last executing test programs: 1m58.279580441s ago: executing program 3 (id=657): r0 = inotify_init1(0x80800) inotify_add_watch(r0, &(0x7f0000000040)='./cgroup\x00', 0x24000040) setxattr$incfs_id(&(0x7f0000000180)='./cgroup\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 1m58.063853488s ago: executing program 3 (id=659): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000feffffff0f00000008000300", @ANYRES32=0x0, @ANYBLOB="39000e0080000000080211000001080211000000505050505050000001002a00057116fd00ffff227020"], 0x68}}, 0x24004016) 1m57.933924072s ago: executing program 3 (id=661): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c) setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e20, 0x3, 'sh\x00', 0x0, 0xb, 0xe}, {@rand_addr=0x64010102, 0x4e26, 0x0, 0x3, 0x8001, 0x1}}, 0x44) 1m57.807685277s ago: executing program 3 (id=662): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x2800088, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x95, 0x2b7, &(0x7f00000010c0)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oIPT5d67uqRIL1zMpGRQB73YFqQJQgsF/2DaydXF0dVFEPwgLn4DwVVws9DCkZNzTv60MSa1qWh/v6F98+Z53vd5T04bOuTphy8PD/fSODj74pdotZKodaMb50l0ohaV05jT/ToAgP+y8yyL37PCOnlJRLQ2VxYAsEHj9/+LNd7/f9x4SQDAhr3z7ntv7fR6u2+naSueDL866ed/2effi+d3DuLjGMR+PIx2XEZkE8X4SZZlo3qa68Rrw9FJP88cfvBTuf7ObxFRLx90xl/n85/2dh+lhZn8UV7Hc+X+3Xz/x9GOFxfs/7S3+3hBfvQb8fqrM/U/iHb8/FF8EoPYGxdR5Ect4stHafpm9s0fn7+fl5fnJ6OTfnMcN5Vt3eHLAgAAAAAAAAAAAAAAAAAAAADA/9yDsndOM8b9e/Kpsv/O1mX+YDvSSme+P0+Rn1QLXekPNMri26o/z8M0TbMisDZdvx4v1SedgQAAAAAAAAAAAAAAAAAAAOBeO/70s8Nng8H+0a0Mqm4A1cf6b7pOd2bmlVge3JzuVSuHS1aOrSomiVhaRn6IlWu+KNse3OzSvfBXNX//w8rrfPf3Zy8H2yvE/MNBdXcdPksWX8NmVDOtqE2CpzGNWHGvxvxMa/KaZmvdfo2FT7VXP3JyWhzi+fHMaElwJMsKe+PXYp1yJrl6isaVC5UPypntcmYmfX6L1ur3c/6Tck0y6daR3NJvHwAAAAAAAAAAAAAAAAAAYNbsp4ivOVuaWsuaGysLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO7U9P//rzEYlckrBDfi6PhfPiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3wJ8BAAD//wRoWMo=") mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2\x00', 0x1ff) mount$binderfs(0x0, &(0x7f00000000c0)='./binderfs\x00', &(0x7f0000000140), 0x4806, 0x0) 1m57.699541929s ago: executing program 3 (id=663): syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='norock,mode=0x0000000000000400,gid=', @ANYRESDEC=0x0, @ANYRES8=0x0], 0x1, 0x106f, &(0x7f00000010c0)="$eJzs3Vuc1OV9+PHvbzgNkAMqIvr3H0c8ISLO7iqEYBLXPeDqwhp2MRKTGISFbFxAwWgkB01iz8ckbdP03LRJ6Sk2TW16m7u2F73ojTe9rZfN9pQ2bRr7emaeXVYEdgl7oDzv9750f8w8M7/fAC8+8/x2Zp4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKLq6W02O6oYHNi999HGufX07hnadZ7rJ+/v21XrXr89434jqvRf1Ouxvn3R+rdUU9e+Lf1/Q6xt39vaqKfv9Ti5et2aHVctrU3e/jwHtCBOPH/yyf3j46PHF/tAFsnOvt0Dw0MDu7p39jUGhoca27dubd71QP9wo39gsG943/BI365Gz56+7pGhPY2NPbc3OrZv72r0bdk3tHf3zt7uwb7JC7fd2dlsbm08uOXhvu49w0O773pwy3DPAwODgwO7d7bGpKvTmG3pL+JDAyONkb7uXY3GobHx0a6ZDjIN6mhvPn3eQZ0z3VNns7Ozo6Ozs2PrPdvv2dZsLn3TBc0zxJtGLP5fWhbXvPw7Dj+KWu5/DMZA7I698Wg0zvrVE72xJ4Zi1zmuzyb7f8tdfVP7WHGW/U7v//Xti65fc7r/V0ar/+va97buXP0/x7Es3NeJeD5OxpOxP8ZjPEbj+KIf0cJ+7Yy+2B0DMRxDMRC7ort1SSNf0ojtsTW2RjMejweiP4ajEf0xEIPRF8OxL4ZjJPpaf6N6Yk/0RXeMxFDsiUZsjJ64PRrREdtje3RFI/piS+yLodgbu2Nn9EZ3614OxVjr973rPMc4NahjNoM6zzNI/7l48/nPOVyQ1yf7DwCU4/6+bv0HgMLsHt7T7NR/ACjKiPk/AAAAAAAAAAAAAAAAAAAAAAAAAAAAzLUqavEPEfHVWyeq6StT1lsL/p/zZsur1i1rUbXX8o361q5tPf0d/b3NZrPZ0dHXsSBHP+WKGBoe6W70HDvy1PHREydGDzb2Hh07cOzg6Kzv4WJvf4HuXfPaitXr1uzYnn6x6fDo0bETx8aO7D88bzsEgGmWRi1ei4gbXp6obswtj017e/sbg480Bo4eOjZtbG1ymYCLbOUMzy3m2/IF3Zu2A3AJWha16IqI7zw6UW1Ijc/PAWp3tBYGXOzDO6fWeYcqonXOQmMB4IIsj1oMRcTBK75R3RQRS+IymN/X03OC1oPY29vfeiDjY/uPPhOtcxhL2qPWnHmjyXMfl/hziTUR96VjXW7NRgB+dCuiFt+MiCNvr8fNrZ8HAACXu3rU2ufQY6K6ZbEPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAC4TVdRiW0TUV09UzWmXX9z6/139vQty9FOs/w8AF2Bp1OJ7ef3/Duv/zz1tB+AStCxq0ZPX/++0/j8AFGF51OLxvP5/l/X/L/3nEtb/B2AOrIhafCev/3+39f8BoAj1qEX7dX8T1T2LfTAAAAAAAAAAAAAAAAAAAAAAAAAAAABwmVgZtVgREbXeZ1vrykxfl376CjNvmWG5mXT1lrw9mzX5luW1BmtV+prDBwQAzKgetbi3tTVRdS/2wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACXtFrU4u8ionp1oooqIl6MaET7e3OxDw4AmB9VLf4xahExkeof9655bcXqdWt2bI+IJbGk9ZSgmj5+aHiku9Fz7MhTx0dPnBg92Nh7dOzAsYOjs91dvad3z9Cu+Xggs7J8no9/+UUfYT1afxpTNrUOeG9vf+ugx8f2H30mXVyrllz0rgAoVz1q8YPW1kRVLfbBAAALYllVi7dGxBPfPzU171zanvMvbf+qWXs9+9ra03PTen6yMPmcYfK8wVXn2T7r84tNh0ePjp04NnZk/+GZJuH1vF8zXwC4OFVVi7+OiJ1PrG91tYpVbz4Hncd9NyK2faGRx8WqNG7yhPeKVtzrh8bGR7ccODZ+MI3/YkT8zdevz+Nry9P4/KQilp0e30xjX46IV1+ZHButsSvy2PrpsR1p7LaI2P+tN46t57ErT4/tTGM3RMT4l944dmUeu+r02K75/V0GgEtLmv8/FxFf3nxqqs3nm/9PzuFH8vf5nv8vm3ajet7vsrl68ABQqDRH/ts8/182w/z/7yPi5R9en8e159Kr8vWrp83nF/5RAAAXIs3/H049/8qpqXP5ef6fp9mn5/8vrTk9hz+Yv8/3/H/FGfP/tN9r5urBA0ChUv/vj4jOfaemft4+m/5Pzvvnu//1M/qf9rt+rh48ABQq9f+xiBh++NTUa+hm0/+NN+Xb51/PV/9XntH/tN9r5+zRA0CZUv/TfPqRlaemXhd/KfV/lf4DwJxL/b8tIl75q1NT5/Rn0//r8rsD5vv8/+oz+p/2+445e/QAUKYq1lbtMi+Lq1tb/QODfV7CDwAAAJeT1vo+aydP91dXR2X+DwAAAJebKtbln/+vimvaW4diLMZj1PL/AAAAcLlo/fx/XXs5v4jqmqjM/wEAAOBys6H1/v/WewBaH/9bj5Otj+tZWmudG6iqmUdUm2N9e8T6vCrQwTyifX6hWtU/MNi3pWdocEdH3Nr6lIHWOw3Oem/LWm8/2BTXtkddmz+TaNUb77GeRnVs2dERm+K69sjr2p9IeNPGs4zsnPXIrjTy/JbOy58DACykDTP0eDb93xQ3tEfc0P5UwKXXnaWszZnLCgAsjA2t1/+3XgNwzv7PMKK6e4b5/5VTLynYEgfiWIzHwdjcerdB6xUHZ73XVdNehrB5hrMBp8d2xOazz/Lrbx7bea6xZ7nfrgX/cwGA+bRhhg7Ppv+bZ5j/r/KSQgC4pJx4/uST+8fHR4/P48ZiP0YA4I1UGgAAAAAAAAAAAAAALn0L8f4/GzZs/F/bWOx/mYD5Vota/FNEVK9OVI0qIl6MaET7u0/rAYDLU+r/d3P/b9R/AChC6v9E7v8G/QeAIqT+/3Pu/036DwBFSP3/l9z/m/UfAIqQ+v+vuf+36D8AFCH1/99y/2/VfwAoQur/v+f+36b/AFCE1P/v5f5v1H8AKELq/3/k/t+u/wBQhNT//8z936T/AFCE1P/v5/7fof8AUITU///K/d+s/wBQhNT//879v1P/AaAIqf8/yP3fov8AUITU///J/b9L/wGgCKn/P8z9b+o/ABQh9f/13P8O/QeAIqT+R+5/55v6v3qxDw8AmAep/1Xuf5f5PwAUoZbPAKT+363/AFCEVP8luf/36D8AFCH1f2nu/1b9B4AipP4vy/3fpv8AUITU/+W5/+/UfwAoQur/itz/7foPAEVI/a/n/r9L/wGgCKn/K3P/d+g/ABQh9X9V7v+9+g8ARUj9X537/279B4AipP6/Jff/PfoPAEVI/X9r7v979R8AipD6/7bc//v0HwCKkPr/9tz/bv0HgCKk/q/J/b9f/wGgCKn/V+T+9+g/ABQh9f/K3P9e/QeAIqT+X5X736f/AFCE1P+1uf/9+g8ARUj9vzr3f6f+A0ARUv/X5f4/oP8AUITU/2ty/wf0HwCKkPq/Pvf/Qf0HgCKk/l+b+/+Q/gNAEVL/r8v9H9R/AChC6v//y/3fpf8AUITU/+tz/3dfWP+rBTpEAGCOpf7//9z/IfN/AChC6v87cv8f1n8AKELq/w25/+/TfwAoQup/I/d/zyz6v2ThDxEAmGOp/zfm/g+b/wNAEVL/N+T+j+g/ABQh9f+m3P+9+g8ARUj9vzn3/xH9B4AipP7fkvv/fv0HgCKk/t+a+/+o/gNAEVL/b8v936f/AFCE1P+Nuf8f0H8AKELq/+25/4/pPwAUIfV/U+7/B/UfAIqQ+n9H7v+H9B8AipD6vzn3/8P6DwBFSP2/M/f/cf0HgCKk/m/J/f+I/gNAEVL/78r936//AFCE1P9m7v8T+g8ARUj978j9P6D/AFCE1P/O3P+D+g8ARUj978r9H9V/AChC6v/duf+H9B8AipD6f0/u/2H9B4AipP5vzf3/qP4DQBFS/7fl/o/pPwAUIfX/nbn/H9N/AChC6v/23P8n9R8AipD6/67c/3H9B4AipP7vyP0/ov8AUITU/3tz/4/qPwAUIfX/3bn/x/QfAIqQ+v+e3P+n9B8AipD6/97c/6f1HwCKkPp/X+7/cf0HgCKk/nfn/p/QfwAoQur//bn/z+g/ABQh9b8n9//j+g8ARUj97839f1b/AaAIqf99uf/P6T8AFCH1vz/3/xP6DwBFSP3fmfv/vP4DQBFS/x/I/T+p/wBQhNT/gdz/T+o/ABQh9f/B3P9P6T8AFCH1/6Hc/0/rPwAUIfV/MPf/M/oPAEVI/d+V+/+C/gNAEVL/d+f+v6j/AFCE1P+h3P/P6j8AFCH1/+Hc/8/pPwAUIfX/fbn/n9d/AChC6v+e3P+X9B8AipD6P5z7/2P6DwBFSP0fyf3/cf0HgCKk/u/N/f8J/QeAIqT+P5L7/5P6DwBFSP1/f+7/T+k/ABQh9f/R3P+f1n8AKELq/77c/5/RfwAoQur/B3L/f1b/AaAIqf+P5f7/nP4DQBFS/z+Y+//zM/T/hcU5RABgjqX+fyj3/xfM/wGgCKn/H879/0X9B4AipP4/nvv/Bf0HgCKk/n8k9/+L+g8ARUj935/7/yX9B4AipP4/kfv/S/oPAEVI/T+Q+//L+g8ARUj9P5j7/yv6DwBFSP0fzf3/sv4DQBFS/w/l/v+q/gNAEVL/D+f+f0X/AaAIqf8fzf3/Nf0HgCKk/o/l/v+6/gNAEVL/P5b7/xv6DwBFSP1/Mvf/N/UfAIqQ+j+e+/9b+g8ARUj9P5L7/9v6DwBFSP0/mvv/O/oPAEVI/T+W+/+7+g8ARUj9fyr3/6v6DwBFSP1/Ovf/9/QfAIqQ+n889//39R8AipD6fyL3/2v6DwBFSP1/Jvf/6/oPAEVI/f947v8f6D8AFCH1/9nc/1P6DwBFSP1/Lvf/D/UfAIqQ+v+J3P8/0n8AKELq//O5/3+s/wBQhNT/k7n/f6L/AFCE1P9P5v7/qf4DQBFS/z+V+/8N/QeAIqT+fzr3/2X9B4AipP5/Jvf/z/QfAIqQ+v9C7v839R8AipD6/2Lu/5/rPwAUIfX/s7n/39J/AChC6v/ncv//Qv8BoAip/5/P/X9F/wGgCKn/L+X+/6X+A0AR/jcAAP//XPxXjw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2040, 0x1) finit_module(r0, 0x0, 0x1) 1m56.962241743s ago: executing program 3 (id=674): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = eventfd2(0x2, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000180)=0x4) 1m56.799305078s ago: executing program 32 (id=674): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = eventfd2(0x2, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000180)=0x4) 1m51.04607685s ago: executing program 2 (id=734): setreuid(0xee00, 0x0) prlimit64(0x0, 0x6, &(0x7f0000000140)={0x6, 0xc00000000008b}, 0x0) setresuid(0x0, 0xee01, 0xffffffffffffffff) 1m50.912115583s ago: executing program 2 (id=736): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2b, 0x25dfdbf9, {0x0, 0x0, 0x0, r1, {0x0, 0x5}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x64, 0x2, {{0x7fff, 0x4, 0x192, 0xf, 0x7fff, 0x205}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x5, 0x8000000001, 0x100000, 0x2, 0x1bb, 0x4}}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x4, 0x7, 0x4, 0xfffffffe, 0x81}}]}]}}}]}, 0x94}, 0x1, 0x0, 0x0, 0x45}, 0x4000) 1m50.775722398s ago: executing program 2 (id=737): unshare(0x22020600) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/uevent_seqnum', 0x202000, 0x1) sendfile(0xffffffffffffffff, r0, 0x0, 0x400000c486) 1m50.691010951s ago: executing program 2 (id=739): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x2800088, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x95, 0x2b7, &(0x7f00000010c0)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oIPT5d67uqRIL1zMpGRQB73YFqQJQgsF/2DaydXF0dVFEPwgLn4DwVVws9DCkZNzTv60MSa1qWh/v6F98+Z53vd5T04bOuTphy8PD/fSODj74pdotZKodaMb50l0ohaV05jT/ToAgP+y8yyL37PCOnlJRLQ2VxYAsEHj9/+LNd7/f9x4SQDAhr3z7ntv7fR6u2+naSueDL866ed/2effi+d3DuLjGMR+PIx2XEZkE8X4SZZlo3qa68Rrw9FJP88cfvBTuf7ObxFRLx90xl/n85/2dh+lhZn8UV7Hc+X+3Xz/x9GOFxfs/7S3+3hBfvQb8fqrM/U/iHb8/FF8EoPYGxdR5Ect4stHafpm9s0fn7+fl5fnJ6OTfnMcN5Vt3eHLAgAAAAAAAAAAAAAAAAAAAADA/9yDsndOM8b9e/Kpsv/O1mX+YDvSSme+P0+Rn1QLXekPNMri26o/z8M0TbMisDZdvx4v1SedgQAAAAAAAAAAAAAAAAAAAOBeO/70s8Nng8H+0a0Mqm4A1cf6b7pOd2bmlVge3JzuVSuHS1aOrSomiVhaRn6IlWu+KNse3OzSvfBXNX//w8rrfPf3Zy8H2yvE/MNBdXcdPksWX8NmVDOtqE2CpzGNWHGvxvxMa/KaZmvdfo2FT7VXP3JyWhzi+fHMaElwJMsKe+PXYp1yJrl6isaVC5UPypntcmYmfX6L1ur3c/6Tck0y6daR3NJvHwAAAAAAAAAAAAAAAAAAYNbsp4ivOVuaWsuaGysLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO7U9P//rzEYlckrBDfi6PhfPiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3wJ8BAAD//wRoWMo=") mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2\x00', 0x1ff) mount$binderfs(0x0, &(0x7f00000000c0)='./binderfs\x00', &(0x7f0000000140), 0x4806, 0x0) 1m50.367644051s ago: executing program 2 (id=741): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000007440), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f0000000000)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fddbdf25090000003c0003800800010001000000140002"], 0x50}}, 0x48040) 1m49.178398248s ago: executing program 2 (id=745): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000f58000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) 1m48.82659864s ago: executing program 33 (id=745): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000f58000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) 1m46.992179277s ago: executing program 1 (id=754): r0 = io_uring_setup(0x1943, &(0x7f0000000100)={0x0, 0xc20d, 0x8, 0x2, 0x14c}) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000680), 0x0) 1m46.605913179s ago: executing program 1 (id=758): bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8) r0 = syz_io_uring_setup(0x18f9, &(0x7f0000000500)={0x0, 0x8007ffd, 0x1, 0x0, 0xf5fffffd}, &(0x7f0000000040), &(0x7f0000001280), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000000180)={0x200000000000001f, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000080)=[0x4, 0x9]}, 0x20) 1m46.489627603s ago: executing program 1 (id=759): r0 = semget(0x2, 0x4, 0x230) semop(r0, &(0x7f0000000080)=[{0x0, 0x7fff, 0x1800}, {0x0, 0x8001}], 0x2) semop(r0, &(0x7f0000000040)=[{0x0, 0x47, 0x1000}, {0x1, 0x2, 0x800}, {0x0, 0x401, 0x1800}], 0x3) 1m46.379484706s ago: executing program 1 (id=760): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000580)={[{@nomblk_io_submit}, {@journal_dev={'journal_dev', 0x3d, 0x3f2}}, {@noload}]}, 0x3, 0x482, &(0x7f0000001240)="$eJzs3M9rHFUcAPDvTLJpY6qJtf5q/RGtYhFNmrZqDx5UFDxUEBTU45LEUptWaSLYEjD1UE8ignfx6L/gSS8ingSvepdCkV5sPa3Mzkyym2w22XQ3W93PB7b9vvmR974783bfzNvdAAbWZPZPErEvIn6PiPG82LzBZP7fjevLszevL88mUau99VdS3+7v68uz5ablfmONhUjiUIt6Fy9eOltdWJi/UJSnl859NL148dKzZ85VT8+fnj9/7OTJE8dnXnj+2HNdyXMs0iJ6/b2v3jj1RVP+6/Loksl2K5+s1bpcXX/d2RAP97EddGaoOF6Vev8fj6GGozcer322Wvi0Tw0EeqZWq9XGNl+9UgP+x5JoLuvyMCjKN/ry+rfVdfBLPRt99N+1l/MLoCzvG8UjXzO8esegsu76tpsmI+LdlX++yR7Rm/sQAABNfsjGP89ko53l2WzssTb+SOO+hu3uKuaGJiLi7ojYHxH3xPk4EBH3RtS3vT8iHuiw/oZJkvowc+P4J7264+S2IRv/vVjMbTWP/8rRX0wM1UsX80JUkvfPLMwfLZ6TI1HZk5Vn2tTx46u/fbnZusbxX/bI6i/HgkU7rg7vad5nrrpU3XnGza5djjg43Cr/ZHUmIImIByPiYKs/kG5dx5mnv3tos3Vb599GFyaaat9GPJUf/5VYl38paT8/Ob03FuaPTpdnxUa//Hrlzc3qX5f/3ugk/y7Ijv8dLc//1fwnksb52sXO67jyx+ebXtNMVoqgg/N/pbpUHUnerscjxbJPqktLF2YiRpJTeaMblx9b27csl9tn+R853Lr/74+1Z+JQRGQn8cMR8UhEPFocu8ci4vGIONwm/59feeKD9ctGy/xv5fzvgiz/uY6O/1owEs1L0hbbZMHQ2Z++b6p0Yi0s8r/Z/vXvRD06UizZzuvfxla0Dm71+QMAAID/gjQi9kWSTq3GaTo1lX+G/0A+9Z35+Pxc/h2Biaik5Z2u8Yb7oTPFZX1evhwR+UcLyvXHI63fN/56aLRenpr9cGGur5kDY5v0/8yfQ/1uHdBzvrAFg0v/h8HVtv9Xdq8dwO7b0P/b9vk9PW0LsLtavP+P9qMdwO5rNf73ez8wGNb1f9N+MEDc/4fBpf/D4NL/YSAtjsbWX5JvG5R/aYe7bxWMR+y8hRGx0uX2bDuISh8q3cUg0p5XMdLbU6tnQbKzNidxOzS+oe9s4Z02PxwOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwu/g3AAD//0C6yvY=") syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}]}) 1m45.187995914s ago: executing program 1 (id=765): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f00000001c0), 0x37) 1m44.523681105s ago: executing program 1 (id=768): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet6(r0, &(0x7f0000002680)=[{{&(0x7f0000000340)={0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1}, 0x1c, &(0x7f0000000ac0)=[{&(0x7f0000000740)="d4", 0x1}], 0x1}}, {{&(0x7f0000000b40)={0xa, 0x4e21, 0x9, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000d80)=[{&(0x7f0000000b80)='\a', 0x1}], 0x1}}], 0x2, 0x4000050) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000d80ffff", 0x8) 1m44.339878991s ago: executing program 34 (id=768): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet6(r0, &(0x7f0000002680)=[{{&(0x7f0000000340)={0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1}, 0x1c, &(0x7f0000000ac0)=[{&(0x7f0000000740)="d4", 0x1}], 0x1}}, {{&(0x7f0000000b40)={0xa, 0x4e21, 0x9, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000d80)=[{&(0x7f0000000b80)='\a', 0x1}], 0x1}}], 0x2, 0x4000050) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000d80ffff", 0x8) 6.099424718s ago: executing program 4 (id=1887): syz_mount_image$hfsplus(&(0x7f0000000240), &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2200010, &(0x7f0000000400)=ANY=[], 0x1, 0x6b5, &(0x7f0000001540)="$eJzs3c9vHGf9B/D3rNeOnW+Ur9MmbYSKiBKpgCISJ1YK4YJBCOVQoaocOFuJ01jZOJXtVm6FwAUEJyQO/QMKksWFExL3oHAuJ3r1sRISl4iD1YvRzM6u1951bCf+lfJ6RbPzzDzPPPOZzz4z493NagP8z7p1Oc1HKXLr8ptL5fLqymRrdWXyRF3dSlKWG0mzPUsxlxSPk6myvmivL+fpnff5ePbm2589Wf28vdRMz3aNp203wIC2y/WUC0mG6nm/4d3uYlN/t5Oc6msystu+Og2nOg+XOgtw1Nb7LO9l872ct8Ax07k7Fe37Zp/x5GSS0frvgNRXh8bhRXgw9nSVAwAAgBfUpw+POgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB48dS//1/UU6Oe50KKzu//j3TW1eUX2qOjDgAAAAAAAAAA9sHX1rKWpZzuLK8X1Wf+F6uFs/liPfm/vJeFzGQ+V7KU6SxmMfO5lmS8p6ORpenFxflr3S1Lg7e8PnDL64d1xAAAAAAAAADwpfTL3Nr4/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6DIhlqz6rpbKc8nkYz7bqRst1y8o9O+QVRDFr56PDjAAAAgOcy+gzb/P9a1rKU053l9aJ6zf9K9Xp5NO9lLouZzWJamcmd+jV0+aq/sboy2VpdmXxQTv39fv/fewqj6rF+f2Hwns9XLcZyN7PVmiu5XQVzJ41qy9L5TjyD4/qojKn4Xm2XkTXrtJY7+/127yLsi72+FTFeBpd0MzJRx1Zm40w7A0X1Rk2yNRM7PjvNrXtKI8PdPV1Lo/vOz9kDyPnJel4ez28ONOd71c1EI1UmrveMvld6spCcSt9Z8fW//vmn91pz9+/dXbh8fA6pqzFw7dDWFWO9W2yMicmeTLz69DFxzDPR3GP7iSoT57rLt/Kj/CSXcyFvZT6zeT/TWcxM1uv66Xo8l4/jT8/U1Kalt3aKZKQeoe3nbDcxXcgPq9J0Llbbns5sijzMnczkjerf9VzLt3MjN3Kz5xk+t23c1bFVZ31j61nfeab/NjD4S9+oC+UA++3GQJt62hH3jc591r72l3k905PX9qh/0m31p2++39y4Cm9k6aVOdoYHdv4s18bmV+pCuY9fbXvWHoXxKkvDa/9MuneJTnQvtzPRrO5F/eP8D9W5sdCauz9/b/rdbfpf3rL8ej0vh9XKV3cR4HD34YCV4+WljNZXkjM9V8mJqu7l7lXmzKa76kj9iUu7rtFXd66qK4rOmfrjbc/UkfpvuP6erld1rw6sm6zqzvfUbfp7Kw/Typ1DyB8Az2k8J0fG/jX26dgnY78euzf25ugPTnznxGsjGf778HebE0OvN14r/pJP8vON1/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCzW/jgw/vTrdbM/OBCY/uqHQo79bylUNQ/6PNM+zqGhdEkm9YMlysOPYyxrWH0FdZ/kRx6fjo/Iji4ze/KQjO76XBqpzYf7T3CL05sF9iXsjCUwQPgiC9MwIG7uvjg3asLH3z4rdkH0+/MvDMzN3zjxs2JmzfemLx6d7Y1M9F+POoogYOwcdM/6kgAAAAAAAAAAACA3Rr0xYCLp3b60siuvuPhfxYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA++LW5TQfpci1iSsT5fLqymSrnDrljZbNJI1GUvwsKR4nU2lPGe/prsgfH2d9wH4+nr359mdPVj/f6KvZbp806vlzWK6nXEgyVM/3q7/bz91f8Z/OEZYJu9RJHBy1/wYAAP//cjv1OA==") mknod$loop(&(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, 0x1) link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 5.843944527s ago: executing program 4 (id=1889): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=@ipv6_newrule={0x4c, 0x20, 0x1, 0x0, 0x25dfdbfb, {0xa, 0x10, 0x4908d13283d17e6b, 0x0, 0x6, 0x0, 0x0, 0x3, 0x20005}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00'}, @FIB_RULE_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e1f, 0x4e21}}]}, 0x4c}}, 0x40010) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}}, 0x0) 5.594940944s ago: executing program 4 (id=1891): syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x2000000, &(0x7f0000000a00)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b46ea5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d9"], 0x1, 0x5514, &(0x7f0000013680)="$eJzs3M1rI2UcB/Bf2u2+uxbx4G0HFqGFTdh0X9Dbqrv4gl2KLwdPmiZpyG6SKU2a1p48eBQP/iei4Mmjf4MHz97Eg+JNWMk8U9n6gkqzjd1+PjD9zjyZ/Ob3hNLyTEICOLEWs19+qsSlOBcR8xFxMaLYr5Rb4XaK5yLickTMPbJVyvHfB05HxPmIuDQpnmpWyoc+uzq+cvPHN37++tszpy58/tV3s5s1MGvPR0R/M+3v9FPmnZT3y/HGuFtk/8a4zPRA/0F5nKfcaa8XFXYa++c1irzeSefnm9vDSW70Gs1JdrobxfjmIF1wOO7s1ymecL+xVRy32utFdod5kZ291NfuXvrbtjccpTqtst6HRfkYjfYzjbd322k+mw+KbA5G5Xiqm7fau5Mcl1leLpp5r1X0sX6YV/r/7c3uYHs3G7e3ht18kN2s1V+o1W9V61t5qz1q36g2+q1bN7KlTm9yWnXUbvRvd/K802vXmnl/OVvqNJvVej1butNe7zYGWb1eu167Vr25XO5dzV69927Wa2VLk3y5O9gedXvDbCPfytIzlrOV2vUXl7Mr9ezt1bVs7a27d1fX3nn/znv3Xlp9/ZXypD+1lS2tXFtZqdavVVfqy8d3/pP/9f9p/h+XTU9x/nAolVk3AHD8WP8D0/fwH8847uv/sP6fCuv/kz1/OBTrfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAE+v7hS9eK3YW0/GFcvypcuiZ8rgSEXMR8fAvzMfpAzXnyzoLf3P+wh96+KYSRYXJNc6U2/mIuF1uvz79uF8FAAAAeHJ9+dHlT9NqPf1YnHVDHKV002bu4gdTqleJiIXFH6ZQJcqbTfHs4btKJr/fp2J3StWKG1hnp1Qs3XI7Na1q/8r8gTj7SFRSzB1pOwAAwJE4uBI42lUIAAAAR+mTWTfAbBTvtJafxS8/wH8mRfmG4LkDRwAAAMAxVJl1AwAAAMBjV6z/ff8fAAAAPNnS9/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAb+zcTU7qUBQH8NOWvsf7yiPGuVtxBstwCQ4dGhbgJlgCbsENsAacuQQDhrYoNZgY+xXJ75e0t7chf06ZnXtJAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALj3my9n97cVd05zNtpl2ngYAAAA4Zp0vZ8XFpJz/qe7/q26dVfMkItKIONa7Z/GjlplVOfkHn8/f1fAQUSTsvuNndfyOiMvqeP7f9a8AAAAAp2s1X0zLbr08TYYuiO6NX6/KRZv071VLyUlE5JOnrwdss4NJujudt1BWYZc8ipuW0ooFrHFLYeWS26ittE/JasP4YEjKIe21HAAAoBf1TqDfLgQAAIA+XQ9dAMNIYr+Vud8LLv55/7Yh+Ks2AwAAAL6hZOgCAAAAgM4V/b/3/wEAAMBpK9//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJfW+XK2mi+mTXM222baeRoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAF/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN7/7y/+JqXEmmXttLD2PJGunxtapsXduHP1hfP0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J+XFAiBIIiCOeN/J33/w0qCnkGECGh4VFGLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCLfvfL/4mpcSaZO20sHY8ka1eNravG3oPG0YPx9m8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42Lmf3yiqOADg39lfWJRYq+mhxmjiQS9SFgS5etA0HvwTTJqyYHXxB/QghJj04s30ZsLF6NEYE0298T9whoQL3jj0gIknD5qZnWkfK+giMLPtfj7Jm/ed2WHe9w1N0++8aQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMrO23txO9/Mj+JWeezG3StreX9zrM9d27q1lLc8zupMen94Kd3JFptLBAAAgNnRrur7iLjd3V7J+9Z8Uf93q3Pymv+7I6O4qufH6/6qr2r/vP36y50XdgeaH42TX/Ts+nBw7J+pdJ7cLKfbs/95Rqe488Wzl3bxH9J6b/P5nW5xP7Ovr19/p1eEh+rIFgD4P45WfRlUPw/lfb/JxACYGZ2k8K7q//Z8szkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1KG3GU9XcRYRS529OHfz7pW1oh/bv7Z1a6lqp65e3UqvmV+iGxFn14eDY3VNZB+4eOnyx6vD4eDCfYO5iHjAR48evBwRj//K8XD/6oMJzol47HMX1Bi0yq/1aclnfwQNf2MCAODA6ZYtr+tvd7dX8mPZQsRf399b/7+WxJHW/2N9Wv/f+fDUjXSstP7v1zbDKfHNkQd+tLxx/rPli5cuv7F+fvXc4NzgkzeP99/qnzh98uTp5eJZybInJgAAADyaXtnS+r+1ELEztv5/OIljwvr/82/7X6ZjtWe5/v8Xe4t+TWcCAAAw25575Y/fs/scz3q9+GJ1Y+NCf7Td3T8+2jaQ6kM7VLa0/m8vNJ0VAAAAUIedzeye9f8zSRwTrv8/88OLP6XXbEfEXLn+f3Tt0+GZ+qbTkD8nOquOXyd+4lMFAABgqs2VLV3/7xbv/7d2X3loRcTrrxZhVv4ZwInq//a7X/2YjpW+/3+ixjlOo9bi6H4U/WJEZ7HpjAAAADjInipbXuz/1t1e+ejnw+/3vP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAULe/AwAA///lFT7r") mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="020000000100030000000000040001000000000020"], 0x1c, 0x2) 4.684836213s ago: executing program 0 (id=1904): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000001f40)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x5, 0x0, 0xffffffffffffffff}, {0xffffffff, 0x0, 0x9, 0xa, 0x5}]}) 4.506204338s ago: executing program 0 (id=1906): r0 = socket$kcm(0xa, 0x2, 0x73) setsockopt$sock_attach_bpf(r0, 0x29, 0x21, &(0x7f0000000200), 0x4) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@nl=@unspec={0x0, 0x0, 0x300}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x28}, 0x0) 4.408439141s ago: executing program 0 (id=1908): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0) 4.313799135s ago: executing program 4 (id=1911): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000001, 0x8031, 0xffffffffffffffff, 0xc24f4000) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) 4.212094318s ago: executing program 0 (id=1912): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000000)={0x84, &(0x7f0000001300)=ANY=[@ANYBLOB="0015f700000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, &(0x7f00000004c0)={0x34, &(0x7f00000001c0)={0x0, 0xc, 0xd, "3b4bee4573d6653f554ba8e523"}, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.691302336s ago: executing program 4 (id=1923): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 2.082972465s ago: executing program 4 (id=1926): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0x56a, 0xd8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xe0, 0x3, "", [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x5, 0x3, 0x1, {0x22, 0x2c}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x1, 0x4, 0x4}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000140)={0x20, 0xa, 0x2c, {0x2c, 0x31, "5b1ae08f9948bdfe0be753ac73b21cc8e68164d0e410e78f47f71045f36b3622b6771dd5cc56857afce8"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 1.587733161s ago: executing program 7 (id=1929): syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000140)) exit(0x800) syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00') 1.566035221s ago: executing program 6 (id=1930): r0 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002) openat$ppp(0xffffffffffffff9c, 0x0, 0x40082, 0x0) ioctl$FE_ENABLE_HIGH_LNB_VOLTAGE(r0, 0x6f44, 0x3) 1.365380727s ago: executing program 6 (id=1932): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000000c0)={[{@grpjquota}, {@errors_remount}, {@discard}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}, {@barrier_val}]}, 0x3, 0x4f4, &(0x7f0000000740)="$eJzs3E9sVNUeAODfnba0/Hv08Xi8B6IW0dhIbKGgsDAxGE1caGLERF02bSFIoYaWRAjqkBhcGhL3xqVbF27VDTGsTNzi0sSQEMMGMCGOuTP3dqbDzJRppx1Lvy+Z9px7595zzj333Dn3nLkTwLo1lP5JKuEbEbEtIgr1bxiq/Lt7+9LEvduXJqJYKh3/IylvdieNZ7LdxOYsMlyIKHyWVFfUmL1w8fT49PTUuSw+Onfmw9HZCxefPzWQLTl69PChg0deHHuh/UI1SC8t153dn8zs2fX6+1ffnOjNl+ep1ZajU4ZiqFFWyp7pdGJdtrUmnPR2MSO0JT3/0+rqK7f/bdETrSqvuIo5A1ZaqVQq9TdfXSzVu/zAEmDNioFu5wDojvyDPr3/zV+NOgIbVqb70XW3jlVugNJy381eEU+WF+bjIH1197edNBQR7xX//Cp9RbNxiJ4VShwAWJd+OJb3BOv6f4OVmZH756+9nP7/VzaHMhgR/46I7RHxn4jYERH/jYidEfG/iPh/3f7TrkupRfpDdfH59OcnoQo3O1TUhtL+30vZ3Fa1/7cgA4M9WWxrRN5hnjqQHZPh6Os/cWp66mCLNH589Zcvmq2r7f+lrzT9vC+Y5eNmb90A3eT43PiSC1zn1uWI3b315U96I5L5mYAkInZFxO429jtYEz713Dd75iN9C9+3ePnLSg3n0Towz1T6OuLZSO7fvX2pGAvqv5pismB+8sz4yamTU2fH5ucnRwdieurAaHoWHGiYxvWfr7zVLP1Fy//db/WbvHbk++MduylI639Tzfkf+fxttfyDSUQyP187234aV379vOnc6lLP/w3JO+Vwfl/60fjc3LmDERuSNx5cPlbdNo+n/6NYKf/wvsbtf3u2TXokHouI9CR+PCKeiModYpr3vRHxVETsa1H+n155+oO2y19oscMOSss/WXf9q9T8gvqvztc3CyTZ3GCDVT2n99641+Ti8XD1f7gcGs6WNL7+JQsuEc1ymn/apUv+WvbRAwAAgLWhEBFbasaStkShMDJSGQPaEZsK0zOzc/tPzJw/O5muixiMvkI+0lUZD+5L8vHPwZr4WF38UDZu/GXPxnJ8ZGJmerKrJQc2l9t8UhiJeLenpv2nfve9E3j0eV4L1q9W7T/txO+8uoqZAVbVw3/+X/t4RTMCrLqa9t/sCf/iEr73BawB7v+BqsV/6Mc1A9a+krYM61pb7X+/HwGER0lvvD0fXqXnDoF/iKX2/z/tcD6AVbXoc/3LCpT6G68aiAffHAOtd9gTS8vGxgZpdSWQ9qy6kvrGpWyV/5pC0/dEob0d9kdn6vTEMo9G8dzsyZ0dP/lL2XflO12D3zZvp9f7W9TO8gNduRwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03N8BAAD//6Yc4S8=") r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000000c0)=@v2={0x2, @adiantum, 0x3, '\x00', @c}) 1.107717405s ago: executing program 0 (id=1933): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000001, 0x8031, 0xffffffffffffffff, 0xc24f4000) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) 828.027995ms ago: executing program 5 (id=1935): syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0xa2b, &(0x7f0000001740)="$eJzs3c1vHGleB/BvdezE8Y6G7GwYhmh20kmUWe9scNoOkyiaA5vY7cSLX5DtSBMB2ow2CYpiMWgHpNkRh6yEODFihRAScEFz5DTScmAvKDc4cuKABPkP0IgDhANqVNXtpG33S+w4dsh+Pq1Kvf2et67qetLt7nrC/2etVquadrl+42/3s7K8fK7OPvriy8/L6ccPcjiH8n7x98lYknoy8r/VuTI6M7uyvDgko/vJrSQPkyLJkbTnfRzdtHYrxZ/mtafrD1P8dd7qkWxsh41jqBY/1w76/AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJfSzGyjMVVkYX7pxof1/qohwAfs38juZ9Wo38XPhhVbJEU5ZWxsY6jvt44/3f1m+c/pvN1ee7s98vdYPvvam8c++MZIbSP9gArti09+9Nn9j9bX7/zw6abRnoEjnXaVy0f2rXrP7vDukl1rLs2vLs8vXrnWrM+vLtcvX7zYOH99brU+N5/m6s3VteZifWaleWVteaU+MfPt+tTlyxfqzcmbyzeWrs1OLjQ3Nl76lelG42L9e5O/0byysrq8dP57k6sz1+cXFuaXrlUx5e4y5lJ5Iv76/Fp9rXllsV6/e2/9zoVhlSyDpnruKTYHTQ/LaboxPT01NT09dfH9y+9fajRGtm1obJFtEQd/0nJw/m5Pr93wnGqd/j8Lmc9SbuTD1Hs+ZjKblSxnsc/+jo3+/+z55sByu/v/jV7+rae7T6Tq/99pr71T9v8bXWh3/9+nLsMfrVY7s92m33h8kh/ls9zPR1nPeu7kh8+d47bH/+w8zWivrfXnb+32x7U0s5T5rGY581nMlWpLvbOlnsu5mItp5Pu5nrmspp65zGchzazmZlazlmZ1Rs1kJc1cyVqWs5J6JjKTb6eeqVzO5VxIPc1M5maWcyNLuZbZXKlyuZt71fN+YUAdnwRNPUvQ9ICg6Uayh/1/62X8nyAv2t5ewOE5tDr9/+G+Aa2NpYmZfasVAAAAsJd++Z/y+vE3/vHfktF8s/pcfm5+odk46GoBAAAAe6j6ut7b5Wy0XPpmCu//AQAA4FVTVL+xK5KM52R7qf1LqEPxIQAAAAC8Iqq//79TzsbLpZMpntwJ5dZB1w0AAADYG8PvsT80oji3cfvf+u32/HYnonOf3/G5+YXm5MzywgdTebe6y0D1S4NtuR1KitHq5wfv5VQ76tR4ez6+OcexMmpq8oOpvJfTnYZMnClnZyZ6RE63I7/VjvzWgMgLZSQAvOpOD+iPB/X//9VqK/v/93KuHXHuxMjhJCMnevSsDT0rALwsNo+x07v/HxJR/OrT9/+jnWw39f9v5O5/t79SMJkf5OOs53bOVb82qL5xsCnX3/pJ5zODJ19DaKQY8mnARuw/X6rl3JDPA8a7Bno5N+QTgXZsfju58OIPBADso9N9+uGd9P/nut7/Z/v7/ydDC93xk0IAeCk8GcH+BS4cdBsBgM300gAAAAAAAAAAAAAAAAAAAAAAAAAAALD39vRu/2O7TP7vnXH9XuwwBNsWjnaeg93n82dJ9q/OxR6XVduDfFpJ9ut47d9CjiW7flZ7nsaHkxx8u4YujHReEvc/Wj+oKxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7qUgO9dpeS44kaSQ5v/+1enEeHHQF9t+vda8Uj/M4n+b1g6sOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCrqXP//1ra86+1N2WklpxNcivJbx50HffS44OuwB45ust0Xff/L495WkVG2oc9xejM7MryYnn4q7Efao+++PLzcupKfuRZy6kCa1sGl+iUsDX2b17bWPp6lWp89s4n93//49+rz15NLYdzdW1uYXbx2sp3nyZ5s/hpUk972rBR3z88+w8/6dHyn5Yt7W1ruXPVkzO7vdxf6pV6cLmD3Fu/M12WtNb8cO0Pfvfep1273sip5MxEMrG5pN8ppz4lncrooNKKr4o/Ll7PX+RWdfzLZ6NoFeUh+oWq/Ufv3lu/M/mDj9dv96nTsZxMcjsZG1ynH3ftPlldT3qqzrraaFlqowoq/zk+pI0DdeU41acNX69OmfFOGw73bUO3ev82VLqe91qv/e0aXehTo2/k3eTMliSPWkeS/jV6d/CR7q34qvjX4nr+JX/UNf5HrTz+Z9P/1bk5iyqy60zpG1lrR1Ytn+7e8f2tkf/xl89U+57D1LBTf7LpxVvruv53jtUeXY9axcDrUVeJg18XQ0rcclYMeF1UPdLxLSk6V59+aTr1PN6O6lPPX8x3kpETg66K23rr7wy5ojxJ/93eu3f7+v+rYiL/mQfG/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF5+RXKo1/ZacjbJsY31etLaQbZH+u2ojRc7reKeevDkn1dCbacJisd5nE/z+oupDgAAAAAAAAD77ersoy++/LyciqOdTZ2/79eTkSTHij8/mtmV5cUhGY0mt5I8LJfHeuwf8Of+Ml1ee7r+sFx7a6ctAQCe1f8FAAD//7oCZu0=") prctl$PR_SET_SECUREBITS(0x1c, 0x7) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 759.674457ms ago: executing program 6 (id=1936): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000003e40), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000004080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2c, r0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004}, 0x10) 620.701551ms ago: executing program 6 (id=1937): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) preadv2(r0, &(0x7f0000000000)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x4) 609.524601ms ago: executing program 5 (id=1938): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) 595.670952ms ago: executing program 7 (id=1939): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89101) mount_setattr(r0, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0x7}, 0x20) 461.123466ms ago: executing program 6 (id=1940): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, 0x0, 0x0) 418.569007ms ago: executing program 7 (id=1941): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r0) sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000400000005000a00450000000800040000010000080001"], 0x2c}}, 0x0) 349.75022ms ago: executing program 5 (id=1942): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x4}]}}}, {0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x64}, @NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0xffffff53, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xc0}}, 0x0) 338.68354ms ago: executing program 6 (id=1943): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000000)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@grpquota}]}, 0x4, 0x4fb, &(0x7f0000000900)="$eJzs3c1vVF0ZAPDnTju09B3egrJQo4KIoiFMP4CG4ELYaAwhMRJXLqC2Q9N0hmk6LdLKoizdm0jiSv8Edy5MWLlw5053bnBhgko01MTFmHvn0g5thxb7MaXz+yV37j3nzsxzzkzPOXNPOz0B9KzzEbEaESci4kFEDOf5Sb7FrdaW3u/N66dTa6+fTiXRbN77R5KdT/Oi7TGpT/LnHIyIH3w34sfJ1riN5ZW5yWq1spCnRxZr8yON5ZUrs4U8Z3xibGL0xtXr4/tW13O137z6zuydH/7ut196+cfVb/40LVbpZ6eyc+31aNO315itqhej1JbXHxF39vrER0h//vPDxydtbZ+JiAtZ+x+OvuzdBACOs2ZzOJrD7WkA4LhLr/9LkRTK+VxAKQqFcrk1h3c2hgrVemPx8nB96dF0ZHNYp6NYeDhbrYzmc4Wno5ik6bHseCM9vil9NSLORMTPB05m6fJUvTrdzQ8+ANDDPtk0/v97oDX+AwDH3GC3CwAAHDrjPwD0HuM/APSeDxj/fTsQAI4J1/8A0HuM/wDQe3Yc/5/l+5MHXxYA4MB9/+7ddGuu5f//evrx8tK3So+vTFcac+Xa0lR5qr4wX56p12eqlfJUs7nT81Xr9fmxa+vJxvLK/Vp96dHi/dna5EzlfqV4wPUBAHZ25tyLPycRsXrzZLZF21oOxmo43grdLgDQNXte4Ar4aPk+D/SuXVzjmwaAY26bJXrf0fFPhJ5b/BU+Vpc+b/4fepX5f+hd/9/8/7f3vRzA4TP/D72r2Uys+Q8APcYcP7Cn3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjyplW1IoZ2uBr6a3hXI54lREnI5i8nC2WhmNiE8j4k8DxYE0PdbtQgMAe1T4W5Kv/3Vp+GJp89kTyX8Gsn1E/OSX937xZHJxcWEszf/nev7i8zx//EQ3KgAAtLu1Nas1Tuf7tgv5N6+fTr3dDrOIr263FhdN467lW+tMf/Rn+8EoRsTQv5I83ZJ+Xunbh/irzyLicxv1f9IWoZTNgbRWPt0cP4196gDib7z+m+MX3olfyM6l+2L2Wnx2H8oCvebF7VY/mbe9tInl7a8Q57P99u1/MOuh9u5t/7e2pf8rrPd/fVviJ1mbP7+efn9JXl37/fe2ZDaHW+eeRXyhf7v4yXr8pEP/e3GXdfzLF798odO55q8iLsX28VtqWTc7slibH2ksr1yZrU3OVGYqj8bHJ8YmRm9cvT4+ks1Rt27/sF2Mv9+8/Gmn+Gn9hzrEH9yh/l/bZf1//d8HP/rKe+J/46vbv/9n3xM/HRO/vsv4k0O3Oi7fncaf7lD/nd7/y7uM//KvK9O7vCsAcAgayytzk9VqZWGHg/Sz5k73ObSDvg9/1EBEHI3CH72DWI04AsVwcKQOut0zAQdto9F3uyQAAAAAAAAAAAAAAEAnjeWVuYE42K8TdbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHF//CwAA//+zZ8zN") syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x395c06b, 0x0, 0x11, 0x0, &(0x7f0000000000)) rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00') 321.9923ms ago: executing program 7 (id=1944): unshare(0x2020600) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 258.808632ms ago: executing program 5 (id=1945): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33) 242.160923ms ago: executing program 7 (id=1946): r0 = gettid() sigaltstack(&(0x7f0000001040)={&(0x7f0000001580)=""/4110, 0x80000001, 0xfffffffffffffefd}, 0x0) rt_sigqueueinfo(r0, 0x21, &(0x7f00000002c0)) 162.883105ms ago: executing program 7 (id=1947): mbind(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x8002, &(0x7f0000000180)=0x3ff, 0x8, 0x0) mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000) munlock(&(0x7f0000ff8000/0x6000)=nil, 0x6000) 157.596285ms ago: executing program 5 (id=1948): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = gettid() sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8500}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x2, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_PID={0x8, 0x13, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000) 20.7398ms ago: executing program 5 (id=1949): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) setrlimit(0x7, &(0x7f0000000400)) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) 0s ago: executing program 0 (id=1950): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000940)={[{}, {@usrquota}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0x3, 0x447, &(0x7f0000000380)="$eJzs28tvG0UYAPBv10lKX8SU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlW0IFSOqBJ3xIEDEn8BJ7gg4ITEFe6oUoV6aeFktPZuYjt2mocTF/z7SdvO7M5q5vPu2DM72QD61kj2TxKxKyJ+j4jhera5wEj9v1s3Lk7/fePidBLV6lt/JbVyN29cnC6KFuftzDOjaUT6aRIH2tQ7f/7C6alKZfZcnh9fOPP++Pz5C8+eOjN1cvbk7NnJY8eOHpl44fnJ57oSZ9amm/s/mju477V3rr4xffzquz9/mxTxt8TRJSMrHXyiWu1ydb21uyGdDPSwIaxJKSKyyzVY6//DUYqlizccr37S08YBm6parVZ3dj58uQr8jyXR6xYAvVH80Gfz32LboqHHHeH6S/UJUBb3rXyrHxmINC8z2DK/7aaRiDh++Z8vsy025zkEAECT77PxzzPtxn9p3N9Q7u58bagcEfdExJ6IuDci9kbEfRG1sg9ExINrrL91kWT5+Ce9tq7AVikb/72Yr201j/+K0V+US3ludy3+weTEqcrs4fwzGY3BbVl+YoU6fnjlt887HWsc/2VbVn8xFszbcW1gW/M5M1MLUxuJudH1jyP2D7SLP1lcCUgiYl9E7F9nHaee+uZgp2O3j38FXVhnqn4V8WT9+l+OlvgLycrrk+N3RWX28HhxVyz3y69X3uxU/4bi74Ls+u9oe/8vxl9OGtdr59dex5U/Pus4p1nd/V+91HhOdv8PJW/X0kP5vg+nFhbOTUQMJa/XG924f3Lp3CJflM/iHz3Uvv/viaVP4kBEZDfxQxHxcEQ8krf90Yh4LCIOrRD/Ty8//t76499cWfwza7r+S4mhaN3TPlE6/eN3TZWW1xJ/dv2P1lKj+Z7VfP+tpl3ru5sBAADgvyeNiF2RpGOL6TQdG6v/vfze2JFW5uYXnj4x98HZmfo7AuUYTIsnXcMNz0Mn8ml9kZ+M+LoxfyR/bvxFaXstPzY9V5npdfDQ53Z26P+ZP0u9bh2w6byvBf1L/4f+pf9D/9L/oX+16f/be9EOYOu1+/2/1IN2AFuvpf9b9oM+Yv4P/Uv/h/6l/0Nfmt8et39JXkJiWSLSO6IZEt1JpBHRtGf5d0W5F19QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG/RvAAAA//831udB") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) write$FUSE_INIT(r0, &(0x7f0000000880)={0x50, 0x1f04cd6136e01be9, 0x0, {0x7, 0x2d, 0x7fff, 0x20604, 0x3, 0x6, 0x4bc, 0xffff, 0x0, 0x0, 0x2, 0x7}}, 0x50) kernel console output (not intermixed with test programs): ge_slave_0: link becomes ready [ 147.655604][ T4254] usb 6-1: Product: syz [ 147.670095][ T4254] usb 6-1: Manufacturer: syz [ 147.676349][ T4258] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.683528][ T4258] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.709596][ T4254] usb 6-1: SerialNumber: syz [ 147.734044][ T4254] usb 6-1: config 0 descriptor?? [ 147.765579][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 147.787299][ T4254] ums-isd200 6-1:0.0: USB Mass Storage device detected [ 147.806951][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 147.863974][ T6492] loop4: detected capacity change from 0 to 512 [ 147.871170][ T4258] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.878334][ T4258] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.958554][ T6492] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 147.991712][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 148.007130][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 148.024211][ T6492] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=42c028, mo2=0002] [ 148.033615][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 148.045042][ T6492] EXT4-fs (loop4): orphan cleanup on readonly fs [ 148.058805][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 148.074557][ T6492] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3894: comm syz.4.807: Allocating blocks 41-42 which overlap fs metadata [ 148.083015][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 148.101385][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.115978][ T6492] Quota error (device loop4): write_blk: dquota write failed [ 148.135304][ T6223] device veth0_macvtap entered promiscuous mode [ 148.151944][ T6492] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 148.202451][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 148.220664][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 148.223479][ T6492] EXT4-fs error (device loop4): ext4_acquire_dquot:6236: comm syz.4.807: Failed to acquire dquot type 0 [ 148.244646][ T4254] scsi host1: usb-storage 6-1:0.0 [ 148.257228][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 148.270373][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.294722][ T6492] EXT4-fs error (device loop4): mb_free_blocks:1889: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 148.304786][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 148.319375][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.326939][ T6492] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #12: comm syz.4.807: corrupted inode contents [ 148.339711][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.369132][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 148.383287][ T6492] EXT4-fs error (device loop4): ext4_dirty_inode:6077: inode #12: comm syz.4.807: mark_inode_dirty error [ 148.405774][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.423058][ T6492] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #12: comm syz.4.807: corrupted inode contents [ 148.426844][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 148.482544][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.499607][ T6492] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #12: comm syz.4.807: mark_inode_dirty error [ 148.521668][ T4858] usb 6-1: USB disconnect, device number 2 [ 148.538928][ T6223] device veth1_macvtap entered promiscuous mode [ 148.571201][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 148.579015][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.603993][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 148.607773][ T6492] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #12: comm syz.4.807: corrupted inode contents [ 148.634240][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 148.666167][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 148.673775][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.683633][ T6492] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 148.693748][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 148.711855][ T6330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 148.736286][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.761128][ T6492] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #12: comm syz.4.807: corrupted inode contents [ 148.782660][ T6223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.800367][ T6223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.814921][ T6506] netlink: 8 bytes leftover after parsing attributes in process `syz.0.811'. [ 148.825857][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.832407][ T6492] EXT4-fs error (device loop4): ext4_truncate:4286: inode #12: comm syz.4.807: mark_inode_dirty error [ 148.847246][ T6223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.858833][ T6223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.869471][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.876720][ T6223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.888346][ T6492] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 148.897796][ T6223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.908938][ T6223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.919554][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 148.926608][ T6223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.936663][ T6492] EXT4-fs (loop4): 1 truncate cleaned up [ 148.942593][ T6492] EXT4-fs (loop4): pa ffff8880746339a0: logic 1, phys. 41, len 23 [ 148.950946][ T6492] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4904: group 0, free 22, pa_free 23 [ 148.981665][ T6223] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 149.006763][ T6382] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 149.016359][ T6492] EXT4-fs (loop4): Remounting filesystem read-only [ 149.042766][ T6382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 149.051441][ T6492] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,noblock_validity,errors=remount-ro,data_err=ignore,debug,resgid=0x000000000000ee01,noinit_itable,noinit_itable,journal_dev=0x0000000000000afb2. Quota mode: writeback. [ 149.084401][ T6223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.121700][ T6223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.144044][ T6223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.164909][ T6223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.193675][ T4274] Bluetooth: hci1: command 0x0419 tx timeout [ 149.209866][ T6223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.244377][ T6223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.275662][ T6223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.321664][ T6223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.349883][ T6223] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 149.391746][ T6509] netlink: 280 bytes leftover after parsing attributes in process `syz.0.812'. [ 149.432261][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 149.474009][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 149.486890][ T6223] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.523218][ T6223] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.595366][ T6223] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.643418][ T6223] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.726393][ T1282] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 149.741028][ T1282] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 149.750768][ T6527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.818'. [ 149.794880][ T6330] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 149.973849][ T4258] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.981725][ T4258] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.038394][ T6534] loop4: detected capacity change from 0 to 512 [ 150.062487][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 150.125700][ T6534] EXT4-fs (loop4): Ignoring removed oldalloc option [ 150.144388][ T4258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.179283][ T4258] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.209766][ T6534] EXT4-fs (loop4): 1 truncate cleaned up [ 150.250182][ T6534] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,bsdgroups,lazytime,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback. [ 150.268972][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 150.672814][ T6548] loop6: detected capacity change from 0 to 4096 [ 150.706886][ T6514] loop5: detected capacity change from 0 to 32768 [ 150.752423][ T6548] EXT4-fs (loop6): inline encryption not supported [ 150.790039][ T6548] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 150.806173][ T6548] System zones: 0-5 [ 150.827221][ T6548] EXT4-fs (loop6): mounted filesystem without journal. Opts: debug,delalloc,inlinecrypt,delalloc,errors=continue,errors=continue,delalloc,barrier,,errors=continue. Quota mode: writeback. [ 150.907525][ T6514] XFS (loop5): Mounting V5 Filesystem [ 150.986066][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 151.058966][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 151.126293][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 151.143446][ T6514] XFS (loop5): Ending clean mount [ 151.178480][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 151.229723][ T6330] device veth0_vlan entered promiscuous mode [ 151.301107][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 151.314101][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 151.360591][ T5988] XFS (loop5): Unmounting Filesystem [ 151.368700][ T6330] device veth1_vlan entered promiscuous mode [ 151.540264][ T6330] device veth0_macvtap entered promiscuous mode [ 151.554777][ T6330] device veth1_macvtap entered promiscuous mode [ 151.626723][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 151.646083][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 151.701287][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 151.777253][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 151.825219][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.846859][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.899511][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.968373][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.997290][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.032793][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.062810][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.107855][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.142764][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 152.177733][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.215817][ T6330] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 152.241469][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 152.250520][ T6603] loop4: detected capacity change from 0 to 1024 [ 152.300463][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 152.352309][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.384090][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.406573][ T6606] loop0: detected capacity change from 0 to 1764 [ 152.425478][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.472940][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.516043][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.558691][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.578983][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.602723][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.626395][ T6578] loop6: detected capacity change from 0 to 32768 [ 152.636105][ T6330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.646675][ T6330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.669882][ T6330] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 152.677595][ T1282] hfsplus: b-tree write err: -5, ino 25 [ 152.689519][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 152.699537][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 152.705036][ T1282] hfsplus: b-tree write err: -5, ino 4 [ 152.760829][ T6330] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.796349][ T1282] hfsplus: b-tree write err: -5, ino 2 [ 152.814747][ T6578] XFS (loop6): Mounting V5 Filesystem [ 152.835751][ T6330] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.844953][ T6330] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.853995][ T6330] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.064309][ T6624] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.073290][ T6624] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.082022][ T6624] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.090884][ T6624] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.137643][ T6578] XFS (loop6): Ending clean mount [ 153.153263][ T6578] XFS (loop6): Quotacheck needed: Please wait. [ 153.331863][ T4258] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.343523][ T6578] XFS (loop6): Quotacheck: Done. [ 153.382564][ T4258] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.427924][ T4258] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 153.515921][ T144] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.578938][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.599730][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.610652][ T6634] loop5: detected capacity change from 0 to 4096 [ 153.639569][ T144] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.675701][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 153.689248][ T6223] XFS (loop6): Unmounting Filesystem [ 153.917166][ T144] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.944062][ T5988] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22. [ 153.950751][ T5988] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 154.068390][ T144] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.095345][ T6650] loop0: detected capacity change from 0 to 2048 [ 154.223631][ T6656] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 154.267434][ T6659] loop7: detected capacity change from 0 to 16 [ 154.393373][ T6659] erofs: (device loop7): mounted with root inode @ nid 36. [ 154.479305][ T6659] erofs: (device loop7): erofs_read_inode: bogus i_mode (4355) @ nid 46 [ 154.753541][ T6667] loop0: detected capacity change from 0 to 2048 [ 154.837130][ T6667] EXT4-fs warning (device loop0): read_mmp_block:115: Error -117 while reading MMP block 15 [ 154.852635][ T6672] netlink: 8 bytes leftover after parsing attributes in process `syz.4.854'. [ 155.282217][ T6679] loop4: detected capacity change from 0 to 4096 [ 155.317296][ T6655] loop5: detected capacity change from 0 to 32768 [ 155.378525][ T6679] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 155.443776][ T6679] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 155.487728][ T6679] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 155.487765][ T6679] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 155.487826][ T6679] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 155.564369][ T6699] loop0: detected capacity change from 0 to 16 [ 155.599000][ T6679] ntfs: volume version 3.1. [ 155.600201][ T6655] XFS (loop5): Mounting V5 Filesystem [ 155.601293][ T6679] ntfs: (device loop4): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 155.601788][ T6679] ntfs: (device loop4): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 155.602939][ T6679] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 155.602964][ T6679] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 155.602983][ T6679] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 155.718547][ T6699] erofs: (device loop0): mounted with root inode @ nid 36. [ 155.773465][ T6699] erofs: (device loop0): erofs_read_inode: bogus i_mode (4355) @ nid 46 [ 155.813742][ T6655] XFS (loop5): Ending clean mount [ 155.816479][ T6655] XFS (loop5): Quotacheck needed: Please wait. [ 155.915917][ T6655] XFS (loop5): Quotacheck: Done. [ 156.163814][ T5988] XFS (loop5): Unmounting Filesystem [ 156.254922][ T144] device hsr_slave_0 left promiscuous mode [ 156.299926][ T144] device hsr_slave_1 left promiscuous mode [ 156.364072][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 156.371611][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 156.416046][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 156.451673][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 156.511059][ T144] device bridge_slave_1 left promiscuous mode [ 156.527588][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.569642][ T144] device bridge_slave_0 left promiscuous mode [ 156.599230][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.677953][ T144] device veth1_macvtap left promiscuous mode [ 156.696734][ T144] device veth0_macvtap left promiscuous mode [ 156.717101][ T144] device veth1_vlan left promiscuous mode [ 156.747531][ T144] device veth0_vlan left promiscuous mode [ 156.934608][ T6707] loop6: detected capacity change from 0 to 32768 [ 157.011968][ T6733] loop0: detected capacity change from 0 to 4096 [ 157.020199][ T6707] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop6 scanned by syz.6.844 (6707) [ 157.114001][ T6707] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 157.195806][ T6707] BTRFS info (device loop6): using free space tree [ 157.249155][ T6707] BTRFS info (device loop6): has skinny extents [ 157.260998][ T6733] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 157.292325][ T6733] ntfs3: loop0: failed to convert name for inode 1e. [ 157.467532][ T6721] loop7: detected capacity change from 0 to 32768 [ 157.544631][ T6721] JBD2: Ignoring recovery information on journal [ 157.622926][ T6707] BTRFS info (device loop6): enabling ssd optimizations [ 157.651121][ T6721] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 157.795456][ T6330] ocfs2: Unmounting device (7,7) on (node local) [ 157.869330][ T4233] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 158.168264][ T4233] usb 1-1: Using ep0 maxpacket: 32 [ 158.208566][ T144] team0 (unregistering): Port device team_slave_1 removed [ 158.316690][ T144] team0 (unregistering): Port device team_slave_0 removed [ 158.319249][ T4233] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.347035][ T4233] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.357596][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 158.362740][ T4233] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 158.382351][ T4233] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.405886][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 158.413912][ T4233] usb 1-1: config 0 descriptor?? [ 158.463514][ T4233] hub 1-1:0.0: USB hub found [ 158.529641][ T6786] loop6: p3 p4 < > [ 158.547997][ T6786] loop6: p3 start 4284289 is beyond EOD, truncated [ 158.560702][ T144] bond0 (unregistering): Released all slaves [ 158.579225][ T3561] loop6: p3 p4 < > [ 158.583389][ T3561] loop6: p3 start 4284289 is beyond EOD, truncated [ 158.635347][ T6737] netlink: 60 bytes leftover after parsing attributes in process `syz.4.875'. [ 158.696094][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory [ 158.762088][ T4233] hub 1-1:0.0: config failed, can't read hub descriptor (err -90) [ 158.885091][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory [ 159.012225][ T6801] set_capacity_and_notify: 1 callbacks suppressed [ 159.012242][ T6801] loop6: detected capacity change from 0 to 256 [ 159.033510][ T6776] kernel write not supported for file /uhid (pid: 6776 comm: kworker/0:19) [ 159.062283][ T4233] usbhid 1-1:0.0: can't add hid device: -71 [ 159.070233][ T4233] usbhid: probe of 1-1:0.0 failed with error -71 [ 159.142874][ T4233] usb 1-1: USB disconnect, device number 8 [ 159.230970][ T6801] FAT-fs (loop6): Directory bread(block 64) failed [ 159.272237][ T6801] FAT-fs (loop6): Directory bread(block 65) failed [ 159.309121][ T6801] FAT-fs (loop6): Directory bread(block 66) failed [ 159.346589][ T6801] FAT-fs (loop6): Directory bread(block 67) failed [ 159.385594][ T6801] FAT-fs (loop6): Directory bread(block 68) failed [ 159.415349][ T6801] FAT-fs (loop6): Directory bread(block 69) failed [ 159.443246][ T6801] FAT-fs (loop6): Directory bread(block 70) failed [ 159.478980][ T6801] FAT-fs (loop6): Directory bread(block 71) failed [ 159.508035][ T6801] FAT-fs (loop6): Directory bread(block 72) failed [ 159.539294][ T6801] FAT-fs (loop6): Directory bread(block 73) failed [ 159.675768][ T6820] netlink: 'syz.0.897': attribute type 3 has an invalid length. [ 159.735421][ T6820] netlink: 44 bytes leftover after parsing attributes in process `syz.0.897'. [ 159.826380][ T6825] program syz.4.899 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 159.839690][ T6822] loop5: detected capacity change from 0 to 2048 [ 159.974695][ T6822] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 160.133174][ T6795] loop7: detected capacity change from 0 to 32768 [ 160.300728][ T6795] XFS (loop7): Mounting V5 Filesystem [ 160.401510][ T6795] XFS (loop7): Ending clean mount [ 160.558007][ T6867] loop6: detected capacity change from 0 to 512 [ 160.641731][ T5280] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 160.657411][ T6867] EXT4-fs (loop6): Ignoring removed orlov option [ 160.683450][ T6330] XFS (loop7): Unmounting Filesystem [ 160.756686][ T6867] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 160.816293][ T6867] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000c018, mo2=0002] [ 160.840311][ T6867] System zones: 1-12 [ 160.882190][ T6867] EXT4-fs error (device loop6): ext4_iget_extra_inode:4573: inode #15: comm syz.6.913: corrupted in-inode xattr [ 160.994022][ T6867] EXT4-fs error (device loop6): ext4_orphan_get:1411: comm syz.6.913: couldn't read orphan inode 15 (err -117) [ 161.021952][ T5280] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.061747][ T5280] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 161.100056][ T5280] usb 6-1: config 0 interface 0 has no altsetting 0 [ 161.106933][ T6867] EXT4-fs (loop6): mounted filesystem without journal. Opts: orlov,jqfmt=vfsv0,sysvgroups,debug,nobarrier,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: none. [ 161.134864][ T5280] usb 6-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00 [ 161.180930][ T5280] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.224244][ T5280] usb 6-1: config 0 descriptor?? [ 161.704469][ T5280] chicony 0003:04F2:1236.000B: unknown main item tag 0x0 [ 161.731639][ T5280] chicony 0003:04F2:1236.000B: unknown main item tag 0x0 [ 161.759073][ T5280] chicony 0003:04F2:1236.000B: unknown main item tag 0x0 [ 161.805677][ T5280] chicony 0003:04F2:1236.000B: unknown main item tag 0x0 [ 161.843563][ T5280] chicony 0003:04F2:1236.000B: unknown main item tag 0x0 [ 161.872022][ T5280] chicony 0003:04F2:1236.000B: unknown main item tag 0x0 [ 161.897762][ T5280] chicony 0003:04F2:1236.000B: hidraw0: USB HID vff.fc Device [HID 04f2:1236] on usb-dummy_hcd.5-1/input0 [ 161.968703][ T6869] loop0: detected capacity change from 0 to 32768 [ 161.984346][ T5280] usb 6-1: USB disconnect, device number 3 [ 162.157196][ T6869] XFS (loop0): Mounting V5 Filesystem [ 162.185491][ T6906] fido_id[6906]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 162.407909][ T6869] XFS (loop0): Ending clean mount [ 162.452001][ T6869] XFS (loop0): Quotacheck needed: Please wait. [ 162.556855][ T6869] XFS (loop0): Quotacheck: Done. [ 162.596718][ T6930] loop5: detected capacity change from 0 to 128 [ 162.651491][ T4274] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 162.680812][ T6930] FAT-fs (loop5): error, invalid access to FAT (entry 0x0002ffff) [ 162.718884][ T6930] FAT-fs (loop5): Filesystem has been set read-only [ 162.901429][ T4274] usb 5-1: Using ep0 maxpacket: 8 [ 162.945712][ T6938] netlink: 192436 bytes leftover after parsing attributes in process `syz.6.931'. [ 162.983165][ T6938] openvswitch: netlink: Tunnel attr 159 out of range max 16 [ 162.997869][ T4190] XFS (loop0): Unmounting Filesystem [ 163.021701][ T4274] usb 5-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 163.051184][ T4274] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.107049][ T4274] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 163.122941][ T6934] loop7: detected capacity change from 0 to 4096 [ 163.158472][ T4274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.201499][ T4274] usb 5-1: config 0 descriptor?? [ 163.577007][ T6948] loop6: detected capacity change from 0 to 8192 [ 163.680506][ T6948] REISERFS (device loop6): found reiserfs format "3.6" with non-standard journal [ 163.693741][ T4274] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x3 [ 163.700946][ T4274] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 163.719438][ T4274] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 163.726767][ T4274] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 163.734148][ T4274] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 163.740725][ T6948] REISERFS (device loop6): using ordered data mode [ 163.741406][ T4274] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 163.741437][ T4274] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 163.741463][ T4274] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 163.750974][ T4274] kovaplus 0003:1E7D:2D50.000C: hidraw0: USB HID v0.04 Device [HID 1e7d:2d50] on usb-dummy_hcd.4-1/input0 [ 163.810578][ T6948] reiserfs: using flush barriers [ 163.817066][ T6948] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 163.855633][ T6948] REISERFS (device loop6): checking transaction log (loop6) [ 163.923776][ T4274] usb 5-1: USB disconnect, device number 5 [ 164.082646][ T6964] fido_id[6964]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 164.269038][ T6948] REISERFS (device loop6): Using tea hash to sort names [ 165.029929][ T6966] loop7: detected capacity change from 0 to 40427 [ 165.075287][ T6997] loop4: detected capacity change from 0 to 2048 [ 165.081448][ T5280] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 165.168245][ T6966] F2FS-fs (loop7): Invalid SB checksum offset: 0 [ 165.180130][ T6966] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 165.193500][ T6997] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 165.212203][ T6966] F2FS-fs (loop7): invalid crc value [ 165.332288][ T6966] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 165.349950][ T6997] EXT4-fs error (device loop4): ext4_find_extent:893: inode #2: comm syz.4.946: inode has invalid extent depth: 7 [ 165.353891][ T6977] loop0: detected capacity change from 0 to 32768 [ 165.377461][ T6982] loop5: detected capacity change from 0 to 32768 [ 165.451367][ T5280] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 165.467811][ T5280] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.489173][ T5280] usb 7-1: config 0 descriptor?? [ 165.542436][ T5280] cp210x 7-1:0.0: cp210x converter detected [ 165.565892][ T6977] jfs_lookup: iget failed on inum 4 [ 165.609868][ T6977] jfs_lookup: iget failed on inum 4 [ 165.620153][ T6982] XFS (loop5): Mounting V5 Filesystem [ 165.680316][ T6966] F2FS-fs (loop7): Try to recover 2th superblock, ret: 0 [ 165.721186][ T6966] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 165.765607][ T7020] loop4: detected capacity change from 0 to 2048 [ 165.784796][ T7020] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 165.847440][ T6982] XFS (loop5): Ending clean mount [ 165.855058][ T6982] XFS (loop5): Quotacheck needed: Please wait. [ 165.958450][ T6330] attempt to access beyond end of device [ 165.958450][ T6330] loop7: rw=2049, want=45104, limit=40427 [ 165.980842][ T6982] XFS (loop5): Quotacheck: Done. [ 165.986456][ T5280] usb 7-1: cp210x converter now attached to ttyUSB0 [ 166.028882][ T5280] usb 7-1: USB disconnect, device number 2 [ 166.095202][ T5280] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 166.109701][ T5280] cp210x 7-1:0.0: device disconnected [ 166.349997][ T5988] XFS (loop5): Unmounting Filesystem [ 167.197823][ T7062] loop0: detected capacity change from 0 to 4096 [ 167.247458][ T7062] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 167.283078][ T7062] EXT4-fs (loop0): mounted filesystem without journal. Opts: mblk_io_submit,errors=continue,data_err=abort,nodelalloc,stripe=0x0000000000000001,acl,auto_da_alloc=0x000000000000000f,quota,,errors=continue. Quota mode: writeback. [ 167.543491][ T5280] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 167.610420][ T7044] loop6: detected capacity change from 0 to 32768 [ 167.642576][ T7081] loop7: detected capacity change from 0 to 512 [ 167.774827][ T7044] XFS (loop6): Mounting V5 Filesystem [ 167.790991][ T7081] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 167.920951][ T5280] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 167.952253][ T7081] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 167.978887][ T5280] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.017404][ T7081] EXT4-fs (loop7): orphan cleanup on readonly fs [ 168.066885][ T7081] __quota_error: 6 callbacks suppressed [ 168.066904][ T7081] Quota error (device loop7): v2_read_file_info: Block with free entry too big (4294967071 >= 6). [ 168.105431][ T5280] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 168.124835][ T5280] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 168.143271][ T5280] usb 6-1: Manufacturer: syz [ 168.152990][ T5280] usb 6-1: config 0 descriptor?? [ 168.169505][ T7081] EXT4-fs warning (device loop7): ext4_enable_quotas:6488: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 168.185127][ T7069] loop4: detected capacity change from 0 to 32768 [ 168.197022][ T7081] EXT4-fs (loop7): Cannot turn on quotas: error -117 [ 168.216472][ T7044] XFS (loop6): Ending clean mount [ 168.242812][ T7044] XFS (loop6): Quotacheck needed: Please wait. [ 168.256355][ T7081] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.965: bg 0: block 15: invalid block bitmap [ 168.299697][ T7081] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6191: Corrupt filesystem [ 168.382704][ T7069] XFS (loop4): Mounting V5 Filesystem [ 168.400902][ T5280] rc_core: IR keymap rc-hauppauge not found [ 168.408742][ T7081] EXT4-fs (loop7): 1 truncate cleaned up [ 168.436142][ T5280] Registered IR keymap rc-empty [ 168.472799][ T5280] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 168.491576][ T7081] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 168.550245][ T5280] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input11 [ 168.610114][ T7044] XFS (loop6): Quotacheck: Done. [ 168.620257][ T7069] XFS (loop4): Ending clean mount [ 168.833706][ T4191] XFS (loop4): Unmounting Filesystem [ 168.842191][ T6223] XFS (loop6): Unmounting Filesystem [ 169.047570][ T5285] usb 6-1: USB disconnect, device number 4 [ 169.627287][ T7128] loop0: detected capacity change from 0 to 32768 [ 169.783322][ T7146] netlink: 4 bytes leftover after parsing attributes in process `syz.4.974'. [ 170.001785][ T7145] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 170.016387][ T7145] ext4 filesystem being mounted at /24/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.042486][ T7145] EXT4-fs warning (device loop6): ext4_group_add:1676: Can't resize non-sparse filesystem further [ 170.066060][ T7156] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 170.493800][ T7179] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_bridge, syncid = 32, id = 0 [ 170.776745][ T7184] set_capacity_and_notify: 2 callbacks suppressed [ 170.776761][ T7184] loop5: detected capacity change from 0 to 4096 [ 170.869566][ T7181] loop6: detected capacity change from 0 to 4096 [ 170.897240][ T7194] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 170.959951][ T7184] attempt to access beyond end of device [ 170.959951][ T7184] loop5: rw=0, want=88500, limit=4096 [ 171.031276][ T7184] NILFS (loop5): I/O error reading node block for GC (ino=129, vblocknr=32768) [ 171.047075][ T7181] ntfs3: loop6: ntfs_set_state r=3 failed, -22. [ 171.106977][ T7199] netlink: 20 bytes leftover after parsing attributes in process `syz.4.993'. [ 171.139162][ T7184] NILFS (loop5): error -5 preparing GC: cannot read source blocks [ 171.306442][ T155] ntfs3: loop6: ntfs3_write_inode r=3 failed, -22. [ 171.340496][ T6223] ntfs3: loop6: ntfs_set_state r=3 failed, -22. [ 171.355725][ T6223] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 171.418954][ T6223] ntfs3: loop6: ntfs_set_state r=3 failed, -22. [ 171.456699][ T155] ntfs3: loop6: ntfs3_write_inode r=3 failed, -22. [ 171.469561][ T7165] loop0: detected capacity change from 0 to 32768 [ 171.494492][ T7209] sch_fq: defrate 4294967295 ignored. [ 171.496270][ T6223] ntfs3: loop6: ntfs_evict_inode r=3 failed, -22. [ 171.616008][ T7165] (syz.0.976,7165,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 171.666137][ T7216] loop6: detected capacity change from 0 to 764 [ 171.691653][ T7165] (syz.0.976,7165,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 171.771322][ T7216] Symlink component flag not implemented [ 171.777507][ T7216] Symlink component flag not implemented [ 171.807281][ T7165] JBD2: Ignoring recovery information on journal [ 171.828832][ T7216] Symlink component flag not implemented (128) [ 171.835323][ T7216] Symlink component flag not implemented (122) [ 171.970578][ T7165] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 172.263939][ T7208] loop7: detected capacity change from 0 to 32768 [ 172.453556][ T7208] XFS (loop7): Mounting V5 Filesystem [ 172.489918][ T4190] ocfs2: Unmounting device (7,0) on (node local) [ 172.519208][ T7218] loop5: detected capacity change from 0 to 32768 [ 172.717151][ T7208] XFS (loop7): Ending clean mount [ 172.737664][ T7218] JBD2: Ignoring recovery information on journal [ 172.831044][ T7208] XFS (loop7): Quotacheck needed: Please wait. [ 172.955961][ T7251] loop4: detected capacity change from 0 to 8192 [ 173.007155][ T7218] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 173.056788][ T7208] XFS (loop7): Quotacheck: Done. [ 173.072036][ T7251] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 173.160332][ T7251] REISERFS (device loop4): using ordered data mode [ 173.166905][ T7251] reiserfs: using flush barriers [ 173.179055][ T7251] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 173.196709][ T7251] REISERFS (device loop4): checking transaction log (loop4) [ 173.240297][ T7218] OCFS2: ERROR (device loop5): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 173.345870][ T7218] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 173.407011][ T6330] XFS (loop7): Unmounting Filesystem [ 173.410703][ T7218] OCFS2: File system is now read-only. [ 173.442246][ T7218] (syz.5.1000,7218,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 173.457187][ T7251] REISERFS (device loop4): Using tea hash to sort names [ 173.529464][ T7218] OCFS2: ERROR (device loop5): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 173.575773][ T7218] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 173.605424][ T7218] (syz.5.1000,7218,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 173.650365][ T7218] (syz.5.1000,7218,0):ocfs2_mknod:502 ERROR: status = -30 [ 173.685549][ T7218] (syz.5.1000,7218,0):ocfs2_create:676 ERROR: status = -30 [ 173.765060][ T5988] ocfs2: Unmounting device (7,5) on (node local) [ 173.781055][ T7254] loop6: detected capacity change from 0 to 32768 [ 173.904323][ T7254] XFS (loop6): Mounting V5 Filesystem [ 174.137809][ T7254] XFS (loop6): Ending clean mount [ 174.177650][ T7254] XFS (loop6): Quotacheck needed: Please wait. [ 174.317930][ T7254] XFS (loop6): Quotacheck: Done. [ 174.386132][ T7293] loop0: detected capacity change from 0 to 1024 [ 174.567598][ T6223] XFS (loop6): Unmounting Filesystem [ 174.786251][ T7307] loop4: detected capacity change from 0 to 128 [ 174.860024][ T4274] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 175.011531][ T7287] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x1ffff [ 175.057700][ T7287] F2FS-fs (loop5): invalid crc value [ 175.102298][ T7287] F2FS-fs (loop5): Found nat_bits in checkpoint [ 175.234158][ T4274] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.258217][ T4274] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.281871][ T4274] usb 8-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 175.289186][ T7307] EXT4-fs (loop4): Test dummy encryption mode enabled [ 175.310057][ T4274] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.318436][ T7287] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 175.351488][ T4274] usb 8-1: config 0 descriptor?? [ 175.402453][ T7307] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042] [ 175.425071][ T7287] attempt to access beyond end of device [ 175.425071][ T7287] loop5: rw=0, want=45072, limit=40427 [ 175.434660][ T7307] System zones: 1-3, 19-19, 35-36 [ 175.460053][ T7307] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,nolazytime,dax=inode,jqfmt=vfsv0,dioread_lock,usrjquota=.,test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 175.505380][ T7307] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.571400][ T7307] EXT4-fs warning (device loop4): ext4_group_extend:1852: can't read last block, resize aborted [ 175.852683][ T5285] kernel read not supported for file /usbmon0 (pid: 5285 comm: kworker/1:16) [ 175.868029][ T4274] hkems 0003:2006:0118.000D: hidraw0: USB HID v0.00 Device [HID 2006:0118] on usb-dummy_hcd.7-1/input0 [ 175.889953][ T4274] hkems 0003:2006:0118.000D: no inputs found [ 175.904061][ T4274] hkems 0003:2006:0118.000D: force feedback init failed [ 176.068871][ T5285] usb 8-1: USB disconnect, device number 2 [ 176.199515][ T7350] fido_id[7350]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 176.388962][ T7364] set_capacity_and_notify: 1 callbacks suppressed [ 176.388979][ T7364] loop4: detected capacity change from 0 to 1024 [ 176.659231][ T7376] program syz.6.1041 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 177.293567][ T7410] loop4: detected capacity change from 0 to 256 [ 177.424083][ T7410] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d) [ 177.598696][ T7419] loop7: detected capacity change from 0 to 64 [ 177.653007][ T7419] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 177.737448][ T7424] loop4: detected capacity change from 0 to 512 [ 177.740169][ T7419] hfs: filesystem is marked locked, mounting read-only. [ 177.912151][ T7424] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,resuid=0x0000000000000000,,errors=continue. Quota mode: writeback. [ 177.928121][ T7424] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 177.956808][ T7424] EXT4-fs error (device loop4): ext4_add_entry:2486: inode #12: comm syz.4.1058: Directory hole found for htree leaf block 0 [ 178.253681][ T7447] raw_sendmsg: syz.0.1067 forgot to set AF_INET. Fix it! [ 178.768953][ T7481] loop7: detected capacity change from 0 to 8 [ 178.895957][ T7488] loop6: detected capacity change from 0 to 128 [ 179.088175][ T7490] syz.4.1083 (7490) used greatest stack depth: 19088 bytes left [ 179.643872][ T7522] loop6: detected capacity change from 0 to 512 [ 179.729749][ T7522] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 179.780791][ T7522] EXT4-fs error (device loop6): ext4_fill_super:4872: inode #2: comm syz.6.1095: inode has both inline data and extents flags [ 179.832853][ T7522] EXT4-fs (loop6): get root inode failed [ 179.882048][ T7522] EXT4-fs (loop6): mount failed [ 179.897782][ T7484] loop5: detected capacity change from 0 to 32768 [ 179.954744][ T7484] XFS (loop5): Mounting V5 Filesystem [ 180.108740][ T7484] XFS (loop5): Ending clean mount [ 180.250652][ T5988] XFS (loop5): Unmounting Filesystem [ 180.355891][ T7548] loop4: detected capacity change from 0 to 512 [ 180.400994][ T7548] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (33162!=33349) [ 180.473176][ T7548] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 180.514257][ T7548] System zones: 1-12 [ 180.519713][ T7548] EXT4-fs (loop4): orphan cleanup on readonly fs [ 180.532056][ T7548] EXT4-fs error (device loop4): ext4_read_inode_bitmap:168: comm syz.4.1101: Inode bitmap for bg 0 marked uninitialized [ 180.554795][ T7548] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,,errors=continue. Quota mode: none. [ 180.578365][ T7548] EXT4-fs error (device loop4): ext4_map_blocks:631: inode #2: block 5: comm syz.4.1101: lblock 0 mapped to illegal pblock 5 (length 1) [ 180.628581][ T7547] loop6: detected capacity change from 0 to 4096 [ 180.700565][ T7548] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.1101: error -117 reading directory block [ 181.130348][ T7566] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 181.239297][ T7569] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 181.344497][ T7547] ntfs3: Cannot use different iocharset when remounting! [ 181.737696][ T7593] tmpfs: Bad value for 'mpol' [ 182.133043][ T7564] set_capacity_and_notify: 1 callbacks suppressed [ 182.133059][ T7564] loop7: detected capacity change from 0 to 32768 [ 182.286161][ T7564] XFS (loop7): Mounting V5 Filesystem [ 182.321069][ T7624] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1122'. [ 182.333351][ T7624] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1122'. [ 182.492931][ T7564] XFS (loop7): Ending clean mount [ 182.582041][ T6330] XFS (loop7): Unmounting Filesystem [ 182.634922][ T7639] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1125'. [ 182.769524][ T7611] loop4: detected capacity change from 0 to 32768 [ 182.805772][ T7645] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1130'. [ 182.877620][ T7611] (syz.4.1119,7611,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 182.927847][ T7611] (syz.4.1119,7611,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 183.023588][ T7611] JBD2: Ignoring recovery information on journal [ 183.299392][ T7611] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 183.326903][ T7672] loop5: detected capacity change from 0 to 64 [ 183.534074][ T4191] ocfs2: Unmounting device (7,4) on (node local) [ 183.799422][ T7697] loop5: detected capacity change from 0 to 1024 [ 183.837672][ T6777] libceph: connect (1)[c::]:6789 error -101 [ 183.855429][ T7701] loop6: detected capacity change from 0 to 1024 [ 183.863108][ T6777] libceph: mon0 (1)[c::]:6789 connect error [ 183.928760][ T6777] libceph: connect (1)[c::]:6789 error -101 [ 183.931831][ T7697] EXT4-fs (loop5): Ignoring removed bh option [ 183.950257][ T7701] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 183.968770][ T6777] libceph: mon0 (1)[c::]:6789 connect error [ 183.986465][ T7697] EXT4-fs (loop5): inline encryption not supported [ 184.001868][ T7697] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 184.008756][ T7703] tmpfs: Cannot retroactively limit inodes [ 184.037722][ T7697] EXT4-fs error (device loop5): ext4_map_blocks:631: inode #3: block 2: comm syz.5.1154: lblock 2 mapped to illegal pblock 2 (length 1) [ 184.135649][ T7697] Quota error (device loop5): qtree_write_dquot: dquota write failed [ 184.167067][ T7697] EXT4-fs error (device loop5): __ext4_get_inode_loc:4334: comm syz.5.1154: Invalid inode table block 1 in block_group 0 [ 184.195482][ T7697] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 184.207988][ T7697] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.1154: mark_inode_dirty error [ 184.226048][ T7710] netlink: 596 bytes leftover after parsing attributes in process `syz.6.1156'. [ 184.260997][ T7697] Quota error (device loop5): v2_write_file_info: Can't write info structure [ 184.277919][ T6778] libceph: connect (1)[c::]:6789 error -101 [ 184.281118][ T7697] EXT4-fs error (device loop5): ext4_acquire_dquot:6236: comm syz.5.1154: Failed to acquire dquot type 0 [ 184.298335][ T6778] libceph: mon0 (1)[c::]:6789 connect error [ 184.365058][ T7697] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 184.396832][ T7697] EXT4-fs error (device loop5): ext4_evict_inode:284: inode #11: comm syz.5.1154: mark_inode_dirty error [ 184.415187][ T7697] EXT4-fs warning (device loop5): ext4_evict_inode:287: couldn't mark inode dirty (err -117) [ 184.426335][ T7697] EXT4-fs (loop5): 1 orphan inode deleted [ 184.438953][ T9] EXT4-fs error (device loop5): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 184.462333][ T7697] EXT4-fs (loop5): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x00000000000008c9,debug,inlinecrypt,,errors=continue. Quota mode: writeback. [ 184.499573][ T9] Quota error (device loop5): remove_tree: Can't read quota data block 1 [ 184.516165][ T7721] netlink: 'syz.4.1160': attribute type 49 has an invalid length. [ 184.538804][ T9] EXT4-fs error (device loop5): ext4_release_dquot:6272: comm kworker/u4:0: Failed to release dquot type 0 [ 184.570019][ T7690] ceph: No mds server is up or the cluster is laggy [ 184.604606][ T7697] EXT4-fs error (device loop5): ext4_map_blocks:631: inode #2: block 16: comm syz.5.1154: lblock 0 mapped to illegal pblock 16 (length 1) [ 184.654620][ T7697] EXT4-fs error (device loop5): __ext4_get_inode_loc:4334: comm syz.5.1154: Invalid inode table block 1 in block_group 0 [ 184.727747][ T7697] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 184.760072][ T7697] EXT4-fs error (device loop5): ext4_dirty_inode:6077: inode #2: comm syz.5.1154: mark_inode_dirty error [ 184.898856][ T6382] EXT4-fs error (device loop5): __ext4_get_inode_loc:4334: comm kworker/u4:8: Invalid inode table block 1 in block_group 0 [ 184.975621][ T5988] EXT4-fs error (device loop5): __ext4_get_inode_loc:4334: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 184.997331][ T5988] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 185.034840][ T5988] EXT4-fs error (device loop5): ext4_quota_off:6542: inode #3: comm syz-executor: mark_inode_dirty error [ 185.268128][ T7739] loop5: detected capacity change from 0 to 16 [ 185.296689][ T7719] loop6: detected capacity change from 0 to 32768 [ 185.336393][ T7741] loop4: detected capacity change from 0 to 1024 [ 185.392483][ T7741] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 185.403266][ T7739] erofs: (device loop5): mounted with root inode @ nid 36. [ 185.410638][ T7741] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 185.447206][ T7719] (syz.6.1158,7719,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 185.463890][ T7741] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 185.478819][ T7741] System zones: 0-1, 3-36 [ 185.508811][ T7741] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,delalloc,nobarrier,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 185.537481][ T7739] erofs: (device loop5): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 185.558970][ T7719] (syz.6.1158,7719,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 185.638746][ T7739] erofs: (device loop5): z_erofs_readahead: readahead error at page 1 @ nid 89 [ 185.647787][ T7739] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 185.678644][ T7719] JBD2: Ignoring recovery information on journal [ 185.696705][ T7739] attempt to access beyond end of device [ 185.696705][ T7739] loop5: rw=524288, want=24, limit=16 [ 185.764042][ T7739] erofs: (device loop5): z_erofs_readpage: failed to read, err [-117] [ 185.806174][ T26] audit: type=1800 audit(1779142383.027:24): pid=7739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1164" name="file2" dev="loop5" ino=89 res=0 errno=0 [ 185.833555][ T7719] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 186.172927][ T7770] loop4: detected capacity change from 0 to 512 [ 186.215124][ T6223] ocfs2: Unmounting device (7,6) on (node local) [ 186.224407][ T7772] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1179'. [ 186.254493][ T7772] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1179'. [ 186.279562][ T7772] netlink: 'syz.5.1179': attribute type 14 has an invalid length. [ 186.287503][ T7772] netlink: 'syz.5.1179': attribute type 11 has an invalid length. [ 186.627172][ T7787] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1180'. [ 186.662884][ T7785] loop5: detected capacity change from 0 to 4096 [ 186.678760][ T7787] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1180'. [ 186.771268][ T7785] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 186.919161][ T7785] ntfs: volume version 3.1. [ 187.003707][ T7800] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1188'. [ 187.254367][ T7815] vivid-001: disconnect [ 187.269992][ T7814] vivid-001: reconnect [ 187.285864][ T7810] loop4: detected capacity change from 0 to 1764 [ 187.368942][ T7810] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 187.513911][ T5285] libceph: connect (1)[c::]:6789 error -101 [ 187.526650][ T5285] libceph: mon0 (1)[c::]:6789 connect error [ 187.638852][ T7836] loop6: detected capacity change from 0 to 4096 [ 187.743743][ T7836] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 187.831243][ T5288] libceph: connect (1)[c::]:6789 error -101 [ 187.832002][ T7848] loop7: detected capacity change from 0 to 128 [ 187.837981][ T5288] libceph: mon0 (1)[c::]:6789 connect error [ 188.129180][ T7860] loop6: detected capacity change from 0 to 256 [ 188.183329][ T7860] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xcbfa8d46, utbl_chksum : 0xe619d30d) [ 188.265149][ T7823] ceph: No mds server is up or the cluster is laggy [ 188.307219][ T7860] exFAT-fs (loop6): failed to load alloc-bitmap [ 188.366126][ T7860] exFAT-fs (loop6): failed to recognize exfat type [ 188.380418][ T7865] loop5: detected capacity change from 0 to 1764 [ 188.790083][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 189.076647][ T7856] loop4: detected capacity change from 0 to 32768 [ 189.193431][ T7856] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1209 (7856) [ 189.271073][ T7856] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 189.335409][ T7898] loop7: detected capacity change from 0 to 8192 [ 189.367675][ T7856] BTRFS info (device loop4): using free space tree [ 189.406916][ T7856] BTRFS info (device loop4): has skinny extents [ 189.458935][ T7898] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 189.576932][ T7898] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF [ 189.618237][ T5285] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 189.664738][ T7898] FAT-fs (loop7): Filesystem has been set read-only [ 189.748515][ T7856] BTRFS info (device loop4): enabling ssd optimizations [ 189.850929][ T7905] loop6: detected capacity change from 0 to 32768 [ 189.988505][ T5285] usb 6-1: config 220 has an invalid interface number: 76 but max is 2 [ 190.007373][ T5285] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 190.024481][ T5285] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 190.075810][ T5285] usb 6-1: config 220 has no interface number 2 [ 190.138310][ T5285] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 190.202788][ T5285] usb 6-1: config 220 interface 0 has no altsetting 0 [ 190.243626][ T5285] usb 6-1: config 220 interface 76 has no altsetting 0 [ 190.289180][ T5285] usb 6-1: config 220 interface 1 has no altsetting 0 [ 190.387650][ T7905] XFS (loop6): Mounting V5 Filesystem [ 190.488281][ T5285] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 190.503780][ T7955] loop7: detected capacity change from 0 to 4096 [ 190.510629][ T5285] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.528371][ T5285] usb 6-1: Product: syz [ 190.537262][ T5285] usb 6-1: Manufacturer: syz [ 190.548072][ T5285] usb 6-1: SerialNumber: syz [ 190.654697][ T7955] ntfs: (device loop7): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 190.711748][ T7955] ntfs: (device loop7): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 190.800240][ T7955] ntfs: (device loop7): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 190.832323][ T7955] ntfs: (device loop7): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 190.856427][ T7955] ntfs: (device loop7): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 190.876549][ T5288] Bluetooth: hci2: command 0x0406 tx timeout [ 190.884499][ T7955] ntfs: volume version 3.1. [ 190.936599][ T5285] usb 6-1: Found UVC 7.01 device syz (8086:0b07) [ 190.956135][ T7955] ntfs: (device loop7): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 190.975466][ T5285] usb 6-1: No valid video chain found. [ 190.991514][ T5285] usb 6-1: selecting invalid altsetting 0 [ 191.053045][ T7955] ntfs: (device loop7): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 191.094204][ T7955] ntfs: (device loop7): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 191.112378][ T5285] usb 6-1: selecting invalid altsetting 0 [ 191.121277][ T7905] XFS (loop6): Ending clean mount [ 191.138335][ T7955] ntfs: (device loop7): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 191.158008][ T5285] usbtest: probe of 6-1:220.1 failed with error -22 [ 191.158217][ T7955] ntfs: (device loop7): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 191.232755][ T5285] usb 6-1: USB disconnect, device number 5 [ 191.279420][ T6223] XFS (loop6): Unmounting Filesystem [ 191.300105][ T7972] loop4: detected capacity change from 0 to 4096 [ 191.445657][ T7972] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 191.653184][ T7984] netlink: 104 bytes leftover after parsing attributes in process `syz.7.1237'. [ 192.197110][ T8014] program syz.6.1247 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 192.384049][ T8024] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 192.442562][ T8027] set_capacity_and_notify: 1 callbacks suppressed [ 192.442581][ T8027] loop7: detected capacity change from 0 to 256 [ 192.496615][ T8024] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 192.548248][ T8024] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 192.814251][ T8043] loop4: detected capacity change from 0 to 128 [ 192.885403][ T8043] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 193.324691][ T8073] loop4: detected capacity change from 0 to 2048 [ 193.405261][ T8073] NILFS (loop4): invalid segment: Magic number mismatch [ 193.428531][ T8073] NILFS (loop4): trying rollback from an earlier position [ 193.490720][ T8073] NILFS (loop4): recovery complete [ 193.537798][ T5285] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 193.558581][ T8085] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 193.770850][ T8087] loop6: detected capacity change from 0 to 2048 [ 193.777717][ T5285] usb 8-1: Using ep0 maxpacket: 16 [ 193.785763][ T8091] kernel read not supported for file / -9mZr7âW)s!Qfsl{Tr)rO2:"T+͟v|ղ (pid: 8091 comm: syz.0.1274) [ 193.835677][ T8087] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 193.915810][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.922203][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.928787][ T5285] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.963657][ T5285] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 193.993771][ T5285] usb 8-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 194.037727][ T5285] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.085694][ T5285] usb 8-1: config 0 descriptor?? [ 194.334546][ T8105] loop6: detected capacity change from 0 to 1024 [ 194.581564][ T5285] hid-multitouch 0003:1FD2:6007.000E: unknown main item tag 0x0 [ 194.598315][ T8117] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1282'. [ 194.625194][ T5285] hid-multitouch 0003:1FD2:6007.000E: unknown main item tag 0x0 [ 194.642201][ T5285] hid-multitouch 0003:1FD2:6007.000E: unknown main item tag 0x0 [ 194.655872][ T8120] loop4: detected capacity change from 0 to 164 [ 194.656361][ T5285] hid-multitouch 0003:1FD2:6007.000E: unknown main item tag 0x0 [ 194.698769][ T5285] hid-multitouch 0003:1FD2:6007.000E: unknown main item tag 0x0 [ 194.723073][ T5285] hid-multitouch 0003:1FD2:6007.000E: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.7-1/input0 [ 194.799069][ T8120] Unable to read rock-ridge attributes [ 194.834050][ T8120] Unable to read rock-ridge attributes [ 194.854686][ T5285] usb 8-1: USB disconnect, device number 3 [ 194.880862][ T8120] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 194.984077][ T8127] fido_id[8127]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 195.000440][ T8131] loop6: detected capacity change from 0 to 1024 [ 195.240510][ T8131] hfsplus: bad catalog file entry [ 195.408903][ T8148] loop4: detected capacity change from 0 to 1024 [ 195.418488][ T155] hfsplus: bad catalog file entry [ 195.525221][ T8156] Cannot find set identified by id 0 to match [ 196.145961][ T8184] loop5: detected capacity change from 0 to 1024 [ 196.269746][ T8184] hfsplus: bad catalog file entry [ 196.345629][ T4258] hfsplus: bad catalog file entry [ 196.557340][ T5278] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 196.590340][ T8202] netlink: 4768 bytes leftover after parsing attributes in process `syz.7.1311'. [ 196.641295][ T8204] netlink: 4768 bytes leftover after parsing attributes in process `syz.7.1311'. [ 196.807441][ T5278] usb 5-1: Using ep0 maxpacket: 8 [ 196.927711][ T5278] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 196.952719][ T5278] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 197.090190][ T8197] loop5: detected capacity change from 0 to 32768 [ 197.137515][ T5278] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 197.146672][ T5278] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.185375][ T5278] usb 5-1: Product: syz [ 197.194222][ T5278] usb 5-1: Manufacturer: syz [ 197.201518][ T8197] ERROR: (device loop5): diAllocAG: free inode not found in summary map [ 197.201518][ T8197] [ 197.213786][ T5278] usb 5-1: SerialNumber: syz [ 197.237538][ T5278] usb 5-1: config 0 descriptor?? [ 197.257770][ T4274] Bluetooth: hci0: command 0x0c20 tx timeout [ 197.284449][ T8197] ERROR: (device loop5): remounting filesystem as read-only [ 197.312041][ T8197] ialloc: diAlloc returned -5! [ 197.461651][ T8211] loop7: detected capacity change from 0 to 32768 [ 197.502881][ T8192] udc-core: couldn't find an available UDC or it's busy [ 197.518468][ T8192] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 197.533018][ T8213] loop6: detected capacity change from 0 to 32768 [ 197.602549][ T8213] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop6 scanned by syz.6.1313 (8213) [ 197.659849][ T8211] XFS (loop7): Mounting V5 Filesystem [ 197.737538][ T8241] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 197.750088][ T8213] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 197.816963][ T8213] BTRFS info (device loop6): using free space tree [ 197.823948][ T8213] BTRFS info (device loop6): has skinny extents [ 197.827469][ T5285] usb 5-1: USB disconnect, device number 6 [ 197.893611][ T8211] XFS (loop7): Ending clean mount [ 198.077552][ T8213] BTRFS info (device loop6): enabling ssd optimizations [ 198.160126][ T6330] XFS (loop7): Unmounting Filesystem [ 198.887593][ T8293] loop6: detected capacity change from 0 to 64 [ 199.163870][ T8304] program syz.4.1333 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 199.228982][ T8307] loop5: detected capacity change from 0 to 1024 [ 199.419237][ T8317] hfsplus: inconsistency in B*Tree (1,0,1,0,2) [ 199.731997][ T8331] loop6: detected capacity change from 0 to 4096 [ 199.938947][ T8345] loop4: detected capacity change from 0 to 64 [ 199.970588][ T6223] ntfs3: loop6: ntfs_evict_inode r=5 failed, -22. [ 199.992434][ T6223] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 200.032558][ T8345] Trying to free block not in datazone [ 200.086920][ T8345] Trying to free block not in datazone [ 200.112824][ T8345] Trying to free block not in datazone [ 200.147636][ T8352] nbd: must specify at least one socket [ 200.159931][ T8345] Trying to free block not in datazone [ 200.361163][ T8354] loop6: detected capacity change from 0 to 8192 [ 200.458309][ T8354] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 200.846614][ T8334] loop7: detected capacity change from 0 to 32768 [ 200.886580][ T8381] netlink: 'syz.0.1358': attribute type 10 has an invalid length. [ 200.993043][ T8381] team0: Port device syz_tun added [ 201.001225][ T8334] JBD2: Ignoring recovery information on journal [ 201.171070][ T8334] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 201.205838][ T8342] loop5: detected capacity change from 0 to 32768 [ 201.332006][ T6330] ocfs2: Unmounting device (7,7) on (node local) [ 201.377208][ T6778] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 201.477616][ T8342] XFS (loop5): Mounting V5 Filesystem [ 201.602978][ T8342] XFS (loop5): Ending clean mount [ 201.657660][ T6778] usb 7-1: Using ep0 maxpacket: 16 [ 201.783604][ T6778] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.818506][ T6778] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.838081][ T5988] XFS (loop5): Unmounting Filesystem [ 201.857621][ T6778] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 201.939906][ T6778] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 201.972759][ T6778] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.999798][ T8439] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1374'. [ 202.049833][ T8439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1374'. [ 202.093881][ T8439] netlink: 'syz.0.1374': attribute type 14 has an invalid length. [ 202.112804][ T6778] usb 7-1: config 0 descriptor?? [ 202.117061][ T8439] netlink: 'syz.0.1374': attribute type 13 has an invalid length. [ 202.614370][ T6778] microsoft 0003:045E:07DA.000F: ignoring exceeding usage max [ 202.641756][ T8469] loop7: detected capacity change from 0 to 1024 [ 202.648782][ T6778] microsoft 0003:045E:07DA.000F: ignoring exceeding usage max [ 202.683249][ T6778] microsoft 0003:045E:07DA.000F: usage index exceeded [ 202.701938][ T6778] microsoft 0003:045E:07DA.000F: item 0 2 2 2 parsing failed [ 202.711271][ T8474] loop5: detected capacity change from 0 to 256 [ 202.726308][ T8467] loop4: detected capacity change from 0 to 4096 [ 202.729154][ T6778] microsoft 0003:045E:07DA.000F: parse failed [ 202.749873][ T6778] microsoft: probe of 0003:045E:07DA.000F failed with error -22 [ 202.780714][ T8469] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 202.812993][ T8467] ntfs: volume version 3.1. [ 202.818834][ T8474] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 202.839373][ T8467] __ntfs_error: 9 callbacks suppressed [ 202.839390][ T8467] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 202.862408][ T6778] usb 7-1: USB disconnect, device number 3 [ 202.910207][ T8477] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1387'. [ 202.945930][ T8467] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 203.023366][ T8467] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 203.086661][ T8467] ntfs: (device loop4): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4). Marking corrupt inode and base inode 0x1a as bad. Run chkdsk. [ 203.166245][ T8467] ntfs: (device loop4): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute. [ 203.236543][ T8467] ntfs: (device loop4): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 203.378475][ T8467] ntfs: (device loop4): map_mft_record_page(): Attempt to read mft record 0x7b, which is beyond the end of the mft. This is probably a bug in the ntfs driver. [ 203.455284][ T8467] ntfs: (device loop4): map_mft_record(): Failed with error code 2. [ 203.495192][ T8467] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x7b as bad. Run chkdsk. [ 203.917974][ T8521] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1403'. [ 203.992141][ T8526] sg_write: data in/out 262114/14 bytes for SCSI command 0x2-- guessing data in; [ 203.992141][ T8526] program syz.5.1405 not setting count and/or reply_len properly [ 204.144949][ T8533] loop5: detected capacity change from 0 to 16 [ 204.174003][ T8529] loop6: detected capacity change from 0 to 2048 [ 204.189927][ T8533] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 204.317418][ T8529] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 204.329982][ T8529] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 204.387455][ T8529] fscrypt (loop6, inode 14): Error -61 getting encryption context [ 204.805768][ T8559] netlink: 'syz.6.1414': attribute type 10 has an invalid length. [ 204.925247][ T8559] team0: Port device syz_tun added [ 204.934362][ T8563] rdma_op ffff888075ad61f0 conn xmit_rdma 0000000000000000 [ 204.936087][ T8555] loop4: detected capacity change from 0 to 4096 [ 205.163542][ T8555] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 205.326355][ T8583] loop7: detected capacity change from 0 to 64 [ 205.452945][ T8583] Trying to free block not in datazone [ 205.706642][ T8597] loop4: detected capacity change from 0 to 1024 [ 205.947953][ T144] hfsplus: b-tree write err: -5, ino 25 [ 205.953753][ T144] hfsplus: b-tree write err: -5, ino 4 [ 205.999641][ T144] hfsplus: b-tree write err: -5, ino 2 [ 206.722552][ T4851] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 206.860960][ T8640] loop5: detected capacity change from 0 to 512 [ 206.935087][ T8599] loop7: detected capacity change from 0 to 40427 [ 207.021525][ T8599] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 207.036456][ T8599] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 207.036659][ T4851] usb 7-1: Using ep0 maxpacket: 8 [ 207.089079][ T8599] F2FS-fs (loop7): invalid crc value [ 207.126560][ T4854] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 207.161332][ T8599] F2FS-fs (loop7): Found nat_bits in checkpoint [ 207.198305][ T4851] usb 7-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.226681][ T4851] usb 7-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 207.276313][ T4851] usb 7-1: config 0 interface 0 has no altsetting 0 [ 207.286617][ T4851] usb 7-1: New USB device found, idVendor=17ef, idProduct=60a4, bcdDevice= 0.00 [ 207.326037][ T4851] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.350227][ T4851] usb 7-1: config 0 descriptor?? [ 207.393653][ T8599] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 207.403172][ T8599] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 207.527982][ T4854] usb 5-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 207.547194][ T4854] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 207.764442][ T4854] usb 5-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c [ 207.778065][ T4854] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.806958][ T4854] usb 5-1: Product: syz [ 207.831605][ T4854] usb 5-1: Manufacturer: syz [ 207.839718][ T4851] lenovo 0003:17EF:60A4.0010: unknown main item tag 0x3 [ 207.855952][ T4854] usb 5-1: SerialNumber: syz [ 207.860791][ T4851] lenovo 0003:17EF:60A4.0010: unknown main item tag 0x0 [ 207.887126][ T4854] usb 5-1: config 0 descriptor?? [ 207.898979][ T4851] lenovo 0003:17EF:60A4.0010: unknown main item tag 0x0 [ 207.916377][ T4851] lenovo 0003:17EF:60A4.0010: unknown main item tag 0x0 [ 207.923756][ T4851] lenovo 0003:17EF:60A4.0010: unknown main item tag 0x0 [ 207.946264][ T4851] lenovo 0003:17EF:60A4.0010: unknown main item tag 0x0 [ 207.953271][ T4851] lenovo 0003:17EF:60A4.0010: unknown main item tag 0x0 [ 207.978853][ T4854] ims_pcu 5-1:0.0: Missing CDC union descriptor [ 207.988589][ T4851] lenovo 0003:17EF:60A4.0010: unknown main item tag 0x0 [ 207.997160][ T4854] ims_pcu: probe of 5-1:0.0 failed with error -22 [ 208.036603][ T4851] lenovo 0003:17EF:60A4.0010: hidraw0: USB HID v0.04 Device [HID 17ef:60a4] on usb-dummy_hcd.6-1/input0 [ 208.096577][ T4851] usb 7-1: USB disconnect, device number 4 [ 208.200591][ T4854] usb 5-1: USB disconnect, device number 7 [ 208.247539][ T8673] fido_id[8673]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 208.642839][ T8687] loop7: detected capacity change from 0 to 2048 [ 208.669479][ T8689] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 208.694992][ T8689] comedi comedi3: 8255: I/O port conflict (0x7,4) [ 208.729984][ T8692] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 208.768408][ T8689] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 208.774929][ T8689] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 208.825489][ T8689] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 208.846394][ T8687] NILFS error (device loop7): nilfs_check_page: size of directory #2 is not a multiple of chunk size [ 208.884321][ T8689] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 208.919373][ T8689] comedi comedi3: 8255: I/O port conflict (0x81,4) [ 208.953780][ T8687] Remounting filesystem read-only [ 208.969126][ T8689] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffc,4) [ 209.010943][ T8689] comedi comedi3: 8255: I/O port conflict (0xf,4) [ 209.048627][ T8703] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 209.168971][ T8709] program syz.7.1459 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.207315][ T8711] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1461'. [ 209.451757][ T8721] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1465'. [ 209.499639][ T8721] tipc: Enabling of bearer rejected, media not registered [ 209.574011][ T8728] loop7: detected capacity change from 0 to 64 [ 209.742891][ T8728] attempt to access beyond end of device [ 209.742891][ T8728] loop7: rw=0, want=1026, limit=64 [ 209.831393][ T8728] Buffer I/O error on dev loop7, logical block 512, async page read [ 209.853088][ T8698] loop6: detected capacity change from 0 to 32768 [ 209.862567][ T8728] attempt to access beyond end of device [ 209.862567][ T8728] loop7: rw=0, want=113154, limit=64 [ 209.901211][ T8728] Buffer I/O error on dev loop7, logical block 56576, async page read [ 210.130793][ T8756] RDS: rds_bind could not find a transport for ::4006:0:20:0, load rds_tcp or rds_rdma? [ 210.235908][ T5278] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 210.616105][ T5278] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 210.625204][ T5278] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.654335][ T5278] usb 6-1: config 0 descriptor?? [ 210.706878][ T5278] cp210x 6-1:0.0: cp210x converter detected [ 210.815166][ T8779] loop7: detected capacity change from 0 to 8192 [ 210.843693][ T8779] REISERFS (device loop7): found reiserfs format "3.6" with non-standard journal [ 210.854459][ T8779] REISERFS (device loop7): using ordered data mode [ 210.863896][ T8779] reiserfs: using flush barriers [ 210.873521][ T8779] REISERFS (device loop7): journal params: device loop7, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 210.892614][ T8779] REISERFS (device loop7): checking transaction log (loop7) [ 211.050099][ T8779] REISERFS (device loop7): Using tea hash to sort names [ 211.059853][ T8779] REISERFS (device loop7): Created .reiserfs_priv - reserved for xattr storage. [ 211.149844][ T5278] usb 6-1: cp210x converter now attached to ttyUSB0 [ 211.365059][ T5278] usb 6-1: USB disconnect, device number 6 [ 211.383431][ T5278] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 211.425434][ T5278] cp210x 6-1:0.0: device disconnected [ 211.678257][ T8807] loop7: detected capacity change from 0 to 128 [ 211.760595][ T8807] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256 [ 211.790653][ T8807] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 212.069046][ T8822] loop5: detected capacity change from 0 to 128 [ 212.152608][ T8822] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 212.209847][ T8822] hpfs: filesystem error: improperly stopped [ 212.218105][ T8798] loop6: detected capacity change from 0 to 32768 [ 212.231037][ T8822] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 212.243806][ T8822] hpfs: You really don't want any checks? You are crazy... [ 212.252423][ T8822] hpfs: hpfs_map_4sectors(): unaligned read [ 212.265130][ T8822] hpfs: hpfs_map_4sectors(): unaligned read [ 212.274416][ T8822] hpfs: filesystem error: unable to find root dir [ 212.360148][ T8798] [ 212.360148][ T8798] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 212.360148][ T8798] [ 212.418862][ T8798] ialloc: diAlloc returned -5! [ 212.610297][ T6223] [ 212.610297][ T6223] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 212.610297][ T6223] [ 212.641580][ T6223] [ 212.641580][ T6223] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 212.641580][ T6223] [ 212.669721][ T8844] ptrace attach of "ci2-linux-5-15-kasan/syz-executor exec"[6330] was attempted by ""[8844] [ 212.735498][ T5280] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 213.115526][ T5280] usb 6-1: too many endpoints for config 0 interface 0 altsetting 15: 254, using maximum allowed: 30 [ 213.156103][ T5280] usb 6-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid maxpacket 1056, setting to 64 [ 213.196890][ T5280] usb 6-1: config 0 interface 0 altsetting 15 endpoint 0x2 has invalid maxpacket 1024, setting to 64 [ 213.214251][ T5280] usb 6-1: config 0 interface 0 altsetting 15 has 2 endpoint descriptors, different from the interface descriptor's value: 254 [ 213.234112][ T5280] usb 6-1: config 0 interface 0 has no altsetting 0 [ 213.241157][ T5280] usb 6-1: New USB device found, idVendor=056a, idProduct=006a, bcdDevice= 0.00 [ 213.286724][ T5280] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.319578][ T8872] loop7: detected capacity change from 0 to 256 [ 213.332653][ T5280] usb 6-1: config 0 descriptor?? [ 213.355867][ T8834] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 213.385778][ T8834] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 213.603601][ T8882] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1519'. [ 213.723173][ T4854] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 213.750444][ T4854] hid-generic 0000:0000:0000.0011: hidraw0: HID v0.00 Device [syz1] on syz0 [ 213.840176][ T5280] wacom 0003:056A:006A.0012: ignoring exceeding usage max [ 213.880039][ T8887] fido_id[8887]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 213.883191][ T5280] wacom 0003:056A:006A.0012: Unknown device_type for 'HID 056a:006a'. Assuming pen. [ 213.970773][ T8861] loop6: detected capacity change from 0 to 32768 [ 213.979976][ T5280] wacom 0003:056A:006A.0012: hidraw0: USB HID v0.01 Device [HID 056a:006a] on usb-dummy_hcd.5-1/input0 [ 214.023090][ T5280] input: Wacom Bamboo1 4x6 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:006A.0012/input/input12 [ 214.185467][ T5280] usb 6-1: USB disconnect, device number 7 [ 214.383835][ T8899] fido_id[8899]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 214.454751][ T8879] loop4: detected capacity change from 0 to 32768 [ 214.493521][ T8879] JBD2: Ignoring recovery information on journal [ 214.698440][ T8879] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 214.902635][ T8921] sp0: Synchronizing with TNC [ 214.930774][ T8917] [U] ` [ 215.033457][ T4191] ocfs2: Unmounting device (7,4) on (node local) [ 215.131138][ T8928] loop5: detected capacity change from 0 to 128 [ 215.271203][ T8928] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 215.300241][ T8928] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 215.455555][ T6778] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 215.725092][ T6778] usb 8-1: Using ep0 maxpacket: 32 [ 215.861209][ T6778] usb 8-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 179, changing to 11 [ 215.893910][ T6778] usb 8-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 215.950952][ T6778] usb 8-1: config 0 interface 0 has no altsetting 0 [ 215.968598][ T6778] usb 8-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00 [ 215.990646][ T8930] loop6: detected capacity change from 0 to 32768 [ 216.010572][ T6778] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.042488][ T6778] usb 8-1: config 0 descriptor?? [ 216.058491][ T8967] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 216.085771][ T8930] XFS: attr2 mount option is deprecated. [ 216.274650][ T8930] XFS (loop6): Mounting V5 Filesystem [ 216.367628][ T8930] XFS (loop6): Ending clean mount [ 216.418758][ T8930] XFS (loop6): Quotacheck needed: Please wait. [ 216.483666][ T8961] loop4: detected capacity change from 0 to 32768 [ 216.524378][ T8961] [ 216.524378][ T8961] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.524378][ T8961] [ 216.556459][ T6778] hid (null): unknown global tag 0xc [ 216.564322][ T6778] glorious 0003:258A:0036.0013: unknown main item tag 0x2 [ 216.589452][ T8981] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1561'. [ 216.598863][ T6778] glorious 0003:258A:0036.0013: unknown global tag 0xc [ 216.606606][ T6778] glorious 0003:258A:0036.0013: item 0 2 1 12 parsing failed [ 216.629042][ T6778] glorious: probe of 0003:258A:0036.0013 failed with error -22 [ 216.660344][ T8930] XFS (loop6): Quotacheck: Done. [ 216.725029][ T4252] [ 216.725029][ T4252] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.725029][ T4252] [ 216.826032][ T4252] [ 216.826032][ T4252] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.826032][ T4252] [ 216.826601][ T4854] usb 8-1: USB disconnect, device number 4 [ 216.882384][ T6223] XFS (loop6): Unmounting Filesystem [ 216.921642][ T4191] [ 216.921642][ T4191] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.921642][ T4191] [ 216.934684][ T277] [ 216.934684][ T277] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.934684][ T277] [ 216.998934][ T4191] [ 216.998934][ T4191] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.998934][ T4191] [ 217.215216][ T6778] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 217.286924][ T8994] loop4: detected capacity change from 0 to 64 [ 217.428265][ T8996] loop7: detected capacity change from 0 to 256 [ 217.506415][ T6778] usb 6-1: Using ep0 maxpacket: 8 [ 217.555604][ T8996] FAT-fs (loop7): Directory bread(block 64) failed [ 217.580948][ T8996] FAT-fs (loop7): Directory bread(block 65) failed [ 217.595858][ T8996] FAT-fs (loop7): Directory bread(block 66) failed [ 217.624254][ T8996] FAT-fs (loop7): Directory bread(block 67) failed [ 217.637260][ T8996] FAT-fs (loop7): Directory bread(block 68) failed [ 217.643843][ T8996] FAT-fs (loop7): Directory bread(block 69) failed [ 217.654810][ T6778] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 217.672706][ T8996] FAT-fs (loop7): Directory bread(block 70) failed [ 217.680166][ T6778] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 217.712454][ T8996] FAT-fs (loop7): Directory bread(block 71) failed [ 217.712561][ T8996] FAT-fs (loop7): Directory bread(block 72) failed [ 217.712597][ T8996] FAT-fs (loop7): Directory bread(block 73) failed [ 217.739328][ T6778] usb 6-1: New USB device found, idVendor=056a, idProduct=032a, bcdDevice= 0.00 [ 217.739364][ T6778] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.744199][ T6778] usb 6-1: config 0 descriptor?? [ 218.187218][ T9016] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 218.248668][ T6778] wacom 0003:056A:032A.0014: unknown main item tag 0x3 [ 218.265189][ T6778] wacom 0003:056A:032A.0014: unknown main item tag 0x0 [ 218.287658][ T6778] wacom 0003:056A:032A.0014: unknown main item tag 0x0 [ 218.314863][ T6778] wacom 0003:056A:032A.0014: unknown main item tag 0x0 [ 218.329818][ T6778] wacom 0003:056A:032A.0014: unknown main item tag 0x0 [ 218.360985][ T6778] wacom 0003:056A:032A.0014: unknown main item tag 0x0 [ 218.396491][ T6778] wacom 0003:056A:032A.0014: unknown main item tag 0x0 [ 218.403585][ T6778] wacom 0003:056A:032A.0014: unknown main item tag 0x0 [ 218.423898][ T9000] loop4: detected capacity change from 0 to 32768 [ 218.454163][ T6778] wacom 0003:056A:032A.0014: hidraw0: USB HID v0.00 Device [HID 056a:032a] on usb-dummy_hcd.5-1/input0 [ 218.497211][ T6778] usb 6-1: USB disconnect, device number 8 [ 218.536434][ T9030] netlink: 'syz.6.1582': attribute type 2 has an invalid length. [ 218.565594][ T9000] [ 218.565594][ T9000] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 218.565594][ T9000] [ 218.812397][ T9031] fido_id[9031]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 218.961753][ T9000] blkno = 0, nblocks = 40 [ 218.967243][ T9000] ERROR: (device loop4): dbFree: block to be freed is outside the map [ 218.967243][ T9000] [ 218.978046][ T5278] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 219.032407][ T4191] [ 219.032407][ T4191] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 219.032407][ T4191] [ 219.058015][ T4191] [ 219.058015][ T4191] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 219.058015][ T4191] [ 219.101297][ T9028] loop7: detected capacity change from 0 to 32768 [ 219.344905][ T5278] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 219.380053][ T5278] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.407847][ T5278] usb 7-1: config 0 descriptor?? [ 219.543161][ T9055] loop5: detected capacity change from 0 to 256 [ 219.616038][ T9055] exfat: Deprecated parameter 'utf8' [ 219.631750][ T9055] exfat: Deprecated parameter 'utf8' [ 219.652007][ T9055] exfat: Deprecated parameter 'utf8' [ 219.695435][ T9059] loop4: detected capacity change from 0 to 512 [ 219.756816][ T9055] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 219.811589][ T9059] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 219.826943][ T9059] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 219.912080][ T9059] EXT4-fs (loop4): 1 truncate cleaned up [ 219.926219][ T5278] [drm:udl_init] *ERROR* Selecting channel failed [ 219.953938][ T9059] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,grpjquota="errors=continue,errors=remount-ro,noblock_validity,. Quota mode: writeback. [ 219.980158][ T5278] [drm] Initialized udl 0.0.1 20120220 for 7-1:0.0 on minor 2 [ 219.988213][ T5278] [drm] Initialized udl on minor 2 [ 220.036508][ T5278] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 220.061802][ T5278] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 220.114985][ T5278] usb 7-1: USB disconnect, device number 5 [ 220.124367][ T4254] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 220.170709][ T4254] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 220.201429][ T4254] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 220.239074][ T9063] loop5: detected capacity change from 0 to 4096 [ 220.284758][ T9059] EXT4-fs (loop4): old and new quota format mixing [ 220.353396][ T9064] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 220.510296][ T9066] tipc: Started in network mode [ 220.534690][ T9066] tipc: Node identity 0000000000002e000000000000000001, cluster identity 4711 [ 220.559204][ T9066] tipc: Enabling of bearer rejected, failed to enable media [ 220.589332][ T9053] loop7: detected capacity change from 0 to 32768 [ 220.995127][ T4254] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 221.364550][ T4254] usb 6-1: config 0 has an invalid interface number: 69 but max is 0 [ 221.383654][ T4254] usb 6-1: config 0 has no interface number 0 [ 221.429418][ T4254] usb 6-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 221.471287][ T4254] usb 6-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 221.614091][ T9117] loop6: detected capacity change from 0 to 256 [ 221.654591][ T4254] usb 6-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 221.673925][ T4254] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.694183][ T4254] usb 6-1: Product: syz [ 221.699094][ T4254] usb 6-1: Manufacturer: syz [ 221.707002][ T9117] exfat: Deprecated parameter 'utf8' [ 221.714551][ T4254] usb 6-1: SerialNumber: syz [ 221.720808][ T9117] exfat: Deprecated parameter 'namecase' [ 221.728308][ T4254] usb 6-1: config 0 descriptor?? [ 221.754684][ T9074] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 221.795725][ T4254] cyberjack 6-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 221.805446][ T9129] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1628'. [ 221.823955][ T9117] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 221.864038][ T4254] usb 6-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 221.968167][ T9125] loop7: detected capacity change from 0 to 4096 [ 222.064779][ C1] cyberjack ttyUSB0: cyberjack_read_int_callback - failed resubmitting read urb, error -22 [ 222.135072][ T9125] ntfs: (device loop7): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 222.173182][ T9125] ntfs: (device loop7): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 222.248326][ T9125] ntfs: (device loop7): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 222.263014][ T5278] usb 6-1: USB disconnect, device number 9 [ 222.280933][ T5278] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 222.309457][ T9125] ntfs: (device loop7): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 222.333769][ T5278] cyberjack 6-1:0.69: device disconnected [ 222.362809][ T9125] ntfs: (device loop7): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 222.407756][ T9125] ntfs: volume version 3.1. [ 222.431435][ T9125] ntfs: (device loop7): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 222.471044][ T9125] ntfs: (device loop7): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 222.510607][ T9125] ntfs: (device loop7): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 222.569492][ T9125] ntfs: (device loop7): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 222.598510][ T9125] ntfs: (device loop7): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 222.888843][ T9165] netlink: 68 bytes leftover after parsing attributes in process `syz.7.1645'. [ 222.924697][ T9165] tipc: Enabling of bearer rejected, media not registered [ 223.071826][ T9180] loop7: detected capacity change from 0 to 64 [ 223.301317][ T9186] genirq: Flags mismatch irq 4. 00000000 (pcl812) vs. 00000000 (ttyS0) [ 223.704108][ T5280] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 223.954231][ T5280] usb 8-1: Using ep0 maxpacket: 8 [ 223.978103][ T9212] loop5: detected capacity change from 0 to 1024 [ 224.042828][ T9214] loop4: detected capacity change from 0 to 512 [ 224.074225][ T5280] usb 8-1: config index 0 descriptor too short (expected 26, got 18) [ 224.129936][ T9218] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1669'. [ 224.181548][ T9218] device veth3 entered promiscuous mode [ 224.198791][ T1282] hfsplus: b-tree write err: -5, ino 25 [ 224.214252][ T1282] hfsplus: b-tree write err: -5, ino 4 [ 224.220013][ T1282] hfsplus: b-tree write err: -5, ino 2 [ 224.234211][ T5280] usb 8-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 224.245018][ T9214] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000002000000,grpquota,,errors=continue. Quota mode: writeback. [ 224.265433][ T9214] ext4 filesystem being mounted at /364/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 224.269891][ T5280] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 224.289670][ T5280] usb 8-1: Product: syz [ 224.293886][ T5280] usb 8-1: Manufacturer: syz [ 224.298757][ T5280] usb 8-1: SerialNumber: syz [ 224.311358][ T5280] usb 8-1: config 0 descriptor?? [ 224.356357][ T5280] gspca_main: sq930x-2.14.0 probing 2770:930c [ 224.430630][ T9214] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz.4.1668: Directory hole found for htree leaf block 0 [ 224.541109][ T9234] loop6: detected capacity change from 0 to 8 [ 224.704235][ T9234] SQUASHFS error: lzo decompression failed, data probably corrupt [ 224.723366][ T9234] SQUASHFS error: Failed to read block 0x91: -5 [ 224.750854][ T9234] SQUASHFS error: Unable to read metadata cache entry [8f] [ 224.772283][ T9234] SQUASHFS error: Unable to read inode 0x11f [ 224.779523][ T5280] gspca_sq930x: ucbus_write failed -71 [ 224.932479][ T9243] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 225.024237][ T5280] gspca_sq930x: Sensor ov9630 not yet treated [ 225.032972][ T5280] sq930x: probe of 8-1:0.0 failed with error -22 [ 225.046513][ T5280] usb 8-1: USB disconnect, device number 5 [ 225.161870][ T9247] loop6: detected capacity change from 0 to 256 [ 225.208038][ T9247] exfat: Deprecated parameter 'utf8' [ 225.252467][ T9247] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 225.509503][ T9259] loop6: detected capacity change from 0 to 512 [ 225.606985][ T9259] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 225.693555][ T9259] EXT4-fs (loop6): orphan cleanup on readonly fs [ 225.700570][ T9259] EXT4-fs (loop6): 1 orphan inode deleted [ 225.700590][ T9259] EXT4-fs (loop6): 1 truncate cleaned up [ 225.700603][ T9259] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 225.800464][ T9275] loop7: detected capacity change from 0 to 1024 [ 226.271228][ T9293] netlink: 'syz.6.1704': attribute type 1 has an invalid length. [ 226.289444][ T5278] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 226.447662][ T9297] loop6: detected capacity change from 0 to 2048 [ 226.506557][ T4326] loop6: p2 < > p3 < p5 > p4 [ 226.519801][ T4326] loop6: p4 start 458752 is beyond EOD, truncated [ 226.536973][ T5278] usb 8-1: Using ep0 maxpacket: 32 [ 226.563713][ T4326] loop6: p5 start 458752 is beyond EOD, truncated [ 226.608423][ T9297] loop6: p2 < > p3 < p5 > p4 [ 226.643580][ T9297] loop6: p4 start 458752 is beyond EOD, truncated [ 226.659102][ T9297] loop6: p5 start 458752 is beyond EOD, truncated [ 226.703922][ T4254] Bluetooth: hci4: command 0x0406 tx timeout [ 226.813929][ T5278] usb 8-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50 [ 226.843722][ T5278] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.851817][ T5278] usb 8-1: Product: syz [ 226.884843][ T5278] usb 8-1: Manufacturer: syz [ 226.926343][ T5278] usb 8-1: SerialNumber: syz [ 226.948564][ T5278] usb 8-1: config 0 descriptor?? [ 226.962146][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 226.976768][ T4326] udevd[4326]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 227.006668][ T5278] dvb-usb: found a 'DViCO FusionHDTV5 USB Gold' in warm state. [ 227.044450][ T5278] dvb-usb: bulk message failed: -22 (2/0) [ 227.067128][ T4277] udevd[4277]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 227.090022][ T4326] udevd[4326]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 227.110026][ T9314] loop5: detected capacity change from 0 to 4096 [ 227.111850][ T5278] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 227.194323][ T5278] dvbdev: DVB: registering new adapter (DViCO FusionHDTV5 USB Gold) [ 227.202817][ T9314] __ntfs_error: 6 callbacks suppressed [ 227.202832][ T9314] ntfs: (device loop5): ntfs_read_locked_inode(): $DATA attribute is missing. [ 227.234490][ T5278] usb 8-1: media controller created [ 227.241177][ T9283] dvb-usb: bulk message failed: -22 (3/0) [ 227.307312][ T9314] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 227.336413][ T5278] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 227.367692][ T9314] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 227.387619][ T9321] loop4: detected capacity change from 0 to 4096 [ 227.398624][ T9314] ntfs: volume version 3.1. [ 227.429486][ T5278] usb 8-1: selecting invalid altsetting 7 [ 227.445947][ T5278] cxusb: set interface failed [ 227.450783][ T5278] dvb-usb: bulk message failed: -22 (1/0) [ 227.528305][ T5278] DVB: Unable to find symbol lgdt330x_attach() [ 227.538140][ T5278] dvb-usb: no frontend was attached by 'DViCO FusionHDTV5 USB Gold' [ 227.622494][ T9321] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 227.642059][ T5988] ntfs: (device loop5): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 227.664164][ T9321] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 227.686245][ T9321] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 227.740599][ T9321] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 227.813675][ T5278] rc_core: IR keymap rc-dvico-portable not found [ 227.820081][ T5278] Registered IR keymap rc-empty [ 227.841540][ T5278] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.7/usb8/8-1/rc/rc0 [ 227.885362][ T9321] ntfs: volume version 3.1. [ 227.900691][ T5278] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.7/usb8/8-1/rc/rc0/input18 [ 227.951217][ T9321] ntfs: (device loop4): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set default. You might want to try to use the mount option nls=utf8. [ 227.952346][ T5278] dvb-usb: schedule remote query interval to 100 msecs. [ 228.050891][ T9321] ntfs: (device loop4): ntfs_filldir(): Skipping unrepresentable inode 0x45. [ 228.055123][ T5278] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected. [ 228.166071][ T5278] usb 8-1: USB disconnect, device number 6 [ 228.373721][ T9351] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1732'. [ 228.439199][ T5278] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected. [ 228.481320][ T9353] ALSA: mixer_oss: invalid OSS volume '' [ 228.790925][ T9369] loop4: detected capacity change from 0 to 2048 [ 228.860478][ T9369] loop4: p1 < > p4 < > [ 228.880184][ T9369] loop4: partition table partially beyond EOD, truncated [ 228.898315][ T9369] loop4: p4 start 42180 is beyond EOD, truncated [ 228.933048][ T9378] loop6: detected capacity change from 0 to 512 [ 228.970549][ T3561] loop4: p1 < > p4 < > [ 228.984985][ T9378] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 228.996329][ T3561] loop4: partition table partially beyond EOD, truncated [ 229.010940][ T3561] loop4: p4 start 42180 is beyond EOD, truncated [ 229.126132][ T9342] udevd[9342]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 229.265813][ T9342] udevd[9342]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 229.377317][ T9389] loop4: detected capacity change from 0 to 512 [ 229.519809][ T9389] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 229.553142][ T9389] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 229.589229][ T9389] System zones: 0-1, 15-15, 18-18, 34-34 [ 229.609579][ T9389] EXT4-fs (loop4): orphan cleanup on readonly fs [ 229.622644][ T9389] EXT4-fs warning (device loop4): ext4_enable_quotas:6488: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 229.623794][ T5280] usb 6-1: new low-speed USB device number 10 using dummy_hcd [ 229.668694][ T9389] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 229.683210][ T9389] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1750: bg 0: block 40: padding at end of block bitmap is not set [ 229.710843][ T9389] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6191: Corrupt filesystem [ 229.733821][ T9389] EXT4-fs (loop4): 1 truncate cleaned up [ 229.739761][ T9389] EXT4-fs (loop4): mounted filesystem without journal. Opts: resgid=0x0000000000000000,,errors=continue. Quota mode: writeback. [ 229.923000][ T9395] loop7: detected capacity change from 0 to 32768 [ 229.944712][ T9395] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 scanned by syz.7.1751 (9395) [ 229.973626][ T9395] BTRFS info (device loop7): using crc32c (crc32c-intel) checksum algorithm [ 229.983819][ T6778] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 230.006787][ T9395] BTRFS info (device loop7): setting nodatasum [ 230.013009][ T9395] BTRFS info (device loop7): enabling auto defrag [ 230.032837][ T9404] loop4: detected capacity change from 0 to 4096 [ 230.039378][ T5280] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 230.043654][ T9395] BTRFS info (device loop7): disabling tree log [ 230.055563][ T9395] BTRFS info (device loop7): using free space tree [ 230.063356][ T5280] usb 6-1: config 0 has no interface number 0 [ 230.065973][ T9395] BTRFS info (device loop7): has skinny extents [ 230.073066][ T5280] usb 6-1: config 0 interface 1 altsetting 19 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 230.091866][ T5280] usb 6-1: config 0 interface 1 altsetting 19 endpoint 0x81 has invalid wMaxPacketSize 0 [ 230.111360][ T5280] usb 6-1: config 0 interface 1 has no altsetting 0 [ 230.118192][ T5280] usb 6-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00 [ 230.127520][ T5280] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.144119][ T5280] usb 6-1: config 0 descriptor?? [ 230.186555][ T9404] ntfs: volume version 3.1. [ 230.383976][ T6778] usb 7-1: config index 0 descriptor too short (expected 65088, got 120) [ 230.403862][ T6778] usb 7-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config [ 230.461108][ T9431] loop4: detected capacity change from 0 to 16 [ 230.477768][ T9395] BTRFS info (device loop7): enabling ssd optimizations [ 230.497981][ T6778] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 230.534891][ T6778] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 230.733833][ T6778] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 230.755014][ T6778] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.763078][ T6778] usb 7-1: Product: syz [ 230.798663][ T6778] usb 7-1: Manufacturer: syz [ 230.808855][ T6778] usb 7-1: SerialNumber: syz [ 230.833527][ T5280] uclogic 0003:2179:0053.0015: failed retrieving string descriptor #100: -71 [ 230.842418][ T5280] uclogic 0003:2179:0053.0015: failed retrieving pen parameters: -71 [ 230.874744][ T6778] cdc_ncm 7-1:1.0: CDC Union missing and no IAD found [ 230.881619][ T6778] cdc_ncm 7-1:1.0: bind() failure [ 230.883541][ T5280] uclogic 0003:2179:0053.0015: pen probing failed: -71 [ 230.908512][ T5280] uclogic 0003:2179:0053.0015: failed probing parameters: -71 [ 230.933249][ T5280] uclogic: probe of 0003:2179:0053.0015 failed with error -71 [ 230.975407][ T5280] usb 6-1: USB disconnect, device number 10 [ 231.086364][ T6778] usb 7-1: USB disconnect, device number 6 [ 231.446715][ T9451] loop7: detected capacity change from 0 to 4096 [ 231.463868][ T4855] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 231.490680][ T9456] netlink: 'syz.5.1770': attribute type 3 has an invalid length. [ 231.577536][ T9451] ntfs: volume version 3.1. [ 231.763730][ T4855] usb 5-1: Using ep0 maxpacket: 16 [ 231.893495][ T4855] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 231.943572][ T4855] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.999934][ T4855] usb 5-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 232.041852][ T4855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.101145][ T4855] usb 5-1: config 0 descriptor?? [ 232.235316][ T9490] loop6: detected capacity change from 0 to 64 [ 232.595486][ T4855] ntrig 0003:1B96:0008.0016: collection stack underflow [ 232.605522][ T4855] ntrig 0003:1B96:0008.0016: item 0 4 0 12 parsing failed [ 232.632069][ T4855] ntrig 0003:1B96:0008.0016: parse failed [ 232.645757][ T4855] ntrig: probe of 0003:1B96:0008.0016 failed with error -22 [ 232.834198][ T4854] usb 5-1: USB disconnect, device number 8 [ 232.845819][ T9515] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 233.257750][ T9505] loop6: detected capacity change from 0 to 40427 [ 233.300430][ T9533] loop7: detected capacity change from 0 to 512 [ 233.369894][ T9533] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 233.413517][ T9505] F2FS-fs (loop6): invalid crc value [ 233.458613][ T9533] EXT4-fs (loop7): 1 orphan inode deleted [ 233.469743][ T9505] F2FS-fs (loop6): Found nat_bits in checkpoint [ 233.477983][ T9533] EXT4-fs (loop7): 1 truncate cleaned up [ 233.498300][ T9533] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x0000000000000006,stripe=0x0000000000000005,jqfmt=vfsv0,quota,. Quota mode: writeback. [ 233.549145][ T9533] EXT4-fs error (device loop7): htree_dirblock_to_tree:1112: inode #2: block 255: comm syz.7.1804: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 233.580108][ T9505] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 233.672634][ T9533] EXT4-fs (loop7): Remounting filesystem read-only [ 233.900596][ T9553] loop4: detected capacity change from 0 to 8192 [ 234.059575][ T9553] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 234.113424][ T9553] REISERFS (device loop4): using ordered data mode [ 234.120145][ T9553] reiserfs: using flush barriers [ 234.130650][ T9553] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 234.189971][ T9569] llcp: llcp_sock_recvmsg: Recv datagram failed state 5 -11 0 [ 234.313290][ T9553] REISERFS (device loop4): checking transaction log (loop4) [ 234.385136][ T9553] REISERFS (device loop4): Using r5 hash to sort names [ 234.411412][ T9553] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 234.466154][ T9553] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 234.701790][ T9587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1828'. [ 234.716038][ T9588] loop5: detected capacity change from 0 to 512 [ 234.804323][ T9588] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 234.887221][ T9588] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 234.929046][ T9566] loop7: detected capacity change from 0 to 32768 [ 235.083583][ T9588] EXT4-fs (loop5): Cannot change journaled quota options when quota turned on [ 235.248559][ T9605] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1836'. [ 235.402427][ T9606] loop6: detected capacity change from 0 to 4096 [ 235.437875][ T9606] __ntfs_warning: 62 callbacks suppressed [ 235.437892][ T9606] ntfs: (device loop6): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 235.580932][ T9606] ntfs: volume version 3.1. [ 235.626863][ T9606] ntfs: (device loop6): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set ascii. You might want to try to use the mount option nls=utf8. [ 235.723091][ T9606] ntfs: (device loop6): ntfs_filldir(): Skipping unrepresentable inode 0x4. [ 236.001629][ T9638] loop5: detected capacity change from 0 to 1024 [ 236.118412][ T9638] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (46228!=20869) [ 236.668423][ T9638] EXT4-fs (loop5): mounted filesystem without journal. Opts: user_xattr,nobarrier,norecovery,errors=remount-ro,grpid,. Quota mode: writeback. [ 236.839958][ T9638] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1850: bg 0: block 32: padding at end of block bitmap is not set [ 236.949917][ T9652] loop4: detected capacity change from 0 to 32768 [ 237.026633][ T9646] loop6: detected capacity change from 0 to 32768 [ 237.147773][ T9646] JBD2: Ignoring recovery information on journal [ 237.229308][ T9646] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 237.289953][ T9657] loop7: detected capacity change from 0 to 32768 [ 237.360471][ T6223] ocfs2: Unmounting device (7,6) on (node local) [ 237.397287][ T9667] loop5: detected capacity change from 0 to 2048 [ 237.428264][ T9657] XFS (loop7): Mounting V5 Filesystem [ 237.465755][ T9675] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 237.608274][ T9657] XFS (loop7): Ending clean mount [ 237.862889][ T6330] XFS (loop7): Unmounting Filesystem [ 238.097234][ T9687] option changes via remount are deprecated (pid=9686 comm=syz.5.1872) [ 238.106808][ T9687] cgroup: option or name mismatch, new: 0x0 "func", old: 0x0 "" [ 238.588752][ T9710] loop6: detected capacity change from 0 to 1024 [ 238.619812][ T9710] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (46228!=20869) [ 238.788942][ T9721] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1885'. [ 238.844618][ T9710] EXT4-fs (loop6): mounted filesystem without journal. Opts: user_xattr,nobarrier,norecovery,errors=remount-ro,grpid,. Quota mode: writeback. [ 238.892540][ T4236] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 238.936032][ T9725] loop4: detected capacity change from 0 to 1024 [ 239.002778][ T9725] hfsplus: request for non-existent node 3 in B*Tree [ 239.022818][ T9725] hfsplus: request for non-existent node 3 in B*Tree [ 239.042327][ T9710] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1882: bg 0: block 32: padding at end of block bitmap is not set [ 239.086986][ T9727] loop5: detected capacity change from 0 to 4096 [ 239.201795][ T9727] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 239.272537][ T4236] usb 8-1: config 220 has an invalid interface number: 76 but max is 2 [ 239.286471][ T9727] ntfs3: loop5: Failed to load $Extend. [ 239.289628][ T4236] usb 8-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 239.312628][ T4236] usb 8-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 239.362569][ T4236] usb 8-1: config 220 has no interface number 2 [ 239.368909][ T4236] usb 8-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 239.402527][ T4236] usb 8-1: config 220 interface 0 has no altsetting 0 [ 239.445488][ T4236] usb 8-1: config 220 interface 76 has no altsetting 0 [ 239.463052][ T4236] usb 8-1: config 220 interface 1 has no altsetting 0 [ 239.632427][ T4236] usb 8-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 239.680893][ T4236] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.712612][ T4236] usb 8-1: Product: syz [ 239.716845][ T4236] usb 8-1: Manufacturer: syz [ 239.737906][ T4236] usb 8-1: SerialNumber: syz [ 240.032974][ T9733] loop4: detected capacity change from 0 to 40427 [ 240.142525][ T4236] usb 8-1: selecting invalid altsetting 0 [ 240.149031][ T4236] usb 8-1: Found UVC 7.01 device syz (8086:0b07) [ 240.178048][ T9733] F2FS-fs (loop4): Found nat_bits in checkpoint [ 240.187949][ T4236] usb 8-1: No valid video chain found. [ 240.293400][ T4236] usb 8-1: selecting invalid altsetting 0 [ 240.300140][ T4236] usbtest: probe of 8-1:220.1 failed with error -22 [ 240.307365][ T9733] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 240.318342][ T9737] loop5: detected capacity change from 0 to 32768 [ 240.337191][ T4236] usb 8-1: USB disconnect, device number 7 [ 240.460763][ T9737] XFS (loop5): Mounting V5 Filesystem [ 240.607524][ T9737] XFS (loop5): Ending clean mount [ 240.617616][ T9737] XFS (loop5): Quotacheck needed: Please wait. [ 240.672385][ T4191] attempt to access beyond end of device [ 240.672385][ T4191] loop4: rw=2049, want=45104, limit=40427 [ 240.795682][ T9786] loop7: detected capacity change from 0 to 256 [ 240.843313][ T9737] XFS (loop5): Quotacheck: Done. [ 240.863044][ T9786] exfat: Deprecated parameter 'utf8' [ 240.911058][ T9786] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe0a6470d, utbl_chksum : 0xe619d30d) [ 241.007307][ T5988] XFS (loop5): Unmounting Filesystem [ 241.242178][ C1] vkms_vblank_simulate: vblank timer overrun [ 241.337446][ T9794] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1916'. [ 241.363338][ T9794] device vlan2 entered promiscuous mode [ 241.382219][ T9794] device bridge0 entered promiscuous mode [ 241.625108][ T9792] loop6: detected capacity change from 0 to 32768 [ 241.637023][ T9800] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1918'. [ 241.728355][ T9792] ocfs2: Slot 0 on device (7,6) was already allocated to this node! [ 241.822920][ T9792] JBD2: Ignoring recovery information on journal [ 241.837875][ T9806] loop7: detected capacity change from 0 to 2048 [ 241.922828][ T9807] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 241.990132][ T9792] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 242.249019][ T6223] ocfs2: Unmounting device (7,6) on (node local) [ 242.284994][ T9813] loop7: detected capacity change from 0 to 256 [ 242.362585][ T9813] exfat: Deprecated parameter 'namecase' [ 242.368373][ T9813] exfat: Deprecated parameter 'namecase' [ 242.478650][ T9813] exFAT-fs (loop7): failed to load upcase table (idx : 0x00000c00, chksum : 0x54b6a122, utbl_chksum : 0xe619d30d) [ 242.505024][ T9802] loop5: detected capacity change from 0 to 40427 [ 242.580763][ T9817] loop6: detected capacity change from 0 to 512 [ 242.609024][ T9802] F2FS-fs (loop5): invalid crc value [ 242.634531][ T9802] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 242.647527][ T9822] loop7: detected capacity change from 0 to 8 [ 242.671531][ T9817] EXT4-fs (loop6): Ignoring removed bh option [ 242.712058][ T9817] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 242.742120][ T9817] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 242.820393][ T9817] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:476: comm syz.6.1922: Invalid block bitmap block 0 in block_group 0 [ 242.829983][ T5285] kernel read not supported for file /dsp (pid: 5285 comm: kworker/1:16) [ 242.868836][ T9802] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 242.900716][ T9817] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6191: Corrupt filesystem [ 242.917466][ T26] audit: type=1800 audit(1779142440.154:28): pid=9802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1915" name="bus" dev="loop5" ino=10 res=0 errno=0 [ 242.980957][ T9817] EXT4-fs error (device loop6): ext4_clear_blocks:883: inode #11: comm syz.6.1922: attempt to clear invalid blocks 983261 len 1 [ 243.008777][ T9817] EXT4-fs error (device loop6): __ext4_get_inode_loc:4334: comm syz.6.1922: Invalid inode table block 0 in block_group 0 [ 243.064202][ T9817] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 243.117734][ T9831] netlink: 108 bytes leftover after parsing attributes in process `syz.7.1927'. [ 243.137691][ T9817] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem [ 243.154099][ T9817] EXT4-fs error (device loop6): __ext4_get_inode_loc:4334: comm syz.6.1922: Invalid inode table block 0 in block_group 0 [ 243.199683][ T9817] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 243.227716][ T9817] EXT4-fs error (device loop6): ext4_truncate:4286: inode #11: comm syz.6.1922: mark_inode_dirty error [ 243.245487][ T9833] loop7: detected capacity change from 0 to 1764 [ 243.260526][ T9817] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem [ 243.269739][ T4236] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 243.290012][ T9817] EXT4-fs error (device loop6): __ext4_get_inode_loc:4334: comm syz.6.1922: Invalid inode table block 0 in block_group 0 [ 243.317835][ T9817] EXT4-fs (loop6): 1 truncate cleaned up [ 243.329338][ T9817] EXT4-fs (loop6): mounted filesystem without journal. Opts: dioread_nolock,grpquota,bh,noblock_validity,,errors=continue. Quota mode: writeback. [ 243.346825][ T9802] attempt to access beyond end of device [ 243.346825][ T9802] loop5: rw=2049, want=79872, limit=40427 [ 243.407045][ T9802] attempt to access beyond end of device [ 243.407045][ T9802] loop5: rw=2049, want=81920, limit=40427 [ 243.454885][ T9802] attempt to access beyond end of device [ 243.454885][ T9802] loop5: rw=2049, want=49944, limit=40427 [ 243.476445][ C1] vkms_vblank_simulate: vblank timer overrun [ 243.509890][ T5988] attempt to access beyond end of device [ 243.509890][ T5988] loop5: rw=2049, want=45104, limit=40427 [ 243.652106][ T4236] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 243.667599][ T4236] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 243.680852][ T4236] usb 5-1: New USB device found, idVendor=056a, idProduct=00d8, bcdDevice= 0.00 [ 243.691038][ T4236] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.725673][ T9842] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.1932: invalid indirect mapped block 4294967295 (level 1) [ 243.762916][ T9842] EXT4-fs (loop6): Remounting filesystem read-only [ 243.769495][ T9842] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.1932: invalid indirect mapped block 4294967295 (level 1) [ 243.816488][ T4236] usb 5-1: config 0 descriptor?? [ 243.857624][ T9827] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 243.877793][ T9842] EXT4-fs (loop6): Remounting filesystem read-only [ 243.918657][ T9842] EXT4-fs (loop6): 2 truncates cleaned up [ 243.938402][ T9842] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpjquota=,errors=remount-ro,discard,auto_da_alloc=0x000000007fffffff,barrier=0x0000000000000000,. Quota mode: writeback. [ 243.956472][ C1] vkms_vblank_simulate: vblank timer overrun [ 244.032744][ T9842] EXT4-fs error (device loop6): empty_inline_dir:1873: inode #12: block 7: comm syz.6.1932: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 244.078929][ T9842] EXT4-fs (loop6): Remounting filesystem read-only [ 244.092492][ T9842] EXT4-fs warning (device loop6): empty_inline_dir:1880: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 244.332689][ T4236] hid (null): unknown global tag 0xe [ 244.338085][ T4236] hid (null): unknown global tag 0xe [ 244.368641][ T4236] hid (null): unknown global tag 0xe [ 244.413408][ T4236] wacom 0003:056A:00D8.0017: unknown main item tag 0x3 [ 244.420417][ T4236] wacom 0003:056A:00D8.0017: unknown global tag 0xe [ 244.437931][ T4236] wacom 0003:056A:00D8.0017: item 0 2 1 14 parsing failed [ 244.452816][ T4236] wacom 0003:056A:00D8.0017: parse failed [ 244.469965][ T4236] wacom: probe of 0003:056A:00D8.0017 failed with error -22 [ 244.535790][ T4236] usb 5-1: USB disconnect, device number 9 [ 244.754220][ T9873] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.1945'. [ 244.818350][ T9869] EXT4-fs (loop6): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000002000000,grpquota,,errors=continue. Quota mode: writeback. [ 244.862252][ T9869] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 244.885895][ T9881] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1948'. [ 244.918484][ T9881] device veth3 entered promiscuous mode [ 244.979388][ T9869] [ 244.981776][ T9869] ====================================================== [ 244.988812][ T9869] WARNING: possible circular locking dependency detected [ 244.995866][ T9869] syzkaller #0 Not tainted [ 245.000302][ T9869] ------------------------------------------------------ [ 245.007337][ T9869] syz.6.1943/9869 is trying to acquire lock: [ 245.013336][ T9869] ffff88805f824b28 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410 [ 245.022252][ T9869] [ 245.022252][ T9869] but task is already holding lock: [ 245.029634][ T9869] ffff8880745b7020 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x8bf/0x1b30 [ 245.039175][ T9869] [ 245.039175][ T9869] which lock already depends on the new lock. [ 245.039175][ T9869] [ 245.049610][ T9869] [ 245.049610][ T9869] the existing dependency chain (in reverse order) is: [ 245.058650][ T9869] [ 245.058650][ T9869] -> #2 (&ei->i_data_sem/2){++++}-{3:3}: [ 245.066529][ T9869] down_write+0x38/0x60 [ 245.071246][ T9869] ext4_map_blocks+0x8bf/0x1b30 [ 245.076657][ T9869] ext4_getblk+0x176/0x670 [ 245.081634][ T9869] ext4_bread+0x26/0x180 [ 245.086424][ T9869] ext4_quota_write+0x236/0x580 [ 245.091836][ T9869] do_insert_tree+0x115c/0x1970 [ 245.097244][ T9869] do_insert_tree+0x5b1/0x1970 [ 245.102574][ T9869] do_insert_tree+0x5b1/0x1970 [ 245.107895][ T9869] do_insert_tree+0x5b1/0x1970 [ 245.113208][ T9869] qtree_write_dquot+0x361/0x4b0 [ 245.118674][ T9869] v2_write_dquot+0x108/0x190 [ 245.123889][ T9869] dquot_acquire+0x2d5/0x520 [ 245.129033][ T9869] ext4_acquire_dquot+0x2d9/0x4a0 [ 245.134615][ T9869] dqget+0x778/0xeb0 [ 245.139068][ T9869] __dquot_initialize+0x3c3/0xcd0 [ 245.144644][ T9869] ext4_process_orphan+0x54/0x300 [ 245.150201][ T9869] ext4_orphan_cleanup+0xad2/0x1320 [ 245.155925][ T9869] ext4_fill_super+0x8d6e/0x94f0 [ 245.161392][ T9869] mount_bdev+0x287/0x3c0 [ 245.166273][ T9869] legacy_get_tree+0xe6/0x180 [ 245.171480][ T9869] vfs_get_tree+0x88/0x270 [ 245.176445][ T9869] do_new_mount+0x24a/0xa40 [ 245.181501][ T9869] __se_sys_mount+0x2e3/0x3d0 [ 245.186732][ T9869] do_syscall_64+0x4c/0xa0 [ 245.191695][ T9869] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 245.198111][ T9869] [ 245.198111][ T9869] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}: [ 245.206192][ T9869] down_read+0x44/0x2e0 [ 245.210875][ T9869] v2_read_dquot+0x4a/0x110 [ 245.215919][ T9869] dquot_acquire+0x152/0x520 [ 245.221069][ T9869] ext4_acquire_dquot+0x2d9/0x4a0 [ 245.226621][ T9869] dqget+0x778/0xeb0 [ 245.231042][ T9869] __dquot_initialize+0x3c3/0xcd0 [ 245.236609][ T9869] ext4_process_orphan+0x54/0x300 [ 245.242189][ T9869] ext4_orphan_cleanup+0xad2/0x1320 [ 245.247917][ T9869] ext4_fill_super+0x8d6e/0x94f0 [ 245.253388][ T9869] mount_bdev+0x287/0x3c0 [ 245.258272][ T9869] legacy_get_tree+0xe6/0x180 [ 245.263490][ T9869] vfs_get_tree+0x88/0x270 [ 245.268429][ T9869] do_new_mount+0x24a/0xa40 [ 245.273457][ T9869] __se_sys_mount+0x2e3/0x3d0 [ 245.278688][ T9869] do_syscall_64+0x4c/0xa0 [ 245.283646][ T9869] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 245.290061][ T9869] [ 245.290061][ T9869] -> #0 (&dquot->dq_lock){+.+.}-{3:3}: [ 245.297724][ T9869] __lock_acquire+0x2c42/0x7d10 [ 245.303124][ T9869] lock_acquire+0x19e/0x400 [ 245.308159][ T9869] __mutex_lock_common+0x1e3/0x2400 [ 245.313884][ T9869] mutex_lock_nested+0x17/0x20 [ 245.319181][ T9869] dquot_commit+0x5a/0x410 [ 245.324129][ T9869] ext4_write_dquot+0x1f0/0x360 [ 245.329530][ T9869] mark_all_dquot_dirty+0x1e3/0x400 [ 245.335258][ T9869] __dquot_alloc_space+0x5d0/0xe20 [ 245.340924][ T9869] ext4_mb_new_blocks+0xfb1/0x4820 [ 245.346593][ T9869] ext4_ext_map_blocks+0x18ab/0x65e0 [ 245.352432][ T9869] ext4_map_blocks+0x98e/0x1b30 [ 245.357832][ T9869] ext4_getblk+0x176/0x670 [ 245.362803][ T9869] ext4_bread+0x26/0x180 [ 245.367597][ T9869] ext4_append+0x2be/0x560 [ 245.372567][ T9869] ext4_init_new_dir+0x2a2/0x940 [ 245.378049][ T9869] ext4_mkdir+0x4fb/0xce0 [ 245.382926][ T9869] vfs_mkdir+0x387/0x570 [ 245.387739][ T9869] do_mkdirat+0x1df/0x5b0 [ 245.392620][ T9869] __x64_sys_mkdirat+0x85/0x90 [ 245.397955][ T9869] do_syscall_64+0x4c/0xa0 [ 245.402937][ T9869] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 245.409386][ T9869] [ 245.409386][ T9869] other info that might help us debug this: [ 245.409386][ T9869] [ 245.419760][ T9869] Chain exists of: [ 245.419760][ T9869] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2 [ 245.419760][ T9869] [ 245.433455][ T9869] Possible unsafe locking scenario: [ 245.433455][ T9869] [ 245.440935][ T9869] CPU0 CPU1 [ 245.446334][ T9869] ---- ---- [ 245.451721][ T9869] lock(&ei->i_data_sem/2); [ 245.456352][ T9869] lock(&s->s_dquot.dqio_sem); [ 245.463780][ T9869] lock(&ei->i_data_sem/2); [ 245.470922][ T9869] lock(&dquot->dq_lock); [ 245.475352][ T9869] [ 245.475352][ T9869] *** DEADLOCK *** [ 245.475352][ T9869] [ 245.483509][ T9869] 4 locks held by syz.6.1943/9869: [ 245.488631][ T9869] #0: ffff88807ab6a460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 245.497803][ T9869] #1: ffff88805fb5dda8 (&type->i_mutex_dir_key#4/1){+.+.}-{3:3}, at: filename_create+0x208/0x470 [ 245.508455][ T9869] #2: ffff8880745b7020 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x8bf/0x1b30 [ 245.518409][ T9869] #3: ffffffff8c441df8 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x5/0x30 [ 245.527464][ T9869] [ 245.527464][ T9869] stack backtrace: [ 245.533374][ T9869] CPU: 1 PID: 9869 Comm: syz.6.1943 Not tainted syzkaller #0 [ 245.540812][ T9869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 245.550906][ T9869] Call Trace: [ 245.554213][ T9869] [ 245.557168][ T9869] dump_stack_lvl+0x188/0x250 [ 245.561876][ T9869] ? load_image+0x400/0x400 [ 245.566411][ T9869] ? show_regs_print_info+0x20/0x20 [ 245.571645][ T9869] ? print_circular_bug+0x12b/0x1a0 [ 245.576881][ T9869] check_noncircular+0x296/0x330 [ 245.581939][ T9869] ? add_chain_block+0x940/0x940 [ 245.586912][ T9869] ? lockdep_lock+0xf1/0x1f0 [ 245.591544][ T9869] ? mark_lock+0x94/0x320 [ 245.595911][ T9869] __lock_acquire+0x2c42/0x7d10 [ 245.600804][ T9869] ? add_chain_block+0x940/0x940 [ 245.605766][ T9869] ? lockdep_lock+0xf1/0x1f0 [ 245.610392][ T9869] ? verify_lock_unused+0x140/0x140 [ 245.615652][ T9869] ? lockdep_unlock+0x143/0x2e0 [ 245.620529][ T9869] ? lockdep_lock+0x1f0/0x1f0 [ 245.625280][ T9869] ? __lock_acquire+0x28ac/0x7d10 [ 245.630355][ T9869] lock_acquire+0x19e/0x400 [ 245.634900][ T9869] ? dquot_commit+0x5a/0x410 [ 245.639530][ T9869] ? __might_sleep+0xf0/0xf0 [ 245.644154][ T9869] ? read_lock_is_recursive+0x10/0x10 [ 245.649571][ T9869] ? dquot_commit+0x5a/0x410 [ 245.654201][ T9869] __mutex_lock_common+0x1e3/0x2400 [ 245.659439][ T9869] ? dquot_commit+0x5a/0x410 [ 245.664073][ T9869] ? __might_sleep+0xf0/0xf0 [ 245.668693][ T9869] ? mutex_lock_io_nested+0x60/0x60 [ 245.673934][ T9869] mutex_lock_nested+0x17/0x20 [ 245.678731][ T9869] dquot_commit+0x5a/0x410 [ 245.683169][ T9869] ? __ext4_journal_start_sb+0x1bd/0x360 [ 245.688805][ T9869] ext4_write_dquot+0x1f0/0x360 [ 245.693662][ T9869] mark_all_dquot_dirty+0x1e3/0x400 [ 245.698867][ T9869] __dquot_alloc_space+0x5d0/0xe20 [ 245.703990][ T9869] ext4_mb_new_blocks+0xfb1/0x4820 [ 245.709124][ T9869] ? memset+0x1e/0x40 [ 245.713115][ T9869] ? ext4_mb_pa_callback+0xd0/0xd0 [ 245.718229][ T9869] ? ext4_ext_check_overlap+0x15f/0x560 [ 245.723808][ T9869] ? ext4_inode_to_goal_block+0x2be/0x450 [ 245.729554][ T9869] ext4_ext_map_blocks+0x18ab/0x65e0 [ 245.734857][ T9869] ? kasan_quarantine_put+0xd4/0x220 [ 245.740152][ T9869] ? ext4_ext_release+0x10/0x10 [ 245.745010][ T9869] ? rwsem_write_trylock+0x135/0x1c0 [ 245.750305][ T9869] ? ext4_es_lookup_extent+0x60a/0xa00 [ 245.755788][ T9869] ext4_map_blocks+0x98e/0x1b30 [ 245.760647][ T9869] ? ext4_map_blocks+0x56a/0x1b30 [ 245.765681][ T9869] ? ext4_issue_zeroout+0x250/0x250 [ 245.770921][ T9869] ext4_getblk+0x176/0x670 [ 245.775348][ T9869] ? ext4_get_block_unwritten+0x30/0x30 [ 245.781023][ T9869] ? __brelse+0x55/0x90 [ 245.785194][ T9869] ext4_bread+0x26/0x180 [ 245.789460][ T9869] ext4_append+0x2be/0x560 [ 245.793886][ T9869] ? ext4_init_new_dir+0x940/0x940 [ 245.799002][ T9869] ? ext4_has_group_desc_csum+0x1f0/0x1f0 [ 245.804727][ T9869] ext4_init_new_dir+0x2a2/0x940 [ 245.809681][ T9869] ext4_mkdir+0x4fb/0xce0 [ 245.814038][ T9869] ? ext4_symlink+0xca0/0xca0 [ 245.818722][ T9869] ? inode_permission+0xef/0x480 [ 245.823667][ T9869] ? bpf_lsm_inode_mkdir+0x5/0x10 [ 245.828717][ T9869] ? security_inode_mkdir+0xb3/0x100 [ 245.834018][ T9869] vfs_mkdir+0x387/0x570 [ 245.838268][ T9869] do_mkdirat+0x1df/0x5b0 [ 245.842606][ T9869] ? vfs_mkdir+0x570/0x570 [ 245.847029][ T9869] ? getname_flags+0x1fe/0x500 [ 245.851832][ T9869] __x64_sys_mkdirat+0x85/0x90 [ 245.856609][ T9869] do_syscall_64+0x4c/0xa0 [ 245.861032][ T9869] ? clear_bhb_loop+0x30/0x80 [ 245.865759][ T9869] ? clear_bhb_loop+0x30/0x80 [ 245.870457][ T9869] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 245.876366][ T9869] RIP: 0033:0x7f89b6cdbcc7 [ 245.880870][ T9869] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 245.900484][ T9869] RSP: 002b:00007f89b4f35e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 245.908912][ T9869] RAX: ffffffffffffffda RBX: 00007f89b4f35ee0 RCX: 00007f89b6cdbcc7 [ 245.916898][ T9869] RDX: 00000000000001ff RSI: 0000200000000680 RDI: 00000000ffffff9c [ 245.924893][ T9869] RBP: 0000200000000080 R08: 0000200000000000 R09: 0000000000000000 [ 245.932893][ T9869] R10: 0000200000000080 R11: 0000000000000246 R12: 0000200000000680 [ 245.940892][ T9869] R13: 00007f89b4f35ea0 R14: 0000000000000000 R15: 0000000000000000 [ 245.948872][ T9869] [ 245.951968][ C1] vkms_vblank_simulate: vblank timer overrun [ 246.026328][ T9869] EXT4-fs error (device loop6): ext4_empty_dir:3139: inode #12: comm syz.6.1943: Directory hole found for htree leaf block 0 [ 252.310676][ T1325] Bluetooth: hci0: command 0x0406 tx timeout