last executing test programs: 3m17.996373313s ago: executing program 0 (id=1132): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000400)={0x40, 0x1, 0x2}, 0x10) 3m17.560469345s ago: executing program 0 (id=1136): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x40000000048601, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)=0x8) 3m16.213132038s ago: executing program 0 (id=1140): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d380012"], 0xc4}}, 0x20050890) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c0100001800010000000000010000001d0101001500040001000080ff000000a67494fcd3a42289070000001e010600fe"], 0x14c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 3m15.69765217s ago: executing program 0 (id=1144): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000e00)={[{@orlov}, {@data_err_ignore}, {@noquota}, {@jqfmt_vfsv1}, {@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@nodelalloc}, {@data_err_ignore}]}, 0x3, 0x47b, &(0x7f0000000980)="$eJzs3M1vFGUYAPBnpt1iLdiK+AV+VNFI/GgpoHLwoEYTD5iY6EGPm7YQZAFD1wRIE8EDnowx8W48+i940osxnky86t2QEMNF8LRmdmfa3WV3S2G3C+7vl2x53vnY9306827fmXeHAEbWbPYjidgeEX9ExHSj2LrBbOOfa1dXF69fXV1MolZ7/++kvt0/V1cXi02L/aaaC5HEng71rpw7f6JcqSyfycvz1ZOfzK+cO//S8ZPlY8vHlk8dOHz40MGFV1858HJf8pyKNI/e+ejrd4982ZJ/Wx59Mttr5bO1Wp+rG64dTfH4ENvB5ozlx6tU7//TMdZ09Kbj7c/XCp8NqYHAwNRqtdpU99UXasD/WBKtZV0eRkXxh764/u10Hfz6wEYfw3fljcYFUJb3tfzVWDO+dseg1HZ920+zEfHhhX+/zV4xmPsQAAAtfszGPy9mo53VxWzssT7+SOOhpu3uy+eGZiLi/ojYGREPxKnYFREPRtS3fTgiHtlk/e2TJDeOf9LLt5TYTcrGf6/lc1ut479i9BczY3lpRz3/UnL0eGV5f/472RelbVl5oUcdP731+1fd1jWP/7JXVn8xFszbcXl8W+s+S+Vq+XZybnblYsTu8U75J2szAUlEPBoRuzu9QbpxHcef//6xbus2zr+HPkw01b6LeC47/tl7teVfSHrPT87fE5Xl/fPFWXGjX3+79F63+m8r/z7Ijv+9Hc//tfxnkub52pXN13Hpzy+6XtPMlvJgE+f/hXK1PJF8UI8nih/lavXMQsREcqTR6Hzbs9nyA+v7FuWz+fZZ/vv2du7/O2P9N7EnIrKT+PGIeCIinsyP3VMR8XRE7O2R/y9vPvNx+7LJIv874Pgvber4rwcT0b6kczB24ucfWiqdWQ/z/K/3/vw7VI/25Utu5vPvZtp1a2czAAAA3H3SiNgeSTq3Fqfp3FzjO/y7ItLK6ZXqC0dPf3pqqfGMwEyU0uJO13TT/dCF/LK+Ub4YEY2vFhTrD0Zav2/8zdhkvTy3eLqyNOzkYcRNden/mb/Ght06YOA8sAWjS/+H0dWz/5e2rh3A1ruh//fs89sG2hZga3X4+z85jHYAW6/T+N//9wOjoa3/m/aDEeL+P4wu/R9G13j+uG8y7IYAW2llMjZ+SL5nULzTLe6+UTAdcbstHE4QpTuiGQMLIh14FRODPbX6GZSam5rcHW3uHQzn8wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDf/gsAAP//gBDLBQ==") syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080)) mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c}) 3m14.333844066s ago: executing program 0 (id=1149): r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106) recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/23, 0x17}, 0x2) 3m12.788825803s ago: executing program 0 (id=1157): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000), 0x4) 3m10.652009448s ago: executing program 32 (id=1157): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000), 0x4) 7.106369547s ago: executing program 4 (id=2103): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) poll(&(0x7f00000000c0)=[{r0}], 0x1, 0xfff) ioctl$EVIOCGABS20(r0, 0x40044591, 0x0) 6.485759688s ago: executing program 4 (id=2108): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) io_setup(0x3, &(0x7f0000000140)=0x0) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x83, r0, 0x0, 0x0, 0x0, 0x0, 0x2}]) 5.772430668s ago: executing program 4 (id=2113): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000004c0)={0x5, 0x40000}, 0x10) sendmsg$nl_route(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000012003700"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000a001d"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x880) 5.213405765s ago: executing program 4 (id=2116): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x80}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0xc082}, 0xc000) 5.081742574s ago: executing program 1 (id=2118): r0 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f00000000c0)=0x31) ioctl$CEC_S_MODE(r0, 0xc05c6104, &(0x7f00000000c0)=0x7) 4.655092083s ago: executing program 4 (id=2121): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[], 0xa, 0x234, &(0x7f0000000900)="$eJzs279rE2Ecx/HPXS7pNdpWrDqIQlGsLjb+mBxE3Tr1H+hU2qjFE6tVsEWwWdRB6OTm4iQIDo4idRMn/wAHwU0pdgg4OfTkzvvR5JLmB5ecpO/X0ueez/Pkee7oJd82iQDsWVc1IUOGCt7BMfvA+riR9ZYA9Ikb/Ny23JgZhgAG282RrHcAIBtb16SXp6Rf1UfzyhXCssCrAL5tStqYfKo1Bbk5JOn1F8mK6oetinTUCnLD1nB9ffFKOh3ON4q14UNbqkjFKN+3IxyWKq7/+GdOhuvv14hGNZb38oMaD9ZfiOYfaVnvWJ2XSAAADBxDU63yXQeYur7olM81zfN+fr5pXvDzCy3yi9HxUNSafTHz4IN7edvLp+bvOAu7bRNAA2YX9//X43E71+L+t5rc//V/JwDov+WV1VtzjuM+lvxG+V7QEzTC/wjEPbnEmFQa4XsObQwO36FMRN5j7OjJJaevTybPPb2zMOONjUnqzYX6jxtqEH2f/ndNoh6zF1e+pnHi558nS8/fvW9n8NsOlzCj37rZjXK1boxMqYfnNZG4C+Ycu73pxprrdrhow6eL+MMBdtrPRAD6rXT/9lJpeWX17GJO0o1yPnzBn/6x6Vf2pZr6Pp/dTgGkLX7Rb5RWEj1u7eHMp8+/q5fePOti5SuSPha7mAgAAAAAAAAAAAAAAOoc0uGstwAAAACgT5Lf/rk7mvZXl7I+RwAAAAAAAAAAAAAAAAAABs3fAAAA///PtQqI") rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='.\x02\x00') 4.38260893s ago: executing program 1 (id=2124): timer_create(0xb, 0x0, &(0x7f0000000300)=0x0) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0) timer_gettime(r0, &(0x7f0000000000)) 3.936374472s ago: executing program 4 (id=2125): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) syz_mount_image$bcachefs(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x800000, &(0x7f0000000180)=ANY=[], 0x1, 0x5a05, &(0x7f0000000180)="$eJzs3X+MHNWdIPBX3T2e9ozHHhtYHAjjweBdFjbxmF8iyWrj3dtNVsAiR6yymHMCAx6zTvxLtlnAsIvZgxwIiEiUKEs2f5CIoCPxRkhwCQ6C8ONsLpAgLjl0IujIHckfORGCFcCHIi5z6ul6PT01Xa6enh5j4PORPdX1+vX3vap6XV3f1z3TAQAAgPeE/TftOHjBcX/11D+PvXH9X39/8w2hvzxRXo0VBtPl1W9XDzmceitLJ5bZcfFH137rl8OX/8UP7+v75pv71p+44Wd/edTlD33m3L13/utjrw888PuXiuLG8XTq5HoysXz4wJc/t+/pY2u3awXlZHB3CIuTJY8tTjIhRn4XQlifrixIl/PT5f1vnLGhtrzh1t4pD1qUCWK8v7ctSMfZroNXnRZe/PO1N/542Xf+rWfPy7snqyTVpvEUwsJLmx/fk465OO7iaFsaH5wu14QQBtLbtRF2Tk5/fvPFp86qLU9qs/8rc9aPT5fz0mV/QZx4//LMeilTL7se9WSWfQXtzVZePzqtV2RBZn3yZPSVol3blrx+xvLF6fJ76fLUGcYvx/9JKCWh0uj+pmRyjISm45aEZKJ+tbFeahzbkG5/Zj3JrJcy6+WezHZNtJvuvXKSTC2P9TLl8XRcSctPbD5Xt3BhTvn70mU1faK+GddD9kZd/7Qbje2aEPt14BB9ORxKTeegVuWNA58ejNrmjI+Pj/cnS6Y9ZryFeN++tbetKK97fP9gTj+S+5I0fjLR5kzj7/rR4gWf/vYtVy7Ni39pKY1f6ij+z8975tWLb/nGV3Pj3xHjlzuKf/ojfa+c98RNy3P3z4G4fyodxR996cnblx192Z7c/t8V41c7ir967zO9AwcfeTS3/yNx/8zvKP4LH/nYL+597sGXc+OHGL+vo/jr9m77fO/QwVNy4z8a909/Z+PntT1nPz809KvhvPjPxvgDHcW/Z/edH7570a3n5h7fNXH/DHYU//yTH7pxwcEHT8g7dyZ3deuVE+C96aj0GuvmdL3TPHO2mvKFfxmu1K8DF6T/B8KXu9dQ5uKz1s7C7kUHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAnHnPZfP/6/Pzn4SiVd701vvFCqL2P5vBCS+SGEHTtHt+/cuOWK4c9svXL7ltFNw6M7h8e27Nx+zfCZfzK8fWzbptFraveOfOCM+uOWhKS+TE6Y1nbv+Ph4aXBqWWzv352858UV5/yfX4cwcsxPhyq5/V955+a7j27xMyNZPf7RzVde8NOzYsFg2q/BFv0aHx8fDzn9+s1Fb939xQO/PCWEkT84VL+efOHPfjClQxMFk3FSpd5Q39G9SV/LftR7/fVS7E/cX5UNGzeNjRx6/9YeX87Zjn9/7cu/23D1F96q799q7na0uX/nrx7fVPrK2vP/31euqxcU9etwH/evp+O5aH/HrYj9i/uvmu7vhel2LczZrkrOdt3040efe/i4W17fHUYqry2b3nbRdvWkA6AneV9b7cYW+pLFU8qraf14xOPjVu7cvG3ljmt2fWDj5tErxq4Y2/KhVWeuOnvkrLPPWjmx5Su7vP2x/T9sc/sPz3ha9A+7vxd/tjeeivpVtD9q/SreH809ynv+9V34uS996M4nLqgXFI3zWLtxPkmXfbXjvCo0jbfp+6rVdhXthxDCcKv98Orr54Zj/8fGG4vOQ81HpvlnRrJ6/Onlv/36OV9b+qf1gsNynm/uUIfn+UavJ/szsb+q6fEYr21H75G3f3tDOd2u/pb9WvX0Ez237f/1Pzb6N29euHp0587tq+o/F6Q9XZAc37Jf2dK4XcsmfpZDenhDY5i2GK81PaHev+z5M1bP7tX+9L7+ZEnL7cqK9+1be9uK8rrH9+ft6eS+eovzw0B9mbw/p+amzAPLIVyf34Ej9flXND6GPv61Bz75wHfPnDY+Tq//LNquJGe7vvPcPV/65hf+43e7t10f/7NnBn/7P/9+Rb3gnXJeafQ67U/SfF45PYSi59+y0Ho7cp9/pdbbU/T8y7YzWb91vOHMen8od/R8Pf2RvlfOe+Km5bnP1wPtPl+vm7JWTsqNDWzV/pEyfrLPr6QytR9z9/yaMlCS1eM/vPmo3Y9dv+a4ekHRuG7UbjWuz2gj/8jZrh9c/PzQ1uH/8N+7d9741p/cf8nPRlf/U72g8+Me+9Kd415N9281Z/82eh3zzub9+8HLt25aXy8/cq9/02VB/hNPJTuu2fXZ0U2bxrbvaG+7Wr+ezpv2ehrbye7lTl9P49ltScF2laZt19zdaGd/tft8S/tfzsbo9PnWH5KOXhd2/Wjxgk9/+5YrB6c9Km3o0lIav9RR/J+f98yrF9/yja/mxr8jxq90FH/0pSdvX3b0ZXty49+VpPGrHcVfvfeZ3oGDjzyaG38k9n9+R/Ff+MjHfnHvcw++nBs/xPj9ne3/1/ac/fzQ0K9y4z+bpO3UrpFCuP+NMzbU15PQkz7fYj96pvQrZNeTzHops15uXi/V51obDZSTZGp5rJeWn9jUl1b+Lqc8XoVVl9aXb8b1kL1x6PIjTanp3N+qvOg6FQDg3S6+/x+vQeP7/2PphVL+TANMmkUedn0tD1uaEzfmYZPzOfOm3L80jR8fH+cBhz4YRmrLG4brF/ozfR8hPh+y85yxnVNOmhqj03nOovn35Zn12K/6fHmlKQ9NTc9rKqGN+ffYzkCjnUPPv2c2v3h+fPjmad0abpq3yh6/nnTGrNXnHcLU/VKpRcgbH9l5sfh5jqGFYc1Ee22Oj+znaOJxyH6OJrZzXObE2ennaGY7PmK3DzE+Jrpc/P7G9OMXDrF/J49f62jZ4zeD412t1Z/r92e7MG/Y8pR2+OYN5/b9MPOSOfHTJ9iRPm8Yy+N2VNqcT/xkCC1rdGs+MZ4uYr8OHKIvh4P5RODdKub/8TWilv/XLsD/b6Ze0XVo9qoxxsv9nNC0d3jrivKO6Z/T6+vodXzd3m2f7x06eErudc6j7X7uZ9uUtb6Cz/0U7ccVmfXC/ZgzQVOU72XbKdrv2c9l9IeBjvb7Pbvv/PDdi249N3e/r6m/kBbv9y9NWRso2O/vgHyhdXz5wnsiX5jt5xiK5s/etnwk/eDTXOUjf5tTPtN8pG/ajcZ2TXjH5SM9h7dfAMA7R8z/G++fpfn//4oV0uuIorz11Mx6jJebt+Zcn+TlrX+TLq/O1O9Pf6NiptfN55/80I0LDj54Qm7ecle7eeh/mrI2WJiHzi5vzs0j1nTn8+K5eUQjz5pdnpjb/0aeOLs8PTd+I0+fXR6du38aefTs5gFy4zfmAY7cPHdhaCfPLZivyzQWV9udr3vX5tHpr8/OVR59YU75TPPo/vC140NTf5u2a4I8GgDg7RXz//plXP2qp5b/P5GpN9v32XPzgi5dt2f/Hkgj/rOHK6+c67xvrvPWuc7r53peop4Xl8KRlxe39/7vXM8LtTlPdm29IN7X7jzZez4vThvNz4uzNxrbNUFeDADA4RDz//npenz/f3r+P7v8pFX+1jMlP5Gft4z/LsvPj8T3rdvLz7s4/9X0OxaHb/5rbj8nM4f5/0Whe/n/DbF8Tt4Xr1Ynd578HwCAI1DM/+OvPca///df0vXs362Xp+fEl6e/+/L05viHLU/v/jxb6ORzAJn4R8A8QFw/sj8HENdD0435k/XNAwAA8HbomciUpv+e/afSZfb37PN+L//inPrtqqSXx5ft3D42dsmV29aP7hy7ZMvW9WM7Lrlq+8adO8e21OvNNm/MzVvSvLEnVNL90bpeNm9blP49hEU5fw8hWz+GPX7ixvS/h5Btdn7B3xGYPH7t9Tfv+JUOUb/V+Mg73nnx/y6nftQ4/pf//emXbNhxycYtG3duHN20cdfY1Hq1rLVvBt+bGXfLjL4vNfNjmtLMv7+zO/0oTetHT7o/8r6fPcn0Y3Hak8V533+Q0++n/tsX/+Hk8bfuDWHkmPL7J/s9v61+Tw25evw/XzT2Nzv3/3Rbrf+lQ/a/UTPtV9H3lWbrx+2pbNq6Y+dpG7ZeuWX99IY6EOczSo31OZrPSJ/+5TbnJ9bllM/09/fL024cmdqenwAAYIr4/n+8no3vH34hvYCK5e3n6bN7/zg3Tx9pL0/Pfi9ZUZ6erR+3t908vTrLPD3bflGe3qp+qzw9L+/Oi/+3OfVnKjtOyiFvnMzucx654+TS9sZJ9vsMisZJtv5Mx0kyy3GSbb/1caw2+tWqfqtxknfc88bJJ3Lqt1SayXljdp/LyR0Pd7Q3Hv44s140HrL1ZzoeSrMcD9n2i84breq3Gg95xzcv/gU59ds1dXzUBsbEuBi75Kqt2z/bVG+uv/+i5sVZ9W9uv/+jU+33f24/9zX3/Z/bz5XNff9n97my3P4/O5uZsJ4Z9H9uv9+lU4dtvjb9sFnR58+K5nHXTt+ACTOdx5037caRyTwuvH1i/h/f7on5/63psttvA3XzOml80eTtw/c9ab7HrGX8Ln2PWdF1zDv+9TxV9Hq++56p9b2eAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALy79FaWTiz337Tj4AXH/dVT/zz2xvV//f3NN/zRtd/65fDlf/HD+/q++ea+9Sdu+NlfHnX5Q585d++d//rY6wMP/P6lwsCDEz8rp6ar1RCSV5IQqg8f+PLn9j19bK0sCSGUk8HdISxOljy2OMlEGPldCGF9o59T77z/jTM21JY33No7pXxRJkh2u0J/OfanuZ8hXF24RbwDVdNxtuvgVaeFF/987Y0/Xvadf+vZ8/LuySpJtWk8hbDw0ubH94QQ5qf/a+JoWxofnC7XhBD6mh53TkG/Tmqz/ytz1o9Pl/PSZX9BnHj/8sx6KVMvux71ZJZ9Be3NVl4/Oq2Xr34mWJApzZ6MZiuvn7F8cbr8Xro8dYbxy/F/EkpJqDS6vymZHCOh6bglIZk4ltXGeqlxbEO6/Zn1JLNeyqyXezLbNdFuOtDKSTK1PNbLlMfTcSUtP7H5XN3ChTnl70uX1fSJ+mZcD9kbdf3TbjS2a0Ls14FD9OVwKDWdg1qVNw58ejD607L+ZMlk5fHxuJwmVtm39rYV5XWP7x/M6UdyX5LGT6bHD7nhG/F3/Wjxgk9/+5Yrl+bFv7SUxi91FP/n5z3z6sW3fOOrufHviPHLHcU//ZG+V8574qblufvnQNw/lY7ij7705O3Ljr5sT27/74rxq23Hnxcm46/e+0zvwMFHHs3t/0jcP/M76v8LH/nYL+597sGXc+OHGL+vo/jr9m77fO/QwVNy4z8a909/Z+PntT1nPz809KvhvPjPxvgDHcW/Z/edH7570a3n5h7fNXH/DHYU//yTH7pxwcEHT8g7dyZ3zf6VE+C97Kj0GuvmdL0pzxyYSZ45W035wr8MV+rXfAvS/wPdbCij1s7COYwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC700+uO/NTF330E2srSQhJTp3xFuJ95XmrVw930O7oS0/evuzoy/Y0ly3tIA4AAABQrJTm4aVGSTUsDVcl88PxLevHOYLj41oytTw7hxDjZOcIOo1TmmWcrZX6styl/lS6FKenS3HmdSlOb5fiVAviVEN7ceYfIk6lNira7E/fIfvTfpz+LsVZ0KU4A12Ks7BLcRZ1Kc7gIeO0Pw4XdynOkg7iPFydHueoLvXn6C7FOaZLcf6gS3GO7VKc7JzyTMfhQFrzuLw4EzfKhXEqSblxR6v59GPTdk6YZTv9Be0MFL0et9nO/DbbOale68l43i3NsJ1qm+38YeZxM20nabOdP55lO6WCduK4vTrbv9hOXGtz/F/TpTi7uhTn2tnHeWs8hHBdl/rzj12K809dinP9LOMAtCu+Dz+Z7w2G3sqfhr70jJOdBYj57rKJn9Nf7/JOSDHe+zPl84riZRP1TLxlM+3f1AmE/my85Zl4PVPiVRr5SE68EFPeGG9F5s7C7c1OKGT6d2qmvLcoXnZiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADm0E+uO/NTF330E2tDEmr/WhpvId5Xnrd69XAH7e5be9uK8rrH9zeX9VY6CAQAAAAUinl4T6OkGnorq0JvMm9KvWo6D1BN18uD9eXQwrCmtkyGSxPrfcniQz6ukj5u5c7N21buuGbXBzZuHr1i7IqxLR9adeaqs0fOOvuslRs2bhobqf8MobcgXghhYvphxzW7Pju6adPY9h31wmz/l6aPW5quJ+njhj4YRmrLG9L+LylorzStvbm7UXz0AAAAAAAAAAAAAAAAAAAAAAAAAAD+P7t2FyLXWT4A/D0zszPTbfPv/mnaTkOzGfJRohZN4lZTLZ0DgoXmgywFmamuJdgEi5smtEmJdWwDtjVBEVoCIZILI7HYWrzphy1iPwhUajTgxiBt0V7ohdJqJS25kJSR7M6Zr53JrEPopvH3uzgfz/u873Pec7HwnB0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4cE1VxybKpfHKcBRC1COn1kUyls7GcXGAul95YccPcqOnV7bGcpmOpIUDLAwAAADMkvThQ41IPuQy6ZAO10zfLZ0J5qYHQrPvBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/vdMVccmyqXxyqVRCFGPnFoXyVg6G8fFOdZqXf+t9576zOujo39rHS8MtAMAAACgn6QPTzUi+VAIy8JQdE1bXtK7L+qY35mXrLN4jnmd3w565S2bY951c8z7WJ+8jfXz7gAAAAAffUn/n2lERkIus6Bn/9+vr0/ylnTkpevnuf5WAAAAADh/kv4/14gUQi5TaPTrc+33l3bkJfP7/d8+mb+ix/x+/8/fUD/7Pz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfHRMVccmyqXxSjoKIeqRU+siGUtn47g4QN01Lw7/Y93Rh5e2xnKZARYCAAAA+kr68GbrnQ+5zHAYCpdO9/2jtxx65kvPPDcWQphp87PZsHvzzp33rJk5Jnmrjx0d+v6r73x7Vt7qmeO8bRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADhvpqpjE+XSeOWSKISoR06ti2QsnY3j4gB13/z8F//yxMnn326NFQZYBwAAAOgv6cObvX8+FEI2ZMNV03etvf5ZqY75vb4ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABePe795/zc2T05uuceFCxfzdxFC2HMBPEbzYr7/MgEAAOfbkhCF2n/p6k3z/dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCFYKo6NlEujVfyUQhRj5xaF8lYOhvHxQHqxi8czy04/eLLrbHCAOsAAAAA/SV9eLP3z4dCGApD4crpu27fBKb7/5EP8SEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAC8pUdWyiXBqvLIhCiHrk1LpIxtLZOC4OUPfxPQc/d+Ty793aGstlBlgIAAAA6Cvpw7ONSD7kMh8PuXBt/X6yfUKUrp+7fxdoztvRNm14zvOqbfPSc563t2NnmfpuZublk/VGZs6NecXZ84ot8wqhUb7YNi/sb5u1oM9zBgAAAJhHSf+fa0RGQi6Ta+lzf9qWPxKlwyX1a30uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBqqjo2US6NV6IohKhHTq2LZCydjePiAHXv/+3/X/bVn+3b1RorDLAOAAAA0F/Shzd7/3wohMXh/8Li6b4/jLTnJ3n/LJ858ti//royhFVXnRjNdC77o+Ti12/e/FLnIYRUe3YqhMvr9aIe9X7z+8fuW14780QIq65MXzurXjh3vfYl49qz5S0bdu4IO/q8HAAAALhIJP3/UCMyEnKZu3v2/0nn3af/b5huwC+/b88vFtaP9Y68Y0ZqpF4v1aPeF5Y/9ecVa//+ztn+/1z1PnVw25GFbQVnIh2iuFbatmvjiRsOp5Jdz9RPd9RP3suXv/X2v7fufvTMTP18yNfjizLd6s8+dqx3SVybTB2orP/gQPXs7bpG/UyP/T/8u5dP/mrRvvfP1n9vyXCj/nUdv9po3X+3+qFRf/i2R/bfePDoxvb9hxCK3eq/+/6t4eo/3vVQ5/6HOxZuffOtxw5RXDu29NThtYcKN7XXj5qvvO39//zk4/t/8uh3n0vqJ78VWblsrvVTHfVf23vFnlce3LSovX6qx/5fuv310e3F7/yhc/93tq2a6fkUs/f/5PVP3/HG5viBziEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLy1R1bKJcGq+kohCiHjm1LpKxdDaOiwPUfWvd8Xdv3/fjH7bGCgOsAwAAAPSX9OHN3j8fCiEbsmF4uu9/trxlw85XT+wIIzOjUf2cmdx+785PbN2+6+475+nJAQAAgLlK+v9MIzIScpnlYaje/5e27dp44obDqaT/TyX9/9a7JresCo281/ZeseeVBzctanwnCGH6ZwH5s3mfbubdcvPxkVN/+vqKrnlrmnnHlp46vPZQ4aYkL7TmrQ6N7xNPXv/0HW9sjh9oPF9r3ie/tn2y/nkiWXf4tkf233jw6MbGPurn4fq6Sd5k6kBl/QcHqkleun7O1/cNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMw2VR2bKJfGKyEd8r1yal0kY+lsHBfPWeGzXaPrl//yoctOP7+4NZbLDLIDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ww4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX26y5EyuqPA/g5M7v/HXd2dVf/0Fa0rlYUdpEURNRNRUVoiNCVImFpXkRBEFEY0RoaiRXdBFk3EhVUWwgFuUmixRq9STddVFBgXQQiLZSLBL2wM+cZZ5+dp8lHCarPB4Yz58zzfOf3nHPmmRkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/kr6ekUZ7eMf9M2vOu+njx+468egt79677ZKHX/t+bNMNH+3tf/nk1OZlW766ccmm/Xevmtz9wqGfB9/+7WjX4IeazYrUrYUQj8cQau9NP/v41CfnzI7FEEI1Do2HMBwXHxqOuYSVv4QQNrfqnPviWyeu3DLbbtvVN2d8US4kf12hXs3qaRqaWy//LrW0z7bOPHhZ+Ob6dds/W/rmG70Tx8ZPHRJrbfsphIUb28/vDSEsSI9Z2W4byU5O7doQQn/beVd3qevCv1j/5QX981P7v9TWu+Rkry/P9Su54/L9TG8Iv65J8xFy19pU61LB6Smqo+xx3Qzk+vmb0ZkqqjMbH07tO6ldcZr51RAeWd+4n4ZKDD2t8u+Jp/ZIaFu3GGJjLWutfqW1tiFdf64fc/1Krl/tzV1X433TRqvGOHc8Oy43nt2Oe9L4si4767aC8XNTW0sf1JNZP+SfNNXnPWldV0NW1/Sf1PJ3qLTdgzqNtxY+LUY9jdXj4nnn/N5B9trUuicvrm54//BQQR1xb0z5sXv+UJiXv/XT4YHbX9/5wEhR/sZKyq+Uqv/b1Ud+XL/zxecL85/J8qul8q840H989Qc7lneYn4WN/OlsfnpK5d9x9MOnlv7/zolOa93I35Pl10rlXzd5pG9w5sDBwvVdmc3PglL5X19783evfrHvWGF+yPL7S+VvmLzv6b7RmUsL8w82Pwr1xg4tsX9+mrjqy9HRH8aK8j/P5n+wQ37smv/K+O5rXlq0a1Xh/lybzc9QqfpvvWj/9oGZfRcU3TvjnrP1zQnw37Qk/cZ6IvXL/s88U23/F54b62l+Aw2kx+DZfKOcmP3gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+IMdOBYAAAAAEOZv3RvEBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFMAAAD//8WrM1M=") 3.898227245s ago: executing program 1 (id=2126): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000) 3.774783198s ago: executing program 3 (id=2127): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000500), 0x141002, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000a00)=0x40000) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000)=0x2) 3.725276043s ago: executing program 2 (id=2128): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x800802, &(0x7f00000006c0)={[{@file_umask}, {@iocharset={'iocharset', 0x3d, 'cp737'}}, {@part={'part', 0x3d, 0x2}}, {@uid}, {@codepage={'codepage', 0x3d, 'cp1251'}}]}, 0x21, 0x306, &(0x7f0000000240)="$eJzs3U9v00gYx/HfOEmbdquut+1qpb3sqruV4FJR4IC4BKFcuXNClCaVqlpFtEUCLgTEEfECuPMCuPAOuHAB8QbgxIkX0JvRTOzETmwnbZOmf74fqdFkPON5Btv1PJaKBeDCul3/9u7aD/tjpJJKkm5KnqSqVJb0p/6qPt7Z39oPmo2iHZVcD/tj1O5p+tps7DSzutp+rkfEt9/KmkvWYTzCMLz1fdJBYOLc1Z/Bk6aj69Btr55wXOPSkv6ZdAwnLXmAzYEO9ETzEwwHAHAKRPd/L7pNzLkqI8+TVqLb/rm6/x9MOoDRuh70VYWFHRL3f7e6C409vr+7Td18z6VwdrsXZ4nDBFPp+T6l9pmVWmCaQVmli8Wb2dwqa3XjhRqeXqoWSTRbcp+N9qkbS0Y7Ff1zJEZfzshNC+TPvaI7s+3ZuBVlrzikza2gOW0LGfEvDjHi1GGiHcR8Ml/MPePrrRqd9V85NHYUN5Dfc6S8io3/Sv4ef3O9bCtFaX+tVvNSTf5wg/ydnsqAc6qanZEk9xk/IGh1IiiK0429oPRjhfbs1gb0Wszq5Xe+5fRaSvUqRWfC6sbDoPBRynjEUzRvzF2zrJ/6oHpi/e/Z+FbUvTJ7r+IU41pGZ0Z7Pjknadm19PvuHN3L5d9OBJHpw04Nkg75tOy1HuiG5veePtsuBUFz1xbiQ7S9HtesB4/mdo0rBM3Kq/SmdKFg0/ELJcU1M1GMiTZqdRuH1vMwHHbP4fhiDoLLI92h/f3RqWkp+1jYQ9ip8cY0rwtfqH+WTkEYxy+EoZSzaeS/n3AK7Zn4oLuvZc1MOiKcMLvuMu38z63ko1WdS5Hsh1+wTi9OMpXa41ong0svBRfc52x+Bpe529wMLjHi1Zyc0eVc/12S/k9UGhWO6EdxnhOmrq+6z/N/AAAAAAAAAAAAAAAAAACAs+ZIfzzw8X3RHwL1FSY9RwAAAAAAAAAAAAAAAAAAAAAAzrojvf836/+Id+//9TPf/zsbF0b1/t/i9wIBGNKvAAAA//+VVHHB") r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x50009404, &(0x7f00000004c0)={0x0, 0x0, 0x3a}) 3.575025225s ago: executing program 5 (id=2129): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bond\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="300000001c0035742bbd7000fed3df2502000000", @ANYRES32=r1, @ANYBLOB="0800720908000100ac1414bb060002"], 0x30}, 0x1, 0x0, 0x0, 0x20040001}, 0x0) 3.155333938s ago: executing program 1 (id=2130): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_INFO={0x2c, 0x3, "ebae551382395afa4d23edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad"}, @NFTA_MATCH_NAME={0xa, 0x1, 'limit\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xbc}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800) 2.893628371s ago: executing program 2 (id=2131): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) ppoll(&(0x7f0000000440)=[{r0, 0x10290}], 0x1, &(0x7f0000000480), 0x0, 0x0) 2.694557612s ago: executing program 5 (id=2132): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x10000000}) 2.694326583s ago: executing program 1 (id=2133): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f00000102c0)={0x0, 0x22, 0xf, {[@main=@item_012={0x0, 0x0, 0x9}, @local=@item_4={0x3, 0x2, 0xa, "d5e200"}, @global=@item_4={0x3, 0x1, 0x1, "d63123e9"}, @global=@item_012={0x1, 0x1, 0x7, "84"}, @global=@item_012={0x1, 0x1, 0x2, "f3"}]}}, 0x0}, 0x0) 2.40519042s ago: executing program 3 (id=2134): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x9, @loopback, 0x106}, 0x1c) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000fffffe7e8ae000"/24, 0x18) 2.342798256s ago: executing program 2 (id=2135): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e23, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4c}}, 0x8, 0x24}, 0x90) 2.090012588s ago: executing program 5 (id=2136): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000300), r0) sendmsg$NET_DM_CMD_STOP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x14, r1, 0x1, 0xfffffffe, 0x25dfdbfd, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x50010}, 0x0) 1.819096774s ago: executing program 3 (id=2137): r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f00000006c0)='./file0\x00', 0x0, &(0x7f0000000140)={[{@mode={'mode', 0x3d, 0x5}}, {@cruft}, {@uid}, {@hide}, {@gid}]}, 0x1, 0x66f, &(0x7f0000001640)="$eJzs3d9uFOcVAPCz/FGQK9GqjRBChEyglUAiZncdjKxcbcez9iS7O6uZdQQXVYSCiRAmqSCVCnfc0FZtHyK3fYBetk8U9RGodnZNDMZeAsRrod9vBd+3O2fmOzMezdHYOzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQjXW02W43o5YON68ne0tWy6CfJ019OZts1fXt5/32u2WfciMb4X5w4EacnH51+/8fJp8b/nY+zk3dn48S4ORGPfnHqV5/+5tiR7fn3SfhAPHj46O7Nra3N+/NOZE7WskFeFXm/s5YleVUkK8vLzSvr3Srp5r2sulGNsn6SlllnVJTJxfRS0lpZWUqyxRvFxmBttdPLtj+89nG72VxOPlscZp2yKgZXPlus0vW818sHa3XMePI45tp4R/w8HyWjrNNPktt3tjaXZiU5Dmq9SlB7VlC72W63Wu12a/nqytVrzeaxXR80XxC7Iua/0zJfb/PwDW/kyLT+Ry/yGMRGXI/kpa80VqOMIvp7TJ/arv+/u5LtO+7O+r9d5U//OPlM1PX/3OTdub3q/x65HNzrQTyMR3E3bsZWbMVm3J97Rgf7WossBpFHFUXk0Y9O/Uky/SSJlViO5WjGl7Ee3agiiW7k0YssqrgRVYwiq/eoNMrIohOjKKKMJC5GGpciiVasxEosRRJZLMaNKGIjBrEWq9Gpl3I77tTbfWmfHJ8FtV4lqL1PkPrPm3v7B3F4TU+36z8AAADwzmrUv30fn/8fjw/qXjfvZc15pwUAAAC8RfVf/s+Om+Pj3gfRcP4PAAAA75pGfY1dIyIW4sNJr74S6v2/zzszAAAA4G2p//5/btwsjHsfRuPZnVB8CQAAAADeEX+deY/9avhe4z//i7I83ng8vP7bxr3OOK5z7+hkvqMvLnHUPdM4OV1I3Swfm75Ls7ON6d0vn90E84dpc3tWHo23kED8Iz6axHx0a9Le2p4yGWWhm/eyxbTofdqKTufkkVF2ffSnb+78OerV/9ugf7IRt+9sbS5+9e3WrTqXx+OlPL43vYHirvso7pPLd/X9FuprLl66xsfrCzGm4y5Mxm3uXP8jk9mP/IQxn8T5Scz5hUm78Pz6nxiP2Vrca+2nWbTecM2fxIVJzIWLFybNS7Joz8qivTOL19oWr5DF0qwslt4wC4B5uT2jCjV2F/7XOModTHV/EhcnMRfP1AfWY2deckRvzjqiN9+wuv0rLk1iLm0H71Vjx+P+84Wq+v14hu/3HLfqtRvjTXj0u3t/jFMPHp77+M69m19vfr35Tbu9tNz8pNm82o7j9WpMG7UHgJeY/YydmRGNT2acVf/62VcKFuOr+Da24lZcrq82qL9xMF3qH2LnUhd2fA3h8oyz1oUdT3i5POOsbmHHg15ePXbpAH4SAHBwzu+qwz+9/l+ecd79fC3f/+x4Zy0HAH4eWflDY2H0l0ZZ5sMvWysrrc5oPUvKIv08KfPVtSzJB6OsTNc7g7UsGZbFqEiL3rjzRb6aVUm1MRwW5SjpFmUyLKr8ev3k92T66Pcq63cGozythr2sU2VJWgxGnXSUrOZVmgw3ft/Lq/WsrGeuhlmad/O0M8qLQVIVG2WaLSZJlWU7AvPVbDDKu/m4O0iGZd7vlDeSL4reRj9LVrMqLfPhqJgscHusfNAtyn692MV5b2wAOCQePHx09+bW1ub9n7Ez73UEAJ6nSgMAAAAAAAAAAAAAwOF3ENf/vYud7e13WPLRuXvz6XuTn8lhyWevzr+n+85hyWf/PRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo//BwAA///CwE77") read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020) 1.691336092s ago: executing program 2 (id=2138): r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040)={[{@map_normal}, {@check_relaxed}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}]}, 0x1, 0xab7, &(0x7f0000000d00)="$eJzs3d1rHOe5APBnVt9KSJzEJ8kxSTx2cKIkPrI+TmxMLk5saSUrRx8HSYYYziEOsXwwFieHpIXEFGzT0quEhlIKbaGUXPYqkF40N8UXhfayV70otKH/QAm9ckrbKTOzknalXa0tryU7/f3Ear6eed/nnZmdV7vanQnuZ1mWFY8dTp/96W4my73n9OTnH3/yYf64fi16oyteTn4e0R8RaUT334pjpWdicnFhrk1BlyPOR8SNiCQi+qIctjDQMHU+ku/EgxvTNyL5UTzZZLX+22wcbWX8U9vr4w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO5JE5MjI6NJzM7Mn309ba24Bfg2y9eK+6y463fyWbtqk4gkf0R//9qtvp/cv7H48fzX4XiqnHqqvPN3f1x54PF9rzzWXVlbf5uEdsW771+5/Obq6so7tem+NO1pu1LfXU/r9vXubLXp6vzM0sLM3KnpajqztJCePH585NiZqaV06npEnFtars6lE4vVU8sLi+nQxAvp6MmT42l1+NzC2fnpyeHZ6trME/82NjJyPH1t+L+qpxaXFuaPvTa8NHFmZnZ2Zn66iMkX5zEn8gPxP2eW0+Xqqbk0vXhpdWW8XZJ50GjTJUlj0Fi7ksZGxsZGR8cG4vjLJ18+MTLSXZsxNro2Y2ST2BKx9wctnfbjW478WcfP33AHKrX+P2ZjJubjbLweadOfiZiMxViIuSbLko3y1vr/I8eq29Zb3/+v9fJPbiw+EEX//0w59Uyr/r9Fru1/sqwseafrr7f82vtxJS7Hm7Eaq7ES79xpiVlXbMrsy80xf82ybAclp3mZB+u3wR23Po3pqMZ8zMRSLMRMzMWpmI5v/rFswUKkcTKOx/EYiTfiTEzFUqQxFTMxG9VYinOxFMtRLY6oiViMahqxHAuxGGkMxUS8EGmMxskYiPFIoxrDcS4W4mzMx3RMxqmilItxqdju49vkuB40eitBY9sEbenM76z/z+7FvwTZsbZ/+mdZWvdSCfZcVuv/e1sGZGtjQxO7lhUAAADQSf/663ho/6O/+n1ETzxdvC8/NTNbHdnrtAAAAIAOKj6u91Q+6Mki4ulImrz+r+xRcgAAAEBHJMV37JKIGIyD5Vj5Taiu8CEAAAAA+Ioo/v//TD4YzMcORrJ+JZTzTSIBAACA+1Dba+zXXvZf2yaiP2rXtEwvlMMLtYjadX4Hp2Zmq8MTC7OvjMZzxVUGim8abCmtKyLpyWM3LkZ4aLAcDq6XOJAX2p9HjQ6/MhovxuFaQ4aezQfPDjXWXUSOlZHPl5HPbxM5nkfegmt3uNkBYE8d3toff5k1XGO//V8IL8bRMuLoge686+4+0KRnHdnoWbv3oqEAwLr299hpjLhaW6++///3/PV/Y6fe0P8/Ghf/ns9cieF4K96O1bgQR4tvGxSfOGio978/qr1nsP4xhJE4GofK2K3vBjTE/uZEJY62eT9gsO5GL0fbvCNQxsb/RIzfxT0AALvvcIt+uFX/X0TE2scBy/7/aN3r/9j6+n/93fwVXykEgHvC+h3sOzqSddXP2es2AgCN9NIAAAAAAAAAAAAAAAAAAAAAAAAAAADQeR297H//LcT8sm9rpX+o3devnJN1/n4EzUcGattgbc7V29oa1999/8p3I6J+USVvxN3Juci0syVXOlBOFhG7tb/uaOSD/tsIjn0RO96q0WxRb0Tc9ZYOdKKKL2sj5XOjst3J4+y2SwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgPJBFdzeZXIvoiYiQiju1+VnfPtb1OYPf9R/1EcjNuxnvx0N6lAwAAAAAAAAAAAAAAAAAAAAAAAAAAAADw1VS7/n8lyuED5azorkQciYjzEZHtdY6ddHOvE+iQgR3G113/P9/nkSXRXe72SHomJhcX5vLdX9z7ofL5x598+ERjMX23Wl8RWNl0c4laDZtjf/Lg2tgjxVqDkyvvXv7a2/+fTp6OSvTG6eWp2cm56cVXN1Z5PPk0Io3ysSbPN39848gvPtqaUfJp3tLmNtc7VWycya31PtFs7Vb1VlpVt+7S6spYHrVcfX356/936b26RY/GoYhnhyKGGmv63/zRvIVxKHq2zOvdGE2+SL6dPBTfj/PF/s+3RpIl+S56uEh34OKl1ZXht95evdAip31xMCIuRPRHbf2WOa1v6oPF+aSp4qir9Fy8tFqLziP3t2ljc+v3uLhQK3FltEUbHikOmcFaG3ob2lBpUWfaug3FBq/b7uv7PKlbpcxovJZRbzRm9Fg812RPZ30RrbfCc032dFvJF8nvkjPx2/hW3f0/Kvn+P5K1fnY2FnEkGo+UlpGVMrJo+Vj9gjc2R/7pB7eUfdPb1HC7PigP/JpK3fm/tq92dj7q31xPljQ/H9XU1Tjeosbmz4tNZ4fNR0Xrc27RI+3ftEaZwUjLlco895dRLfL8l3gpovtANGzYxjy39NYvtT6jNK7/6qb52dVisNPn/w+TofhzXHP/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4N6XRHQ1m18pB/vWptOI7DaK7Wu1oDKY3FZ+nXZt/dd9bn/xu9Iw73r71ZKbcTO7ereSAgAAAAAAAGC3nZ78/ONPPswfxf/ju25mWe3/+2lEd0TsS743EJOLC3NtCuqJOB8RN/Lx/lZBf8lKjXPz9eLBjekbEdnDO28SANDGPwIAAP//DZtzvw==") execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0) 1.509214264s ago: executing program 5 (id=2139): r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000240)="03", 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f00000002c0)={'syz', 0x2}, &(0x7f0000000700)="31953957dff1c4d54566d58e6f1921fd4720c9ff0851866668c4f6cf14ebf77f5de7e3d3020cf0afcfa9c30a1769915903a61078a0b99dcca392020e6548c19d3295262767336f84b22b48534fde00000000000000000000000000aadd31133be75ee5eac6cb1944c36b1ea8d3461aff05c9dbb661345c36871807dad4100eb421f75a07575677b85770000f7989ad193ef226f4a4c2ccb1725986841b3e04b41357188a174c6292a4fbdcc807669ea86cf207b81c5c40fb34bf1c1f975f5ebbbb", 0xc1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r0}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={'blake2b-384\x00'}}) 1.087399964s ago: executing program 3 (id=2140): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [], {0x14}}, 0x28}}, 0x0) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94) 980.590904ms ago: executing program 2 (id=2141): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") symlink(&(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) 864.46358ms ago: executing program 5 (id=2142): r0 = socket$inet6_udp(0xa, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x88, 0x20, 0x0, 0x0) 700.691997ms ago: executing program 3 (id=2143): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x2c}}, 0x0) 455.525576ms ago: executing program 1 (id=2144): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000009c0)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x483c}]}]}]}, 0x3c}}, 0x0) 452.413468ms ago: executing program 5 (id=2145): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380100001800400030008"], 0x44}}, 0x0) 40.284512ms ago: executing program 3 (id=2146): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x14, r1, 0x701, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000090}, 0x4040480) 0s ago: executing program 2 (id=2147): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x2}, 0x48) kernel console output (not intermixed with test programs): = 1 limit=64 [ 412.955194][ T8318] Buffer I/O error on dev loop2, logical block 76, lost async page write [ 412.964512][ T8318] syz.2.1017: attempt to access beyond end of device [ 412.964512][ T8318] loop2: rw=2049, sector=77, nr_sectors = 1 limit=64 [ 412.978304][ T8318] Buffer I/O error on dev loop2, logical block 77, lost async page write [ 413.084870][ T8318] syz.2.1017: attempt to access beyond end of device [ 413.084870][ T8318] loop2: rw=2049, sector=78, nr_sectors = 760 limit=64 [ 414.804130][ T8352] loop0: detected capacity change from 0 to 1024 [ 414.982456][ T8352] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.219274][ T8352] EXT4-fs error (device loop0): empty_inline_dir:1760: inode #12: block 7: comm syz.0.1033: bad entry in directory: inode out of bounds - offset=4, inode=150994957, rec_len=16, size=60 fake=0 [ 415.246635][ T8352] EXT4-fs warning (device loop0): empty_inline_dir:1767: bad inline directory (dir #12) - inode 150994957, rec_len 16, name_len 5inline size 60 [ 415.409959][ T8361] bridge_slave_0: invalid flags given to default FDB implementation [ 415.617277][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.630158][ T8357] loop2: detected capacity change from 0 to 4096 [ 415.670934][ T5824] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 415.679668][ T5824] Bluetooth: hci4: Injecting HCI hardware error event [ 415.701652][ T5824] Bluetooth: hci4: hardware error 0x00 [ 416.155349][ T8357] ntfs3(loop2): MFT: r=b, expect seq=0 instead of b! [ 416.162967][ T8357] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 416.562154][ T8372] netlink: 1256 bytes leftover after parsing attributes in process `syz.3.1041'. [ 416.572355][ T8372] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 416.588124][ T8374] loop0: detected capacity change from 0 to 128 [ 416.731602][ T30] audit: type=1800 audit(1759006126.699:23): pid=8374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1042" name="file2" dev="loop0" ino=1048743 res=0 errno=0 [ 416.758877][ T8374] syz.0.1042: attempt to access beyond end of device [ 416.758877][ T8374] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 416.940535][ T8377] netlink: 'syz.2.1043': attribute type 1 has an invalid length. [ 417.495194][ T8388] loop0: detected capacity change from 0 to 512 [ 417.586300][ T8388] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 417.599800][ T8388] ext4 filesystem being mounted at /229/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 417.754178][ T5824] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 418.009781][ T8399] loop2: detected capacity change from 0 to 64 [ 418.172824][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 418.728309][ T8410] loop2: detected capacity change from 0 to 1024 [ 418.909879][ T30] audit: type=1400 audit(1759006128.889:24): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name="://&P" pid=8411 comm="syz.1.1059" [ 418.911806][ T8415] netlink: 'syz.4.1061': attribute type 2 has an invalid length. [ 418.955677][ T8415] netlink: 'syz.4.1061': attribute type 2 has an invalid length. [ 419.013139][ T8410] hfsplus: xattr searching failed [ 419.215290][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 419.222676][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 419.694834][ T32] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 419.895504][ T32] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 419.907103][ T32] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 419.917391][ T32] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 419.930923][ T32] usb 1-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 419.940227][ T32] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.987054][ T32] usb 1-1: config 0 descriptor?? [ 420.182213][ T8424] loop2: detected capacity change from 0 to 4096 [ 420.307283][ T8432] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 420.419211][ T8424] NILFS (loop2): error -2 reading inode: ino=86067118090 [ 420.438710][ T8433] loop3: detected capacity change from 0 to 1024 [ 420.513053][ T32] hid-multitouch 0003:0EEF:72D0.000A: item fetching failed at offset 1/5 [ 420.549104][ T32] hid-multitouch 0003:0EEF:72D0.000A: probe with driver hid-multitouch failed with error -22 [ 420.680476][ T32] usb 1-1: USB disconnect, device number 4 [ 422.308252][ T8460] loop2: detected capacity change from 0 to 1024 [ 422.522790][ T8460] syz.2.1082: attempt to access beyond end of device [ 422.522790][ T8460] loop2: rw=0, sector=1835012, nr_sectors = 4 limit=1024 [ 422.536894][ T8460] Buffer I/O error on dev loop2, logical block 458753, async page read [ 422.550554][ T8460] syz.2.1082: attempt to access beyond end of device [ 422.550554][ T8460] loop2: rw=0, sector=1835012, nr_sectors = 4 limit=1024 [ 422.566956][ T8460] Buffer I/O error on dev loop2, logical block 458753, async page read [ 422.960942][ T8465] loop1: detected capacity change from 0 to 4096 [ 422.999605][ T8465] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 423.299312][ T8465] ntfs3(loop1): ino=19, mi_enum_attr [ 423.305308][ T8465] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 423.368813][ T8478] loop0: detected capacity change from 0 to 512 [ 423.411727][ T8478] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 423.434867][ T8465] ntfs3(loop1): failed to convert "c46c" to iso8859-13 [ 423.480342][ T8465] ntfs3(loop1): ino=20, mi_enum_attr [ 423.563935][ T8478] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 423.583261][ T8478] ext4 filesystem being mounted at /236/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 423.691001][ T8478] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.1091: iget: bad i_size value: 2533274857506816 [ 423.997977][ T8489] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1094'. [ 424.002414][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.927006][ T8506] loop2: detected capacity change from 0 to 256 [ 425.058601][ T8506] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 425.123048][ T8510] loop3: detected capacity change from 0 to 128 [ 425.258501][ T8506] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 425.268233][ T8506] exFAT-fs (loop2): Filesystem has been set read-only [ 425.295689][ T8509] loop1: detected capacity change from 0 to 1024 [ 425.363938][ T8501] loop4: detected capacity change from 0 to 4096 [ 425.424135][ T8501] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 425.474378][ T8501] System zones: 0-5 [ 425.566716][ T8501] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 426.114012][ T5817] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 427.087290][ T8520] loop0: detected capacity change from 0 to 40427 [ 427.115252][ T8520] F2FS-fs (loop0): Invalid log sectorsize (14) [ 427.122059][ T8520] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 427.132310][ T8520] F2FS-fs (loop0): build fault injection rate: 14 [ 427.139165][ T8520] F2FS-fs (loop0): build fault injection type: 0x3bfe89 [ 427.165894][ T8520] F2FS-fs (loop0): invalid crc value [ 427.192958][ T8520] F2FS-fs (loop0): inject kmalloc in f2fs_kmalloc of f2fs_build_segment_manager+0x50c0/0x54d0 [ 427.203912][ T8520] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-12) [ 428.170043][ T8542] loop3: detected capacity change from 0 to 1024 [ 428.419082][ T8542] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 428.451817][ T8548] loop4: detected capacity change from 0 to 128 [ 428.669017][ T8542] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1117: bg 0: block 88: padding at end of block bitmap is not set [ 429.012821][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.673415][ T8570] blktrace: Concurrent blktraces are not allowed on sg0 [ 430.027121][ T8568] loop1: detected capacity change from 0 to 4096 [ 430.075259][ T8568] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 430.458948][ T8583] loop4: detected capacity change from 0 to 128 [ 430.501915][ T8583] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 431.228184][ T8582] loop2: detected capacity change from 0 to 32768 [ 431.279157][ T8582] BTRFS error: device /dev/loop2 has incomplete metadata_uuid change, please use btrfstune to complete [ 431.282157][ T8583] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 431.431892][ T8568] ntfs3(loop1): ino=19, mi_enum_attr [ 431.618149][ T30] audit: type=1800 audit(1759006141.753:25): pid=8583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1135" name="file1" dev="loop4" ino=1048748 res=0 errno=0 [ 431.931459][ T32] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 432.151815][ T2905] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 432.212424][ T32] usb 4-1: New USB device found, idVendor=0c45, idProduct=608f, bcdDevice=b5.55 [ 432.222111][ T32] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 432.234257][ T32] usb 4-1: Product: syz [ 432.240978][ T32] usb 4-1: Manufacturer: syz [ 432.245996][ T32] usb 4-1: SerialNumber: syz [ 432.350736][ T32] usb 4-1: config 0 descriptor?? [ 432.376759][ T32] gspca_main: sonixb-2.14.0 probing 0c45:608f [ 432.613438][ T8601] loop4: detected capacity change from 0 to 256 [ 432.657670][ T8601] exfat: Deprecated parameter 'utf8' [ 432.663758][ T8601] exfat: Deprecated parameter 'namecase' [ 432.677887][ T8601] exfat: Deprecated parameter 'namecase' [ 432.683842][ T8601] exfat: Deprecated parameter 'utf8' [ 432.835727][ T32] input: sonixb as /devices/platform/dummy_hcd.3/usb4/4-1/input/input13 [ 432.868082][ T8601] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d) [ 432.941388][ T8604] loop0: detected capacity change from 0 to 512 [ 432.964543][ T8606] loop2: detected capacity change from 0 to 512 [ 433.013695][ T8604] EXT4-fs: Ignoring removed orlov option [ 433.039552][ T32] usb 4-1: USB disconnect, device number 8 [ 433.068007][ T8606] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 433.072204][ T8604] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 433.153677][ T8604] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.1144: bad orphan inode 131083 [ 433.211513][ T8604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 433.269673][ T8610] loop1: detected capacity change from 0 to 256 [ 433.312719][ T8604] overlayfs: upper fs needs to support d_type. [ 433.340278][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.350490][ T8610] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 433.362026][ T8610] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 433.524957][ T8610] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 433.616963][ T8613] tipc: Started in network mode [ 433.622582][ T8613] tipc: Node identity aaaaaaaaaa34, cluster identity 4711 [ 433.631972][ T8613] tipc: Enabled bearer , priority 10 [ 433.755172][ T5813] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 13: comm syz-executor: path /248/file0: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 434.746699][ T2905] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.890993][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 435.159194][ T32] tipc: Node number set to 10398378 [ 435.242970][ T2905] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 435.258402][ T8620] loop1: detected capacity change from 0 to 32768 [ 435.271660][ T8620] XFS: ikeep mount option is deprecated. [ 435.278511][ T8620] XFS (loop1): Invalid device [./file0], error=-15 [ 435.617862][ T2905] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.046102][ T2905] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.502225][ T2905] bridge_slave_1: left allmulticast mode [ 436.508138][ T2905] bridge_slave_1: left promiscuous mode [ 436.515451][ T2905] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.581597][ T2905] bridge_slave_0: left allmulticast mode [ 436.587492][ T2905] bridge_slave_0: left promiscuous mode [ 436.594430][ T2905] bridge0: port 1(bridge_slave_0) entered disabled state [ 437.220424][ T2905] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 437.254499][ T2905] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 437.271109][ T2905] bond0 (unregistering): Released all slaves [ 437.902744][ T8639] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 437.943977][ T30] audit: type=1326 audit(1759006148.191:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8631 comm="syz.1.1159" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd03818eec9 code=0x0 [ 438.127354][ T2905] hsr_slave_0: left promiscuous mode [ 438.177563][ T2905] hsr_slave_1: left promiscuous mode [ 438.186033][ T2905] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 438.194389][ T2905] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 438.298064][ T2905] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 438.307373][ T2905] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 438.427048][ T2905] veth1_macvtap: left promiscuous mode [ 438.432965][ T2905] veth0_macvtap: left promiscuous mode [ 438.444993][ T2905] veth1_vlan: left promiscuous mode [ 438.450639][ T2905] veth0_vlan: left promiscuous mode [ 438.945403][ T49] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 439.029466][ T49] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 439.057267][ T49] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 439.206297][ T49] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 439.236816][ T49] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 439.584138][ T2905] team0 (unregistering): Port device team_slave_1 removed [ 439.755509][ T2905] team0 (unregistering): Port device team_slave_0 removed [ 440.139539][ T8658] program syz.2.1169 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 440.213253][ T8659] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1170'. [ 441.261326][ T8662] loop4: detected capacity change from 0 to 32768 [ 441.292095][ T8662] bcachefs (/dev/loop4): error reading default superblock: Unsupported superblock version_min 0.2: (unknown version) (min 0.9: (unknown version), max 1.28: inode_has_case_insensitive) [ 441.334920][ T8662] bcachefs (/dev/loop4): error validating superblock: Not a bcachefs superblock (got magic 00000000-0000-0000-0000-000000000000)Bad sb offset (got 288230376151715840, read from 4096) [ 441.357537][ T8662] bcachefs: bch2_fs_get_tree() error: invalid_sb_offset [ 441.507374][ T5824] Bluetooth: hci1: command tx timeout [ 442.277933][ T8674] binder: 8673:8674 ioctl 4018620d 0 returned -22 [ 442.516944][ T8670] loop1: detected capacity change from 0 to 4096 [ 442.643236][ T8670] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 442.714618][ T8670] ntfs3(loop1): ino=3, mi_enum_attr [ 443.015493][ T8648] chnl_net:caif_netlink_parms(): no params data found [ 443.103372][ T8670] ntfs3(loop1): ino=1e, "file1" fallocate(0x10) is not supported [ 443.566298][ T5824] Bluetooth: hci1: command tx timeout [ 443.775252][ T8693] loop4: detected capacity change from 0 to 128 [ 443.837110][ T8693] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 443.868233][ T8693] hpfs: filesystem error: improperly stopped [ 443.875966][ T8693] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 443.884389][ T8693] hpfs: You really don't want any checks? You are crazy... [ 443.942603][ T8693] hpfs: hpfs_map_sector(): read error [ 443.948206][ T8693] hpfs: code page support is disabled [ 443.981083][ T8693] hpfs: hpfs_map_4sectors(): unaligned read [ 444.000796][ T8693] hpfs: hpfs_map_4sectors(): unaligned read [ 444.010637][ T8693] hpfs: filesystem error: unable to find root dir [ 444.020553][ T8696] loop2: detected capacity change from 0 to 1024 [ 444.119761][ T8696] hfsplus: bad catalog entry type [ 444.532953][ T2905] hfsplus: b-tree write err: -5, ino 4 [ 444.664063][ T8648] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.671930][ T8648] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.680249][ T8648] bridge_slave_0: entered allmulticast mode [ 444.690186][ T8648] bridge_slave_0: entered promiscuous mode [ 444.779943][ T8648] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.787842][ T8648] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.796009][ T8648] bridge_slave_1: entered allmulticast mode [ 444.806172][ T8648] bridge_slave_1: entered promiscuous mode [ 444.986589][ T8706] loop2: detected capacity change from 0 to 256 [ 445.215655][ T8648] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 445.315005][ T8648] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.436059][ T8706] FAT-fs (loop2): Directory bread(block 64) failed [ 445.443267][ T8706] FAT-fs (loop2): Directory bread(block 65) failed [ 445.454057][ T8706] FAT-fs (loop2): Directory bread(block 66) failed [ 445.461140][ T8706] FAT-fs (loop2): Directory bread(block 67) failed [ 445.468137][ T8706] FAT-fs (loop2): Directory bread(block 68) failed [ 445.475107][ T8706] FAT-fs (loop2): Directory bread(block 69) failed [ 445.485351][ T8706] FAT-fs (loop2): Directory bread(block 70) failed [ 445.492571][ T8706] FAT-fs (loop2): Directory bread(block 71) failed [ 445.499755][ T8706] FAT-fs (loop2): Directory bread(block 72) failed [ 445.513935][ T8706] FAT-fs (loop2): Directory bread(block 73) failed [ 445.632414][ T5824] Bluetooth: hci1: command tx timeout [ 445.814140][ T8648] team0: Port device team_slave_0 added [ 445.869478][ T8648] team0: Port device team_slave_1 added [ 445.876500][ T30] audit: type=1326 audit(1759006156.206:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 445.876767][ T30] audit: type=1326 audit(1759006156.206:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 445.923809][ T30] audit: type=1326 audit(1759006156.247:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f20e838d710 code=0x7ffc0000 [ 445.990635][ T30] audit: type=1326 audit(1759006156.247:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f20e83906f7 code=0x7ffc0000 [ 445.990902][ T30] audit: type=1326 audit(1759006156.247:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 445.991153][ T30] audit: type=1326 audit(1759006156.247:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f20e83906f7 code=0x7ffc0000 [ 445.991410][ T30] audit: type=1326 audit(1759006156.287:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f20e838db2a code=0x7ffc0000 [ 445.991668][ T30] audit: type=1326 audit(1759006156.287:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 445.991917][ T30] audit: type=1326 audit(1759006156.287:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 445.992170][ T30] audit: type=1326 audit(1759006156.287:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8719 comm="syz.3.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 446.151932][ T8648] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 446.152016][ T8648] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 446.152181][ T8648] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 446.168858][ T8648] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 446.367672][ T8648] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 446.367854][ T8648] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 446.629785][ T8726] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1200'. [ 446.642647][ T8726] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1200'. [ 446.826877][ T8648] hsr_slave_0: entered promiscuous mode [ 446.837673][ T8648] hsr_slave_1: entered promiscuous mode [ 446.999783][ T8722] loop2: detected capacity change from 0 to 4096 [ 447.335513][ T8732] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 447.343420][ T8732] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 447.691823][ T5824] Bluetooth: hci1: command tx timeout [ 448.104229][ T8648] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 448.135363][ T8648] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 448.199276][ T8648] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 448.268851][ T8648] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 448.462486][ T8743] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1206'. [ 449.542162][ T8648] 8021q: adding VLAN 0 to HW filter on device bond0 [ 449.683515][ T8648] 8021q: adding VLAN 0 to HW filter on device team0 [ 449.767914][ T4416] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.775588][ T4416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 449.946760][ T4416] bridge0: port 2(bridge_slave_1) entered blocking state [ 449.954508][ T4416] bridge0: port 2(bridge_slave_1) entered forwarding state [ 450.272131][ T8765] loop3: detected capacity change from 0 to 256 [ 450.360760][ T8765] exfat: Deprecated parameter 'namecase' [ 450.367390][ T8765] exfat: Deprecated parameter 'utf8' [ 450.391965][ T8766] loop4: detected capacity change from 0 to 128 [ 450.570613][ T8765] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 450.571070][ T8766] FAT-fs (loop4): Directory bread(block 32) failed [ 450.593478][ T8766] FAT-fs (loop4): Directory bread(block 33) failed [ 450.600497][ T8766] FAT-fs (loop4): Directory bread(block 34) failed [ 450.607489][ T8766] FAT-fs (loop4): Directory bread(block 35) failed [ 450.620781][ T8766] FAT-fs (loop4): Directory bread(block 36) failed [ 450.628929][ T8766] FAT-fs (loop4): Directory bread(block 37) failed [ 450.637199][ T8766] FAT-fs (loop4): Directory bread(block 38) failed [ 450.647179][ T8766] FAT-fs (loop4): Directory bread(block 39) failed [ 450.655036][ T8766] FAT-fs (loop4): Directory bread(block 40) failed [ 450.661965][ T8766] FAT-fs (loop4): Directory bread(block 41) failed [ 450.973972][ T8766] FAT-fs (loop4): Filesystem has been set read-only [ 450.979496][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 450.979969][ T30] audit: type=1800 audit(1759006161.342:38): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1219" name="file1" dev="loop4" ino=1048754 res=0 errno=0 [ 450.999058][ T8766] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 453.075903][ T8788] loop2: detected capacity change from 0 to 32768 [ 453.353490][ T8788] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow [ 453.353625][ T8788] allowing incompatible features above 0.0: (unknown version) [ 453.353722][ T8788] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 453.401555][ T8788] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 453.410164][ T8788] bcachefs (loop2): initializing new filesystem [ 453.434771][ T8788] bcachefs (loop2): going read-write [ 453.492887][ T8648] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 453.520145][ T8788] bcachefs (loop2): marking superblocks [ 453.596745][ T8788] bcachefs (loop2): initializing freespace [ 453.639925][ T8788] bcachefs (loop2): done initializing freespace [ 453.676248][ T8788] bcachefs (loop2): reading snapshots table [ 453.682710][ T8788] bcachefs (loop2): reading snapshots done [ 453.902035][ T8788] bcachefs (loop2): loop2: Superblock write was silently dropped! (seq 0 expected 42) [ 453.938612][ T8788] bcachefs (loop2): done starting filesystem [ 454.256559][ T5811] bcachefs (loop2): shutting down [ 454.261807][ T5811] bcachefs (loop2): going read-only [ 454.268309][ T5811] bcachefs (loop2): finished waiting for writes to stop [ 454.353741][ T5811] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3 [ 454.377314][ T8813] loop1: detected capacity change from 0 to 2048 [ 454.589127][ T5811] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3 [ 454.621900][ T8813] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 454.634212][ T5811] bcachefs (loop2): clean shutdown complete, journal seq 4 [ 454.668439][ T5811] bcachefs (loop2): marking filesystem clean [ 454.707301][ T8813] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 454.976014][ T5811] bcachefs (loop2): shutdown complete [ 455.021975][ T30] audit: type=1800 audit(1759006165.413:39): pid=8813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1234" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 455.073164][ T8828] loop3: detected capacity change from 0 to 128 [ 455.119267][ T8828] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 455.592890][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.081989][ T8648] veth0_vlan: entered promiscuous mode [ 456.312302][ T8648] veth1_vlan: entered promiscuous mode [ 456.798396][ T8834] loop1: detected capacity change from 0 to 32768 [ 456.814618][ T8834] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1240 (8834) [ 456.881564][ T8834] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 456.892289][ T8834] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 457.049864][ T8648] veth0_macvtap: entered promiscuous mode [ 457.084079][ T8648] veth1_macvtap: entered promiscuous mode [ 457.095685][ T8838] loop3: detected capacity change from 0 to 2048 [ 457.122310][ T2905] BTRFS warning (device loop1): checksum verify failed on logical 1052672 mirror 1 wanted 0x35d4dfd70f184abac11d1e5d7752de1b3eb1cf469117f468d8106e0b7d282138 found 0x4ba1d96e1e22a6df0d9e4df0400b326ee060edc9a24281dc7d0c2690ddcb412f level 0 [ 457.152462][ T8834] BTRFS error (device loop1): failed to read chunk root [ 457.223864][ T8834] BTRFS error (device loop1): open_ctree failed: -5 [ 457.233163][ T8648] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 457.366040][ T8648] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 457.454261][ T8854] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 457.591570][ T4004] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.673387][ T4004] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.791475][ T4004] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.858343][ T4004] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.661366][ T8866] loop4: detected capacity change from 0 to 32768 [ 459.678320][ T8866] (syz.4.1247,8866,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x62b9e51c, computed 0xfc1f7b60. Applying ECC. [ 459.722749][ T8866] (syz.4.1247,8866,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x53d3e935, computed 0xec33e103. Applying ECC. [ 459.736710][ T8866] (syz.4.1247,8866,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x53d3e935, computed 0x36d71aea [ 459.749785][ T8866] (syz.4.1247,8866,0):ocfs2_validate_inode_block:1458 ERROR: Checksum failed for dinode 69 [ 459.760267][ T8866] (syz.4.1247,8866,0):ocfs2_read_locked_inode:597 ERROR: status = -5 [ 459.768931][ T8866] (syz.4.1247,8866,0):_ocfs2_get_system_file_inode:144 ERROR: status = -5 [ 459.778735][ T8866] (syz.4.1247,8866,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 459.793072][ T8866] (syz.4.1247,8866,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 2, possibly corrupt fs? [ 459.793299][ T8866] (syz.4.1247,8866,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 459.817860][ T8866] (syz.4.1247,8866,0):ocfs2_initialize_super:2198 ERROR: status = -22 [ 459.826994][ T8866] (syz.4.1247,8866,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 460.087716][ T8871] loop3: detected capacity change from 0 to 2048 [ 460.314670][ T8871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 460.880416][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 461.543947][ T8891] loop3: detected capacity change from 0 to 512 [ 461.577956][ T8891] EXT4-fs: Ignoring removed mblk_io_submit option [ 461.596663][ T8891] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 461.642168][ T8891] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 461.653163][ T8891] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a000e018, mo2=0002] [ 461.683064][ T8891] System zones: 0-1, 15-15, 18-18, 34-34 [ 461.743761][ T8891] EXT4-fs (loop3): orphan cleanup on readonly fs [ 461.750781][ T8891] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #4: comm syz.3.1253: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 461.822808][ T8899] overlayfs: workdir and upperdir must be separate subtrees [ 461.839106][ T8891] EXT4-fs error (device loop3): ext4_quota_enable:7131: comm syz.3.1253: Bad quota inode: 4, type: 1 [ 461.894181][ T8891] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 461.913133][ T8891] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 461.922439][ T8891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 462.122282][ T8891] EXT4-fs error (device loop3): ext4_get_link:106: inode #16: comm syz.3.1253: bad symlink. [ 462.200861][ T8891] EXT4-fs error (device loop3): ext4_get_link:106: inode #16: comm syz.3.1253: bad symlink. [ 462.728826][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.262464][ T8913] netlink: 'syz.1.1263': attribute type 1 has an invalid length. [ 463.270684][ T8913] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1263'. [ 463.445539][ T8918] loop4: detected capacity change from 0 to 64 [ 463.656383][ T8920] loop3: detected capacity change from 0 to 128 [ 463.763500][ T8920] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 463.879022][ T8920] hpfs: filesystem error: improperly stopped [ 463.885307][ T8920] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 463.893893][ T8920] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 463.907767][ T8920] hpfs: You really don't want any checks? You are crazy... [ 463.912797][ T8925] loop2: detected capacity change from 0 to 64 [ 463.969122][ T8920] hpfs: hpfs_map_sector(): read error [ 463.978942][ T8920] hpfs: code page support is disabled [ 464.022888][ T8920] hpfs: hpfs_map_4sectors(): unaligned read [ 464.046385][ T8920] hpfs: hpfs_map_4sectors(): unaligned read [ 464.053365][ T8920] hpfs: filesystem error: unable to find root dir [ 464.111796][ T8925] Trying to free block not in datazone [ 464.131195][ T8925] Trying to free block not in datazone [ 464.653473][ T8933] IPv6: Can't replace route, no match found [ 464.795379][ T8936] loop2: detected capacity change from 0 to 512 [ 464.841393][ T8936] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 464.850939][ T8936] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 464.963617][ T8936] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 465.066071][ T8936] System zones: 0-2, 18-18, 34-35 [ 465.088364][ T8936] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 465.342545][ T8945] netlink: 'syz.4.1275': attribute type 1 has an invalid length. [ 465.407248][ T8947] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1276'. [ 465.659856][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.522382][ T2905] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 466.535111][ T2905] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 466.682408][ T8964] netlink: 'syz.4.1283': attribute type 5 has an invalid length. [ 466.776275][ T4004] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 466.784867][ T4004] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 466.992805][ T8966] loop3: detected capacity change from 0 to 1024 [ 467.009219][ T8966] EXT4-fs: Ignoring removed bh option [ 467.215894][ T8966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 467.325423][ T8975] loop4: detected capacity change from 0 to 128 [ 467.432294][ T8975] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 467.510610][ T8975] hpfs: filesystem error: improperly stopped [ 467.517189][ T8975] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 467.525999][ T8975] hpfs: You really don't want any checks? You are crazy... [ 467.600571][ T8975] hpfs: hpfs_map_sector(): read error [ 467.606186][ T8975] hpfs: code page support is disabled [ 467.694501][ T8975] hpfs: hpfs_map_4sectors(): unaligned read [ 467.708874][ T8975] hpfs: hpfs_map_4sectors(): unaligned read [ 467.716530][ T8975] hpfs: filesystem error: unable to find root dir [ 467.763413][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 469.432711][ T9003] mmap: syz.3.1299 (9003) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 469.721892][ T9007] loop2: detected capacity change from 0 to 256 [ 469.895219][ T9007] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 470.447033][ T9019] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 470.557748][ T9013] loop3: detected capacity change from 0 to 4096 [ 470.745304][ T9025] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 471.663911][ T9037] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1314'. [ 471.673419][ T9037] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1314'. [ 472.551445][ T30] audit: type=1326 audit(1759006182.991:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9050 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 472.652455][ T30] audit: type=1326 audit(1759006183.051:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9050 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 472.682952][ T30] audit: type=1326 audit(1759006183.051:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9050 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 472.706433][ T30] audit: type=1326 audit(1759006183.051:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9050 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 472.731283][ T30] audit: type=1326 audit(1759006183.071:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9050 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 472.754272][ T30] audit: type=1326 audit(1759006183.071:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9050 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 472.783163][ T30] audit: type=1326 audit(1759006183.071:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9050 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 473.761894][ T9072] loop1: detected capacity change from 0 to 8 [ 474.028029][ T9077] loop3: detected capacity change from 0 to 512 [ 474.072816][ T9077] EXT4-fs: Ignoring removed bh option [ 474.146131][ T9077] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 474.292295][ T9077] EXT4-fs (loop3): 1 truncate cleaned up [ 474.306639][ T9077] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 474.709073][ T9085] loop5: detected capacity change from 0 to 512 [ 474.747828][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.766554][ T9085] EXT4-fs: Ignoring removed orlov option [ 474.798755][ T9085] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 474.880654][ T9085] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 474.937298][ T9085] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.1332: corrupted in-inode xattr: e_value size too large [ 475.103476][ T9085] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1332: couldn't read orphan inode 15 (err -117) [ 475.193800][ T9095] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1336'. [ 475.203596][ T9095] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1336'. [ 475.211485][ T9085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 475.217294][ T9095] netlink: 'syz.4.1336': attribute type 2 has an invalid length. [ 475.238752][ T9095] netlink: 'syz.4.1336': attribute type 2 has an invalid length. [ 475.250398][ T9095] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1336'. [ 475.712182][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 476.023557][ T9103] loop4: detected capacity change from 0 to 512 [ 476.050412][ T9106] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1341'. [ 476.060241][ T9106] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1341'. [ 476.070754][ T9106] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 476.181635][ T9103] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 476.191599][ T9103] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 476.219483][ T9103] System zones: 0-1, 15-15, 18-18, 34-34 [ 476.227617][ T9103] EXT4-fs (loop4): orphan cleanup on readonly fs [ 476.234577][ T9103] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 476.251035][ T9103] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 476.268662][ T9103] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 476.361492][ T9103] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1340: bg 0: block 40: padding at end of block bitmap is not set [ 476.452367][ T9103] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 476.506951][ T9103] EXT4-fs (loop4): 1 truncate cleaned up [ 476.515681][ T9103] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 476.656878][ T9116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1346'. [ 476.708666][ T9119] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1347'. [ 477.219210][ T5817] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 477.872522][ T9117] loop3: detected capacity change from 0 to 32768 [ 477.987948][ T9123] loop5: detected capacity change from 0 to 2048 [ 477.997057][ T9117] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 478.031626][ T9123] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 478.194577][ T9117] XFS (loop3): Ending clean mount [ 478.229713][ T9117] XFS (loop3): Quotacheck needed: Please wait. [ 478.361896][ T9117] XFS (loop3): Quotacheck: Done. [ 478.514405][ T5827] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 478.609594][ T9137] loop4: detected capacity change from 0 to 2048 [ 478.807487][ T9137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 478.823757][ T9137] ext4 filesystem being mounted at /288/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 479.489294][ T5817] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.217367][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 480.224416][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 480.892247][ T9147] loop5: detected capacity change from 0 to 65536 [ 480.980968][ T9147] XFS (loop5): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 481.169694][ T9152] loop1: detected capacity change from 0 to 4096 [ 481.451615][ T9147] XFS (loop5): Metadata CRC error detected at xfs_agi_read_verify+0x1b9/0x300, xfs_agi block 0x2 [ 481.473023][ T9147] XFS (loop5): Unmount and run xfs_repair [ 481.479190][ T9147] XFS (loop5): First 128 bytes of corrupted metadata buffer: [ 481.487156][ T9147] 00000000: 58 41 47 49 00 00 00 01 00 00 00 00 00 00 40 00 XAGI..........@. [ 481.496570][ T9147] 00000010: 00 00 00 40 00 00 00 04 00 00 00 01 00 00 00 37 ...@...........7 [ 481.505930][ T9147] 00000020: 00 00 00 40 ff ff ff ff ff ff ff ff ff ff ff ff ...@............ [ 481.515239][ T9147] 00000030: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 481.524900][ T9147] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 481.534272][ T9147] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 481.543581][ T9147] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 481.552966][ T9147] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 481.572066][ T9147] XFS (loop5): metadata I/O error in "xfs_read_agi+0x22f/0x580" at daddr 0x2 len 1 error 74 [ 481.584353][ T9147] XFS (loop5): xfs_imap_lookup: xfs_ialloc_read_agi() returned error -117, agno 0 [ 481.594116][ T9147] XFS (loop5): Failed to read root inode 0x40, error 117 [ 481.601753][ T9147] XFS (loop5): Uncorrected metadata errors detected; please run xfs_repair. [ 482.673405][ T9173] sp0: Synchronizing with TNC [ 483.216468][ T9179] loop3: detected capacity change from 0 to 1024 [ 483.263826][ T9179] EXT4-fs: Ignoring removed mblk_io_submit option [ 483.291397][ T9183] vlan2: entered promiscuous mode [ 483.303636][ T9183] bridge0: entered promiscuous mode [ 483.439576][ T9179] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 483.955774][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 484.053461][ T9178] loop5: detected capacity change from 0 to 8192 [ 484.373566][ T9197] loop3: detected capacity change from 0 to 64 [ 484.410675][ T9194] loop4: detected capacity change from 0 to 1024 [ 484.553105][ T30] audit: type=1800 audit(1759006195.003:47): pid=9197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1374" name="file1" dev="loop3" ino=21 res=0 errno=0 [ 484.966026][ T2905] hfsplus: b-tree write err: -5, ino 4 [ 486.987531][ T9231] bridge: RTM_NEWNEIGH with invalid ether address [ 488.759562][ T9245] loop5: detected capacity change from 0 to 32768 [ 488.834828][ T9245] (syz.5.1399,9245,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 488.851864][ T9245] (syz.5.1399,9245,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 488.872242][ T9251] loop1: detected capacity change from 0 to 8 [ 488.914782][ T9245] (syz.5.1399,9245,0):ocfs2_verify_heartbeat:818 ERROR: Cannot heartbeat on a locally mounted device. [ 488.937679][ T9245] (syz.5.1399,9245,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 489.039336][ T9251] SQUASHFS error: xz decompression failed, data probably corrupt [ 489.052967][ T9251] SQUASHFS error: Failed to read block 0x108: -5 [ 489.059934][ T9251] SQUASHFS error: Unable to read metadata cache entry [106] [ 489.067796][ T9251] SQUASHFS error: Unable to read inode 0x11f [ 490.164337][ T9268] loop1: detected capacity change from 0 to 512 [ 490.209885][ T9268] EXT4-fs: Ignoring removed orlov option [ 490.241814][ T9268] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 490.337906][ T9268] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 490.348505][ T9270] loop4: detected capacity change from 0 to 64 [ 490.419846][ T9268] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.1409: corrupted in-inode xattr: e_value size too large [ 490.512209][ T9268] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1409: couldn't read orphan inode 15 (err -117) [ 490.725114][ T9268] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 491.553720][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.866689][ T9282] loop1: detected capacity change from 0 to 512 [ 491.878275][ T3788] kworker/u8:18: attempt to access beyond end of device [ 491.878275][ T3788] loop4: rw=1, sector=2089, nr_sectors = 2048 limit=64 [ 491.902541][ T3788] kworker/u8:18: attempt to access beyond end of device [ 491.902541][ T3788] loop4: rw=1, sector=4137, nr_sectors = 32 limit=64 [ 491.925819][ T3788] kworker/u8:18: attempt to access beyond end of device [ 491.925819][ T3788] loop4: rw=1, sector=4169, nr_sectors = 1 limit=64 [ 491.939832][ T3788] Buffer I/O error on dev loop4, logical block 4169, lost async page write [ 491.954185][ T3788] kworker/u8:18: attempt to access beyond end of device [ 491.954185][ T3788] loop4: rw=1, sector=4170, nr_sectors = 1 limit=64 [ 491.968551][ T3788] Buffer I/O error on dev loop4, logical block 4170, lost async page write [ 491.983015][ T3788] kworker/u8:18: attempt to access beyond end of device [ 491.983015][ T3788] loop4: rw=1, sector=4172, nr_sectors = 1 limit=64 [ 492.001187][ T3788] Buffer I/O error on dev loop4, logical block 4172, lost async page write [ 492.016753][ T3788] kworker/u8:18: attempt to access beyond end of device [ 492.016753][ T3788] loop4: rw=1, sector=4173, nr_sectors = 1 limit=64 [ 492.030679][ T3788] Buffer I/O error on dev loop4, logical block 4173, lost async page write [ 492.041895][ T3788] kworker/u8:18: attempt to access beyond end of device [ 492.041895][ T3788] loop4: rw=1, sector=4174, nr_sectors = 1 limit=64 [ 492.058758][ T3788] Buffer I/O error on dev loop4, logical block 4174, lost async page write [ 492.070120][ T3788] kworker/u8:18: attempt to access beyond end of device [ 492.070120][ T3788] loop4: rw=1, sector=4175, nr_sectors = 1 limit=64 [ 492.084282][ T3788] Buffer I/O error on dev loop4, logical block 4175, lost async page write [ 492.099456][ T3788] kworker/u8:18: attempt to access beyond end of device [ 492.099456][ T3788] loop4: rw=1, sector=4176, nr_sectors = 1 limit=64 [ 492.117521][ T3788] Buffer I/O error on dev loop4, logical block 4176, lost async page write [ 492.133368][ T3788] kworker/u8:18: attempt to access beyond end of device [ 492.133368][ T3788] loop4: rw=1, sector=4177, nr_sectors = 1 limit=64 [ 492.147708][ T3788] Buffer I/O error on dev loop4, logical block 4177, lost async page write [ 492.162466][ T3788] Buffer I/O error on dev loop4, logical block 4196, lost async page write [ 492.171662][ T3788] Buffer I/O error on dev loop4, logical block 4197, lost async page write [ 492.663017][ T9289] loop2: detected capacity change from 0 to 512 [ 492.792843][ T9289] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 492.811508][ T9289] ext4 filesystem being mounted at /259/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 493.062678][ T9289] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #12: block 32: comm syz.2.1418: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 493.092771][ T9289] EXT4-fs warning (device loop2): ext4_empty_dir:3089: inode #12: comm syz.2.1418: directory missing '.' [ 493.523404][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 493.720853][ T9303] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1425'. [ 494.672855][ T9314] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 494.679669][ T9314] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 494.688178][ T9314] vhci_hcd vhci_hcd.0: Device attached [ 494.720485][ T9317] loop5: detected capacity change from 0 to 256 [ 494.974017][ T32] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 495.176387][ T9322] netlink: 'syz.3.1432': attribute type 1 has an invalid length. [ 495.189712][ T9322] netlink: 5624 bytes leftover after parsing attributes in process `syz.3.1432'. [ 495.200262][ T9317] FAT-fs (loop5): Directory bread(block 64) failed [ 495.207434][ T9317] FAT-fs (loop5): Directory bread(block 65) failed [ 495.220176][ T9317] FAT-fs (loop5): Directory bread(block 66) failed [ 495.227231][ T9317] FAT-fs (loop5): Directory bread(block 67) failed [ 495.234358][ T9317] FAT-fs (loop5): Directory bread(block 68) failed [ 495.241125][ T9317] FAT-fs (loop5): Directory bread(block 69) failed [ 495.253624][ T9317] FAT-fs (loop5): Directory bread(block 70) failed [ 495.261262][ T9317] FAT-fs (loop5): Directory bread(block 71) failed [ 495.268921][ T9317] FAT-fs (loop5): Directory bread(block 72) failed [ 495.285609][ T9317] FAT-fs (loop5): Directory bread(block 73) failed [ 495.445585][ T9315] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1 [ 495.462557][ T1880] vhci_hcd: stop threads [ 495.467308][ T1880] vhci_hcd: release socket [ 495.471996][ T1880] vhci_hcd: disconnect device [ 496.751858][ T9328] loop1: detected capacity change from 0 to 4096 [ 497.398894][ T9328] ntfs3(loop1): ino=1a, mi_enum_attr [ 497.405155][ T9328] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 498.121275][ T9350] /dev/nullb0: Can't open blockdev [ 498.396758][ T9353] loop5: detected capacity change from 0 to 2048 [ 498.565272][ T9357] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 498.695009][ T9360] loop2: detected capacity change from 0 to 8 [ 499.453279][ T9369] loop3: detected capacity change from 0 to 1024 [ 499.735048][ T9367] loop1: detected capacity change from 0 to 4096 [ 499.871147][ T9379] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 500.078390][ T32] vhci_hcd: vhci_device speed not set [ 501.839327][ T9403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1468'. [ 501.848841][ T9403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1468'. [ 501.858533][ T9403] netlink: 'syz.2.1468': attribute type 12 has an invalid length. [ 503.039509][ T9400] loop1: detected capacity change from 0 to 32768 [ 503.107838][ T9404] loop3: detected capacity change from 0 to 40427 [ 503.145630][ T9400] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 503.164860][ T9400] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 503.210306][ T9404] F2FS-fs (loop3): invalid crc value [ 503.233230][ T9404] F2FS-fs (loop3): Wrong cp_pack_start_sum: 1 [ 503.239987][ T9404] F2FS-fs (loop3): Failed to get valid F2FS checkpoint [ 503.258936][ T9400] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 503.287919][ T32] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 503.295444][ T32] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 503.918113][ T49] Bluetooth: hci0: unexpected event for opcode 0x2041 [ 504.043765][ T9408] loop4: detected capacity change from 0 to 4096 [ 504.100000][ T32] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 804ms [ 504.114667][ T32] gfs2: fsid=syz:syz.0: jid=0: Done [ 504.120382][ T9400] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 504.137736][ T9408] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 504.624587][ T30] audit: type=1800 audit(1759006215.080:48): pid=9418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1476" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 505.176530][ T9414] loop3: detected capacity change from 0 to 4096 [ 505.437606][ T9424] loop5: detected capacity change from 0 to 128 [ 505.490486][ T9424] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 505.535817][ T9414] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 505.625008][ T9424] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 505.759935][ T9426] loop4: detected capacity change from 0 to 1024 [ 505.830649][ T9428] loop2: detected capacity change from 0 to 16 [ 505.872606][ T9428] erofs (device loop2): mounted with root inode @ nid 36. [ 505.889205][ T9414] ntfs3(loop3): ino=1a, mi_enum_attr [ 505.897513][ T9414] ntfs3(loop3): ino=1a, mi_enum_attr [ 505.903939][ T9414] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 505.949628][ T9428] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 505.977784][ T9428] erofs (device loop2): failed to decompress -46 in[60, 4036] out[1851] [ 505.989119][ T9428] erofs (device loop2): read error -117 @ 43 of nid 36 [ 507.165130][ T9437] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 507.275813][ T9442] loop5: detected capacity change from 0 to 256 [ 507.503983][ T9442] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 508.314262][ T9457] usb usb8: usbfs: process 9457 (syz.4.1495) did not claim interface 7 before use [ 509.891307][ T5869] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 510.132918][ T5869] usb 4-1: config 0 has an invalid interface number: 128 but max is 0 [ 510.141667][ T5869] usb 4-1: config 0 has no interface number 0 [ 510.200964][ T5869] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 510.211087][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 510.225578][ T5869] usb 4-1: Product: syz [ 510.230086][ T5869] usb 4-1: Manufacturer: syz [ 510.238054][ T5869] usb 4-1: SerialNumber: syz [ 510.251960][ T5869] usb 4-1: config 0 descriptor?? [ 510.515159][ T5869] usb 4-1: Firmware version (0.0) predates our first public release. [ 510.523978][ T5869] usb 4-1: Please update to version 0.2 or newer [ 510.847376][ T5869] usb 4-1: USB disconnect, device number 9 [ 511.703367][ T9503] loop2: detected capacity change from 0 to 256 [ 512.042176][ T9497] loop5: detected capacity change from 0 to 4096 [ 512.108660][ T9497] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 512.656891][ T9497] ntfs3(loop5): ino=3, ntfs_set_state failed, -22. [ 513.171727][ T3946] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22. [ 513.179476][ T8648] ntfs3(loop5): ino=3, ntfs_set_state failed, -22. [ 513.187434][ T8648] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 513.202170][ T8648] ntfs3(loop5): ino=3, ntfs_set_state failed, -22. [ 513.268357][ T9521] loop3: detected capacity change from 0 to 64 [ 513.307122][ T3734] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22. [ 513.713524][ T9527] mkiss: ax0: crc mode is auto. [ 514.137127][ T9532] loop5: detected capacity change from 0 to 512 [ 514.338239][ T9532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 514.352716][ T9532] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 514.539167][ T9532] EXT4-fs warning (device loop5): verify_group_input:137: Cannot add at group 1073741831 (only 1 groups) [ 515.105068][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.319778][ T9554] loop1: detected capacity change from 0 to 128 [ 515.908713][ T9560] loop4: detected capacity change from 0 to 512 [ 516.032618][ T9560] EXT4-fs: Ignoring removed nomblk_io_submit option [ 516.228686][ T9560] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 516.237639][ T9560] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c800e028, mo2=0003] [ 516.404846][ T9560] EXT4-fs (loop4): orphan cleanup on readonly fs [ 516.413350][ T9560] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 516.427260][ T9560] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 516.446384][ T9560] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 516.907481][ T9558] loop3: detected capacity change from 0 to 40427 [ 516.916343][ T9560] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1536: bg 0: block 40: padding at end of block bitmap is not set [ 516.925717][ T9558] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 516.947199][ T9558] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 516.992318][ T9560] EXT4-fs (loop4): Remounting filesystem read-only [ 517.006308][ T9560] EXT4-fs (loop4): 1 truncate cleaned up [ 517.015079][ T9560] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 517.029395][ T9558] F2FS-fs (loop3): invalid crc value [ 517.497398][ T9558] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 517.575774][ T5817] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 517.606193][ T9558] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 517.617771][ T9558] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 518.226326][ T9584] program syz.4.1542 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 518.357320][ T9582] loop5: detected capacity change from 0 to 512 [ 518.731317][ T9582] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 518.739551][ T9582] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002] [ 518.840709][ T9582] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (80) [ 518.851612][ T9582] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features [ 518.863213][ T9582] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 518.991260][ T5869] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 519.176485][ T9582] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (80) [ 519.305372][ T5869] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 519.316664][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 519.325673][ T5869] usb 2-1: Product: syz [ 519.330204][ T5869] usb 2-1: Manufacturer: syz [ 519.344284][ T5869] usb 2-1: SerialNumber: syz [ 519.390777][ T9595] loop4: detected capacity change from 0 to 512 [ 519.412036][ T9595] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 519.422951][ T9595] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (45506!=33349) [ 519.462493][ T9595] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.1547: Invalid inode table block 1 in block_group 0 [ 519.484702][ T9595] EXT4-fs (loop4): get root inode failed [ 519.490855][ T9595] EXT4-fs (loop4): mount failed [ 519.593542][ T5869] usb 2-1: config 0 descriptor?? [ 519.627643][ T5869] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 519.688225][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 520.288144][ T5869] gspca_sq905c: sq905c_command: usb_control_msg failed (-71) [ 520.296575][ T5869] sq905c 2-1:0.0: probe with driver sq905c failed with error -71 [ 520.369053][ T5869] usb 2-1: USB disconnect, device number 7 [ 521.062018][ T9612] loop2: detected capacity change from 0 to 256 [ 521.087995][ T9612] exfat: Deprecated parameter 'utf8' [ 521.319259][ T9612] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 521.785837][ T9618] loop1: detected capacity change from 0 to 512 [ 522.043590][ T9618] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 522.054882][ T9618] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 522.225160][ T9618] System zones: 0-1, 15-15, 18-18, 34-34 [ 522.226653][ T9627] netlink: 'syz.3.1543': attribute type 11 has an invalid length. [ 522.248726][ T9627] netlink: 204 bytes leftover after parsing attributes in process `syz.3.1543'. [ 522.287252][ T9618] EXT4-fs (loop1): orphan cleanup on readonly fs [ 522.294551][ T9618] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 522.315594][ T9618] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 522.337770][ T9618] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 522.367793][ T9618] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1554: bg 0: block 40: padding at end of block bitmap is not set [ 522.465537][ T9618] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 522.499229][ T9618] EXT4-fs (loop1): 1 truncate cleaned up [ 522.514753][ T9618] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 522.537771][ T9630] netlink: 'syz.4.1557': attribute type 2 has an invalid length. [ 522.565579][ T30] audit: type=1326 audit(1759006233.012:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9629 comm="syz.2.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722538eec9 code=0x7ffc0000 [ 522.700070][ T30] audit: type=1326 audit(1759006233.062:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9629 comm="syz.2.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f722538eec9 code=0x7ffc0000 [ 522.729202][ T30] audit: type=1326 audit(1759006233.062:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9629 comm="syz.2.1558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722538eec9 code=0x7ffc0000 [ 523.029715][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 523.681696][ T9646] loop4: detected capacity change from 0 to 1024 [ 524.496599][ T9653] loop1: detected capacity change from 0 to 1024 [ 524.671724][ T9653] hfsplus: bad catalog entry type [ 525.022231][ T3879] hfsplus: b-tree write err: -5, ino 4 [ 525.238485][ T9669] loop3: detected capacity change from 0 to 256 [ 525.496004][ T9669] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 525.582433][ T9672] tmpfs: Cannot retroactively limit inodes [ 528.706239][ T5869] IPVS: starting estimator thread 0... [ 528.830310][ T9719] IPVS: using max 192 ests per chain, 9600 per kthread [ 529.132593][ T9721] loop1: detected capacity change from 0 to 1024 [ 529.332520][ T9721] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 529.524923][ T9731] pim6reg: entered allmulticast mode [ 529.591067][ T9733] pim6reg: left allmulticast mode [ 529.702729][ T9735] loop2: detected capacity change from 0 to 256 [ 529.857761][ T9738] [U] ³•¯1WT`8ºÁÍÇÚH$Ô0©·ÑÃÝ9\ [ 529.864120][ T9738] [U] ;2}U‚˜GVÏÄ¥ËÚ#ÈO9ÏÔÕ¥>-ƒÊß´ÜS…Ý¢šÕP [ 529.894385][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.935804][ T9737] [U]  [ 530.197648][ T9740] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1601'. [ 530.530144][ T9745] netlink: 228 bytes leftover after parsing attributes in process `syz.4.1603'. [ 530.542079][ T9745] netlink: 228 bytes leftover after parsing attributes in process `syz.4.1603'. [ 530.868233][ T9752] loop1: detected capacity change from 0 to 256 [ 531.046160][ T9752] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 531.113058][ T9757] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 531.121032][ T9757] IPv6: NLM_F_CREATE should be set when creating new route [ 531.128501][ T9757] IPv6: NLM_F_CREATE should be set when creating new route [ 531.136302][ T9757] IPv6: NLM_F_CREATE should be set when creating new route [ 531.193735][ T9757] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 532.587868][ T9770] ptrace attach of "./syz-executor exec"[8648] was attempted by "\x22"[9770] [ 533.254054][ T9778] loop5: detected capacity change from 0 to 512 [ 533.331264][ T9776] loop1: detected capacity change from 0 to 4096 [ 533.353031][ T9778] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 533.374964][ T9776] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 533.447645][ T9778] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 533.481803][ T9778] System zones: 0-2, 18-18, 34-34 [ 533.496742][ T9778] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 533.514160][ T9778] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 533.552101][ T9778] Quota error (device loop5): do_check_range: Getting block 13697026 out of range 1-5 [ 533.562551][ T9778] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 533.579209][ T9778] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1618: Failed to acquire dquot type 0 [ 533.821006][ T9776] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 533.856027][ T9776] ntfs3(loop1): ino=1a, mi_enum_attr [ 533.867583][ T9776] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 534.001746][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.057802][ T30] audit: type=1800 audit(1759006244.523:52): pid=9776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1617" name="file1" dev="loop1" ino=24 res=0 errno=0 [ 534.642019][ T9793] program syz.4.1624 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 535.169546][ T9801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1628'. [ 536.104015][ T9810] loop1: detected capacity change from 0 to 2048 [ 536.156429][ T9810] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=3932051, location=3932051 [ 536.369215][ T9810] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 536.484276][ T9816] loop2: detected capacity change from 0 to 512 [ 536.563344][ T9816] EXT4-fs: Ignoring removed mblk_io_submit option [ 536.570670][ T9816] EXT4-fs: Ignoring removed nomblk_io_submit option [ 536.643574][ T9816] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 536.652713][ T9816] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 536.730668][ T9821] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.1637'. [ 536.878497][ T9816] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.1634: Allocating blocks 41-42 which overlap fs metadata [ 536.972338][ T9816] Quota error (device loop2): write_blk: dquota write failed [ 536.982744][ T9816] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 537.034906][ T9816] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 537.052777][ T9816] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1634: Failed to acquire dquot type 1 [ 537.105891][ T9816] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 537.123303][ T9816] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.1634: corrupted inode contents [ 537.213332][ T9816] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm syz.2.1634: mark_inode_dirty error [ 537.267331][ T9816] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.1634: corrupted inode contents [ 537.374721][ T9816] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.1634: mark_inode_dirty error [ 537.486835][ T9816] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.1634: corrupted inode contents [ 537.586638][ T9816] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 537.644381][ T9816] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.1634: corrupted inode contents [ 537.711036][ T9816] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm syz.2.1634: mark_inode_dirty error [ 537.758590][ T9816] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 537.814947][ T9816] EXT4-fs (loop2): 1 truncate cleaned up [ 537.829323][ T9816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 538.156235][ T9838] usb usb1: usbfs: process 9838 (syz.1.1642) did not claim interface 0 before use [ 538.158994][ T9816] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 538.265772][ T9841] loop4: detected capacity change from 0 to 256 [ 538.628730][ T9840] loop5: detected capacity change from 0 to 16384 [ 538.757754][ T9840] bcachefs (loop5): starting version 1.13: inode_has_child_snapshots opts=errors=continue,metadata_checksum=none,data_checksum=none,wide_macs,norecovery,read_only [ 538.757904][ T9840] features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 538.796691][ T9840] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 538.806931][ T9840] bcachefs (loop5): invalid journal entry, version=1.13: inode_has_child_snapshots type=clock in superblock: bad size, fixing [ 538.823639][ T9840] bcachefs (loop5): invalid journal entry, version=1.13: inode_has_child_snapshots type=btree_root in superblock: invalid btree root journal entry: wrong number of keys, fixing [ 538.842331][ T9840] bcachefs (loop5): recovering from clean shutdown, journal seq 18 [ 538.851317][ T9840] bcachefs (loop5): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive [ 538.851317][ T9840] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 538.970164][ T9840] bcachefs (loop5): btree node read error at btree alloc level 1/1 [ 538.970278][ T9840] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 6418e625a07b578f written 24 min_key POS_MIN durability: 1 ptr: 0:147:0 gen 0 [ 538.970403][ T9840] loop5 node offset 8/24 bset u64s 9: checksum error, type chacha20_poly1305_128: got 4f8984b2a9482b20a6858222464548fc should be 10e9a02dae2ac5c92967ce14957c4a14 [ 538.970531][ T9840] loop5 btree validate error [ 538.970603][ T9840] flagging btree alloc lost data [ 538.970685][ T9840] running recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 538.970783][ T9840] running recovery pass check_lrus (14), currently at recovery_pass_empty (0) [ 538.970881][ T9840] running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0) [ 538.970990][ T9840] running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0) [ 538.971084][ T9840] ret fsck_errors_not_fixed [ 539.082508][ T9840] bcachefs (loop5): error reading btree root btree=alloc level=1: btree_node_read_error, fixing [ 539.137122][ T9840] bcachefs (loop5): btree node read error at btree backpointers level 0/0 [ 539.137246][ T9840] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq dd412662cf0a3cdb written 24 min_key POS_MIN durability: 1 ptr: 0:177:0 gen 0 [ 539.137376][ T9840] loop5 node offset 8/24 bset u64s 58: checksum error, type chacha20_poly1305_128: got 078c2e72d1fb2cf9a69f9a587b7c18a1 should be a24fdb1e3b0c54e0ee0bce67b808f3ff [ 539.137504][ T9840] loop5 btree validate error [ 539.137575][ T9840] flagging btree backpointers lost data [ 539.137670][ T9840] running recovery pass check_btree_backpointers (15), currently at recovery_pass_empty (0) [ 539.137768][ T9840] ret fsck_errors_not_fixed [ 539.213805][ T9840] bcachefs (loop5): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 539.242171][ T9840] bcachefs (loop5): btree node read error at btree accounting level 0/0 [ 539.242283][ T9840] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bad08202889604e written 24 min_key POS_MIN durability: 1 ptr: 0:180:0 gen 0 [ 539.242412][ T9840] loop5 node offset 0/24 bset u64s 108: checksum error, type chacha20_poly1305_128: got 05374f50a3d6a7e30218b622fd4260e0 should be dee540208f34c03154ca4fb261e5b32c [ 539.242538][ T9840] loop5 btree validate error [ 539.242612][ T9840] flagging btree accounting lost data [ 539.242688][ T9840] ret fsck_errors_not_fixed [ 539.309221][ T9840] bcachefs (loop5): error reading btree root btree=accounting level=0: btree_node_read_error, fixing [ 539.322177][ T9840] bcachefs (loop5): check_topology... done [ 539.336167][ T9840] bcachefs (loop5): accounting_read... done [ 539.352730][ T9840] bcachefs (loop5): alloc_read... done [ 539.361866][ T9840] bcachefs (loop5): snapshots_read... done [ 539.371712][ T9840] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean [ 539.384099][ T9840] bcachefs (loop5): done starting filesystem [ 539.495942][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.589938][ T8648] bcachefs (loop5): shutting down [ 539.722795][ T8648] bcachefs (loop5): shutdown complete [ 540.475149][ T9858] loop1: detected capacity change from 0 to 1024 [ 540.587082][ T9858] hfsplus: bad catalog entry type [ 541.632810][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 541.644876][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 542.117060][ T9878] IPVS: ip_vs_edit_dest(): server weight less than zero [ 543.699088][ T9903] loop1: detected capacity change from 0 to 64 [ 543.756008][ T9906] smc: net device bond0 applied user defined pnetid SYZ1 [ 544.397902][ T9911] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1675'. [ 544.736548][ T9914] loop4: detected capacity change from 0 to 1024 [ 544.884786][ T9916] loop5: detected capacity change from 0 to 1024 [ 544.975607][ T9914] bio_check_eod: 100 callbacks suppressed [ 544.975698][ T9914] syz.4.1677: attempt to access beyond end of device [ 544.975698][ T9914] loop4: rw=2049, sector=5778, nr_sectors = 2 limit=1024 [ 545.003506][ T9914] buffer_io_error: 86 callbacks suppressed [ 545.003589][ T9914] Buffer I/O error on dev loop4, logical block 2889, lost async page write [ 545.072807][ T9916] hfsplus: invalid extended attribute record [ 545.492784][ T4004] hfsplus: b-tree write err: -5, ino 4 [ 545.774726][ T9930] loop5: detected capacity change from 0 to 128 [ 545.787437][ T9930] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 546.325067][ T9927] loop3: detected capacity change from 0 to 4096 [ 546.372889][ T9927] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 546.611220][ T9927] ntfs3(loop3): ino=1a, mi_enum_attr [ 546.617154][ T9927] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 548.116923][ T9946] loop5: detected capacity change from 0 to 32768 [ 548.140686][ T9946] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1692 (9946) [ 548.180143][ T9946] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 548.190975][ T9946] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm [ 548.200218][ T9946] BTRFS error (device loop5): ignoredatacsums must be used with ro mount option [ 548.218004][ T9946] BTRFS error (device loop5): open_ctree failed: -22 [ 548.591694][ T9956] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1695'. [ 548.730472][ T9955] loop2: detected capacity change from 0 to 1024 [ 549.367379][ T3879] hfsplus: b-tree write err: -5, ino 4 [ 549.886724][ T32] hid-generic 0000:0003:0001.000B: unknown main item tag 0x0 [ 549.898528][ T32] hid-generic 0000:0003:0001.000B: unknown main item tag 0x0 [ 549.917110][ T32] hid-generic 0000:0003:0001.000B: hidraw0: HID v0.03 Device [syz0] on syz1 [ 550.487000][ T9978] loop1: detected capacity change from 0 to 128 [ 550.560247][ T9979] loop3: detected capacity change from 0 to 256 [ 550.579741][ T9978] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 550.643802][ T9978] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 550.727639][ T9979] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 550.741518][ T9979] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 550.889074][ T5869] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 551.104136][ T5869] usb 6-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 551.121980][ T5869] usb 6-1: config 0 interface 0 has no altsetting 0 [ 551.130836][ T5869] usb 6-1: New USB device found, idVendor=1b1c, idProduct=0a1f, bcdDevice= 0.00 [ 551.141397][ T5869] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 551.169200][ T5869] usb 6-1: config 0 descriptor?? [ 551.199857][ T36] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 551.748521][ T5869] hid-corsair-void 0003:1B1C:0A1F.000C: hidraw0: USB HID v0.00 Device [HID 1b1c:0a1f] on usb-dummy_hcd.5-1/input0 [ 551.961533][ T32] usb 6-1: USB disconnect, device number 2 [ 551.988982][ T5886] hid-corsair-void 0003:1B1C:0A1F.000C: failed to request battery (reason: -71) [ 552.005385][ T5869] hid-corsair-void 0003:1B1C:0A1F.000C: failed to request firmware (reason: -71) [ 552.115861][T10000] loop3: detected capacity change from 0 to 47 [ 552.786181][T10010] loop3: detected capacity change from 0 to 128 [ 552.819031][T10009] comedi: valid board names for 8255 driver are: [ 552.825592][T10009] 8255 [ 552.828525][T10009] comedi: valid board names for vmk80xx driver are: [ 552.842430][T10009] vmk80xx [ 552.845643][T10009] comedi: valid board names for usbduxsigma driver are: [ 552.855299][T10009] usbduxsigma [ 552.864229][T10009] comedi: valid board names for usbduxfast driver are: [ 552.871677][T10009] usbduxfast [ 552.875137][T10009] comedi: valid board names for usbdux driver are: [ 552.882442][T10009] usbdux [ 552.885644][T10009] comedi: valid board names for ni6501 driver are: [ 552.897872][T10009] ni6501 [ 552.901250][T10009] comedi: valid board names for dt9812 driver are: [ 552.905666][T10010] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 552.907987][T10009] dt9812 [ 552.908044][T10009] comedi: valid board names for ni_labpc_cs driver are: [ 552.940267][T10009] ni_labpc_cs [ 552.943826][T10009] comedi: valid board names for ni_daq_700 driver are: [ 552.956798][T10009] ni_daq_700 [ 552.960560][T10009] comedi: valid board names for labpc_pci driver are: [ 552.968060][T10009] labpc_pci [ 552.971787][T10009] comedi: valid board names for adl_pci9118 driver are: [ 552.984930][T10009] pci9118dg [ 552.988426][T10009] pci9118hg [ 552.992245][T10009] pci9118hr [ 552.995670][T10009] comedi: valid board names for 8255_pci driver are: [ 553.002942][T10009] 8255_pci [ 553.006241][T10009] comedi: valid board names for s526 driver are: [ 553.018234][T10009] s526 [ 553.024957][T10009] comedi: valid board names for multiq3 driver are: [ 553.033154][T10009] multiq3 [ 553.036467][T10009] comedi: valid board names for pcmuio driver are: [ 553.048477][T10009] pcmuio48 [ 553.052149][T10009] pcmuio96 [ 553.055574][T10009] comedi: valid board names for pcmmio driver are: [ 553.062562][T10009] pcmmio [ 553.065636][T10010] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 553.065702][T10009] comedi: valid board names for pcmda12 driver are: [ 553.087692][T10009] pcmda12 [ 553.091200][T10009] comedi: valid board names for pcmad driver are: [ 553.097806][T10009] pcmad12 [ 553.104469][T10009] pcmad16 [ 553.107778][T10009] comedi: valid board names for ni_labpc driver are: [ 553.117055][T10009] lab-pc-1200 [ 553.120787][T10009] lab-pc-1200ai [ 553.128046][T10009] lab-pc+ [ 553.135649][T10009] comedi: valid board names for atmio16 driver are: [ 553.145016][T10009] atmio16 [ 553.148414][T10009] atmio16d [ 553.151880][T10009] comedi: valid board names for ni_at_ao driver are: [ 553.161827][T10009] at-ao-6 [ 553.165028][T10009] at-ao-10 [ 553.168315][T10009] comedi: valid board names for ni_at_a2150 driver are: [ 553.177853][T10009] ni_at_a2150 [ 553.181902][T10009] comedi: valid board names for adq12b driver are: [ 553.191765][T10009] adq12b [ 553.194984][T10009] comedi: valid board names for mpc624 driver are: [ 553.204894][T10009] mpc624 [ 553.208032][T10009] comedi: valid board names for c6xdigio driver are: [ 553.222864][T10009] c6xdigio [ 553.235161][T10009] comedi: valid board names for aio_iiro_16 driver are: [ 553.243629][T10009] aio_iiro_16 [ 553.247189][T10009] comedi: valid board names for aio_aio12_8 driver are: [ 553.254483][T10009] aio_aio12_8 [ 553.258035][T10009] aio_ai12_8 [ 553.267857][T10009] aio_ao12_4 [ 553.272456][T10009] comedi: valid board names for fl512 driver are: [ 553.279387][T10009] fl512 [ 553.282432][T10009] comedi: valid board names for dmm32at driver are: [ 553.294652][T10009] dmm32at [ 553.297886][T10009] comedi: valid board names for dt282x driver are: [ 553.304766][T10009] dt2821 [ 553.307873][T10009] dt2821-f [ 553.311421][T10009] dt2821-g [ 553.314708][T10009] dt2823 [ 553.317805][T10009] dt2824-pgh [ 553.326722][T10009] dt2824-pgl [ 553.334295][T10009] dt2825 [ 553.337441][T10009] dt2827 [ 553.341918][T10009] dt2828 [ 553.345033][T10009] dt2829 [ 553.348134][T10009] dt21-ez [ 553.356768][T10009] dt23-ez [ 553.362393][T10009] dt24-ez [ 553.365595][T10009] dt24-ez-pgl [ 553.367953][T10012] loop5: detected capacity change from 0 to 1024 [ 553.369295][T10009] comedi: valid board names for dt2817 driver are: [ 553.369365][T10009] dt2817 [ 553.369423][T10009] comedi: valid board names for dt2815 driver are: [ 553.369488][T10009] dt2815 [ 553.369542][T10009] comedi: valid board names for dt2814 driver are: [ 553.369607][T10009] dt2814 [ 553.369663][T10009] comedi: valid board names for dt2811 driver are: [ 553.423437][T10009] dt2811-pgh [ 553.426937][T10009] dt2811-pgl [ 553.434141][T10009] comedi: valid board names for dt2801 driver are: [ 553.447484][T10009] dt2801 [ 553.450892][T10009] comedi: valid board names for das6402 driver are: [ 553.457683][T10009] das6402-12 [ 553.461395][T10009] das6402-16 [ 553.464851][T10009] comedi: valid board names for das1800 driver are: [ 553.477012][T10009] das-1701st [ 553.480695][T10009] das-1701st-da [ 553.484415][T10009] das-1702st [ 553.487859][T10009] das-1702st-da [ 553.491882][T10009] das-1702hr [ 553.495342][T10009] das-1702hr-da [ 553.504601][T10009] das-1701ao [ 553.508084][T10009] das-1702ao [ 553.511761][T10009] das-1801st [ 553.515231][T10009] das-1801st-da [ 553.519164][T10009] das-1802st [ 553.522608][T10009] das-1802st-da [ 553.526308][T10009] das-1802hr [ 553.535174][T10009] das-1802hr-da [ 553.542590][T10009] das-1801hc [ 553.546068][T10009] das-1802hc [ 553.550955][T10009] das-1801ao [ 553.554415][T10009] das-1802ao [ 553.557869][T10009] comedi: valid board names for das800 driver are: [ 553.570266][T10009] das-800 [ 553.573531][T10009] cio-das800 [ 553.576987][T10009] das-801 [ 553.580574][T10009] cio-das801 [ 553.584106][T10009] das-802 [ 553.587365][T10009] cio-das802 [ 553.593409][T10009] cio-das802/16 [ 553.597150][T10009] comedi: valid board names for isa-das08 driver are: [ 553.607670][T10009] isa-das08 [ 553.611329][T10009] das08-pgm [ 553.614714][T10009] das08-pgh [ 553.618077][T10009] das08-pgl [ 553.623798][T10009] das08-aoh [ 553.627268][T10009] das08-aol [ 553.633780][T10009] das08-aom [ 553.637169][T10009] das08/jr-ao [ 553.644422][T10009] das08jr-16-ao [ 553.648267][T10009] pc104-das08 [ 553.655450][T10009] das08jr/16 [ 553.662604][T10009] comedi: valid board names for das16m1 driver are: [ 553.669535][T10009] das16m1 [ 553.672728][T10009] comedi: valid board names for dac02 driver are: [ 553.681829][T10009] dac02 [ 553.684947][T10009] comedi: valid board names for rti802 driver are: [ 553.695125][T10009] rti802 [ 553.698253][T10009] comedi: valid board names for rti800 driver are: [ 553.705339][T10009] rti800 [ 553.708447][T10009] rti815 [ 553.711726][T10009] comedi: valid board names for pcm3724 driver are: [ 553.718510][T10009] pcm3724 [ 553.727654][T10009] comedi: valid board names for pcl818 driver are: [ 553.734697][T10009] pcl818l [ 553.741566][T10009] pcl818h [ 553.744780][T10009] pcl818hd [ 553.748061][T10009] pcl818hg [ 553.758233][T10009] pcl818 [ 553.761581][T10009] pcl718 [ 553.764791][T10009] pcm3718 [ 553.768059][T10009] comedi: valid board names for pcl816 driver are: [ 553.775011][T10009] pcl816 [ 553.777883][T10012] hfsplus: bad catalog entry type [ 553.778090][T10009] pcl814b [ 553.778152][T10009] comedi: valid board names for pcl812 driver are: [ 553.798918][T10009] pcl812 [ 553.802032][T10009] pcl812pg [ 553.805292][T10009] acl8112pg [ 553.811168][T10009] acl8112dg [ 553.814546][T10009] acl8112hg [ 553.818079][T10009] a821pgl [ 553.824535][T10009] a821pglnda [ 553.827997][T10009] a821pgh [ 553.831346][T10009] a822pgl [ 553.834569][T10009] a822pgh [ 553.837750][T10009] a823pgl [ 553.846940][T10009] a823pgh [ 553.854543][T10009] pcl813 [ 553.857879][T10009] pcl813b [ 553.863492][T10009] acl8113 [ 553.866686][T10009] iso813 [ 553.872361][T10009] acl8216 [ 553.875563][T10009] a826pg [ 553.882032][T10009] comedi: valid board names for pcl730 driver are: [ 553.888939][T10009] pcl730 [ 553.892134][T10009] iso730 [ 553.895225][T10009] acl7130 [ 553.898485][T10009] pcm3730 [ 553.904270][T10009] pcl725 [ 553.907363][T10009] p8r8dio [ 553.913801][T10009] acl7225b [ 553.917097][T10009] p16r16dio [ 553.920708][T10009] pcl733 [ 553.923910][T10009] pcl734 [ 553.927002][T10009] opmm-1616-xt [ 553.933225][T10009] pearl-mm-p [ 553.936688][T10009] ir104-pbf [ 553.943221][T10009] comedi: valid board names for pcl726 driver are: [ 553.953629][T10009] pcl726 [ 553.956834][T10009] pcl727 [ 553.963549][T10009] pcl728 [ 553.966676][T10009] acl6126 [ 553.973062][T10009] acl6128 [ 553.976434][T10009] comedi: valid board names for pcl724 driver are: [ 553.983442][T10009] pcl724 [ 553.986578][T10009] pcl722 [ 553.992219][T10009] pcl731 [ 553.995334][T10009] acl7122 [ 554.002027][T10009] acl7124 [ 554.005243][T10009] pet48dio [ 554.019584][T10009] pcmio48 [ 554.027607][T10009] onyx-mm-dio [ 554.034452][T10009] comedi: valid board names for pcl711 driver are: [ 554.041327][T10009] pcl711 [ 554.048401][T10009] pcl711b [ 554.055432][T10009] acl8112hg [ 554.061965][T10009] acl8112dg [ 554.065347][T10009] comedi: valid board names for amplc_pc263 driver are: [ 554.072802][T10009] pc263 [ 554.075834][T10009] comedi: valid board names for amplc_pc236 driver are: [ 554.085413][T10009] pc36at [ 554.088514][T10009] comedi: valid board names for amplc_dio200 driver are: [ 554.099214][T10009] pc212e [ 554.102320][T10009] pc214e [ 554.105413][T10009] pc215e [ 554.111104][T10009] pc218e [ 554.114215][T10009] pc272e [ 554.117322][T10009] comedi: valid board names for comedi_parport driver are: [ 554.127988][T10009] comedi_parport [ 554.131987][T10009] comedi: valid board names for comedi_test driver are: [ 554.141509][T10009] comedi_test [ 554.145129][T10009] comedi: valid board names for comedi_bond driver are: [ 554.159357][T10009] comedi_bond [ 554.174311][ T3879] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 554.310664][ T3788] hfsplus: b-tree write err: -5, ino 4 [ 554.771279][T10026] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1729'. [ 555.395222][T10032] loop5: detected capacity change from 0 to 512 [ 555.426379][T10032] EXT4-fs: Ignoring removed oldalloc option [ 555.433162][T10032] EXT4-fs: Ignoring removed bh option [ 555.469371][T10036] loop1: detected capacity change from 0 to 512 [ 555.546805][T10032] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c118, mo2=0002] [ 555.591934][T10036] EXT4-fs: Ignoring removed nobh option [ 555.617552][T10032] System zones: 1-12 [ 555.703258][T10032] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.1731: corrupted in-inode xattr: e_value size too large [ 555.707431][T10036] fscrypt (loop1, inode 2): Error -61 getting encryption context [ 555.732314][T10036] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -61 [ 555.747755][T10036] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #13: comm syz.1.1733: casefold flag without casefold feature [ 555.769723][T10032] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1731: couldn't read orphan inode 15 (err -117) [ 555.843176][T10036] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1733: couldn't read orphan inode 13 (err -117) [ 555.863268][T10032] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 555.951492][T10036] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 555.977773][T10046] loop3: detected capacity change from 0 to 256 [ 556.006594][T10047] loop4: detected capacity change from 0 to 512 [ 556.137607][T10047] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 556.151736][T10047] ext4 filesystem being mounted at /366/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 556.217554][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 556.328116][T10046] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 556.390583][ T5817] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 556.432048][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 556.966147][T10055] loop1: detected capacity change from 0 to 1024 [ 557.027626][T10059] loop3: detected capacity change from 0 to 512 [ 557.138999][T10059] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 557.228107][T10055] hfsplus: bad catalog entry type [ 557.313136][T10059] EXT4-fs (loop3): 1 truncate cleaned up [ 557.325905][T10059] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 557.742597][ T3946] hfsplus: b-tree write err: -5, ino 4 [ 558.017784][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 558.406283][T10075] loop3: detected capacity change from 0 to 256 [ 558.584769][T10075] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d) [ 559.518428][T10092] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1755'. [ 560.080878][T10102] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode [ 560.130815][T10099] mac80211_hwsim hwsim9 wlan1: left promiscuous mode [ 561.977665][T10132] netlink: 'syz.2.1774': attribute type 1 has an invalid length. [ 561.993090][T10132] NCSI netlink: No device for ifindex 0 [ 563.107077][T10137] loop4: detected capacity change from 0 to 40427 [ 563.120290][T10137] F2FS-fs (loop4): build fault injection rate: 14 [ 563.127048][T10137] F2FS-fs (loop4): build fault injection type: 0x3 [ 563.187420][T10137] F2FS-fs (loop4): invalid crc value [ 563.213651][T10137] F2FS-fs (loop4): inject kmalloc in f2fs_kmalloc of f2fs_fill_super+0x78b6/0xa750 [ 563.223619][T10137] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-12) [ 564.139732][ T5824] Bluetooth: hci1: command 0x0406 tx timeout [ 564.379752][T10158] tipc: Started in network mode [ 564.390407][T10158] tipc: Node identity fe80000000000000000000000000002a, cluster identity 4711 [ 564.410716][T10158] tipc: Enabled bearer , priority 10 [ 564.545680][T10152] loop3: detected capacity change from 0 to 2048 [ 564.666425][T10152] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 564.779373][ T30] audit: type=1804 audit(1759006275.243:53): pid=10152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1785" name="/newroot/361/file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=1367 res=1 errno=0 [ 565.530373][ T32] tipc: Node number set to 4269801514 [ 565.892794][T10174] loop4: detected capacity change from 0 to 1024 [ 565.979082][T10174] EXT4-fs: Ignoring removed i_version option [ 566.177316][T10174] EXT4-fs (loop4): mounted filesystem 00010100-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 566.190474][T10174] ext4 filesystem being mounted at /378/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 566.309804][T10181] smc: net device bond0 applied user defined pnetid SYZ0 [ 566.680205][ T3788] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 566.783979][ T3788] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 86 with error 28 [ 566.803166][ T3788] EXT4-fs (loop4): This should not happen!! Data will be lost [ 566.803166][ T3788] [ 566.814425][ T3788] EXT4-fs (loop4): Total free blocks count 0 [ 566.821017][ T3788] EXT4-fs (loop4): Free/Dirty block details [ 566.827844][ T3788] EXT4-fs (loop4): free_blocks=4293918720 [ 566.839963][ T3788] EXT4-fs (loop4): dirty_blocks=96 [ 566.849492][ T3788] EXT4-fs (loop4): Block reservation details [ 566.855791][ T3788] EXT4-fs (loop4): i_reserved_data_blocks=6 [ 566.916425][ T5817] EXT4-fs (loop4): unmounting filesystem 00010100-0000-0006-0000-000000000000. [ 567.593900][T10201] loop5: detected capacity change from 0 to 512 [ 567.657821][T10201] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 567.899388][T10201] FAT-fs (loop5): error, invalid access to FAT (entry 0x0fffff00) [ 567.949770][T10203] loop1: detected capacity change from 0 to 256 [ 568.006235][T10203] exfat: Deprecated parameter 'utf8' [ 568.098403][T10205] loop2: detected capacity change from 0 to 512 [ 568.132415][T10205] EXT4-fs: Ignoring removed mblk_io_submit option [ 568.140284][T10203] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 568.201631][T10205] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 568.302955][T10205] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 568.316583][T10205] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a000e018, mo2=0002] [ 568.330303][T10205] System zones: 0-1, 15-15, 18-18, 34-34 [ 568.337995][T10205] EXT4-fs (loop2): orphan cleanup on readonly fs [ 568.346570][T10205] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #4: comm syz.2.1806: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 568.403570][T10205] EXT4-fs error (device loop2): ext4_quota_enable:7131: comm syz.2.1806: Bad quota inode: 4, type: 1 [ 568.514904][T10205] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 568.530241][T10205] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 568.533598][T10213] loop5: detected capacity change from 0 to 512 [ 568.539957][T10205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 568.661795][T10213] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.680339][T10213] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 568.740475][T10205] EXT4-fs error (device loop2): ext4_get_link:106: inode #16: comm syz.2.1806: bad symlink. [ 568.831463][T10205] EXT4-fs error (device loop2): ext4_get_link:106: inode #16: comm syz.2.1806: bad symlink. [ 569.185166][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.348322][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.672843][T10231] loop1: detected capacity change from 0 to 256 [ 569.967006][T10231] FAT-fs (loop1): Directory bread(block 64) failed [ 569.974831][T10231] FAT-fs (loop1): Directory bread(block 65) failed [ 569.982005][T10231] FAT-fs (loop1): Directory bread(block 66) failed [ 569.990013][T10231] FAT-fs (loop1): Directory bread(block 67) failed [ 569.997037][T10231] FAT-fs (loop1): Directory bread(block 68) failed [ 570.004341][T10231] FAT-fs (loop1): Directory bread(block 69) failed [ 570.011696][T10231] FAT-fs (loop1): Directory bread(block 70) failed [ 570.025272][T10231] FAT-fs (loop1): Directory bread(block 71) failed [ 570.034446][T10231] FAT-fs (loop1): Directory bread(block 72) failed [ 570.041602][T10231] FAT-fs (loop1): Directory bread(block 73) failed [ 570.241111][T10238] loop2: detected capacity change from 0 to 64 [ 570.647546][T10234] loop5: detected capacity change from 0 to 4096 [ 572.691421][ T5869] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 572.877758][ T5869] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDA, changing to 0x8A [ 572.896027][ T5869] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 572.909373][ T5869] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 170, setting to 64 [ 573.036257][ T5869] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 573.046539][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 573.055223][ T5869] usb 4-1: Product: syz [ 573.059873][ T5869] usb 4-1: Manufacturer: syz [ 573.064891][ T5869] usb 4-1: SerialNumber: syz [ 573.203237][ T5869] usb 4-1: config 0 descriptor?? [ 573.213724][T10262] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 573.516285][T10262] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 573.779716][T10279] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1838'. [ 573.963106][ T32] usb 4-1: USB disconnect, device number 10 [ 575.163308][T10301] devtmpfs: Too few inodes for current use [ 575.210647][T10297] loop5: detected capacity change from 0 to 1024 [ 575.229109][T10297] EXT4-fs: Ignoring removed orlov option [ 575.405131][T10297] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 575.782367][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.566169][T10321] loop3: detected capacity change from 0 to 64 [ 576.960043][T10327] batadv0: entered promiscuous mode [ 576.965995][T10327] macvtap1: entered promiscuous mode [ 576.989059][T10327] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 577.070255][T10327] batadv0: left promiscuous mode [ 577.622434][T10335] loop5: detected capacity change from 0 to 256 [ 577.652506][T10335] exfat: Deprecated parameter 'utf8' [ 577.832168][T10335] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x40a90196, utbl_chksum : 0xe619d30d) [ 578.783852][T10351] loop5: detected capacity change from 0 to 1024 [ 578.912376][T10351] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 578.924184][T10351] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 578.940599][T10351] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 579.063946][T10351] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #3: comm syz.5.1870: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 2, max 15(4), depth 0(0) [ 579.200403][T10351] EXT4-fs (loop5): no journal found [ 579.206128][T10351] EXT4-fs (loop5): can't get journal size [ 579.246165][T10356] loop4: detected capacity change from 0 to 512 [ 579.301704][T10356] EXT4-fs: inline encryption not supported [ 579.307908][T10356] EXT4-fs: Ignoring removed mblk_io_submit option [ 579.308989][T10351] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 579.407964][T10360] loop3: detected capacity change from 0 to 64 [ 579.424803][T10356] EXT4-fs error (device loop4): ext4_orphan_get:1392: comm syz.4.1873: inode #13: comm syz.4.1873: iget: illegal inode # [ 579.456811][T10356] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1873: couldn't read orphan inode 13 (err -117) [ 579.480010][T10356] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 579.516094][T10362] loop2: detected capacity change from 0 to 64 [ 579.534236][T10362] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 579.654002][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 579.902554][ T5817] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.432713][T10375] can0: slcan on ttynull. [ 580.616823][T10374] can0 (unregistered): slcan off ttynull. [ 583.817964][T10431] loop2: detected capacity change from 0 to 128 [ 583.916176][T10431] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 584.065471][T10431] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 585.419933][ T5824] Bluetooth: hci1: command 0x0406 tx timeout [ 585.740089][T10459] loop3: detected capacity change from 0 to 256 [ 585.925645][T10459] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xecfd5def, utbl_chksum : 0xe619d30d) [ 585.960242][T10461] loop1: detected capacity change from 0 to 16 [ 586.037961][T10461] erofs (device loop1): mounted with root inode @ nid 36. [ 586.142671][T10464] netlink: 642 bytes leftover after parsing attributes in process `syz.5.1921'. [ 586.848327][T10473] loop2: detected capacity change from 0 to 512 [ 586.929563][T10473] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 586.985685][T10473] EXT4-fs (loop2): 1 truncate cleaned up [ 586.994327][T10473] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 587.546223][T10486] loop5: detected capacity change from 0 to 1024 [ 587.566335][T10486] EXT4-fs (loop5): filesystem is read-only [ 587.598112][T10486] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 587.615081][T10486] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (11891!=20869) [ 587.625944][T10486] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 587.641310][T10486] EXT4-fs error (device loop5): ext4_get_journal_inode:5800: comm syz.5.1928: inode #1: comm syz.5.1928: iget: illegal inode # [ 587.650804][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 587.667935][T10486] EXT4-fs (loop5): no journal found [ 587.668037][T10486] EXT4-fs (loop5): can't get journal size [ 587.724865][T10486] EXT4-fs error (device loop5): __ext4_fill_super:5504: inode #2: comm syz.5.1928: iget: bad extra_isize 65535 (inode size 1024) [ 587.747030][T10486] EXT4-fs (loop5): get root inode failed [ 587.758693][T10486] EXT4-fs (loop5): mount failed [ 588.461243][ T5886] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 588.669504][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 588.681740][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 588.692061][ T5886] usb 3-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00 [ 588.701736][ T5886] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 588.892221][ T5886] usb 3-1: config 0 descriptor?? [ 589.416164][ T5886] bigben 0003:146B:0902.000D: unexpected rdesc, please submit for review [ 589.494137][ T5886] bigben 0003:146B:0902.000D: hidraw0: USB HID v0.01 Device [HID 146b:0902] on usb-dummy_hcd.2-1/input0 [ 589.506404][ T5886] bigben 0003:146B:0902.000D: not enough values in HID_OUTPUT_REPORT 0 field 0 [ 589.516022][ T5886] bigben 0003:146B:0902.000D: no output report found [ 589.596285][ T32] usb 3-1: USB disconnect, device number 6 [ 589.639857][T10516] loop1: detected capacity change from 0 to 1024 [ 589.761279][T10516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 589.774383][T10516] ext4 filesystem being mounted at /384/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 590.081800][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.439579][T10573] loop4: detected capacity change from 0 to 64 [ 593.452095][T10565] loop3: detected capacity change from 0 to 32768 [ 593.464535][ T5886] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 593.523861][T10565] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 593.744085][ T5827] ocfs2: Unmounting device (7,3) on (node local) [ 593.773370][ T5886] usb 6-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 593.783952][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 593.792735][ T5886] usb 6-1: Product: syz [ 593.797110][ T5886] usb 6-1: Manufacturer: syz [ 593.802414][ T5886] usb 6-1: SerialNumber: syz [ 593.851667][ T5886] usb 6-1: config 0 descriptor?? [ 593.891568][ T5886] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 594.006851][ T5886] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 594.101711][T10559] digitv: more than 2 i2c messages at a time is not handled yet. TODO. [ 594.133949][ T5886] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 594.145237][ T5886] usb 6-1: media controller created [ 594.291539][ T5886] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 594.466977][T10579] loop1: detected capacity change from 0 to 2048 [ 594.587121][T10579] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 594.662819][T10585] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 595.139980][ T5886] DVB: Unable to find symbol mt352_attach() [ 595.553739][ T5886] DVB: Unable to find symbol nxt6000_attach() [ 595.560471][ T5886] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 595.635135][T10595] loop1: detected capacity change from 0 to 512 [ 595.675903][T10595] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 595.677077][ T5886] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input15 [ 595.729292][T10596] xt_socket: unknown flags 0xfa [ 595.806915][ T5886] dvb-usb: schedule remote query interval to 1000 msecs. [ 595.814447][ T5886] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 595.825198][ T5886] dvb-usb: bulk message failed: -22 (7/0) [ 595.831392][ T5886] dvb-usb: bulk message failed: -22 (7/0) [ 595.846034][T10595] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 595.900189][ T5886] usb 6-1: USB disconnect, device number 3 [ 596.322029][ T5886] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 596.486632][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.754762][T10616] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1974'. [ 596.764589][T10616] tipc: Enabling of bearer rejected, failed to enable media [ 597.662364][T10631] loop1: detected capacity change from 0 to 1024 [ 598.049434][T10639] netlink: 'syz.3.1982': attribute type 3 has an invalid length. [ 598.130735][ T3788] hfsplus: b-tree write err: -5, ino 4 [ 599.752904][T10664] can0: slcan on ttyS3. [ 599.865488][T10664] can0 (unregistered): slcan off ttyS3. [ 600.812092][T10681] loop5: detected capacity change from 0 to 1024 [ 600.842453][T10681] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 601.906215][T10684] loop3: detected capacity change from 0 to 32768 [ 601.921421][T10684] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section quota: wrong size (got 64 should be 80) [ 601.921421][T10684] quota (size 64): [ 601.921421][T10684] user: flags 5941de002b77f67a space timelimit 2921319812 warnlimit 3953919405 inodes timelimit 128 warnlimit 0 [ 601.921421][T10684] group: flags 801000000 space timelimit 1714681267 warnlimit 0 inodes timelimit 1611530240 warnlimit 0 [ 601.921421][T10684] project: flags 0 space timelimit 5 warnlimit 9 inodes timelimit 9 warnlimit 0 [ 601.921421][T10684] [ 601.972975][T10684] bcachefs: bch2_fs_get_tree() error: invalid_sb_quota [ 602.802977][ T30] audit: type=1326 audit(1759006313.253:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 602.826416][ T30] audit: type=1326 audit(1759006313.253:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 603.004084][ T30] audit: type=1326 audit(1759006313.333:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 603.027888][ T30] audit: type=1326 audit(1759006313.333:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 603.051304][ T30] audit: type=1326 audit(1759006313.333:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.3.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e838eec9 code=0x7ffc0000 [ 603.115140][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.122157][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 603.465366][T10712] loop3: detected capacity change from 0 to 512 [ 603.599542][T10712] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 603.613293][T10712] ext4 filesystem being mounted at /403/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 603.884343][T10712] EXT4-fs error (device loop3): ext4_get_first_dir_block:3529: inode #12: comm syz.3.2010: Directory hole found for htree leaf block 0 [ 603.979126][T10712] EXT4-fs (loop3): Remounting filesystem read-only [ 604.510734][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 604.527965][ T3946] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 604.540775][ T3946] Quota error (device loop3): write_blk: dquota write failed [ 604.549010][ T3946] Quota error (device loop3): free_dqentry: Can't write quota data block 5 [ 605.636836][T10727] loop2: detected capacity change from 0 to 40427 [ 605.650260][T10727] F2FS-fs (loop2): Small segment_count (20 < 1 * 24) [ 605.657210][T10727] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 605.715536][T10727] F2FS-fs (loop2): invalid crc value [ 605.844082][T10742] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2017'. [ 605.854057][T10742] netlink: 'syz.3.2017': attribute type 2 has an invalid length. [ 605.863013][T10742] netlink: 'syz.3.2017': attribute type 1 has an invalid length. [ 605.871517][T10742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2017'. [ 606.165493][T10727] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 606.187718][T10727] F2FS-fs (loop2): checkpoint=disable on readonly fs [ 606.354364][T10739] loop1: detected capacity change from 0 to 4096 [ 606.485441][T10739] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 607.383166][T10739] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 607.664252][ T3788] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22. [ 607.724470][ T5825] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 607.732820][ T5825] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 607.742041][ T5825] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 607.776562][ T3788] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22. [ 608.448700][T10756] loop4: detected capacity change from 0 to 40427 [ 608.459276][T10756] F2FS-fs: inline xattr size is out of range: 6 ~ 903 [ 609.495997][T10777] loop1: detected capacity change from 0 to 64 [ 609.609516][T10777] overlayfs: upper fs needs to support d_type. [ 609.637371][T10777] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 609.637500][T10777] overlayfs: failed to set xattr on upper [ 609.637562][T10777] overlayfs: ...falling back to redirect_dir=nofollow. [ 609.637627][T10777] overlayfs: ...falling back to index=off. [ 609.637687][T10777] overlayfs: ...falling back to uuid=null. [ 610.924846][T10797] PKCS8: Unsupported PKCS#8 version [ 610.998386][T10799] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2044'. [ 612.254739][ T30] audit: type=1326 audit(1759006322.713:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10819 comm="syz.1.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 612.278185][ T30] audit: type=1326 audit(1759006322.713:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10819 comm="syz.1.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 612.301328][ T30] audit: type=1326 audit(1759006322.723:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10819 comm="syz.1.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 612.324239][ T30] audit: type=1326 audit(1759006322.723:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10819 comm="syz.1.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 612.346825][ C0] vkms_vblank_simulate: vblank timer overrun [ 612.353900][ T30] audit: type=1326 audit(1759006322.723:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10819 comm="syz.1.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 612.376831][ T30] audit: type=1326 audit(1759006322.753:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10819 comm="syz.1.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 612.399243][ C0] vkms_vblank_simulate: vblank timer overrun [ 612.406008][ T30] audit: type=1326 audit(1759006322.753:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10819 comm="syz.1.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd03818eec9 code=0x7ffc0000 [ 612.428607][ C0] vkms_vblank_simulate: vblank timer overrun [ 613.445144][T10821] loop4: detected capacity change from 0 to 32768 [ 613.555881][T10821] (syz.4.2055,10821,1):ocfs2_read_blocks:239 ERROR: status = -12 [ 613.568987][T10821] (syz.4.2055,10821,1):ocfs2_read_virt_blocks:1037 ERROR: status = -12 [ 613.577537][T10821] (syz.4.2055,10821,1):ocfs2_read_dir_block:511 ERROR: status = -12 [ 613.602133][T10821] (syz.4.2055,10821,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 613.611648][T10821] (syz.4.2055,10821,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 613.611846][T10821] (syz.4.2055,10821,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 613.638971][T10821] (syz.4.2055,10821,1):ocfs2_initialize_super:2198 ERROR: status = -22 [ 613.647969][T10821] (syz.4.2055,10821,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 613.757995][T10831] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 615.308999][T10842] loop3: detected capacity change from 0 to 32768 [ 615.357463][T10850] loop5: detected capacity change from 0 to 512 [ 615.432166][T10842] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,background_compression=lz4,wide_macs,no_splitbrain_check,recovery_pass_last=accounting_read,nojournal_transaction_names,read_only,version_upgrade=incompatible,nocow,no_data_io [ 615.432371][T10842] allowing incompatible features above 0.0: (unknown version) [ 615.432478][T10842] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 615.483785][T10842] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0 [ 615.494384][T10842] bcachefs (loop3): invalid bkey in superblock btree=alloc level=0: u64s 11 type btree_ptr_v2 283673999966207:U64_MAX:U32_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 615.494550][T10842] invalid key type for btree alloc (btree_ptr_v2), deleting [ 615.512370][T10850] EXT4-fs: Ignoring removed i_version option [ 615.516963][T10842] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 615.539412][T10842] bcachefs (loop3): Version upgrade required: [ 615.539412][T10842] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 615.539412][T10842] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 615.539412][T10842] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 615.613557][T10842] bcachefs (loop3): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 0.0: (unknown version) [ 615.613557][T10842] [ 615.628901][T10850] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 615.705925][T10842] bcachefs (loop3): accounting_read... [ 615.724596][T10850] EXT4-fs (loop5): 1 truncate cleaned up [ 615.738906][T10850] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 615.759514][T10842] done [ 615.762622][T10842] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean [ 615.781688][T10842] bcachefs (loop3): done starting filesystem [ 615.925382][ T5827] bcachefs (loop3): shutting down [ 616.001121][T10858] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2071'. [ 616.060380][ T5827] bcachefs (loop3): shutdown complete [ 616.120842][T10860] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2072'. [ 616.243792][ T8648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.764530][T10866] loop1: detected capacity change from 0 to 1024 [ 617.159451][ T3879] hfsplus: b-tree write err: -5, ino 4 [ 617.562248][T10875] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2080'. [ 618.501303][T10883] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 620.914960][T10918] loop3: detected capacity change from 0 to 8192 [ 620.970157][T10918] loop3: p1 p2 < > p3 p4 < p5 > [ 620.975596][T10918] loop3: partition table partially beyond EOD, truncated [ 620.983643][T10918] loop3: p1 size 100663296 extends beyond EOD, truncated [ 620.994243][T10918] loop3: p2 start 591104 is beyond EOD, truncated [ 620.998232][T10920] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2101'. [ 621.010317][T10918] loop3: p3 start 33572980 is beyond EOD, truncated [ 621.013240][T10918] loop3: p5 size 100663296 extends beyond EOD, truncated [ 622.618344][T10947] netlink: 'syz.4.2113': attribute type 29 has an invalid length. [ 623.662104][T10962] loop4: detected capacity change from 0 to 64 [ 623.757838][T10962] syz.4.2121: attempt to access beyond end of device [ 623.757838][T10962] loop4: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 623.777691][T10962] Buffer I/O error on dev loop4, logical block 512, async page read [ 623.786423][T10962] syz.4.2121: attempt to access beyond end of device [ 623.786423][T10962] loop4: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 623.805599][T10962] Buffer I/O error on dev loop4, logical block 56576, async page read [ 624.049797][T10964] loop5: detected capacity change from 0 to 2048 [ 624.129085][T10969] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 624.608221][T10977] loop2: detected capacity change from 0 to 64 [ 625.120804][T10981] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2129'. [ 625.858771][ T5886] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 626.089471][ T5886] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 626.101255][ T5886] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 626.111551][ T5886] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 626.125004][ T5886] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 626.134712][ T5886] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 626.252891][ T5886] usb 2-1: config 0 descriptor?? [ 626.721602][ T5886] plantronics 0003:047F:FFFF.000E: unbalanced delimiter at end of report description [ 626.760600][T10998] loop3: detected capacity change from 0 to 764 [ 626.774245][ T5886] plantronics 0003:047F:FFFF.000E: parse failed [ 626.782151][ T5886] plantronics 0003:047F:FFFF.000E: probe with driver plantronics failed with error -22 [ 626.795172][T11000] loop2: detected capacity change from 0 to 1764 [ 626.920260][ T32] usb 2-1: USB disconnect, device number 8 [ 627.607896][T11006] loop2: detected capacity change from 0 to 1024 [ 628.151649][ T3946] ===================================================== [ 628.159390][ T3946] BUG: KMSAN: uninit-value in hfsplus_cat_case_cmp_key+0xd9/0x190 [ 628.167524][ T3946] hfsplus_cat_case_cmp_key+0xd9/0x190 [ 628.174283][ T3946] hfs_find_rec_by_key+0xae/0x240 [ 628.179591][ T3946] __hfsplus_brec_find+0x271/0x840 [ 628.185058][ T3946] hfsplus_brec_find+0x4df/0x9f0 [ 628.190502][ T3946] hfsplus_brec_read+0x46/0x1f0 [ 628.195535][ T3946] hfsplus_find_cat+0xb5/0x4f0 [ 628.200735][ T3946] hfsplus_cat_write_inode+0x2ca/0xe20 [ 628.206586][ T3946] hfsplus_write_inode+0x178/0x960 [ 628.212190][ T3946] __writeback_single_inode+0x88f/0x1190 [ 628.218128][ T3946] writeback_sb_inodes+0xac1/0x1cb0 [ 628.223741][ T3946] wb_writeback+0x4ce/0xc00 [ 628.228853][ T3946] wb_workfn+0x397/0x1910 [ 628.233414][ T3946] process_scheduled_works+0xb91/0x1d80 [ 628.239443][ T3946] worker_thread+0xedf/0x1590 [ 628.244348][ T3946] kthread+0xd5c/0xf00 [ 628.248774][ T3946] ret_from_fork+0x233/0x380 [ 628.253569][ T3946] ret_from_fork_asm+0x1a/0x30 [ 628.258833][ T3946] [ 628.261250][ T3946] Uninit was created at: [ 628.265743][ T3946] __kmalloc_noprof+0x95f/0x1310 [ 628.271258][ T3946] hfsplus_find_init+0x90/0x1d0 [ 628.276414][ T3946] hfsplus_cat_write_inode+0x1a8/0xe20 [ 628.282327][ T3946] hfsplus_write_inode+0x178/0x960 [ 628.287637][ T3946] __writeback_single_inode+0x88f/0x1190 [ 628.293648][ T3946] writeback_sb_inodes+0xac1/0x1cb0 [ 628.301404][ T3946] wb_writeback+0x4ce/0xc00 [ 628.306110][ T3946] wb_workfn+0x397/0x1910 [ 628.313242][ T3946] process_scheduled_works+0xb91/0x1d80 [ 628.319338][ T3946] worker_thread+0xedf/0x1590 [ 628.324250][ T3946] kthread+0xd5c/0xf00 [ 628.328697][ T3946] ret_from_fork+0x233/0x380 [ 628.333502][ T3946] ret_from_fork_asm+0x1a/0x30 [ 628.338659][ T3946] [ 628.341131][ T3946] CPU: 0 UID: 0 PID: 3946 Comm: kworker/u8:21 Not tainted syzkaller #0 PREEMPT(none) SYZFAIL: failed to send rpc fd=3 want=18416 sent=0 n=-1 (errno 32: Broken pipe) [ 628.351073][ T3946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 628.361459][ T3946] Workqueue: writeback wb_workfn (flush-7:2) [ 628.367761][ T3946] ===================================================== [ 628.374990][ T3946] Disabling lock debugging due to kernel taint [ 628.382026][ T3946] Kernel panic - not syncing: kmsan.panic set ... [ 628.388625][ T3946] CPU: 0 UID: 0 PID: 3946 Comm: kworker/u8:21 Tainted: G B syzkaller #0 PREEMPT(none) [ 628.400082][ T3946] Tainted: [B]=BAD_PAGE [ 628.404448][ T3946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 628.414763][ T3946] Workqueue: writeback wb_workfn (flush-7:2) [ 628.421110][ T3946] Call Trace: [ 628.424520][ T3946] [ 628.427558][ T3946] __dump_stack+0x26/0x30 [ 628.432116][ T3946] dump_stack_lvl+0x53/0x270 [ 628.436943][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.442981][ T3946] dump_stack+0x1e/0x25 [ 628.447377][ T3946] vpanic+0x361/0xc50 [ 628.451602][ T3946] panic+0x15d/0x160 [ 628.455766][ T3946] kmsan_report+0x31c/0x320 [ 628.460480][ T3946] ? __pfx_autoremove_wake_function+0x10/0x10 [ 628.466823][ T3946] ? __msan_warning+0x1b/0x30 [ 628.471706][ T3946] ? hfsplus_cat_case_cmp_key+0xd9/0x190 [ 628.477580][ T3946] ? hfs_find_rec_by_key+0xae/0x240 [ 628.482984][ T3946] ? __hfsplus_brec_find+0x271/0x840 [ 628.488443][ T3946] ? hfsplus_brec_find+0x4df/0x9f0 [ 628.493815][ T3946] ? hfsplus_brec_read+0x46/0x1f0 [ 628.499022][ T3946] ? hfsplus_find_cat+0xb5/0x4f0 [ 628.504166][ T3946] ? hfsplus_cat_write_inode+0x2ca/0xe20 [ 628.509995][ T3946] ? hfsplus_write_inode+0x178/0x960 [ 628.515542][ T3946] ? __writeback_single_inode+0x88f/0x1190 [ 628.521611][ T3946] ? writeback_sb_inodes+0xac1/0x1cb0 [ 628.527144][ T3946] ? wb_writeback+0x4ce/0xc00 [ 628.531988][ T3946] ? wb_workfn+0x397/0x1910 [ 628.536770][ T3946] ? process_scheduled_works+0xb91/0x1d80 [ 628.542788][ T3946] ? worker_thread+0xedf/0x1590 [ 628.547870][ T3946] ? kthread+0xd5c/0xf00 [ 628.552281][ T3946] ? ret_from_fork+0x233/0x380 [ 628.557218][ T3946] ? ret_from_fork_asm+0x1a/0x30 [ 628.562375][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.567686][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.573674][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.578972][ T3946] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 628.585447][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.590751][ T3946] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 628.597198][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.602520][ T3946] __msan_warning+0x1b/0x30 [ 628.607300][ T3946] hfsplus_cat_case_cmp_key+0xd9/0x190 [ 628.612978][ T3946] hfs_find_rec_by_key+0xae/0x240 [ 628.618168][ T3946] ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10 [ 628.624452][ T3946] __hfsplus_brec_find+0x271/0x840 [ 628.629809][ T3946] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 628.635714][ T3946] hfsplus_brec_find+0x4df/0x9f0 [ 628.640915][ T3946] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 628.646775][ T3946] hfsplus_brec_read+0x46/0x1f0 [ 628.651809][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.657911][ T3946] hfsplus_find_cat+0xb5/0x4f0 [ 628.662866][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.668168][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.674181][ T3946] ? should_fail_ex+0x45/0x8a0 [ 628.679118][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.684413][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.689715][ T3946] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 628.696248][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.701583][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.707595][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.713323][ T3946] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 628.719839][ T3946] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 628.726083][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.732084][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.737384][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.743407][ T3946] hfsplus_cat_write_inode+0x2ca/0xe20 [ 628.749086][ T3946] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 628.755526][ T3946] ? _raw_spin_unlock+0x30/0x50 [ 628.760574][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.765871][ T3946] ? kmsan_get_shadow_origin_ptr+0x35/0xb0 [ 628.771951][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.777252][ T3946] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 628.783760][ T3946] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 628.790009][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.795333][ T3946] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 628.801848][ T3946] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 628.808096][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.814137][ T3946] hfsplus_write_inode+0x178/0x960 [ 628.819428][ T3946] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 628.825926][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.831226][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.836520][ T3946] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 628.842528][ T3946] ? __pfx_hfsplus_write_inode+0x10/0x10 [ 628.848362][ T3946] ? __pfx_hfsplus_write_inode+0x10/0x10 [ 628.854178][ T3946] __writeback_single_inode+0x88f/0x1190 [ 628.860029][ T3946] writeback_sb_inodes+0xac1/0x1cb0 [ 628.865545][ T3946] wb_writeback+0x4ce/0xc00 [ 628.870243][ T3946] ? queue_io+0x461/0x790 [ 628.874747][ T3946] wb_workfn+0x397/0x1910 [ 628.879287][ T3946] ? kmsan_get_metadata+0xfb/0x160 [ 628.884638][ T3946] ? __pfx_wb_workfn+0x10/0x10 [ 628.889703][ T3946] process_scheduled_works+0xb91/0x1d80 [ 628.895575][ T3946] worker_thread+0xedf/0x1590 [ 628.900623][ T3946] kthread+0xd5c/0xf00 [ 628.904863][ T3946] ? __pfx_worker_thread+0x10/0x10 [ 628.910221][ T3946] ? __pfx_kthread+0x10/0x10 [ 628.914990][ T3946] ret_from_fork+0x233/0x380 [ 628.919839][ T3946] ? __pfx_kthread+0x10/0x10 [ 628.924595][ T3946] ret_from_fork_asm+0x1a/0x30 [ 628.929594][ T3946] [ 628.932917][ T3946] Kernel Offset: disabled [ 628.937510][ T3946] Rebooting in 86400 seconds..