last executing test programs: 13m19.784495982s ago: executing program 0 (id=2749): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, 0x0) 13m19.597694395s ago: executing program 0 (id=2752): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) get_robust_list(0x0, &(0x7f0000000300)=0x0, &(0x7f0000000340)) 13m19.461868058s ago: executing program 0 (id=2755): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000080000000000000000000008500000022000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000d4448d49850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r0, 0x18000000000002a0, 0x4f, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 13m19.067521426s ago: executing program 0 (id=2761): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000002240)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 13m18.629347084s ago: executing program 0 (id=2768): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f00000003c0)=""/189) 13m18.085474985s ago: executing program 0 (id=2780): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5}]}}}]}, 0x3c}}, 0x0) 13m17.753464632s ago: executing program 32 (id=2780): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5}]}}}]}, 0x3c}}, 0x0) 6m53.385870998s ago: executing program 3 (id=8656): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000400000000a20000000000a05000000000000000000010000000900010073797a300000000014000000020a010100000000000000000100000920000000000a010500c285501527f0a2b40000090900f1ff72797a300000000020000000050a05000000000000000000010000060900010073797a30"], 0x9c}}, 0x0) 6m53.138586823s ago: executing program 3 (id=8660): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8982, &(0x7f0000000040)={0x6, 'team0\x00', {0x1}, 0x1}) 6m52.905585598s ago: executing program 3 (id=8665): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) write$sndseq(r0, &(0x7f00000003c0)=[{0x1e, 0x0, 0x2f, 0xfd, @time={0x9, 0x4}, {}, {}, @result={0xfffffffe, 0x1}}], 0x1c) 6m52.679955512s ago: executing program 3 (id=8666): syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x204818, &(0x7f0000000240)={[{@map_off}, {@check_strict}, {@cruft}, {@dmode={'dmode', 0x3d, 0x4}}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@map_off}, {@mode={'mode', 0x3d, 0x483}}]}, 0xff, 0x544, &(0x7f0000001000)="$eJzs3V9v01YfwPGfS/sQ5ZGqRw8TQlWBQ9mkIpXgJBAUceU5J+mBxI5sB7VXqKIpqkhhokxae8O4YZu0vQh2uRexd4T2EjbZTvqHJjHQv6u+nwjOiX3s8zup5Z/cxscCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADEcmu2XbSkabzOkhrNrQV+a/dtf+sDC+TWvmJMvyJW/E9yObmSLrry1e7qy/F/czKbvpuVXFzkZPu/l//34NLkxGD7MQF/lt+/cE+bW9vPV3q97qujCuQMunpx9LqG9kzom5bT0MqEvqpWKvadxXqo6qapw+Uw0i3lBtqJ/EDNu7dUsVotK11Y9jteo+Y09WDh/dsl266oh4W2doLQ9+48LITuomk2jddI2sSr4zb34wPxkYlUpJ2WUmvrvW45awBxo+KnNCplNSrZpVKxWCoVK/eq9+7b9uSBBfZH5ECLozto8e90hGdv4HAm+vlfmmLEk44siRr6cqUmgfjSGrG+b5D/v7mjx/a7N/8PsvyV3dUzkuT/a+m7a6Py/4hYTu61KVuyLc9lRXrSk668OvWITvbVEC2eGAnFFyMtcZIlqr9ESVUqUhFbnsii1CUUJXUx0hQtoSxLKJHo5IhyJRAtjkTiSyBK5sWVW6KkKFWpSlmUaCnIsvjSEU8aUhMn2cuarCefe1mUNSrGnUbFkcPID467rpTGjJb8j8M70vM3cBh/D/I/AAAAAAA4t6zkt+/x9f+UXE1qddPU9mmHBQAAAAAAjlDyl//ZuJiKa1fF4vofAAAAAIDzxkrusbNEJC/X09qaWMntUvwSAAAAAACAcyL5+/+1uEjmQLku1s50KVz/AwAAAABwTvycOcd+2L5o/fmXBMGU9ba99LW1kczN62xcSLe78PEeo/qMNd3fSVJU0mJy0tWzVi5ttDMJ5od+sZYVh7UbgLMTwI+fE8ClSflVbqRtbqym5epgTdpLvm6auuD6zQdFcZzpiUgvRd+/WP9BkuH/4rWmrZys97qFpy97q0ksb+O9vN3oT6B4YB7FMbG8TuZbSO65GDriqeRGjH6/eUvW1ntde+/4J9LNJ/b3+GZ6TJ/vZC5tNdef8Ta/f/y5uM9iYdTo+1EUDznyd3IzbXNz/mZaDImilBVFaW8Uwz+Lw0dRzoqifMgoAOC0rGVkIUsO5N0vOMt9WXaXz8zu72Q+bTM/k5xYJ2eGnNHtrDO6fcjs9seBZyCNyrFxv799lFXfxxu8H9lv2CxZ8Ud44fXGd3J5c2v79vrGyrPus+6LUqlcse/a9r2STCXD6BfkHgDAEHufsWMNzf+ZT+Gx7mZcVf9/5ysFBXkqL6Unq7KQ3G2QfONg6F7ze76GsJBx1ZpP0mT6hJeFMVd1/0nuchjstzS27f4YyifwkwAA4OTMZeThT8n/CxnX3ftz+fir4/yep7UBAIDjoYMPVj76yQoC035SrFaLTrSoVeC7j1Rgag2tjBfpwF10vIZW7cCPfNdvxpXHpqZDFXbabT+IVN0PVNsPzVIyfaDqP/o91C3Hi4wbtpvaCbVyfS9y3EjVTOiqdufbpgkXdZBsHLa1a+rGdSLjeyr0O4GrC0qFWu9paGrai0zdxFVPtQPTcoKceuw3Oy2tajp0A9OO/HSHg76MV/eDVrLbwml/2AAAnBGbW9vPV3q97qtjrAztOHfiQwUAAH0ZWRoAAAAAAAAAAAAAAAAAAAAAAJwBJ3H/H5VzXhlMBX1W4qFyBJXMU8ebYz85AThW/wQAAP//rVVPjw==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 6m52.28559769s ago: executing program 3 (id=8670): r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000f80), 0x1, 0x0) writev(r0, &(0x7f0000001100)=[{&(0x7f0000000fc0)="263d49597ef510fb5583ba5b3d264d22", 0x10}], 0x1) 6m51.852725479s ago: executing program 3 (id=8678): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0xfe4c, &(0x7f0000000180)={&(0x7f0000000200)=@can_delroute={0x3c, 0x19, 0x1, 0x0, 0x0, {}, [@CGW_MOD_OR={0x15, 0x2, {{{}, 0x2, 0x0, 0x0, 0x0, "22ff7506ecbef970"}, 0x7}}, @CGW_CS_XOR={0x8, 0x5, {0x7, 0xffffffffffffffff, 0xfffffffffffffffc, 0x4}}, @CGW_CS_CRC8={0x0, 0x6, {0x30, 0x5c, 0x51, 0x5, 0xd, "14dbcf549b385d9e3488fde6746c2dd7920f067ed6aa632dc9d6210b0d184ff94d4563c799aa18a2d68b495e20fbdc88ac9e4cad9f39404aee7a6a1662f1a27b88f53a42ea60fbf2ee9a212b079080fd9df0474fc44cc9ae9d4178bedbb1c366b5203c6d54fb6220ed4e93b1158e0d0d32de447cede0a3a046460aaeda06212bc2c3acd4edcda286418262289a6558a5c6bf06570d00a6bfce89dff95e06770ed6e103f54ff84b0356569c5997dcd408fb9655edf54b610d12222785a6680f8a196243c38d7e7a4fd13e3aea8d98c59bd2d4011a17a51acf324eb107ccd52e0fd2a1ddb53356086f46c840856e86c92fd9f4b7cab18f9b4aa37994826e64ad4f", 0x1, "cd669ab1508c073bc5314d9089af490bb58059d2"}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x404c800) 6m51.29253689s ago: executing program 33 (id=8678): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0xfe4c, &(0x7f0000000180)={&(0x7f0000000200)=@can_delroute={0x3c, 0x19, 0x1, 0x0, 0x0, {}, [@CGW_MOD_OR={0x15, 0x2, {{{}, 0x2, 0x0, 0x0, 0x0, "22ff7506ecbef970"}, 0x7}}, @CGW_CS_XOR={0x8, 0x5, {0x7, 0xffffffffffffffff, 0xfffffffffffffffc, 0x4}}, @CGW_CS_CRC8={0x0, 0x6, {0x30, 0x5c, 0x51, 0x5, 0xd, "14dbcf549b385d9e3488fde6746c2dd7920f067ed6aa632dc9d6210b0d184ff94d4563c799aa18a2d68b495e20fbdc88ac9e4cad9f39404aee7a6a1662f1a27b88f53a42ea60fbf2ee9a212b079080fd9df0474fc44cc9ae9d4178bedbb1c366b5203c6d54fb6220ed4e93b1158e0d0d32de447cede0a3a046460aaeda06212bc2c3acd4edcda286418262289a6558a5c6bf06570d00a6bfce89dff95e06770ed6e103f54ff84b0356569c5997dcd408fb9655edf54b610d12222785a6680f8a196243c38d7e7a4fd13e3aea8d98c59bd2d4011a17a51acf324eb107ccd52e0fd2a1ddb53356086f46c840856e86c92fd9f4b7cab18f9b4aa37994826e64ad4f", 0x1, "cd669ab1508c073bc5314d9089af490bb58059d2"}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x404c800) 5m8.945036858s ago: executing program 4 (id=9985): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x0, 0xb, 0x201, 0x0, 0x0, {0x3}, [@NFTA_COMPAT_REV={0x8}, @NFTA_COMPAT_NAME={0xb, 0x1, 'mangle\x00'}]}, 0x28}}, 0x0) 5m8.724065513s ago: executing program 4 (id=9987): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newtaction={0x60, 0x30, 0x1, 0x0, 0xa5dfdbfd, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x8, 0xffe4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x40041}, 0x0) 5m8.437534859s ago: executing program 4 (id=9990): syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000008900)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==") fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0) 5m7.945413668s ago: executing program 4 (id=9997): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) 5m7.579003556s ago: executing program 4 (id=10003): r0 = io_uring_setup(0x734a, &(0x7f0000000000)) io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0) 5m6.917692429s ago: executing program 4 (id=10016): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x2801, 0x0) ioctl$SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) 5m6.487666858s ago: executing program 34 (id=10016): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x2801, 0x0) ioctl$SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) 4m33.275661619s ago: executing program 6 (id=10413): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a30000000005c000000030a030000000000000000000300000009000b0073797a30000000000900010073797a300000000014000480080002400000000008000140000000001c0008"], 0xcc}}, 0x4) 4m33.103017072s ago: executing program 6 (id=10416): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a94010000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a320000000008000a40fffffffc58010980900002"], 0x1bc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 4m32.962885115s ago: executing program 6 (id=10419): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2, @thr={0x0, 0x0}}) 4m32.817919658s ago: executing program 6 (id=10421): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) 4m32.421638246s ago: executing program 6 (id=10425): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c) 4m31.777531649s ago: executing program 6 (id=10429): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e23, 0x5, @empty, 0x2800}}, 0x3, 0x0, 0x20000, 0x81, 0x1, 0x0, 0x4}, 0x9c) 4m31.140627792s ago: executing program 35 (id=10429): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e23, 0x5, @empty, 0x2800}}, 0x3, 0x0, 0x20000, 0x81, 0x1, 0x0, 0x4}, 0x9c) 3.801563023s ago: executing program 1 (id=14228): syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005140)='./file0\x00', 0x0, &(0x7f0000005180), 0x1, 0x50ec, &(0x7f00000051c0)="$eJzs3U+IVVUcB/Dz5o8zKcw8QcighS3chhQtVIYeYZCL9KUQtDAnF0EIMtguwWxEEIwaCaSsQAuG3MgDIUGYEBe1CTRJEFqY4KaVQrtaFO/de968d67vvueojennEzP3nvu759zzHncx35fnvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhDVv194vq09tvHJh4eyWg7MHGsdvzh89EkKldbyS13e/8tqOd3fufn08dph+I9tWq72GzLr+njVWdB1s9uv+eSeEMJoMMJxvXx0ujNq5u784YKlrx/adnj25fdPCmvVTl3bNnyu+dJrGl3sCyyW/r24t3ku11u+h5Ix2u+PWq3Tdoln/9Ib7T14EAHBPNtRbm/afo/mfuO32obSetGtJey5px78Q5jobS5GNu6LXPNel9WWaZy2LCmM955nU8/e/3a6n/ZN2EjXuYZ7dp+aRZrzXPGeS+nLNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRcqb2wday+tTGKxcWzm45OHugcfzm/NEjIVRbxytZufL07RMjY9e3/fDRja9PvrT66t/Deb+4Hek4OVyPOxsnQ9jTUbkVh/1jIoR6d6HVDF8UC++1drbGAgAAAI+TZ1q/h9rtLA6OdrUrrTRZaf0XZWHx2rF9p2dPbt+0sGb91KVd8+eWPl69x3i1u47XblcXfyodwTjG33S8xXo8dX9hnHLpiGmeP//Ltq/K+hfyf7U8/8d3Tv4HAADgfsj/6Tjl+uX/PZufnSnrX8j/67ouWcj/ccYx/w+FpeV/AAAAeJQ97PxfK4xTrl/+f/Hwm9+X9S/k/w2D5f+RzmnHgz/HCe+dDGFDv6kDAAAAPcT/77740ULM69knB2lev/rNU7+WjVfI/7XB8v/oA31VAAAAwP3YXr3xfFm9kP/rg+X/sYc6awAAAOBefF75ZLasXsj/04Pl/5X5Nl/5kHX6Mf4rhM8mQxhv7sxkhZ/C3MvtAgAAAPCAxJz+6cffXi47r5D/Z8qf/x+fdBDX/3c9/6+w/r+jkD31b7MHAwAAAPAkKq7nj4/Hz765oNf37w+6/n/i5u3vyq5fyP+HBsv/w53bB/n9fwAAALAE/7fv/3urME65fs///2von4tl/Qv5f26w/B+3qzpf3sX4/hyeDGFtcyd/muCZeLm9SaEx2lFoqSc9dsYeeaEx1lFomUl6vDAZwnPNnUNJYXUszCWFOxN54VRSuBwL+f3QLpxNChfjnXZiIp9uWjgfC/kCi0ZcQbGqvSQi6fFnrx7Nwl17/Na+OAAAwBMlhuc8y452N0MaZRuVfies7HfCUL8ThvudMJKckJ7Y63iY7i7E4x/uOP1lKFHI/6cGy//xrViRbXqt/w9x/X/+vYbt9f/TsVBNCo1YqKdPDKjHa2Rh91i8RrWe97iztl0AAACAx1r8XGB4mecBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7J3rzFyXfUBwM8+Z3e93l0TpASKYAElIZW8Xm+wpZAgbKAEgQSbynyoUISNvUk33iTGDwmHh9YOQaAUNSkpCShQuxUUf0lWVIhHgVhRcVQ1VaNUQk5T8qYREtTkoVTUQa5m7z2zd87deTjedbzp7yd558z8z/POw3PuvXMuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/8ORW95xXrP4uy976Mc/vef9nz/4mbnbn/zOl24JYXL+8Y4s3HH+ia91V45/5GcHHv/mNzasefhkb14uj4dV1T+d+Z0vxFqfWR3CDzpC6E4DawezQE9+fzDW96bBENaEhUCtxNRAViJtOPy8P4RDYSFQq+pH/SEMFgJbHr7/vq9UE3f0h3BhCKGStvHLStZGfxq4qDcLDKSBG7uzwP+cytQCP+zMAnDG4puh9qKfm6zPMLJ4uQavv54l69irKx1eV0yMNM73283L3KmC3vSByTN62krVsSxKb4+j3m0r4N1W2s63edqKX6TybyinFkKV0Llj6ppt+2b2xkc6w9hYV6Oalul5fuS5z24/nfSKeR3GDowsyevwzq8/9blvPX3l3Xd98QNX3/vi86Nn2s3jhU1aTC+3SshfcyvmeYw2+TxZAW+/0rekUV+6QghffuJv/6RZvDT/H2k+/48v53jbWZc71npyKJubx0cGY+LEUDY3BwAAgBVjJew1nf3O5RPN6ivN/0fbO/4fD/nnk/lstEdD2DSfuHk4hAvmH88CR2JznxwO4a3zqcn6wOYkcDSEN8wnLqlVlZToiyVGk8CzQ3lgUxI4FgOTSeDbMXBbEvhCDMwlge0xcDQJvDcGwnT9OP54KB9H24H+GNiabcS5eBbCC0OxtWRbPVqrCgAAYInks8Oe+ruFcx3ONEOcXs71t8oQz8BumKGS1JDOYGvTqoY1dLeqobNVDbVxzzYffqnmjlY1l07D6KjPsPuzv/uz0ERp/j/efP5fWaQjHaXj/yFcNf835u7MIzO1+NbJugwAAADAGVi1+YYtzeKl+f+m9s7/j/tEugqZw4NxN8TO4RDG6wNZtZeXA9lR71V5AAAAAFaC2vH42rHw6fw2O0U7nU+X80+eZv544H/Tovl//cF3Xdesv6X5/2R75/8P1N9mnTgWe/HV4RD6CoEHYi+rgXmjMfDEe+oD+fiPxQ1wa6wqPzGhVtWtscTWGBhPAocalXioVuKC+kD+ZNUav7k2jum8RCEAAAAAZ13cHRCPy8fz/x/Zd/x9zcqV5v9bT+/8//l5cOn0/plVIazrDqEr/WHAgwPZwoAxMNiRJ346kNXVlVZ1YCCEK6oDS6t6Ml//vztdY/Dh/qyqGLjgbd997qJq4u/6Q1hXDPzi44c3VBN7k0Ct8Y/1h/CW6mjTxr/flzXekzZ+Z18Iby4EalV9si+EamO9aVX3V/LrGKRV3VsJ4bxCoFbVxkoI+wMAK1T8r3RH8cE9+2/auW1mZmr3MibiPvz+cM30zNTY9htndlQa9GlH0ue6ZYwOlMfUcDmkxKP5EkVHXr5sqJ107XeC48W+5PvxSycO5vfjd6Ge+XFO9NTdvTQd8jveXm4iFL5JvVpDHihWsvAkluqP+XvDqtC3b8/U7rFPb9u7d/f67G+72Seyv3FQ2bZan26rgcX6dg68PC4uVrJu7/W71u3Zf9Pa6eu3XTt17dQNE+Pv3LBxw8T4xo3rqqMaz/62GOrFi1WdDPXU4bM/1Dd2Fyo5G58aEhISKy0xe/PhVc0+fkrz/13N5//xUyd+8ufrMzQ6/j8SD/Nnjy8c5t8aA4faPf4/0uhofu3EgNEkMBsDsw7zAwAA8NoQd0fG3Y5xr3Xv4Ut/06xcaf4/297v/5do/f/a0vUfarTM/yWxxHij9f/TZf5r6//PNlr/P13mv7b+/6FXYf3/fbVAsklesP4/AADwWnD21v9vubx/eoGAUoaWy/unFwgoZWi5jH+7Fwg47fX/J657/JnQRGn+f1t7838L9wMAAMC54/Z/eu4tzeKl+f+h9ub/Z3/9v9Do/P/RRoHJRgsDWv8PAACAFarR+n+nhv/iY83Kleb/c+3N/+NpF511uWOtJ4eyNe1CuqbdiaHaTwYAAABgZegMY2M9beatWxl18ytv85F8KdBm6aIHLv+va5vVV5r/H21v/l/3u4w7v/7U57719JV3n7zrix+4+t4Xnx9dOP4PAAAALJ9290sAAAAAAAAAAAAAAACvvn2f+NcTzeKl3/+Hq+Yfb/T7/3jdv/j7gtfX5Y61tl7/L7+/5cP37J9fsvDBoRDeXgzsPLhzTcivzX9xMXDf1ZecX00cTEv85LH3/qqa+EQa+ODa171UTVyRBLbGRRLfkAbiVRVfWp0E4vKK/54G4vaYSwO9eeDLq7NxdKTb6teD2bbqSLfVfwyGMFwI1LbVDwazNjrSAd6RBGoD/FQaiAP8SB7oTHt1z6qsVzEwGIv+zaqsVwAAnLPit8CecM30zNR4/Aofb9/YXX8b1S1ZdqBcbVebzT+aL0125OXLhtpJd6XfRReuNd4TKtUhrC99XS1m6Zgf5dLU0mLTvb7BkFut9rZcm6638Yj6sxGNbb9xZkdPy4Ff2jrLRHfLLOtLk51ils75TdpGLW30pY0Rtblt2uhyvN8Zxsa6klzvisGRUKfVK6Ld3+sX1/lr9Coo5jkw0/OHZvWV5v8j7c3/K8VxvZRfDGA2XlnvL4ct8w8AAADL68ubf39X/PeT4Y/+Z7O8pfn/aHvz/7hjLD8UnO3tOBqv/3/zcAjzl9YfyQJHYnOfHA7hrfOpyVgiu6D+h2KJ8SxwJO4wuSSW2DpZX1VfDMwlgWeH8sDRJHAsBvK9FN8N+a6c24dC2DCfuqq+xK5YYiQJfDQGRpPAWAyMJ4HVMbApCfxmdR6YTAL/EgNhun5b/cPqfFsBAACcjnye1VN/N6TzvLnuVhk6WmUYaJWhs1WGSqsMjUYR738vZugpHo/PM8SHetJa+5NaShnixfBPu1+lDOGh+pxpwVLTtTNJRupzxgxb5g6uDk2U5v/j7c3/B+pvs9aPxfn/wvX/ssADsXtfjaeOj8bAE++pD+Q7Bo7Fye6ttaom8xL5pP3WWGJTDIwmgV0xsCkJbL0qDxw6vz6Qz7Rrjd9ca3w6L1EIAAAAwFkXdxDE3TRx/v/ffX/462blSvP/Te3N/2N7q4qNfSHW+szqEH7QsdCbWmDtYBaI+zEG48/j3zQYwprCDo5aiamBrERv0nD4eX/2C/XetKof9Wc/Poj3tzx8/31fqSbu6A/hwsLel1obv6xkbfSngYt6s8BAGrixOwvEPT+1wA87swCcsdpewfiCyk91qRlZvFyD199r5Zqg6fBK+0AXybfYb66WSyV9IN+nWnN6T1upOpZF6e1x1LttJb7bRrzbil+k8m8opxZCldC5Y+qabftm9sZHir9kLVmm57n4K9V20kvwOpx95b1trZJ2YDz5+BhfvNzir8OOWN2dX3/qc996+sq77/riB66+98XnR9vuRgPxh8I3XPe/Q8cLm3e5VUL+mltxnyeTPk9W4n8Do562EMItcxe80Cxemv9Ptjf/705u5/0+bsw9wyG8o7BxH4yb/33D2edgIZB9Sp5XDmSH3J8eavjJCQAAAEuttrujtr9gOr/NTghP58nl/JOnmT/ur9i0aP52+/2ZCy/8x2bx0vx/a/P5f1/STcf/Hf9nmTj+v6hzfVd0X/rA7Bntii5Vx7Jw/H9R5/q7zfH/RTn+7/j/Yhz/b8Hx/0Wd609b6VvSLl+6Qgj937/8oWbx0vx/V3vzf+v/Lb5oX239v62N1v/b1Wj9v1nr/wEAAMuqwUJz6TyvtHpfKUO6el8pQ8sFAlsuMWj9v9Ne/2/grz7+u9BEaf4/2978P74cVhVbXynr/41e1aCq22Jgl4UBAQAAOBc12kEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAq+vZ4wPvbxZ/92UP/fin97z/8wc/M3f7k9/50i0hTM8/3pGFO84/8bXuyvGP/OzA49/8xoY1D5+s5OV68ts/qssdaz05FMKhwiODMXFiqHpnIbDlw/fs764mHhwK4e3FwM6DO9dUE98eCuHiYuC+qy85v5o4mJb4yWPv/VU18Yk08MG1r3upmrgiD3Sk3b17ddbdjrS7X1kdwnAhUOvudavrq6q1cWUe6Ezb+PvBrI0YGIxF7xrM2oiBmVhiui+Edd0hdKVV/XMlq6orrerHlayqrrSqz1dCuCKE0J1W9VhvVlV3OvJ/682qioEL3vbd5y6qJg71hrCuGPjFxw9vqCY+lQRqjf9pbwhvqb5k0sa/15M13pM2fkdPCG8OIfSmJV7szkr0piWe7A7hvEKg1vifd4ewP/CaED98dhQf3LP/pp3bZmamdi9jojdvqz9cMz0zNbb9xpkdlaRPjXQU0qcOlOOdbY790ec+u716e+Tly4baSXfn5XrmuzzRU3f30qXqfccy9T72a6BYycLzUao/5u8Nq0Lfvj1Tu8c+vW3v3t3rs7/tZp/I/nbl0WxbrV+qbdWuV7qtLi5Wsm7v9bvW7dl/09rp67ddO3Xt1A0T4+/csHHDxPjGjeuqoxrP/i7FUA+X413LPNQ3dhcqORsfABISEist0Vn36TZ+rv+XXfqiv9DRnlCZ/4AuTSuKWTrmR7kUg97cPL6Ugy5NSUojWl+aOJSyTLTOcmlpMrGQpT/LMv+9rjQ5LNbUOb9J4/3OMDbW8H+6kfq7xc3320U2b7seyTddu2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/YwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//19BHGg==") r0 = creat(&(0x7f0000000440)='./file1\x00', 0x0) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x40809440, &(0x7f0000000480)={{r0}, 0x0, 0x0, @inherit={0x0, 0x0}, @subvolid=0x8}) 3.592429858s ago: executing program 2 (id=14231): mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000c51000/0x2000)=nil) mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0xc, 0x2031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) 3.381480591s ago: executing program 2 (id=14234): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) sendfile(r1, r0, 0x0, 0x1) 3.089526428s ago: executing program 2 (id=14238): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002fc0)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x8}, @TCA_CAKE_RTT={0x8, 0x7, 0x80000000}]}}]}, 0x44}}, 0x0) 2.958131501s ago: executing program 8 (id=14239): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000) mbind(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x0, 0x80000000000005d, 0x3) 2.933751881s ago: executing program 5 (id=14240): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0a41, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002}) write$tun(r0, &(0x7f0000000240)={@val={0x0, 0x18}, @val={0x3, 0x1, 0x3, 0x6b2, 0xc4, 0x5}, @ipv4=@tcp={{0x5, 0x4, 0x3, 0x4, 0xd8, 0x65, 0x0, 0x9, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x1, 0x0, 0x1d, 0x80, 0x7, 0x0, 0x9, {[@mptcp=@synack={0x1e, 0x0, 0x4, 0x2, 0x0, 0x80000001, 0x81}, @exp_fastopen={0xfe, 0xfffffffffffffd1f}]}}, {"13d3b3875dfd9a3f6328f33f09ceec09986b30406704e2560f04592cb4869c77658fcb3eca004c77b183c5840dbb0fd30bcd067737d3f07dff1755aac0e628d921d141b089c15306c066b177aab800b1"}}}}, 0xe6) 2.806061183s ago: executing program 2 (id=14241): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000000c0)={0x97, &(0x7f0000000040)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="00150207"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.552134788s ago: executing program 5 (id=14243): syz_mount_image$vfat(&(0x7f0000000500), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000300)={[{@utf8no}, {@uni_xlate}, {@numtail}, {@fat=@check_strict}, {@fat=@check_normal}, {@utf8no}, {@fat=@umask={'umask', 0x3d, 0xcf7f}}, {@rodir}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@uni_xlateno}, {@rodir}, {@numtail}, {@uni_xlate}, {}, {@shortname_win95}]}, 0x26, 0x34e, &(0x7f0000000540)="$eJzs3TtoZNUbAPBv9uYN+0+KPwStRjtBlk3EQquEZYXFFLoy+GocTNZH7riQwYFskdlpFEvFRtDKzkLLrcVCxM7C1hVkVWzcbmEXr8zcm5k7j2hWTOKyv18RPr5zvjnn3HvC3LxOXlmL7c3puHTz5o2Ym6vE1Nq5tbhViaU4FUnkrsaIzmgCALiX3Mqy+D3LldLLk3t/sLAfzRzD3ACAo9F7/3/t9CAxe5KzAQCOwwFf/496ZmL28pFNCwA4QmPv/w8PNY98m3+q/zsBAMC967kXX3p6fSPiYrU6F9F4t1Vr1eLJQfv6pXgj0tiKs7EYdyLyB4X8aaH78akLG+fPVrt+Xopat6JVi2i0W7X8SWE96dXPxkosxlJRn/Xrk279Sq++GhFX273xo1Fp1aZjoRj/h4XYitVYjP+P1Udc2Di/Wi1eoNbYr29HdGJufxHd+Z+Jxfju1bgcaWxGt3Yw/72VavVctlGqr/d+ELJ5EjcEAAAAAAAAAAAAAAAAAAAAAID7wplq31L//Jus0W69c3G0w1L5fJ1WLW8uzgfq5OcDZbP7p/O8l4yeDzR8Pk+rNhWnTnTlAAAAAAAAAAAAAAAAAAAA8N/R3J2Jeppu7TR3r2yXg3Yp89Y3n381H6N93kwGmZjKX26oT5GLUlUS/fKsX54lQ32KIIkYdP7sWn/GeSaZsJaxVcz2FljOVIo51dP09EM/fTw26O6V7T8GmSTGLstwUClGLjU1/pen/qLq4GD1b/pcz7LsoPK9j8arohIxNXbj/o3g6xuvP/BYc/nxXubL4tCHRx5dfP76h5/+ul1Po7g0aTqz07yT/eOxktL+qRTXuRITNtvEoDPIdHaau/Xk+99eePD9b4f6zI9tkiLIypm394O54dtdT9MvRkefyYPuNA+z0ukJm39y8PLt/u69+4u5/Mla/drej78ctqr0ieWgDgAAAAAAAAAAAAAAAAAAOBalvxW/C088e3QzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjN/j//6WgM5Y5THC7HeNNs1s7zZEhZ/rR/LEvFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+9SfAQAA//8PVnAt") r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x80) getdents(r0, &(0x7f0000000100)=""/191, 0xbf) 2.049591459s ago: executing program 5 (id=14246): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040)=[@in={0x2, 0x4e21, @private=0xa010101}], 0x10) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000a44a2dd1c", 0x8) 1.699066056s ago: executing program 1 (id=14249): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) msync(&(0x7f000011f000/0x1000)=nil, 0x1000, 0x6) 1.616393327s ago: executing program 7 (id=14250): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, 0x0) 1.575529989s ago: executing program 8 (id=14251): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x3c, r1, 0x1, 0x0, 0x3, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0x6, 0xa8, @random='5\x00'}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x880}, 0x40000) 1.306304304s ago: executing program 8 (id=14252): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000140)="15", 0x1) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x8, 0x4) 1.095695448s ago: executing program 8 (id=14253): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {@bh}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@nogrpid}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) 1.055082799s ago: executing program 5 (id=14254): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000003b80), r0) sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f0000003c80)={0x0, 0x0, &(0x7f0000003c40)={&(0x7f0000003c00)={0x24, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008011}, 0x8) 981.61286ms ago: executing program 7 (id=14255): mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88) ioctl$BLKTRACESETUP(r0, 0x301, 0x0) 892.859862ms ago: executing program 2 (id=14256): r0 = socket(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4) sendto$inet(r0, 0x0, 0xffe5, 0xe000, &(0x7f0000000000)={0x2, 0x4e20}, 0x10) 816.910744ms ago: executing program 1 (id=14257): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="12000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 765.478825ms ago: executing program 5 (id=14258): capset(&(0x7f0000000200)={0x20080522}, &(0x7f0000000300)={0x0, 0x0, 0x5f22, 0x200}) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001200010100000000000000002700000000000100000029000000000000000000040000000000000040400000006ad27d50000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000004"], 0x4c}}, 0x10) 765.363465ms ago: executing program 7 (id=14259): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x9c, 0x7, 0xfe, 0x3}, {0x6, 0x8, 0x8, 0x2}]}, 0x10) sendmsg$NFT_MSG_GETGEN(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x14, 0x10, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x8051}, 0x0) 738.576935ms ago: executing program 2 (id=14260): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x7e, 0x9e, 0xb4, 0x10, 0x54c, 0x38, 0x16f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0xc5, 0x38}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000001c0)={0x2c, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x8, 0x1, 0x1}, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000b40)={0x34, 0x0, &(0x7f0000000a00)={0x0, 0xa, 0x1, 0x8}, 0x0, 0x0, 0x0, 0x0}) 621.028588ms ago: executing program 1 (id=14261): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, 0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r1, 0x0, &(0x7f0000001780)=""/4096}, 0x20) 577.969529ms ago: executing program 5 (id=14262): syz_mount_image$reiserfs(&(0x7f0000001100), &(0x7f0000000080)='./bus\x00', 0x86, &(0x7f00000002c0)={[{}, {@usrjquota_file, 0x4}, {@grpjquota}, {@usrjquota_file}, {@usrjquota, 0x3d}]}, 0xfc, 0x110a, &(0x7f0000006580)="$eJzs2LFqFEEYB/D/7B2YbmXTL4IWFhISzs4qRYRrrW1EUpkqV0UE8V18HEllH/IAFgFLYWQ3t0YkEDBnJPD7wcwO38438005EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALj0Yui2m6SbIk2SkvT96fI8ST/FH36ZNSl5dbhcHRwvXq6SzMbpZWhD1pCWbu/xVrfoFt1e93x7/0m3Onn/7s3R0eHxepmSPmcXmz9IWddzra3N7wcAAAD3Rb219s8l53e7PwAAAHCTjT4mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyF2l6NuyQ/aq1pkpSk70+X50n6/1kgAAAAcGslTV6318UzPgNceZavbRnjU/tehjm7+TzmP7izmgEAAOD+md84o/x2H3+aeWqtH6d/jzLPzs7leP3Jt/1kdnKQ3V938k9jf3bx4e3USp39g7MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9mBAxIAAAAAQf9ftyNQAAAAAAAAAAAAAAAAAAAAAOClAAAA///LONy9") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000200), 0x0, 0x0, 0x3) 527.82898ms ago: executing program 7 (id=14263): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)={0x14, 0x4a, 0x201, 0x0, 0x0, {0xa, 0x0, 0x300}}, 0x14}}, 0x0) 465.025881ms ago: executing program 8 (id=14264): unshare(0x28040680) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000080)=ANY=[@ANYBLOB="03"], 0x4) 405.591552ms ago: executing program 1 (id=14265): capset(&(0x7f0000000380)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200003, 0x3, 0x0, 0x7, 0x3ff}) r0 = socket(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)={{0x14, 0x453, 0x1, 0x0, 0x0, {0x5}}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x40000) 320.863454ms ago: executing program 7 (id=14266): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000380)="80fd01fff140", 0x6}], 0x1, 0x2, 0xfffffffe) 188.252307ms ago: executing program 1 (id=14267): unshare(0x400) r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 117.499778ms ago: executing program 8 (id=14268): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000000)={[{@grpjquota, 0x4a}, {@debug}, {@jqfmt_vfsold}, {@noquota}, {@bsdgroups}, {@usrjquota, 0x22}, {@nojournal_checksum}, {@errors_remount}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000a80)='./file1\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@sb={'sb', 0x3d, 0x50cf}}, {@orlov}, {@norecovery}, {@barrier}, {@data_journal}]}, 0x66, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000140)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xc, 0x0, &(0x7f0000000000)) 0s ago: executing program 7 (id=14269): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0) sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101}, 0x14}}, 0x0) kernel console output (not intermixed with test programs): from 0 to 8 [ 954.594834][T20915] cramfs: Error -5 while decompressing! [ 954.605511][T14330] udevd[14330]: incorrect cramfs checksum on /dev/loop5 [ 954.617806][T20915] cramfs: ffffffff96d761e8(26)->ffff888043ea5000(4096) [ 954.627782][T20915] cramfs: Error -5 while decompressing! [ 954.643657][T20915] cramfs: ffffffff96d76202(26)->ffff888043ea6000(4096) [ 954.670855][T20915] cramfs: Error -3 while decompressing! [ 954.706263][T20915] cramfs: ffffffff96d7621c(16)->ffff888043ea7000(4096) [ 954.731939][T20915] cramfs: Error -5 while decompressing! [ 954.756886][ T5115] udevd[5115]: incorrect cramfs checksum on /dev/loop5 [ 954.760086][T20915] cramfs: ffffffff96d761e8(26)->ffff888043ea5000(4096) [ 955.071101][T20887] loop8: detected capacity change from 0 to 32768 [ 955.095323][T20887] XFS: noikeep mount option is deprecated. [ 955.225863][T20887] XFS (loop8): Mounting V5 Filesystem [ 955.357338][T20887] XFS (loop8): invalid iclog size (4096 bytes), using lsunit (32768 bytes) [ 955.382884][T20887] XFS (loop8): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 955.443057][T20887] XFS (loop8): Starting recovery (logdev: internal) [ 955.467605][ T4361] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 955.505042][T20887] XFS (loop8): Ending recovery (logdev: internal) [ 955.566046][T20978] loop1: detected capacity change from 0 to 256 [ 955.608232][T20978] exfat: Deprecated parameter 'namecase' [ 955.608265][T20978] exfat: Deprecated parameter 'namecase' [ 955.629886][T20978] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 955.675075][T11583] XFS (loop8): Unmounting Filesystem [ 955.676003][T20978] exFAT-fs (loop1): invalid start cluster (4278190088) [ 955.707045][ T4361] usb 6-1: Using ep0 maxpacket: 8 [ 955.731215][ T4361] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 955.756516][ T4361] usb 6-1: config 0 interface 0 has no altsetting 0 [ 955.789847][ T4361] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 955.809440][ T4361] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 955.843589][ T4361] usb 6-1: Product: syz [ 955.853716][ T4361] usb 6-1: Manufacturer: syz [ 955.863829][ T4361] usb 6-1: SerialNumber: syz [ 955.876088][ T4361] usb 6-1: config 0 descriptor?? [ 955.909696][ T4361] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 found [ 956.122754][ T4361] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 now disconnected [ 956.152451][ T4361] snd_usb_toneport: probe of 6-1:0.0 failed with error -22 [ 956.325108][ T4361] usb 6-1: USB disconnect, device number 31 [ 956.611999][T21036] netlink: 'syz.8.12894': attribute type 15 has an invalid length. [ 956.625688][T21036] netlink: 666 bytes leftover after parsing attributes in process `syz.8.12894'. [ 957.684106][T21048] loop7: detected capacity change from 0 to 32768 [ 957.741353][T21103] loop1: detected capacity change from 0 to 256 [ 957.769237][T21048] XFS (loop7): Mounting V5 Filesystem [ 957.781481][T21103] exfat: Deprecated parameter 'namecase' [ 957.873039][T21116] netlink: 'syz.5.12919': attribute type 6 has an invalid length. [ 957.889175][T21103] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1cbb3694, utbl_chksum : 0xe619d30d) [ 957.972695][T21103] exFAT-fs (loop1): error, found bogus dentry(5) beyond unused empty group(4) (start_clu : 5, cur_clu : 5) [ 958.002731][T21048] XFS (loop7): Ending clean mount [ 958.059313][T21048] XFS (loop7): Quotacheck needed: Please wait. [ 958.157115][T21125] netlink: 'syz.5.12921': attribute type 5 has an invalid length. [ 958.197581][T21048] XFS (loop7): Quotacheck: Done. [ 958.289304][T21135] IPv6: NLM_F_CREATE should be specified when creating new route [ 958.387418][ T9533] XFS (loop7): Unmounting Filesystem [ 958.928913][ T27] audit: type=1326 audit(1187.951:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21166 comm="syz.1.12935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb5f8eec9 code=0x7ffc0000 [ 959.017614][ T27] audit: type=1326 audit(1187.951:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21166 comm="syz.1.12935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f0cb5f8eec9 code=0x7ffc0000 [ 959.036820][T21173] ubi31: detaching mtd0 [ 959.106471][ T27] audit: type=1326 audit(1187.951:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21166 comm="syz.1.12935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0cb5f8ef03 code=0x7ffc0000 [ 959.120023][T21173] ubi31: mtd0 is detached [ 959.182183][ T27] audit: type=1326 audit(1187.971:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21166 comm="syz.1.12935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0cb5f8ef03 code=0x7ffc0000 [ 959.246523][ T27] audit: type=1326 audit(1187.971:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21166 comm="syz.1.12935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb5f8eec9 code=0x7ffc0000 [ 959.556596][T21205] loop1: detected capacity change from 0 to 16 [ 959.583254][T21205] erofs: (device loop1): mounted with root inode @ nid 36. [ 959.631004][T21205] erofs: (device loop1): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet [ 959.650955][T21210] Option ' ' to dns_resolver key: bad/missing value [ 959.781933][T21211] loop7: detected capacity change from 0 to 4096 [ 959.915475][T21224] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 959.928145][T21211] NILFS error (device loop7): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=11 [ 959.937664][T21225] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12950'. [ 960.373881][T21246] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12958'. [ 960.409272][T21246] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12958'. [ 960.641332][T21268] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 960.679179][T21271] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12965'. [ 960.700806][T21271] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12965'. [ 960.714473][ T6925] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 960.913706][ T6925] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 960.936843][ T6925] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 960.947227][ T6925] usb 8-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 960.963890][ T6925] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 960.979159][ T6925] usb 8-1: config 0 descriptor?? [ 961.168078][T21300] binder: 21297:21300 ioctl 400c620e 200000000280 returned -22 [ 961.193014][T21252] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 961.214518][T21252] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 961.263755][ T6925] usbhid 8-1:0.0: can't add hid device: -71 [ 961.270767][ T6925] usbhid: probe of 8-1:0.0 failed with error -71 [ 961.299041][ T6925] usb 8-1: USB disconnect, device number 7 [ 961.747777][ T4361] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 961.937823][ T4361] usb 3-1: Using ep0 maxpacket: 16 [ 961.948043][ T4361] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 961.990125][ T4361] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 962.049651][ T4361] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 962.059925][ T4361] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 962.087726][ T4361] usb 3-1: Product: syz [ 962.091961][ T4361] usb 3-1: Manufacturer: syz [ 962.116961][ T4361] usb 3-1: SerialNumber: syz [ 962.128394][ T4361] usb 3-1: config 0 descriptor?? [ 962.209262][T21374] cgroup: Invalid name [ 962.248173][T21371] loop1: detected capacity change from 0 to 128 [ 962.275190][T21371] VFS: Found a Xenix FS (block size = 1024) on device loop1 [ 962.325456][T21371] sysv_free_block: flc_count > flc_size [ 962.340645][T21378] loop8: detected capacity change from 0 to 512 [ 962.374081][T21371] sysv_free_block: flc_count > flc_size [ 962.393767][T21371] sysv_free_block: flc_count > flc_size [ 962.402820][T21378] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 962.412184][T21371] sysv_free_block: flc_count > flc_size [ 962.424273][T21371] sysv_free_block: flc_count > flc_size [ 962.431761][T21371] sysv_free_block: flc_count > flc_size [ 962.442740][T21371] sysv_free_block: flc_count > flc_size [ 962.448674][T21386] netlink: 'syz.5.12996': attribute type 1 has an invalid length. [ 962.452880][T21371] sysv_free_block: flc_count > flc_size [ 962.467822][T21371] sysv_free_block: flc_count > flc_size [ 962.484879][T21371] sysv_free_block: flc_count > flc_size [ 962.517197][T21371] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 962.525140][T21378] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 962.704424][T11583] EXT4-fs (loop8): unmounting filesystem. [ 962.989501][T21421] loop8: detected capacity change from 0 to 1024 [ 963.120977][T26201] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 963.315371][T21440] loop1: detected capacity change from 0 to 256 [ 963.324348][T21441] loop7: detected capacity change from 0 to 64 [ 963.330793][T26201] usb 6-1: Using ep0 maxpacket: 16 [ 963.344273][T21440] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe40551cd, utbl_chksum : 0xe619d30d) [ 963.345569][T26201] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 963.406106][T26201] usb 6-1: config 0 has no interface number 0 [ 963.464694][T26201] usb 6-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 963.494456][T26201] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 963.510537][T26201] usb 6-1: Product: syz [ 963.514842][T26201] usb 6-1: Manufacturer: syz [ 963.519887][T26201] usb 6-1: SerialNumber: syz [ 963.548954][T26201] usb 6-1: config 0 descriptor?? [ 963.788196][T26201] usb 6-1: selecting invalid altsetting 1 [ 963.794009][T26201] speedtch 6-1:0.1: speedtch_bind: setting interface to 1 failed (-22)! [ 963.817804][T26201] speedtch 6-1:0.1: usbatm_usb_probe: bind failed: -22! [ 963.824936][T26201] speedtch: probe of 6-1:0.1 failed with error -22 [ 963.861417][T26201] usb 6-1: USB disconnect, device number 32 [ 964.225254][T21489] SET target dimension over the limit! [ 964.238350][T21492] kAFS: Can only specify source 'none' with -o dyn [ 964.411638][T21497] device batadv0 entered promiscuous mode [ 964.444713][T21497] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 964.546360][ T4361] usb 3-1: USB disconnect, device number 47 [ 964.923024][T21538] netlink: 'syz.1.13036': attribute type 21 has an invalid length. [ 964.944031][T21538] netlink: 128 bytes leftover after parsing attributes in process `syz.1.13036'. [ 964.970121][T21538] netlink: 'syz.1.13036': attribute type 5 has an invalid length. [ 964.988849][T21538] netlink: 'syz.1.13036': attribute type 6 has an invalid length. [ 965.022539][T21538] netlink: 3 bytes leftover after parsing attributes in process `syz.1.13036'. [ 965.460998][T21556] loop5: detected capacity change from 0 to 4096 [ 965.563168][T21556] ntfs: volume version 3.1. [ 965.608877][T21571] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13047'. [ 965.645638][T21556] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 965.798100][T21556] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 965.818239][ C1] vkms_vblank_simulate: vblank timer overrun [ 965.921058][T21556] overlayfs: failed to resolve './bus': -2 [ 965.974281][T21584] loop8: detected capacity change from 0 to 64 [ 966.149922][ T27] audit: type=1800 audit(1195.171:315): pid=21584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.13051" name="file1" dev="loop8" ino=18 res=0 errno=0 [ 966.169174][ C1] vkms_vblank_simulate: vblank timer overrun [ 966.377095][T21604] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13057'. [ 966.532920][T21610] netlink: 'syz.2.13059': attribute type 10 has an invalid length. [ 966.781716][ T27] audit: type=1326 audit(1195.801:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21621 comm="syz.1.13063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb5f8eec9 code=0x7ffc0000 [ 966.867763][ T27] audit: type=1326 audit(1195.801:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21621 comm="syz.1.13063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f0cb5f8eec9 code=0x7ffc0000 [ 966.904126][T21628] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 966.933823][T21628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 966.951807][ T27] audit: type=1326 audit(1195.801:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21621 comm="syz.1.13063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb5f8eec9 code=0x7ffc0000 [ 966.984483][T21628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 967.044746][ T27] audit: type=1326 audit(1195.801:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21621 comm="syz.1.13063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb5f8eec9 code=0x7ffc0000 [ 967.072501][T21628] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 967.079250][T21632] netlink: 'syz.2.13067': attribute type 1 has an invalid length. [ 967.158015][T21632] netlink: 'syz.2.13067': attribute type 2 has an invalid length. [ 967.393173][T21641] netlink: 20 bytes leftover after parsing attributes in process `syz.5.13070'. [ 967.411945][T21617] loop8: detected capacity change from 0 to 32768 [ 967.417536][T21641] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13070'. [ 967.478564][T21617] ERROR: (device loop8): dbAlloc: unable to allocate blocks [ 967.478564][T21617] [ 967.518634][T21617] ERROR: (device loop8): remounting filesystem as read-only [ 967.750340][T21614] loop7: detected capacity change from 0 to 40427 [ 967.790473][T21614] F2FS-fs (loop7): invalid crc value [ 967.863108][T21614] F2FS-fs (loop7): Found nat_bits in checkpoint [ 968.037668][T21614] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4 [ 968.167855][ T4361] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 968.200462][T21614] F2FS-fs (loop7): Corrupted max_depth of 3: 4294967295 [ 968.359466][ T4361] usb 2-1: Using ep0 maxpacket: 8 [ 968.373757][ T4361] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 968.407933][ T4361] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 968.415994][ T4361] usb 2-1: Product: syz [ 968.440908][ T4361] usb 2-1: Manufacturer: syz [ 968.445587][ T4361] usb 2-1: SerialNumber: syz [ 968.500731][ T4361] usb 2-1: config 0 descriptor?? [ 968.617718][ T4275] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 968.720409][ T4361] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 968.849295][ T4275] usb 3-1: config 0 has an invalid interface number: 58 but max is 0 [ 968.862537][ T4275] usb 3-1: config 0 has no interface number 0 [ 968.877845][ T4275] usb 3-1: New USB device found, idVendor=041e, idProduct=400a, bcdDevice=49.f8 [ 968.897211][ T4275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 968.924643][ T4275] usb 3-1: config 0 descriptor?? [ 968.931745][ T4361] usb write operation failed. (-71) [ 968.949173][ T4361] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 968.966338][ T4275] gspca_main: spca500-2.14.0 probing 041e:400a [ 968.977773][ T4361] dvbdev: DVB: registering new adapter (Terratec H7) [ 968.995752][ T4361] usb 2-1: media controller created [ 969.030610][ T4361] usb read operation failed. (-71) [ 969.046233][ T4361] usb write operation failed. (-71) [ 969.084514][ T4361] dvb_usb_az6007: probe of 2-1:0.0 failed with error -5 [ 969.127753][ T4361] usb 2-1: USB disconnect, device number 39 [ 969.173928][ T6925] usb 3-1: USB disconnect, device number 48 [ 969.265552][ T27] audit: type=1326 audit(1198.281:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21758 comm="syz.5.13097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f338eec9 code=0x7ffc0000 [ 969.357358][ T27] audit: type=1326 audit(1198.281:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21758 comm="syz.5.13097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f15f338eec9 code=0x7ffc0000 [ 969.434648][T21765] netlink: 'syz.7.13100': attribute type 5 has an invalid length. [ 969.443250][ T27] audit: type=1326 audit(1198.281:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21758 comm="syz.5.13097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f338eec9 code=0x7ffc0000 [ 969.465561][T21768] UBIFS error (pid: 21768): cannot open "(null)", error -22 [ 970.166162][T21806] loop5: detected capacity change from 0 to 64 [ 970.716437][T21841] device netdevsim0 entered promiscuous mode [ 970.741874][T21841] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 970.834897][T21844] 8021q: adding VLAN 0 to HW filter on device bond6 [ 970.924413][T21852] device netdevsim0 entered promiscuous mode [ 970.974348][T21884] loop8: detected capacity change from 0 to 64 [ 971.557610][ T4361] usb 6-1: new full-speed USB device number 33 using dummy_hcd [ 971.700554][T21930] device vxcan3 entered promiscuous mode [ 971.759860][ T4361] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 971.780336][ T4361] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 971.809381][ T4361] usb 6-1: config 0 descriptor?? [ 971.832420][ T4361] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 972.238744][ T4361] gp8psk: usb in 137 operation failed. [ 972.244379][ T4361] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 972.285118][ T4361] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 972.337916][ T4361] usb 6-1: USB disconnect, device number 33 [ 972.524732][T21988] delete_channel: no stack [ 972.633751][T21995] loop7: detected capacity change from 0 to 64 [ 972.731302][T22001] netlink: 'syz.1.13162': attribute type 1 has an invalid length. [ 973.351475][T22038] loop5: detected capacity change from 0 to 2048 [ 973.390649][T22038] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 973.509508][T22051] netlink: 'syz.1.13180': attribute type 2 has an invalid length. [ 974.101382][T22090] ipt_REJECT: ECHOREPLY no longer supported. [ 974.257993][T22101] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13195'. [ 974.357695][ T4361] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 974.564570][ T4361] usb 6-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05 [ 974.592123][ T4361] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.613342][ T4361] usb 6-1: Product: syz [ 974.626725][ T4361] usb 6-1: Manufacturer: syz [ 974.637350][ T4361] usb 6-1: SerialNumber: syz [ 974.652122][ T4361] usb 6-1: config 0 descriptor?? [ 974.672942][ T4361] go7007: probe of 6-1:0.0 failed with error -12 [ 974.717237][T22122] loop1: detected capacity change from 0 to 2048 [ 974.772457][T22121] loop8: detected capacity change from 0 to 4096 [ 974.808584][T22121] ntfs3: loop8: Different NTFS' sector size (4096) and media sector size (512) [ 974.826012][T22134] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 974.842446][T22122] syz.1.13203: attempt to access beyond end of device [ 974.842446][T22122] loop1: rw=0, sector=281474976710722, nr_sectors = 2 limit=2048 [ 974.903172][ T4361] usb 6-1: USB disconnect, device number 34 [ 974.928442][T22122] NILFS (loop1): I/O error reading b-tree node block (ino=16, blocknr=15) [ 974.968708][T22121] ntfs3: loop8: failed to convert "c46c" to cp862 [ 974.994139][T22122] NILFS (loop1): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 975.025641][T22122] NILFS error (device loop1): nilfs_bmap_last_key: broken bmap (inode number=16) [ 975.066844][T22122] Remounting filesystem read-only [ 975.081487][T22122] NILFS (loop1): error -5 truncating bmap (ino=16) [ 975.213748][ T4272] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 975.548336][T22167] loop8: detected capacity change from 0 to 1024 [ 975.879794][T22185] Mount JFS Failure: -22 [ 975.901523][T22185] jfs_mount failed w/return code = -22 [ 975.945404][T22190] netlink: 16 bytes leftover after parsing attributes in process `syz.5.13220'. [ 975.974287][T22190] netlink: 16 bytes leftover after parsing attributes in process `syz.5.13220'. [ 976.017693][T22190] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 976.115546][T22190] 8021q: adding VLAN 0 to HW filter on device bond7 [ 976.138794][T22193] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13221'. [ 976.239228][T22153] loop7: detected capacity change from 0 to 32768 [ 976.332791][T22153] ocfs2: Slot 0 on device (7,7) was already allocated to this node! [ 976.410899][T22153] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 976.425821][T22246] netlink: set zone limit has 4 unknown bytes [ 976.613973][ T9533] ocfs2: Unmounting device (7,7) on (node local) [ 976.743165][T22255] netlink: 176 bytes leftover after parsing attributes in process `syz.8.13229'. [ 976.862546][T22260] loop5: detected capacity change from 0 to 512 [ 976.975696][T22260] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 977.352563][T22260] EXT4-fs (loop5): unmounting filesystem. [ 977.462494][T22244] loop1: detected capacity change from 0 to 32768 [ 977.511755][T22244] ialloc: diAlloc returned -5! [ 977.546146][T22285] loop5: detected capacity change from 0 to 164 [ 978.155068][T22314] loop1: detected capacity change from 0 to 1764 [ 978.228046][T22314] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 978.300170][ T52] block nbd2: Attempted send on invalid socket [ 978.306409][ T52] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 978.318296][ T93] block nbd2: Attempted send on invalid socket [ 978.324531][ T93] I/O error, dev nbd2, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 978.341618][T22325] Mount JFS Failure: -5 [ 978.357704][T22325] jfs_mount failed w/return code = -5 [ 978.383086][T22329] netlink: 16 bytes leftover after parsing attributes in process `syz.7.13250'. [ 978.651339][T22346] netlink: 1020 bytes leftover after parsing attributes in process `syz.2.13255'. [ 979.294326][ T27] audit: type=1326 audit(1208.311:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22390 comm="syz.5.13271" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f15f338eec9 code=0x0 [ 979.399014][T22394] kAFS: unparsable volume name [ 979.443903][T22398] binder: 22396:22398 ioctl c018620c 200000000380 returned -22 [ 979.494225][T22402] netlink: 16 bytes leftover after parsing attributes in process `syz.7.13274'. [ 979.616156][T22409] netlink: 8 bytes leftover after parsing attributes in process `syz.8.13277'. [ 979.701177][T22415] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 980.092783][T22434] xt_hashlimit: invalid interval [ 980.320017][T22406] loop5: detected capacity change from 0 to 32768 [ 980.347261][T22406] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop5 scanned by syz.5.13276 (22406) [ 980.415173][T22406] BTRFS info (device loop5): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 980.487650][T22406] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 980.513668][T22406] BTRFS info (device loop5): turning on flush-on-commit [ 980.541520][T22406] BTRFS info (device loop5): turning off barriers [ 980.572459][T22406] BTRFS info (device loop5): turning on sync discard [ 980.594594][T22406] BTRFS info (device loop5): using free space tree [ 980.595186][T22462] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 980.756256][T22482] netlink: 5 bytes leftover after parsing attributes in process `syz.1.13296'. [ 980.806626][ T6925] lo speed is unknown, defaulting to 1000 [ 980.978964][T13183] BTRFS info (device loop5): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 981.071081][T22502] loop1: detected capacity change from 0 to 64 [ 981.307659][ T6925] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 981.527938][ T6925] usb 9-1: Using ep0 maxpacket: 32 [ 981.536108][ T6925] usb 9-1: unable to get BOS descriptor or descriptor too short [ 981.553249][ T6925] usb 9-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 981.578534][ T6925] usb 9-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 981.588033][T22522] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13309'. [ 981.610808][ T6925] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 981.619315][ T6925] usb 9-1: Product: syz [ 981.651728][ T6925] usb 9-1: Manufacturer: syz [ 981.656417][ T6925] usb 9-1: SerialNumber: syz [ 981.847701][ T4275] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 981.891751][ T6925] usb 9-1: Limiting number of CPorts to U8_MAX [ 981.906695][ T6925] usb 9-1: Not enough endpoints found in device, aborting! [ 982.045976][ T4275] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 982.065543][ T4275] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 982.086799][ T4275] usb 8-1: Product: syz [ 982.103282][ T4275] usb 8-1: Manufacturer: syz [ 982.124371][ T4275] usb 8-1: SerialNumber: syz [ 982.148092][ T6925] usb 9-1: USB disconnect, device number 8 [ 982.155148][ T4275] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 982.215242][ T4275] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 982.437000][T22571] loop1: detected capacity change from 0 to 2048 [ 982.479954][T22571] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 982.556069][ T27] audit: type=1800 audit(1211.571:324): pid=22571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13319" name="file1" dev="loop1" ino=1367 res=0 errno=0 [ 982.822419][T22587] netlink: 148 bytes leftover after parsing attributes in process `syz.2.13324'. [ 983.016514][T22587] netlink: 148 bytes leftover after parsing attributes in process `syz.2.13324'. [ 983.069799][ T6925] usb 8-1: USB disconnect, device number 8 [ 983.273878][ T4275] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive [ 983.287326][ T4275] ath9k_htc: Failed to initialize the device [ 983.320374][ T6925] usb 8-1: ath9k_htc: USB layer deinitialized [ 983.389953][T22622] netlink: 168 bytes leftover after parsing attributes in process `syz.5.13332'. [ 983.433878][T22626] netlink: 56537 bytes leftover after parsing attributes in process `syz.7.13334'. [ 983.707274][T22641] netlink: 122896 bytes leftover after parsing attributes in process `syz.5.13338'. [ 984.323378][T22684] loop7: detected capacity change from 0 to 1024 [ 984.411063][T22694] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13354'. [ 984.479407][T22684] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 984.589252][T22684] EXT4-fs error (device loop7): ext4_empty_dir:3166: inode #11: block 623: comm syz.7.13350: Attempting to read directory block (623) that is past i_size (638464) [ 984.660078][T22684] EXT4-fs (loop7): Remounting filesystem read-only [ 984.793444][ T9533] EXT4-fs (loop7): unmounting filesystem. [ 984.819210][T22664] loop1: detected capacity change from 0 to 32768 [ 984.992709][T22720] loop7: detected capacity change from 0 to 512 [ 985.098256][T22720] EXT4-fs: Ignoring removed mblk_io_submit option [ 985.132859][T22720] EXT4-fs: Ignoring removed nomblk_io_submit option [ 985.137773][T22729] netlink: 20 bytes leftover after parsing attributes in process `syz.8.13364'. [ 985.150425][T22720] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 985.197856][T22720] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 985.225394][T22720] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3836: comm syz.7.13361: Allocating blocks 41-42 which overlap fs metadata [ 985.258044][T22720] Quota error (device loop7): write_blk: dquota write failed [ 985.265503][T22720] Quota error (device loop7): find_free_dqentry: Can't write quota data block 5 [ 985.275818][T22720] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3836: comm syz.7.13361: Allocating blocks 41-42 which overlap fs metadata [ 985.310634][T22720] Quota error (device loop7): write_blk: dquota write failed [ 985.331500][T22720] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 985.357393][T22720] EXT4-fs error (device loop7): ext4_acquire_dquot:6816: comm syz.7.13361: Failed to acquire dquot type 1 [ 985.378684][T22720] EXT4-fs error (device loop7): mb_free_blocks:1810: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 985.410847][T22720] EXT4-fs error (device loop7): ext4_do_update_inode:5254: inode #12: comm syz.7.13361: corrupted inode contents [ 985.452234][T22720] EXT4-fs error (device loop7): ext4_dirty_inode:6119: inode #12: comm syz.7.13361: mark_inode_dirty error [ 985.475103][T22720] EXT4-fs error (device loop7): ext4_do_update_inode:5254: inode #12: comm syz.7.13361: corrupted inode contents [ 985.517556][T22720] EXT4-fs error (device loop7): __ext4_ext_dirty:202: inode #12: comm syz.7.13361: mark_inode_dirty error [ 985.556706][T22720] EXT4-fs error (device loop7): ext4_do_update_inode:5254: inode #12: comm syz.7.13361: corrupted inode contents [ 985.597916][T22720] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem [ 985.617934][T22720] EXT4-fs error (device loop7): ext4_do_update_inode:5254: inode #12: comm syz.7.13361: corrupted inode contents [ 985.672759][T22720] EXT4-fs error (device loop7): ext4_truncate:4312: inode #12: comm syz.7.13361: mark_inode_dirty error [ 985.712968][T22720] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem [ 985.738431][T22720] EXT4-fs (loop7): 1 truncate cleaned up [ 985.753532][T22720] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 985.782865][T22720] EXT4-fs (loop7): unmounting filesystem. [ 986.074417][T22764] loop1: detected capacity change from 0 to 2048 [ 986.120716][T22764] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 986.136004][ T27] audit: type=1326 audit(1215.151:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22766 comm="syz.7.13376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 986.204325][T22774] netlink: 132 bytes leftover after parsing attributes in process `syz.5.13377'. [ 986.257834][ T27] audit: type=1326 audit(1215.151:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22766 comm="syz.7.13376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 986.292123][T22742] loop8: detected capacity change from 0 to 32768 [ 986.337637][ T27] audit: type=1326 audit(1215.191:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22766 comm="syz.7.13376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 986.482223][ T27] audit: type=1326 audit(1215.191:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22766 comm="syz.7.13376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 986.517885][T22742] XFS (loop8): Mounting V5 Filesystem [ 986.656092][ T27] audit: type=1326 audit(1215.191:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22766 comm="syz.7.13376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 986.678521][ T27] audit: type=1800 audit(1215.261:330): pid=22764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13374" name="bus" dev="loop1" ino=1367 res=0 errno=0 [ 986.743290][T22742] XFS (loop8): Ending clean mount [ 986.767718][T22742] XFS (loop8): Quotacheck needed: Please wait. [ 986.884063][T22742] XFS (loop8): Quotacheck: Done. [ 987.139361][T11583] XFS (loop8): Unmounting Filesystem [ 987.924481][T22869] netlink: 'syz.1.13406': attribute type 4 has an invalid length. [ 987.953250][T22869] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.13406'. [ 988.792098][T22922] SET target dimension over the limit! [ 989.012483][T22931] loop8: detected capacity change from 0 to 512 [ 989.050486][T22881] loop5: detected capacity change from 0 to 32768 [ 989.061995][T22931] EXT4-fs: Ignoring removed orlov option [ 989.088397][T22931] EXT4-fs: Ignoring removed i_version option [ 989.118154][T22881] ERROR: (device loop5): dbAlloc: the hint is outside the map [ 989.118154][T22881] [ 989.159538][T22931] EXT4-fs (loop8): orphan cleanup on readonly fs [ 989.166164][T22881] ialloc: diAlloc returned -5! [ 989.207372][T22931] EXT4-fs error (device loop8): ext4_orphan_get:1426: comm syz.8.13428: bad orphan inode 13 [ 989.234509][T22931] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 989.302037][T22931] EXT4-fs error (device loop8): ext4_lookup:1850: inode #2: comm syz.8.13428: bad inode number: 12 [ 989.370910][T22949] program syz.2.13431 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 989.457344][T11583] EXT4-fs (loop8): unmounting filesystem. [ 989.634433][T22947] loop1: detected capacity change from 0 to 8192 [ 989.724706][T22966] netlink: 'syz.5.13437': attribute type 21 has an invalid length. [ 989.766473][T22966] netlink: 132 bytes leftover after parsing attributes in process `syz.5.13437'. [ 990.575313][T23010] device sit0 entered promiscuous mode [ 990.628807][T23010] netlink: 'syz.1.13451': attribute type 1 has an invalid length. [ 990.649473][T23010] netlink: 1 bytes leftover after parsing attributes in process `syz.1.13451'. [ 991.231587][T23050] loop8: detected capacity change from 0 to 128 [ 991.271075][T23050] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256 [ 991.315255][T23050] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 992.146949][T23059] loop1: detected capacity change from 0 to 32768 [ 992.241857][T23059] XFS (loop1): Mounting V5 Filesystem [ 992.319437][T23111] netlink: 122896 bytes leftover after parsing attributes in process `syz.7.13480'. [ 992.328451][T23059] XFS (loop1): Ending clean mount [ 992.381610][T23111] debugfs: Directory '!!' with parent 'ieee80211' already present! [ 992.517540][ T6925] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 992.540013][ T4272] XFS (loop1): Unmounting Filesystem [ 992.760749][ T6925] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17 [ 992.782115][ T6925] usb 6-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3 [ 992.800290][ T6925] usb 6-1: Product: syz [ 992.805425][ T6925] usb 6-1: Manufacturer: syz [ 992.818937][ T6925] usb 6-1: SerialNumber: syz [ 992.839233][ T6925] usb 6-1: config 0 descriptor?? [ 992.859564][ T6925] ch341 6-1:0.0: ch341-uart converter detected [ 992.961159][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 992.967705][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.303575][ T6925] usb 6-1: failed to send control message: -71 [ 993.317859][ T6925] ch341-uart: probe of ttyUSB0 failed with error -71 [ 993.336649][ T6925] usb 6-1: USB disconnect, device number 35 [ 993.367120][ T6925] ch341 6-1:0.0: device disconnected [ 993.480453][T23180] overlayfs: option "workdir=./file0:/" is useless in a non-upper mount, ignore [ 993.492499][T23180] overlayfs: missing 'lowerdir' [ 993.557746][ T6917] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 993.668888][ T27] audit: type=1326 audit(1222.691:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23189 comm="syz.2.13499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440758eec9 code=0x7ffc0000 [ 993.727893][ T27] audit: type=1326 audit(1222.711:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23189 comm="syz.2.13499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f440758eec9 code=0x7ffc0000 [ 993.753650][ T6917] usb 8-1: unable to get BOS descriptor or descriptor too short [ 993.774177][ T6917] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 993.800083][ T6917] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 993.847625][ T27] audit: type=1326 audit(1222.711:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23189 comm="syz.2.13499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440758eec9 code=0x7ffc0000 [ 993.877162][ T6917] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 993.922797][ T6917] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 993.939770][ T27] audit: type=1326 audit(1222.711:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23189 comm="syz.2.13499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440758eec9 code=0x7ffc0000 [ 993.977548][ T6917] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 994.005475][ T6917] usb 8-1: Product: syz [ 994.017589][ T6917] usb 8-1: Manufacturer: syz [ 994.022313][ T6917] usb 8-1: SerialNumber: syz [ 994.058730][ T6917] cdc_ncm 8-1:1.0: CDC Union missing and no IAD found [ 994.065591][ T6917] cdc_ncm 8-1:1.0: bind() failure [ 994.230575][T23221] netlink: 8 bytes leftover after parsing attributes in process `syz.8.13509'. [ 994.286809][T23227] loop5: detected capacity change from 0 to 128 [ 994.294537][ T4361] usb 8-1: USB disconnect, device number 9 [ 994.352870][T23227] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 994.553672][T13183] EXT4-fs (loop5): unmounting filesystem. [ 994.688004][T23251] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 995.025877][T23269] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 995.028228][ T6587] usb 9-1: new full-speed USB device number 9 using dummy_hcd [ 995.264061][ T6587] usb 9-1: config 0 has an invalid interface number: 20 but max is 0 [ 995.276738][ T6587] usb 9-1: config 0 has no interface number 0 [ 995.297876][ T6587] usb 9-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 995.311510][ T6587] usb 9-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 995.337011][ T6587] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 995.368247][ T6587] usb 9-1: Product: syz [ 995.372480][ T6587] usb 9-1: Manufacturer: syz [ 995.377106][ T6587] usb 9-1: SerialNumber: syz [ 995.422781][ T6587] usb 9-1: config 0 descriptor?? [ 995.436969][T23289] loop1: detected capacity change from 0 to 8 [ 995.452389][T23256] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 995.468868][ T6587] usb-storage 9-1:0.20: USB Mass Storage device detected [ 995.524044][ T6587] usb-storage 9-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 995.588322][T23289] SQUASHFS error: xz decompression failed, data probably corrupt [ 995.597056][T23289] SQUASHFS error: Failed to read block 0x60: -5 [ 995.618591][T23289] SQUASHFS error: xz decompression failed, data probably corrupt [ 995.626541][T23289] SQUASHFS error: Failed to read block 0x60: -5 [ 995.637921][ T27] audit: type=1800 audit(1224.651:335): pid=23289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.13526" name="file1" dev="loop1" ino=1 res=0 errno=0 [ 995.679748][T23300] loop7: detected capacity change from 0 to 4096 [ 995.696118][ T6587] scsi host1: usb-storage 9-1:0.20 [ 995.735019][T23300] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c118, mo2=0002] [ 995.775918][T23300] System zones: 0-5 [ 995.807107][T23300] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 995.890694][ T6587] usb 9-1: USB disconnect, device number 9 [ 995.979426][ T9533] EXT4-fs (loop7): unmounting filesystem. [ 996.084951][T23329] netlink: 'syz.5.13535': attribute type 2 has an invalid length. [ 996.185473][ T27] audit: type=1326 audit(1225.201:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23340 comm="syz.7.13536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 996.242063][ T27] audit: type=1326 audit(1225.241:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23340 comm="syz.7.13536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 996.332822][ T27] audit: type=1326 audit(1225.241:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23340 comm="syz.7.13536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 996.396771][T23349] netlink: 188 bytes leftover after parsing attributes in process `syz.2.13540'. [ 996.411777][ T27] audit: type=1326 audit(1225.241:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23340 comm="syz.7.13536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 996.501468][ T27] audit: type=1326 audit(1225.241:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23340 comm="syz.7.13536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072dd8eec9 code=0x7ffc0000 [ 997.185220][T23399] ieee802154 phy0 wpan0: encryption failed: -22 [ 997.368825][ T52] block nbd1: Attempted send on invalid socket [ 997.375092][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 997.456567][T23410] loop8: detected capacity change from 0 to 512 [ 997.501014][T23410] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 997.610822][T23410] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003) [ 997.853199][T23433] Unsupported ieee802154 address type: 0 [ 997.927858][ T127] usb 6-1: new full-speed USB device number 36 using dummy_hcd [ 998.129782][ T127] usb 6-1: config 0 has an invalid interface number: 110 but max is 0 [ 998.147695][ T6587] usb 3-1: new full-speed USB device number 49 using dummy_hcd [ 998.155523][ T127] usb 6-1: config 0 has no interface number 0 [ 998.178023][ T127] usb 6-1: config 0 interface 110 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 998.208641][ T127] usb 6-1: config 0 interface 110 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 998.242455][ T127] usb 6-1: config 0 interface 110 has no altsetting 0 [ 998.263296][ T127] usb 6-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55 [ 998.308237][ T127] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 998.326563][ T127] usb 6-1: Product: syz [ 998.346800][ T127] usb 6-1: Manufacturer: syz [ 998.355911][ T6587] usb 3-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 998.376242][ T6587] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 998.387235][ T127] usb 6-1: SerialNumber: syz [ 998.403340][ T127] usb 6-1: config 0 descriptor?? [ 998.425113][ T6587] usb 3-1: config 0 descriptor?? [ 998.452572][ T6587] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 998.513358][T23461] loop8: detected capacity change from 0 to 4096 [ 998.537744][T23461] ntfs3: loop8: Different NTFS' sector size (1024) and media sector size (512) [ 998.598226][T23440] loop7: detected capacity change from 0 to 32768 [ 998.613559][T23461] ntfs3: loop8: ntfs3_write_inode r=1e failed, -22. [ 998.646735][ T127] cdc_subset: probe of 6-1:0.110 failed with error -22 [ 998.684899][T23440] ialloc: diAlloc returned -17! [ 998.851937][T11583] ntfs3: loop8: ntfs_evict_inode r=1e failed, -22. [ 998.861697][ T6587] gspca_sn9c20x: Write register 1001 failed -71 [ 998.881920][ T6587] gspca_sn9c20x: Device initialization failed [ 998.898258][T11583] ntfs3: loop8: Mark volume as dirty due to NTFS errors [ 998.902551][ T6587] gspca_sn9c20x: probe of 3-1:0.0 failed with error -71 [ 998.928638][ T6917] usb 6-1: USB disconnect, device number 36 [ 998.985580][ T6587] usb 3-1: USB disconnect, device number 49 [ 999.054987][T23497] netlink: 48 bytes leftover after parsing attributes in process `syz.8.13581'. [ 999.400304][T23517] netlink: 'syz.7.13588': attribute type 10 has an invalid length. [ 999.429587][T23517] device veth0_macvtap left promiscuous mode [ 999.468938][T23517] batman_adv: batadv0: Adding interface: macvtap0 [ 999.475430][T23517] batman_adv: batadv0: The MTU of interface macvtap0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 999.601192][T23523] loop8: detected capacity change from 0 to 164 [ 999.607766][T23517] batman_adv: batadv0: Not using interface macvtap0 (retrying later): interface not active [ 999.685803][T23523] iso9660: Corrupted directory entry in block 0 of inode 1920 [ 999.721938][T23526] loop1: detected capacity change from 0 to 4096 [ 999.749716][T23526] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 999.781763][T23531] netlink: 'syz.5.13592': attribute type 5 has an invalid length. [ 999.823963][T23526] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 999.916087][T23526] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1000.021027][T23544] netlink: 24 bytes leftover after parsing attributes in process `syz.2.13595'. [ 1000.043023][T23526] ntfs: volume version 3.1. [ 1000.483798][T23570] netlink: 20 bytes leftover after parsing attributes in process `syz.8.13604'. [ 1000.583794][T23576] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1000.603485][T23576] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1000.648100][T23576] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1000.691121][T23576] infiniband syz1: set down [ 1000.896710][ T27] audit: type=1800 audit(1229.911:341): pid=23554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.2.13600" name="/" dev="sockfs" ino=130172 res=0 errno=0 [ 1001.152541][T23603] loop5: detected capacity change from 0 to 128 [ 1001.527589][ T6925] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 1001.578630][T23586] loop8: detected capacity change from 0 to 32768 [ 1001.622865][T23601] loop7: detected capacity change from 0 to 32768 [ 1001.624320][T23586] JBD2: Ignoring recovery information on journal [ 1001.706889][T23601] XFS (loop7): Mounting V5 Filesystem [ 1001.720814][T23586] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode. [ 1001.737807][ T6925] usb 6-1: Using ep0 maxpacket: 32 [ 1001.745136][ T6925] usb 6-1: config 1 has an invalid descriptor of length 215, skipping remainder of the config [ 1001.757113][ T6925] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 26 [ 1001.787708][ T4361] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 1001.799850][ T6925] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1001.813742][T23586] (syz.8.13608,23586,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=32, inode=17057, rec_len=1304, name_len=0 [ 1001.867670][ T6925] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1001.901862][ T6925] usb 6-1: SerialNumber: syz [ 1001.902873][T23611] loop1: detected capacity change from 0 to 32768 [ 1001.915357][T23586] (syz.8.13608,23586,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 1001.929516][T23611] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.13616 (23611) [ 1001.939534][ T6925] cdc_acm 6-1:1.0: skipping garbage [ 1001.984273][T23611] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1001.995685][T23586] (syz.8.13608,23586,1):ocfs2_mknod:298 ERROR: status = -2 [ 1002.008772][T23601] XFS (loop7): Ending clean mount [ 1002.013828][T23586] (syz.8.13608,23586,1):ocfs2_mknod:502 ERROR: status = -2 [ 1002.030260][T23611] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 1002.035095][ T4361] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1002.050550][T23601] XFS (loop7): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair. [ 1002.071347][T23586] (syz.8.13608,23586,1):ocfs2_create:676 ERROR: status = -2 [ 1002.079171][ T4361] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1002.084253][T23611] BTRFS info (device loop1): using free space tree [ 1002.097722][ T4361] usb 3-1: Product: syz [ 1002.101994][ T4361] usb 3-1: Manufacturer: syz [ 1002.111146][ T4361] usb 3-1: SerialNumber: syz [ 1002.150962][ T4361] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1002.209434][ T6925] usb 6-1: USB disconnect, device number 37 [ 1002.229647][T11583] ocfs2: Unmounting device (7,8) on (node local) [ 1002.240276][ T4361] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1002.418649][T23611] BTRFS info (device loop1): enabling ssd optimizations [ 1002.464835][ T9533] XFS (loop7): Unmounting Filesystem [ 1002.659677][ T4272] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1002.677851][ T6917] usb 3-1: USB disconnect, device number 50 [ 1002.815916][T23679] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1002.823274][T23679] IPv6: NLM_F_CREATE should be set when creating new route [ 1003.507792][ T4361] usb 3-1: Service connection timeout for: 256 [ 1003.514034][ T4361] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services [ 1003.542313][ T4361] ath9k_htc: Failed to initialize the device [ 1003.567720][ T6917] usb 3-1: ath9k_htc: USB layer deinitialized [ 1004.154955][T23743] loop1: detected capacity change from 0 to 8 [ 1004.190145][T23743] squashfs: Unknown parameter '017777777777777777777772-h%þŒ÷ íÿÿï¡W)’B¸Y9N“!^÷ÇÁT%b²sÒî¬à1ÜïÝáçg:—ñK"­ÿÆGÝyÝ>2­mv·8hö;¨5)-ã [ 1022.096372][T24718] loop7: detected capacity change from 0 to 1024 [ 1022.105566][T24719] [U] oi?òW§x¶Ú4M³÷kï1‡²ªÆK›BJ¹ä ÂÂò&ƒ¥Ô[,㩉I­j?3 32çðÍt¾ [ 1022.105640][T24719] [U] œ†o&ÚÝŒñøL3N±°7SE8(¡ý«í!`¨&ñE°Þ»qNÛÇÆ·¯ [ 1022.105674][T24719] [U] ·¨¬hõ½A‚Ù=' Sj [ 1022.105687][T24719] [U] ™ „þ<_¹Ý™Ñß@’–c Õª×éß9^Ãý³€ŽA²‰É&w8¶vîš:vW VPñÉ^;¾§œ%’ãϲþÛ}ŠýÖˆÐ~4ýxiìShj«q7Ï [ 1022.142311][T24719] [U] Þÿ•÷³ž÷Üó©9œ·˜XÔ‘#´Y9úvXÝû1Ù;j}mJÕ/3¡Uhd«ÈR?BñZåÖž¸ÞSÿ9_pPø´C¢iG¡Ö)„Ü‚´ØÔ]!aŸ¦@ðXÎCRf›ÌÀn%(ŠŠ¼ÜŽ<ùV¸%íäټ©!FöHkxÒ˜Jþ öqû¨’qÖšëªVbzzpX [ 1022.158127][T24719] [U] w#qÂØâ±­'öžN%»î­^ˆÈd£zäƒb¾ãû•ßŸÑMô5aÒ”y3áã¢HñÒ‰×EÖÕý­Ý½LZÇ$O”ZcBƒîÒ‚ [ 1022.167508][T24719] [U] ¼v‡‚‰nëÔ´}¨²&…Wãk!t¹å~“ÁÏH,ñzœ‰}ƒo,§šÑÄ0l °å\¦»wZ6±éM|/ŦOñ”„[¼…Q¬ ±(Ûjïô¤N@Ç(ïßN„³’iS:̆ƒO;ç¨u! UYÉžÙŠÐÅŸ8"k8á×BeÏ$~áùK­N ⢠[ 1022.182530][T24719] [U] ÏJµC2Dg]*ÿ±¢.H&Œñ\a¤ 9v¾Wøÿó…²5Tç@ˆÛ]zC¸Q“1eÞЗ]@tÊœ/2£ÒoON…¹’ [ 1022.191643][T24719] [U] Ö›È/^¾5sÅN§£íÁömyD¾ài%Ú ‡ÉZjÆ©ÁRµôÛ@LïdŒ_=ä-Fà€ P;M4±skv²Hi赎n~¼„â©…$IæÀâ˜ãµ c|Òý3jˆ6ùìX· [ 1022.203802][T24719] [U] µŽì~ܼAJ͘‚…[ºKã^ j¸¬<“=ÑvqŠXÛIËJˆõjdæýYšw?gYÙÀ׊° ½4C" [ 1022.211872][T24719] [U] ÛQÒhˆeÑMq[¸D(Ÿ¡he·yqYoºÜò1Nîrþä‡N‡¨˜"¨‹ [ 1022.218288][ C0] vkms_vblank_simulate: vblank timer overrun [ 1022.264978][T24711] [U] ëÖ¬¹Õ›¡÷¾:MÖ1ÄðîŒÐQŽ¬à¿, Ýã0Óeœîð.VüÏñ¤ñhÑ(ÀŸh±äÌË'^êšwhtöYÏ8 gߌö,r𑘒QU¹G;6Ý*o€•Õ‚¡BŠ+Äìªèì]±‘A;8Ý8­dH>à‚þƒÇ»OßKQ– [ 1022.377711][ T6925] usb 2-1: new full-speed USB device number 41 using dummy_hcd [ 1022.443087][ T33] hfsplus: b-tree write err: -5, ino 4 [ 1022.454588][T24733] loop8: detected capacity change from 0 to 1024 [ 1022.526628][T24739] netlink: 24 bytes leftover after parsing attributes in process `syz.7.13864'. [ 1022.575437][T24733] hfsplus: bad catalog entry type [ 1022.599221][ T6925] usb 2-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00 [ 1022.617753][ T6925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1022.663579][ T6925] usb 2-1: config 0 descriptor?? [ 1022.716597][ T75] hfsplus: b-tree write err: -5, ino 4 [ 1022.904389][T24758] loop5: detected capacity change from 0 to 1024 [ 1023.044188][T24758] hfsplus: xattr searching failed [ 1023.092093][ T6925] hid-alps 0003:044E:120C.0006: hidraw0: USB HID v0.06 Device [HID 044e:120c] on usb-dummy_hcd.1-1/input0 [ 1023.271737][T24776] loop7: detected capacity change from 0 to 2048 [ 1023.313132][ T6925] usb 2-1: USB disconnect, device number 41 [ 1023.331418][T24776] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found! [ 1023.399763][T24776] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1023.428445][T24791] loop5: detected capacity change from 0 to 1024 [ 1023.451627][T24771] fido_id[24771]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1023.586056][T24791] block device autoloading is deprecated and will be removed. [ 1023.775348][ T33] hfsplus: b-tree write err: -5, ino 4 [ 1024.043956][ T127] kernel write not supported for file /amidi2 (pid: 127 comm: kworker/0:2) [ 1024.232257][T24840] loop8: detected capacity change from 0 to 256 [ 1024.236691][T24842] loop7: detected capacity change from 0 to 512 [ 1024.247675][ T4361] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 1024.302996][T24842] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 1024.321054][T24840] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x19755df0, utbl_chksum : 0xe619d30d) [ 1024.341946][T24842] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e11c, mo2=0002] [ 1024.358786][T24842] System zones: 1-12 [ 1024.371167][T24842] EXT4-fs (loop7): orphan cleanup on readonly fs [ 1024.398590][T24842] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.13887: bg 0: block 361: padding at end of block bitmap is not set [ 1024.457722][ T4361] usb 2-1: Using ep0 maxpacket: 16 [ 1024.468013][T24840] exFAT-fs (loop8): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5) [ 1024.475153][ T4361] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1024.497871][ T4361] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1024.517520][ T4361] usb 2-1: New USB device found, idVendor=0853, idProduct=0148, bcdDevice= 0.00 [ 1024.531103][T24842] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 1024.540751][T24842] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz.7.13887: invalid indirect mapped block 12 (level 1) [ 1024.548247][T24840] exFAT-fs (loop8): Filesystem has been set read-only [ 1024.558845][ T4361] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1024.598618][T24842] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz.7.13887: invalid indirect mapped block 2 (level 2) [ 1024.624330][ T4361] usb 2-1: config 0 descriptor?? [ 1024.654541][T24842] EXT4-fs (loop7): 1 truncate cleaned up [ 1024.660660][T24842] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 1024.887074][ T9533] EXT4-fs (loop7): unmounting filesystem. [ 1025.066577][ T4361] topre 0003:0853:0148.0007: unknown main item tag 0xd [ 1025.095316][ T4361] topre 0003:0853:0148.0007: unexpected long global item [ 1025.103236][ T4361] topre: probe of 0003:0853:0148.0007 failed with error -22 [ 1025.291462][ T4361] usb 2-1: USB disconnect, device number 42 [ 1025.972809][T24918] netlink: 40 bytes leftover after parsing attributes in process `syz.1.13907'. [ 1026.040152][T24904] loop8: detected capacity change from 0 to 32768 [ 1026.114027][T24898] loop7: detected capacity change from 0 to 32768 [ 1026.168048][T24904] read_mapping_page failed! [ 1026.182513][T24898] MetaData crosses page boundary!! [ 1026.183738][T24904] ERROR: (device loop8): txCommit: [ 1026.183738][T24904] [ 1026.192964][T24898] lblock = 621d00, size = 28672 [ 1026.234098][T24898] CPU: 0 PID: 24898 Comm: syz.7.13899 Not tainted syzkaller #0 [ 1026.234127][T24898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1026.234144][T24898] Call Trace: [ 1026.234152][T24898] [ 1026.234161][T24898] dump_stack_lvl+0x168/0x22e [ 1026.234180][T24924] jfs_unlink: dtDelete returned -116 [ 1026.234197][T24898] ? show_regs_print_info+0x12/0x12 [ 1026.234222][T24898] ? load_image+0x3b0/0x3b0 [ 1026.234266][T24898] __get_metapage+0xaa8/0xfa0 [ 1026.234295][T24898] dtSearch+0x5d5/0x2050 [ 1026.234360][T24898] jfs_lookup+0x152/0x380 [ 1026.234391][T24898] ? jfs_get_parent+0xa0/0xa0 [ 1026.234436][T24898] ? apparmor_path_rmdir+0x30/0x30 [ 1026.234462][T24898] ? make_kgid+0x640/0x640 [ 1026.234480][T24898] ? rwsem_write_trylock+0x12f/0x1b0 [ 1026.234505][T24898] ? generic_permission+0x230/0x510 [ 1026.234540][T24898] ? inode_permission+0xef/0x480 [ 1026.234569][T24898] ? bpf_lsm_inode_create+0x5/0x10 [ 1026.234596][T24898] ? security_inode_create+0xb3/0x100 [ 1026.234619][T24898] ? jfs_get_parent+0xa0/0xa0 [ 1026.234656][T24898] path_openat+0xfaf/0x2e70 [ 1026.234665][T24924] jfs_unlink: dtDelete returned -116 [ 1026.234707][T24898] ? do_filp_open+0x3c0/0x3c0 [ 1026.234745][T24898] do_filp_open+0x1c1/0x3c0 [ 1026.234767][T24898] ? vfs_tmpfile+0x480/0x480 [ 1026.234808][T24898] ? _raw_spin_unlock+0x24/0x40 [ 1026.234839][T24898] ? alloc_fd+0x58f/0x630 [ 1026.234876][T24898] do_sys_openat2+0x142/0x490 [ 1026.234911][T24898] ? do_sys_open+0xe0/0xe0 [ 1026.234935][T24898] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1026.234968][T24898] ? lock_chain_count+0x20/0x20 [ 1026.235002][T24898] __x64_sys_openat+0x135/0x160 [ 1026.235034][T24898] do_syscall_64+0x4c/0xa0 [ 1026.235063][T24898] ? clear_bhb_loop+0x60/0xb0 [ 1026.235085][T24898] ? clear_bhb_loop+0x60/0xb0 [ 1026.235110][T24898] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1026.235132][T24898] RIP: 0033:0x7f072dd8eec9 [ 1026.235158][T24898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1026.235176][T24898] RSP: 002b:00007f072eca6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1026.235199][T24898] RAX: ffffffffffffffda RBX: 00007f072dfe5fa0 RCX: 00007f072dd8eec9 [ 1026.235215][T24898] RDX: 000000000000275a RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1026.235229][T24898] RBP: 00007f072de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1026.235243][T24898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1026.235257][T24898] R13: 00007f072dfe6038 R14: 00007f072dfe5fa0 R15: 00007ffd4599d9d8 [ 1026.235289][T24898] [ 1026.238939][T24898] bread failed! [ 1026.238971][T24898] jfs_lookup: dtSearch returned -5 [ 1026.537780][ T6917] usb 3-1: new high-speed USB device number 53 using dummy_hcd [ 1026.987611][ T6917] usb 3-1: Using ep0 maxpacket: 8 [ 1026.994559][ T6917] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1027.023758][ T6917] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 1027.059157][T24953] [U] ¦ [ 1027.080700][ T6917] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1027.120510][ T6917] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1027.137524][ T6917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1027.160937][T24952] loop1: detected capacity change from 0 to 4096 [ 1027.167474][ T6917] usb 3-1: Product: syz [ 1027.171668][ T6917] usb 3-1: Manufacturer: syz [ 1027.176297][ T6917] usb 3-1: SerialNumber: syz [ 1027.272823][T24952] ntfs3: loop1: ino=5, "/" directory corrupted [ 1027.286838][T24952] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1027.332874][T24952] ntfs3: loop1: ino=5, "/" directory corrupted [ 1027.833132][ T6917] usb 3-1: 0:2 : does not exist [ 1027.909231][ T6917] usb 3-1: USB disconnect, device number 53 [ 1027.964204][ T5115] udevd[5115]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1027.971219][T24945] loop8: detected capacity change from 0 to 40427 [ 1028.065275][T24945] F2FS-fs (loop8): invalid crc value [ 1028.133801][T24945] F2FS-fs (loop8): Found nat_bits in checkpoint [ 1028.212521][T25008] netlink: 25 bytes leftover after parsing attributes in process `syz.5.13925'. [ 1028.238528][T24945] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 1028.327562][T24945] F2FS-fs (loop8): Inconsistent segment (8) type [1, 0] in SSA and SIT [ 1028.475799][T24963] loop7: detected capacity change from 0 to 32768 [ 1028.628716][T25023] loop5: detected capacity change from 0 to 4096 [ 1028.635400][T24963] XFS (loop7): Mounting V5 Filesystem [ 1028.677192][T25023] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1028.746813][T24963] XFS (loop7): Ending clean mount [ 1028.801694][T24963] XFS (loop7): Quotacheck needed: Please wait. [ 1028.805640][T25023] ntfs3: loop5: failed to convert "c46c" to iso8859-14 [ 1029.018161][T24963] XFS (loop7): Quotacheck: Done. [ 1029.106411][T25036] netlink: 60 bytes leftover after parsing attributes in process `syz.5.13931'. [ 1029.136627][T25010] loop1: detected capacity change from 0 to 32768 [ 1029.173127][T25010] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.13926 (25010) [ 1029.199442][T25036] netlink: 60 bytes leftover after parsing attributes in process `syz.5.13931'. [ 1029.216156][T25038] netlink: 60 bytes leftover after parsing attributes in process `syz.5.13931'. [ 1029.251505][T25010] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1029.309546][T25010] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 1029.355370][T25010] BTRFS info (device loop1): enabling auto defrag [ 1029.368154][ T9533] XFS (loop7): Unmounting Filesystem [ 1029.411533][T25010] BTRFS info (device loop1): max_inline at 0 [ 1029.428930][T25010] BTRFS info (device loop1): enabling ssd optimizations [ 1029.501813][T25010] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 1029.521694][T25010] BTRFS info (device loop1): use lzo compression, level 0 [ 1029.548148][T25010] BTRFS info (device loop1): using free space tree [ 1029.683810][T25056] loop5: detected capacity change from 0 to 512 [ 1029.691562][T25056] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1030.242721][ T4272] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1030.252437][T25085] loop8: detected capacity change from 0 to 1024 [ 1030.775328][T25111] loop7: detected capacity change from 0 to 512 [ 1030.790762][ T3690] hfsplus: b-tree write err: -5, ino 4 [ 1030.798141][ T6925] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 1030.883681][T25111] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 1031.007553][ T6925] usb 3-1: Using ep0 maxpacket: 32 [ 1031.014544][ T6925] usb 3-1: New USB device found, idVendor=04b4, idProduct=bca1, bcdDevice= 0.00 [ 1031.030201][ T6925] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1031.042252][T25124] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 1031.050766][ T6925] usb 3-1: config 0 descriptor?? [ 1031.100269][ T9533] EXT4-fs (loop7): unmounting filesystem. [ 1031.314231][T25140] loop5: detected capacity change from 0 to 512 [ 1031.381837][T25140] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1031.453750][T25140] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 1031.474230][ T6925] cypress 0003:04B4:BCA1.0008: hidraw0: USB HID v0.00 Device [HID 04b4:bca1] on usb-dummy_hcd.2-1/input0 [ 1031.646902][T13183] EXT4-fs (loop5): unmounting filesystem. [ 1031.687808][ T6917] usb 3-1: USB disconnect, device number 54 [ 1031.708627][ T6925] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 1031.719073][T25163] fido_id[25163]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 1031.915393][T25184] loop7: detected capacity change from 0 to 256 [ 1031.937683][ T6925] usb 2-1: Using ep0 maxpacket: 32 [ 1031.944649][ T6925] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1031.966739][T25184] FAT-fs (loop7): Directory bread(block 64) failed [ 1031.977713][ T6925] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1031.997189][T25184] FAT-fs (loop7): Directory bread(block 65) failed [ 1032.007111][ T6925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1032.014597][T25184] FAT-fs (loop7): Directory bread(block 66) failed [ 1032.027962][T25184] FAT-fs (loop7): Directory bread(block 67) failed [ 1032.030818][ T6925] usb 2-1: Product: syz [ 1032.043829][T25184] FAT-fs (loop7): Directory bread(block 68) failed [ 1032.051159][T25184] FAT-fs (loop7): Directory bread(block 69) failed [ 1032.058248][ T6925] usb 2-1: Manufacturer: syz [ 1032.064671][T25184] FAT-fs (loop7): Directory bread(block 70) failed [ 1032.073223][ T6925] usb 2-1: SerialNumber: syz [ 1032.084410][T25184] FAT-fs (loop7): Directory bread(block 71) failed [ 1032.093426][T25184] FAT-fs (loop7): Directory bread(block 72) failed [ 1032.094515][ T6925] usb 2-1: config 0 descriptor?? [ 1032.107614][T25184] FAT-fs (loop7): Directory bread(block 73) failed [ 1032.129891][ T6925] cdc_ether 2-1:0.0: skipping garbage [ 1032.135350][ T6925] usb 2-1: bad CDC descriptors [ 1032.153349][ T6925] usb 2-1: unsupported MDLM descriptors [ 1032.361305][T25156] loop8: detected capacity change from 0 to 32768 [ 1032.410131][ T6925] usb 2-1: USB disconnect, device number 43 [ 1032.468769][T25156] XFS (loop8): Mounting V5 Filesystem [ 1032.554353][T25209] loop7: detected capacity change from 0 to 512 [ 1032.573693][T25156] XFS (loop8): Ending clean mount [ 1032.590746][T25181] loop5: detected capacity change from 0 to 40427 [ 1032.676254][T25209] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.13957: inode #1: comm syz.7.13957: iget: illegal inode # [ 1032.695622][T25209] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.13957: error while reading EA inode 1 err=-117 [ 1032.704843][T25181] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1032.744742][T25209] EXT4-fs (loop7): 1 orphan inode deleted [ 1032.754692][T11583] XFS (loop8): Unmounting Filesystem [ 1032.761006][T25209] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 1032.957629][T25181] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1032.960220][ T9533] EXT4-fs (loop7): unmounting filesystem. [ 1033.220997][T25236] loop1: detected capacity change from 0 to 16 [ 1033.275533][T13183] syz-executor: attempt to access beyond end of device [ 1033.275533][T13183] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1033.290968][T25236] erofs: (device loop1): mounted with root inode @ nid 36. [ 1033.299061][T25240] loop7: detected capacity change from 0 to 1024 [ 1033.382686][ T27] audit: type=1800 audit(1262.401:342): pid=25240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.13963" name="file1" dev="loop7" ino=20 res=0 errno=0 [ 1033.668235][T25252] loop1: detected capacity change from 0 to 512 [ 1033.734621][T25252] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1033.757076][T25258] loop8: detected capacity change from 0 to 2048 [ 1033.772841][T25252] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it [ 1033.782606][T25258] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1033.813697][T25252] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.13966: Corrupt directory, running e2fsck is recommended [ 1033.827314][T25252] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 1033.837728][T25258] NILFS (loop8): mounting unchecked fs [ 1033.846368][T25252] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.13966: corrupted in-inode xattr [ 1033.905987][T25252] EXT4-fs (loop1): Remounting filesystem read-only [ 1033.936285][T25258] NILFS (loop8): recovery complete [ 1033.939172][T25252] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.13966: couldn't read orphan inode 15 (err -117) [ 1033.956658][T25269] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1033.998089][T25252] EXT4-fs (loop1): Remounting filesystem read-only [ 1034.004682][T25252] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1034.215528][T25277] loop7: detected capacity change from 0 to 2048 [ 1034.222347][T25252] EXT4-fs (loop1): re-mounted. Quota mode: writeback. [ 1034.314758][T25287] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1034.320004][T25286] sd 0:0:1:0: device reset [ 1034.341197][ T27] audit: type=1800 audit(1263.361:343): pid=25277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.13969" name="file2" dev="loop7" ino=16 res=0 errno=0 [ 1034.364399][ T4272] EXT4-fs (loop1): unmounting filesystem. [ 1035.013353][T25324] loop1: detected capacity change from 0 to 64 [ 1035.086533][T25324] syz.1.13981: attempt to access beyond end of device [ 1035.086533][T25324] loop1: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 1035.132423][T25324] Buffer I/O error on dev loop1, logical block 134217734, async page read [ 1035.249543][T25324] Trying to free block not in datazone [ 1035.424412][T25337] loop8: detected capacity change from 0 to 4096 [ 1035.447188][T25283] loop5: detected capacity change from 0 to 40427 [ 1035.472345][T25337] NILFS (loop8): invalid segment: Checksum error in segment payload [ 1035.499697][T25283] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x3ffff [ 1035.501098][T25337] NILFS (loop8): trying rollback from an earlier position [ 1035.532771][T25283] F2FS-fs (loop5): invalid crc value [ 1035.577739][T25337] NILFS (loop8): recovery complete [ 1035.608099][T25353] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1035.608573][T25283] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1035.678058][T25355] Bluetooth: MGMT ver 1.22 [ 1035.697556][ T6917] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 1035.861883][T25283] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1035.881602][T25363] loop8: detected capacity change from 0 to 64 [ 1035.911717][ T6917] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1035.928127][ T6917] usb 8-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 1035.940249][ T6917] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1035.954897][ T6917] usb 8-1: config 0 descriptor?? [ 1036.145151][T25363] syz.8.13989: attempt to access beyond end of device [ 1036.145151][T25363] loop8: rw=2049, sector=65, nr_sectors = 1 limit=64 [ 1036.167647][ T4361] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 1036.202364][T25363] Buffer I/O error on dev loop8, logical block 65, lost async page write [ 1036.231496][T25363] syz.8.13989: attempt to access beyond end of device [ 1036.231496][T25363] loop8: rw=2049, sector=66, nr_sectors = 1 limit=64 [ 1036.270654][T25363] Buffer I/O error on dev loop8, logical block 66, lost async page write [ 1036.298785][T25363] syz.8.13989: attempt to access beyond end of device [ 1036.298785][T25363] loop8: rw=2049, sector=67, nr_sectors = 1 limit=64 [ 1036.327877][T25363] Buffer I/O error on dev loop8, logical block 67, lost async page write [ 1036.336429][T25363] syz.8.13989: attempt to access beyond end of device [ 1036.336429][T25363] loop8: rw=2049, sector=68, nr_sectors = 1 limit=64 [ 1036.371800][T25363] Buffer I/O error on dev loop8, logical block 68, lost async page write [ 1036.387657][ T4361] usb 2-1: Using ep0 maxpacket: 16 [ 1036.397923][ T4361] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1036.409859][T25363] syz.8.13989: attempt to access beyond end of device [ 1036.409859][T25363] loop8: rw=2049, sector=72, nr_sectors = 1 limit=64 [ 1036.417962][ T6917] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0 [ 1036.440443][ T6917] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0 [ 1036.454856][T25363] Buffer I/O error on dev loop8, logical block 72, lost async page write [ 1036.457973][ T4361] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1036.478966][ T6917] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0 [ 1036.486168][ T6917] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0 [ 1036.487833][T25363] syz.8.13989: attempt to access beyond end of device [ 1036.487833][T25363] loop8: rw=2049, sector=73, nr_sectors = 1 limit=64 [ 1036.493857][ T4361] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1036.520111][ T6917] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0 [ 1036.529855][ T6917] lenovo 0003:17EF:6047.0009: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.7-1/input0 [ 1036.542813][ T4361] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1036.552193][T25363] Buffer I/O error on dev loop8, logical block 73, lost async page write [ 1036.558387][ T4361] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1036.580299][ T4361] usb 2-1: config 0 descriptor?? [ 1036.595994][T25363] syz.8.13989: attempt to access beyond end of device [ 1036.595994][T25363] loop8: rw=2049, sector=76, nr_sectors = 1 limit=64 [ 1036.597073][T25375] loop5: detected capacity change from 0 to 4096 [ 1036.615806][T25363] Buffer I/O error on dev loop8, logical block 76, lost async page write [ 1036.626860][T25363] syz.8.13989: attempt to access beyond end of device [ 1036.626860][T25363] loop8: rw=2049, sector=77, nr_sectors = 1 limit=64 [ 1036.643738][ T6917] lenovo 0003:17EF:6047.0009: Failed to switch F7/9/11 mode: -71 [ 1036.659827][T25363] Buffer I/O error on dev loop8, logical block 77, lost async page write [ 1036.662864][ T6917] lenovo 0003:17EF:6047.0009: Failed to switch middle button: -71 [ 1036.719415][ T6917] lenovo 0003:17EF:6047.0009: Fn-lock setting failed: -71 [ 1036.739708][ T6917] lenovo 0003:17EF:6047.0009: Sensitivity setting failed: -71 [ 1036.782783][ T6917] usb 8-1: USB disconnect, device number 11 [ 1036.855532][T13183] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22. [ 1036.874942][T13183] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1037.030016][ T4361] microsoft 0003:045E:07DA.000A: No inputs registered, leaving [ 1037.077927][ T4361] microsoft 0003:045E:07DA.000A: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1037.101302][T25389] fido_id[25389]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 1037.118468][ T4361] microsoft 0003:045E:07DA.000A: no inputs found [ 1037.148514][T25412] loop8: detected capacity change from 0 to 256 [ 1037.155363][ T4361] microsoft 0003:045E:07DA.000A: could not initialize ff, continuing anyway [ 1037.225529][T25412] FAT-fs (loop8): Directory bread(block 64) failed [ 1037.264049][ T4361] usb 2-1: USB disconnect, device number 44 [ 1037.282284][T25412] FAT-fs (loop8): Directory bread(block 65) failed [ 1037.311491][T25412] FAT-fs (loop8): Directory bread(block 66) failed [ 1037.335230][T25412] FAT-fs (loop8): Directory bread(block 67) failed [ 1037.405195][T25412] FAT-fs (loop8): Directory bread(block 68) failed [ 1037.447573][T25412] FAT-fs (loop8): Directory bread(block 69) failed [ 1037.478130][T25412] FAT-fs (loop8): Directory bread(block 70) failed [ 1037.502213][T25441] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14000'. [ 1037.511647][T25412] FAT-fs (loop8): Directory bread(block 71) failed [ 1037.551783][T25412] FAT-fs (loop8): Directory bread(block 72) failed [ 1037.567666][T25412] FAT-fs (loop8): Directory bread(block 73) failed [ 1037.636171][T25437] fido_id[25437]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1037.927742][ T6577] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 1038.119585][ T6577] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1038.151257][ T6577] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1038.181130][ T6577] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 1038.208099][ T6577] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1038.224950][ T6577] usb 3-1: config 0 descriptor?? [ 1038.391163][T25485] loop5: detected capacity change from 0 to 1024 [ 1038.438410][T25485] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1038.477894][T25485] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1038.508559][T25485] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1038.565916][T25485] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1038.609532][T25492] netlink: 8 bytes leftover after parsing attributes in process `syz.8.14014'. [ 1038.659730][ T6577] sony 0003:054C:0268.000B: item fetching failed at offset 4/5 [ 1038.669255][ T6577] sony 0003:054C:0268.000B: parse failed [ 1038.676258][ T6577] sony: probe of 0003:054C:0268.000B failed with error -22 [ 1038.759402][T13183] EXT4-fs (loop5): unmounting filesystem. [ 1038.864639][T25457] loop7: detected capacity change from 0 to 32768 [ 1038.898211][ T6579] usb 3-1: USB disconnect, device number 55 [ 1038.913180][T25457] XFS: attr2 mount option is deprecated. [ 1039.011683][T25457] XFS (loop7): Mounting V5 Filesystem [ 1039.061736][T25482] loop1: detected capacity change from 0 to 32768 [ 1039.124901][T25482] read_mapping_page failed! [ 1039.139880][T25482] jfs_rename: dtInsert returned -EIO [ 1039.142709][T25457] XFS (loop7): Ending clean mount [ 1039.184692][T25457] XFS (loop7): Quotacheck needed: Please wait. [ 1039.384406][T25457] XFS (loop7): Quotacheck: Done. [ 1039.544140][ T9533] XFS (loop7): Unmounting Filesystem [ 1039.775817][T25514] loop5: detected capacity change from 0 to 32768 [ 1039.891323][T25514] XFS (loop5): Mounting V5 Filesystem [ 1039.919924][ T4361] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 1039.974799][T25514] XFS (loop5): Ending clean mount [ 1040.002144][T25514] XFS (loop5): Quotacheck needed: Please wait. [ 1040.017556][ T6579] usb 3-1: new full-speed USB device number 56 using dummy_hcd [ 1040.131727][T25514] XFS (loop5): Quotacheck: Done. [ 1040.147633][ T4361] usb 2-1: Using ep0 maxpacket: 16 [ 1040.154621][T25558] loop8: detected capacity change from 0 to 32768 [ 1040.159401][ T4361] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1040.184176][ T4361] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1040.200217][ T6579] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1040.222160][ T6579] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1022, setting to 64 [ 1040.232151][ T4361] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1040.259896][ T6579] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1040.272847][ T4361] usb 2-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00 [ 1040.273196][ T4361] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1040.292921][ T4361] usb 2-1: config 0 descriptor?? [ 1040.344033][ T6579] usb 3-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00 [ 1040.379854][ T6579] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1040.400822][ T6579] usb 3-1: config 0 descriptor?? [ 1040.419185][T25548] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1040.425038][T13183] XFS (loop5): Unmounting Filesystem [ 1040.435488][T25558] XFS (loop8): Mounting V5 Filesystem [ 1040.512747][T25558] XFS (loop8): Ending clean mount [ 1040.521456][T25558] XFS (loop8): Quotacheck needed: Please wait. [ 1040.571654][T25558] XFS (loop8): Quotacheck: Done. [ 1040.716028][ T4361] hid-generic 0003:0457:07DA.000C: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.1-1/input0 [ 1040.771191][T11583] XFS (loop8): Unmounting Filesystem [ 1040.887632][ T6579] waltop 0003:172F:0038.000D: unknown main item tag 0x0 [ 1040.894691][ T6579] waltop 0003:172F:0038.000D: unknown main item tag 0x0 [ 1040.937270][ T6579] waltop 0003:172F:0038.000D: unknown main item tag 0x0 [ 1040.944547][ T6579] waltop 0003:172F:0038.000D: unknown main item tag 0x0 [ 1040.953314][ T6579] waltop 0003:172F:0038.000D: unknown main item tag 0x0 [ 1040.962650][ T6579] waltop 0003:172F:0038.000D: hidraw1: USB HID v0.09 Device [HID 172f:0038] on usb-dummy_hcd.2-1/input0 [ 1041.047745][ T127] usb 2-1: USB disconnect, device number 45 [ 1041.088167][ T6577] usb 3-1: USB disconnect, device number 56 [ 1041.219904][T25602] fido_id[25602]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 1041.389733][ T6577] kernel write not supported for file /1571/attr/sockcreate (pid: 6577 comm: kworker/0:14) [ 1041.650272][T25633] loop8: detected capacity change from 0 to 4096 [ 1041.671878][T25633] ntfs: (device loop8): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1041.731866][T25640] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 1041.801344][T25633] ntfs: (device loop8): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 1041.832089][T25633] ntfs: (device loop8): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1041.890028][T25633] ntfs: (device loop8): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 1041.940217][T25633] ntfs: (device loop8): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1042.033956][T25633] ntfs: volume version 3.1. [ 1042.058839][T25652] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1042.090188][T25633] ntfs: (device loop8): ntfs_lookup_inode_by_name(): Index buffer (VCN 0x0) of directory inode 0x5 has a size (24) differing from the directory specified size (4096). Directory inode is corrupt or driver bug. [ 1042.146020][T25633] ntfs: (device loop8): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 1042.181775][T25633] ntfs: (device loop8): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 1042.274408][T25633] ntfs: (device loop8): ntfs_readdir(): Index buffer (VCN 0x0) of directory inode 0x5 has a size (24) differing from the directory specified size (4096). Directory inode is corrupt or driver bug. [ 1042.335474][T25669] loop5: detected capacity change from 0 to 128 [ 1042.363515][T25669] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 1042.407702][ T127] usb 3-1: new high-speed USB device number 57 using dummy_hcd [ 1042.597575][ T127] usb 3-1: Using ep0 maxpacket: 8 [ 1042.606873][ T127] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 1042.646742][ T127] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1042.676726][ T127] usb 3-1: Product: syz [ 1042.701677][ T127] usb 3-1: Manufacturer: syz [ 1042.706031][T25678] netlink: 24 bytes leftover after parsing attributes in process `syz.5.14040'. [ 1042.706333][ T127] usb 3-1: SerialNumber: syz [ 1042.736114][T25678] bridge_slave_0: default FDB implementation only supports local addresses [ 1042.787861][ T127] usb 3-1: config 0 descriptor?? [ 1043.018799][ T127] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 1043.405547][T25668] loop7: detected capacity change from 0 to 32768 [ 1043.430726][ T127] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71 [ 1043.475585][ T127] usb 3-1: USB disconnect, device number 57 [ 1043.542107][T25668] XFS (loop7): Mounting V5 Filesystem [ 1043.600349][T25694] loop5: detected capacity change from 0 to 32768 [ 1043.651180][T25694] JBD2: Ignoring recovery information on journal [ 1043.726702][T25668] XFS (loop7): Ending clean mount [ 1043.734731][T25734] loop1: detected capacity change from 0 to 512 [ 1043.753956][T25668] XFS (loop7): Quotacheck needed: Please wait. [ 1043.764852][T25694] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1043.906857][T25668] XFS (loop7): Quotacheck: Done. [ 1044.040944][T13183] ocfs2: Unmounting device (7,5) on (node local) [ 1044.138525][ T9533] XFS (loop7): Unmounting Filesystem [ 1044.395092][T25760] loop1: detected capacity change from 0 to 512 [ 1044.568996][T25760] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1044.896908][ T4272] EXT4-fs (loop1): unmounting filesystem. [ 1045.133588][T25775] loop5: detected capacity change from 0 to 64 [ 1045.194549][T25775] bio_check_eod: 1 callbacks suppressed [ 1045.194568][T25775] syz.5.14060: attempt to access beyond end of device [ 1045.194568][T25775] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 1045.273030][T25775] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 1045.360473][T25775] Trying to free block not in datazone [ 1045.637490][ T6577] usb 9-1: new high-speed USB device number 15 using dummy_hcd [ 1045.733601][T25788] loop1: detected capacity change from 0 to 128 [ 1045.763570][T25788] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 1045.800675][T25788] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1045.841595][ T6577] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1045.855066][T25788] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 48 marked as free, partition length is 40) [ 1045.869893][ T6577] usb 9-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00 [ 1045.909908][ T6577] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1045.939472][ T6577] usb 9-1: config 0 descriptor?? [ 1046.385525][ T6577] logitech-djreceiver 0003:046D:C71F.000E: hidraw0: USB HID v0.00 Device [HID 046d:c71f] on usb-dummy_hcd.8-1/input0 [ 1046.406337][T25786] loop5: detected capacity change from 0 to 32768 [ 1046.484469][T25786] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1046.596691][ T127] usb 9-1: USB disconnect, device number 15 [ 1046.607633][ T4361] usb 3-1: new high-speed USB device number 58 using dummy_hcd [ 1046.646573][T25824] loop7: detected capacity change from 0 to 2048 [ 1046.684786][T25834] (syz.5.14061,25834,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0 [ 1046.755421][T25824] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 1046.807671][T25834] (syz.5.14061,25834,0):__ocfs2_delete_entry:1162 ERROR: status = -5 [ 1046.810423][ T4361] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1046.835877][ T4361] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 1046.856108][ T4361] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1046.862701][T25834] (syz.5.14061,25834,0):ocfs2_unlink:990 ERROR: status = -5 [ 1046.877378][ T4361] usb 3-1: config 0 descriptor?? [ 1046.892993][T25830] fido_id[25830]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 1046.911376][T25834] (syz.5.14061,25834,1):ocfs2_unlink:1042 ERROR: status = -5 [ 1046.925488][ T9533] EXT4-fs (loop7): unmounting filesystem. [ 1047.011443][T13183] ocfs2: Unmounting device (7,5) on (node local) [ 1047.299972][ T4361] lenovo 0003:17EF:6047.000F: unknown main item tag 0x0 [ 1047.307106][ T4361] lenovo 0003:17EF:6047.000F: unknown main item tag 0x0 [ 1047.326900][ T4361] lenovo 0003:17EF:6047.000F: unknown main item tag 0x0 [ 1047.373485][ T4361] lenovo 0003:17EF:6047.000F: unknown main item tag 0x0 [ 1047.387540][ T4361] lenovo 0003:17EF:6047.000F: unknown main item tag 0x0 [ 1047.427800][ T4361] lenovo 0003:17EF:6047.000F: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.2-1/input0 [ 1047.460463][T25872] netlink: 24 bytes leftover after parsing attributes in process `syz.8.14075'. [ 1047.499315][ T4361] lenovo 0003:17EF:6047.000F: Failed to switch F7/9/11 mode: -71 [ 1047.517771][ T4361] lenovo 0003:17EF:6047.000F: Failed to switch middle button: -71 [ 1047.534738][ T4361] lenovo 0003:17EF:6047.000F: Fn-lock setting failed: -71 [ 1047.552738][ T4361] lenovo 0003:17EF:6047.000F: Sensitivity setting failed: -71 [ 1047.583142][ T4361] usb 3-1: USB disconnect, device number 58 [ 1047.852310][T25889] fido_id[25889]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 1047.859584][T25900] loop7: detected capacity change from 0 to 2048 [ 1047.957909][T25900] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1048.003847][T25900] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1048.080286][T25908] loop5: detected capacity change from 0 to 1024 [ 1048.318659][ T11] hfsplus: b-tree write err: -5, ino 4 [ 1048.328310][T25870] loop1: detected capacity change from 0 to 32768 [ 1048.844784][T25944] loop8: detected capacity change from 0 to 512 [ 1048.983823][T25944] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.14092: bg 0: block 248: padding at end of block bitmap is not set [ 1049.072314][T25944] Quota error (device loop8): write_blk: dquota write failed [ 1049.158005][T25944] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota [ 1049.185512][T25944] EXT4-fs error (device loop8): ext4_acquire_dquot:6816: comm syz.8.14092: Failed to acquire dquot type 1 [ 1049.210749][T25944] EXT4-fs (loop8): 1 truncate cleaned up [ 1049.216574][T25944] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 1049.340490][T25944] EXT4-fs: Cannot change journaled quota options when quota turned on [ 1049.488452][T11583] EXT4-fs (loop8): unmounting filesystem. [ 1049.945380][T26004] loop5: detected capacity change from 0 to 8 [ 1049.999495][ T6917] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 1050.025038][T26004] SQUASHFS error: Unable to read directory block [629:4f] [ 1050.217921][ T6917] usb 2-1: Using ep0 maxpacket: 32 [ 1050.225086][ T6917] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1050.258914][ T6917] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1050.310214][ T6917] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1050.330580][ T6917] usb 2-1: New USB device found, idVendor=056a, idProduct=0057, bcdDevice= 0.00 [ 1050.360573][ T6917] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1050.383490][T26025] loop7: detected capacity change from 0 to 4096 [ 1050.390704][ T6917] usb 2-1: config 0 descriptor?? [ 1050.461015][T26025] ntfs3: loop7: Mark volume as dirty due to NTFS errors [ 1050.821644][ T6917] wacom 0003:056A:0057.0010: hidraw0: USB HID vb.27 Device [HID 056a:0057] on usb-dummy_hcd.1-1/input0 [ 1051.015778][ T6917] usb 2-1: USB disconnect, device number 46 [ 1051.198661][T26059] fido_id[26059]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1051.953616][T26121] loop8: detected capacity change from 0 to 1024 [ 1052.051994][T26121] hfsplus: bad catalog entry type [ 1052.260189][T26143] loop7: detected capacity change from 0 to 512 [ 1052.306121][T26143] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1052.393446][T26143] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 1052.407543][ T4361] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 1052.609357][ T4361] usb 3-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 1052.612159][T26167] netlink: 40 bytes leftover after parsing attributes in process `syz.5.14145'. [ 1052.637817][ T4361] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1052.672209][ T9533] EXT4-fs (loop7): unmounting filesystem. [ 1052.696874][ T4361] usb 3-1: Product: syz [ 1052.704707][ T4361] usb 3-1: Manufacturer: syz [ 1052.720549][ T4361] usb 3-1: SerialNumber: syz [ 1052.735805][ T4361] usb 3-1: config 0 descriptor?? [ 1052.797886][ T4361] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 1052.840959][ T4361] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1052.877007][T26178] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14149'. [ 1052.887046][ T4361] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 1052.907066][ T4361] usb 3-1: media controller created [ 1052.972314][ T4361] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1052.983093][T26187] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14150'. [ 1053.010452][T26135] dvb-usb: bulk message failed: -22 (7/0) [ 1053.266397][T26206] sctp: [Deprecated]: syz.1.14153 (pid 26206) Use of int in max_burst socket option. [ 1053.266397][T26206] Use struct sctp_assoc_value instead [ 1053.323349][ T4361] DVB: Unable to find symbol mt352_attach() [ 1053.496765][T26216] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 1053.555433][T26219] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check. [ 1053.578317][ T127] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1053.597122][ T4361] DVB: Unable to find symbol nxt6000_attach() [ 1053.617486][ T4361] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 1053.667733][ T4361] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input44 [ 1053.691951][ T127] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1053.712444][ T4361] dvb-usb: schedule remote query interval to 1000 msecs. [ 1053.760356][ T4361] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 1053.824072][ T4361] dvb-usb: bulk message failed: -22 (7/0) [ 1053.847907][ T4361] dvb-usb: bulk message failed: -22 (7/0) [ 1053.898816][ T4361] usb 3-1: USB disconnect, device number 59 [ 1054.002025][ T4361] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 1054.391215][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.397750][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.596191][T26273] netlink: 332 bytes leftover after parsing attributes in process `syz.2.14170'. [ 1054.648882][T26273] netlink: 'syz.2.14170': attribute type 9 has an invalid length. [ 1054.667951][T26210] loop8: detected capacity change from 0 to 40427 [ 1054.677155][T26273] netlink: 108 bytes leftover after parsing attributes in process `syz.2.14170'. [ 1054.701503][T26210] F2FS-fs (loop8): Fix alignment : internally, start(4096) end(16896) block(12288) [ 1054.731268][T26273] netlink: 32 bytes leftover after parsing attributes in process `syz.2.14170'. [ 1054.767495][T26210] F2FS-fs (loop8): invalid crc value [ 1054.802092][T26210] F2FS-fs (loop8): Found nat_bits in checkpoint [ 1054.972287][T26210] F2FS-fs (loop8): recover fsync data on readonly fs [ 1054.998117][T26210] F2FS-fs (loop8): Cannot turn on quotas: -2 on 1 [ 1055.027129][T26210] F2FS-fs (loop8): Cannot turn on quotas: -2 on 2 [ 1055.055542][T26210] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 1055.371060][T26243] loop1: detected capacity change from 0 to 40427 [ 1055.407306][T26243] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1055.443175][T26243] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1055.483749][T26299] loop5: detected capacity change from 0 to 1024 [ 1055.491494][T26243] F2FS-fs (loop1): invalid crc value [ 1055.575141][T26299] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1055.614107][T26243] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1055.836036][T26243] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1055.874097][T26243] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1056.291411][T26337] loop7: detected capacity change from 0 to 256 [ 1056.292308][T26336] sg_write: process 1447 (syz.8.14183) changed security contexts after opening file descriptor, this is not allowed. [ 1056.462865][T26337] FAT-fs (loop7): Directory bread(block 64) failed [ 1056.476345][T26337] FAT-fs (loop7): Directory bread(block 65) failed [ 1056.506788][T26337] FAT-fs (loop7): Directory bread(block 66) failed [ 1056.547539][T26337] FAT-fs (loop7): Directory bread(block 67) failed [ 1056.554244][T26337] FAT-fs (loop7): Directory bread(block 68) failed [ 1056.609624][T26337] FAT-fs (loop7): Directory bread(block 69) failed [ 1056.623347][T26351] netlink: 32 bytes leftover after parsing attributes in process `syz.2.14188'. [ 1056.645094][T26337] FAT-fs (loop7): Directory bread(block 70) failed [ 1056.663927][T26337] FAT-fs (loop7): Directory bread(block 71) failed [ 1056.687919][T26337] FAT-fs (loop7): Directory bread(block 72) failed [ 1056.715893][T26337] FAT-fs (loop7): Directory bread(block 73) failed [ 1057.132587][T26378] loop5: detected capacity change from 0 to 1024 [ 1057.462361][T26397] loop5: detected capacity change from 0 to 512 [ 1057.546739][T26397] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.14203: invalid indirect mapped block 2185560079 (level 0) [ 1057.666222][T26397] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.14203: invalid indirect mapped block 2683928664 (level 1) [ 1057.703426][T26415] netlink: 32 bytes leftover after parsing attributes in process `syz.8.14208'. [ 1057.717086][T26397] EXT4-fs (loop5): 1 truncate cleaned up [ 1057.730822][T26397] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1057.739913][T26415] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 1057.782832][T26397] EXT4-fs error (device loop5): __ext4_get_inode_loc:4507: comm syz.5.14203: Invalid inode table block 1633771873 in block_group 0 [ 1057.828027][T26397] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5915: Corrupt filesystem [ 1057.864112][T26397] EXT4-fs error (device loop5): add_dirent_to_buf:2216: inode #2: comm syz.5.14203: mark_inode_dirty error [ 1057.917192][T26397] EXT4-fs error (device loop5): __ext4_get_inode_loc:4507: comm syz.5.14203: Invalid inode table block 1633771873 in block_group 0 [ 1057.963032][T26397] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5915: Corrupt filesystem [ 1057.984431][T26410] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1057.995015][T26397] EXT4-fs error (device loop5): ext4_add_nondir:2855: inode #18: comm syz.5.14203: mark_inode_dirty error [ 1058.027898][T26397] EXT4-fs error (device loop5): __ext4_get_inode_loc:4507: comm syz.5.14203: Invalid inode table block 1633771873 in block_group 0 [ 1058.107575][T26397] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5915: Corrupt filesystem [ 1058.168039][T26432] comedi comedi3: pcm3724: I/O port conflict (0x4f27,16) [ 1058.177776][T26397] EXT4-fs error (device loop5): ext4_evict_inode:279: inode #18: comm syz.5.14203: mark_inode_dirty error [ 1058.265238][T26397] EXT4-fs warning (device loop5): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 1058.377337][T13183] EXT4-fs (loop5): unmounting filesystem. [ 1058.392159][T26440] loop1: detected capacity change from 0 to 1024 [ 1058.447255][T26423] loop7: detected capacity change from 0 to 32768 [ 1058.504511][T26440] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1058.628961][T26459] loop8: detected capacity change from 0 to 256 [ 1058.679216][T26459] exfat: Deprecated parameter 'utf8' [ 1058.684694][T26459] exfat: Deprecated parameter 'utf8' [ 1058.744538][T26459] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xcf823c55, utbl_chksum : 0xe619d30d) [ 1058.769444][ T4272] EXT4-fs (loop1): unmounting filesystem. [ 1059.085932][T26479] mkiss: ax0: crc mode is auto. [ 1059.315800][T26488] loop5: detected capacity change from 0 to 4096 [ 1059.356992][T26488] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1059.512167][T26488] ntfs3: loop5: ntfs_sync_fs r=1a failed, -22. [ 1059.536371][T26488] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1059.585582][T26488] ntfs3: loop5: ntfs_sync_fs r=1a failed, -22. [ 1059.725111][T13183] ntfs3: loop5: ntfs_sync_fs r=1a failed, -22. [ 1059.749104][T13183] ntfs3: loop5: ntfs_evict_inode r=1a failed, -22. [ 1059.801589][T26516] loop8: detected capacity change from 0 to 736 [ 1060.185696][T26526] loop7: detected capacity change from 0 to 4096 [ 1060.484310][T26507] loop1: detected capacity change from 0 to 32768 [ 1060.542771][T26507] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 scanned by syz.1.14228 (26507) [ 1060.626809][T26507] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 1060.672000][T26507] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 1060.711570][T26507] BTRFS info (device loop1): using free space tree [ 1060.792324][T26569] loop5: detected capacity change from 0 to 256 [ 1060.797570][ T6579] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 1060.860319][T26569] FAT-fs (loop5): Directory bread(block 64) failed [ 1060.866931][T26569] FAT-fs (loop5): Directory bread(block 65) failed [ 1060.923329][T26569] FAT-fs (loop5): Directory bread(block 66) failed [ 1060.930298][T26569] FAT-fs (loop5): Directory bread(block 67) failed [ 1060.936919][T26569] FAT-fs (loop5): Directory bread(block 68) failed [ 1060.944859][T26569] FAT-fs (loop5): Directory bread(block 69) failed [ 1060.953379][T26569] FAT-fs (loop5): Directory bread(block 70) failed [ 1060.960425][T26569] FAT-fs (loop5): Directory bread(block 71) failed [ 1060.967050][T26569] FAT-fs (loop5): Directory bread(block 72) failed [ 1060.974025][T26569] FAT-fs (loop5): Directory bread(block 73) failed [ 1061.014021][ T6579] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1061.029672][ T6579] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1061.046175][ T6579] usb 3-1: config 0 descriptor?? [ 1061.086362][ T6579] cp210x 3-1:0.0: cp210x converter detected [ 1061.153166][T26507] BTRFS info (device loop1): enabling ssd optimizations [ 1061.542803][ T4272] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 1061.689611][ T6579] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 1061.697169][ T6579] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 1061.717206][ T6579] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1061.735235][ T6579] usb 3-1: USB disconnect, device number 60 [ 1061.766183][ T6579] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1061.777708][ T6579] cp210x 3-1:0.0: device disconnected [ 1062.299921][T26647] loop8: detected capacity change from 0 to 1024 [ 1062.324027][T26647] EXT4-fs: Ignoring removed bh option [ 1062.343566][T26647] EXT4-fs: Ignoring removed orlov option [ 1062.360122][T26647] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1062.463079][T26647] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 1062.774459][T11583] EXT4-fs (loop8): unmounting filesystem. [ 1062.820620][T26681] loop5: detected capacity change from 0 to 8192 [ 1062.863442][T26681] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1062.880102][ T6917] usb 3-1: new high-speed USB device number 61 using dummy_hcd [ 1062.941313][T26681] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 1062.977964][T26681] REISERFS (device loop5): using ordered data mode [ 1062.995963][T26681] reiserfs: using flush barriers [ 1063.036067][T26681] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1063.067923][T26681] REISERFS (device loop5): checking transaction log (loop5) [ 1063.087506][ T6917] usb 3-1: Using ep0 maxpacket: 16 [ 1063.093172][T26681] REISERFS (device loop5): Using r5 hash to sort names [ 1063.126049][ T6917] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 1063.144352][T26681] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 1063.159013][ T6917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1063.197288][T26681] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 1063.205589][ T6917] usb 3-1: Product: syz [ 1063.215441][T26703] loop8: detected capacity change from 0 to 512 [ 1063.227479][ T6917] usb 3-1: Manufacturer: syz [ 1063.232163][ T6917] usb 3-1: SerialNumber: syz [ 1063.255312][ T6917] usb 3-1: config 0 descriptor?? [ 1063.272761][T26703] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002] [ 1063.289588][T26703] System zones: 1-12 [ 1063.294024][ T6917] visor 3-1:0.0: Sony Clie 3.5 converter detected [ 1063.305729][T26703] EXT4-fs error (device loop8): dx_probe:823: inode #2: comm syz.8.14268: Directory hole found for htree index block 0 [ 1063.318657][T26681] [ 1063.318667][T26681] ====================================================== [ 1063.318675][T26681] WARNING: possible circular locking dependency detected [ 1063.318690][T26681] syzkaller #0 Not tainted [ 1063.318701][T26681] ------------------------------------------------------ [ 1063.318708][T26681] syz.5.14262/26681 is trying to acquire lock: [ 1063.318720][T26681] ffff888057d35090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x75/0xd0 [ 1063.361709][T26681] [ 1063.361709][T26681] but task is already holding lock: [ 1063.369100][T26681] ffff888056ab8980 (&type->i_mutex_dir_key#28/3){+.+.}-{3:3}, at: open_xa_dir+0x11e/0x6f0 [ 1063.379135][T26681] [ 1063.379135][T26681] which lock already depends on the new lock. [ 1063.379135][T26681] [ 1063.382493][T26703] EXT4-fs (loop8): Remounting filesystem read-only [ 1063.389543][T26681] [ 1063.389543][T26681] the existing dependency chain (in reverse order) is: [ 1063.389554][T26681] [ 1063.389554][T26681] -> #1 (&type->i_mutex_dir_key#28/3){+.+.}-{3:3}: [ 1063.389598][T26681] down_write_nested+0x39/0x60 [ 1063.389627][T26681] open_xa_dir+0x11e/0x6f0 [ 1063.389653][T26681] reiserfs_for_each_xattr+0x174/0x7b0 [ 1063.389679][T26681] reiserfs_delete_xattrs+0x1c/0x80 [ 1063.389710][T26681] reiserfs_evict_inode+0x221/0x490 [ 1063.389742][T26681] evict+0x485/0x870 [ 1063.389764][T26681] reiserfs_new_inode+0x5c8/0x1860 [ 1063.389789][T26681] reiserfs_symlink+0x4cf/0x770 [ 1063.457006][T26681] vfs_symlink+0x247/0x3d0 [ 1063.461957][T26681] do_symlinkat+0x1ae/0x3f0 [ 1063.466985][T26681] __x64_sys_symlink+0x7a/0x90 [ 1063.472277][T26681] do_syscall_64+0x4c/0xa0 [ 1063.477221][T26681] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1063.483657][T26681] [ 1063.483657][T26681] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 1063.490878][T26681] __lock_acquire+0x2cf8/0x7c50 [ 1063.496297][T26681] lock_acquire+0x1b4/0x490 [ 1063.501339][T26681] __mutex_lock+0x120/0xaf0 [ 1063.506378][T26681] reiserfs_write_lock+0x75/0xd0 [ 1063.511872][T26681] reiserfs_mkdir+0x30c/0x970 [ 1063.517077][T26681] open_xa_dir+0x316/0x6f0 [ 1063.522027][T26681] xattr_lookup+0x22/0x2a0 [ 1063.526974][T26681] reiserfs_xattr_set_handle+0xf3/0xca0 [ 1063.533052][T26681] reiserfs_xattr_set+0x435/0x550 [ 1063.538605][T26681] __vfs_setxattr+0x3e0/0x420 [ 1063.543809][T26681] __vfs_setxattr_noperm+0x129/0x5e0 [ 1063.549624][T26681] vfs_setxattr+0x168/0x2f0 [ 1063.554653][T26681] setxattr+0x2b2/0x2d0 [ 1063.559341][T26681] __se_sys_fsetxattr+0x15e/0x1d0 [ 1063.564904][T26681] do_syscall_64+0x4c/0xa0 [ 1063.569849][T26681] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1063.576270][T26681] [ 1063.576270][T26681] other info that might help us debug this: [ 1063.576270][T26681] [ 1063.586499][T26681] Possible unsafe locking scenario: [ 1063.586499][T26681] [ 1063.593946][T26681] CPU0 CPU1 [ 1063.599312][T26681] ---- ---- [ 1063.604676][T26681] lock(&type->i_mutex_dir_key#28/3); [ 1063.610164][T26681] lock(&sbi->lock); [ 1063.616685][T26681] lock(&type->i_mutex_dir_key#28/3); [ 1063.624706][T26681] lock(&sbi->lock); [ 1063.628711][T26681] [ 1063.628711][T26681] *** DEADLOCK *** [ 1063.628711][T26681] [ 1063.636864][T26681] 3 locks held by syz.5.14262/26681: [ 1063.642154][T26681] #0: ffff888027df6460 (sb_writers#38){.+.+}-{0:0}, at: mnt_want_write_file+0x5c/0x200 [ 1063.651940][T26681] #1: ffff8880727796c0 (&sb->s_type->i_mutex_key#47){+.+.}-{3:3}, at: vfs_setxattr+0x141/0x2f0 [ 1063.662401][T26681] #2: ffff888056ab8980 (&type->i_mutex_dir_key#28/3){+.+.}-{3:3}, at: open_xa_dir+0x11e/0x6f0 [ 1063.672780][T26681] [ 1063.672780][T26681] stack backtrace: [ 1063.678672][T26681] CPU: 1 PID: 26681 Comm: syz.5.14262 Not tainted syzkaller #0 [ 1063.686224][T26681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1063.696284][T26681] Call Trace: [ 1063.699569][T26681] [ 1063.702507][T26681] dump_stack_lvl+0x168/0x22e [ 1063.707205][T26681] ? load_image+0x3b0/0x3b0 [ 1063.711721][T26681] ? show_regs_print_info+0x12/0x12 [ 1063.716931][T26681] ? print_circular_bug+0x12b/0x1a0 [ 1063.722145][T26681] check_noncircular+0x274/0x310 [ 1063.727115][T26681] ? add_chain_block+0x940/0x940 [ 1063.732066][T26681] ? lockdep_lock+0xdc/0x1e0 [ 1063.736668][T26681] ? _find_first_zero_bit+0xcf/0x100 [ 1063.741981][T26681] __lock_acquire+0x2cf8/0x7c50 [ 1063.746841][T26681] ? stack_trace_snprint+0xf0/0xf0 [ 1063.751969][T26681] ? add_lock_to_list+0x191/0x280 [ 1063.757006][T26681] ? verify_lock_unused+0x140/0x140 [ 1063.762239][T26681] ? __lock_acquire+0x28b5/0x7c50 [ 1063.767296][T26681] lock_acquire+0x1b4/0x490 [ 1063.771816][T26681] ? reiserfs_write_lock+0x75/0xd0 [ 1063.776940][T26681] ? __might_sleep+0xd0/0xd0 [ 1063.781547][T26681] ? read_lock_is_recursive+0x10/0x10 [ 1063.786930][T26681] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 1063.793096][T26681] __mutex_lock+0x120/0xaf0 [ 1063.797610][T26681] ? reiserfs_write_lock+0x75/0xd0 [ 1063.802732][T26681] ? memset+0x1e/0x40 [ 1063.806730][T26681] ? reiserfs_write_lock+0x75/0xd0 [ 1063.811854][T26681] ? mutex_lock_nested+0x10/0x10 [ 1063.816799][T26681] ? __rwlock_init+0x140/0x140 [ 1063.821581][T26681] ? dquot_initialize+0x20/0x20 [ 1063.826441][T26681] ? memset+0x1e/0x40 [ 1063.830441][T26681] reiserfs_write_lock+0x75/0xd0 [ 1063.835413][T26681] reiserfs_mkdir+0x30c/0x970 [ 1063.840103][T26681] ? reiserfs_symlink+0x770/0x770 [ 1063.845142][T26681] ? __rwlock_init+0x140/0x140 [ 1063.849930][T26681] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 1063.855580][T26681] ? do_raw_spin_unlock+0x11d/0x230 [ 1063.860796][T26681] open_xa_dir+0x316/0x6f0 [ 1063.865228][T26681] ? listxattr_filler+0x3f0/0x3f0 [ 1063.870271][T26681] xattr_lookup+0x22/0x2a0 [ 1063.874708][T26681] ? reiserfs_xattr_set_handle+0xc4/0xca0 [ 1063.880437][T26681] reiserfs_xattr_set_handle+0xf3/0xca0 [ 1063.886111][T26681] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 1063.891765][T26681] ? chown_one_xattr+0x90/0x90 [ 1063.896541][T26681] ? mutex_unlock+0x10/0x10 [ 1063.901067][T26681] ? journal_begin+0x1f1/0x350 [ 1063.905842][T26681] ? reiserfs_write_unlock+0xa2/0x110 [ 1063.911239][T26681] reiserfs_xattr_set+0x435/0x550 [ 1063.916274][T26681] ? lock_chain_count+0x20/0x20 [ 1063.921137][T26681] ? reiserfs_put_page+0x270/0x270 [ 1063.926267][T26681] ? trusted_set+0x7d/0xe0 [ 1063.930700][T26681] ? trusted_get+0xc0/0xc0 [ 1063.935130][T26681] __vfs_setxattr+0x3e0/0x420 [ 1063.939823][T26681] __vfs_setxattr_noperm+0x129/0x5e0 [ 1063.945121][T26681] vfs_setxattr+0x168/0x2f0 [ 1063.949644][T26681] ? xattr_permission+0x500/0x500 [ 1063.954682][T26681] ? strncpy_from_user+0x1e3/0x350 [ 1063.959806][T26681] setxattr+0x2b2/0x2d0 [ 1063.963974][T26681] ? path_setxattr+0x280/0x280 [ 1063.968758][T26681] ? sb_start_write+0x110/0x1c0 [ 1063.973622][T26681] ? mnt_want_write_file+0x160/0x200 [ 1063.978923][T26681] __se_sys_fsetxattr+0x15e/0x1d0 [ 1063.983964][T26681] do_syscall_64+0x4c/0xa0 [ 1063.988392][T26681] ? clear_bhb_loop+0x60/0xb0 [ 1063.993074][T26681] ? clear_bhb_loop+0x60/0xb0 [ 1063.997783][T26681] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1064.003695][T26681] RIP: 0033:0x7f15f338eec9 [ 1064.008119][T26681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1064.027741][T26681] RSP: 002b:00007f15f41b3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 1064.036167][T26681] RAX: ffffffffffffffda RBX: 00007f15f35e5fa0 RCX: 00007f15f338eec9 [ 1064.044154][T26681] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004 [ 1064.052160][T26681] RBP: 00007f15f3411f91 R08: 0000000000000003 R09: 0000000000000000 [ 1064.060136][T26681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1064.068128][T26681] R13: 00007f15f35e6038 R14: 00007f15f35e5fa0 R15: 00007ffe3ffd27b8 [ 1064.076119][T26681] [ 1064.084763][T26681] REISERFS warning (device loop5): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 1064.108194][T26681] REISERFS warning (device loop5): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 1064.122695][T26703] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -117 [ 1064.148759][T26703] EXT4-fs error (device loop8): dx_probe:823: inode #2: comm syz.8.14268: Directory hole found for htree index block 0 [ 1064.161801][T26681] REISERFS warning (device loop5): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 1064.181910][T26703] EXT4-fs (loop8): Remounting filesystem read-only [ 1064.191176][T26703] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117 [ 1064.207858][T26703] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 1064.290482][ T6917] usb 3-1: Sony Clie 3.5 converter now attached to ttyUSB0 [ 1064.321977][T26703] EXT4-fs: Ignoring sb option on remount [ 1064.355834][T26703] EXT4-fs: Ignoring removed orlov option [ 1064.362320][T26703] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 1064.372823][T26703] EXT4-fs (loop8): re-mounted. Quota mode: writeback. [ 1064.395487][T11583] EXT4-fs (loop8): unmounting filesystem. [ 1064.491858][ T6579] usb 3-1: USB disconnect, device number 61 [ 1064.499295][ T6579] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0 [ 1064.509811][ T6579] visor 3-1:0.0: device disconnected