last executing test programs: 7m2.780346731s ago: executing program 2 (id=6790): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015000100142603600e1208000f0000000401a8001600a000014001000700036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe10000000001001000730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) 7m2.42618299s ago: executing program 2 (id=6797): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001240)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d504"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000500)="b9ff03076804268cb89e14f086dd47e0ffff2000000000000000ac141416e000000129a130112b92121f9ae0dd972fa104edcce40d8d", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 7m2.207438741s ago: executing program 2 (id=6801): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000a80)={r0, 0xffffffffffffffff, 0x20}, 0x14) 7m2.030765831s ago: executing program 2 (id=6805): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x800, &(0x7f00000017c0)={[{@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@umask={'umask', 0x3d, 0x4}}, {@namecase}, {@namecase}, {@fmask={'fmask', 0x3d, 0x8}}, {@discard}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@allow_utime={'allow_utime', 0x3d, 0x3}}, {@errors_continue}]}, 0x1, 0x1528, &(0x7f0000000280)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 7m1.616654522s ago: executing program 2 (id=6812): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file1\x00', 0x2000082, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c757466383d312c696f636861727365743d63703836322c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c757466383d312c73686f72746e616d653d77696e6e742c696f636861727365743d69736f383835392d392c636f6465706167653d3835302c73686f72746e616d653d6d697865642c757466383d312c73686f72746e616d653d6d697865642c757466383d302c726f6469722c00b112a1fcbf44cfda2d816615d95e9a707c706aabf136eefda1830103971b89607516a2f15f848964c092e8ed518abcce491915aa7ffc0e4031e79235687fc4febae98e567d00465caa2a5a1b971ee8"], 0x27, 0x367, &(0x7f0000000580)="$eJzs3T9oXHUcAPDv9SW5JFhzg1BwOt0EKU3AxSmhVChm0Mrhv8XDpqK5s5DDgzjkcotSnBQXQSe3Djp2FgcRNwdXK4h/cLFbocEnd/fu3f82BS9W/HyG8uX7+37f7/deH7l3R+6X11qxe3kxrty69UssLxdiYfP8ZtwuRClORRI9hzHVB0vT8wDAA+52msafac+9qz9a7Ude+wHgv6v7+v/G6UGieB/N1x6ax5IAgDkbvP8v3O39/3NTs1fntiwAYI4mPv9/fGR47GP+hfx3AnpW5r9AAOAf98LLrzy7tR1xqVxejqi/36w0K/H0YHzrSrwZtdiJc7EWRxG9B4Xe00Ln32cubl84V+74tRSVTkezElFvNSu9J4WtpNtfjPVYi1LWn+b9Sad/vdtfjojDVnf+qBealcVYzeb/cTV2YiPW4pGJ/oiL2xc2ytkBKvV+fyuiHcv9k+is/2ysxfevx9WoxeXo9A7Wf7BeLp9Pt0f6m9eL3ToAAAAAAAAAAAAAAAAAAAAAAJiHs+VcKd//Jq23mu9dyguSGBvv7u/TG872B2r39gdKi/3dea4l4/sDje7P06wsxKl/9cwBAAAAAAAAAAAAAAAAAADgwdHYX4pqrbaz19h/d3c4aA1l3v72i69Xoj+0kLW+lQy6IkuOHKdfOHTkJPIp0rw9TUZqsiCJ6BcfVq/fyFc8XFPMz2KivRMUJ4YK2Zqqtdrpx37+dFrXX53gsJtJYuKyjAaFbP6hofrDncRyRBzN6podbNyj5maaprPaDz4Zz2RbMbTuexnHCL5Z7FzbM091M19lMz3x5NqLNz/+/Pfdai3avStTqy3tNY7SYxw5ChF5Jk2zIBm6fwrZdS5MuROmB+1Bpr3X2K8mP/zx0qMffjdWnEy/f9LhzDuz5/pyPLPUCwoRpf5FuNtSF6fc/NODV+/kd+/w0MxbYiQ489lm9cbBT78d93956IeEjToAAAAAAAAAAAAAAAAAAOBEDL70OzaQpmlrsrz/lf7nT2JtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBSBn//fyhoT2SyoBSTxXlwpxWTQ8WdvcbMyVdO9FQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+zsAAP//Pbl65w==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) 7m0.957314057s ago: executing program 2 (id=6822): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {0x7a}, [{0x78, 0x1, [@m_police={0x74, 0x1, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RESULT={0x8, 0x5, 0x10000000}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x8c}}, 0x0) 7m0.508987601s ago: executing program 32 (id=6822): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {0x7a}, [{0x78, 0x1, [@m_police={0x74, 0x1, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RESULT={0x8, 0x5, 0x10000000}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x8c}}, 0x0) 1.966055646s ago: executing program 3 (id=11335): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5, 0x3, 0x2}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}, 0x1, 0x0, 0x0, 0x850}, 0x0) 1.850176982s ago: executing program 0 (id=11337): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000080)=0x6, 0x4) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="1400000022000106"], 0x14}], 0x1}, 0x20000080) 1.798886104s ago: executing program 3 (id=11338): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='uid_map\x00') preadv(r0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/76, 0x4c}], 0x1, 0x80, 0x9) preadv(r0, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/66, 0x42}], 0x1, 0x7, 0x94) 1.622181404s ago: executing program 0 (id=11341): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115, 0x2201}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x81}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002) 1.554751537s ago: executing program 3 (id=11343): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c) 1.391119626s ago: executing program 1 (id=11344): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ffff00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f00000003c0)=""/10, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) 1.390741806s ago: executing program 0 (id=11345): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200080, &(0x7f00000000c0), 0x3, 0x56d, &(0x7f0000000c00)="$eJzs3c+PG1cdAPDvzP6w86PdBHqAqpAAhYCieLNOG1W9NLmAUFUJUXFAHNJl11ktseMQe0t3icT2bwAJBCf4EzggcUDqiQM3jkgcEFI5IAWIQFkESEYznt04WVtxYq/d7H4+0mR+vHnzfU/O+D0/e+cFcGSdjYjtiJiPiHciYqE4nhRLXOku2Xn3791Z2bl3ZyWJTuftvyd5enYsevJkThTXLEfE178S8e1kf9zW5taN5Xq9drvYX2w3bi22NrcurDeW12prtZvV6uWlyxdfu/RqdWx1PdP45d0vr7/5jd/8+lMf/n77S9/PinWySOutxzh1qz63FyczGxFvHkSwKZgp1vP7Ul7qn+HKwZaHJ5NGxMci4rP5/b8QM/n/TgDgMOt0fhqdhd59AOCwyz7/nywnaSUi0rToBFS6Y3gvxPG03my1z19vbtxc7Y6VnYq59Pp6vXbxdOmP381Pnkuy/aU8LU/P96uP7F+KiNMR8aPSsXy/stKsr06nywMAR96J/Duwov2PiH+V0rRSGSprn2/1AIBnRnkKOQGA6eptxUtTLAcAMDk+xQPA0TNE+1982b994GUBACbD538AOHq0/wBw9Dxp++83ggDwTPvaW29lS2eneP716rubG3PNdy+s1lo3Ko2NlcpK8/atylqzuZY/s6fxUOZjPdtFn6DebN5aeiU23lts11rtxdbm1rVGc+Nm+1r+XO9rtbmJ1g4A6Of0mQ/+kETE9uvH8iV65nLQVsPhlk67AMDUzDzYrJ140sw6CPBMe7rZvv4z9nIAkzdUE553En534GUBpqPvw7zLfTcf9pMnCOJ3xvCRcu6Tw4//75/jGXiWGf+Ho2vmqXK9MfZyAJP3dOP/wGHQ6SSPzvk/v5cEABxKI/yEr/ODcXVCgKl63GTeY/n+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6ZkxHxnUjSSj4XeJr9m1YqEc9FxKmYS66v12sXI+L5OBMRc6Vsf2nahQYARpT+NSnm/zq38PLJR1Pnk3+X8nVEfO9nb//4veV2+/ZSdvwfe8dLu9OHVR/kG2FeQQBgOJ3SkCfm7Xe1WPd8kL9/787K7nJQhezn7tX4XzEV8crOvTv50k2ZjexgRDnvSxz/ZxKzRZ5yRLwYETNjiL/9fkR8ol/9k3xs5FQx82lv/ChiPzfR+OlD8dM8rbvOOl8fH0NZ4Kj54GpEXOl3/6VxNl/3v//L+TvU6O5e7V5s971vpyf+bBFppk/87J4/O2yMV3771X0HOwvdtPcjXpztFz/Zi58MiP/ykPH/9NKnf/jGgLTOzyPORf/4vbEW241bi63NrQvrjeW12lo5qtXLS5cvvnbp1epiPka9uDtSvd/fXj///KCyZfU/PiB+uW/95/fyfn7I+v/iv+986zMPdkuPxv/i5/q//i/0jd+VtYlfeDhMZ1D85eO/Gjh9dxZ/dUD9H/f6nx+m8hHx4V+2Voc8FQCYgNbm1o3ler12e6SNNHY647jOvo2siMOdvNtdHC3on+MgavGUG3MjV2daG7N7fcXxXvmb2RUnXJ107LUYaeP+pGJN7z0JmIwHN/20SwIAAAAAAAAAAAAAAAwyiT9dmnYdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOLz+HwAA//+WydIx") r0 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000040)=0xeea0) 1.390472086s ago: executing program 3 (id=11346): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0) ioctl$BTRFS_IOC_DEFRAG(r0, 0xc00c6211, 0x0) 1.152537989s ago: executing program 3 (id=11348): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@quota}, {@delalloc}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) 1.099373601s ago: executing program 1 (id=11349): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x3a) read(r0, &(0x7f0000002400)=""/4062, 0xfde) 982.082428ms ago: executing program 4 (id=11350): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)={0x50, r1, 0x1, 0x3, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}, {0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x50}, 0x1, 0x0, 0x0, 0xc082}, 0x20004080) 909.850892ms ago: executing program 4 (id=11351): capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x20001) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)={0x0, 0x0, 0xa237}) 834.585176ms ago: executing program 0 (id=11352): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth0_macvtap\x00', 0x0}) sendmmsg$inet(r0, &(0x7f0000000000)=[{{&(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @multicast2, @private=0xa010100}}}, @ip_retopts={{0x18, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0x4, [@empty]}]}}}], 0x38}}], 0x1, 0x0) 622.159407ms ago: executing program 4 (id=11353): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, 0xffffffffffffffff}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x40000000}}]}, &(0x7f0000000240)='GPL\x00', 0x4, 0x4, &(0x7f0000002500)=""/4105, 0x0, 0x68}, 0x94) 621.926367ms ago: executing program 1 (id=11354): capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7}) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000300)=0xf) 469.242775ms ago: executing program 4 (id=11355): mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000) r0 = socket$kcm(0xf, 0x3, 0x2) sendmsg$kcm(r0, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000002740)=')', 0x1}, {0x0}], 0x2}, 0x0) 466.012385ms ago: executing program 1 (id=11356): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080)={0x1}, 0x8) shutdown(r0, 0x1) 338.244991ms ago: executing program 0 (id=11357): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a0b040000000000000006020000000900010073797a30000000000900020073797a320000000005000740c500000018000480140001800b0001007470726f787900"], 0x74}}, 0x0) 265.265556ms ago: executing program 1 (id=11358): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000100)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffe9}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c643c, &(0x7f0000000300)={0x0, 0x0, r0}) 250.745236ms ago: executing program 4 (id=11359): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x129080, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) ioctl$SNDCTL_TMR_TIMEBASE(r0, 0xc0045401, &(0x7f0000000080)=0xf5) 146.211932ms ago: executing program 0 (id=11360): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4445, &(0x7f000000cd00)="$eJzs3c9PXFsdAPDvveB7gO9V+t5bPBMTJ/ElGjUEulJpYktpKbRYU21j3EwHmLbowDQwGBdd4K6JKxMXjYtGE3esGhZu65/gxmVdN9GFGxOTRszMXOjcy4xMGwZs3+ez4DDnN3zvPZy7uJw007i/ulla3SxV1kv15bub50q/qNe21qqRDt5wROTHj+2THJ/XMIjr5BSvvc+9G5eu/Oj2uYg/r/z1xd7e3l40DUdXUx3f/+ufD5c7031poU2z3+69HZefRsQnh+bVNBQRP/lTRBIRF7O8mSwdjYgz0S67/fDXd0rHNJunz6vnyy8XH+1Of7aw82S398+eRPyu9uVv31v7+9eGpv/2zWMaHgAAAAAAAAAAAAAAAACAt9zczRu3fjg5Fc+SGN5JDr+vO5elvd6P3Ts2Xx38DwsAAAAAAAAAAAAAAAAAAAD/p169/19KPury/v9sll7o0X7v+4OfI4Mz/4Mbs5cnp7Lz35ND5d/Jsv5xcSjOdjn3vXj++8VC++7nvx8e503tz29/3PFI0pGO8vFI04mJiD9kB79/moyltfpm41t361vrK8c2jbdWPv7t0/tz0ckO9O83/jOF/gd//v/Hh66m5uc7x3eJvdPy8R/qWe+Pv0r6iv+lfLPHA5p2h48HP8Q7LB//4VbeaGeF99tJM/6/GT46/rOF/gd1/5+JiFLSnGsptwI09zDN/F77FfLy8f9CKy+3dGa/yF73/78L8b9c6P+01v/t4h8iusrH/71W3kiuRnsD0Ip/evT9f6XQ/2nEvzn/bX//+5KPf7bYD+eqtH6T/a7/c4X+u8S/9ybjNdxKs3meSXJXwE7Szu/1/+rIy8d/5FD5q+e/tK/939VC+5N6/tsft/n8N9HxHPKNpP38R3f5+I/2rNfv/T9faDfo9f9Ca//Hm8rHf6yVl987j7e+9hv/hUL/g4p/a1cysh//V+vJf95v5//e/q8v+fh/sZ2ZdtbYbn1t7f+So/f/1wr9n8b+rzn/7XSwo74r8vH/oGe9Zvz/ksV97H/c/9cL7QYf/4hJe/03lo//hz3rte7/kaPX/8VCu0HH/+uD7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLTCTpeORpBO5z2k6MRFxKfv8aYwlS5WV8lKtvvzzzYjZLL8UHyX3avWlSq28ul5fqZYrtVp9OeJyVv5JjCSbtXqjvFZ5cOWgr9HkfrWy0ViqVhoRMZflfyU+3O9rabWxVnkQEVcPyr6U1jce3K+sl1dWN743OTk5GfMHczibVH/ZqK432qO3SyMWDtqOJx2TaxVfO5jLB8nP6lsb65VaK/96R5tafblS62izmJX9Ns4mjY2t9eVKo1qu1e/tj3eaLmTp7PzNH9+8PnWo/E7STmdOdloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvKZn0999HBHD7U9pRJSS5jfv9aj/9Hn1fPnl4qPd6c8Wdp7svoiI5CTnCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLt2jRBAEYQCtbgUNPYbRMJOZjiiigSOCJ9BjeBg9ipfwDgYGpgbLwm4PLPMDy8Amy3tJQX9UV0MXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBs7p67l6e6iUhxvjqL+Hr7/tnNH0r9uJ7uP1kw83RBD4dx/9jd3NZN+fc0yq/K0W+bN+n/3/trTNTe52BPhvu0NZ4zNLdvc+/r515EylVEtCW/TDlX1X53AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0yJHBw=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r0, 0x0, 0xee01) 62.484237ms ago: executing program 4 (id=11361): syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000640)='./file0\x00', 0x1000004, &(0x7f0000000140)=ANY=[], 0x4, 0x5d9, &(0x7f00000010c0)="$eJzs3U9rHOcdB/DvrNZrrQuOktiJ2wYqUvqHitqS1m2TgqlaTNEhlIBfgajlWHitBGlTlByKXfxCUoLeQC+55OCDz+1LEPRYKPRURC8uMzu72tiyLCWWdhV/Pvaz8zx6Zn7zm9/OjHZXAgV4aS3PpfkwRZbn3tsqxzvbne7OdufuoJ/kbJJG9T/NsvvPZOpBMpt+y3eTFHW44ln7ufbF5818ef9Gf9SoW7X+1EHbHc69umWpTnLpBcZ79I3jFcMjLINeHwSfBI+f7z/HuPupY4zNYbT6i+IZz8VMci7JdH0fGJy4jRPM8FhMzAUIAAAAx+iV3exmK+fHnQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJvXf/y/q1hj0Z1MM/v5/q/5a6v6p9nDcCQAAAAAAAADAC/CD3exmK+cH48dF9TP/t6vBherxO/k4m1nNRi5nKyvppZeNLCSZGQnU2lrp9TYWDrHl4r5bLp7M8QIAAAAAAADAt9Rfsrz3838AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgERTLVX1TtwqA/k0YzyXSSVrneveQfg/5p9nDcCQAAAMAJeGU3u9nK+cH4cVG953+jet8/nY+znl7W0ks3q7lZfRbQf9ff2NnudHe2O3fL9nTc3/77SGlUEdP/7GH/PV+q1mjn1p1mvc0f82G6uZlGtWXp0iCf/fO6X+ZU/KZ2yMxu1ssiKb5ffxoyGWaqipzJraxVNZqvcyur8erBlTjis/PknhbSGH7yc+EYan6uXpY1n57omi+OnH1vHFyJ5EfX/rt+u7t+5/atzbnJOaSv6clKdEYq8eZLVYn5qhIXh+Pl/D43MpfZvJ+NrOVPWUkvq5nN9aq3Up/P5ePMwZVa+sro/edl0qqfl/5d9Gg5vV1tez5r+UM+zM2s5pdZzNW8k4X8qvp3deQZvniIq75xtKv+hz+tO68lRbu/nBBlXV8dqevoPXemmhv9yl6VXnvx98bm9+rOVFI0hzlNgicrsTBSidcPrsRfH5ePm931Oxu3Vz465P5+Ui/L7xJnn/td4iTr1KrP3v4rla+eHeXc6/vOLVRzF4ZzjafmLg7nnnelturXcE9HWqzm3tx3rlPNXRqZaw/nLg9fbwEw8c797Fyr/a/239uftR+0b7ffm/7d2XfOvtXKmUdnft2cn/px463ib/ksf957/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx9m598emel213d0NHR0Rl2xn1n4iRc6d396MrmJ5/+fO3uygerH6yud+Z/sfhuZ2Hx3atXbq11V+f7j+NOk2Oyd9GPOxMAAAAAAAAAAACO4iR+nXTcxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDpsTyX5sMUWZi/PF+Od7Y73bIN+ntrNpI0y+X/kqkHyWz6LTMj4Ypn7efaF5838+X9G3uxGoP1pw7a7nDu1S1LdZJLLzDeo28crxgeYRn0+iA4jNv/AwAA///YHBzc") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000002200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000, 0x0) 56.544247ms ago: executing program 3 (id=11362): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r0, &(0x7f0000000240)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_ENTRY(r0, &(0x7f0000000140)={0x90, 0x0, r1, {0x4000000000007, 0x0, 0x8, 0xe, 0x0, 0x1, {0x2000000002, 0x0, 0x6, 0x5, 0x8, 0x7, 0x7, 0x3, 0x7ff, 0x0, 0x7, r2, r3, 0x5, 0xfff}}}, 0x90) 0s ago: executing program 1 (id=11363): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, r1, 0x1, 0x70bd26, 0x0, {0x22}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x10) kernel console output (not intermixed with test programs): 786] netlink: 132 bytes leftover after parsing attributes in process `syz.0.10217'. [ 928.993846][ T5769] ocfs2: Unmounting device (7,3) on (node local) [ 929.077198][T28793] loop4: detected capacity change from 0 to 64 [ 929.431298][T28801] netlink: 'syz.1.10223': attribute type 15 has an invalid length. [ 929.487030][T28801] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10223'. [ 929.650682][T28807] loop3: detected capacity change from 0 to 2048 [ 929.728135][T28811] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 929.766003][T28807] NILFS error (device loop3): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=104, inode=18446744073709551376, rec_len=255, name_len=5 [ 929.807840][T28807] Remounting filesystem read-only [ 930.004813][T28813] loop4: detected capacity change from 0 to 4096 [ 930.079259][T28813] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 930.189288][T28813] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 930.672091][T28808] loop0: detected capacity change from 0 to 32768 [ 930.962525][T28835] PKCS7: Unknown OID: [4] 0.0 [ 930.968170][T28835] PKCS7: Only support pkcs7_signedData type [ 931.045177][T28837] loop4: detected capacity change from 0 to 8 [ 931.063617][T28837] SQUASHFS error: zlib decompression failed, data probably corrupt [ 931.091420][T28837] SQUASHFS error: Failed to read block 0x9b: -5 [ 931.097787][T28837] SQUASHFS error: Unable to read metadata cache entry [99] [ 931.131865][T28837] SQUASHFS error: Unable to read inode 0x127 [ 931.157193][T28841] loop1: detected capacity change from 0 to 64 [ 931.600796][ T5773] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 931.766316][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.773342][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 931.820234][ T5773] usb 4-1: Using ep0 maxpacket: 16 [ 931.827927][ T5773] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 931.849144][ T5773] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 52, changing to 9 [ 931.889457][ T5773] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 8241, setting to 1024 [ 931.928778][ T5773] usb 4-1: config 0 interface 0 has no altsetting 0 [ 931.952495][ T5773] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 931.969420][ T5773] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 931.984248][ T5773] usb 4-1: Product: syz [ 931.990400][ T5773] usb 4-1: Manufacturer: syz [ 931.995068][ T5773] usb 4-1: SerialNumber: syz [ 932.028441][ T5773] usb 4-1: config 0 descriptor?? [ 932.276286][ T5773] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input47 [ 932.546422][T20865] usb 4-1: USB disconnect, device number 63 [ 932.552796][ C1] synaptics_usb 4-1:0.0: synusb_irq - usb_submit_urb failed with result: -19 [ 932.734113][T28879] loop4: detected capacity change from 0 to 4096 [ 932.832744][T28879] ntfs: volume version 3.1. [ 932.874086][T28879] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 932.909835][T28879] ntfs: (device loop4): load_and_init_quota(): Failed to find inode number for $Quota. [ 932.962503][T28879] ntfs: (device loop4): load_system_files(): Failed to load $Quota. Mounting read-only. Run chkdsk. [ 932.999263][T28879] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 933.017180][T28879] ntfs: (device loop4): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl. [ 933.027461][T28879] ntfs: (device loop4): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 933.213297][T28895] Zero length message leads to an empty skb [ 933.223180][T28894] loop1: detected capacity change from 0 to 164 [ 933.618871][T28899] loop0: detected capacity change from 0 to 2048 [ 933.651875][T28899] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 933.748893][T28899] UDF-fs: error (device loop0): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 934.377895][T28926] [U]  [ 934.403358][T28930] loop4: detected capacity change from 0 to 1024 [ 935.220524][T28958] (unnamed net_device) (uninitialized): option arp_interval: mode dependency failed, not supported in mode balance-tlb(5) [ 936.047957][T28984] netlink: 'syz.0.10302': attribute type 1 has an invalid length. [ 936.089629][T28984] netlink: 10916 bytes leftover after parsing attributes in process `syz.0.10302'. [ 936.424252][T28991] loop3: detected capacity change from 0 to 4096 [ 936.470532][T28991] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 936.564244][T28991] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 936.610759][T28968] loop4: detected capacity change from 0 to 32768 [ 936.757586][T28968] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 936.793542][T29004] loop0: detected capacity change from 0 to 164 [ 936.985439][T29006] loop1: detected capacity change from 0 to 2048 [ 937.172456][T27691] ocfs2: Unmounting device (7,4) on (node local) [ 937.415048][T29016] loop4: detected capacity change from 0 to 256 [ 937.445742][T29016] exfat: Deprecated parameter 'utf8' [ 937.512284][T29016] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 937.673275][T29023] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 938.165745][T29041] netlink: 'syz.0.10324': attribute type 46 has an invalid length. [ 938.283369][T29043] xt_SECMARK: invalid mode: 2 [ 939.183451][T29078] vlan0: entered promiscuous mode [ 939.207683][T29079] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 939.338996][T29083] loop3: detected capacity change from 0 to 764 [ 939.396627][T29083] rock: directory entry would overflow storage [ 939.415755][T29083] rock: sig=0x4654, size=5, remaining=4 [ 940.247759][T29112] netlink: 'syz.4.10361': attribute type 4 has an invalid length. [ 940.333343][T29118] netlink: 'syz.3.10363': attribute type 8 has an invalid length. [ 940.346993][T29116] loop0: detected capacity change from 0 to 2048 [ 940.401133][T29116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 940.428059][T29116] ext4 filesystem being mounted at /2623/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 940.613495][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 941.007147][T29141] loop3: detected capacity change from 0 to 512 [ 941.054386][T29141] EXT4-fs: Ignoring removed nobh option [ 941.153112][T29144] loop4: detected capacity change from 0 to 256 [ 941.206455][T29141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 941.252829][T29144] FAT-fs (loop4): Directory bread(block 64) failed [ 941.277480][T29144] FAT-fs (loop4): Directory bread(block 65) failed [ 941.302373][T29141] ext4 filesystem being mounted at /2646/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 941.324240][T29144] FAT-fs (loop4): Directory bread(block 66) failed [ 941.344832][T29144] FAT-fs (loop4): Directory bread(block 67) failed [ 941.361880][T29144] FAT-fs (loop4): Directory bread(block 68) failed [ 941.368542][T29144] FAT-fs (loop4): Directory bread(block 69) failed [ 941.379361][T20865] usb 1-1: new high-speed USB device number 62 using dummy_hcd [ 941.396102][T29144] FAT-fs (loop4): Directory bread(block 70) failed [ 941.418595][T29144] FAT-fs (loop4): Directory bread(block 71) failed [ 941.456211][T29144] FAT-fs (loop4): Directory bread(block 72) failed [ 941.479364][T29144] FAT-fs (loop4): Directory bread(block 73) failed [ 941.502958][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 941.585571][T20865] usb 1-1: Using ep0 maxpacket: 16 [ 941.615031][T20865] usb 1-1: config 0 has no interfaces? [ 941.632779][T20865] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 941.656007][T20865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 941.708732][T20865] usb 1-1: Product: syz [ 941.714055][T20865] usb 1-1: Manufacturer: syz [ 941.720303][T20865] usb 1-1: SerialNumber: syz [ 941.727386][T20865] r8152-cfgselector 1-1: config 0 descriptor?? [ 941.825245][T29149] loop1: detected capacity change from 0 to 32768 [ 941.831839][T29151] loop3: detected capacity change from 0 to 1024 [ 941.847966][T29149] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 941.922005][T29149] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 941.960844][T20865] usbip-host 1-1: 1-1 is not in match_busid table... skip! [ 942.182219][ T5810] usb 1-1: USB disconnect, device number 62 [ 942.302944][ T5772] ocfs2: Unmounting device (7,1) on (node local) [ 942.831179][T29173] netlink: 72 bytes leftover after parsing attributes in process `syz.4.10387'. [ 943.371787][T29165] loop3: detected capacity change from 0 to 32768 [ 943.423262][T29187] loop4: detected capacity change from 0 to 4096 [ 943.696618][T29198] loop1: detected capacity change from 0 to 1024 [ 943.870516][T29198] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 944.038320][T29206] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10402'. [ 944.178188][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 944.199576][T29210] usb usb9: usbfs: process 29210 (syz.4.10404) did not claim interface 3 before use [ 944.341325][T29212] loop3: detected capacity change from 0 to 64 [ 944.466043][T29216] loop1: detected capacity change from 0 to 256 [ 944.473968][T29212] syz.3.10406: attempt to access beyond end of device [ 944.473968][T29212] loop3: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 944.497645][T29216] exfat: Deprecated parameter 'utf8' [ 944.522533][T29212] Buffer I/O error on dev loop3, logical block 134217734, lost async page write [ 944.558867][T29218] loop4: detected capacity change from 0 to 256 [ 944.567072][T29216] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 944.601865][T29218] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011e4c, chksum : 0x8a43d0b8, utbl_chksum : 0xe619d30d) [ 944.708431][T20865] hid-generic 0002:0001:0D97.0001: item fetching failed at offset 0/2 [ 944.758147][T20865] hid-generic: probe of 0002:0001:0D97.0001 failed with error -22 [ 945.733074][T29248] atomic_op ffff888077c25198 conn xmit_atomic 0000000000000000 [ 946.361721][T29273] loop3: detected capacity change from 0 to 128 [ 946.395608][T29273] VFS: Found a Xenix FS (block size = 1024) on device loop3 [ 946.548129][ T5769] sysv_free_block: flc_count > flc_size [ 946.556969][ T5769] sysv_free_block: flc_count > flc_size [ 946.577400][ T5769] sysv_free_block: flc_count > flc_size [ 946.590067][ T5769] sysv_free_block: flc_count > flc_size [ 946.618489][ T5769] sysv_free_block: flc_count > flc_size [ 946.643425][ T5769] sysv_free_block: flc_count > flc_size [ 946.659762][ T5769] sysv_free_block: flc_count > flc_size [ 946.667838][ T5769] sysv_free_block: flc_count > flc_size [ 946.674422][ T5769] sysv_free_block: flc_count > flc_size [ 946.691849][ T5769] sysv_free_block: flc_count > flc_size [ 946.720769][ T5769] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 946.945304][T29289] loop4: detected capacity change from 0 to 1024 [ 947.080664][T29289] hfsplus: bad catalog entry type [ 947.266779][T25311] hfsplus: b-tree write err: -5, ino 25 [ 947.276744][T25311] hfsplus: b-tree write err: -5, ino 4 [ 947.309344][T25311] hfsplus: b-tree write err: -5, ino 2 [ 947.382641][T29302] loop0: detected capacity change from 0 to 128 [ 947.566880][T29302] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 947.642850][T29302] ext4 filesystem being mounted at /2647/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 947.924044][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 948.789110][ T28] audit: type=1326 audit(1777303062.739:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.4.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38ca99cdd9 code=0x7ffc0000 [ 948.842208][ T28] audit: type=1326 audit(1777303062.749:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.4.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38ca99cdd9 code=0x7ffc0000 [ 948.865916][ T28] audit: type=1326 audit(1777303062.749:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.4.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38ca99cdd9 code=0x7ffc0000 [ 948.888448][ C0] vkms_vblank_simulate: vblank timer overrun [ 948.904115][ T28] audit: type=1326 audit(1777303062.749:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.4.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f38ca99cdd9 code=0x7ffc0000 [ 948.996594][ T28] audit: type=1326 audit(1777303062.769:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.4.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38ca99cdd9 code=0x7ffc0000 [ 949.019277][ C0] vkms_vblank_simulate: vblank timer overrun [ 949.118468][ T28] audit: type=1326 audit(1777303062.769:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.4.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38ca99cdd9 code=0x7ffc0000 [ 949.162726][T29352] loop3: detected capacity change from 0 to 64 [ 949.193060][ T28] audit: type=1326 audit(1777303062.769:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.4.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f38ca99cdd9 code=0x7ffc0000 [ 949.275313][ T28] audit: type=1326 audit(1777303062.779:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.4.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f38ca99cdd9 code=0x7ffc0000 [ 950.228660][T29362] loop4: detected capacity change from 0 to 32768 [ 950.313031][T29362] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 950.341608][T29375] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10480'. [ 950.452527][T29362] XFS (loop4): Ending clean mount [ 950.469252][T29364] loop3: detected capacity change from 0 to 40427 [ 950.492694][T29364] F2FS-fs (loop3): Invalid log blocks per segment (4278190089) [ 950.510083][T29364] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 950.587644][T29364] F2FS-fs (loop3): invalid crc value [ 950.615668][T29364] F2FS-fs (loop3): Found nat_bits in checkpoint [ 950.789302][T27691] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 950.810286][T29364] F2FS-fs (loop3): Try to recover 1th superblock, ret: -30 [ 950.817620][T29364] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 951.344744][T29398] netlink: 96 bytes leftover after parsing attributes in process `syz.0.10487'. [ 951.427846][T29398] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10487'. [ 951.458649][T29398] netlink: 80 bytes leftover after parsing attributes in process `syz.0.10487'. [ 951.714890][T29409] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10492'. [ 951.947230][T29416] loop1: detected capacity change from 0 to 2048 [ 952.009533][T29416] loop1: p3 < > p4 < > [ 952.014251][T29416] loop1: partition table partially beyond EOD, truncated [ 952.029419][ T5830] usb 4-1: new full-speed USB device number 64 using dummy_hcd [ 952.040809][T29416] loop1: p3 start 4284289 is beyond EOD, truncated [ 952.123629][T29420] loop0: detected capacity change from 0 to 256 [ 952.221373][ T5830] usb 4-1: unable to get BOS descriptor or descriptor too short [ 952.230626][ T5830] usb 4-1: not running at top speed; connect to a high speed hub [ 952.244845][ T5830] usb 4-1: config 1 interface 0 altsetting 204 endpoint 0x82 has invalid maxpacket 1023, setting to 64 [ 952.273121][ T5830] usb 4-1: config 1 interface 0 has no altsetting 0 [ 952.296011][ T5830] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 952.329365][ T5830] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 952.345879][T29420] FAT-fs (loop0): Directory bread(block 64) failed [ 952.368618][T29420] FAT-fs (loop0): Directory bread(block 65) failed [ 952.369977][ T5830] usb 4-1: Product: syz [ 952.389532][T29420] FAT-fs (loop0): Directory bread(block 66) failed [ 952.396326][T29420] FAT-fs (loop0): Directory bread(block 67) failed [ 952.411466][ T5830] usb 4-1: Manufacturer: syz [ 952.416150][ T5830] usb 4-1: SerialNumber: syz [ 952.426699][T29420] FAT-fs (loop0): Directory bread(block 68) failed [ 952.441294][T29412] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 952.455588][T29420] FAT-fs (loop0): Directory bread(block 69) failed [ 952.463198][T29420] FAT-fs (loop0): Directory bread(block 70) failed [ 952.474104][T29420] FAT-fs (loop0): Directory bread(block 71) failed [ 952.481250][T29420] FAT-fs (loop0): Directory bread(block 72) failed [ 952.503101][T29420] FAT-fs (loop0): Directory bread(block 73) failed [ 952.518368][T29428] loop1: detected capacity change from 0 to 512 [ 952.533176][T29428] EXT4-fs: Ignoring removed orlov option [ 952.559631][T29428] EXT4-fs (loop1): Test dummy encryption mode enabled [ 952.577001][T29428] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 952.654440][T29428] EXT4-fs (loop1): 1 truncate cleaned up [ 952.665202][T29428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 952.680012][T29420] syz.0.10498: attempt to access beyond end of device [ 952.680012][T29420] loop0: rw=524288, sector=1192, nr_sectors = 4 limit=256 [ 952.742282][T29420] syz.0.10498: attempt to access beyond end of device [ 952.742282][T29420] loop0: rw=0, sector=1192, nr_sectors = 4 limit=256 [ 952.760829][ T5830] usb 4-1: bad CDC descriptors [ 952.770941][ T5830] usb 4-1: USB disconnect, device number 64 [ 952.790644][ T28] audit: type=1800 audit(1777303066.759:441): pid=29420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.10498" name="file1" dev="loop0" ino=1048710 res=0 errno=0 [ 952.950329][T29434] loop4: detected capacity change from 0 to 256 [ 952.966974][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 952.981254][T29434] exfat: Deprecated parameter 'utf8' [ 953.055089][T29434] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 953.133285][T29436] program syz.0.10505 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 953.338329][T29442] loop1: detected capacity change from 0 to 24 [ 953.599493][T29447] nbd: couldn't find device at index 10240 [ 953.974475][T29458] loop1: detected capacity change from 0 to 4096 [ 954.052420][T29463] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 954.196275][ T28] audit: type=1800 audit(1777303068.159:442): pid=29458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.10514" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 954.300507][T29469] loop0: detected capacity change from 0 to 2048 [ 954.376899][T29469] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 954.575835][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 954.869644][T29483] loop4: detected capacity change from 0 to 512 [ 954.886514][T29483] EXT4-fs: Ignoring removed nomblk_io_submit option [ 954.945471][T29483] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 954.959291][T29483] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 955.000078][T29456] loop3: detected capacity change from 0 to 40427 [ 955.031562][T29456] F2FS-fs (loop3): Corrupted extension count (64 + 1 > 64) [ 955.038858][T29456] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 955.067497][T29483] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4059: comm syz.4.10524: Allocating blocks 41-42 which overlap fs metadata [ 955.084661][T29456] F2FS-fs (loop3): invalid crc value [ 955.113814][T29483] EXT4-fs (loop4): Remounting filesystem read-only [ 955.150664][T29483] Quota error (device loop4): write_blk: dquota write failed [ 955.158142][T29483] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 955.229531][T29483] Quota error (device loop4): write_blk: dquota write failed [ 955.237659][T29483] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 955.306542][T29483] EXT4-fs (loop4): 1 truncate cleaned up [ 955.330576][T29483] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 955.468127][T27691] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 955.469775][T29456] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 955.494376][T29456] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 955.649466][T29499] tipc: Started in network mode [ 955.654446][T29499] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 955.714952][T29499] tipc: Enabling of bearer rejected, failed to enable media [ 955.739694][T29486] f2fs_ckpt-7:3: attempt to access beyond end of device [ 955.739694][T29486] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 955.789139][T29486] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 955.987636][T29504] loop4: detected capacity change from 0 to 2048 [ 956.059808][T29504] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 956.318744][T29510] program syz.1.10534 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 956.332896][T27691] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 956.394277][T29511] program syz.1.10534 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 956.449203][T29511] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 956.464990][T29494] loop0: detected capacity change from 0 to 40427 [ 956.473319][T29494] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 956.483068][T29494] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 956.496657][T29494] F2FS-fs (loop0): Found nat_bits in checkpoint [ 956.641346][T29494] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 956.648480][T29494] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 956.895288][T29494] F2FS-fs (loop0): Unrecognized mount option "stripe=0x0000000000000000" or missing value [ 957.272479][T29533] loop4: detected capacity change from 0 to 1024 [ 957.342244][T29534] loop1: detected capacity change from 0 to 2048 [ 957.350871][T29534] EXT4-fs: Ignoring removed mblk_io_submit option [ 957.408021][T29534] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 957.461401][T29534] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.10542: bg 0: block 234: padding at end of block bitmap is not set [ 957.536073][T20662] hfsplus: b-tree write err: -5, ino 25 [ 957.559646][T20662] hfsplus: b-tree write err: -5, ino 4 [ 957.574863][T29534] EXT4-fs (loop1): Remounting filesystem read-only [ 957.588342][T20662] hfsplus: b-tree write err: -5, ino 2 [ 957.633121][T29534] EXT4-fs (loop1): error restoring inline_data for inode -- potential data loss! (inode 15, error -5) [ 957.697081][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 957.897590][T29543] loop3: detected capacity change from 0 to 1764 [ 957.988158][ T5759] kernel write not supported for file /snd/midiC2D0 (pid: 5759 comm: kworker/0:3) [ 958.330708][T29555] netlink: 'syz.3.10552': attribute type 2 has an invalid length. [ 958.343605][T29556] loop4: detected capacity change from 0 to 64 [ 958.359273][T29555] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10552'. [ 958.662913][T29563] loop3: detected capacity change from 0 to 256 [ 958.701719][T29563] FAT-fs (loop3): Directory bread(block 64) failed [ 958.716948][T29563] FAT-fs (loop3): Directory bread(block 65) failed [ 958.730322][T29563] FAT-fs (loop3): Directory bread(block 66) failed [ 958.747655][T29563] FAT-fs (loop3): Directory bread(block 67) failed [ 958.779475][T29563] FAT-fs (loop3): Directory bread(block 68) failed [ 958.799280][T29563] FAT-fs (loop3): Directory bread(block 69) failed [ 958.819483][T29563] FAT-fs (loop3): Directory bread(block 70) failed [ 958.826160][T29563] FAT-fs (loop3): Directory bread(block 71) failed [ 958.869733][T29563] FAT-fs (loop3): Directory bread(block 72) failed [ 958.876358][T29563] FAT-fs (loop3): Directory bread(block 73) failed [ 958.896219][T29550] loop0: detected capacity change from 0 to 32768 [ 959.314605][T29572] loop1: detected capacity change from 0 to 4096 [ 959.428208][T29575] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10562'. [ 959.452137][T29575] netlink: 7 bytes leftover after parsing attributes in process `syz.3.10562'. [ 959.552556][T29572] ntfs3: loop1: failed to convert "0000" to iso8859-9 [ 959.561022][T29572] ntfs3: loop1: failed to convert name for inode 1e. [ 960.339356][T29594] vivid-000: disconnect [ 960.378826][T29590] vivid-000: reconnect [ 960.621179][T29578] loop3: detected capacity change from 0 to 32768 [ 960.734507][T29578] ERROR: (device loop3): dbAdjCtl: the maximum free buddy is not the old root [ 960.734507][T29578] [ 960.783785][T29578] ERROR: (device loop3): remounting filesystem as read-only [ 960.918303][T29604] CIFS mount error: No usable UNC path provided in device string! [ 960.918303][T29604] [ 960.969249][T29604] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 961.529295][ T5811] usb 4-1: new high-speed USB device number 65 using dummy_hcd [ 961.693477][T29625] loop4: detected capacity change from 0 to 64 [ 961.709208][ T5773] usb 2-1: new high-speed USB device number 80 using dummy_hcd [ 961.729534][ T5811] usb 4-1: Using ep0 maxpacket: 16 [ 961.754945][ T5811] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 961.790417][ T5811] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 961.814689][ T5811] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 961.849301][ T5811] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 961.858526][ T5811] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 961.910523][ T5811] usb 4-1: config 0 descriptor?? [ 961.927010][ T5773] usb 2-1: config index 0 descriptor too short (expected 19, got 18) [ 961.948314][ T5773] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 961.986926][ T5773] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 962.010773][ T5773] usb 2-1: Product: syz [ 962.015046][ T5773] usb 2-1: Manufacturer: syz [ 962.038477][ T5773] usb 2-1: SerialNumber: syz [ 962.056355][ T5773] usb 2-1: config 0 descriptor?? [ 962.065819][T29629] loop4: detected capacity change from 0 to 128 [ 962.085081][ T5773] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 962.118733][ T5773] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 962.133724][ T5773] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 962.152540][T29629] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 962.170728][ T5773] usb 2-1: media controller created [ 962.191199][T29629] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 962.223230][ T5773] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 962.393725][ T5811] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 962.419884][ T5811] microsoft 0003:045E:07DA.0002: ignoring exceeding usage max [ 962.456403][ T5773] DVB: Unable to find symbol mt352_attach() [ 962.476319][ T5811] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0002/input/input48 [ 962.624195][ T5773] DVB: Unable to find symbol nxt6000_attach() [ 962.646537][ T5773] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 962.671039][ T5811] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 962.710328][ T5773] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input49 [ 962.744472][ T5773] dvb-usb: schedule remote query interval to 1000 msecs. [ 962.753494][ T5811] usb 4-1: USB disconnect, device number 65 [ 962.756381][ T5773] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 962.770572][ T5773] dvb-usb: bulk message failed: -22 (7/0) [ 962.776458][ T5773] dvb-usb: bulk message failed: -22 (7/0) [ 962.825434][ T5773] usb 2-1: USB disconnect, device number 80 [ 963.047007][T29635] fido_id[29635]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 963.124522][ T5773] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 963.295780][T29642] loop1: detected capacity change from 0 to 1024 [ 963.348579][T29642] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 963.471220][T29648] loop0: detected capacity change from 0 to 64 [ 963.532640][T29642] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 963.589279][T29642] EXT4-fs (loop1): stripe (536871160) is not aligned with cluster size (16), stripe is disabled [ 963.613518][T29648] Trying to free block not in datazone [ 963.630589][T29642] EXT4-fs (loop1): can't enable nombcache during remount [ 963.713840][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 963.938650][T29653] loop3: detected capacity change from 0 to 2048 [ 963.946819][T29656] tipc: Started in network mode [ 963.960138][T29656] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 964.005402][T29656] tipc: Enabled bearer , priority 10 [ 964.021922][T29653] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 964.245508][T29643] loop4: detected capacity change from 0 to 32768 [ 964.334438][T29643] ERROR: (device loop4): diAllocAG: free inode not found in summary map [ 964.334438][T29643] [ 964.389635][T29643] ERROR: (device loop4): remounting filesystem as read-only [ 964.397028][T29643] ialloc: diAlloc returned -5! [ 964.930326][T29657] loop1: detected capacity change from 0 to 32768 [ 964.997348][T29657] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 965.018183][T29659] loop0: detected capacity change from 0 to 40427 [ 965.038438][T29659] F2FS-fs (loop0): invalid crc value [ 965.058137][T29659] F2FS-fs (loop0): Found nat_bits in checkpoint [ 965.112766][T20865] tipc: Node number set to 4269801488 [ 965.225700][T29657] XFS (loop1): Ending clean mount [ 965.235846][T29659] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 965.282351][T29657] XFS (loop1): Quotacheck needed: Please wait. [ 965.389068][T29657] XFS (loop1): Quotacheck: Done. [ 965.423190][ T5770] syz-executor: attempt to access beyond end of device [ 965.423190][ T5770] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 965.453346][ T5770] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 965.602932][T29663] loop3: detected capacity change from 0 to 32768 [ 965.874874][ T5772] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 966.789332][T20865] usb 2-1: new high-speed USB device number 81 using dummy_hcd [ 966.998631][T29685] loop0: detected capacity change from 0 to 32768 [ 967.009153][T20865] usb 2-1: Using ep0 maxpacket: 32 [ 967.032107][T20865] usb 2-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f [ 967.049173][T20865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 967.057333][T20865] usb 2-1: Product: syz [ 967.087343][T20865] usb 2-1: Manufacturer: syz [ 967.101909][T29685] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 967.110884][T20865] usb 2-1: SerialNumber: syz [ 967.118143][T20865] usb 2-1: config 0 descriptor?? [ 967.136770][T20865] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state. [ 967.198243][T20865] dvb-usb: bulk message failed: -22 (4/0) [ 967.236185][T20865] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 967.267433][T20865] dvb-usb: bulk message failed: -22 (5/0) [ 967.268298][T29707] loop3: detected capacity change from 0 to 1024 [ 967.300650][T20865] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 967.368923][T20865] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 967.380421][T29685] XFS (loop0): Ending clean mount [ 967.394073][T20865] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0) [ 967.402411][T20865] usb 2-1: media controller created [ 967.429817][ T5773] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 967.484779][T20865] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 967.581319][T20865] usb 2-1: selecting invalid altsetting 3 [ 967.607675][T20865] ttusb2: set interface to alts=3 failed [ 967.631162][ T5770] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 967.640253][ T5773] usb 5-1: Using ep0 maxpacket: 16 [ 967.656184][ T5773] usb 5-1: unable to get BOS descriptor or descriptor too short [ 967.670787][ T5773] usb 5-1: config 1 has an invalid interface number: 107 but max is 2 [ 967.702401][ T5773] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 967.763565][ T5773] usb 5-1: config 1 has 4 interfaces, different from the descriptor's value: 3 [ 967.773183][ T5773] usb 5-1: config 1 has no interface number 3 [ 967.780701][ T5773] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 967.794197][ T5773] usb 5-1: config 1 interface 2 has no altsetting 0 [ 967.808156][T20865] DVB: Unable to find symbol tda10086_attach() [ 967.843535][T20865] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0' [ 967.865889][ T5773] usb 5-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40 [ 967.900243][T20865] dvb-usb: bulk message failed: -22 (4/0) [ 967.906726][ T5773] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 967.916474][T20865] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 967.937112][ T5773] usb 5-1: Product: syz [ 967.969358][T20865] dvb-usb: bulk message failed: -22 (5/0) [ 967.975424][ T5773] usb 5-1: Manufacturer: syz [ 967.989310][ T5773] usb 5-1: SerialNumber: syz [ 968.002051][T20865] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 968.056522][T20865] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected. [ 968.082339][T20865] usb 2-1: USB disconnect, device number 81 [ 968.101908][T29712] binder_alloc: binder_alloc_mmap_handler: 29711 200000ffd000-200000fff000 already mapped failed -16 [ 968.129303][ T28] audit: type=1326 audit(1777303082.089:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29713 comm="syz.1.10616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 968.211595][T20865] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected. [ 968.223325][ T28] audit: type=1326 audit(1777303082.089:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29713 comm="syz.1.10616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 968.285361][ T5773] usb 5-1: Audio class v2/v3 interfaces need an interface association [ 968.297359][ T28] audit: type=1326 audit(1777303082.139:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29713 comm="syz.1.10616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 968.333930][ T5773] snd-usb-audio: probe of 5-1:1.0 failed with error -22 [ 968.357007][ T5773] usb 5-1: selecting invalid altsetting 0 [ 968.370086][ T28] audit: type=1326 audit(1777303082.139:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29713 comm="syz.1.10616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 968.412227][ T5773] usb 5-1: Audio class v2/v3 interfaces need an interface association [ 968.434454][ T5773] snd-usb-audio: probe of 5-1:1.107 failed with error -22 [ 968.442021][ T28] audit: type=1326 audit(1777303082.179:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29713 comm="syz.1.10616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 968.479763][ T5773] usb 5-1: USB disconnect, device number 21 [ 968.558168][T24268] udevd[24268]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 968.575598][ T28] audit: type=1326 audit(1777303082.219:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29713 comm="syz.1.10616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 968.625402][T29717] loop3: detected capacity change from 0 to 512 [ 968.677914][ T28] audit: type=1326 audit(1777303082.219:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29713 comm="syz.1.10616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 968.679780][T29717] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 968.777831][ T28] audit: type=1326 audit(1777303082.219:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29713 comm="syz.1.10616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 968.872004][T29717] EXT4-fs (loop3): 1 truncate cleaned up [ 968.905232][T29717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 968.917714][T29725] loop4: detected capacity change from 0 to 256 [ 969.064280][T29725] FAT-fs (loop4): Directory bread(block 64) failed [ 969.083352][T29725] FAT-fs (loop4): Directory bread(block 65) failed [ 969.115820][T29725] FAT-fs (loop4): Directory bread(block 66) failed [ 969.143435][T29725] FAT-fs (loop4): Directory bread(block 67) failed [ 969.164722][T29725] FAT-fs (loop4): Directory bread(block 68) failed [ 969.186353][T29725] FAT-fs (loop4): Directory bread(block 69) failed [ 969.203392][T29725] FAT-fs (loop4): Directory bread(block 70) failed [ 969.240617][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 969.259561][T29725] FAT-fs (loop4): Directory bread(block 71) failed [ 969.266338][T29725] FAT-fs (loop4): Directory bread(block 72) failed [ 969.302038][T29732] loop1: detected capacity change from 0 to 4096 [ 969.309385][T29725] FAT-fs (loop4): Directory bread(block 73) failed [ 969.338687][T29732] NILFS (loop1): invalid segment: Checksum error in segment payload [ 969.354849][T29732] NILFS (loop1): trying rollback from an earlier position [ 969.419692][T29732] NILFS (loop1): recovery complete [ 969.453126][T29735] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 969.639589][T29739] netlink: 'syz.3.10624': attribute type 5 has an invalid length. [ 969.678030][ T28] audit: type=1800 audit(1777303083.639:451): pid=29732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.10623" name="file0" dev="loop1" ino=12 res=0 errno=0 [ 969.804785][T29743] loop4: detected capacity change from 0 to 64 [ 969.984071][T29746] ipvlan2: entered promiscuous mode [ 970.026395][T29746] bridge0: port 1(ipvlan2) entered blocking state [ 970.064494][T29746] bridge0: port 1(ipvlan2) entered disabled state [ 970.091780][T29746] ipvlan2: entered allmulticast mode [ 970.114585][T29746] bridge0: entered allmulticast mode [ 970.131344][T29746] ipvlan2: left allmulticast mode [ 970.149316][T29746] bridge0: left allmulticast mode [ 970.231609][T29756] loop0: detected capacity change from 0 to 512 [ 970.242170][T29756] EXT4-fs: Ignoring removed nomblk_io_submit option [ 970.319193][T29756] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 970.348746][T29756] ext4 filesystem being mounted at /2695/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 970.546307][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 970.641600][T29766] loop4: detected capacity change from 0 to 164 [ 970.701341][T29766] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 970.784543][T29769] loop3: detected capacity change from 0 to 512 [ 970.845073][T29769] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 970.883581][T29773] sp0: Synchronizing with TNC [ 970.918120][T29769] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.10638: invalid indirect mapped block 9 (level 0) [ 970.956980][T29772] [U] è [ 970.970317][T29769] EXT4-fs (loop3): 1 truncate cleaned up [ 971.022586][T29769] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 971.069758][ T28] audit: type=1800 audit(1777303085.039:452): pid=29769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.10638" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 971.140041][T29778] loop4: detected capacity change from 0 to 1024 [ 971.172334][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 971.233039][T29778] hfsplus: bad catalog entry type [ 971.380638][ T1081] hfsplus: b-tree write err: -5, ino 25 [ 971.386859][ T1081] hfsplus: b-tree write err: -5, ino 4 [ 971.435541][ T1081] hfsplus: b-tree write err: -5, ino 2 [ 971.511573][T29788] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10643'. [ 971.884023][T29803] loop3: detected capacity change from 0 to 64 [ 971.983172][T29803] Trying to free block not in datazone [ 972.410865][T29820] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10656'. [ 972.432963][T29818] loop1: detected capacity change from 0 to 1024 [ 972.529285][T29818] hfsplus: bad catalog entry type [ 972.680996][T27883] hfsplus: b-tree write err: -5, ino 25 [ 972.708183][T27883] hfsplus: b-tree write err: -5, ino 4 [ 972.749186][T27883] hfsplus: b-tree write err: -5, ino 2 [ 972.804323][T29827] Bluetooth: MGMT ver 1.22 [ 973.742343][T29859] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 973.817336][T29821] set_capacity_and_notify: 1 callbacks suppressed [ 973.817355][T29821] loop0: detected capacity change from 0 to 40427 [ 973.883629][T29821] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 973.907360][T29821] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 973.971306][T29821] F2FS-fs (loop0): invalid crc value [ 973.998870][T29821] F2FS-fs (loop0): Found nat_bits in checkpoint [ 974.229424][T29821] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30 [ 974.236772][T29821] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 974.378812][T29821] F2FS-fs (loop0): Stopped filesystem due to reason: 0 [ 974.399267][ T5811] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 974.587943][T29880] loop3: detected capacity change from 0 to 16 [ 974.594498][ T5811] usb 5-1: Using ep0 maxpacket: 16 [ 974.603657][ T5811] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 974.618222][ T5811] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 974.630106][T29880] erofs: (device loop3): mounted with root inode @ nid 36. [ 974.655935][ T28] audit: type=1800 audit(1777303088.619:453): pid=29880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.10678" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 974.678212][T29880] syz.3.10678: attempt to access beyond end of device [ 974.678212][T29880] loop3: rw=0, sector=1342177272, nr_sectors = 8 limit=16 [ 974.699137][ T5811] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 974.711699][ T5811] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 974.737150][ T5811] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 974.759560][ T5811] usb 5-1: config 0 descriptor?? [ 974.879293][ T5759] usb 2-1: new low-speed USB device number 82 using dummy_hcd [ 974.937086][T29884] loop3: detected capacity change from 0 to 8 [ 975.095371][ T5759] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 975.127340][ T5759] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 8 [ 975.144877][ T5759] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 975.179657][ T5759] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 975.221135][ T5759] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 975.240402][ T5759] usb 2-1: config 0 descriptor?? [ 975.246321][T29881] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 975.291915][ T5811] hid-picolcd 0003:04D8:F002.0003: No report with id 0xf3 found [ 975.309364][ T5811] hid-picolcd 0003:04D8:F002.0003: No report with id 0xf4 found [ 975.428376][ T5773] usb 5-1: USB disconnect, device number 22 [ 975.700692][ T5759] gt683r_led 0003:1770:FF00.0004: unknown main item tag 0x2 [ 975.719096][ T5759] gt683r_led 0003:1770:FF00.0004: unknown main item tag 0x0 [ 975.739180][ T5759] gt683r_led 0003:1770:FF00.0004: unknown main item tag 0x0 [ 975.746669][ T5759] gt683r_led 0003:1770:FF00.0004: unknown main item tag 0x0 [ 975.775073][ T5759] gt683r_led 0003:1770:FF00.0004: unknown main item tag 0x0 [ 975.789094][ T5759] gt683r_led 0003:1770:FF00.0004: unknown main item tag 0x0 [ 975.827879][ T5759] gt683r_led 0003:1770:FF00.0004: hidraw0: USB HID v0.04 Device [HID 1770:ff00] on usb-dummy_hcd.1-1/input0 [ 975.994874][ T5759] usb 2-1: USB disconnect, device number 82 [ 976.023037][ T5811] gt683r_led 0003:1770:FF00.0004: failed to send set report request: -19 [ 976.280121][T29897] loop4: detected capacity change from 0 to 4096 [ 976.301127][T29897] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 976.326135][T29897] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 976.387752][T29897] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 976.426575][T29897] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 976.442138][T29897] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 976.465815][ T28] audit: type=1326 audit(1777303090.419:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29900 comm="syz.0.10685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 976.521631][T29897] ntfs: volume version 3.1. [ 976.531742][T29897] ntfs: (device loop4): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 976.536048][ T28] audit: type=1326 audit(1777303090.419:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29900 comm="syz.0.10685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 976.560032][T29897] ntfs: (device loop4): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 976.566576][ C1] vkms_vblank_simulate: vblank timer overrun [ 976.750376][T29909] loop3: detected capacity change from 0 to 164 [ 976.794961][T29909] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 977.094459][T29917] netlink: 80 bytes leftover after parsing attributes in process `syz.0.10691'. [ 977.105152][T29917] netlink: 56 bytes leftover after parsing attributes in process `syz.0.10691'. [ 977.202557][T29911] loop3: detected capacity change from 0 to 8192 [ 977.266436][T29911] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 977.313740][T29911] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 977.373033][T29911] REISERFS (device loop3): using ordered data mode [ 977.419157][T29911] reiserfs: using flush barriers [ 977.479173][T29911] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 977.528911][T29911] REISERFS (device loop3): checking transaction log (loop3) [ 977.769468][T29911] REISERFS (device loop3): Using tea hash to sort names [ 977.778689][T29914] loop4: detected capacity change from 0 to 32768 [ 977.787485][T29911] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 977.868318][T29914] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 978.085420][T29914] XFS (loop4): Ending clean mount [ 978.434936][T27691] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 978.899744][T29943] loop4: detected capacity change from 0 to 8 [ 978.942511][T29943] SQUASHFS error: Unable to read inode 0xa7 [ 979.017046][T29941] loop0: detected capacity change from 0 to 32768 [ 979.114641][T29941] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 979.269863][T29941] XFS (loop0): Ending clean mount [ 979.293219][T29962] loop1: detected capacity change from 0 to 512 [ 979.307061][T29962] EXT4-fs: Ignoring removed bh option [ 979.331135][T29962] EXT4-fs: Ignoring removed mblk_io_submit option [ 979.410160][T29962] EXT4-fs error (device loop1): ext4_iget_extra_inode:4739: inode #15: comm syz.1.10704: corrupted in-inode xattr: e_value size too large [ 979.431773][ T5770] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 979.478074][T29962] EXT4-fs error (device loop1): ext4_orphan_get:1409: comm syz.1.10704: couldn't read orphan inode 15 (err -117) [ 979.510688][T29962] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 979.743230][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 980.164130][T29977] loop0: detected capacity change from 0 to 256 [ 980.271966][T29977] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x5bae174d, utbl_chksum : 0xe619d30d) [ 980.303388][T29977] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 980.494903][T29983] loop3: detected capacity change from 0 to 1024 [ 980.903291][T29992] loop4: detected capacity change from 0 to 256 [ 980.946070][T29992] FAT-fs (loop4): Directory bread(block 64) failed [ 980.946113][T29992] FAT-fs (loop4): Directory bread(block 65) failed [ 980.946255][T29992] FAT-fs (loop4): Directory bread(block 66) failed [ 980.946286][T29992] FAT-fs (loop4): Directory bread(block 67) failed [ 980.946380][T29992] FAT-fs (loop4): Directory bread(block 68) failed [ 980.946408][T29992] FAT-fs (loop4): Directory bread(block 69) failed [ 980.946561][T29992] FAT-fs (loop4): Directory bread(block 70) failed [ 980.946590][T29992] FAT-fs (loop4): Directory bread(block 71) failed [ 980.946684][T29992] FAT-fs (loop4): Directory bread(block 72) failed [ 980.946721][T29992] FAT-fs (loop4): Directory bread(block 73) failed [ 981.234156][T29971] loop1: detected capacity change from 0 to 40427 [ 981.249400][T29971] F2FS-fs (loop1): Corrupted extension count (64 + 1 > 64) [ 981.304640][T29971] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 981.319841][T29971] F2FS-fs (loop1): invalid crc value [ 981.623785][T29971] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 981.623819][T29971] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 981.780824][T30000] f2fs_ckpt-7:1: attempt to access beyond end of device [ 981.780824][T30000] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 981.822183][T30011] loop4: detected capacity change from 0 to 512 [ 981.828953][T30000] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 981.864182][T30011] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 981.898443][T30011] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 981.941844][T30011] EXT4-fs (loop4): 1 truncate cleaned up [ 982.010452][T30011] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 982.185146][T27691] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 982.483063][T30024] loop4: detected capacity change from 0 to 4096 [ 982.521490][T30024] NILFS (loop4): invalid segment: Checksum error in segment payload [ 982.557764][T30024] NILFS (loop4): trying rollback from an earlier position [ 982.627065][T30024] NILFS (loop4): recovery complete [ 982.674038][T30027] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 982.781629][T30026] loop3: detected capacity change from 0 to 4096 [ 982.815021][T30026] EXT4-fs: inline encryption not supported [ 982.841776][T30026] EXT4-fs (loop3): Test dummy encryption mode enabled [ 982.864451][ T28] kauditd_printk_skb: 64 callbacks suppressed [ 982.864468][ T28] audit: type=1800 audit(1777303096.839:512): pid=30024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.10730" name="file0" dev="loop4" ino=12 res=0 errno=0 [ 982.911075][T30026] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c019, mo2=0003] [ 982.948467][T30026] System zones: 0-5 [ 982.956241][T30026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 982.969440][ T28] audit: type=1800 audit(1777303096.839:513): pid=30024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.10730" name="file0" dev="loop4" ino=12 res=0 errno=0 [ 983.068594][ T28] audit: type=1326 audit(1777303097.029:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30032 comm="syz.1.10733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 983.105523][T30014] JBD2: Ignoring recovery information on journal [ 983.108608][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 983.122072][ T28] audit: type=1326 audit(1777303097.029:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30032 comm="syz.1.10733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 983.146094][ T28] audit: type=1326 audit(1777303097.089:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30032 comm="syz.1.10733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 983.169784][ T28] audit: type=1326 audit(1777303097.089:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30032 comm="syz.1.10733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 983.192629][ T28] audit: type=1326 audit(1777303097.089:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30032 comm="syz.1.10733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 983.215075][ C0] vkms_vblank_simulate: vblank timer overrun [ 983.357487][T30014] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 983.631382][ T5770] ocfs2: Unmounting device (7,0) on (node local) [ 983.706281][T30043] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.10738: bg 0: block 393: padding at end of block bitmap is not set [ 983.776981][T30043] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 983.778918][T30041] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 983.827238][ T28] audit: type=1326 audit(1777303097.779:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30048 comm="syz.4.10739" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f38ca99cdd9 code=0x0 [ 983.839533][T30041] ext4 filesystem being mounted at /2641/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 983.866396][T30043] EXT4-fs (loop3): 2 truncates cleaned up [ 983.884834][T30043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 984.015883][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 984.057200][T30043] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 984.066718][T30043] EXT4-fs (loop3): can't enable nombcache during remount [ 984.208215][T30052] set_capacity_and_notify: 3 callbacks suppressed [ 984.208234][T30052] loop0: detected capacity change from 0 to 4096 [ 984.247108][T30052] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 984.272092][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 984.381148][T30052] ntfs: volume version 3.1. [ 984.586358][T30052] ntfs: (device loop0): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28). [ 985.096062][T30071] bridge_slave_0: invalid flags given to default FDB implementation [ 985.227688][T30073] loop3: detected capacity change from 0 to 4096 [ 985.303562][T30078] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 985.328162][T30075] loop4: detected capacity change from 0 to 736 [ 985.547477][T30058] loop1: detected capacity change from 0 to 32768 [ 985.683203][T30058] JBD2: Ignoring recovery information on journal [ 985.725853][T30058] jbd2_journal_bmap: journal block not found at offset 32 on loop1-75 [ 985.789360][T30058] JBD2: bad block at offset 32 [ 985.900078][T30058] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 986.029329][T30058] OCFS2: ERROR (device loop1): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has invalid tree depth 312 in extent list [ 986.114636][T30058] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 986.159537][T30058] OCFS2: File system is now read-only. [ 986.165093][T30058] (syz.1.10742,30058,1):ocfs2_find_leaf:1941 ERROR: status = -30 [ 986.203903][T30058] (syz.1.10742,30058,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 986.234731][T30058] (syz.1.10742,30058,1):ocfs2_fiemap:782 ERROR: status = -30 [ 986.454690][ T5772] ocfs2: Unmounting device (7,1) on (node local) [ 986.740740][T30107] netlink: 52 bytes leftover after parsing attributes in process `syz.0.10764'. [ 986.878710][T30087] loop3: detected capacity change from 0 to 32768 [ 986.961714][T30087] JBD2: Ignoring recovery information on journal [ 987.052190][T30087] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 987.195273][T30102] loop4: detected capacity change from 0 to 32768 [ 987.203680][T30102] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 10 [ 987.239982][T24268] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 987.341096][ T5769] ocfs2: Unmounting device (7,3) on (node local) [ 988.420846][T30143] loop3: detected capacity change from 0 to 64 [ 988.472467][T30143] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 989.365932][T30171] ip6gretap3: entered allmulticast mode [ 989.856408][T30157] loop1: detected capacity change from 0 to 32768 [ 989.950815][T30157] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 989.967500][T30157] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 990.208459][T30169] loop4: detected capacity change from 0 to 32768 [ 990.215809][T30157] XFS (loop1): Ending clean mount [ 990.223237][T30189] loop0: detected capacity change from 0 to 4096 [ 990.309440][T30189] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 990.343589][T30189] ntfs3: loop0: Failed to load $Extend (-22). [ 990.345901][T30169] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 990.366300][T30189] ntfs3: loop0: Failed to initialize $Extend. [ 990.454730][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 990.454746][ T28] audit: type=1800 audit(1777303104.419:521): pid=30189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.10799" name="bus" dev="loop0" ino=33 res=0 errno=0 [ 990.552233][ T5772] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 990.583555][T30169] XFS (loop4): Ending clean mount [ 990.760145][T27691] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 992.052176][T30231] loop1: detected capacity change from 0 to 256 [ 992.099966][T30231] exfat: Deprecated parameter 'utf8' [ 992.105363][T30231] exfat: Deprecated parameter 'utf8' [ 992.134993][T30231] exfat: Deprecated parameter 'namecase' [ 992.145053][T30231] exfat: Deprecated parameter 'namecase' [ 992.175974][T30231] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 992.274645][ T28] audit: type=1800 audit(1777303106.239:522): pid=30231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.10814" name="file1" dev="loop1" ino=1048724 res=0 errno=0 [ 992.478026][T30239] netlink: 5364 bytes leftover after parsing attributes in process `syz.1.10818'. [ 992.498524][T30239] netlink: 5364 bytes leftover after parsing attributes in process `syz.1.10818'. [ 992.799656][T30245] nbd: must specify at least one socket [ 992.911695][T30225] loop0: detected capacity change from 0 to 32768 [ 992.938175][T30225] XFS (loop0): Cannot mount filesystem with identical rtdev and ddev/logdev. [ 993.205470][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.212279][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.757023][T30269] loop3: detected capacity change from 0 to 256 [ 994.388066][T30262] loop4: detected capacity change from 0 to 32768 [ 994.414385][T30262] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.10830 (30262) [ 994.471419][T30262] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 994.505985][T30262] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 994.535422][T30262] BTRFS info (device loop4): using free space tree [ 994.688880][T30262] BTRFS info (device loop4): enabling ssd optimizations [ 994.719757][T30262] BTRFS info (device loop4): auto enabling async discard [ 994.924736][ T28] audit: type=1326 audit(1777303108.889:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30274 comm="syz.0.10836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7fc00000 [ 995.043129][T27691] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 996.024250][T30320] loop4: detected capacity change from 0 to 1024 [ 996.034290][T30323] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10850'. [ 996.062295][T30323] block nbd0: Unsupported socket: should be TCP or UNIX. [ 996.079472][T30320] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 996.139704][T30320] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 996.148149][T30320] EXT4-fs (loop4): orphan cleanup on readonly fs [ 996.204030][T30320] EXT4-fs error (device loop4): __ext4_get_inode_loc:4496: comm syz.4.10851: Invalid inode table block 0 in block_group 0 [ 996.224726][T30320] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Corrupt filesystem [ 996.241685][T30320] EXT4-fs error (device loop4): ext4_quota_write:7342: inode #3: comm syz.4.10851: mark_inode_dirty error [ 996.287358][T30320] Quota error (device loop4): write_blk: dquota write failed [ 996.309220][ T28] audit: type=1326 audit(1777303110.269:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30327 comm="syz.3.10852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f852f19cdd9 code=0x7ffc0000 [ 996.339715][T30320] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 996.359297][T30320] EXT4-fs error (device loop4): ext4_acquire_dquot:6953: comm syz.4.10851: Failed to acquire dquot type 0 [ 996.385768][ T28] audit: type=1326 audit(1777303110.269:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30327 comm="syz.3.10852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f852f19cdd9 code=0x7ffc0000 [ 996.435526][T30320] EXT4-fs error (device loop4): __ext4_get_inode_loc:4496: comm syz.4.10851: Invalid inode table block 0 in block_group 0 [ 996.453774][ T28] audit: type=1326 audit(1777303110.269:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30327 comm="syz.3.10852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f852f19cdd9 code=0x7ffc0000 [ 996.496968][T30320] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Corrupt filesystem [ 996.507320][T30320] EXT4-fs error (device loop4): ext4_ext_truncate:4519: inode #15: comm syz.4.10851: mark_inode_dirty error [ 996.531460][ T28] audit: type=1326 audit(1777303110.279:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30327 comm="syz.3.10852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f852f19cdd9 code=0x7ffc0000 [ 996.573072][T30320] EXT4-fs error (device loop4): __ext4_get_inode_loc:4496: comm syz.4.10851: Invalid inode table block 0 in block_group 0 [ 996.621684][ T28] audit: type=1326 audit(1777303110.279:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30327 comm="syz.3.10852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f852f19cdd9 code=0x7ffc0000 [ 996.647787][T30320] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Corrupt filesystem [ 996.658587][ T28] audit: type=1326 audit(1777303110.349:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30327 comm="syz.3.10852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f852f15d60e code=0x7ffc0000 [ 996.682371][ T28] audit: type=1326 audit(1777303110.349:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30327 comm="syz.3.10852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f852f15d60e code=0x7ffc0000 [ 996.721768][T30320] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 996.731606][T30320] EXT4-fs error (device loop4): __ext4_get_inode_loc:4496: comm syz.4.10851: Invalid inode table block 0 in block_group 0 [ 996.754435][ T28] audit: type=1326 audit(1777303110.349:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30327 comm="syz.3.10852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f852f15d60e code=0x7ffc0000 [ 996.781455][T30320] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Corrupt filesystem [ 996.810322][T30332] loop1: detected capacity change from 0 to 2048 [ 996.827208][T30320] EXT4-fs error (device loop4): ext4_truncate:4301: inode #15: comm syz.4.10851: mark_inode_dirty error [ 996.857549][T30332] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 996.868593][T30320] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 996.912585][T30320] EXT4-fs (loop4): 1 truncate cleaned up [ 996.940587][T30320] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 997.212351][T27691] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 997.610958][T30347] loop4: detected capacity change from 0 to 128 [ 997.633790][T30349] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10870'. [ 997.683355][T30347] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 997.733252][T30349] macsec1: entered promiscuous mode [ 997.774960][T30349] bridge0: entered promiscuous mode [ 997.785476][T30347] ext4 filesystem being mounted at /239/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 997.807880][T30349] macsec1: entered allmulticast mode [ 997.828598][T30349] bridge0: entered allmulticast mode [ 997.852299][T30349] bridge0: port 2(macsec1) entered blocking state [ 997.869325][T30349] bridge0: port 2(macsec1) entered disabled state [ 997.913108][T30349] bridge0: left allmulticast mode [ 997.918815][T30349] bridge0: left promiscuous mode [ 997.938813][T27691] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 998.029220][ T5810] usb 1-1: new low-speed USB device number 63 using dummy_hcd [ 998.229765][ T5810] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 998.249078][ T5810] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 8 [ 998.287980][ T5810] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 998.323574][ T5810] usb 1-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 998.359242][ T5810] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 998.387979][ T5810] usb 1-1: config 0 descriptor?? [ 998.408511][T30353] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 998.549325][ T5773] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 998.762351][ T5773] usb 5-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55 [ 998.771755][ T5773] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 998.792006][ T5773] usb 5-1: Product: syz [ 998.801684][ T5773] usb 5-1: Manufacturer: syz [ 998.806365][ T5773] usb 5-1: SerialNumber: syz [ 998.840602][ T5773] usb 5-1: config 0 descriptor?? [ 998.861764][ T5773] gspca_main: sonixb-2.14.0 probing 0c45:6005 [ 998.876684][ T5810] gt683r_led 0003:1770:FF00.0005: unknown main item tag 0x2 [ 998.907550][ T5810] gt683r_led 0003:1770:FF00.0005: unknown main item tag 0x0 [ 998.944988][ T5810] gt683r_led 0003:1770:FF00.0005: unknown main item tag 0x0 [ 998.953850][ T5810] gt683r_led 0003:1770:FF00.0005: unknown main item tag 0x0 [ 998.962087][ T5810] gt683r_led 0003:1770:FF00.0005: unknown main item tag 0x0 [ 998.970437][ T5810] gt683r_led 0003:1770:FF00.0005: unknown main item tag 0x0 [ 998.997239][ T5810] gt683r_led 0003:1770:FF00.0005: hidraw0: USB HID v0.04 Device [HID 1770:ff00] on usb-dummy_hcd.0-1/input0 [ 999.174768][ T5830] usb 1-1: USB disconnect, device number 63 [ 999.196123][T20865] gt683r_led 0003:1770:FF00.0005: failed to send set report request: -19 [ 999.255122][T30374] fido_id[30374]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 999.317040][ T5773] input: sonixb as /devices/platform/dummy_hcd.4/usb5/5-1/input/input50 [ 999.568015][ T5810] usb 5-1: USB disconnect, device number 23 [ 999.677142][T30384] loop3: detected capacity change from 0 to 512 [ 999.734170][T30384] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -13 [ 999.749642][T30384] EXT4-fs error (device loop3): ext4_orphan_get:1404: inode #13: comm syz.3.10877: iget: bad i_size value: 12154757448730 [ 999.794811][T30384] EXT4-fs error (device loop3): ext4_orphan_get:1409: comm syz.3.10877: couldn't read orphan inode 13 (err -117) [ 999.910565][T30384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1000.037308][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1000.104168][T30390] loop1: detected capacity change from 0 to 2048 [ 1000.231104][T30394] loop3: detected capacity change from 0 to 64 [ 1000.242321][T30392] loop0: detected capacity change from 0 to 128 [ 1000.374343][T30390] NILFS (loop1): invalid segment: Magic number mismatch [ 1000.379358][ T5764] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1000.450610][T30390] NILFS (loop1): trying rollback from an earlier position [ 1000.766208][T30390] NILFS (loop1): recovery complete [ 1000.806977][T30405] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1001.062201][ T5811] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 1001.257105][ T5811] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 1001.274179][ T5811] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1001.291036][ T5811] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1001.301944][ T5811] usb 5-1: config 220 has no interface number 2 [ 1001.308314][ T5811] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1001.329094][ T5811] usb 5-1: config 220 interface 0 has no altsetting 0 [ 1001.346168][ T5811] usb 5-1: config 220 interface 76 has no altsetting 0 [ 1001.353580][ T5811] usb 5-1: config 220 interface 1 has no altsetting 0 [ 1001.375688][ T5811] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1001.395204][ T5811] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1001.409094][ T5811] usb 5-1: Product: syz [ 1001.414609][ T5811] usb 5-1: Manufacturer: syz [ 1001.423090][ T5811] usb 5-1: SerialNumber: syz [ 1001.657576][ T5811] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 1001.672983][ T5811] usb 5-1: No valid video chain found. [ 1001.678838][ T5811] usb 5-1: selecting invalid altsetting 0 [ 1001.717433][ T5811] usb 5-1: selecting invalid altsetting 0 [ 1001.735986][ T5811] usbtest: probe of 5-1:220.1 failed with error -22 [ 1001.749419][T30409] loop3: detected capacity change from 0 to 40427 [ 1001.761860][T30409] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff [ 1001.779719][ T5811] usb 5-1: USB disconnect, device number 24 [ 1001.790128][T30409] F2FS-fs (loop3): invalid crc value [ 1001.799852][T30409] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1001.996727][T30409] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1002.119906][ T5769] syz-executor: attempt to access beyond end of device [ 1002.119906][ T5769] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1002.159307][ T5769] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1002.265735][T30421] loop4: detected capacity change from 0 to 8 [ 1003.136901][T30436] loop3: detected capacity change from 0 to 128 [ 1003.587338][T30424] loop0: detected capacity change from 0 to 32768 [ 1003.668649][T30424] ERROR: (device loop0): dbAdjCtl: the maximum free buddy is not the old root [ 1003.668649][T30424] [ 1003.738771][T30424] ERROR: (device loop0): remounting filesystem as read-only [ 1004.467737][T30457] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10909'. [ 1004.788799][T30452] loop3: detected capacity change from 0 to 32768 [ 1004.837361][T30452] JBD2: Ignoring recovery information on journal [ 1004.922052][T30448] loop4: detected capacity change from 0 to 40427 [ 1004.939509][T30452] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1004.985300][T30448] F2FS-fs (loop4): invalid crc value [ 1005.008137][T30448] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1005.044433][T30470] loop1: detected capacity change from 0 to 512 [ 1005.189160][T30470] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 1005.275919][T30448] F2FS-fs (loop4): Start checkpoint disabled! [ 1005.356942][T30448] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 1005.407538][ T5769] ocfs2: Unmounting device (7,3) on (node local) [ 1005.559615][T30448] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10905'. [ 1005.602906][T30448] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10905'. [ 1006.423543][ T28] kauditd_printk_skb: 108 callbacks suppressed [ 1006.423561][ T28] audit: type=1326 audit(1777303120.389:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30492 comm="syz.1.10924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 1006.519194][ T28] audit: type=1326 audit(1777303120.429:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30492 comm="syz.1.10924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 1006.585191][T30497] loop3: detected capacity change from 0 to 128 [ 1006.599228][ T28] audit: type=1326 audit(1777303120.429:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30492 comm="syz.1.10924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 1006.643915][T30497] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1006.689457][ T28] audit: type=1326 audit(1777303120.449:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30492 comm="syz.1.10924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 1006.712965][T30497] hpfs: filesystem error: improperly stopped [ 1006.739148][T30497] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1006.747557][T30497] hpfs: You really don't want any checks? You are crazy... [ 1006.783683][T30497] hpfs: Code page index out of array [ 1006.789621][ T28] audit: type=1326 audit(1777303120.449:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30492 comm="syz.1.10924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 1006.825929][T30497] hpfs: code page support is disabled [ 1006.840374][T30497] hpfs: hpfs_map_4sectors(): unaligned read [ 1006.865220][T30497] hpfs: hpfs_map_4sectors(): unaligned read [ 1006.884029][ T28] audit: type=1326 audit(1777303120.449:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30492 comm="syz.1.10924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 1006.907339][T30497] hpfs: filesystem error: unable to find root dir [ 1006.999162][ T28] audit: type=1326 audit(1777303120.449:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30492 comm="syz.1.10924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d479cdd9 code=0x7ffc0000 [ 1007.213398][ T28] audit: type=1326 audit(1777303121.169:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30507 comm="syz.0.10934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1007.293205][ T28] audit: type=1326 audit(1777303121.179:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30507 comm="syz.0.10934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1007.321545][ T28] audit: type=1326 audit(1777303121.179:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30507 comm="syz.0.10934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f65cf75d60e code=0x7ffc0000 [ 1007.494267][T30512] loop1: detected capacity change from 0 to 8192 [ 1007.515068][T30516] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621 [ 1007.576049][T30512] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1007.639878][T30512] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 1007.650013][T30512] REISERFS (device loop1): using ordered data mode [ 1007.656596][T30512] reiserfs: using flush barriers [ 1007.669182][T30512] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1007.699542][T30512] REISERFS (device loop1): checking transaction log (loop1) [ 1007.760041][T30512] REISERFS (device loop1): Using r5 hash to sort names [ 1007.768038][T30512] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 1007.968699][T30529] dummy0: entered promiscuous mode [ 1008.048145][T30529] dummy0: left promiscuous mode [ 1008.810023][T30525] loop0: detected capacity change from 0 to 32768 [ 1008.888661][T30545] Invalid ELF header magic: != ELF [ 1008.938813][T30525] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1009.181914][T30525] XFS (loop0): Ending clean mount [ 1009.238437][T30560] loop4: detected capacity change from 0 to 256 [ 1009.301043][T30560] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xa393d547, utbl_chksum : 0xe619d30d) [ 1009.458750][T30563] loop1: detected capacity change from 0 to 512 [ 1009.555961][T30563] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 1009.570670][ T5770] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1009.707936][T30563] EXT4-fs error (device loop1): ext4_orphan_get:1404: inode #17: comm syz.1.10954: inode has both inline data and extents flags [ 1009.787969][T30563] EXT4-fs error (device loop1): ext4_orphan_get:1409: comm syz.1.10954: couldn't read orphan inode 17 (err -117) [ 1009.822326][T30563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1010.055629][T30572] loop3: detected capacity change from 0 to 2048 [ 1010.065260][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1010.144982][T30572] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1010.352619][T30578] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10956'. [ 1010.644837][T30542] Bluetooth: hci1: command 0x0406 tx timeout [ 1011.042283][T30574] loop4: detected capacity change from 0 to 32768 [ 1011.060991][T30574] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.10960 (30574) [ 1011.153257][T30592] loop3: detected capacity change from 0 to 512 [ 1011.155902][T30574] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1011.180612][T30592] EXT4-fs: Ignoring removed i_version option [ 1011.224854][T30592] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1011.233670][T30574] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1011.265711][T30574] BTRFS info (device loop4): using free space tree [ 1011.291347][T30592] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.10967: invalid indirect mapped block 4294967295 (level 1) [ 1011.358399][T30577] loop1: detected capacity change from 0 to 32768 [ 1011.385313][T30592] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.10967: invalid indirect mapped block 4294967295 (level 1) [ 1011.404227][T30592] EXT4-fs (loop3): 2 truncates cleaned up [ 1011.411453][T30592] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1011.486446][T30574] BTRFS info (device loop4): enabling ssd optimizations [ 1011.497204][T30574] BTRFS info (device loop4): auto enabling async discard [ 1011.528972][T30577] JBD2: Ignoring recovery information on journal [ 1011.533894][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1011.716577][T30595] loop0: detected capacity change from 0 to 8192 [ 1011.724849][T30577] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1011.775172][T30595] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1011.879902][T30595] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 1011.882405][T30577] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #32 has bit count of 1024 [ 1011.945906][T30595] REISERFS (device loop0): using ordered data mode [ 1011.973885][T30595] reiserfs: using flush barriers [ 1011.979211][T30577] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1012.003379][T30577] OCFS2: File system is now read-only. [ 1012.011706][T30595] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1012.049292][T30577] (syz.1.10959,30577,1):ocfs2_trim_mainbm:7610 ERROR: status = -30 [ 1012.057543][T27691] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1012.094372][T30595] REISERFS (device loop0): checking transaction log (loop0) [ 1012.170203][T30595] REISERFS (device loop0): Using r5 hash to sort names [ 1012.177526][T30595] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 1012.331074][ T5772] ocfs2: Unmounting device (7,1) on (node local) [ 1012.740533][T30625] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1012.747056][T30625] comedi comedi3: 8255: I/O port conflict (0xffffffffffffff00,4) [ 1012.835444][T30625] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1012.859465][T30625] comedi comedi3: 8255: I/O port conflict (0x80007,4) [ 1012.866471][T30625] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1012.911746][T30625] comedi comedi3: 8255: I/O port conflict (0x100,4) [ 1012.918475][T30625] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 1012.943808][T30625] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 1012.999556][T30625] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1013.128386][T30631] loop1: detected capacity change from 0 to 1024 [ 1013.190567][T30635] loop0: detected capacity change from 0 to 16 [ 1013.217427][T30635] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 1013.261963][ T6200] udevd[6200]: incorrect cramfs checksum on /dev/loop0 [ 1013.376784][ T6200] udevd[6200]: incorrect cramfs checksum on /dev/loop0 [ 1013.419246][T30631] hfsplus: request for non-existent node 33554434 in B*Tree [ 1013.427529][T30631] hfsplus: request for non-existent node 33554434 in B*Tree [ 1013.514552][T30630] hfsplus: request for non-existent node 33554434 in B*Tree [ 1013.554347][T30630] hfsplus: request for non-existent node 33554434 in B*Tree [ 1013.660645][T20662] hfsplus: request for non-existent node 33554434 in B*Tree [ 1013.674556][T20662] hfsplus: request for non-existent node 33554434 in B*Tree [ 1014.608516][T30643] loop3: detected capacity change from 0 to 40427 [ 1014.627494][T30643] F2FS-fs (loop3): build fault injection attr: rate: 684, type: 0x7ffff [ 1014.644475][T30643] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7 [ 1014.661193][T30643] F2FS-fs (loop3): Image doesn't support compression [ 1014.677662][T30643] F2FS-fs (loop3): invalid crc value [ 1014.686601][T30643] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1014.827294][T30643] F2FS-fs (loop3): Start checkpoint disabled! [ 1014.846515][T30643] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 1014.923320][T30658] loop4: detected capacity change from 0 to 32768 [ 1014.947409][T30658] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.10989 (30658) [ 1015.000560][T30658] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1015.034885][T30658] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1015.085871][T30658] BTRFS info (device loop4): enabling auto defrag [ 1015.120591][T30658] BTRFS info (device loop4): use no compression [ 1015.159309][T30658] BTRFS info (device loop4): max_inline at 4096 [ 1015.165659][T30658] BTRFS info (device loop4): using free space tree [ 1015.343328][ T1081] kworker/u4:6: attempt to access beyond end of device [ 1015.343328][ T1081] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 1015.366843][ T1081] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1015.374980][ T1081] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1015.407560][T30692] loop1: detected capacity change from 0 to 512 [ 1015.436907][T30658] BTRFS info (device loop4): enabling ssd optimizations [ 1015.449257][T30658] BTRFS info (device loop4): auto enabling async discard [ 1015.457051][T30692] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1015.534422][T30692] EXT4-fs error (device loop1): ext4_find_extent:945: inode #4: comm syz.1.10999: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 1015.649193][T30692] __quota_error: 6 callbacks suppressed [ 1015.649212][T30692] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=-117 [ 1015.699237][T30692] EXT4-fs warning (device loop1): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1015.756233][T30692] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 1015.786706][T30692] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1015.934747][T30701] loop0: detected capacity change from 0 to 256 [ 1015.974682][T30701] exfat: Deprecated parameter 'namecase' [ 1016.021607][T30701] exfat: Deprecated parameter 'namecase' [ 1016.071662][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1016.091643][T27691] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1016.106977][T30701] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 1016.258430][ T5764] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop4 scanned by udevd (5764) [ 1016.636323][T30715] loop3: detected capacity change from 0 to 64 [ 1016.716906][T30712] loop0: detected capacity change from 0 to 4096 [ 1016.882079][T30712] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 1017.167177][T30723] loop4: detected capacity change from 0 to 4096 [ 1017.259930][T30727] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1017.327574][T30724] loop3: detected capacity change from 0 to 4096 [ 1017.429764][T30723] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 1017.488082][T30723] Remounting filesystem read-only [ 1017.515249][T30724] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1017.543048][T30729] vivid-000: disconnect [ 1017.570816][T30728] vivid-000: reconnect [ 1017.622495][T30724] ntfs3: loop3: Failed to load $Extend (-22). [ 1017.628679][T30724] ntfs3: loop3: Failed to initialize $Extend. [ 1017.646695][T27691] NILFS (loop4): discard dirty page: offset=0, ino=6 [ 1017.668143][T27691] NILFS (loop4): discard dirty block: blocknr=23, size=4096 [ 1017.706603][T27691] NILFS (loop4): discard dirty page: offset=4096, ino=6 [ 1017.719326][T27691] NILFS (loop4): discard dirty block: blocknr=24, size=4096 [ 1017.762312][T27691] NILFS (loop4): discard dirty page: offset=8192, ino=6 [ 1017.789566][T27691] NILFS (loop4): discard dirty block: blocknr=25, size=4096 [ 1017.950553][T30735] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11015'. [ 1018.443773][T30751] loop4: detected capacity change from 0 to 128 [ 1018.550653][T30751] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1018.599489][T30751] ext4 filesystem being mounted at /277/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1018.659852][T30759] loop0: detected capacity change from 0 to 4096 [ 1018.708843][T30761] netlink: 'syz.3.11027': attribute type 11 has an invalid length. [ 1018.735800][T30759] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1018.747379][T30759] NILFS (loop0): mounting unchecked fs [ 1018.811244][T27691] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1018.841659][T30759] NILFS (loop0): recovery complete [ 1018.854289][T30756] loop1: detected capacity change from 0 to 4096 [ 1018.887695][T30762] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1018.982091][T30756] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1019.074965][T30756] ntfs3: loop1: Failed to load $Extend (-22). [ 1019.095509][T30756] ntfs3: loop1: Failed to initialize $Extend. [ 1019.221022][T30770] loop0: detected capacity change from 0 to 16 [ 1019.267518][T30770] erofs: (device loop0): mounted with root inode @ nid 36. [ 1019.267762][T30772] loop4: detected capacity change from 0 to 128 [ 1019.390979][T30772] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0003] [ 1019.468136][T30772] System zones: 1-3, 19-19, 35-36 [ 1019.476269][T30772] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1019.498957][T30772] ext4 filesystem being mounted at /279/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1019.540090][T30772] EXT4-fs warning (device loop4): verify_group_input:151: Cannot add at group 129 (only 1 groups) [ 1019.564377][T30775] sch_fq: defrate 36451 ignored. [ 1019.790284][T27691] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1020.002619][T30785] loop3: detected capacity change from 0 to 8 [ 1020.006749][T30785] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1020.043467][ T5764] udevd[5764]: incorrect cramfs checksum on /dev/loop3 [ 1020.065771][T30787] netlink: 'syz.4.11036': attribute type 4 has an invalid length. [ 1020.065796][T30787] netlink: 17 bytes leftover after parsing attributes in process `syz.4.11036'. [ 1020.233601][T30791] loop3: detected capacity change from 0 to 256 [ 1020.366931][T30791] FAT-fs (loop3): Directory bread(block 64) failed [ 1020.366977][T30791] FAT-fs (loop3): Directory bread(block 65) failed [ 1020.367080][T30791] FAT-fs (loop3): Directory bread(block 66) failed [ 1020.367110][T30791] FAT-fs (loop3): Directory bread(block 67) failed [ 1020.367214][T30791] FAT-fs (loop3): Directory bread(block 68) failed [ 1020.367243][T30791] FAT-fs (loop3): Directory bread(block 69) failed [ 1020.367337][T30791] FAT-fs (loop3): Directory bread(block 70) failed [ 1020.367365][T30791] FAT-fs (loop3): Directory bread(block 71) failed [ 1020.367456][T30791] FAT-fs (loop3): Directory bread(block 72) failed [ 1020.367483][T30791] FAT-fs (loop3): Directory bread(block 73) failed [ 1020.558439][T30797] loop4: detected capacity change from 0 to 256 [ 1020.951961][T30805] loop4: detected capacity change from 0 to 64 [ 1021.103034][T30809] loop1: detected capacity change from 0 to 2048 [ 1021.165141][T30809] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1021.645776][T30820] VFS: Found a Xenix FS (block size = 512) on device loop3 [ 1021.847195][ T5769] sysv_free_block: trying to free block not in datazone [ 1021.888573][ T5769] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1022.205537][T30840] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11065'. [ 1022.529887][T30852] netlink: 76 bytes leftover after parsing attributes in process `syz.4.11070'. [ 1023.126721][T30871] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1023.209890][T30865] NILFS (loop4): nilfs_ioctl_move_inode_block: invalid virtual block address (node): ino=2048, cno=5, offset=63330, blocknr=0, vblocknr=34359803903 [ 1023.283677][T30865] NILFS (loop4): error -2 preparing GC: cannot read source blocks [ 1023.417088][ T28] audit: type=1326 audit(1777303137.379:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30876 comm="syz.0.11083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1023.504752][ T28] audit: type=1326 audit(1777303137.409:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30876 comm="syz.0.11083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1023.541122][ T28] audit: type=1326 audit(1777303137.419:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30876 comm="syz.0.11083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1023.564857][ T28] audit: type=1326 audit(1777303137.419:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30876 comm="syz.0.11083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1023.588928][ T28] audit: type=1326 audit(1777303137.419:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30876 comm="syz.0.11083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1023.631703][T30879] set_capacity_and_notify: 4 callbacks suppressed [ 1023.631722][T30879] loop3: detected capacity change from 0 to 1024 [ 1023.680190][ T28] audit: type=1326 audit(1777303137.419:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30876 comm="syz.0.11083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1023.753841][ T28] audit: type=1326 audit(1777303137.419:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30876 comm="syz.0.11083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1023.909734][T20662] hfsplus: b-tree write err: -5, ino 25 [ 1023.916195][T20662] hfsplus: b-tree write err: -5, ino 4 [ 1023.929214][T20662] hfsplus: b-tree write err: -5, ino 2 [ 1024.043395][T30886] loop0: detected capacity change from 0 to 256 [ 1024.084060][T30889] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11089'. [ 1024.118241][T30889] netlink: 52 bytes leftover after parsing attributes in process `syz.3.11089'. [ 1024.414716][T30875] loop1: detected capacity change from 0 to 32768 [ 1024.467937][T30875] JBD2: Ignoring recovery information on journal [ 1024.603831][T30875] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1024.707309][ T28] audit: type=1800 audit(1777303138.669:663): pid=30875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.11082" name="file1" dev="loop1" ino=17058 res=0 errno=0 [ 1024.906582][ T5772] ocfs2: Unmounting device (7,1) on (node local) [ 1024.937310][ C1] vkms_vblank_simulate: vblank timer overrun [ 1025.287809][T30893] loop4: detected capacity change from 0 to 32768 [ 1025.336841][T30891] loop0: detected capacity change from 0 to 32768 [ 1025.417050][T30893] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1025.919467][T27691] ocfs2: Unmounting device (7,4) on (node local) [ 1026.378844][T30906] loop3: detected capacity change from 0 to 32768 [ 1026.431613][T30906] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1026.524759][T30906] XFS (loop3): Ending clean mount [ 1026.559161][T30910] loop1: detected capacity change from 0 to 40427 [ 1026.579176][T30910] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 1026.585865][T30910] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1026.611187][T30910] F2FS-fs (loop1): invalid crc value [ 1026.642329][T30910] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1026.740833][T30910] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1026.768118][T30910] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1026.803568][ T5769] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1026.918565][ T5772] syz-executor: attempt to access beyond end of device [ 1026.918565][ T5772] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1026.952600][ T5772] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 1027.519168][ T5810] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 1027.568940][T30949] loop1: detected capacity change from 0 to 1024 [ 1027.615850][T30949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1027.640451][T30949] ext4 filesystem being mounted at /2719/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1027.681255][ T28] audit: type=1800 audit(1777303141.649:664): pid=30949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.11111" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 1027.729073][ T5810] usb 5-1: Using ep0 maxpacket: 8 [ 1027.737246][ T5810] usb 5-1: config 0 has an invalid interface number: 31 but max is 0 [ 1027.746612][ T5810] usb 5-1: config 0 has no interface number 0 [ 1027.756291][ T5810] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 1027.765955][ T5810] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1027.774508][ T5810] usb 5-1: Product: syz [ 1027.781177][ T5810] usb 5-1: Manufacturer: syz [ 1027.785844][ T5810] usb 5-1: SerialNumber: syz [ 1027.786666][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1027.810188][ T5810] usb 5-1: config 0 descriptor?? [ 1028.039402][ T5810] usb 5-1: USB disconnect, device number 25 [ 1028.426779][T30960] loop3: detected capacity change from 0 to 512 [ 1028.504409][T30960] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1028.572602][T30960] ext4 filesystem being mounted at /2830/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1028.605038][T30956] loop1: detected capacity change from 0 to 32768 [ 1028.683476][T30956] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1028.867213][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1028.892528][T30956] XFS (loop1): Ending clean mount [ 1029.007493][T30978] nbd: socks must be embedded in a SOCK_ITEM attr [ 1029.065004][ T5772] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1029.717241][T30996] loop0: detected capacity change from 0 to 512 [ 1029.804954][T30996] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1029.886321][T30996] ext4 filesystem being mounted at /2828/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1030.312618][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1030.362114][T31017] loop4: detected capacity change from 0 to 2048 [ 1030.370557][T31017] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=18576, location=18576 [ 1030.485099][T31017] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1030.607659][T31021] loop3: detected capacity change from 0 to 4096 [ 1030.708362][T31026] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1030.900846][T31030] loop0: detected capacity change from 0 to 64 [ 1030.979892][T31030] syz.0.11142: attempt to access beyond end of device [ 1030.979892][T31030] loop0: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 1031.059212][T31030] Buffer I/O error on dev loop0, logical block 512, async page read [ 1031.077967][T31032] netlink: 'syz.1.11143': attribute type 3 has an invalid length. [ 1031.106723][T31030] syz.0.11142: attempt to access beyond end of device [ 1031.106723][T31030] loop0: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 1031.179200][T31030] Buffer I/O error on dev loop0, logical block 56576, async page read [ 1031.455881][T31045] Bluetooth: MGMT ver 1.22 [ 1031.835908][T31059] loop3: detected capacity change from 0 to 256 [ 1031.855449][T31059] exfat: Deprecated parameter 'utf8' [ 1031.965689][T31059] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 1032.027383][T31065] loop1: detected capacity change from 0 to 64 [ 1032.192244][T31069] netlink: 'syz.4.11161': attribute type 11 has an invalid length. [ 1032.221162][T31069] netlink: 36 bytes leftover after parsing attributes in process `syz.4.11161'. [ 1033.164017][T31072] loop1: detected capacity change from 0 to 32768 [ 1033.200172][T31072] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 1033.430527][T31074] loop4: detected capacity change from 0 to 32768 [ 1033.485156][T24268] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 1033.533223][T31074] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1033.546602][T31076] loop3: detected capacity change from 0 to 40427 [ 1033.621599][T31081] loop0: detected capacity change from 0 to 32768 [ 1033.630848][T31081] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.11167 (31081) [ 1033.653098][T31081] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1033.671445][T31081] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 1033.680959][T31081] BTRFS info (device loop0): turning on async discard [ 1033.688143][T31076] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1033.718672][T31081] BTRFS info (device loop0): metadata ratio 0 [ 1033.719981][T31074] XFS (loop4): Ending clean mount [ 1033.742526][T31081] BTRFS info (device loop0): setting nodatasum [ 1033.771267][T31081] BTRFS info (device loop0): using free space tree [ 1033.885278][T31096] mkiss: ax0: crc mode is auto. [ 1033.906062][T31074] XFS (loop4): syz.4.11162 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported [ 1033.966464][T31076] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1034.010646][T31081] BTRFS info (device loop0): enabling ssd optimizations [ 1034.240157][T27691] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1034.299713][ T5769] syz-executor: attempt to access beyond end of device [ 1034.299713][ T5769] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1034.340990][ T5769] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1034.366146][ T5770] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1034.944026][ T28] audit: type=1326 audit(1777303148.909:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1034.969010][ C0] vkms_vblank_simulate: vblank timer overrun [ 1035.059306][ T28] audit: type=1326 audit(1777303148.939:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1035.187951][ T28] audit: type=1326 audit(1777303148.969:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f65cf79cdd9 code=0x7ffc0000 [ 1035.211173][T31124] loop0: detected capacity change from 0 to 4096 [ 1035.231007][T31124] EXT4-fs: Ignoring removed mblk_io_submit option [ 1035.255312][T31124] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1035.279435][ T28] audit: type=1326 audit(1777303148.969:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f65cf79cb42 code=0x7ffc0000 [ 1035.376486][T31124] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1035.401580][ T28] audit: type=1326 audit(1777303149.009:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f65cf75d60e code=0x7ffc0000 [ 1035.541032][ T28] audit: type=1326 audit(1777303149.129:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f65cf79cc07 code=0x7ffc0000 [ 1035.628171][ T28] audit: type=1326 audit(1777303149.129:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f65cf75d60e code=0x7ffc0000 [ 1035.697624][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1035.710628][ T28] audit: type=1326 audit(1777303149.129:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f65cf79ca6b code=0x7ffc0000 [ 1035.782158][ T28] audit: type=1326 audit(1777303149.199:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f65cf75d60e code=0x7ffc0000 [ 1035.854764][T31137] loop3: detected capacity change from 0 to 2048 [ 1035.869436][ T28] audit: type=1326 audit(1777303149.199:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31123 comm="syz.0.11176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f65cf75d60e code=0x7ffc0000 [ 1035.961244][T31137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1036.160837][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1037.370224][T31183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11200'. [ 1037.446323][T31185] netlink: 108 bytes leftover after parsing attributes in process `syz.1.11202'. [ 1037.478687][T31185] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11202'. [ 1037.519444][T30542] Bluetooth: hci1: command 0x0406 tx timeout [ 1037.540420][T31163] loop3: detected capacity change from 0 to 32768 [ 1037.668657][T31163] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1037.835586][T31199] loop0: detected capacity change from 0 to 4096 [ 1037.868906][T31199] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 1037.930186][T31163] XFS (loop3): Ending clean mount [ 1037.955607][T31163] XFS (loop3): Quotacheck needed: Please wait. [ 1037.975840][T31199] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1038.053523][T31163] XFS (loop3): Quotacheck: Done. [ 1038.317793][ T5769] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1038.357492][T31208] loop4: detected capacity change from 0 to 64 [ 1038.814011][T31203] loop1: detected capacity change from 0 to 32768 [ 1038.881092][T31203] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1039.006649][T31222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11211'. [ 1039.028171][T31203] XFS (loop1): Ending clean mount [ 1039.065337][T31203] XFS (loop1): Quotacheck needed: Please wait. [ 1039.168723][T31203] XFS (loop1): Quotacheck: Done. [ 1039.260274][ T5772] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1039.309269][ T5773] usb 5-1: new full-speed USB device number 26 using dummy_hcd [ 1039.520325][T31236] netlink: 'syz.3.11220': attribute type 3 has an invalid length. [ 1039.552530][ T5773] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 1039.561856][ T5773] usb 5-1: config 0 has no interface number 0 [ 1039.568718][ T5773] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 1039.578379][ T5773] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1039.606849][ T5773] usb 5-1: config 0 descriptor?? [ 1039.615738][ T5773] usb 5-1: selecting invalid altsetting 1 [ 1039.629749][ T5773] dvb_ttusb_budget: ttusb_init_controller: error [ 1039.636274][ T5773] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 1039.763906][ T5773] DVB: Unable to find symbol cx22700_attach() [ 1039.819688][ T5773] DVB: Unable to find symbol tda10046_attach() [ 1039.825935][ T5773] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 1039.844129][ T5773] usb 5-1: USB disconnect, device number 26 [ 1040.150996][T31252] erspan0: entered promiscuous mode [ 1040.270873][T31254] loop3: detected capacity change from 0 to 4096 [ 1040.282515][T31254] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 1040.316440][T31254] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1040.328907][T31254] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 1040.347313][T31254] ntfs3: loop3: ino=5, "/" directory corrupted [ 1040.769341][ T5830] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 1040.938494][T31264] loop1: detected capacity change from 0 to 2048 [ 1040.964034][ T5830] usb 5-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 1040.982555][ T5830] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1041.010284][T31264] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1041.029254][ T5830] usb 5-1: Product: syz [ 1041.037806][ T5830] usb 5-1: Manufacturer: syz [ 1041.048698][ T5830] usb 5-1: SerialNumber: syz [ 1041.057275][ T5830] usb 5-1: config 0 descriptor?? [ 1041.082618][ T5830] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 1041.133958][ T5830] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1041.158446][ T5830] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 1041.171163][T31269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11233'. [ 1041.189680][ T5830] usb 5-1: media controller created [ 1041.255305][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1041.266387][ T5830] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1041.479405][ T5830] DVB: Unable to find symbol mt352_attach() [ 1041.536135][T31280] overlayfs: missing 'lowerdir' [ 1041.602814][ T5830] DVB: Unable to find symbol nxt6000_attach() [ 1041.614566][ T5830] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 1041.661689][ T5830] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input51 [ 1041.691408][ T5830] dvb-usb: schedule remote query interval to 1000 msecs. [ 1041.711403][ T5830] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 1041.730980][ T5830] dvb-usb: bulk message failed: -22 (7/0) [ 1041.737156][ T5830] dvb-usb: bulk message failed: -22 (7/0) [ 1041.766873][ T5830] usb 5-1: USB disconnect, device number 27 [ 1041.903734][ T5830] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 1042.612909][T31284] loop3: detected capacity change from 0 to 32768 [ 1042.674301][T31284] (syz.3.11239,31284,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1042.707517][T31284] (syz.3.11239,31284,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1042.756475][T31284] JBD2: Ignoring recovery information on journal [ 1042.908638][T31284] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1043.085961][ T5769] ocfs2: Unmounting device (7,3) on (node local) [ 1043.102317][T31294] loop0: detected capacity change from 0 to 32768 [ 1043.160430][T31313] loop1: detected capacity change from 0 to 64 [ 1043.234312][T31313] minix_free_block (loop1:21): bit already cleared [ 1043.255877][T31313] Trying to free block not in datazone [ 1043.769360][T20865] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 1043.925543][T31329] loop4: detected capacity change from 0 to 2048 [ 1043.959401][T20865] usb 4-1: Using ep0 maxpacket: 32 [ 1043.972113][T31329] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1043.986962][T20865] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1043.997401][T20865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1044.007335][T20865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 1044.017342][T20865] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 4 [ 1044.033484][T20865] usb 4-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 1044.042902][T20865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=7 [ 1044.051282][T20865] usb 4-1: Product: syz [ 1044.055704][T20865] usb 4-1: Manufacturer: syz [ 1044.060636][T20865] usb 4-1: SerialNumber: syz [ 1044.069219][T20865] usb 4-1: config 0 descriptor?? [ 1044.080106][T20865] usb 4-1: no audio or video endpoints found [ 1044.198147][T27691] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1044.302036][T20865] usb 4-1: USB disconnect, device number 66 [ 1044.377552][T31335] loop0: detected capacity change from 0 to 128 [ 1044.780987][T31345] loop4: detected capacity change from 0 to 1764 [ 1044.799191][T30542] Bluetooth: hci1: command 0x0406 tx timeout [ 1044.977569][T31347] ALSA: seq fatal error: cannot create timer (-19) [ 1045.184488][T31358] loop0: detected capacity change from 0 to 128 [ 1045.211275][T31358] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1045.248600][T31358] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1046.187982][T31387] loop0: detected capacity change from 0 to 64 [ 1046.568064][T31369] loop3: detected capacity change from 0 to 32768 [ 1046.626263][T31369] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10 [ 1046.847432][T24268] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10 [ 1046.879108][T30542] Bluetooth: hci1: command 0x0406 tx timeout [ 1046.996921][T31404] loop0: detected capacity change from 0 to 512 [ 1047.161519][T31404] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1047.238689][T31404] ext4 filesystem being mounted at /2864/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1047.373244][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1047.509301][T31411] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 1047.554998][T31389] loop4: detected capacity change from 0 to 40427 [ 1047.608832][T31389] F2FS-fs (loop4): invalid crc value [ 1047.631778][T31389] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1047.753163][T31389] F2FS-fs (loop4): Start checkpoint disabled! [ 1047.763294][T31397] loop1: detected capacity change from 0 to 32768 [ 1047.790491][T31397] XFS: attr2 mount option is deprecated. [ 1047.812679][T31389] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 1047.878713][T31397] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1048.064872][T31397] XFS (loop1): Ending clean mount [ 1048.092849][T31397] XFS (loop1): Quotacheck needed: Please wait. [ 1048.229813][T31397] XFS (loop1): Quotacheck: Done. [ 1048.503492][ T5772] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1048.775168][T31433] loop4: detected capacity change from 0 to 4096 [ 1048.819908][T31433] __ntfs_warning: 13 callbacks suppressed [ 1048.819927][T31433] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1048.894826][T31425] loop3: detected capacity change from 0 to 40427 [ 1048.911193][ C0] vkms_vblank_simulate: vblank timer overrun [ 1048.936289][T31425] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1048.986674][T31425] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1049.025506][T31433] ntfs: volume version 3.1. [ 1049.039631][T31425] F2FS-fs (loop3): invalid crc value [ 1049.046127][T31433] ntfs: (device loop4): ntfs_mark_quotas_out_of_date(): Quota defaults entry version 0x5 is not supported. [ 1049.078537][T31433] ntfs: (device loop4): load_system_files(): Failed to mark quotas out of date. Mounting read-only. Run chkdsk. [ 1049.130639][T31413] loop0: detected capacity change from 0 to 32768 [ 1049.266194][ T28] audit: type=1800 audit(1777303163.209:688): pid=31442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.11301" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 1049.270006][T31413] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1049.621135][T31425] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1049.651836][T31425] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1049.712244][T31413] XFS (loop0): Ending clean mount [ 1049.764599][T31413] XFS (loop0): Quotacheck needed: Please wait. [ 1049.910485][T31413] XFS (loop0): Quotacheck: Done. [ 1050.099100][T31458] loop3: detected capacity change from 0 to 4096 [ 1050.152206][ T5770] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1050.178922][T31458] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1050.270053][T31458] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1050.329834][T31458] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1050.384099][T31458] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1050.433669][T31458] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1050.477685][T31458] ntfs: volume version 3.1. [ 1050.493703][T31458] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 1050.802764][T31469] loop4: detected capacity change from 0 to 64 [ 1050.926308][T31473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1050.948571][T31473] ext4 filesystem being mounted at /2882/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1051.117358][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1051.410020][T31483] sp0: Synchronizing with TNC [ 1051.417564][T31488] sp0: Found TNC [ 1051.600757][T31493] netlink: 'syz.4.11320': attribute type 62 has an invalid length. [ 1051.634709][T31495] set_capacity_and_notify: 1 callbacks suppressed [ 1051.634727][T31495] loop1: detected capacity change from 0 to 8 [ 1051.810076][T31499] loop0: detected capacity change from 0 to 256 [ 1051.890193][T31499] FAT-fs (loop0): Directory bread(block 64) failed [ 1051.929083][T31499] FAT-fs (loop0): Directory bread(block 65) failed [ 1051.940796][T31499] FAT-fs (loop0): Directory bread(block 66) failed [ 1051.947403][T31499] FAT-fs (loop0): Directory bread(block 67) failed [ 1052.023269][T31499] FAT-fs (loop0): Directory bread(block 68) failed [ 1052.049276][T31499] FAT-fs (loop0): Directory bread(block 69) failed [ 1052.056000][T31499] FAT-fs (loop0): Directory bread(block 70) failed [ 1052.067619][T31499] FAT-fs (loop0): Directory bread(block 71) failed [ 1052.074921][T31499] FAT-fs (loop0): Directory bread(block 72) failed [ 1052.084804][T31499] FAT-fs (loop0): Directory bread(block 73) failed [ 1052.365721][T31513] loop4: detected capacity change from 0 to 512 [ 1052.421489][T31513] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 1053.315893][T31546] loop0: detected capacity change from 0 to 512 [ 1053.327427][T31543] binder: 31542:31543 ioctl c0306201 0 returned -14 [ 1053.337648][T31543] binder: 31542:31543 ioctl c00c6211 0 returned -14 [ 1053.422843][T31546] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1053.499262][T31546] ext4 filesystem being mounted at /2873/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1053.663516][T31558] loop3: detected capacity change from 0 to 2048 [ 1053.745252][T31558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1053.759987][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1053.792353][T31564] program syz.4.11351 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1053.805877][T31558] ext4 filesystem being mounted at /2892/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1054.280826][T31576] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11357'. [ 1054.545068][ T171] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm kworker/u4:5: bg 0: block 345: padding at end of block bitmap is not set [ 1054.588104][ T171] EXT4-fs (loop3): Remounting filesystem read-only [ 1054.601471][T31584] loop4: detected capacity change from 0 to 1024 [ 1054.630404][T27883] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 1054.642244][T27883] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 1054.650700][T27883] CPU: 1 PID: 27883 Comm: kworker/u4:3 Not tainted syzkaller #0 [ 1054.658372][T27883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1054.668458][T27883] Workqueue: ext4-rsv-conversion ext4_end_io_rsv_work [ 1054.675264][T27883] RIP: 0010:ext4_ext_map_blocks+0x2d04/0x6800 [ 1054.681382][T27883] Code: 8b 04 24 89 18 89 9c 24 38 01 00 00 4c 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 f7 e0 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 41 0f b7 47 08 c1 e0 04 48 [ 1054.701212][T27883] RSP: 0018:ffffc90003747520 EFLAGS: 00010246 [ 1054.707312][T27883] RAX: 0000000000000000 RBX: fffffffffffffffb RCX: ffff88802a88bc00 [ 1054.715316][T27883] RDX: 0000000000000000 RSI: ffffffff8acac9e0 RDI: 0000000000000003 [ 1054.723310][T27883] RBP: ffffc900037477d0 R08: ffffffff911c659f R09: 1ffffffff2238cb3 [ 1054.731396][T27883] R10: dffffc0000000000 R11: fffffbfff2238cb4 R12: 0000000000000001 [ 1054.739403][T27883] R13: 1ffff920006e8ed0 R14: dffffc0000000000 R15: fffffffffffffffb [ 1054.747407][T27883] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1054.756392][T27883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1054.762995][T27883] CR2: 00007f65c59a9000 CR3: 0000000061230000 CR4: 00000000003506e0 [ 1054.771006][T27883] Call Trace: [ 1054.774361][T27883] [ 1054.777336][T27883] ? rwsem_down_read_slowpath+0x880/0x880 [ 1054.783109][T27883] ? ext4_ext_release+0x10/0x10 [ 1054.788101][T27883] ? ext4_es_lookup_extent+0x60e/0xa00 [ 1054.793595][T27883] ext4_map_blocks+0x9e2/0x1b80 [ 1054.798506][T27883] ? ext4_issue_zeroout+0x250/0x250 [ 1054.803820][T27883] ? ext4_journal_check_start+0x178/0x250 [ 1054.809661][T27883] ? __ext4_journal_start_sb+0x259/0x560 [ 1054.815425][T27883] ext4_convert_unwritten_extents+0x2c2/0x5f0 [ 1054.821533][T27883] ? trace_ext4_fallocate_exit+0x1d0/0x1d0 [ 1054.827400][T27883] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 1054.833334][T27883] ? lockdep_hardirqs_on+0x98/0x150 [ 1054.838656][T27883] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 1054.844586][T27883] ? _raw_spin_unlock+0x40/0x40 [ 1054.849481][T27883] ext4_convert_unwritten_io_end_vec+0xff/0x170 [ 1054.855778][T27883] ext4_end_io_rsv_work+0x2f5/0x690 [ 1054.861028][T27883] ? ext4_last_io_end_vec+0x70/0x70 [ 1054.866354][T27883] ? _raw_spin_unlock_irq+0x23/0x50 [ 1054.871595][T27883] ? process_scheduled_works+0x96f/0x15d0 [ 1054.877343][T27883] ? process_scheduled_works+0x96f/0x15d0 [ 1054.883097][T27883] process_scheduled_works+0xa5d/0x15d0 [ 1054.888686][T27883] ? worker_attach_to_pool+0x380/0x380 [ 1054.894175][T27883] ? assign_work+0x3d2/0x5d0 [ 1054.898812][T27883] worker_thread+0xa55/0xfc0 [ 1054.903461][T27883] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 1054.909439][T27883] ? _raw_spin_unlock+0x40/0x40 [ 1054.914343][T27883] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 1054.920295][T27883] kthread+0x2fa/0x390 [ 1054.924410][T27883] ? pr_cont_work+0x560/0x560 [ 1054.929131][T27883] ? kthread_blkcg+0xd0/0xd0 [ 1054.933756][T27883] ret_from_fork+0x48/0x80 [ 1054.938209][T27883] ? kthread_blkcg+0xd0/0xd0 [ 1054.942835][T27883] ret_from_fork_asm+0x11/0x20 [ 1054.947687][T27883] [ 1054.950734][T27883] Modules linked in: [ 1054.954740][ C1] vkms_vblank_simulate: vblank timer overrun [ 1055.019954][T27883] ---[ end trace 0000000000000000 ]--- [ 1055.026128][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.033359][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.051213][T27883] RIP: 0010:ext4_ext_map_blocks+0x2d04/0x6800 [ 1055.078543][T27883] Code: 8b 04 24 89 18 89 9c 24 38 01 00 00 4c 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 f7 e0 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 41 0f b7 47 08 c1 e0 04 48 [ 1055.113885][T27883] RSP: 0018:ffffc90003747520 EFLAGS: 00010246 [ 1055.120898][T27883] RAX: 0000000000000000 RBX: fffffffffffffffb RCX: ffff88802a88bc00 [ 1055.131168][T27883] RDX: 0000000000000000 RSI: ffffffff8acac9e0 RDI: 0000000000000003 [ 1055.141540][T27883] RBP: ffffc900037477d0 R08: ffffffff911c659f R09: 1ffffffff2238cb3 [ 1055.152459][T27883] R10: dffffc0000000000 R11: fffffbfff2238cb4 R12: 0000000000000001 [ 1055.163184][T27883] R13: 1ffff920006e8ed0 R14: dffffc0000000000 R15: fffffffffffffffb [ 1055.174876][T27883] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 1055.185029][T27883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1055.194214][T27883] CR2: 00007f3c37667000 CR3: 000000000cf32000 CR4: 00000000003506f0 [ 1055.204090][T27883] Kernel panic - not syncing: Fatal exception [ 1055.210519][T27883] Kernel Offset: disabled [ 1055.214881][T27883] Rebooting in 86400 seconds..