last executing test programs: 3m1.80855291s ago: executing program 1 (id=9162): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f00000001c0)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000100)=ANY=[], 0x10}, 0x40810) 3m1.505482832s ago: executing program 1 (id=9167): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3f}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x3, 0x3}}, @IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x8}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x200400c0}, 0x0) 3m1.172938436s ago: executing program 1 (id=9173): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff008}, {0x6, 0x0, 0x4}]}, 0x10) 3m0.892856019s ago: executing program 1 (id=9180): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0xfffffffffffffe1e, &(0x7f0000000500)={&(0x7f0000000000)={0x20, 0x21, 0x9, 0x2, 0x25dfdbfb, {0x4}, [@typed={0xc, 0x5, 0x0, 0x0, @ipv6=@local}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4000) 3m0.613906124s ago: executing program 1 (id=9185): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xffffffff, 0xe, 0x0, &(0x7f0000000480)="0000ffffffffa000d68e0506e095", 0x0, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m0.288516947s ago: executing program 1 (id=9190): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000002600090025bd00000000df250200000008000100"], 0x1c}, 0x1, 0x0, 0x0, 0x4000002}, 0x4000890) 2m44.170915007s ago: executing program 32 (id=9190): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000002600090025bd00000000df250200000008000100"], 0x1c}, 0x1, 0x0, 0x0, 0x4000002}, 0x4000890) 2m40.696017459s ago: executing program 2 (id=9493): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000c00)=@allocspi={0x100, 0x16, 0x339, 0x0, 0x0, {{{@in=@multicast1, @in6=@ipv4={'\x00', '\xff\xff', @private}}, {@in, 0x0, 0x32}, @in6=@loopback}, 0x0, 0x4}, [@XFRMA_SET_MARK={0x8, 0x1d, 0x1}]}, 0x100}}, 0x0) 2m40.467628504s ago: executing program 2 (id=9495): syz_mount_image$jfs(&(0x7f0000000140), &(0x7f0000000080)='./file1\x00', 0x3210842, &(0x7f0000000440)=ANY=[@ANYBLOB="646973636172643d3078303030303030303030303030373338632c75737271756f74612c646973636172643d3078303030303030303030303030306666662c696f636861727365743d6d6163726f6d616e69616e2c6e6f696e746567726974792c696f636861727365743d69736f383835392d342c67727071756f74612c6e6f71756f74612c6e6f646973636172642c00fc94cdf28054f116d2fc04106f3696d579ee9ee55863e0de"], 0x24, 0x6318, &(0x7f0000006600)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxdaV7esb2dPW4fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+X324/t//scffnLsR3//0/DMf/9yq//GtOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eqFqzcXrD9qtVqtPoJ1XTnZ3XoREZv1dar3DA7HA8ARsxmftN0FWiT/ThtExLG2OwEstKLtDnAo7j+4s16kfIv668HaTns+F2Qs/81i9/qOadNZmueYzOvxtRX9eG5Kf1bm1IdFkvPvNfO/stM+Sssddv5PWDGY0jAt/9HOpU+dk/PvN/NvOGL5T7UVvYn5d1XOf3Cg/PvyBwAAAACABZb//n+i5eO/S4+/Kfuy1/HftTn1AQAAAAAAAACetIOO/zdojP+3y/h/AAAAsLCqz+qV3x1/eNu072Krbr9cRDzTWB7omHSxzGrb/QAAAAAAAAAAAACALhnsnMN7uYgYRsQzq6tlWVY/dc36oB53/aOu69sPXdb2kzwAAOz4+HjjWv4iYjkiLqfv+huurq6W5fLKarlarizl97OjpeVypfa5Nk+r25ZG+3hDPBiV1S9brq1XN+vz8qz25u+r7mtU9vfRsfloMXAAiIidV6P7016R/uf16mgqy2ej5Tc5HBF77P8cUfZ/9qPtxykAAABw+MqyLIv0dd4n0zH/XtudAgDmIr/+N48LqNVqtVqtfvrqunKyu/UiIjbr61TvGQzHDwBHzGZ80nYXaJH8O20QES+03QlgoRVtd4BDcf/BnfUi5VvUXw/S+O75XJCx/DeL7fXy+pOmszTPMZnX42sr+vHclP48P6c+LJKcf6+Z/5Wd9lFa7vHzL8f+TNjWOUbT8q+280QL/Wlbzr/fzL/hsPf/edmK3sT8uyrnPzhQ/n35AwAAAADAAst//z+xUMd/R4+6OTPtdfx3beIah9cXAAAAAAAAAHhS7j+4s56ve83H/78wYTnXfz6dcv6F/Dsp599r5P/VxnL92vy9tx/m/+8Hd9b/eOtfn8/T/ea/lGeK9Mgq0iOiSPdUDNL0cbbus7aG/VF1T8Oi1x+kc37K4btxLa7HRpwdW7aX/j8etp8ba696OtxuL/s77efH2ge77Xn9C2Ptw3R2UbmS20/Hevw8rsc72+1V29KM7V+e0V7OaM/59+3/nZTzH9R+qvxXU3vRmFbufdT7zH5fn066n7euffE3Zw9/c2baiv7uttVV2/dSC/3Z/j85Nopf3ty4cfr21Vu3bpyLNBm79XykyROW8x+mn93n/5d32vPzfn1/vffR6MD5L4qtGEzN/+XafLW9r8y5b23I+Y/ST87/ndQ+ef8/yvlP3/9fbaE/AAAAAAAAAAAAAAAAsJeyLLcvEX0rIi6m63/aujYTAJifYe31v0xy27zq/pzvT60+tLoo5nF/xcJsbwv1p+Wc738wfkPb269WP4m6rpzszXoREX+rr1O9Z/j1pF8GACyyTyPin213gtbIv8Py9/1V01NtdwaYq5sffPjTq9evb9y42XZPAAAAAAAAAIBHlcf/XKuN/3yqLMu7jeXGxn99O9Yed/zPfDnNwwFGpwxU3T/4Nu1lqzfq92rDjb8Y08b/Hu7O7TX+92DG/Q1ntI9mtC/NaF+e0T7xQo+anP+LtfHOT0XEycbw610Y/7U55n0X5Pxfqj2eq/y/0liunn/5+6Ocf28s/zO33v/FmZsffPjatfevvrfx3sbPLpw7d/bCxYuXLl068+616xtnd/5tsceHK+efx752Hmi35Pxz5vLvlpz/l1It/27J+X851fLvlpx/fr8n/27J+efPPvLvlpz/K6mWf7fk/L+Wavl3S87/1VTLv1ty/l9Ptfy7Jef/Wqrl3y05/9Opln+35PzPpHqf+a8cdr+Yj5x/PsJl/++WnH8+s0H+3ZLzP59q+XdLzv9CquXfLTn/11Mt/27J+X8j1fLvlpz/xVTLv1ty/t9Mtfy7Jed/KdXy75ac/7dSLf9uyfl/O9Xy75ac/xupln+35Py/k2r5d0vO/7upln+35Py/l2r5d0vO/81Uy79bHn7/vxkzZszkmbafmQAAAAAAAAAAAACApnmcTtz2NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2cHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi71xi5zvp+4Gf25rUDiYGQv5O/gY1jkpBssutLfKF1MeHacCuBUOgF2/WuzYJveO0SaCSbBkokjIoq2oZKbQGhNm8q/IIXtAKUF6gVUiVoX9A3iAqVFxEKKCBVohVkqznneZ6dmZ3Lrne9O3PO5yPZP++ZM3OeOfOcM/vb9XcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI1uf93sp2pZltX/5H9tzbIX1P+9eWJrvuzVGz1CAAAAYLV+lf/93E1pweFl3KlhnX95+Xe+urCwsJC9d/jPRz+3sJBumMiy0U1Zlt8WXf3h+2qN6wSPZ+O1oYavh3psfrjH7SM9bh/tcftYj9s39bh9vMftS3bAEpuLn8fkD7Yz/+fWYpdmN2ej+W0729zr8dqmoaH4s5xcLb/PwuiJbC47lc1m003rF+vW8vW/fnt9W2/O4raGGra1vT5DfvbY8TiGWtjHO5u2tfiY0U9em038/GePHf+7C8/e2q723A1Nj1eM8+4d9XF+IiwpxlrLNqV9Esc51DDO7W1ek+Gmcdby+9X/3TrO55Y5zuHFYa6r1td8PBvK//3dfD+NNP5YL+2n7WHZL+7Isuzy4rBb11myrWwo29K0ZGjx9RkvZmT9MepT6cXZyIrm6e3LmKf1OrOzeZ62HhPx9b893G+kwxgaX6affHys4XX/5cK1zNOo/qw7HSutc3Ctj5V+mYNxXnw3f9JPtJ2DO8Pzf+zOznOw7dxpMwfT826Ygzt6zcGhseF8zOlFqOX3WZyDu5rWH863VMvrM3d2n4NTF06fm5r/6Mfumzt97OTsydkze3btmt6zb9+BAwemTsydmp0u/r7Gvd3/tmRD6RjYEfZdPAbualm3caoufHFsyfn3Wo/D8S7H4daWddf6OBxpfXK19Tkgl87p4th4d32nj18ZyjocY/nrc8/qj8P0vBuOw5GG47Dte0qb43BkGcdhfZ1z9yzve5aRhj/txtD5vWB1c3Brwxxs/X6kdQ6u9fcj/TIHx8O8+P49nd8LtofxPjG50u9HhrMtTW+qQ4tPN5x76kvS9/vjB/LSbl7eVr/hhrHs4vzs+fsfPXbhwvldWSjr4iUNc6V1vm5peE7Zkvk6tOL5enju5U/c1mb51rCvxu+r/zXe8bWqr7P3/u6vVf7u1n5/Ni3dnYWyxtZ7f7Z7N6/vz7Es+/y3Pv7wNx77/Os67s96v/mJqdV/L5760obz72iH82/s+58vtpce6vHh0ZHi+B1Oe2e06Xzc/FKN5OeuWr7t56aWdz4eDX/W+3x8c5fz8baWddf6fDza+uTi+bjW66cdq9P6eo6HeXJquvv5uL7Ott0rnZMjS+Zk4zF2R6i1sP9fFTqFdApvmDud5m3a1sjIaHheI3ELzfN0T9P6o6E3q2/rqd3hm8I0yuXN07vvKNYfbrhftF7zdKJl3bWep+lnX53maa3XT9+uTevrOR7mxc17us/T+jpP7139uXNz/GfDuXOs1xwcHR6rj3k0TcL8fJ8tbI5z8P7seHY2O5XN5LeO5fOplm9r8oHlnSvHwp/1Pldu6zIH725Zd63nYHof6zT3aiNLn/waaH09x8O8ePKB7nOwvs7r91/D965NS5rPlXeHJWmdhu9dW3++1ulnXre17KbrNVdGwji/tb/7z2br65w6sNI+s/t+ujcsuaHNfmo9fjsdUzPZ+uynbWGczx7ovJ/q46mv87mDy5xPh7Msu/ThB/Of94bfr1y6+L2vNv3epd3vdC59+MGfvvDEP69k/AAMvueLsqV4r2v4Idpyfv8PAAAADITY9w+Fmuj/AQAAoDRi3x//V3ii/wcAAIDSiH3/SKhJGfr/P+69yrbXPzv3/KUsJfMXgnh72g0PFevFjOt0+HpiYVF9+YNfnv3vf7q0vOENZVn2y4f+qO362x6K4ypMhHFefUPz8iW+et+ytn30kUtpu4359S+Ex4/PZ7nToF0EdzrLsq/f9Jl8OxPvu5LXpx86mteHLz/xeH2d5w4WX8f7P/OSYv2/DuHfwyeONd3/mbAffhTq9Fva7494v69cedX2/e9Z3F68X23HjfnTfvL9xePGz8n57OPF+nE/dxr/Nz791Ffq6z/6yvbjvzTUfvxPhcf9cqj/87Ji/cbXoP51vN8nw/jj9uL97v/SN9uO/+qnivXPvbFY72iocft3h693vvHZucb99WjtWNPzyt5UrBe3P/29P81vj48XH791/ONHrjTtj9b58fS/F48z1bJ+XB63E/1jy/brj9M4P+P2n/qTo037udf2rz78zMvqj9u6/Xtb1jv34Xvy7S8+XvMnNv3NJz/TdntxPIf/4VzT8zn8znAch+0/+f4wH8Pt/3u1eLzWT1c4+s7m809c/wtbLzU9n+jNPy+2f/U1J/O6aXzzlhte8MIbL7+ivu+y7Lubisfrtf2Tf3u2afxfvKXYH/H2mNFv3X4ncfvnPzJ55uz8xbmZtFcfuyn/7Jy3FuOJ470pnFtbvz5y9sIHZs9PTE9MZ9lEeT9C75p9KdSfFuVy97UXlpxB73kkvJ63/eXXt9z5b5+Oy//j3cXyK28p3rfuCut9NizfGl6/lW1/qSdvvyU/vmtPhxEuLP284NXYvvPHB5a1Ynj+rd8XxPl+7qUfyPdD/bb8fSMe16sc/w9misf5WtivC+GTmXfcsri9xvXjZyNceVdxvK96/4XTXHxd/z683m/7UfH4cVzx+f4gfB/zzW3N57s4P752aaj18fNP8bgczifZ5eL2uFbc31eeu6Xt8OLnkGSXb82//rP0OLeu6Gl2Mv/R+alTc2cuPjp1YXb+wtT8Rz925PTZi2cuHMk/y/PIB7vc9a/uyrJs8fy0JT8/zczu25vlZ6uzRbnOVjH+3GrHf+6R4zP7p++cmT1x7OKJC4+cmz1/8vj8/PHZmfk7j504MfuRXvefmzm0a/fBPft3T56cmzl04ODBPQcn586crQ+jGFQP+6Y/NHnm/JH8LvOH9h7c9cADe6cnT5+dmT20f3p68mKv++fvTZP1e//h5PnZU8cuzJ2enZyf+9jsoV0H9+3b3fPTAE+fOzE/MXX+4pmpi/Oz56eK5zJxIV9cf+/rdX/Kaf4/i+9nW9WKD+LL3nHvvvT5rHVf/njHhypWafkA0WfDZ9F8+0XnDizn69j3j4aalKH/BwAAAHKx7x8LNdH/AwAAQGnEvn9TqIn+HwAAAEoj9v3joab/ElCR/r90+f9tl5a1ffl/+f/G/SX/X7H8/7v6Lf9fnC/k/9fGavP38v+B/L/8f8rPj2VZtj75+eszfvl/+X82Ur/l/2PfvznL/P4fAAAASir2/VtCTfT/AAAAUBqx778h1ET/DwAAAKUR+/4XhJpUpP+X/5f/l/+X/5f/b799+f/BJP/fnfx/J8UnQsv/z09lG5ifX4vxrzD/f3ktx78B+f/NjV/I/9OP+i3/H/v+F4aaVKT/BwAAgCqIff+NoSb6fwAAACiN2PffFGqi/wcAAIDSiH3/1lCTivT/8v+ryv+nzJX8f/P45f+byf+H+SD/L/+/DuT/u5P/70H+f0Ovnz/o43f9f/l/luq3/H/s+18UalKR/h8AAABKa3Txn7Hvf3Goif4fAAAA+s/Itd0t9v0vCTVZ0v9f4wYAAACADRf7/puzliB4RX7/L//v+v/y//L/8v/tt7/8/P9wJv/fP+T/u5P/70H+X/6/uvn/8Uz+n+ug3/L/ed+fjWcvDTWpSP8PAAAAVRD7/ltCTfT/AAAAUBqx7/9/oSb6fwAAACiN2PdvCzWpSP8v/1+a/P8vGl86+X/5/27bl/93/f8yk//vTv6/B/l/+f/q5v9d/5/rot/y/7HvvzXUpCL9PwAAAFRB7PtvCzXR/wMAAEBpxL7//4ea6P8BAACgNGLfvz3UpCL9v/x/n+f/Y3LU9f/l/+X/+zL/Py7/33fk/7uT/+9B/l/+X/5f/p811W/5/9j3vyzUpCL9PwAAAFRB7PtfHmqi/wcAAIDSiH3/K0JN9P8AAABQGrHvnwg1qUj/v5L8f+2y/H8n1/n6/2PLuP5/E/l/+f9u25f/d/3/MpP/707+vwf5f/l/+X/5f9ZUv+X/Y99/e6hJRfp/AAAAqILY9+8INdH/AwAAQGnEvv+OUBP9PwAAAJRG7Pt3hppUpP93/f+ByP9n8v/y//L/8v/y/8sj/9+d/H8P8v/y//L/8v+sqTXO/w+1Llxp/j/2/a8MNalI/w8AAABVEPv+O0NN9P8AAABQGrHvvyvURP8PAAAApRH7/rtDTSrS/8v/y//L/8v/y/+33778/2CS/+9O/r8H+f+Byv+3BoE3evzy//L/LNVv1/+Pff+rQk0q0v8DAABAFcS+/55QE/0/AAAAlEbs++8NNdH/AwAAQGnEvn8y1KQi/b/8v/y//L/8v/x/++3L/w8m+f/u5P97kP8fqPx/v41f/l/+n6X6Lf8f+/77Qk0q0v8DAABAFcS+//5QE/0/AAAAlEbs+6dCTfT/AAAAUBqx758ONalI/y//L/8v/y//v6L8/ysWH1f+vyD/31/k/7uT/+9B/l/+f8Pz/6Py/5RKv+X/Y9+/K9SkIv0/AAAAVEHs+3eHmuj/AQAAoDRi378n1ET/DwAAAKUR+/69oSYV6f/l/+X/5f/l/13/v/325f8Hk/x/d2uf/49PUf5f/l/+3/X/5f9Zqt/y/7HvfyDUpCL9PwAAAFRB7Pv3hZro/wEAAKA0Yt+/P9RE/w8AAAClEfv+A6EmFen/5f/l/+X/5f/l/9tvX/5/MMn/d+f6/z205P/HwvuS/L/8/yDk/+tzS/6fftNv+f/Y9x8MNalI/w8AAABVEPv+V4ea6P8BAACgNGLf/2uhJvp/AAAAKI3Y9/96qElF+n/5f/l/+X/5/37P/4/J/8v/r4D8f3fy/z24/r/8/wDn/13/n37Ub/n/2PcfCjWpSP8PAAAAVRD7/t8INdH/AwAAQGnEvv81oSb6fwAAACiN2PcfDjWpSP8v/79O+f+4UP5f/l/+3/X/5f+vK/n/7uT/e5D/l/+X/5f/Z031W/4/9v2vDTWpSP8PAAAAVRD7/gdDTfT/AAAAUBqx739dqIn+HwAAAEoj9v2vDzWpSP8v/+/6/xuf/x9tGrv8/+L95P8L8v/y/ysh/9+d/H8P8v/y//L/8v+sqX7L/8e+/w2hJhXp/wEAAKAKYt//xlAT/T8AAACURuz73xRqov8HAACA0oh9/5tDTSrS/8v/y/9vfP7f9f/l/wvy//L/a0H+v7vBzP/Xd6P8fyb/3/fjl/+X/2epfsv/x77/N0NNKtL/AwAAQBXEvv+hUBP9PwAAAJRG7PvfEmqi/wcAAIDSiH3/W0NNKtL/y//L/8v/y//L/7ffvvz/YJL/727A8v+/ujEs35Dr/8eTu/y//P91yv+PtHx9XfL/P+yU/1/Y1Hp/+X+uh37L/8e+/22hJhXp/wEAAKAKYt//9lAT/T8AAACURuz73xFqov8HAACA0oh9/2+FmlSk/5f/r49jMb0s/y//ny+Q/5f/l/8fWPL/3Q1Y/j9c/3+D8v+u/y//7/r/8v+sWr/l/2Pf/85Qk4r0/wAAAFAFse9/ONRE/w8AAAClEfv+d4Wa6P8BAACgNGLf/+5Qk4r0//L/rv8v/y//L//ffvvy/4NpbfL/w/L/8v/y//L//ZH//y/5fwZbv+X/Y9//SKhJRfp/AAAAqILY978n1ET/DwAAAKUR+/7fDjXR/wMAAEBpxL7/vaEmFen/5f8HJf8/If+/wvz/WFgm/y//L/9fLa7/3932nT/unKxsJP8v/y//3x/5f9f/Z8D1W/4/9v3vCzVZfv8/vuw1AQAAgA0R+/7fCTWpyO//AQAAoApi3/+7oSb6fwAAACiN2Pf/XqhJ6fr/z7VdKv8/KPl/1//PXP9f/r/l+cj/y/+3s375/3jmGbj8v+v/dyP/L/8v/98x/z/U4/7y/7TTb/n/2Pf/fqhJ6fp/AAAAqK7Y978/1ET/DwAAAAOh3f/JbhX7/iOhJvp/AAAAKI3Y9x8NNalI/y//L/8v/9+n+f+/2PGv3//O24/ukv+X/5f/X5F1vf5//eAfvOv/y/93I/8v/y//7/r/rKl+y//Hvv9YqMli4/dWF/gHAACAwRb7/j8INanI7/8BAACgCmLffzzURP8PAAAApRH7/plQk4r0//L/8v/y/32a/x/g6//H/TFI+f/JTQOU/48nXfn/ttY1//+exZy4/P9K8/9jbZe25v9r8v9N5P9XPP5vZ1km/y//zwbqt/x/7PtnQ00q0v8DAABAFYS+f+hEURdv0P8DAABAacS+/2Soif4fAAAASiP2/R8INalI/y//L/8v/y//7/r/7bfft/l/1//vSv6/u/7J/7fXh9f/H5L/H+j8v+v/y/+zwfot/x/7/rlQk4r0/wAAAFAFse//YKiJ/h8AAABKI/b9Hwo10f8D/8fenTxZVqZ1HD+JSZAVhBUGGxcucO+fwELW+ge4YONCQ8NQUHGeKMR5QJxnUXHAAQdQxAnFWXBCcQYV57lpeqa7ozoq83meyuHkuZmV9+Y9530/n4VPk93FzW4r6P5RfHkBAIBm5O7/9Lilk/2v/9f/6//1//r/8c/X/y+T/n+a/n8F7//r//X/+n/Wam79f+7+z4hbOtn/AAAA0IPc/ffHLfY/AAAANCN3/wNxi/0PAAAAzcjd/5lxyyL3/84b560E9f/6/2b7/4/V/5/2+fp//X/L9P/T9P8rXFb/f3XQ/2/Atr//C/T/bw76fxo1t/4/d/9nxS2L3P8AAADAmNz9nx232P8AAADQjNz9D8Yt9j8AAAA0I3f/58Qtnez/Y/3/ztBn/58Zr/6/pf7/Zq+/O+j/j3y+/l//37LL7f8fvvFHPv2//t/7/0H/7/1//T/Hza3/z93/uXFLJ/sfAAAAepC7//PiFvsfAAAAmpG7//PjFvsfAAAAmpG7/wvilk72/wzf/9//f4L3/w9+W/+/lv7f+//HPl//r/9vWd/v/++t/Ff01P8/+Mqd97/57Ec9d57P1//r//X/+n/Wa279f+7+L4xbOtn/AAAA0IPc/V8Ut9j/AAAA0Izc/V8ct9j/AAAAsEBXRr+au/9L4pZO9v8M+/+D70v/v0//f4n9/57+X/+v/29B3/3/aj31/7fy+Z30/+P/o3gG/fxFre37f2LQ/+v/WZO59f+5+780bulk/wMAAEAPcvd/Wdxi/wMAAMB8jf2F2BNy9z8Ut9j/AAAA0Izc/dfilk72v/5/8/3/B/X/y+j/vf+v/9f/N0H/P03/v0If/f+p9P/e/9f/s25z6/9z9z8ct3Sy/wEAAKAHufu/PG6x/wEAAKAZufsfiVvsfwAAAGhG7v6viFs62f/6/9m9/7876P/1/0H/f0D/r/8/D/3/NP3/Cvr/i/bzt+v/9f/6fw47Z///1sQfttfS/+fu/8q4pZP9DwAAAD3I3f9VcYv9DwAAAM3I3f/VcYv9DwAAAM3I3f81cUsn+1//P7v+3/v/S+v/r978/XTX/5/8qbdP/z9O/3859P/TZtP/7+yOfln/v/j+3/v/+n/9P0fM7f3/3P1fG7d0sv8BAACgB7n7vy5umdj/5/6T+QAAAMBW5e7/+rjFr/8DAADA4mV1lrv/G+KWTva//l//r//3/r/3/8c/f6r/f+7Q96f/nxf9/7TZ9P+n0P/r/5f8/ev/9f+cNLf+P3f/N8Ytnex/AAAA6EHu/kfjFvsfAAAAmpG7/5viFvsfAAAAmpG7/7G4pZP9P97/3/zn9f9no/8/+v3r/8d/fqyr/8/fo/5/sv+/1/v/fdL/T9P/r6D/1//r/0/r/6+s+vH6f8bMrf/P3f/NcUsn+x8AAAB6kLv/W+IW+x8AAACakbv/W+MW+x8AAACakbv/2+KWTva/9//1//r/5fX/3v8/sM33/4dL7/939f9npP+ftqD+/9Wrn3KX/v8Y/f+8v//G+/+D9/8n/i4A+n/GzK3/z93/7XFLJ/sfAAAAepC7/zviFvsfAAAAluHwXztw/C8oDbn7vzNusf8BAACgGbn7vytuaWf/T77Vqf/X/+v/9f/6//HPn1f/7/3/s9L/T1tQ/+/9/xEL7f93G+v/Hz/tx8+h/39o0/3/BP0/Y470/8/f/Pq2+v/c/d8dt7Sz/wEAAKB7ufu/J26x/wEAAKAZufu/N26x/wEAAKAZufu/L27pZP9vvP+f+LsP6P/1//p//b/+X/+/bvr/afr/FfT/3v/3/r/+n7U60v8fsq3+P3f/98ctnex/AAAA6EHu/h+IW+x/AAAAaEbu/sfjFvsfAAAAmpG7/wfjlk72v/f/9f/6f/2//n/88/X/y3Sh/v42/X/R/+v/9f/6f/0/azC3/j93/w/FLZ3sfwAAAOhB7v4fjlvsfwAAAGhG7v4n4hb7HwAAAJqRu/9H4pZO9r/+f7P9f35d/6//H/T/+n/9/6Xo9v3/nbH/JjrplP7/pU+99vFHv6L/1//r//X/+n/O6CMm/rlZ9P/Xb/6vy9z9Pxq3dLL/AQAAoAe5+38sbrH/AQAAoBm5+388brH/AQAAoBm5+5+MW865/6eah3Fv3H3uH7IB+n/v/+v/9f/6//HP1/8vU7f9/xl5/38F/b/+X/+v/2etZtH/H/rt3P0/Ebf49X8AAABoRu7+n4xb7H8AAABoRu7+n4pb7H8AAABoRu7+n45bOtn/+n/9v/5f/6//H/98/f8y6f+n6f9XWFL//+QF+v/d8S9vu5+/qG1///p//T8nza3/z93/VNzSyf4HAACAHuTu/5m4xf4HAACAZuTu/9m4xf4HAACAZuTu/7m4pZP9r//X/+v/9f/6//HP1/8vk/5/mv5/GIanJ76Bsf7/+h3z7P+9/z+771//r//npLn1/7n7fz5u6WT/AwAAQA9y9z8dt9j/AAAA0Izc/c/ELfY/AAAANCN3/y/ELZ3sf/2//l//r/9fQ/9/pK/V/4/T/18O/f80/f8KS3r/X/8/u+9f/6//56S59f+5+38xbulk/wMAAEAPcvc/G7fY/wAAANCM3P2/FLfY/wAAANCM3P3PxS2d7H/9v/5f/6//9/7/+Ofr/5dpc/3/oP/X/+v/V9D/6//1/xw3t/4/d/8vxy2d7H8AAADoQe7+X4lb7H8AAABoRu7+X41b7H8AAABoRu7+X4tbOtn/+n/9/34/H9+A/l//P2yt/7/xxyD9v/7/4rz/P03/v4L+X/+v/9f/s1bj/f9DW+v/c/f/etzSyf4HAACAHuTufz5usf8BAACgGbn7fyNusf8BAACgGbn7fzNu6WT/X7D/v2PQ/+9bfP8fP+6xR4ZB/6//X9n/xx8hvP9/4AL9/96g/187/f80/f8K+v82+//bhob6/yun/nj9P3M0t/f/c/e/ELd0sv8BAACgB7n7fytusf8BAACgGbn7fztusf8BAACgGbn7fydu6WT/e/9f/3+0//f+//4X9P9beP+/y/6//lPV/6+P/n+a/n8F/X+b/b/3//X/bM3c+v/c/b8bt3Sy/wEAAKAHuft/L26x/wEAAKAZuft/P26x/wEAAKAZufv/IG7pZP/r//X/t9D/36b/1/8P+n/9/0zp/6fp/1fQ/+v/9f/6f9Zqbv1/7v4/jFs62f8AAADQg9z9L8Yt9j8AAAA0I3f/S3GL/Q8AAADNyN3/R3FLJ/tf/6//9/7/Mvv/Pf2//l//P2ou/f8993zcy/p//b/+X/+v/9f/925u/X/u/j+OWzrZ/wAAANCD3P1/ErfY/wAAANCM3P1/GrfY/wAAANCM3P1/Frd0sv9P9v+3DweF6oGx/j8aNf3/IVvv//eOfrb+v/3+f9D/6//1/6Pm0v97///Wvn/9v/5/yd//ufr/jz754/X/tGhu/X/u/pfjlk72PwAAAPQgd/+fxy32PwAAADQjd/9fxC32PwAAADQjd/8rcUsn+9/7/430/8fo//X/U5+v/9f/t0z/P03/v4L+X//v/f8HPunD9P+sz9z6/9z9fxm3dLL/AQAAoAe5+/8qbrH/AQAAoBm5+/86brH/AQAAoBm5+/8mbulk/+v/9f/6/w30/7vjPz/0//p//f/m6f+n6f/L8X9rB/rp//fGvrjtfv6itv39b6j/f+FO7/+zYHPr/3P3/23c0sn+BwAAgB7k7v+7uMX+BwAAgGbk7v/7uMX+BwAAgGbk7n81bulk/+v/G+//b/xG9/3/J3r//9jn6//1/y3T/+d/o48b7/93T36p/f5/XD/9/6ht9/NL//6bef9f/88aza3/z93/WtzSyf4HAACAHuTu/4e4xf4HAACAZuTu/8e4xf4HAACAZuTu/6e4pZP9r/9vvP8/9v7/ztBj/7+F9/9P+fmh/9f/6/83T/8/zfv/K+j/9f/6f/0/azW3/j93/+s7u13ufwAAAFiqT/iYT3vtrP/a1/f/797wz3HLvcP1M/4yNgAAADBzN3b/zu4w/Mv+b/n1fwAAAGhR7v5/jVs62f/6/776/z7f/99g/3/jg/X/+n/9/6zo/6dtof/fO8/3p//X/y/5+9f/6/85aW79f+7+f4tbDg2/3XP/uwQAAADmJHf/v8ctnfz6PwAAAPQgd/9/xC0n9r+/HSAAAAAsVe7+/4xbOvn1f/3/zPv/YUP9f/zr9P8HvP+v/x/7fP3/Mun/p12w/7++4/1//f8E/b/+X//PcXPr/3P3/1fc0sn+BwAAgEYd+TMKufv/O26x/wEAAKAZufv/J26x/wEAAKAZufv/N27pZP/r/y+9/89UfYPv/1+pf+T9/877/0f3Rj9f/6//b5n+f9oW3v/X/x/9/ev/N+jQ93+H/l//zzzMrf/P3f9/cUsn+x8AAAB6kLv//+MW+x8AAACakbv/bXGL/Q8AAADNyN3/xo3z4f3t/630//E76bT/P9/7/2fs/++6evSzV77/r//vo/8/5fPb6f8/8s5rL973yc88pf/npsvs//Pngv5f/6//PzCj/t/7//p/ZmL9/f/ukS+et//f3/3D3vD2uKWT/Q8AAAA9yN3/Ztxi/wMAAEAzcve/I26x/wEAAKAZufvfGbd0sv+9/99G/3/cEvv//M96C/3/tVvu/68Mw7CV/j+b4t77f+//6/9P8v7/NP3/Cvp//b/+X//PWq2//z/6xfP2/7n73xW3dLL/AQAAoAe5+98dt+T+3zn3n7oHAAAAZiZ3/3viFr/+DwAAAM3I3f/euKWT/a//1//Ppf9P3v+/+ePaev//vopT++z/765/pP/fLP3/NP3/Cvp//b/+X//PWs2t/8/d/764pZP9DwAAAD3I3f9W3GL/AwAAQDNy978/brH/AQAAoBm5+z8Qt3Sy//X/rfb/WcTr//X/c+n/vf/v/f/Lof+fpv9fQf+/8P4/fsIM+n/9P3Mxt/4/d/+HAgAA///FE2fi") syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x321f0c9, 0x0, 0x2, 0x0, 0x0) 2m37.964409985s ago: executing program 2 (id=9521): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x40007, 0x183003) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f00000011c0)=""/230) 2m37.688494686s ago: executing program 2 (id=9525): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902"], 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000010100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES16=r0], 0x48) 2m35.849001113s ago: executing program 2 (id=9539): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="180100001b00010000000000000000007f000001000000000000000000000000e00000020000000000000000000000000000000000000000000000ec00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000020000000000000007000000000000000000000000000000000000000000000000030000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001030000000000000000000000004b0008004700080000003f00d6d78d091ecf0eeb2dc7929a6e1d2646ae2275de7c1c2ac8887fb170511a9b4da8e1800747e2d4f87b647e6593e662ffbabf64185e5f02c446104aea5f2f91000c0015"], 0x118}}, 0x0) 2m35.525874801s ago: executing program 2 (id=9543): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x18, 0x26, 0x1, 0x7fffd, 0x1000, {0x4}, [@nested={0x4, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008090) 2m19.317806551s ago: executing program 33 (id=9543): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x18, 0x26, 0x1, 0x7fffd, 0x1000, {0x4}, [@nested={0x4, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008090) 22.322561754s ago: executing program 0 (id=11454): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x58, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_BYTES={0xc}]}]}], {0x14, 0x10}}, 0xa0}}, 0x0) 22.00772621s ago: executing program 0 (id=11459): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000001580)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==") openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', &(0x7f0000000140)={0x474203, 0x408}, 0x18) 20.420612773s ago: executing program 0 (id=11479): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2200}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c024}, 0x0) 19.411936769s ago: executing program 0 (id=11495): r0 = syz_open_dev$video(&(0x7f0000000180), 0xc407, 0x800) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000040)={0x0, 0x5, 0x1, {0xa, @pix_mp={0xaeda, 0x6, 0x34324142, 0x9, 0x3, [{0x74, 0x2d}, {0x8, 0xe}, {0x4, 0x10}, {0x6, 0x8}, {0xf71, 0x8}, {0xff, 0x203}, {0x0, 0x6}, {0x6, 0xffffe59a}], 0xc, 0x4, 0x8, 0x0, 0x7}}}) 19.175879945s ago: executing program 0 (id=11499): r0 = socket$inet6(0xa, 0x1, 0x8010800000000084) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x201, 0x0, @private0}, 0x1c, &(0x7f0000000600)=[{&(0x7f00000000c0)='/', 0x1}], 0x1}}, {{&(0x7f0000000400)={0xa, 0x201, 0x0, @private0}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000d00)='[', 0x4d0}], 0x21}}], 0x2, 0x4008040) 18.916703803s ago: executing program 0 (id=11502): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000032c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000e80)={0x14, 0x26, 0x1, 0x70bd25, 0x25dfdbff, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0) 3.021710127s ago: executing program 7 (id=11746): syz_emit_ethernet(0xfdef, &(0x7f00000004c0)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "922d96", 0x30, 0x3a, 0xff, @remote, @mcast2, {[], @time_exceed={0x3, 0x1, 0x0, 0x8, '\x00', {0x9, 0x6, "0400", 0x4, 0x2b, 0x1, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}}}}}, 0x0) syz_usb_connect$uac3(0x0, 0xa0, &(0x7f0000000480)=ANY=[@ANYBLOB="12011003000000403512100040000102030109028e000301002040080b0201012130c60904000000010130000a2401042a00ff0f0000132403050403020602020000000700100002000d240902"], &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0}) 2.790424183s ago: executing program 34 (id=11502): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000032c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000e80)={0x14, 0x26, 0x1, 0x70bd25, 0x25dfdbff, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0) 2.7862913s ago: executing program 3 (id=11749): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000c40)) 2.684134578s ago: executing program 3 (id=11751): sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x24, 0x0, 0x11, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000005}, 0x90) syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000997aa910c6250290ba62010203010902120001000000000904"], 0x0) 2.391183428s ago: executing program 4 (id=11753): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000190a0102"], 0x14}}, 0x0) 2.373764818s ago: executing program 4 (id=11754): r0 = syz_open_dev$vim2m(&(0x7f0000000280), 0x4eb36, 0x2) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0xc0285628, &(0x7f0000000180)=0x2) 2.240180981s ago: executing program 4 (id=11756): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) writev(r0, &(0x7f0000000780)=[{&(0x7f00000003c0)='\v\x00\x00\x00', 0x4}], 0x1) 2.04209551s ago: executing program 4 (id=11759): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="300000002c0007012bbd7000ffdbdf25067c0000080001800900000014000380100001"], 0x30}, 0x1, 0x0, 0x0, 0x10000004}, 0xc010) 1.802773117s ago: executing program 4 (id=11761): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="202301"], 0x0, 0x0, 0x0}, 0x0) 1.669508298s ago: executing program 5 (id=11763): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="06000000040000004000000089"], 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000840)={0x0, &(0x7f0000000780)=""/106, &(0x7f0000000380), &(0x7f0000000000), 0x80, r0, 0x0, 0x7}, 0x38) 1.446803444s ago: executing program 5 (id=11764): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000630100f80000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x51) 1.360215535s ago: executing program 6 (id=11765): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) keyctl$chown(0x4, r0, 0xffffffffffffffff, 0xee01) 1.358223906s ago: executing program 7 (id=11766): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000300)={&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x28) 1.208953725s ago: executing program 5 (id=11767): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f0000000080)={[{@data_err_ignore}]}, 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40e8662e, &(0x7f0000000000)={0x3ff, 0x40000000000002, 0xd, 0xb, 0x9, 0x1}) 1.2028511s ago: executing program 7 (id=11768): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FLAGS={0x6, 0x8, 0x18}, @IFLA_IPTUN_PMTUDISC={0x5}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040) 1.077547855s ago: executing program 6 (id=11769): rseq(&(0x7f0000000040)={0x0, 0x0, 0x0, 0x2}, 0x20, 0x0, 0x0) rseq(&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0) 944.397533ms ago: executing program 7 (id=11770): r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20) syz_clone3(&(0x7f0000004300)={0x200000000, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) 855.193724ms ago: executing program 6 (id=11771): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x411, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x200, 0x20a4}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_SPOOFCHK={0xc, 0x4, {0x0, 0x7}}]}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x40) 839.7253ms ago: executing program 3 (id=11772): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x2, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000100)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0}) 598.867644ms ago: executing program 6 (id=11773): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000000000)={'team_slave_1\x00', @random="01350100"}) 596.166797ms ago: executing program 5 (id=11774): r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f0000000d40)={&(0x7f0000000000)={0x2, 0x0, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e068000000110000000000000000dbc790ad000000fc0000000000000014000000000000000000000034"], 0x68}, 0x0) 467.298414ms ago: executing program 3 (id=11775): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4) 407.872228ms ago: executing program 7 (id=11776): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@mpls_delroute={0x1c, 0x19, 0x1, 0x0, 0x2, {0x1c, 0x14, 0x0, 0x5, 0xfe, 0x0, 0xc8, 0x1}}, 0x1c}, 0x1, 0x0, 0x0, 0x10001}, 0x44) 361.271489ms ago: executing program 5 (id=11777): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/cpu_byteorder', 0x200800, 0x8) fcntl$getflags(r0, 0x1) 263.038254ms ago: executing program 3 (id=11778): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000002cc0)='/dev/comedi3\x00', 0x0, 0x0) preadv(r0, &(0x7f0000002e40)=[{&(0x7f0000002d00)=""/4, 0x4}, {0x0}], 0x2, 0x3, 0xb23a) 245.475166ms ago: executing program 6 (id=11779): r0 = socket$inet6(0xa, 0x3, 0x8) sendto(r0, 0x0, 0x0, 0x4001, 0x0, 0x0) 158.398412ms ago: executing program 7 (id=11780): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x5, 0x8, 0xf}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000080), &(0x7f0000000200)}, 0x20) 158.174551ms ago: executing program 4 (id=11781): r0 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x181) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x81485740, 0x0) 35.72277ms ago: executing program 6 (id=11782): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x4300) readahead(r0, 0x6, 0x0) 35.405177ms ago: executing program 5 (id=11783): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001980)={0x18, 0x3, &(0x7f00000013c0)=@framed, &(0x7f0000001400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$OBJ_PIN_PROG(0x11, &(0x7f0000000240)=@generic={&(0x7f0000000000)='./file0\x00', r0}, 0x18) 0s ago: executing program 3 (id=11784): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000340)={'ip6tnl0\x00', &(0x7f00000002c0)={'syztnl0\x00', 0x0, 0x4, 0xf1, 0x4, 0x9, 0x41, @remote, @loopback={0x0, 0x7ffffffe}, 0x8000, 0x80, 0x4, 0x4}}) kernel console output (not intermixed with test programs): 5 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6992 comm="syz.4.10406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7fb58039c799 code=0x7ffc0000 [ 922.281896][ T7008] loop5: detected capacity change from 0 to 1024 [ 922.314069][ T7008] EXT4-fs: Ignoring removed bh option [ 922.334224][ T7017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10413'. [ 922.357376][ T30] audit: type=1326 audit(1774000667.567:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6992 comm="syz.4.10406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58039c799 code=0x7ffc0000 [ 922.431065][ T7008] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 922.445570][ T30] audit: type=1326 audit(1774000667.567:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6992 comm="syz.4.10406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58039c799 code=0x7ffc0000 [ 922.491215][ T7008] EXT4-fs error (device loop5): __ext4_new_inode:1073: comm syz.5.10411: reserved inode found cleared - inode=18 [ 922.622495][ T7008] EXT4-fs (loop5): Remounting filesystem read-only [ 922.834326][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 923.056804][ T7059] fuse: Bad value for 'group_id' [ 923.093081][ T7059] fuse: Bad value for 'group_id' [ 923.297751][ T7072] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10429'. [ 923.528215][ T7078] loop0: detected capacity change from 0 to 4096 [ 923.612030][ T7078] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 923.626469][ T7078] ntfs3(loop0): Failed to initialize $Extend/$ObjId. [ 923.683192][ T7078] ntfs3(loop0): ino=1e, "file1" attr_set_size_ex [ 923.710422][ T7078] ntfs3(loop0): ino=1e, "file1" attr_set_size_ex [ 923.799478][ T5893] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 924.029624][ T5893] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 924.055629][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 924.087917][ T5893] usb 5-1: Product: syz [ 924.092104][ T5893] usb 5-1: Manufacturer: syz [ 924.115642][ T5893] usb 5-1: SerialNumber: syz [ 924.132670][ T5893] usb 5-1: config 0 descriptor?? [ 924.142110][ T5893] ch341 5-1:0.0: ch341-uart converter detected [ 924.375650][ T6648] usb 4-1: new high-speed USB device number 109 using dummy_hcd [ 924.422836][ T7141] bond2: entered promiscuous mode [ 924.428615][ T7141] bond2: entered allmulticast mode [ 924.570173][ T6648] usb 4-1: config 0 has an invalid interface number: 117 but max is 0 [ 924.578440][ T6648] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 924.592784][ T5893] usb 5-1: failed to send control message: -71 [ 924.600142][ T5893] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 924.628261][ T6648] usb 4-1: config 0 has no interface number 0 [ 924.637038][ T5893] usb 5-1: USB disconnect, device number 2 [ 924.645463][ T7184] netlink: 24 bytes leftover after parsing attributes in process `syz.7.10452'. [ 924.687570][ T6648] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 924.703535][ T5893] ch341 5-1:0.0: device disconnected [ 924.725362][ T6648] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 924.737544][ T7100] loop6: detected capacity change from 0 to 32768 [ 924.751718][ T6648] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 924.767662][ T7189] team0: Port device batadv0 removed [ 924.771704][ T6648] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 924.781117][ T6648] usb 4-1: Product: syz [ 924.793750][ T7189] bridge_slave_0: left allmulticast mode [ 924.797377][ T6648] usb 4-1: Manufacturer: syz [ 924.812342][ T6648] usb 4-1: SerialNumber: syz [ 924.819885][ T7100] find_entry called with index >= next_index [ 924.829880][ T7189] bridge_slave_0: left promiscuous mode [ 924.845180][ T7189] bridge0: port 1(bridge_slave_0) entered disabled state [ 924.867954][ T7100] find_entry called with index >= next_index [ 924.886605][ T6648] usb 4-1: config 0 descriptor?? [ 924.890471][ T7189] bridge_slave_1: left allmulticast mode [ 924.893976][ T7100] find_entry called with index >= next_index [ 924.931053][ T7189] bridge_slave_1: left promiscuous mode [ 924.951889][ T7189] bridge0: port 2(bridge_slave_1) entered disabled state [ 924.995157][ T7189] bond0: (slave bond_slave_0): Releasing backup interface [ 925.044324][ T7189] bond0: (slave bond_slave_1): Releasing backup interface [ 925.096858][ T7189] team0: Port device team_slave_0 removed [ 925.135735][ T7189] team0: Port device team_slave_1 removed [ 925.168282][ T7189] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 925.223565][ T7189] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 925.272499][ T7189] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 925.297776][ T7189] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 925.364179][ T6648] usbtouchscreen 4-1:0.117: probe with driver usbtouchscreen failed with error -71 [ 925.403614][ T6648] usb 4-1: USB disconnect, device number 109 [ 925.526930][ T7191] loop5: detected capacity change from 0 to 32768 [ 925.547743][ T7191] ERROR: (device loop5): dbAlloc: the hint is outside the map [ 925.547743][ T7191] [ 925.615862][ T7191] ERROR: (device loop5): remounting filesystem as read-only [ 925.623224][ T7191] ialloc: diAlloc returned -5! [ 925.702635][ T7233] loop7: detected capacity change from 0 to 1024 [ 925.805969][ T7242] loop0: detected capacity change from 0 to 764 [ 926.257308][ T6648] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 926.463805][ T6648] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 926.482597][ T7280] loop5: detected capacity change from 0 to 164 [ 926.492739][ T6648] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 926.510644][ T7281] loop0: detected capacity change from 0 to 1024 [ 926.540457][ T6648] usb 5-1: Product: syz [ 926.557031][ T7280] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 926.569459][ T6648] usb 5-1: Manufacturer: syz [ 926.588381][ T7281] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 926.599399][ T6648] usb 5-1: SerialNumber: syz [ 926.678037][ T6648] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 926.723529][ T7299] netlink: 830 bytes leftover after parsing attributes in process `syz.3.10477'. [ 926.796012][ T5893] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 926.849831][ T5825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 927.336030][T16647] usb 5-1: USB disconnect, device number 3 [ 927.540107][ T7346] loop0: detected capacity change from 0 to 256 [ 927.575978][ T7349] openvswitch: netlink: IP tunnel dst address not specified [ 927.598832][ T7352] loop3: detected capacity change from 0 to 256 [ 927.764707][ T7352] FAT-fs (loop3): Directory bread(block 64) failed [ 927.771277][ T7352] FAT-fs (loop3): Directory bread(block 65) failed [ 927.860806][ T7367] xt_CT: You must specify a L4 protocol and not use inversions on it [ 927.860864][ T7352] FAT-fs (loop3): Directory bread(block 66) failed [ 927.915557][ T5893] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 927.923199][ T7364] netlink: 'syz.7.10494': attribute type 30 has an invalid length. [ 927.926010][ T7352] FAT-fs (loop3): Directory bread(block 67) failed [ 927.952570][ T7352] FAT-fs (loop3): Directory bread(block 68) failed [ 927.966413][ T5893] ath9k_htc: Failed to initialize the device [ 927.979978][ T7352] FAT-fs (loop3): Directory bread(block 69) failed [ 927.997775][ T7352] FAT-fs (loop3): Directory bread(block 70) failed [ 928.016685][T16647] usb 5-1: ath9k_htc: USB layer deinitialized [ 928.032399][ T7352] FAT-fs (loop3): Directory bread(block 71) failed [ 928.065788][ T7352] FAT-fs (loop3): Directory bread(block 72) failed [ 928.096011][ T7352] FAT-fs (loop3): Directory bread(block 73) failed [ 928.144471][ T7382] netlink: 'syz.4.10498': attribute type 6 has an invalid length. [ 928.204701][ T7389] loop7: detected capacity change from 0 to 64 [ 928.238475][ T7389] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 928.291080][ T7392] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 928.359773][ T7392] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 928.424172][ T7402] netlink: 'syz.4.10504': attribute type 3 has an invalid length. [ 928.432596][ T7392] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 928.452946][ T7402] netlink: 'syz.4.10504': attribute type 27 has an invalid length. [ 928.479267][ T7392] exFAT-fs (loop0): failed to load alloc-bitmap [ 928.514574][ T7392] exFAT-fs (loop0): failed to recognize exfat type [ 928.737415][ T5893] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 928.768677][ T7424] EXT4-fs: inline encryption not supported [ 928.776099][ T7424] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 928.797607][ T7427] bond2: option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0) [ 928.852075][ T7424] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 2: comm syz.4.10508: lblock 2 mapped to illegal pblock 2 (length 1) [ 928.873620][ T7427] bond2 (unregistering): Released all slaves [ 928.919347][ T5893] usb 7-1: Using ep0 maxpacket: 8 [ 928.929284][ T5893] usb 7-1: config 7 has an invalid interface number: 143 but max is 1 [ 928.947215][ T5893] usb 7-1: config 7 has an invalid interface number: 217 but max is 1 [ 928.962044][ T5893] usb 7-1: config 7 has an invalid descriptor of length 121, skipping remainder of the config [ 928.962097][ T7424] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 928.985711][ T5893] usb 7-1: config 7 has no interface number 0 [ 929.031703][ T5893] usb 7-1: config 7 has no interface number 1 [ 929.041622][ T7424] EXT4-fs (loop4): Remounting filesystem read-only [ 929.047393][ T5893] usb 7-1: too many endpoints for config 7 interface 217 altsetting 0: 255, using maximum allowed: 30 [ 929.048321][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 929.065655][ C1] EXT4-fs (loop4): initial error at time 1774000674: ext4_map_blocks:776: inode 3: block 2 [ 929.073571][ T5893] usb 7-1: config 7 interface 217 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 929.075755][ C1] EXT4-fs (loop4): last error at time 1774000674: ext4_map_blocks:776: inode 3: block 2 [ 929.135817][ T7424] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 929.156514][ T5893] usb 7-1: config 7 interface 143 has no altsetting 0 [ 929.187594][ T7424] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 929.205164][ T5893] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=ba.35 [ 929.238776][ T5893] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 929.251181][ T7424] EXT4-fs (loop4): 1 orphan inode deleted [ 929.276096][ T5893] usb 7-1: Product: syz [ 929.280303][ T5893] usb 7-1: Manufacturer: syz [ 929.289124][ T7424] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 929.301868][ T5893] usb 7-1: SerialNumber: syz [ 929.349290][ T7424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 929.519746][ T7529] set_capacity_and_notify: 3 callbacks suppressed [ 929.519777][ T7529] loop0: detected capacity change from 0 to 164 [ 929.593837][ T5893] qmi_wwan 7-1:7.143: probe with driver qmi_wwan failed with error -22 [ 929.645290][ T5893] usb 7-1: Could not set interface, error -71 [ 929.694235][ T5893] usb 7-1: USB disconnect, device number 5 [ 929.960517][ T7562] overlay: Unknown parameter '\' [ 930.212700][ T5893] usb 4-1: new high-speed USB device number 110 using dummy_hcd [ 930.394966][ T5893] usb 4-1: Using ep0 maxpacket: 8 [ 930.420591][ T5893] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 930.423810][ T7591] loop6: detected capacity change from 0 to 764 [ 930.432020][ T7594] loop0: detected capacity change from 0 to 64 [ 930.455229][ T5893] usb 4-1: New USB device found, idVendor=0bc3, idProduct=0001, bcdDevice=11.85 [ 930.494367][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 930.517911][ T5893] usb 4-1: Product: syz [ 930.528887][ T5893] usb 4-1: Manufacturer: syz [ 930.548800][ T5893] usb 4-1: SerialNumber: syz [ 930.562186][ T7591] rock: directory entry would overflow storage [ 930.576278][ T7591] rock: sig=0x4654, size=5, remaining=4 [ 930.594773][ T5893] usb 4-1: config 0 descriptor?? [ 930.637208][ T7550] loop5: detected capacity change from 0 to 32768 [ 930.643166][ T5893] ipw 4-1:0.0: IPWireless converter converter detected [ 930.654707][ T7550] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.10523 (7550) [ 930.752755][ T7550] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 930.794550][ T7550] BTRFS info (device loop5): using xxhash64 checksum algorithm [ 930.828739][ T7550] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 930.891963][ T5893] usb 4-1: USB disconnect, device number 110 [ 930.966531][ T5893] ipw 4-1:0.0: device disconnected [ 931.119570][ T7654] Cannot find del_set index 4 as target [ 931.125523][ T7550] BTRFS info (device loop5): rebuilding free space tree [ 931.228454][ T7550] BTRFS info (device loop5): disabling free space tree [ 931.257270][ T7550] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 931.267472][ T7645] loop6: detected capacity change from 0 to 4096 [ 931.292739][ T7550] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 931.348652][ T7550] BTRFS info (device loop5): allowing degraded mounts [ 931.377420][ T7550] BTRFS info (device loop5): enabling ssd optimizations [ 931.399063][ T7550] BTRFS info (device loop5): turning on async discard [ 931.444614][ T7645] ntfs3(loop6): ino=1f, mi_enum_attr [ 931.450599][ T7645] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 931.454358][ T7550] BTRFS info (device loop5): enabling disk space caching [ 931.507744][ T7550] BTRFS info (device loop5): force clearing of disk cache [ 931.579971][ T7550] BTRFS info (device loop5): use zlib compression, level 3 [ 931.684213][ T7677] netlink: 'syz.7.10551': attribute type 3 has an invalid length. [ 931.853597][ T7687] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10554'. [ 931.903409][ T7687] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 931.916253][ T5831] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 931.957821][ T7691] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 932.695453][ T7733] loop7: detected capacity change from 0 to 512 [ 932.794067][ T7733] EXT4-fs warning (device loop7): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 932.885364][ T7733] EXT4-fs warning (device loop7): dx_probe:849: Enable large directory feature to access it [ 932.901434][ T7733] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.10567: Corrupt directory, running e2fsck is recommended [ 932.971212][ T7733] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117 [ 932.991523][ T7733] EXT4-fs error (device loop7): ext4_iget_extra_inode:5025: inode #15: comm syz.7.10567: corrupted in-inode xattr: invalid ea_ino [ 933.047143][ T7733] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 933.047651][ T7733] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.10567: couldn't read orphan inode 15 (err -117) [ 933.056884][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 933.056911][ C0] EXT4-fs (loop7): initial error at time 1774000677: ext4_iget_extra_inode:5025: inode 15 [ 933.056959][ C0] EXT4-fs (loop7): last error at time 1774000677: ext4_iget_extra_inode:5025: inode 15 [ 933.135429][ T30] audit: type=1326 audit(1774000677.931:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7753 comm="syz.6.10574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 933.146720][ T7739] loop3: detected capacity change from 0 to 4096 [ 933.194296][ T7733] loop7: lost filesystem error report for type 5 error -117 [ 933.198471][ T7733] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 933.242122][ T30] audit: type=1326 audit(1774000677.950:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7753 comm="syz.6.10574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 933.271597][ T7739] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 933.358120][ T30] audit: type=1326 audit(1774000677.959:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7753 comm="syz.6.10574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 933.459823][ T30] audit: type=1326 audit(1774000677.959:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7753 comm="syz.6.10574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 933.502925][ T7733] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 933.734547][ T3942] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 934.221860][ T5893] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 934.378081][ T7807] loop3: detected capacity change from 0 to 16 [ 934.411078][ T5893] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 934.437419][ T5893] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 934.450273][ T7772] loop6: detected capacity change from 0 to 32768 [ 934.456539][ T5893] usb 8-1: Product: syz [ 934.467528][ T7807] erofs (device loop3): mounted with root inode @ nid 36. [ 934.489002][ T5893] usb 8-1: Manufacturer: syz [ 934.489480][ T7772] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.10578 (7772) [ 934.522265][ T5893] usb 8-1: SerialNumber: syz [ 934.533857][T22251] erofs (device loop3): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 9000 [ 934.551822][ T7807] erofs (device loop3): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 9000 [ 934.586235][ T5893] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 934.618742][ T7772] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 934.641641][ T7807] erofs (device loop3): read error -117 @ 2 of nid 89 [ 934.651009][ T6648] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 934.670851][ T30] audit: type=1800 audit(1774000679.334:2737): pid=7807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.10588" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 934.701874][ T7772] BTRFS info (device loop6): using sha256 checksum algorithm [ 934.897883][ T7778] loop0: detected capacity change from 0 to 32768 [ 934.926507][ T7772] BTRFS info (device loop6): enabling ssd optimizations [ 934.969213][ T7772] BTRFS info (device loop6): turning on async discard [ 935.021814][ T7778] JBD2: Ignoring recovery information on journal [ 935.029781][ T7772] BTRFS info (device loop6): enabling free space tree [ 935.201168][T16647] usb 8-1: USB disconnect, device number 3 [ 935.262902][ T7778] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode. [ 935.291348][ T7855] loop5: detected capacity change from 0 to 8 [ 935.350883][ T7855] SQUASHFS error: Failed to read block 0x71: -5 [ 935.375539][ T2260] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 935.404411][ T30] audit: type=1800 audit(1774000680.036:2738): pid=7855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.10593" name="file0" dev="loop5" ino=1 res=0 errno=0 [ 935.447014][ T7778] ocfs2: Unmounting device (7,0) on (node local) [ 935.803853][ T6648] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive [ 935.843433][ T6648] ath9k_htc: Failed to initialize the device [ 935.900423][T16647] usb 8-1: ath9k_htc: USB layer deinitialized [ 936.054584][ T7895] netlink: 'syz.7.10602': attribute type 303 has an invalid length. [ 936.147171][ T7901] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10605'. [ 936.253703][ T7903] loop0: detected capacity change from 0 to 256 [ 936.437289][ T7903] FAT-fs (loop0): Directory bread(block 64) failed [ 936.476906][ T7903] FAT-fs (loop0): Directory bread(block 65) failed [ 936.514571][ T7903] FAT-fs (loop0): Directory bread(block 66) failed [ 936.574050][ T7903] FAT-fs (loop0): Directory bread(block 67) failed [ 936.611780][ T7903] FAT-fs (loop0): Directory bread(block 68) failed [ 936.651921][ T7903] FAT-fs (loop0): Directory bread(block 69) failed [ 936.658609][ T7903] FAT-fs (loop0): Directory bread(block 70) failed [ 936.691933][ T7925] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 936.759185][ T7903] FAT-fs (loop0): Directory bread(block 71) failed [ 936.765849][ T7903] FAT-fs (loop0): Directory bread(block 72) failed [ 936.852079][ T7903] FAT-fs (loop0): Directory bread(block 73) failed [ 937.145236][ T7877] loop4: detected capacity change from 0 to 32768 [ 937.406349][ T7946] loop5: detected capacity change from 0 to 4096 [ 937.464688][ T7946] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 937.777097][ T7974] 8021q: adding VLAN 0 to HW filter on device bond0 [ 937.826838][ T7983] IPv6: NLM_F_CREATE should be specified when creating new route [ 937.893015][ T7987] netlink: 'syz.6.10630': attribute type 10 has an invalid length. [ 937.893689][ T7974] bond0: (slave rose0): Enslaving as an active interface with an up link [ 937.911259][ T7983] netlink: 'syz.3.10628': attribute type 1 has an invalid length. [ 938.153681][ T7999] loop7: detected capacity change from 0 to 512 [ 938.199143][ T7999] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 938.259271][ T8008] openvswitch: netlink: ct_state flags 010000e0 unsupported [ 938.280380][ T7999] EXT4-fs (loop7): blocks per group (42) and clusters per group (32768) inconsistent [ 939.414512][ T8072] xt_nat: multiple ranges no longer supported [ 939.616981][ T8001] loop4: detected capacity change from 0 to 32768 [ 939.717963][ T8001] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 939.850897][ T8001] XFS (loop4): Ending clean mount [ 939.921674][ T8001] XFS (loop4): Corruption warning: Metadata has LSN (2:16) ahead of current LSN (1:112). Please unmount and run xfs_repair (>= v4.3) to resolve. [ 939.984123][ T8001] XFS (loop4): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xe0, xfs_finobt block 0x20 [ 940.067875][ T8001] XFS (loop4): Unmount and run xfs_repair [ 940.145613][ T8001] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 940.153051][ T8001] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff FIB3............ [ 940.224632][ T8001] 00000010: 00 00 00 00 00 00 00 20 00 00 00 02 00 00 00 10 ....... ........ [ 940.277354][ T8001] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 940.319847][ T8001] 00000030: 00 00 00 00 ca b4 20 ce 00 00 11 40 00 00 40 37 ...... ....@..@7 [ 940.365285][ T8001] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 940.424507][ T8001] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 940.490521][ T8001] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 940.525773][ T8001] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 940.578674][ T8001] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x20 len 8 error 74 [ 940.631096][ T8001] loop4: lost filesystem error report for type 5 error -117 [ 940.631255][ T8001] XFS (loop4): Failed to initialize disk quotas, err -117. [ 940.892405][ T5823] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 940.917390][ T5823] XFS (loop4): Uncorrected metadata errors detected; please run xfs_repair. [ 941.231836][ T8188] netlink: 392 bytes leftover after parsing attributes in process `syz.3.10683'. [ 941.524370][ T8208] loop5: detected capacity change from 0 to 1024 [ 941.564699][ T8208] EXT4-fs: Ignoring removed nomblk_io_submit option [ 941.585338][ T8214] netlink: 'syz.7.10689': attribute type 2 has an invalid length. [ 941.603462][ T8208] EXT4-fs: Ignoring removed nomblk_io_submit option [ 941.680219][ T8208] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 941.690485][T16643] usb 1-1: new high-speed USB device number 110 using dummy_hcd [ 941.787922][ T8208] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 941.878366][ T8226] netlink: 'syz.6.10691': attribute type 7 has an invalid length. [ 941.886263][ T8226] netlink: 'syz.6.10691': attribute type 5 has an invalid length. [ 941.911083][T16643] usb 1-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64 [ 941.926279][T16643] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 941.947298][ T8226] netlink: 17 bytes leftover after parsing attributes in process `syz.6.10691'. [ 941.967005][T16643] usb 1-1: Product: syz [ 941.982561][T16643] usb 1-1: Manufacturer: syz [ 942.022554][T16643] usb 1-1: SerialNumber: syz [ 942.031680][T16643] usb 1-1: config 0 descriptor?? [ 942.038149][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 942.070066][T16643] hub 1-1:0.0: bad descriptor, ignoring hub [ 942.097971][T16643] hub 1-1:0.0: probe with driver hub failed with error -5 [ 942.150551][T16643] f81232 1-1:0.0: f81534a converter detected [ 942.267678][ T8249] netlink: 14 bytes leftover after parsing attributes in process `syz.7.10697'. [ 942.296157][T16643] usb 1-1: f81534a converter now attached to ttyUSB0 [ 942.341521][ T8261] loop3: detected capacity change from 0 to 16 [ 942.402217][ T8261] erofs (device loop3): mounted with root inode @ nid 36. [ 942.459874][ T8261] erofs (device loop3): inline data across blocks @ nid 86 [ 942.544771][ T8261] erofs (device loop3): inline data across blocks @ nid 86 [ 942.545389][ T8249] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 942.582685][ T30] audit: type=1800 audit(1774000686.771:2739): pid=8261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.10700" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 942.620049][ T8249] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 942.637790][ T10] usb 1-1: USB disconnect, device number 110 [ 942.664239][ T8249] bond0 (unregistering): Released all slaves [ 942.695715][ T10] f81534a ttyUSB0: f81534a converter now disconnected from ttyUSB0 [ 942.747964][ T10] f81232 1-1:0.0: device disconnected [ 942.947671][ T30] audit: type=1326 audit(1774000687.108:2740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8329 comm="syz.6.10705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 943.001058][ T8278] bond2: option updelay: invalid value (18446744072924056005) [ 943.067096][ T8278] bond2: option updelay: allowed values 0 - 2147483647 [ 943.073468][ T30] audit: type=1326 audit(1774000687.164:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8329 comm="syz.6.10705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 943.114602][ T8278] bond2 (unregistering): Released all slaves [ 943.190744][ T30] audit: type=1326 audit(1774000687.164:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8329 comm="syz.6.10705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 943.292718][ T30] audit: type=1326 audit(1774000687.164:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8329 comm="syz.6.10705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 943.478625][ T8383] loop4: detected capacity change from 0 to 4096 [ 944.150639][ T8437] netlink: 16 bytes leftover after parsing attributes in process `syz.7.10723'. [ 944.186244][ T8436] netlink: 'syz.3.10722': attribute type 4 has an invalid length. [ 944.533873][ T8456] overlayfs: missing 'workdir' [ 944.998408][ T8478] loop5: detected capacity change from 0 to 4096 [ 945.028180][ T8478] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 945.093549][ T8478] ntfs3(loop5): ino=3, mi_enum_attr [ 945.682179][ T8529] loop0: detected capacity change from 0 to 16 [ 945.726479][ T8521] loop3: detected capacity change from 0 to 4096 [ 945.734673][ T8529] erofs (device loop0): mounted with root inode @ nid 36. [ 945.736021][ T8521] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 945.801601][ T8529] syz.0.10753: attempt to access beyond end of device [ 945.801601][ T8529] loop0: rw=8388608, sector=32883343352, nr_sectors = 8 limit=16 [ 946.557236][ T8577] tmpfs: Bad value for 'mpol' [ 946.753558][ T8527] loop7: detected capacity change from 0 to 32768 [ 946.787010][ T8527] (syz.7.10752,8527,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 946.849819][ T8527] (syz.7.10752,8527,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 946.990554][ T8527] JBD2: Ignoring recovery information on journal [ 947.035611][ T8594] netlink: 32 bytes leftover after parsing attributes in process `syz.6.10771'. [ 947.085265][ T8595] openvswitch: netlink: VXLAN extension message has 16 unknown bytes. [ 947.106529][ T8527] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 947.114693][ T8594] netlink: 32 bytes leftover after parsing attributes in process `syz.6.10771'. [ 947.177291][ T8560] loop0: detected capacity change from 0 to 32768 [ 947.190846][ T8527] (syz.7.10752,8527,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 947.232240][ T8599] netlink: 'syz.4.10772': attribute type 2 has an invalid length. [ 947.289906][ T8599] netlink: 'syz.4.10772': attribute type 1 has an invalid length. [ 947.462869][ T8527] (syz.7.10752,8527,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC. [ 947.504726][ T8527] (syz.7.10752,8527,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c [ 947.659774][ T8527] (syz.7.10752,8527,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 947.700808][ T8527] (syz.7.10752,8527,1):ocfs2_quota_read:201 ERROR: status = -5 [ 947.730461][ T8527] Quota error (device loop7): qtree_write_dquot: Error -5 occurred while creating quota [ 947.788313][ T8527] (syz.7.10752,8527,1):ocfs2_acquire_dquot:890 ERROR: status = -5 [ 948.031639][ T8573] loop5: detected capacity change from 0 to 40427 [ 948.067053][ T8573] F2FS-fs: heap/no_heap options were deprecated [ 948.082135][ T3942] ocfs2: Unmounting device (7,7) on (node local) [ 948.133624][ T8573] F2FS-fs (loop5): build fault injection rate: 16 [ 948.140120][ T8573] F2FS-fs (loop5): build fault injection type: 0x3bfe8c [ 948.203763][ T8573] F2FS-fs (loop5): invalid crc value [ 948.235303][ T8573] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of build_sit_entries+0x26c/0x1f10 [ 948.314790][ C1] F2FS-fs (loop5): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60 [ 948.343999][ T8641] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 948.640373][ T8573] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 948.692162][ T8573] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 948.769836][ T8573] F2FS-fs (loop5): inject dquot initialize in f2fs_dquot_initialize of f2fs_mkdir+0x181/0x600 [ 948.868118][ T30] audit: type=1400 audit(1774000692.636:2744): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=8664 comm="syz.7.10782" [ 949.158318][ T8679] loop0: detected capacity change from 0 to 22 [ 949.200161][ T8679] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 949.231377][ T8679] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 949.394607][ T8690] sit0: entered promiscuous mode [ 949.459874][ T8690] netlink: 'syz.7.10798': attribute type 1 has an invalid length. [ 949.520087][ T8690] netlink: 1 bytes leftover after parsing attributes in process `syz.7.10798'. [ 949.664972][ T8700] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10800'. [ 950.544943][ T8749] xt_TCPMSS: Only works on TCP SYN packets [ 950.860469][ T8715] loop4: detected capacity change from 0 to 32768 [ 950.924612][ T8765] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10820'. [ 950.954474][ T8715] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 951.039511][ T8715] XFS (loop4): Ending clean mount [ 951.065028][ T8715] XFS (loop4): Quotacheck needed: Please wait. [ 951.272161][ T8715] XFS (loop4): Quotacheck: Done. [ 951.314426][ T8784] loop0: detected capacity change from 0 to 512 [ 951.360462][ T8789] netlink: 12 bytes leftover after parsing attributes in process `syz.7.10825'. [ 951.376559][ T8784] EXT4-fs: Ignoring removed nomblk_io_submit option [ 951.505286][ T8794] netlink: 'syz.7.10827': attribute type 10 has an invalid length. [ 951.523205][ T5823] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 951.539098][ T8784] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 951.552870][ T8739] loop5: detected capacity change from 0 to 32768 [ 951.580771][ T8794] team0: Device veth1_vlan failed to register rx_handler [ 951.600176][ T8784] ext4 filesystem being mounted at /1863/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 951.613528][ T8739] (syz.5.10812,8739,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 951.747835][ T8739] (syz.5.10812,8739,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 951.858931][ T8739] JBD2: Ignoring recovery information on journal [ 951.953488][ T8739] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 951.988429][ T8739] (syz.5.10812,8739,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 952.028287][ T5825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 952.186029][ T8739] (syz.5.10812,8739,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 952.287466][ T8739] (syz.5.10812,8739,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC. [ 952.353259][ T8739] (syz.5.10812,8739,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c [ 952.459376][ T8739] (syz.5.10812,8739,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 952.494383][ T8730] loop3: detected capacity change from 0 to 32768 [ 952.496915][ T8739] (syz.5.10812,8739,1):ocfs2_quota_read:201 ERROR: status = -5 [ 952.556021][ T8739] Quota error (device loop5): find_block_dqentry: Can't read quota tree block 6 [ 952.609084][ T8730] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.10808 (8730) [ 952.622063][ T8739] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 952.654891][ T8739] (syz.5.10812,8739,1):ocfs2_acquire_dquot:890 ERROR: status = -5 [ 952.707547][ T8739] (syz.5.10812,8739,1):ocfs2_mknod:318 ERROR: status = -5 [ 952.760267][ T8739] (syz.5.10812,8739,1):ocfs2_mknod:506 ERROR: status = -5 [ 952.835511][ T8739] (syz.5.10812,8739,1):ocfs2_mkdir:662 ERROR: status = -5 [ 952.883644][ T8730] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 953.032479][ T8730] BTRFS info (device loop3): using sha256 checksum algorithm [ 953.222862][ T5831] ocfs2: Unmounting device (7,5) on (node local) [ 953.319068][ T8730] BTRFS info (device loop3): enabling ssd optimizations [ 953.406138][ T8730] BTRFS info (device loop3): turning on async discard [ 953.468011][ T8875] netlink: 'syz.6.10842': attribute type 23 has an invalid length. [ 953.494003][ T8730] BTRFS info (device loop3): enabling free space tree [ 953.569754][ T8878] loop7: detected capacity change from 0 to 1764 [ 953.640751][ T8878] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 953.872473][ T5832] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 953.963357][ T8886] loop0: detected capacity change from 0 to 4096 [ 954.042156][ T8886] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 954.106263][ T8886] ntfs3(loop0): ino=3, mi_enum_attr [ 954.183948][ T8900] loop6: detected capacity change from 0 to 1024 [ 954.454784][ T8900] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 954.530939][ T8886] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 954.559231][ T8900] EXT4-fs warning (device loop6): ext4_empty_dir:3097: inode #11: comm syz.6.10849: directory missing '..' [ 954.611090][ T8886] ntfs3(loop0): Failed to load $Extend (-22). [ 954.634414][ T8886] ntfs3(loop0): Failed to initialize $Extend. [ 954.666355][ T8912] loop7: detected capacity change from 0 to 64 [ 954.695646][ T2260] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 954.740488][ T8914] loop4: detected capacity change from 0 to 512 [ 954.792922][ T8914] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 954.926620][ T8914] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4222: comm syz.4.10852: Allocating blocks 41-42 which overlap fs metadata [ 955.079583][ T8914] loop4: lost filesystem error report for type 5 error -117 [ 955.089681][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 955.103882][ C0] EXT4-fs (loop4): initial error at time 1774000698: ext4_mb_mark_diskspace_used:4222 [ 955.113643][ C0] EXT4-fs (loop4): last error at time 1774000698: ext4_mb_mark_diskspace_used:4222 [ 955.144147][ T8914] EXT4-fs (loop4): Remounting filesystem read-only [ 955.164763][ T8914] Quota error (device loop4): write_blk: dquota write failed [ 955.172201][ T8914] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 955.184038][ T8914] Quota error (device loop4): write_blk: dquota write failed [ 955.262594][ T8914] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 955.305947][ T8914] EXT4-fs (loop4): 1 truncate cleaned up [ 955.306674][T16628] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 955.337883][ T8914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 955.471284][ T8951] netlink: 'syz.3.10858': attribute type 2 has an invalid length. [ 955.572144][T16628] usb 7-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 955.606549][T16628] usb 7-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 955.659626][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 955.672061][T16628] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 955.749491][T16628] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 956.800196][ T30] audit: type=1326 audit(1774000700.054:2745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9020 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 956.907389][ T30] audit: type=1326 audit(1774000700.100:2746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9020 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 956.951674][T16628] stv0680 7-1:4.0: STV(e): camera ping failed!! [ 957.014252][ T30] audit: type=1326 audit(1774000700.100:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9020 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 957.110838][ T30] audit: type=1326 audit(1774000700.119:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9020 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 957.169487][T16628] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 957.196360][T16628] stv0680 7-1:4.0: last error: 86, command = 0x3 [ 957.203493][ T30] audit: type=1326 audit(1774000700.119:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9020 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 957.210392][ T9040] loop0: detected capacity change from 0 to 256 [ 957.248781][T16628] usb 7-1: USB disconnect, device number 6 [ 957.312334][ T30] audit: type=1326 audit(1774000700.119:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9020 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 957.341404][ T9040] exfat: Deprecated parameter 'utf8' [ 957.384437][ T9040] exfat: Deprecated parameter 'utf8' [ 957.442269][ T9056] netlink: 52 bytes leftover after parsing attributes in process `syz.3.10883'. [ 957.506792][ T9040] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 957.634200][T16647] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 957.654166][ T9004] loop7: detected capacity change from 0 to 32768 [ 957.709943][ T9004] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 957.826991][T16647] usb 5-1: Using ep0 maxpacket: 8 [ 957.846045][T16647] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 957.886203][ T9082] loop5: detected capacity change from 0 to 512 [ 957.901542][ T9004] XFS (loop7): Ending clean mount [ 957.927176][ T9004] XFS (loop7): Quotacheck needed: Please wait. [ 957.928725][T16647] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 957.954980][ T9082] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 958.010236][T16647] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 958.018293][T16647] usb 5-1: Product: syz [ 958.039233][ T9082] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.10889: inode has both inline data and extents flags [ 958.051687][T16647] usb 5-1: Manufacturer: syz [ 958.072723][ T9082] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 958.072909][T16647] usb 5-1: SerialNumber: syz [ 958.087240][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 958.087266][ C1] EXT4-fs (loop5): initial error at time 1774000701: ext4_orphan_get:1391: inode 15 [ 958.087307][ C1] EXT4-fs (loop5): last error at time 1774000701: ext4_orphan_get:1391: inode 15 [ 958.131258][ T9082] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.10889: couldn't read orphan inode 15 (err -117) [ 958.176361][ T9004] XFS (loop7): Quotacheck: Done. [ 958.190590][ T9082] loop5: lost filesystem error report for type 5 error -117 [ 958.199502][ T9082] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 958.206723][T16647] usb 5-1: config 0 descriptor?? [ 958.228757][T16647] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 958.417930][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 958.439059][ T3942] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 958.488139][ T9112] loop3: detected capacity change from 0 to 64 [ 958.552324][T16647] gspca_zc3xx: reg_w_i err -71 [ 958.739260][ T9124] loop5: detected capacity change from 0 to 128 [ 958.758605][ T9124] EXT4-fs: Ignoring removed nomblk_io_submit option [ 958.835522][ T9124] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 958.917983][ T9124] ext4 filesystem being mounted at /1841/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 959.081325][ T5831] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 959.206995][T16647] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 959.213463][T16647] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 959.253964][T16647] usb 5-1: USB disconnect, device number 4 [ 959.494534][ T9161] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10906'. [ 959.672953][ T9171] loop3: detected capacity change from 0 to 128 [ 959.716850][ T9175] loop5: detected capacity change from 0 to 64 [ 959.814153][ T9175] Trying to free block not in datazone [ 959.821368][ T9183] netlink: 'syz.4.10912': attribute type 30 has an invalid length. [ 959.968873][ T9199] loop3: detected capacity change from 0 to 64 [ 960.072288][ T9220] loop6: detected capacity change from 0 to 128 [ 960.089374][ T9220] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 960.156881][ T9220] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 960.764472][ T9284] bond0: (slave nr0): Error: Device can not be enslaved while up [ 960.841893][ T9289] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 961.254672][ T9321] libceph: resolve '0' (ret=-3): failed [ 961.273059][ T9324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10945'. [ 961.311756][ T9324] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10945'. [ 961.361559][ T9330] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10950'. [ 961.497837][ T9342] loop3: detected capacity change from 0 to 256 [ 961.562213][ T9342] FAT-fs (loop3): Directory bread(block 64) failed [ 961.596946][ T9342] FAT-fs (loop3): Directory bread(block 65) failed [ 961.617477][ T9342] FAT-fs (loop3): Directory bread(block 66) failed [ 961.654399][ T9342] FAT-fs (loop3): Directory bread(block 67) failed [ 961.691305][ T9342] FAT-fs (loop3): Directory bread(block 68) failed [ 961.752421][ T9342] FAT-fs (loop3): Directory bread(block 69) failed [ 961.759095][ T9342] FAT-fs (loop3): Directory bread(block 70) failed [ 961.817910][ T9342] FAT-fs (loop3): Directory bread(block 71) failed [ 961.824587][ T9342] FAT-fs (loop3): Directory bread(block 72) failed [ 961.909436][ T9342] FAT-fs (loop3): Directory bread(block 73) failed [ 962.121826][ T9369] CIFS mount error: No usable UNC path provided in device string! [ 962.121826][ T9369] [ 962.184719][ T9369] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 962.353795][ T9379] loop4: detected capacity change from 0 to 164 [ 962.758553][ T9404] netlink: 'syz.0.10971': attribute type 1 has an invalid length. [ 963.436899][ T9378] loop5: detected capacity change from 0 to 32768 [ 963.494972][ T9378] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.10964 (9378) [ 963.543550][ T9446] loop0: detected capacity change from 0 to 512 [ 963.571654][ T9378] BTRFS info (device loop5): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 963.573074][ T9446] EXT4-fs: Ignoring removed oldalloc option [ 963.618460][ T9378] BTRFS info (device loop5): using crc32c checksum algorithm [ 963.629382][ T9446] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 963.663306][ T9378] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 963.691859][ T9454] netlink: 'syz.6.10985': attribute type 10 has an invalid length. [ 963.731497][ T9454] ipvlan1: entered promiscuous mode [ 963.740215][ T9446] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2856c018, mo2=0002] [ 963.768214][ T9454] team0: Device ipvlan1 failed to register rx_handler [ 963.774963][ T9446] System zones: 1-3, 19-19, 35-38 [ 963.816079][ T9446] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 963.839709][ T9420] loop7: detected capacity change from 0 to 32768 [ 963.887739][ T9446] ext4 filesystem being mounted at /1897/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 963.979896][ T9378] BTRFS info (device loop5): rebuilding free space tree [ 964.036632][ T9420] JBD2: Ignoring recovery information on journal [ 964.120135][ T9446] EXT4-fs error (device loop0): ext4_get_verity_descriptor_location:337: inode #15: comm syz.0.10984: verity file corrupted; can't find descriptor [ 964.165653][ T9378] BTRFS info (device loop5): disabling free space tree [ 964.195304][ T9420] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 964.197293][ T9491] loop4: detected capacity change from 0 to 512 [ 964.211672][ T9378] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 964.253201][ T9446] fs-verity (loop0, inode 15): Error -117 getting verity descriptor size [ 964.305415][ T9378] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 964.363725][ T9420] OCFS2: ERROR (device loop7): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 964.387653][ T9491] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 964.401386][ T9378] BTRFS info (device loop5): enabling ssd optimizations [ 964.408358][ T9378] BTRFS info (device loop5): turning on async discard [ 964.451784][ T9420] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 964.477241][ T9420] OCFS2: File system is now read-only. [ 964.478629][ T9491] ext4 filesystem being mounted at /1865/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 964.482754][ T9420] (syz.7.10976,9420,1):ocfs2_find_entry_dx:1058 ERROR: status = -30 [ 964.493622][ T9378] BTRFS info (device loop5): enabling disk space caching [ 964.561682][ T9378] BTRFS info (device loop5): force clearing of disk cache [ 964.571926][ T5825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 964.622960][ T9378] BTRFS info (device loop5): use zstd compression, level 3 [ 964.633943][ T9491] EXT4-fs error (device loop4): ext4_xattr_block_find:1879: inode #12: comm syz.4.10989: corrupted xattr block 6: invalid header [ 964.874664][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 964.886030][ T3942] ocfs2: Unmounting device (7,7) on (node local) [ 965.105776][ T5831] BTRFS info (device loop5): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 965.777392][ T9563] loop4: detected capacity change from 0 to 256 [ 965.810036][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 965.810055][ T30] audit: type=1326 audit(1774000708.491:2753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9565 comm="syz.6.11010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 965.881598][ T9563] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 965.911492][ T30] audit: type=1326 audit(1774000708.491:2754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9565 comm="syz.6.11010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 966.005082][ T30] audit: type=1326 audit(1774000708.519:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9565 comm="syz.6.11010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 966.044658][ T30] audit: type=1326 audit(1774000708.519:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9565 comm="syz.6.11010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 966.068706][ T30] audit: type=1326 audit(1774000708.519:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9565 comm="syz.6.11010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 966.425655][ T9600] netdevsim netdevsim6 netdevsim0: entered allmulticast mode [ 966.467434][ T9600] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 966.486015][ T9603] SET target dimension over the limit! [ 966.489488][ T9605] loop7: detected capacity change from 0 to 16 [ 966.548410][ T9605] erofs (device loop7): mounted with root inode @ nid 36. [ 966.796085][ T9623] netlink: 'syz.0.11027': attribute type 10 has an invalid length. [ 966.836209][ T9623] syz_tun: entered promiscuous mode [ 966.877518][ T9623] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 967.155613][ T9631] loop4: detected capacity change from 0 to 8192 [ 967.215028][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.255887][ T9631] FAT-fs (loop4): Filesystem has been set read-only [ 967.271233][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.293209][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.310318][T16647] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 967.340406][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.388668][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.412069][ T9660] trusted_key: encrypted_key: master key parameter 'u' is invalid [ 967.434033][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.479237][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.487206][ T9663] loop6: detected capacity change from 0 to 128 [ 967.517371][T16647] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 967.523675][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.551652][T16647] usb 8-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 967.581145][T16647] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 967.596620][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.641105][T16647] usb 8-1: config 0 descriptor?? [ 967.652051][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.660699][ T9631] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 967.715452][T16647] hdpvr 8-1:0.0: Could not find bulk-in endpoint [ 967.751003][T16647] hdpvr 8-1:0.0: probe with driver hdpvr failed with error -12 [ 967.760382][ T30] audit: type=1800 audit(1774000710.306:2758): pid=9631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.11031" name="file2" dev="loop4" ino=1048723 res=0 errno=0 [ 967.902795][ T10] usb 8-1: USB disconnect, device number 4 [ 967.991653][ T9635] loop3: detected capacity change from 0 to 32768 [ 968.065805][ T9635] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.11032 (9635) [ 968.169620][ T9635] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 968.224339][ T9635] BTRFS info (device loop3): using sha256 checksum algorithm [ 968.478004][ T9635] BTRFS info (device loop3): enabling ssd optimizations [ 968.525959][ T9739] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 968.535584][ T9635] BTRFS info (device loop3): turning on async discard [ 968.624227][ T9635] BTRFS info (device loop3): enabling free space tree [ 968.855180][ T5832] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 969.249996][ T9769] loop6: detected capacity change from 0 to 1024 [ 969.364860][ T9779] netlink: 276 bytes leftover after parsing attributes in process `syz.5.11067'. [ 969.393277][ T9769] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 969.538788][ T9769] EXT4-fs error (device loop6): ext4_xattr_inode_iget:441: inode #11: comm syz.6.11065: missing EA_INODE flag [ 969.542113][ T9770] loop3: detected capacity change from 0 to 4096 [ 969.615337][ T9769] EXT4-fs (loop6): Remounting filesystem read-only [ 969.639495][ T9791] loop4: detected capacity change from 0 to 256 [ 969.661152][ T9770] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 969.711468][ T9770] ntfs3(loop3): ino=19, mi_enum_attr [ 969.716995][ T9770] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 969.784468][ T9791] exfat: Deprecated parameter 'namecase' [ 969.804301][ T9791] exfat: Deprecated parameter 'utf8' [ 969.860944][ T9706] loop0: detected capacity change from 0 to 32768 [ 969.900553][ T9791] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 969.919156][ T2260] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 970.002237][ T9706] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 970.352106][ T9706] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 970.391772][ T9833] loop5: detected capacity change from 0 to 256 [ 970.398897][ T9834] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11079'. [ 970.460299][ T9833] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe39e9277, utbl_chksum : 0x7319d30d) [ 970.535649][ T9706] XFS (loop0): Starting recovery (logdev: internal) [ 970.556779][ T9834] bond2 (unregistering): Released all slaves [ 970.641088][ T9706] XFS (loop0): Ending recovery (logdev: internal) [ 970.852273][ T5825] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 970.999257][ T9920] netlink: 68 bytes leftover after parsing attributes in process `syz.4.11082'. [ 971.356945][ T9939] loop5: detected capacity change from 0 to 64 [ 971.543670][ T9950] netlink: 'syz.4.11093': attribute type 21 has an invalid length. [ 971.576173][ T9950] netlink: 128 bytes leftover after parsing attributes in process `syz.4.11093'. [ 971.619237][ T9950] netlink: 3 bytes leftover after parsing attributes in process `syz.4.11093'. [ 971.628815][ T9819] loop7: detected capacity change from 0 to 32768 [ 971.760612][ T9958] netlink: 'syz.5.11094': attribute type 1 has an invalid length. [ 971.950976][ T9967] ipt_ECN: cannot use operation on non-tcp rule [ 972.364189][ T9990] netlink: 'syz.0.11104': attribute type 3 has an invalid length. [ 972.425400][ T9990] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11104'. [ 972.451733][T16628] hid-generic FFF7:FFFF:0009.0001: hidraw0: HID v0.09 Device [syz1] on syz1 [ 972.629822][ T9949] loop3: detected capacity change from 0 to 32768 [ 972.753100][ T5892] loop3: p1 p3 < p5 p6 p7 > [ 972.768028][ T9999] fido_id[9999]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 972.875142][ T9949] loop3: p1 p3 < p5 p6 p7 > [ 973.013330][T10044] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11113'. [ 973.327664][T10060] netlink: 'syz.0.11117': attribute type 40 has an invalid length. [ 973.942306][T10098] binfmt_misc: register: failed to install interpreter file ./file0 [ 974.118821][T10103] bond2: option lp_interval: invalid value (18446744073709551613) [ 974.204678][T10103] bond2: option lp_interval: allowed values 1 - 2147483647 [ 974.233203][T10145] netlink: 36 bytes leftover after parsing attributes in process `syz.0.11134'. [ 974.261203][T10103] bond2 (unregistering): Released all slaves [ 974.311097][T10145] netlink: 32 bytes leftover after parsing attributes in process `syz.0.11134'. [ 974.507842][ T5894] udevd[5894]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 974.508019][ T5892] udevd[5892]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 974.532395][T10197] loop5: detected capacity change from 0 to 256 [ 974.540060][ T6862] udevd[6862]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 974.540773][ T6736] udevd[6736]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 974.554313][ T6009] udevd[6009]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory [ 974.601362][T10197] exfat: Deprecated parameter 'utf8' [ 974.689908][T10197] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 975.323966][ T5893] usb 6-1: new high-speed USB device number 110 using dummy_hcd [ 975.541571][ T5893] usb 6-1: Using ep0 maxpacket: 8 [ 975.561528][ T5893] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 975.586215][T10254] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11159'. [ 975.597407][ T5893] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 975.684008][ T5893] usb 6-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 975.719686][ T5893] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 975.747798][ T5893] usb 6-1: Product: syz [ 975.767027][ T5893] usb 6-1: Manufacturer: syz [ 975.787206][ T5893] usb 6-1: SerialNumber: syz [ 975.815269][ T5893] usb 6-1: config 0 descriptor?? [ 976.349424][ T6648] usb 6-1: USB disconnect, device number 110 [ 976.539240][T10200] syz.0.11142 (10200): drop_caches: 2 [ 977.229829][T10359] netlink: 20 bytes leftover after parsing attributes in process `syz.6.11187'. [ 977.661992][ T30] audit: type=1326 audit(1774000719.575:2759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.0.11197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 977.677716][T10393] loop5: detected capacity change from 0 to 256 [ 977.787010][ T30] audit: type=1326 audit(1774000719.575:2760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.0.11197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 977.850067][ T30] audit: type=1326 audit(1774000719.575:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.0.11197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 977.886166][T10393] FAT-fs (loop5): Directory bread(block 64) failed [ 977.934306][T10393] FAT-fs (loop5): Directory bread(block 65) failed [ 977.952285][T10393] FAT-fs (loop5): Directory bread(block 66) failed [ 977.974766][T10393] FAT-fs (loop5): Directory bread(block 67) failed [ 977.981688][ T30] audit: type=1326 audit(1774000719.613:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.0.11197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 977.981746][ T30] audit: type=1326 audit(1774000719.613:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.0.11197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 977.981796][ T30] audit: type=1326 audit(1774000719.613:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.0.11197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 977.981845][ T30] audit: type=1326 audit(1774000719.613:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.0.11197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 977.981894][ T30] audit: type=1326 audit(1774000719.613:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.0.11197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc552f9c799 code=0x7ffc0000 [ 977.987390][T10410] loop6: detected capacity change from 0 to 128 [ 978.098593][T10393] FAT-fs (loop5): Directory bread(block 68) failed [ 978.180700][T10393] FAT-fs (loop5): Directory bread(block 69) failed [ 978.188565][T10393] FAT-fs (loop5): Directory bread(block 70) failed [ 978.195300][T10393] FAT-fs (loop5): Directory bread(block 71) failed [ 978.202146][T10393] FAT-fs (loop5): Directory bread(block 72) failed [ 978.208899][T10393] FAT-fs (loop5): Directory bread(block 73) failed [ 978.216979][T10418] loop0: detected capacity change from 0 to 512 [ 978.230283][T10410] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 978.255802][T10418] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 978.312656][T10425] loop3: detected capacity change from 0 to 64 [ 978.330860][T10418] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.11206: bad orphan inode 131083 [ 978.352618][T10410] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 978.421599][T10418] loop0: lost filesystem error report for type 5 error -117 [ 978.427275][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 978.441242][ C1] EXT4-fs (loop0): initial error at time 1774000720: ext4_orphan_get:1417 [ 978.449797][ C1] EXT4-fs (loop0): last error at time 1774000720: ext4_orphan_get:1417 [ 978.461682][T10418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 978.510816][T10410] EXT4-fs warning (device loop6): ext4_dirblock_csum_verify:375: inode #2: comm syz.6.11204: No space for directory leaf checksum. Please run e2fsck -D. [ 978.545056][T10410] EXT4-fs error (device loop6): __ext4_find_entry:1626: inode #2: comm syz.6.11204: checksumming directory block 0 [ 978.712193][ T5825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 978.726691][ T6648] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 978.776611][ T2260] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 978.891376][ T6648] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 978.916523][ T6648] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89 [ 978.951023][T10466] netlink: 'syz.0.11212': attribute type 10 has an invalid length. [ 978.970142][ T6648] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10 [ 979.025292][T10466] team0: Device veth1_macvtap failed to register rx_handler [ 979.069005][ T6648] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 65535, setting to 64 [ 979.110463][ T6648] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 979.164953][ T6648] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 979.198621][T10478] xt_bpf: check failed: parse error [ 979.207770][ T6648] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 979.287247][ T6648] usb 5-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8 [ 979.325442][ T6648] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 979.350351][ T6648] usb 5-1: Product: syz [ 979.354570][ T6648] usb 5-1: Manufacturer: syz [ 979.415158][ T6648] usb 5-1: SerialNumber: syz [ 979.431865][ T6648] usb 5-1: config 0 descriptor?? [ 979.449807][T10434] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 979.495681][ T6648] ati_remote 5-1:0.0: Initializing ati_remote hardware failed. [ 979.527501][ T6648] ati_remote 5-1:0.0: probe with driver ati_remote failed with error -5 [ 979.765386][ T10] usb 5-1: USB disconnect, device number 5 [ 980.277312][T10539] IPv6: sit1: Disabled Multicast RS [ 980.283830][T10539] sit1: entered allmulticast mode [ 980.477228][T10549] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11238'. [ 980.528029][T10553] loop7: detected capacity change from 0 to 256 [ 980.555065][T10549] netlink: 136 bytes leftover after parsing attributes in process `syz.0.11238'. [ 980.723605][T10495] loop3: detected capacity change from 0 to 32768 [ 980.758815][T10569] netlink: 'syz.4.11244': attribute type 3 has an invalid length. [ 980.781570][T10553] FAT-fs (loop7): Directory bread(block 64) failed [ 980.800725][T16628] usb 6-1: new high-speed USB device number 111 using dummy_hcd [ 980.821648][T10553] FAT-fs (loop7): Directory bread(block 65) failed [ 980.854935][T10553] FAT-fs (loop7): Directory bread(block 66) failed [ 980.882335][T10553] FAT-fs (loop7): Directory bread(block 67) failed [ 980.908249][T10553] FAT-fs (loop7): Directory bread(block 68) failed [ 980.915162][T10576] loop6: detected capacity change from 0 to 64 [ 980.925581][T10553] FAT-fs (loop7): Directory bread(block 69) failed [ 980.933336][T10553] FAT-fs (loop7): Directory bread(block 70) failed [ 980.940495][T10553] FAT-fs (loop7): Directory bread(block 71) failed [ 980.947335][T10553] FAT-fs (loop7): Directory bread(block 72) failed [ 980.954066][T10553] FAT-fs (loop7): Directory bread(block 73) failed [ 981.004177][T16628] usb 6-1: Using ep0 maxpacket: 8 [ 981.033128][T16628] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 981.082011][T16628] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 981.109628][T10581] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11247'. [ 981.146812][T16628] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 981.158254][T10581] openvswitch: netlink: Flow key attr not present in new flow. [ 981.203300][T16628] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 981.240264][T16628] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 981.280408][T16628] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 981.310195][T16628] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 981.362392][T16628] usb 6-1: config 0 descriptor?? [ 981.404036][T10557] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 981.410310][T10597] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 981.517336][T10609] netlink: 'syz.4.11253': attribute type 1 has an invalid length. [ 981.571553][T10609] netlink: 224 bytes leftover after parsing attributes in process `syz.4.11253'. [ 981.651075][T10614] loop7: detected capacity change from 0 to 256 [ 981.782190][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.782664][ C0] Bluetooth: hci8: Unexpected continuation: 1 bytes [ 981.790259][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.803927][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.812262][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.819464][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.826331][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.833612][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.840822][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.847764][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.864546][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.873760][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.882293][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.889968][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.897351][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.905377][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.914902][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.921839][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.928814][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.936099][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.943092][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.950172][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.957327][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.960009][T10626] loop0: detected capacity change from 0 to 256 [ 981.964287][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.978409][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.985517][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 981.992519][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 982.002162][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 982.009189][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 982.016168][T10606] Bluetooth: hci8: Received unexpected HCI Event 0x00 [ 982.107115][T10614] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 198) [ 982.170566][T22251] Bluetooth: hci8: Opcode 0x0c03 failed: -71 [ 982.180738][ T5893] usb 6-1: USB disconnect, device number 111 [ 982.248319][T10626] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 982.382628][T10651] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11262'. [ 982.534834][T10676] loop3: detected capacity change from 0 to 16 [ 982.549154][T10675] xt_TCPMSS: Only works on TCP SYN packets [ 982.570101][T10676] erofs (device loop3): DAX unsupported by block device. Turning off DAX. [ 982.618387][T10676] erofs (device loop3): mounted with root inode @ nid 36. [ 982.658883][T10695] bridge5: entered promiscuous mode [ 982.671606][T10695] bridge5: entered allmulticast mode [ 982.674903][T10676] erofs (device loop3): read error -117 @ 0 of nid 36 [ 982.921105][T10714] bridge0: entered allmulticast mode [ 982.939924][T10714] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 983.019690][T10725] netlink: 1 bytes leftover after parsing attributes in process `syz.3.11270'. [ 983.035129][T10719] erofs (device loop4): mounted with root inode @ nid 36. [ 983.141896][ T6648] usb 1-1: new high-speed USB device number 111 using dummy_hcd [ 983.287193][T10740] netlink: 'syz.4.11277': attribute type 2 has an invalid length. [ 983.296023][T10733] set_capacity_and_notify: 1 callbacks suppressed [ 983.296044][T10733] loop6: detected capacity change from 0 to 256 [ 983.323843][ T6648] usb 1-1: Using ep0 maxpacket: 8 [ 983.333029][T10740] netlink: 224 bytes leftover after parsing attributes in process `syz.4.11277'. [ 983.348104][T10731] loop5: detected capacity change from 0 to 4096 [ 983.366763][T10731] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 983.379690][ T6648] usb 1-1: unable to get BOS descriptor or descriptor too short [ 983.405278][ T6648] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 983.435605][T10733] FAT-fs (loop6): Directory bread(block 64) failed [ 983.453429][ T6648] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 983.472958][T10733] FAT-fs (loop6): Directory bread(block 65) failed [ 983.499286][ T6648] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 65535, setting to 1024 [ 983.516192][T10731] ntfs3(loop5): ino=19, mi_enum_attr [ 983.523452][T10733] FAT-fs (loop6): Directory bread(block 66) failed [ 983.535621][T10733] FAT-fs (loop6): Directory bread(block 67) failed [ 983.553561][ T6648] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024 [ 983.601668][T10733] FAT-fs (loop6): Directory bread(block 68) failed [ 983.604120][T10742] loop7: detected capacity change from 0 to 4096 [ 983.617740][T10731] ntfs3(loop5): failed to convert "c46c" to cp852 [ 983.617738][ T6648] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 983.617769][ T6648] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81 [ 983.635440][T10733] FAT-fs (loop6): Directory bread(block 69) failed [ 983.668020][T10731] ntfs3(loop5): ino=20, mi_enum_attr [ 983.688214][T10742] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 983.701153][T10733] FAT-fs (loop6): Directory bread(block 70) failed [ 983.718633][ T6648] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 983.729766][T10733] FAT-fs (loop6): Directory bread(block 71) failed [ 983.751590][T10742] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 983.755290][T10733] FAT-fs (loop6): Directory bread(block 72) failed [ 983.796409][ T6648] usb 1-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 983.806685][T10733] FAT-fs (loop6): Directory bread(block 73) failed [ 983.811087][ T6648] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 983.826645][T10742] ntfs3(loop7): ino=19, mi_enum_attr [ 983.878747][ T6648] usb 1-1: Product: syz [ 983.898938][ T6648] usb 1-1: Manufacturer: syz [ 983.929687][ T6648] usb 1-1: SerialNumber: syz [ 983.965218][T10742] ntfs3(loop7): failed to convert "c46c" to cp863 [ 983.973145][ T6648] usb 1-1: config 0 descriptor?? [ 984.013827][T10703] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 984.024519][T10742] ntfs3(loop7): ino=20, mi_enum_attr [ 984.033666][ T6648] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 984.437534][ T6648] usb 1-1: USB disconnect, device number 111 [ 984.527000][ T6862] udevd[6862]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 984.625025][T10816] xt_bpf: check failed: parse error [ 984.772406][T10827] loop7: detected capacity change from 0 to 256 [ 984.802255][T10827] exfat: Deprecated parameter 'utf8' [ 984.809574][T10827] exfat: Deprecated parameter 'namecase' [ 984.842958][T10827] exFAT-fs (loop7): failed to load upcase table (idx : 0x0001fe89, chksum : 0xf974f890, utbl_chksum : 0xe619d30d) [ 984.895470][T10833] loop3: detected capacity change from 0 to 512 [ 984.896780][T10835] loop5: detected capacity change from 0 to 64 [ 984.937317][T10835] syz.5.11296: attempt to access beyond end of device [ 984.937317][T10835] loop5: rw=8388608, sector=65534, nr_sectors = 2 limit=64 [ 984.996099][T10835] Buffer I/O error on dev loop5, logical block 32767, async page read [ 985.016307][T10833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 985.035194][T10835] syz.5.11296: attempt to access beyond end of device [ 985.035194][T10835] loop5: rw=8388608, sector=65534, nr_sectors = 2 limit=64 [ 985.074980][T10835] Buffer I/O error on dev loop5, logical block 32767, async page read [ 985.122521][T10833] ext4 filesystem being mounted at /1800/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 985.315646][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 985.384587][T10866] loop7: detected capacity change from 0 to 164 [ 985.425809][T10866] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 985.642622][T10886] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 2, id = 0 [ 985.942858][T16643] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 986.127261][T16643] usb 5-1: Using ep0 maxpacket: 8 [ 986.158897][T16643] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 986.205390][T16643] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 986.237905][T16643] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 986.281234][T16643] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 986.321935][T16643] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 986.349257][ T6648] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 986.349834][T16643] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 986.407176][T16643] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 986.448565][T16643] usb 5-1: config 0 descriptor?? [ 986.454779][T10888] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 986.533323][ T6648] usb 8-1: Using ep0 maxpacket: 8 [ 986.558023][ T6648] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 986.615881][ T6648] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 986.661141][ T6648] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 986.680684][T10947] Bluetooth: hci6: command 0x0406 tx timeout [ 986.719097][T10947] Bluetooth: hci8: unexpected event 0x10 length: 71 > 1 [ 986.724379][ T6648] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 986.799074][ T6648] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 986.843607][ T6648] usb 8-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 986.867331][T10959] netlink: 209852 bytes leftover after parsing attributes in process `syz.6.11330'. [ 986.890268][ T6648] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 986.927677][ T6648] usb 8-1: config 0 descriptor?? [ 986.933789][T10918] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 986.942635][T16643] usb 5-1: USB disconnect, device number 6 [ 986.953047][T10606] Bluetooth: hci8: Opcode 0x0c03 failed: -71 [ 986.961959][T10606] Bluetooth: hci8: hardware error 0x51 [ 987.021628][T10912] loop3: detected capacity change from 0 to 32768 [ 987.043598][T10912] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.11319 (10912) [ 987.075547][T10912] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 987.086723][T10912] BTRFS info (device loop3): using sha256 checksum algorithm [ 987.250424][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.250844][ C0] Bluetooth: hci9: Unexpected continuation: 1 bytes [ 987.272885][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.280674][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.282171][T10999] netlink: 7 bytes leftover after parsing attributes in process `syz.5.11334'. [ 987.287498][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.304019][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.310946][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.318352][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.325957][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.333561][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.340388][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.347401][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.354980][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.361945][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.369078][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.386191][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.393220][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.400381][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.407596][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.414521][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.422342][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.429295][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.436328][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.443848][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.450957][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.457818][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.464798][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.471887][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.480834][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.487874][T10947] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 987.499473][T10999] netlink: 7 bytes leftover after parsing attributes in process `syz.5.11334'. [ 987.504511][T16643] usb 8-1: USB disconnect, device number 5 [ 987.508998][T22251] Bluetooth: hci9: Opcode 0x0c03 failed: -71 [ 987.552273][T10912] BTRFS info (device loop3): enabling ssd optimizations [ 987.592669][T10912] BTRFS info (device loop3): turning on async discard [ 987.678157][T10912] BTRFS info (device loop3): enabling free space tree [ 987.893939][ T5832] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 987.926676][T11032] netlink: 'syz.6.11340': attribute type 1 has an invalid length. [ 988.215429][T11050] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6 [ 988.286603][T11053] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11347'. [ 988.370807][T11058] loop0: detected capacity change from 0 to 256 [ 988.571734][T11066] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11350'. [ 988.658914][T11066] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11350'. [ 988.765758][T11080] netlink: 72 bytes leftover after parsing attributes in process `syz.0.11353'. [ 989.249173][T11110] loop7: detected capacity change from 0 to 512 [ 989.301650][T11110] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.11363: bad orphan inode 15 [ 989.353508][T11123] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11369'. [ 989.387671][T11110] loop7: lost filesystem error report for type 5 error -117 [ 989.388755][T11110] ext4_test_bit(bit=14, block=18) = 1 [ 989.396133][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 989.396155][ C1] EXT4-fs (loop7): initial error at time 1774000730: ext4_orphan_get:1417 [ 989.396185][ C1] EXT4-fs (loop7): last error at time 1774000730: ext4_orphan_get:1417 [ 989.437100][T11124] syz_tun: left promiscuous mode [ 989.468241][T11110] is_bad_inode(inode)=0 [ 989.500775][T11110] NEXT_ORPHAN(inode)=1023 [ 989.518651][T11110] max_ino=32 [ 989.528716][T11110] i_nlink=0 [ 989.557488][T11110] EXT4-fs error (device loop7): ext4_xattr_delete_inode:2970: inode #15: comm syz.7.11363: corrupted xattr block 19: invalid header [ 989.590827][T11124] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 989.608998][T11110] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 989.609563][T11110] EXT4-fs warning (device loop7): ext4_evict_inode:275: xattr delete (err -117) [ 989.647021][T11110] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 989.660203][T11110] ext4 filesystem being mounted at /256/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 989.675164][T11127] A link change request failed with some changes committed already. Interface veth0_to_team may have been left with an inconsistent configuration, please check. [ 989.688807][T11110] EXT4-fs error (device loop7): ext4_empty_dir:3078: inode #12: comm syz.7.11363: Directory hole found for htree leaf block 0 [ 989.744636][T11139] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11373'. [ 989.814748][T11143] netlink: 52 bytes leftover after parsing attributes in process `syz.6.11374'. [ 989.845814][T11143] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 989.987574][ T3942] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 990.964824][T11215] ip6t_srh: unknown srh invflags 4000 [ 991.446576][T11248] loop6: detected capacity change from 0 to 256 [ 992.350716][T11313] openvswitch: netlink: Duplicate or invalid key (type 0). [ 992.384711][T11313] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 992.846320][T11346] netlink: 'syz.4.11438': attribute type 21 has an invalid length. [ 992.882931][T11346] netlink: 128 bytes leftover after parsing attributes in process `syz.4.11438'. [ 992.913150][ T5936] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 992.930273][T11346] netlink: 'syz.4.11438': attribute type 4 has an invalid length. [ 992.960878][T11346] netlink: 'syz.4.11438': attribute type 5 has an invalid length. [ 993.004038][T11346] netlink: 3 bytes leftover after parsing attributes in process `syz.4.11438'. [ 993.113593][ T5936] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 993.153038][ T5936] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 993.195199][ T5936] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 993.224760][ T5936] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 993.295709][ T5936] usb 8-1: SerialNumber: syz [ 993.303275][T11373] fuse: Invalid rootmode [ 993.444996][T11380] bridge5: the hash_elasticity option has been deprecated and is always 16 [ 993.499394][T11388] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11450'. [ 993.527574][T11392] ip6t_REJECT: ECHOREPLY is not supported [ 993.565823][ T5936] usb 8-1: 0:2 : does not exist [ 993.748553][ T5936] usb 8-1: USB disconnect, device number 6 [ 993.857034][T11418] loop3: detected capacity change from 0 to 1024 [ 993.888812][T11418] EXT4-fs: Ignoring removed i_version option [ 993.926441][T11418] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 994.017810][T11418] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5 [ 994.050401][T11418] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 994.074221][T11418] EXT4-fs error (device loop3): ext4_acquire_dquot:7001: comm syz.3.11455: Failed to acquire dquot type 0 [ 994.089413][T11418] loop3: lost filesystem error report for type 5 error -117 [ 994.092261][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 994.099716][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 994.099742][ C0] EXT4-fs (loop3): initial error at time 1774000734: ext4_acquire_dquot:7001 [ 994.099772][ C0] EXT4-fs (loop3): last error at time 1774000734: ext4_acquire_dquot:7001 [ 994.199989][T11418] EXT4-fs error (device loop3): mb_free_blocks:2047: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 994.243995][T11418] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #13: comm syz.3.11455: corrupted inode contents [ 994.287884][T11439] loop0: detected capacity change from 0 to 1024 [ 994.355400][T11418] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 994.356675][T11418] EXT4-fs error (device loop3): ext4_dirty_inode:6450: inode #13: comm syz.3.11455: mark_inode_dirty error [ 994.362194][T11439] EXT4-fs (loop0): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 994.452591][T11418] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 994.453065][T11418] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #13: comm syz.3.11455: corrupted inode contents [ 994.500354][T11439] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #3: block 2: comm syz.0.11459: lblock 2 mapped to illegal pblock 2 (length 1) [ 994.516771][T11439] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 994.523300][T11418] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 994.527367][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 994.544960][T11418] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #13: comm syz.3.11455: mark_inode_dirty error [ 994.547940][ C0] EXT4-fs (loop0): initial error at time 1774000735: ext4_map_blocks:776: inode 3: block 2 [ 994.569384][ C0] EXT4-fs (loop0): last error at time 1774000735: ext4_map_blocks:776: inode 3: block 2 [ 994.580278][T11418] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 994.580840][T11418] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #13: comm syz.3.11455: corrupted inode contents [ 994.590708][T11439] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 994.602820][T11418] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 994.628592][T11418] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 994.645027][T11439] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #3: block 48: comm syz.0.11459: lblock 0 mapped to illegal pblock 48 (length 1) [ 994.678314][T11439] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 994.678692][T11439] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 994.697718][T11458] netlink: 2 bytes leftover after parsing attributes in process `syz.6.11465'. [ 994.730656][T11418] loop3: lost filesystem error report for type 5 error -117 [ 994.741652][T11418] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #13: comm syz.3.11455: corrupted inode contents [ 994.809031][T11439] EXT4-fs error (device loop0): ext4_acquire_dquot:7001: comm syz.0.11459: Failed to acquire dquot type 0 [ 994.836825][T11418] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 994.837291][T11439] loop0: lost filesystem error report for type 5 error -117 [ 994.846947][T11418] EXT4-fs error (device loop3): ext4_truncate:4587: inode #13: comm syz.3.11455: mark_inode_dirty error [ 994.865899][T11418] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 994.866378][T11439] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 994.923056][T11418] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem [ 994.968386][T11418] loop3: lost filesystem error report for type 5 error -117 [ 994.989017][T11418] EXT4-fs (loop3): 1 truncate cleaned up [ 995.008506][T11439] loop0: lost filesystem error report for type 5 error -117 [ 995.013150][T11439] EXT4-fs error (device loop0): ext4_evict_inode:255: inode #11: comm syz.0.11459: mark_inode_dirty error [ 995.070381][T11418] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 995.094699][T11439] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 995.095018][T11439] EXT4-fs warning (device loop0): ext4_evict_inode:258: couldn't mark inode dirty (err -117) [ 995.223679][T11439] EXT4-fs (loop0): 1 orphan inode deleted [ 995.257039][ T58] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 995.259560][T11439] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 995.325451][ T58] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 995.325835][ T58] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 995.425440][ T58] EXT4-fs error (device loop0): ext4_release_dquot:7037: comm kworker/u8:4: Failed to release dquot type 0 [ 995.514351][T11502] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11474'. [ 995.556285][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 995.656956][ T5825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 995.676982][ T7464] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 995.758879][ T7464] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 995.767572][ T7464] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 995.851612][ T7464] EXT4-fs error (device loop0): ext4_release_dquot:7037: comm kworker/u8:2: Failed to release dquot type 0 [ 995.899985][ T7464] loop0: lost filesystem error report for type 5 error -117 [ 995.901087][ T5825] EXT4-fs error (device loop0): __ext4_get_inode_loc:4782: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 995.945641][T11528] netlink: 'syz.6.11483': attribute type 15 has an invalid length. [ 995.994258][ T5825] loop0: lost filesystem error report for type 5 error -117 [ 995.994601][ T5825] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 996.076511][ T5825] loop0: lost filesystem error report for type 5 error -117 [ 996.076850][ T5825] EXT4-fs error (device loop0): ext4_quota_off:7285: inode #3: comm syz-executor: mark_inode_dirty error [ 996.160021][T11541] netlink: 'syz.7.11486': attribute type 1 has an invalid length. [ 996.164781][ T5825] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 996.170079][T11538] loop5: detected capacity change from 0 to 1764 [ 996.791502][T11583] team0: left promiscuous mode [ 996.851849][T11583] team0: left allmulticast mode [ 996.941739][T11583] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 997.222206][T11606] x_tables: duplicate underflow at hook 4 [ 997.412481][T11613] kAFS: unable to lookup cell 'syz0' [ 997.425380][T11614] overlayfs: missing 'lowerdir' [ 997.814926][T11569] loop7: detected capacity change from 0 to 32768 [ 997.848843][T11569] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.11491 (11569) [ 997.892117][T11632] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 997.918348][T11569] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 997.955362][T11588] loop5: detected capacity change from 0 to 32768 [ 997.982528][T11569] BTRFS info (device loop7): using sha256 checksum algorithm [ 998.004336][T11588] BTRFS info: device /dev/loop5 (7:5) using temp-fsid 0b5d2930-b29a-48f5-b909-b2a7147cb781 [ 998.016109][T11569] BTRFS warning (device loop7): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 998.046178][T11588] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.11498 (11588) [ 998.140837][T11588] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 998.150996][T11588] BTRFS info (device loop5): using sha256 checksum algorithm [ 998.251388][T11656] loop6: detected capacity change from 0 to 4096 [ 998.284703][T11569] BTRFS info (device loop7): rebuilding free space tree [ 998.342827][T11569] BTRFS info (device loop7): disabling free space tree [ 998.389053][T11569] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 998.453842][T11569] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 998.549444][T11569] BTRFS info (device loop7): enabling ssd optimizations [ 998.576800][T11569] BTRFS info (device loop7): enabling disk space caching [ 998.592075][T11588] BTRFS info (device loop5): rebuilding free space tree [ 998.633979][T11569] BTRFS info (device loop7): force clearing of disk cache [ 998.678772][T11569] BTRFS info (device loop7): enabling auto defrag [ 998.696101][T11588] BTRFS info (device loop5): enabling ssd optimizations [ 998.709247][T11569] BTRFS info (device loop7): max_inline set to 0 [ 998.721292][T11588] BTRFS info (device loop5): using spread ssd allocation scheme [ 998.740995][T11588] BTRFS info (device loop5): turning on async discard [ 998.747912][T11588] BTRFS info (device loop5): enabling free space tree [ 998.787996][T11588] BTRFS info (device loop5): force clearing of disk cache [ 998.837502][ T30] audit: type=1326 audit(1774000739.378:2767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.6.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 998.947607][ T30] audit: type=1326 audit(1774000739.378:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.6.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 999.031844][ T30] audit: type=1326 audit(1774000739.378:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.6.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 999.066530][ T5831] BTRFS info (device loop5): last unmount of filesystem 0b5d2930-b29a-48f5-b909-b2a7147cb781 [ 999.119768][ T30] audit: type=1326 audit(1774000739.415:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.6.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f72f839c799 code=0x7ffc0000 [ 999.268603][ T3942] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 999.418951][T11717] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11524'. [ 999.710033][T11733] netlink: 9 bytes leftover after parsing attributes in process `syz.5.11530'. [ 999.774413][T11734] netlink: 136 bytes leftover after parsing attributes in process `syz.3.11528'. [ 999.839216][T11734] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 999.897732][T11733] ..0·: renamed from hsr0 [ 999.908519][T11733] ..0·: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 999.947725][T11733] ..0·: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1000.039914][T11733] ..0·: entered allmulticast mode [ 1000.107881][T11733] hsr_slave_0: entered allmulticast mode [ 1000.126870][T11748] loop3: detected capacity change from 0 to 256 [ 1000.151079][T11733] hsr_slave_1: entered allmulticast mode [ 1000.215862][T11733] A link change request failed with some changes committed already. Interface ..0· may have been left with an inconsistent configuration, please check. [ 1000.571661][T11764] loop3: detected capacity change from 0 to 16 [ 1000.702602][T11764] erofs (device loop3): mounted with root inode @ nid 36. [ 1000.732603][T11764] syz.3.11538: attempt to access beyond end of device [ 1000.732603][T11764] loop3: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 1000.822727][T11764] erofs (device loop3): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 4096 [ 1000.859354][T11775] openvswitch: netlink: IP tunnel dst address not specified [ 1000.906371][T11764] erofs (device loop3): read error -117 @ 0 of nid 89 [ 1000.941765][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 1000.941787][ T30] audit: type=1800 audit(1774000741.351:2775): pid=11764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.11538" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 1001.212143][T11793] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11547'. [ 1001.405753][T11804] netlink: 'syz.6.11551': attribute type 2 has an invalid length. [ 1002.132072][T11837] loop7: detected capacity change from 0 to 4096 [ 1002.143710][T11848] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11565'. [ 1002.158905][T11844] loop6: detected capacity change from 0 to 764 [ 1002.168826][T11837] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 1002.178514][T11848] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11565'. [ 1002.188515][T11848] netlink: 32 bytes leftover after parsing attributes in process `syz.4.11565'. [ 1002.210552][T11844] Symlink component flag not implemented [ 1002.218325][T11844] Symlink component flag not implemented [ 1002.225530][T11844] Symlink component flag not implemented (129) [ 1002.239784][T11844] Symlink component flag not implemented (6) [ 1002.268043][T11837] ntfs3(loop7): ino=19, mi_enum_attr [ 1002.313224][T11837] ntfs3(loop7): failed to convert "c46c" to cp1255 [ 1002.358257][T11837] ntfs3(loop7): ino=20, mi_enum_attr [ 1002.667010][T11866] xt_connbytes: Forcing CT accounting to be enabled [ 1002.679659][T11814] loop5: detected capacity change from 0 to 32768 [ 1002.712819][T11866] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 1003.484295][T11918] tmpfs: Bad value for 'mpol' [ 1003.687414][ T30] audit: type=1326 audit(1774000743.914:2776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11930 comm="syz.3.11590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15c4b9c799 code=0x7ffc0000 [ 1003.746497][ T30] audit: type=1326 audit(1774000743.952:2777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11930 comm="syz.3.11590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15c4b9c799 code=0x7ffc0000 [ 1003.818072][ T30] audit: type=1326 audit(1774000743.952:2778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11930 comm="syz.3.11590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f15c4b9c799 code=0x7ffc0000 [ 1003.914256][T11944] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 1003.914799][ T30] audit: type=1326 audit(1774000743.952:2779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11930 comm="syz.3.11590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15c4b9c799 code=0x7ffc0000 [ 1004.194976][T11966] netlink: 'syz.6.11603': attribute type 1 has an invalid length. [ 1004.696106][T11993] loop5: detected capacity change from 0 to 64 [ 1005.076186][T12024] loop5: detected capacity change from 0 to 16 [ 1005.105441][T12024] erofs (device loop5): mounted with root inode @ nid 36. [ 1005.118246][T12024] erofs (device loop5): readahead error at folio 2 @ nid 89 [ 1005.137329][T12024] erofs (device loop5): bogus lookback distance 0 @ lcn 1 of nid 89 [ 1005.153961][T12024] erofs (device loop5): readahead error at folio 1 @ nid 89 [ 1005.191856][ T6648] usb 4-1: new high-speed USB device number 111 using dummy_hcd [ 1005.199970][T22251] erofs (device loop5): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 4096 [ 1005.211650][T12024] erofs (device loop5): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 4096 [ 1005.250166][T12024] erofs (device loop5): read error -117 @ 0 of nid 89 [ 1005.285825][ T30] audit: type=1800 audit(1774000745.411:2780): pid=12024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.11621" name="file2" dev="loop5" ino=89 res=0 errno=0 [ 1005.404614][ T6648] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 1005.434821][ T6648] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1005.469155][ T6648] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1005.490793][ T6648] usb 4-1: config 220 has no interface number 2 [ 1005.517388][ T6648] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1005.577599][ T6648] usb 4-1: config 220 interface 0 has no altsetting 0 [ 1005.607784][ T6648] usb 4-1: config 220 interface 76 has no altsetting 0 [ 1005.643278][ T6648] usb 4-1: config 220 interface 1 has no altsetting 0 [ 1005.670776][ T6648] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1005.701851][ T6648] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.734130][ T6648] usb 4-1: Product: syz [ 1005.738445][ T6648] usb 4-1: Manufacturer: syz [ 1005.765711][ T6648] usb 4-1: SerialNumber: syz [ 1005.805332][T12066] loop4: detected capacity change from 0 to 512 [ 1005.847088][T12066] EXT4-fs: Ignoring removed orlov option [ 1005.871465][T12066] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 1005.895297][T12072] netlink: 'syz.5.11633': attribute type 29 has an invalid length. [ 1005.919322][T12066] EXT4-fs error (device loop4): ext4_iget_extra_inode:5025: inode #15: comm syz.4.11632: corrupted in-inode xattr: e_value size too large [ 1005.934082][T12078] netlink: 32 bytes leftover after parsing attributes in process `syz.7.11635'. [ 1005.966008][T12066] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1005.966420][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 1005.982172][ C1] EXT4-fs (loop4): initial error at time 1774000746: ext4_iget_extra_inode:5025: inode 15 [ 1005.992231][ C1] EXT4-fs (loop4): last error at time 1774000746: ext4_iget_extra_inode:5025: inode 15 [ 1006.030946][T12066] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.11632: couldn't read orphan inode 15 (err -117) [ 1006.033111][ T6648] usb 4-1: selecting invalid altsetting 0 [ 1006.063275][ T6648] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1006.070642][ T6648] uvcvideo 4-1:220.0: No valid video chain found. [ 1006.081565][T12066] loop4: lost filesystem error report for type 5 error -117 [ 1006.106617][T12066] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1006.133337][ T6648] usb 4-1: selecting invalid altsetting 0 [ 1006.143479][ T6648] usbtest 4-1:220.1: probe with driver usbtest failed with error -22 [ 1006.186106][ T6648] usb 4-1: USB disconnect, device number 111 [ 1006.281531][T12091] loop6: detected capacity change from 0 to 4096 [ 1006.295949][T12091] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512). [ 1006.400344][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1006.615391][T12117] loop4: detected capacity change from 0 to 64 [ 1006.651918][T12117] hfs: unable to locate alternate MDB [ 1006.657330][T12117] hfs: continuing without an alternate MDB [ 1006.873492][T12132] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1006.970962][T12141] loop7: detected capacity change from 0 to 1024 [ 1007.132289][ T12] hfsplus: b-tree write err: -5, ino 25 [ 1007.140328][T12154] netlink: 32 bytes leftover after parsing attributes in process `syz.5.11652'. [ 1007.149289][ T12] hfsplus: b-tree write err: -5, ino 4 [ 1007.149843][ T5936] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 1007.162819][ T12] hfsplus: b-tree write err: -5, ino 2 [ 1007.327937][ T5936] usb 7-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00 [ 1007.346659][ T5936] usb 7-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 1007.362119][ T5936] usb 7-1: Product: syz [ 1007.367001][ T5936] usb 7-1: SerialNumber: syz [ 1007.392362][ T5936] usb 7-1: config 0 descriptor?? [ 1007.620737][ T5936] hso 7-1:0.0: Can't find BULK IN endpoint [ 1007.719900][T12188] loop4: detected capacity change from 0 to 512 [ 1007.777722][T12188] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1007.847120][ T5936] usb 7-1: USB disconnect, device number 7 [ 1007.853950][T12188] ext4 filesystem being mounted at /2001/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1007.861941][T12196] loop5: detected capacity change from 0 to 1024 [ 1007.991796][T18637] hfsplus: b-tree write err: -5, ino 25 [ 1008.029932][T18637] hfsplus: b-tree write err: -5, ino 4 [ 1008.035661][T18637] hfsplus: b-tree write err: -5, ino 2 [ 1008.086384][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1008.188971][T12170] loop3: detected capacity change from 0 to 40427 [ 1008.228263][T12170] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 1008.260757][T12170] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1008.269559][T12221] netlink: 32 bytes leftover after parsing attributes in process `syz.4.11668'. [ 1008.288205][T12170] F2FS-fs (loop3): build fault injection rate: 2 [ 1008.306009][T12170] F2FS-fs (loop3): build fault injection type: 0x1f8 [ 1008.318111][T12227] netlink: 28 bytes leftover after parsing attributes in process `syz.7.11669'. [ 1008.348737][T12170] F2FS-fs (loop3): invalid crc value [ 1008.564362][T10947] Bluetooth: hci7: command 0x0406 tx timeout [ 1008.617741][ T30] audit: type=1326 audit(1774000748.526:2781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.7.11674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92cb79c799 code=0x7ffc0000 [ 1008.696319][T12170] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1008.750003][ T30] audit: type=1326 audit(1774000748.591:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.7.11674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f92cb79c799 code=0x7ffc0000 [ 1008.794030][T12170] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1008.819821][ T30] audit: type=1326 audit(1774000748.591:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.7.11674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92cb79c799 code=0x7ffc0000 [ 1008.841223][T12170] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1008.876412][ T30] audit: type=1326 audit(1774000748.591:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.7.11674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92cb79c799 code=0x7ffc0000 [ 1008.891694][T12170] F2FS-fs (loop3): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0x10f/0xff0 [ 1009.175776][T12271] netlink: 'syz.7.11682': attribute type 1 has an invalid length. [ 1009.566736][T12298] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11692'. [ 1009.755507][T12308] loop4: detected capacity change from 0 to 8 [ 1009.784837][T12308] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1009.819694][T12308] cramfs: Error -5 while decompressing! [ 1009.840665][T12308] cramfs: ffffffff9a3afd08(26)->ffff888064d37000(4096) [ 1009.852915][ T5894] udevd[5894]: incorrect cramfs checksum on /dev/loop4 [ 1009.900311][T12308] cramfs: Error -3 while decompressing! [ 1009.908523][T12308] cramfs: ffffffff9a3afd22(26)->ffff88808dbf8000(4096) [ 1009.928767][T12308] cramfs: Error -3 while decompressing! [ 1009.939562][T12308] cramfs: ffffffff9a3afd3c(16)->ffff88804c297000(4096) [ 1009.941120][ T5894] udevd[5894]: incorrect cramfs checksum on /dev/loop4 [ 1009.966670][T12308] cramfs: Error -5 while decompressing! [ 1009.977548][T12308] cramfs: ffffffff9a3afd08(26)->ffff888064d37000(4096) [ 1010.264383][T12339] netlink: 32 bytes leftover after parsing attributes in process `syz.5.11703'. [ 1010.301024][T12339] netlink: 48 bytes leftover after parsing attributes in process `syz.5.11703'. [ 1010.328227][T12339] netlink: 48 bytes leftover after parsing attributes in process `syz.5.11703'. [ 1010.514750][T12348] loop4: detected capacity change from 0 to 2048 [ 1010.560746][T12348] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1010.617361][ T5892] udevd[5892]: incorrect nilfs2 checksum on /dev/loop4 [ 1010.661749][T12362] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1011.084328][T12385] bridge6: entered promiscuous mode [ 1011.196032][T12394] netlink: 'syz.6.11718': attribute type 3 has an invalid length. [ 1011.598866][T12420] loop6: detected capacity change from 0 to 2048 [ 1011.630715][T12420] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1011.641714][ T30] audit: type=1326 audit(1774000751.360:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12424 comm="syz.5.11727" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa02db9c799 code=0x0 [ 1011.763711][T12431] loop7: detected capacity change from 0 to 1024 [ 1011.771412][ T5936] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 1011.949655][ T5936] usb 5-1: config 0 has an invalid interface number: 64 but max is 0 [ 1011.974985][ T5936] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1012.023517][ T5936] usb 5-1: config 0 has no interface number 0 [ 1012.037250][ T5936] usb 5-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 1012.067434][ T5936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1012.113189][ T5936] usb 5-1: Product: syz [ 1012.130875][ T5936] usb 5-1: Manufacturer: syz [ 1012.147793][ T5936] usb 5-1: SerialNumber: syz [ 1012.170770][ T5936] usb 5-1: config 0 descriptor?? [ 1012.182457][T12459] loop3: detected capacity change from 0 to 256 [ 1012.189836][T16643] usb 7-1: new full-speed USB device number 8 using dummy_hcd [ 1012.269524][T12459] FAT-fs (loop3): Directory bread(block 64) failed [ 1012.296405][T12459] FAT-fs (loop3): Directory bread(block 65) failed [ 1012.324867][T12459] FAT-fs (loop3): Directory bread(block 66) failed [ 1012.336136][T12459] FAT-fs (loop3): Directory bread(block 67) failed [ 1012.344578][T12459] FAT-fs (loop3): Directory bread(block 68) failed [ 1012.353535][T12459] FAT-fs (loop3): Directory bread(block 69) failed [ 1012.363655][T12459] FAT-fs (loop3): Directory bread(block 70) failed [ 1012.381152][T12459] FAT-fs (loop3): Directory bread(block 71) failed [ 1012.388527][T12459] FAT-fs (loop3): Directory bread(block 72) failed [ 1012.404960][T16643] usb 7-1: config 0 has an invalid interface number: 35 but max is 0 [ 1012.406633][T12459] FAT-fs (loop3): Directory bread(block 73) failed [ 1012.429400][T16643] usb 7-1: config 0 has no interface number 0 [ 1012.429645][ T5936] uvcvideo 5-1:0.64: Found UVC 0.00 device syz (046d:0823) [ 1012.444501][T16643] usb 7-1: config 0 interface 35 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 10 [ 1012.448899][ T5936] uvcvideo 5-1:0.64: No valid video chain found. [ 1012.469235][T16643] usb 7-1: config 0 interface 35 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 1012.513489][T16643] usb 7-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=ec.5c [ 1012.530425][T16643] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1012.546573][T16643] usb 7-1: Product: syz [ 1012.551276][T16643] usb 7-1: Manufacturer: syz [ 1012.556029][T16643] usb 7-1: SerialNumber: syz [ 1012.573276][ T6648] usb 6-1: new high-speed USB device number 112 using dummy_hcd [ 1012.574524][T16643] usb 7-1: config 0 descriptor?? [ 1012.609932][T16643] cypress_m8 7-1:0.35: Nokia CA-42 V2 Adapter converter detected [ 1012.658123][ T5936] usb 5-1: USB disconnect, device number 7 [ 1012.749582][ T6648] usb 6-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 1012.762095][ T6648] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1012.776457][T12494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11742'. [ 1012.789633][ T6648] usb 6-1: Product: syz [ 1012.793831][ T6648] usb 6-1: Manufacturer: syz [ 1012.800906][ T6648] usb 6-1: SerialNumber: syz [ 1012.817636][ T6648] usb 6-1: config 0 descriptor?? [ 1012.836491][T16643] usb 7-1: Nokia CA-42 V2 Adapter converter now attached to ttyUSB0 [ 1013.047564][T16643] usb 7-1: USB disconnect, device number 8 [ 1013.054060][ T6648] mos7840 6-1:0.0: required endpoints missing [ 1013.079066][T16643] nokiaca42v2 ttyUSB0: Nokia CA-42 V2 Adapter converter now disconnected from ttyUSB0 [ 1013.112821][T16643] cypress_m8 7-1:0.35: device disconnected [ 1013.298055][ T5893] usb 6-1: USB disconnect, device number 112 [ 1013.342882][ T6648] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 1013.419540][T10947] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1013.433318][T10947] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1013.445277][T10947] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1013.454370][T10947] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1013.463841][T10947] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1013.539286][ T6648] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1013.569789][ T6648] usb 8-1: config 1 has an invalid descriptor of length 254, skipping remainder of the config [ 1013.599631][ T6648] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1013.622982][ T6648] usb 8-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 1013.642478][ T5936] usb 4-1: new high-speed USB device number 112 using dummy_hcd [ 1013.656473][ T6648] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1013.685276][ T6648] usb 8-1: Product: syz [ 1013.697983][ T6648] usb 8-1: Manufacturer: syz [ 1013.702627][ T6648] usb 8-1: SerialNumber: syz [ 1013.769439][ T6648] usb 8-1: selecting invalid altsetting 1 [ 1013.798284][ T6648] usb 8-1: unit 6 not found! [ 1013.845937][ T5936] usb 4-1: Using ep0 maxpacket: 16 [ 1013.866381][ T5936] usb 4-1: config 0 interface 0 altsetting 18 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1013.916480][ T5936] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1013.941176][ T5936] usb 4-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba [ 1013.958968][ T5936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1014.000467][ T6648] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1014.009728][ T5936] usb 4-1: Product: syz [ 1014.013916][ T5936] usb 4-1: Manufacturer: syz [ 1014.028514][T12594] netlink: 'syz.4.11759': attribute type 1 has an invalid length. [ 1014.039775][ T5936] usb 4-1: SerialNumber: syz [ 1014.044900][ T6648] usb 8-1: USB disconnect, device number 7 [ 1014.095805][T12601] netlink: 'syz.5.11760': attribute type 10 has an invalid length. [ 1014.124751][T12601] netlink: 224 bytes leftover after parsing attributes in process `syz.5.11760'. [ 1014.138860][ T5936] usb 4-1: config 0 descriptor?? [ 1014.162723][ T5936] hub 4-1:0.0: bad descriptor, ignoring hub [ 1014.183032][ T5936] hub 4-1:0.0: probe with driver hub failed with error -5 [ 1014.217729][ T5936] usb 4-1: selecting invalid altsetting 0 [ 1014.237119][ T5936] usb 4-1: can't set first interface for hiFace device. [ 1014.257849][ T5894] udevd[5894]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1014.258804][ T5936] snd-usb-hiface 4-1:0.0: probe with driver snd-usb-hiface failed with error -5 [ 1014.285377][T12614] loop6: detected capacity change from 0 to 512 [ 1014.309202][T12614] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.11762: Invalid inode bitmap blk 4 in block_group 0 [ 1014.323407][T12614] loop6: lost filesystem error report for type 5 error -117 [ 1014.337044][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 1014.350850][ C1] EXT4-fs (loop6): initial error at time 1774000753: ext4_read_inode_bitmap:139 [ 1014.351245][T12614] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1014.359949][ C1] EXT4-fs (loop6): last error at time 1774000753: ext4_read_inode_bitmap:139 [ 1014.425926][T12617] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 13: invalid block bitmap [ 1014.440796][ T5936] usb 4-1: USB disconnect, device number 112 [ 1014.462807][T12614] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.11762: Invalid inode bitmap blk 4 in block_group 0 [ 1014.497544][T16647] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 1014.505726][T12614] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem [ 1014.620349][ T2260] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1014.650742][T12551] virt_wifi0 speed is unknown, defaulting to 1000 [ 1014.686807][T16647] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1014.699994][T16647] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1014.727996][T16647] usb 5-1: config 0 descriptor?? [ 1014.938866][T12663] loop5: detected capacity change from 0 to 128 [ 1014.964820][T16647] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 1015.031543][T12663] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1015.115248][T12663] ext4 filesystem being mounted at /1987/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1015.186579][T16647] [drm:udl_init] *ERROR* Selecting channel failed [ 1015.231985][T16647] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 1015.238512][T12711] binder: 12703:12711 ioctl c0306201 200000000540 returned -22 [ 1015.245780][T16647] [drm] Initialized udl on minor 2 [ 1015.259786][T16647] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1015.275186][T16647] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 1015.285446][T16628] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1015.336224][T16628] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1015.354581][T16647] usb 5-1: USB disconnect, device number 8 [ 1015.362945][T16628] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 1015.405013][ T5831] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1015.497384][T12551] chnl_net:caif_netlink_parms(): no params data found [ 1015.540662][T12729] : renamed from team_slave_1 [ 1015.662801][T22251] Bluetooth: hci8: command tx timeout [ 1015.930987][ T31] INFO: task syz.2.9543:3012 blocked for more than 143 seconds. [ 1015.960344][ T31] Tainted: G L syzkaller #0 [ 1015.967743][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1015.976702][ T31] task:syz.2.9543 state:D stack:27144 pid:3012 tgid:3011 ppid:5834 task_flags:0x400140 flags:0x00080002 [ 1015.989081][ T31] Call Trace: [ 1015.992472][ T31] [ 1015.996310][ T31] __schedule+0x15dd/0x52d0 [ 1016.001088][ T31] ? lockdep_hardirqs_on+0x7a/0x110 [ 1016.006641][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.013421][ T31] ? irqentry_exit+0x59e/0x620 [ 1016.020857][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.034471][T12551] bridge0: port 1(bridge_slave_0) entered blocking state [ 1016.042859][ T31] ? __pfx___schedule+0x10/0x10 [ 1016.055107][ T31] ? schedule+0x90/0x360 [ 1016.069356][T12551] bridge0: port 1(bridge_slave_0) entered disabled state [ 1016.080166][T12551] bridge_slave_0: entered allmulticast mode [ 1016.088104][T12551] bridge_slave_0: entered promiscuous mode [ 1016.112098][ T31] schedule+0x164/0x360 [ 1016.116365][ T31] schedule_preempt_disabled+0x13/0x30 [ 1016.121847][ T31] __mutex_lock+0x7fe/0x1300 [ 1016.144113][T12551] bridge0: port 2(bridge_slave_1) entered blocking state [ 1016.151314][T12551] bridge0: port 2(bridge_slave_1) entered disabled state [ 1016.229900][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1016.247155][T12551] bridge_slave_1: entered allmulticast mode [ 1016.268633][ T31] ? __mutex_lock+0x5ac/0x1300 [ 1016.293772][T12551] bridge_slave_1: entered promiscuous mode [ 1016.302600][ T31] ? nfsd_nl_version_set_doit+0xcd/0x7a0 [ 1016.330312][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1016.335435][ T31] nfsd_nl_version_set_doit+0xcd/0x7a0 [ 1016.377027][ T31] ? __pfx_nfsd_nl_version_set_doit+0x10/0x10 [ 1016.410831][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.417082][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.435038][ T31] genl_family_rcv_msg_doit+0x22a/0x330 [ 1016.441273][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.453911][ T31] ? __asan_memcpy+0x40/0x70 [ 1016.458578][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1016.465027][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.470691][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.476481][ T31] ? security_capable+0x7e/0x2c0 [ 1016.481465][ T31] genl_rcv_msg+0x61c/0x7a0 [ 1016.486418][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1016.491476][ T31] ? __pfx_nfsd_nl_version_set_doit+0x10/0x10 [ 1016.497757][ T31] ? __lock_acquire+0x6b5/0x2cf0 [ 1016.503519][ T31] netlink_rcv_skb+0x232/0x4b0 [ 1016.509177][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1016.514232][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1016.519976][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.525841][ T31] ? down_read+0x272/0x2e0 [ 1016.530414][ T31] ? genl_rcv+0xd/0x40 [ 1016.534760][ T31] genl_rcv+0x28/0x40 [ 1016.538759][ T31] netlink_unicast+0x80f/0x9b0 [ 1016.543626][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 1016.549319][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.555628][ T31] ? skb_put+0x11b/0x210 [ 1016.559894][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.565948][ T31] netlink_sendmsg+0x813/0xb40 [ 1016.571159][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1016.576968][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.582941][ T31] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1016.587902][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.593743][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.599758][ T31] ____sys_sendmsg+0x972/0x9f0 [ 1016.604639][ T31] ? futex_unqueue+0x211/0x240 [ 1016.609434][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1016.615287][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.620948][ T31] ? import_iovec+0x73/0xa0 [ 1016.625563][ T31] ___sys_sendmsg+0x2a5/0x360 [ 1016.630369][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 1016.641185][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.647101][ T31] ? futex_wait+0x29a/0x380 [ 1016.651814][ T31] ? __fget_files+0x2a/0x420 [ 1016.656700][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.662528][ T31] ? __fget_files+0x3a0/0x420 [ 1016.667257][ T31] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1016.672322][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1016.677912][ T31] ? rcu_is_watching+0x15/0xb0 [ 1016.682861][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1016.688564][ T31] do_syscall_64+0x14d/0xf80 [ 1016.693456][ T31] ? trace_irq_disable+0x3b/0x150 [ 1016.698605][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1016.705227][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1016.711237][ T31] RIP: 0033:0x7fc55539c799 [ 1016.715670][ T31] RSP: 002b:00007fc556287028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1016.724724][ T31] RAX: ffffffffffffffda RBX: 00007fc555615fa0 RCX: 00007fc55539c799 [ 1016.732805][ T31] RDX: 0000000004008090 RSI: 0000200000000140 RDI: 0000000000000003 [ 1016.740804][ T31] RBP: 00007fc555432c99 R08: 0000000000000000 R09: 0000000000000000 [ 1016.748988][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1016.758412][ T31] R13: 00007fc555616038 R14: 00007fc555615fa0 R15: 00007fffb8d05bb8 [ 1016.766606][ T31] [ 1016.769690][ T31] [ 1016.769690][ T31] Showing all locks held in the system: [ 1016.777612][ T31] 1 lock held by khungtaskd/31: [ 1016.782486][ T31] #0: ffffffff8e75e520 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 1016.796734][ T31] 2 locks held by getty/5578: [ 1016.801599][ T31] #0: ffff8880324680a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1016.811597][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0 [ 1016.821958][ T31] 1 lock held by syz-executor/5823: [ 1016.827162][ T31] #0: ffffffff8e7647b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x38d/0x770 [ 1016.839446][ T31] 3 locks held by kworker/1:1/16628: [ 1016.844833][ T31] #0: ffff88813fe0f148 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0 [ 1016.855974][ T31] #1: ffffc90005427c40 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0 [ 1016.867863][ T31] #2: ffffffff8e7647b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x38d/0x770 [ 1016.880823][ T31] 2 locks held by syz.1.9190/1167: [ 1016.887012][ T31] #0: ffffffff8fc3b930 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1016.895603][ T31] #1: ffffffff8ea85f88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x2b5/0x9a0 [ 1016.905733][ T31] 2 locks held by syz.2.9543/3012: [ 1016.910936][ T31] #0: ffffffff8fc3b930 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1016.919366][ T31] #1: ffffffff8ea85f88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_version_set_doit+0xcd/0x7a0 [ 1016.929386][ T31] 1 lock held by syz-executor/3942: [ 1016.934638][ T31] 2 locks held by syz.0.11502/11604: [ 1016.940763][ T31] #0: ffffffff8fc3b930 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1016.950866][ T31] #1: ffffffff8ea85f88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_get_doit+0x1c0/0x790 [ 1016.963786][ T31] [ 1017.063330][ T31] ============================================= [ 1017.063330][ T31] [ 1017.096131][ T31] NMI backtrace for cpu 0 [ 1017.096158][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 1017.096191][ T31] Tainted: [L]=SOFTLOCKUP [ 1017.096201][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1017.096215][ T31] Call Trace: [ 1017.096226][ T31] [ 1017.096237][ T31] dump_stack_lvl+0xe8/0x150 [ 1017.096277][ T31] nmi_cpu_backtrace+0x274/0x2d0 [ 1017.096317][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1017.096354][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 1017.096395][ T31] sys_info+0x135/0x170 [ 1017.096428][ T31] watchdog+0xfd9/0x1030 [ 1017.096476][ T31] ? watchdog+0x21a/0x1030 [ 1017.096524][ T31] kthread+0x388/0x470 [ 1017.096551][ T31] ? __pfx_watchdog+0x10/0x10 [ 1017.096587][ T31] ? __pfx_kthread+0x10/0x10 [ 1017.096614][ T31] ret_from_fork+0x51e/0xb90 [ 1017.096651][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1017.096682][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1017.096712][ T31] ? __switch_to+0xc7d/0x1450 [ 1017.096745][ T31] ? __pfx_kthread+0x10/0x10 [ 1017.096772][ T31] ret_from_fork_asm+0x1a/0x30 [ 1017.096827][ T31] [ 1017.096837][ T31] Sending NMI from CPU 0 to CPUs 1: [ 1017.222091][ C1] NMI backtrace for cpu 1 [ 1017.222114][ C1] CPU: 1 UID: 0 PID: 12551 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 1017.222144][ C1] Tainted: [L]=SOFTLOCKUP [ 1017.222153][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1017.222167][ C1] RIP: 0010:srso_alias_safe_ret+0x5/0x7 [ 1017.222201][ C1] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 8d 64 24 08 cc e8 f4 ff ff ff 0f 0b cc cc cc cc cc cc cc cc cc cc cc cc cc [ 1017.222220][ C1] RSP: 0018:ffffc90010177510 EFLAGS: 00000046 [ 1017.222240][ C1] RAX: 0000000000000001 RBX: 0000000000000246 RCX: 0000000000000046 [ 1017.222254][ C1] RDX: 000000005a44979c RSI: ffffffff8e16828e RDI: ffffffff8c27c200 [ 1017.222271][ C1] RBP: 0000000000000000 R08: ffffffff81d547c6 R09: ffffffff8e75e520 [ 1017.222288][ C1] R10: dffffc0000000000 R11: ffffffff81b0c260 R12: 0000000000000002 [ 1017.222304][ C1] R13: ffffffff8e75e520 R14: 0000000000000000 R15: 0000000000000000 [ 1017.222327][ C1] FS: 0000000000000000(0000) GS:ffff88812555d000(0000) knlGS:0000000000000000 [ 1017.222345][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1017.222361][ C1] CR2: 000056348af9fee8 CR3: 000000003314f000 CR4: 0000000000350ef0 [ 1017.222379][ C1] Call Trace: [ 1017.222389][ C1] [ 1017.222397][ C1] lock_acquire+0x100/0x2e0 [ 1017.222428][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1017.222460][ C1] is_bpf_text_address+0x47/0x2b0 [ 1017.222485][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 1017.222508][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1017.222534][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 1017.222560][ C1] kernel_text_address+0xa5/0xe0 [ 1017.222586][ C1] __kernel_text_address+0xd/0x30 [ 1017.222610][ C1] unwind_get_return_address+0x4d/0x90 [ 1017.222646][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1017.222671][ C1] arch_stack_walk+0xfb/0x150 [ 1017.222712][ C1] stack_trace_save+0xa9/0x100 [ 1017.222736][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1017.222760][ C1] ? __lock_acquire+0x6b5/0x2cf0 [ 1017.222794][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1017.222822][ C1] save_stack+0x122/0x230 [ 1017.222850][ C1] ? __pfx_save_stack+0x10/0x10 [ 1017.222874][ C1] ? __free_frozen_pages+0xc2b/0xdb0 [ 1017.222901][ C1] ? vfree+0x25a/0x400 [ 1017.222922][ C1] ? kcov_close+0x28/0x50 [ 1017.222957][ C1] ? __fput+0x44f/0xa70 [ 1017.222991][ C1] ? task_work_run+0x1d9/0x270 [ 1017.223015][ C1] ? do_exit+0x70f/0x23c0 [ 1017.223038][ C1] ? do_group_exit+0x21b/0x2d0 [ 1017.223061][ C1] ? get_signal+0x1284/0x1330 [ 1017.223089][ C1] ? arch_do_signal_or_restart+0xbc/0x830 [ 1017.223116][ C1] ? exit_to_user_mode_loop+0x86/0x480 [ 1017.223142][ C1] ? do_syscall_64+0x32d/0xf80 [ 1017.223168][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.223200][ C1] __reset_page_owner+0x71/0x1f0 [ 1017.223227][ C1] __free_frozen_pages+0xc2b/0xdb0 [ 1017.223254][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1017.223281][ C1] ? ___free_pages+0xb2/0x220 [ 1017.223310][ C1] vfree+0x25a/0x400 [ 1017.223339][ C1] ? __pfx_kcov_close+0x10/0x10 [ 1017.223374][ C1] kcov_close+0x28/0x50 [ 1017.223406][ C1] __fput+0x44f/0xa70 [ 1017.223445][ C1] task_work_run+0x1d9/0x270 [ 1017.223473][ C1] ? __pfx_task_work_run+0x10/0x10 [ 1017.223497][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1017.223527][ C1] ? kmem_cache_free+0x187/0x630 [ 1017.223554][ C1] ? do_exit+0x70a/0x23c0 [ 1017.223580][ C1] do_exit+0x70f/0x23c0 [ 1017.223608][ C1] ? __pfx_do_exit+0x10/0x10 [ 1017.223634][ C1] ? do_raw_spin_lock+0x12b/0x2f0 [ 1017.223661][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1017.223694][ C1] do_group_exit+0x21b/0x2d0 [ 1017.223718][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 1017.223744][ C1] get_signal+0x1284/0x1330 [ 1017.223786][ C1] arch_do_signal_or_restart+0xbc/0x830 [ 1017.223815][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1017.223854][ C1] exit_to_user_mode_loop+0x86/0x480 [ 1017.223879][ C1] ? rcu_is_watching+0x15/0xb0 [ 1017.223914][ C1] do_syscall_64+0x32d/0xf80 [ 1017.223938][ C1] ? trace_irq_disable+0x3b/0x150 [ 1017.223972][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.223998][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.224020][ C1] RIP: 0033:0x7fd83d35cfce [ 1017.224040][ C1] Code: Unable to access opcode bytes at 0x7fd83d35cfa4. [ 1017.224051][ C1] RSP: 002b:00007ffdb5783718 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1017.224073][ C1] RAX: 0000000000000088 RBX: 0000555565acc500 RCX: 00007fd83d35cfce [ 1017.224089][ C1] RDX: 0000000000000088 RSI: 00007fd83e144670 RDI: 0000000000000003 [ 1017.224103][ C1] RBP: 0000000000000001 R08: 00007ffdb5783794 R09: 000000000000000c [ 1017.224118][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1017.224133][ C1] R13: 0000000000000000 R14: 00007fd83e144670 R15: 0000000000000000 [ 1017.224158][ C1] [ 1017.993356][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1018.000274][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 1018.010966][ T31] Tainted: [L]=SOFTLOCKUP [ 1018.015293][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1018.025352][ T31] Call Trace: [ 1018.028626][ T31] [ 1018.031546][ T31] vpanic+0x56c/0xa60 [ 1018.035542][ T31] ? __pfx___schedule+0x10/0x10 [ 1018.040486][ T31] ? __pfx_vpanic+0x10/0x10 [ 1018.044995][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1018.050718][ T31] panic+0xc5/0xd0 [ 1018.054511][ T31] ? __pfx_panic+0x10/0x10 [ 1018.058941][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1018.064662][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1018.070140][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1018.075795][ T31] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 1018.081984][ T31] watchdog+0x1023/0x1030 [ 1018.086435][ T31] ? watchdog+0x21a/0x1030 [ 1018.090868][ T31] kthread+0x388/0x470 [ 1018.095022][ T31] ? __pfx_watchdog+0x10/0x10 [ 1018.099706][ T31] ? __pfx_kthread+0x10/0x10 [ 1018.104293][ T31] ret_from_fork+0x51e/0xb90 [ 1018.108892][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1018.114001][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1018.119639][ T31] ? __switch_to+0xc7d/0x1450 [ 1018.124357][ T31] ? __pfx_kthread+0x10/0x10 [ 1018.128945][ T31] ret_from_fork_asm+0x1a/0x30 [ 1018.133745][ T31] [ 1018.137183][ T31] Kernel Offset: disabled [ 1018.141500][ T31] Rebooting in 86400 seconds..