T9708] exfat: Deprecated parameter 'namecase' [ 582.928500][ T9708] exfat: Deprecated parameter 'utf8' [ 583.058556][ T9708] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 583.494481][ T9716] loop0: detected capacity change from 0 to 512 [ 583.548540][ T9716] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 583.591026][ T9716] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0102] [ 583.604651][ T9716] EXT4-fs (loop0): orphan cleanup on readonly fs [ 583.615791][ T9716] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #11: comm syz.0.1637: attempt to clear invalid blocks 1024 len 1 [ 583.653130][ T9716] EXT4-fs (loop0): Remounting filesystem read-only [ 583.743288][ T9716] EXT4-fs (loop0): 1 truncate cleaned up [ 583.755364][ T9716] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 583.896106][ T9716] kernel profiling enabled (shift: 63) [ 583.905317][ T9716] profiling shift: 63 too large [ 584.253693][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 584.268003][ T5857] IPVS: starting estimator thread 0... [ 584.362095][ T9730] IPVS: using max 192 ests per chain, 9600 per kthread [ 585.123267][ T9744] loop5: detected capacity change from 0 to 8 [ 585.644001][ T9748] loop0: detected capacity change from 0 to 512 [ 585.690501][ T9748] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 585.821662][ T9748] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1651: couldn't read orphan inode 26 (err -116) [ 585.931444][ T9748] EXT4-fs (loop0): Remounting filesystem read-only [ 585.947989][ T9748] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 585.966803][ T9748] ext4 filesystem being mounted at /330/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 586.156552][ T9759] loop4: detected capacity change from 0 to 1024 [ 586.382385][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.779969][ T3691] hfsplus: b-tree write err: -5, ino 4 [ 588.680031][ T24] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0 [ 588.688370][ T24] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0 [ 588.696584][ T24] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0 [ 588.819439][ T24] hid-generic 0000:0004:0000.000E: hidraw0: HID v0.00 Device [syz0] on syz1 [ 589.546971][ T9797] loop1: detected capacity change from 0 to 256 [ 589.713554][ T9797] FAT-fs (loop1): error, clusters badly computed (1 != 0) [ 590.259649][ T9807] [U] ¹ÉMÙ­ÕÁQ&’Ù Kœ4 [ 590.982374][ T24] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 591.166600][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 591.199612][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 591.212051][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 591.222639][ T24] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 591.232277][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 591.255323][ T24] usb 2-1: config 0 descriptor?? [ 591.760148][ T24] ntrig 0003:1B96:0008.000F: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.1-1/input0 [ 591.972480][ T24] usb 2-1: USB disconnect, device number 5 [ 593.661321][ T9851] loop5: detected capacity change from 0 to 512 [ 593.685668][ T9851] EXT4-fs: Ignoring removed mblk_io_submit option [ 593.693028][ T9851] EXT4-fs: Ignoring removed mblk_io_submit option [ 593.756310][ T9851] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 593.808859][ T9851] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a04ec11c, mo2=0002] [ 593.843488][ T9851] System zones: 1-12 [ 593.861859][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 593.886359][ T9851] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.1697: corrupted in-inode xattr: e_value size too large [ 593.956997][ T9851] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.1697: couldn't read orphan inode 15 (err -117) [ 594.044295][ T9851] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 594.376668][ T8989] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.440178][ T9864] loop4: detected capacity change from 0 to 2048 [ 594.614820][ T9867] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 594.935267][ T9873] loop5: detected capacity change from 0 to 1024 [ 594.986048][ T9872] loop0: detected capacity change from 0 to 1024 [ 595.138332][ T9873] hfsplus: bad catalog entry type [ 595.144714][ T9872] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 595.539387][ T2899] hfsplus: b-tree write err: -5, ino 4 [ 595.958880][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.857048][ T9886] loop5: detected capacity change from 0 to 8192 [ 597.155829][ T5857] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 597.341354][ T5857] usb 5-1: Using ep0 maxpacket: 32 [ 597.354898][ T5857] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.375333][ T9904] vim2m vim2m.0: vidioc_s_fmt queue busy [ 597.416591][ T5857] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 597.429507][ T5857] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.438256][ T5857] usb 5-1: Product: syz [ 597.442962][ T5857] usb 5-1: Manufacturer: syz [ 597.447849][ T5857] usb 5-1: SerialNumber: syz [ 597.496989][ T5857] usb 5-1: config 0 descriptor?? [ 597.947886][ T5857] gs_usb 5-1:0.0: Configuring for 38 interfaces [ 597.954618][ T5857] gs_usb 5-1:0.0: Driver cannot handle more that 3 CAN interfaces [ 597.955745][ T30] audit: type=1326 audit(1750822890.502:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.2.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 597.962818][ T5857] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -22 [ 598.134001][ T30] audit: type=1326 audit(1750822890.582:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.2.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 598.157335][ T30] audit: type=1326 audit(1750822890.582:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.2.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 598.180595][ T30] audit: type=1326 audit(1750822890.582:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.2.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 598.201050][ T5857] usb 5-1: USB disconnect, device number 10 [ 598.204010][ T30] audit: type=1326 audit(1750822890.602:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.2.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 598.235107][ T30] audit: type=1326 audit(1750822890.602:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.2.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 598.259059][ T30] audit: type=1326 audit(1750822890.602:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.2.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f535718e929 code=0x7ffc0000 [ 598.374692][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 598.381846][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 598.495314][ T9914] loop5: detected capacity change from 0 to 64 [ 598.541961][ T9916] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1728'. [ 598.551818][ T9916] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1728'. [ 600.194054][ T9924] loop5: detected capacity change from 0 to 32768 [ 600.352957][ T9924] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=xxhash,compression=lz4,str_hash=crc64,norecovery,reconstruct_alloc [ 600.353114][ T9924] allowing incompatible features above 0.0: (unknown version) [ 600.353215][ T9924] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 600.408159][ T9924] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 600.418704][ T9924] bcachefs (loop5): invalid bkey in superblock btree=extents level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 2560 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 600.418857][ T9924] size != 0, deleting [ 600.448080][ T9924] bcachefs (loop5): invalid journal entry, version=1.7: mi_btree_bitmap type=blacklist_v2 in superblock: invalid journal seq blacklist entry: bad size, fixing [ 600.465241][ T9924] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 600.483830][ T9924] bcachefs (loop5): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete [ 600.483830][ T9924] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive [ 600.483830][ T9924] running recovery passes: check_extents_to_backpointers,check_inodes [ 600.520519][ T9924] bcachefs (loop5): dropping and reconstructing all alloc info [ 600.588654][ T9924] bcachefs (loop5): accounting_read... done [ 600.605355][ T9924] bcachefs (loop5): alloc_read... done [ 600.613722][ T9924] bcachefs (loop5): snapshots_read... done [ 600.622973][ T9924] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean [ 600.637981][ T9924] bcachefs (loop5): done starting filesystem [ 600.879954][ T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 600.902293][ T8989] bcachefs (loop5): shutting down [ 601.024342][ T8989] bcachefs (loop5): shutdown complete [ 601.153345][ T24] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00 [ 601.163191][ T24] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 601.171737][ T24] usb 5-1: Product: syz [ 601.176237][ T24] usb 5-1: SerialNumber: syz [ 601.189605][ T9943] loop1: detected capacity change from 0 to 512 [ 601.217400][ T9943] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 601.250986][ T24] usb 5-1: config 0 descriptor?? [ 601.321687][ T9943] EXT4-fs (loop1): 1 truncate cleaned up [ 601.330047][ T9943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 601.683393][ T24] hso 5-1:0.0: Failed to find BULK IN ep [ 601.863511][ T24] usb 5-1: USB disconnect, device number 11 [ 602.529353][ T5797] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.750698][ T9948] loop0: detected capacity change from 0 to 40427 [ 602.930052][ T9961] loop4: detected capacity change from 0 to 64 [ 603.221971][ T9948] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 606.743594][ T9990] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1759'. [ 606.952299][ T9994] TCP: TCP_TX_DELAY enabled [ 608.046482][T10008] loop0: detected capacity change from 0 to 1024 [ 608.894854][T10012] loop1: detected capacity change from 0 to 32768 [ 609.044361][T10012] bcachefs (/dev/loop1): error validating superblock: Invalid time precision: 0 (min 1, max 1000000000) [ 609.056848][T10012] bcachefs: bch2_fs_get_tree() error: invalid_sb_time_precision [ 609.189050][T10015] loop4: detected capacity change from 0 to 32768 [ 609.218966][T10015] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1769 (10015) [ 609.277003][T10015] BTRFS info (device loop4 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 609.295797][T10015] BTRFS info (device loop4 state S): using crc32c (crc32c-x86_64) checksum algorithm [ 609.311654][T10015] BTRFS error (device loop4 state S): ignoremetacsums must be used with ro mount option [ 609.321981][T10015] BTRFS info (device loop4 state S): using free-space-tree [ 609.342779][T10015] BTRFS error (device loop4 state S): open_ctree failed: -22 [ 609.826726][T10008] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 609.839908][T10008] ext4 filesystem being mounted at /345/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 610.141759][ T30] audit: type=1800 audit(1750822902.702:121): pid=10008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1766" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 610.401911][T10026] loop5: detected capacity change from 0 to 8 [ 610.463612][T10026] SQUASHFS error: zlib decompression failed, data probably corrupt [ 610.472562][T10026] SQUASHFS error: Failed to read block 0x9b: -5 [ 610.479092][T10026] SQUASHFS error: Unable to read metadata cache entry [99] [ 610.486826][T10026] SQUASHFS error: Unable to read inode 0x127 [ 610.542591][ T5857] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 610.601688][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 610.756888][ T5857] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 610.774015][ T5857] usb 2-1: New USB device found, idVendor=1c4f, idProduct=0059, bcdDevice= 0.00 [ 610.783821][ T5857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 610.901782][ T5857] usb 2-1: config 0 descriptor?? [ 611.409074][ T5857] sigmamicro 0003:1C4F:0059.0010: unknown main item tag 0x2 [ 611.492962][ T5857] sigmamicro 0003:1C4F:0059.0010: hidraw0: USB HID v1.05 Device [HID 1c4f:0059] on usb-dummy_hcd.1-1/input0 [ 611.513712][T10037] loop5: detected capacity change from 0 to 1764 [ 611.573749][ T24] usb 2-1: USB disconnect, device number 6 [ 613.737248][T10064] sp0: Synchronizing with TNC [ 613.905850][T10064] [U] è [ 613.968343][T10067] [U] . [ 615.215717][T10091] loop0: detected capacity change from 0 to 64 [ 616.215996][T10107] loop0: detected capacity change from 0 to 512 [ 616.274899][T10107] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 616.683769][T10107] EXT4-fs (loop0): 1 truncate cleaned up [ 616.692483][T10107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 617.125984][T10111] loop1: detected capacity change from 0 to 32768 [ 617.136733][T10111] XFS: attr2 mount option is deprecated. [ 617.147706][T10107] EXT4-fs error (device loop0): __ext4_iget:5379: inode #12: block 2: comm syz.0.1806: invalid block [ 617.254421][T10111] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 617.333476][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.643981][T10111] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x1b9/0x300, xfs_agf block 0x1 [ 617.655777][T10111] XFS (loop1): Unmount and run xfs_repair [ 617.663809][T10111] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 617.671737][T10111] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 10 00 XAGF............ [ 617.684743][T10111] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01 ................ [ 617.695441][T10111] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 617.704956][T10111] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00 ................ [ 617.714368][T10111] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 617.723812][T10111] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01 ................ [ 617.733197][T10111] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ................ [ 617.742623][T10111] 00000070: 13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 617.752067][T10111] XFS (loop1): metadata I/O error in "xfs_read_agf+0x23d/0x550" at daddr 0x1 len 1 error 74 [ 617.770327][T10111] XFS (loop1): Error -117 reserving per-AG metadata reserve pool. [ 617.778903][T10111] XFS (loop1): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x4d7/0x590 (fs/xfs/xfs_fsops.c:566). Shutting down filesystem. [ 617.798108][T10111] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 617.807998][T10111] XFS (loop1): Ending clean mount [ 617.814367][T10111] XFS (loop1): Failed to initialize disk quotas, err -5. [ 617.822203][T10111] XFS (loop1): Error -5 reserving per-AG metadata reserve pool. [ 618.579619][T10138] loop0: detected capacity change from 0 to 2048 [ 618.736075][T10138] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 618.749153][T10138] ext4 filesystem being mounted at /355/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 619.144219][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.636639][ T24] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 619.712304][ T24] hid-generic 0000:0000:0000.0011: hidraw0: HID v0.00 Device [syz0] on syz0 [ 619.892653][T10161] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1824'. [ 620.068175][T10164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1828'. [ 620.539367][T10172] loop5: detected capacity change from 0 to 256 [ 620.715770][T10172] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x09567547, utbl_chksum : 0xe619d30d) [ 620.923893][T10176] exFAT-fs (loop5): start_clu is invalid cluster(0xffffffff) [ 621.662555][T10186] sctp: [Deprecated]: syz.4.1838 (pid 10186) Use of int in max_burst socket option. [ 621.662555][T10186] Use struct sctp_assoc_value instead [ 621.755802][ T5857] hid-generic 0000:0005:0009.0012: unknown main item tag 0x0 [ 621.763807][ T5857] hid-generic 0000:0005:0009.0012: unknown main item tag 0x0 [ 621.774942][ T5857] hid-generic 0000:0005:0009.0012: unknown main item tag 0x0 [ 621.808142][T10184] loop5: detected capacity change from 0 to 1024 [ 621.890789][ T5857] hid-generic 0000:0005:0009.0012: hidraw0: HID v0.02 Device [syz0] on syz1 [ 622.070671][ T58] hfsplus: b-tree write err: -5, ino 4 [ 624.081562][ T24] usb 3-1: new low-speed USB device number 5 using dummy_hcd [ 624.339161][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 624.351522][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 624.362056][ T24] usb 3-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00 [ 624.371626][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.492171][ T24] usb 3-1: config 0 descriptor?? [ 624.648346][ T30] audit: type=1326 audit(1750822917.212:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10228 comm="syz.1.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 624.672435][ T30] audit: type=1326 audit(1750822917.212:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10228 comm="syz.1.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 624.803926][ T30] audit: type=1326 audit(1750822917.272:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10228 comm="syz.1.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 624.827909][ T30] audit: type=1326 audit(1750822917.292:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10228 comm="syz.1.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 624.854346][ T30] audit: type=1326 audit(1750822917.292:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10228 comm="syz.1.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc3af8e929 code=0x7ffc0000 [ 625.069005][ T24] glorious 0003:258A:0036.0013: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.2-1/input0 [ 625.208921][ T5857] usb 3-1: USB disconnect, device number 5 [ 626.989331][T10259] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1872'. [ 627.010977][T10259] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1872'. [ 627.414587][T10265] x_tables: ip_tables: udp match: only valid for protocol 17 [ 627.705427][T10270] loop5: detected capacity change from 0 to 512 [ 627.827889][T10270] fscrypt (loop5, inode 2): Error -61 getting encryption context [ 627.846279][T10270] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -61 [ 627.891574][T10270] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #13: comm syz.5.1877: iget: bad i_size value: 12154757448730 [ 627.970425][T10270] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.1877: couldn't read orphan inode 13 (err -117) [ 628.020045][T10270] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 628.445391][ T8989] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 630.278163][ T30] audit: type=1800 audit(1750822922.832:127): pid=10312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1896" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 630.807318][T10318] rtc_cmos 00:00: Alarms can be up to one day in the future [ 631.345421][ T5857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 631.354004][ T5857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 631.362205][ T5857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 631.370231][ T5857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 631.384179][ T5857] rtc rtc0: __rtc_set_alarm: err=-22 [ 634.291043][T10355] loop4: detected capacity change from 0 to 32768 [ 634.482249][ T30] audit: type=1800 audit(1750822927.012:128): pid=10372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1924" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 634.913525][T10355] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 634.950847][T10365] loop0: detected capacity change from 0 to 32768 [ 634.977086][T10365] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section disk_groups: label 0 empty [ 634.977086][T10365] disk_groups (size 640): [ 634.977086][T10365] [parent 0 name ] [deleted] [parent 0 name /] [parent 0 name ] [deleted] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ·] [ 635.018106][T10365] bcachefs: bch2_fs_get_tree() error: invalid_sb_disk_groups [ 635.077855][T10379] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1926'. [ 635.096081][T10379] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 635.587789][T10355] XFS (loop4): Ending clean mount [ 635.612622][T10355] XFS (loop4): Metadata CRC error detected at xfs_inobt_read_verify+0xaf/0x2d0, xfs_finobt block 0x20 [ 635.627499][T10355] XFS (loop4): Unmount and run xfs_repair [ 635.633895][T10355] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 635.641983][T10355] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff FIB3............ [ 635.654218][T10355] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40 ....... .......@ [ 635.663700][T10355] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a ...B..N....xv... [ 635.673022][T10355] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37 .......F......@7 [ 635.685318][T10355] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 635.694664][T10355] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 ................ [ 635.713768][T10355] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 635.729535][T10355] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 635.738831][T10355] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x33d/0x5f0" at daddr 0x20 len 8 error 74 [ 635.754521][T10355] XFS (loop4): Failed to initialize disk quotas, err -117. [ 635.940399][ T5800] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 635.984169][ T5800] XFS (loop4): Uncorrected metadata errors detected; please run xfs_repair. [ 636.479890][T10392] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1933'. [ 636.603618][T10392] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 636.661519][T10393] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 636.718211][T10392] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 636.810558][T10392] bond0 (unregistering): Released all slaves [ 637.931960][ T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 638.132676][ T24] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 638.141729][ T24] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 638.150924][ T24] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 638.164848][ T24] usb 3-1: config 220 has no interface number 2 [ 638.172481][ T24] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 638.187002][ T24] usb 3-1: config 220 interface 0 has no altsetting 0 [ 638.194386][ T24] usb 3-1: config 220 interface 76 has no altsetting 0 [ 638.202152][ T24] usb 3-1: config 220 interface 1 has no altsetting 0 [ 638.402928][ T24] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 638.416554][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 638.425840][ T24] usb 3-1: Product: syz [ 638.430288][ T24] usb 3-1: Manufacturer: syz [ 638.435545][ T24] usb 3-1: SerialNumber: syz [ 638.816882][ T24] usb 3-1: selecting invalid altsetting 0 [ 638.831990][ T24] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 638.838730][ T24] usb 3-1: No valid video chain found. [ 638.988660][ T24] usb 3-1: selecting invalid altsetting 0 [ 638.996581][ T24] usbtest 3-1:220.1: probe with driver usbtest failed with error -22 [ 639.086516][ T24] usb 3-1: USB disconnect, device number 6 [ 639.247360][T10427] loop1: detected capacity change from 0 to 64 [ 639.622212][T10432] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1951'. [ 639.631686][T10432] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1951'. [ 640.420246][T10445] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 640.434471][T10445] Error validating options; rc = [-22] [ 640.878056][T10453] loop4: detected capacity change from 0 to 8 [ 640.979328][T10453] SQUASHFS error: lzo decompression failed, data probably corrupt [ 640.988714][T10453] SQUASHFS error: Failed to read block 0x91: -5 [ 640.999127][T10453] SQUASHFS error: Unable to read metadata cache entry [8f] [ 641.006775][T10453] SQUASHFS error: Unable to read inode 0x11f [ 642.615941][T10474] macsec1: entered promiscuous mode [ 642.621680][T10474] macsec1: entered allmulticast mode [ 643.775686][T10491] loop5: detected capacity change from 0 to 1024 [ 643.975369][T10491] hfsplus: invalid extended attribute record [ 644.323207][ T2899] hfsplus: b-tree write err: -5, ino 4 [ 644.733333][T10507] loop4: detected capacity change from 0 to 64 [ 651.084042][T10548] Invalid ELF header magic: != ELF [ 652.032596][T10581] bpf: Bad value for 'gid' [ 652.640962][T10591] loop0: detected capacity change from 0 to 512 [ 652.782976][T10591] EXT4-fs (loop0): 1 orphan inode deleted [ 652.791629][T10591] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 652.847910][ T2899] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 652.859461][ T2899] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1 [ 652.941752][T10591] ext4 filesystem being mounted at /389/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 653.493918][ T5798] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 654.843457][ T24] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 655.065727][ T24] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 655.075607][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 655.164763][ T24] usb 3-1: config 0 descriptor?? [ 655.190635][ T24] cp210x 3-1:0.0: cp210x converter detected [ 655.675421][ T24] usb 3-1: cp210x converter now attached to ttyUSB0 [ 655.855834][ T30] audit: type=1326 audit(1750822948.422:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10642 comm="syz.5.2048" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd47e18e929 code=0x0 [ 656.017708][ T5860] usb 3-1: USB disconnect, device number 7 [ 656.034357][ T5860] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 656.044160][ T5860] cp210x 3-1:0.0: device disconnected [ 657.391614][ T5860] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 657.571660][ T5860] usb 6-1: Using ep0 maxpacket: 8 [ 657.622835][ T5860] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 657.712915][ T5860] usb 6-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 657.725537][ T5860] usb 6-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 657.735132][ T5860] usb 6-1: Product: syz [ 657.739644][ T5860] usb 6-1: Manufacturer: syz [ 657.744845][ T5860] usb 6-1: SerialNumber: syz [ 658.110042][ T5860] usb 6-1: Handspring Visor / Palm OS: No valid connect info available [ 658.119706][ T5860] usb 6-1: Handspring Visor / Palm OS: port 0, is for Remote File System use [ 658.133216][ T5860] usb 6-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 658.142671][ T5860] usb 6-1: Handspring Visor / Palm OS: Number of ports: 2 [ 658.314142][ T5860] usb 6-1: palm_os_3_probe - error -71 getting bytes available request [ 658.323737][ T5860] visor 6-1:1.0: Handspring Visor / Palm OS converter detected [ 658.382025][ T5860] usb 6-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 658.430413][ T5860] usb 6-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 658.483132][ T5860] usb 6-1: USB disconnect, device number 2 [ 658.507054][ T5860] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 658.575729][ T5860] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 658.587084][ T5860] visor 6-1:1.0: device disconnected [ 659.784237][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 659.820007][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 659.826883][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 660.801445][T10694] loop1: detected capacity change from 0 to 40427 [ 660.814829][T10694] F2FS-fs (loop1): build fault injection rate: 17008 [ 660.822207][T10694] F2FS-fs (loop1): build fault injection type: 0x1f8 [ 661.423611][T10701] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2075'. [ 661.912430][T10705] netlink: 'syz.0.2077': attribute type 1 has an invalid length. [ 661.924078][T10705] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2077'. [ 661.935228][T10705] NCSI netlink: No device for ifindex 320 [ 661.990228][T10703] loop5: detected capacity change from 0 to 4096 [ 662.112918][T10712] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 662.241889][T10711] loop1: detected capacity change from 0 to 512 [ 662.282426][ T30] audit: type=1800 audit(1750822954.852:130): pid=10703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2076" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 662.447131][T10711] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 662.459563][T10711] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 662.470360][T10711] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.2078: Corrupt directory, running e2fsck is recommended [ 662.519317][T10711] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 662.547833][T10711] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.2078: corrupted in-inode xattr: invalid ea_ino [ 662.566708][T10711] EXT4-fs (loop1): Remounting filesystem read-only [ 662.576224][T10711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 662.767510][T10711] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 662.819338][T10720] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2082'. [ 662.832436][T10720] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2082'. [ 663.135767][ T5797] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 664.344024][ T5860] kernel write not supported for file /input/mouse0 (pid: 5860 comm: kworker/1:4) [ 666.067654][T10761] ===================================================== [ 666.075335][T10761] BUG: KMSAN: uninit-value in ieee802154_hdr_push+0x9ac/0xa30 [ 666.083532][T10761] ieee802154_hdr_push+0x9ac/0xa30 [ 666.088938][T10761] ieee802154_header_create+0x854/0xb90 [ 666.094981][T10761] dgram_sendmsg+0xb3d/0x16d0 [ 666.099930][T10761] ieee802154_sock_sendmsg+0x92/0xd0 [ 666.106159][T10761] __sock_sendmsg+0x330/0x3d0 [ 666.111369][T10761] ____sys_sendmsg+0x7e0/0xd80 [ 666.119336][T10761] ___sys_sendmsg+0x271/0x3b0 [ 666.125400][T10761] __x64_sys_sendmsg+0x211/0x3e0 [ 666.130590][T10761] x64_sys_call+0x32fb/0x3db0 [ 666.136319][T10761] do_syscall_64+0xd9/0x210 [ 666.141364][T10761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.147543][T10761] [ 666.150009][T10761] Uninit was stored to memory at: [ 666.155606][T10761] ieee802154_hdr_push+0x9a5/0xa30 [ 666.161257][T10761] ieee802154_header_create+0x854/0xb90 [ 666.167074][T10761] dgram_sendmsg+0xb3d/0x16d0 [ 666.172277][T10761] ieee802154_sock_sendmsg+0x92/0xd0 [ 666.177841][T10761] __sock_sendmsg+0x330/0x3d0 [ 666.184506][T10761] ____sys_sendmsg+0x7e0/0xd80 [ 666.189551][T10761] ___sys_sendmsg+0x271/0x3b0 [ 666.194875][T10761] __x64_sys_sendmsg+0x211/0x3e0 [ 666.200066][T10761] x64_sys_call+0x32fb/0x3db0 [ 666.205418][T10761] do_syscall_64+0xd9/0x210 [ 666.210164][T10761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.219791][T10761] [ 666.223461][T10761] Local variable hdr created at: [ 666.228565][T10761] ieee802154_header_create+0x4e/0xb90 [ 666.234527][T10761] dgram_sendmsg+0xb3d/0x16d0 [ 666.239461][T10761] [ 666.242157][T10761] CPU: 1 UID: 0 PID: 10761 Comm: syz.1.2100 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(undef) [ 666.254809][T10761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 666.265730][T10761] ===================================================== [ 666.273059][T10761] Disabling lock debugging due to kernel taint [ 666.279404][T10761] Kernel panic - not syncing: kmsan.panic set ... [ 666.286036][T10761] CPU: 1 UID: 0 PID: 10761 Comm: syz.1.2100 Tainted: G B 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(undef) [ 666.300104][T10761] Tainted: [B]=BAD_PAGE [ 666.304425][T10761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 666.314701][T10761] Call Trace: [ 666.318149][T10761] [ 666.321248][T10761] __dump_stack+0x26/0x30 [ 666.325857][T10761] dump_stack_lvl+0x53/0x270 [ 666.330732][T10761] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 666.336846][T10761] dump_stack+0x1e/0x25 [ 666.341337][T10761] panic+0x4bd/0xd50 [ 666.345525][T10761] kmsan_report+0x31c/0x320 [ 666.350280][T10761] ? stack_depot_save+0x12/0x20 [ 666.355344][T10761] ? __msan_warning+0x1b/0x30 [ 666.360250][T10761] ? ieee802154_hdr_push+0x9ac/0xa30 [ 666.365789][T10761] ? ieee802154_header_create+0x854/0xb90 [ 666.371736][T10761] ? dgram_sendmsg+0xb3d/0x16d0 [ 666.376816][T10761] ? ieee802154_sock_sendmsg+0x92/0xd0 [ 666.382544][T10761] ? __sock_sendmsg+0x330/0x3d0 [ 666.387656][T10761] ? ____sys_sendmsg+0x7e0/0xd80 [ 666.392794][T10761] ? ___sys_sendmsg+0x271/0x3b0 [ 666.397872][T10761] ? __x64_sys_sendmsg+0x211/0x3e0 [ 666.403220][T10761] ? x64_sys_call+0x32fb/0x3db0 [ 666.408339][T10761] ? do_syscall_64+0xd9/0x210 [ 666.413227][T10761] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.419518][T10761] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.425820][T10761] ? ____sys_sendmsg+0x7e0/0xd80 [ 666.430998][T10761] ? ___sys_sendmsg+0x271/0x3b0 [ 666.436107][T10761] ? __x64_sys_sendmsg+0x211/0x3e0 [ 666.441466][T10761] ? x64_sys_call+0x32fb/0x3db0 [ 666.446653][T10761] ? do_syscall_64+0xd9/0x210 [ 666.451545][T10761] ? kmsan_get_metadata+0xfb/0x160 [ 666.456932][T10761] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 666.463017][T10761] ? ieee802154_hdr_push+0x31/0xa30 [ 666.468472][T10761] ? filter_irq_stacks+0x49/0x190 [ 666.473716][T10761] ? kmsan_get_metadata+0xfb/0x160 [ 666.479115][T10761] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 666.485613][T10761] ? kmsan_get_metadata+0xfb/0x160 [ 666.490985][T10761] ? kmsan_internal_memmove_metadata+0x181/0x230 [ 666.497587][T10761] ? kmsan_get_metadata+0xfb/0x160 [ 666.502960][T10761] __msan_warning+0x1b/0x30 [ 666.507682][T10761] ieee802154_hdr_push+0x9ac/0xa30 [ 666.513076][T10761] ? __msan_memcpy+0x108/0x1c0 [ 666.518071][T10761] ieee802154_header_create+0x854/0xb90 [ 666.523902][T10761] ? kmsan_get_metadata+0xfb/0x160 [ 666.529314][T10761] ? __pfx_ieee802154_header_create+0x10/0x10 [ 666.535645][T10761] dgram_sendmsg+0xb3d/0x16d0 [ 666.540639][T10761] ? __pfx_dgram_sendmsg+0x10/0x10 [ 666.545993][T10761] ieee802154_sock_sendmsg+0x92/0xd0 [ 666.551566][T10761] ? __pfx_ieee802154_sock_sendmsg+0x10/0x10 [ 666.557828][T10761] ? __pfx_ieee802154_sock_sendmsg+0x10/0x10 [ 666.564091][T10761] __sock_sendmsg+0x330/0x3d0 [ 666.569008][T10761] ____sys_sendmsg+0x7e0/0xd80 [ 666.574024][T10761] ___sys_sendmsg+0x271/0x3b0 [ 666.578936][T10761] ? __rcu_read_unlock+0x6d/0xd0 [ 666.584110][T10761] ? __fget_files+0x3b4/0x4a0 [ 666.589006][T10761] ? __fget_files+0x3b9/0x4a0 [ 666.593993][T10761] ? kmsan_get_metadata+0xfb/0x160 [ 666.599372][T10761] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 666.605453][T10761] __x64_sys_sendmsg+0x211/0x3e0 [ 666.610612][T10761] ? kmsan_get_metadata+0xfb/0x160 [ 666.615999][T10761] x64_sys_call+0x32fb/0x3db0 [ 666.620932][T10761] do_syscall_64+0xd9/0x210 [ 666.625668][T10761] ? irqentry_exit+0x16/0x60 [ 666.630480][T10761] ? clear_bhb_loop+0x40/0x90 [ 666.635404][T10761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.641525][T10761] RIP: 0033:0x7fdc3af8e929 [ 666.646152][T10761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 666.666182][T10761] RSP: 002b:00007fdc3bd2a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 666.674839][T10761] RAX: ffffffffffffffda RBX: 00007fdc3b1b5fa0 RCX: 00007fdc3af8e929 [ 666.683018][T10761] RDX: 0000000004000010 RSI: 00002000000000c0 RDI: 0000000000000004 [ 666.691277][T10761] RBP: 00007fdc3b010b39 R08: 0000000000000000 R09: 0000000000000000 [ 666.699419][T10761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 666.707551][T10761] R13: 0000000000000000 R14: 00007fdc3b1b5fa0 R15: 00007ffe6d072bf8 [ 666.715834][T10761] [ 666.719435][T10761] Kernel Offset: disabled [ 666.723864][T10761] Rebooting in 86400 seconds..