last executing test programs: 2m50.326360749s ago: executing program 1 (id=1535): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7786}, [@call={0x85, 0x0, 0x0, 0x29}, @printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x44, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2m50.088025466s ago: executing program 1 (id=1540): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="18000000071401000000000000000000050060"], 0x18}}, 0x0) 2m49.842170027s ago: executing program 1 (id=1544): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) lsm_get_self_attr(0x65, 0x0, 0x0, 0x0) 2m49.583962413s ago: executing program 1 (id=1549): syz_mount_image$jfs(&(0x7f0000000100), &(0x7f00000000c0)='./file1\x00', 0x1010006, &(0x7f0000000140)=ANY=[@ANYBLOB='quota,discard=0x000000000000aff9,iocharset=none,nointegrity,iocharset=cp1251,integrity,nodiscard,noquota,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c00c38b4986bd7086e58f5d7fd70ab0f8e8bb0e5f5b35be555a19034ea00aa5cc6053411b1c187a24d1f68a37ecec3d26f9ba8207f6ce22b0a47e28485c69c14dc952b0c5e5f1ffe29eb2ce10e7e2a59e32a5a7ea7d8a6fa0b5e90476f3fa2cb4fcba14a881906678b3f96174c0ea0e4edc3068e37fec09729df129bb3e5b9490df2879472cb2e2"], 0x24, 0x621a, &(0x7f0000001500)="$eJzs3cuPHFfZB+C3+jaXfHGsLKJ8FhKTxFxCiK/BGAIkWcCCDQvkHUK2JpPIwgFkG+REFp5otuzZgpBYIsSSFX9AFmzZsUXCko0EygJSqGbOGddUuqdnbE9Xt+t5pHHV26dq+pR/XX2ZquoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB89zvfP1tExOWfpxuOR/xf9CN6EStVvRYRK2vH6+s8H9vN8VxEDJciqvW3/3km4rWI+OhYxL37t9erm88dsB/f/sNff/vDp773l98PT//7jzf7r09a7tatX/7rT3cefnsBAACgi8qyLIv0Mf9ERAzSZ3sA4MmXX//LJN+unrt6c876o1ar1eoFrOvK8e7Ui4jYrK9TvWdwOB4AFsxmfNx2F2iR/DttEBFPtd0JYK4VbXeAI3Hv/u31IuVb1F8P1nba87kge/LfLHav75g0naZ5jsmsHl9b0Y9nJ/RnZUZ9mCc5/14z/8s77aO03FHnPyuT8h/tXPrUOTn/fjP/hicn/97Y/Lsq5z84VP59+QMAAAAAwBzLf/8/3vLx36VH35QD2e/479qM+gAAAAAAAAAAj9thx/8bNMb/22X8PwAAAJhb1Wf1yq+PPbht0nexVbdfKiKebiwPdEy6WGa17X4AAAAAAAAAAAAAQJcMds7hvVREDCPi6dXVsiyrn7pmfViPuv6i6/r2Q5e1/SQPAAA7PjrWuJa/iFiOiEvpu/6Gq6urZbm8slqulitL+f3saGm5XKl9rs3T6ral0QHeEA9GZfXLlmvr1U37vDytvfn7qvsalf0DdGw2WgwcACJi59Xo3qRXpP94vVpMZflMtPwmhwWxz/7PgrL/cxBtP04BAACAo1eWZVmkr/M+kY7599ruFAAwE/n1v3lcQK1Wq9Xqg9e/+uzffzBP/VFPquvK8e7Ui4jYrK9TvWcwHD8ALJjN+LjtLtAi+XfaICKeb7sTwFwr2u4AR+Le/dvrRcq3qL8epPHd87kge/LfLLbXy+uPm07TPMdkVo+vrejHsxP689yM+jBPcv69Zv6Xd9pHablHz7/c82fCts4xmpR/tZ3HW+hP23L+/Wb+DUe9/8/KVvTG5t9VOf/BofLvyx8AAAAAAOZY/vv/8bk6/jt62M2Zar/jv2tj1zi6vgAAAAAAAADA43Lv/u31fN1rPv7/mTHLuf7zyZTzL+TfSTn/XiP/LzaW69fm7771IP9/3r+9/rub//j/PD1o/kt5pkiPrCI9Iop0T8UgTR9l6z5ta9gfVfc0LHr9QTrnpxy+E1fjWmzEmT3L9tL/x4P2s3vaq54Ot9vL/k77uT3tg932vP75Pe3DdHZRuZLbT8V6/CSuxdvb7VXb0pTtX57SXk5pz/n37f+dlPMf1H6q/FdTe9GYVu5+2PvUfl+fjrufN6/+d59vHp6drejvbltdtX0vttCf7Wecp0bxsxsb10/dunLz5vWzkSZ7bj0XafKY5fyH6Wf3+f+lnfb8vF/fX+9+ODp0/vNiKwYT83+pNl9t78sz7lsbcv6j9JPzfzu1j9//Fzn/yfv/Ky30BwAAAAAAAAAAAAAAAPZTluX2JaJvRsSFdP1PW9dmAgCzlV//y8ZV+rOq+zO+P7V6wetizvoz0/qTcr76o1YvYl1XjvdGvYiIP9fXqd4z/GLcLwMA5tknEfG3tjtBa+TfYfn7/qrpybY7A8zUjfc/+NGVa9c2rt9ouycAAAAAAAAAwMPK43+u1cZ/PlmW5Z3GcnvGf30r1h51/M9BntkdYHTCQNX9w2/TfrZ6o36vNtz4CzFp/O/h7tx+438PptzfcEr7aEr70pT25Snt04Zbzvm/UBvv/GREnGgMv96F8V+bY953Qc7/xdrjucr/C43l6vmXv1nk/Ht78j99872fnr7x/gevXn3vyrsb7278+PzZs2fOX7hw8eLF0+9cvbZxZuffFnt8tHL+eexr54F2S84/Zy7/bsn5fy7V8u+WnP/nUy3/bsn55/d78u+WnH/+7CP/bsn5v5xq+XdLzv9LqZZ/t+T8X0m1/Lsl5//lVMu/W3L+r6Za/t2S8z+Vavl3S87/dKoPmP/KUfeL2cj55yNc9v9uyfnnMxvk3y05/3Opln+35PzPp1r+3ZLzfy3V8u+WnP9XUi3/bsn5X0i1/Lsl5//VVMu/W3L+F1Mt/27J+X8t1fLvlpz/11Mt/27J+b+eavl3S87/G6mWf7fk/L+Zavl3S87/W6mWf7fk/N9Itfy75cH3/5sxY8ZMnmn7mQkAAAAAAAAAAAAAaJrF6cRtbyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi7uxi5zvp+4Gf2zWsHEgMhfyd/A2vHGONssuuX+IXWxSThpeGtBEKhL9iud20W/IbXLoFGsmmgRMKoqKJtuGgLKGpzU+GLXNAqoFygVkiVSHtBbxAVKhdRFVBAqkQryFZz5nmenZmdndn1rtdnzvl8JPvnnTkz5zlnnnN2frv+zgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmm25f/rztSzL6n/yvzZm2cvq/14/tjG/7U03eoQAAADASv0q//vFW9INh5fwoKZl/vm133t6bm5uLvvQ4J8Pf3luLt0xlmXD67Isvy+6+qMP15qXCR7LRmsDTV8P9Fj9YI/7h3rcP9zj/pEe96/rcf9oj/sX7IAF1jd+HpM/2bb8nxsbuzS7NRvO79vW4VGP1dYNDMSf5eRq+WPmhk9kM9mpbDqbbFm+sWwtX/6ZLfV1vSOL6xpoWtfm+gz52aPH4xhqYR9va1nX/HNGP3lLNvbznz16/G8vvHB7p9pzN7Q8X2OcO7bWx/nZcEtjrLVsXdoncZwDTePc3OE1GWwZZy1/XP3f7eN8cYnjHJwf5ppqf81Hs4H838/l+2mo+cd6aT9tDrf94s4syy7PD7t9mQXrygayDS23DMy/PqONGVl/jvpUemU2tKx5umUJ87Rep7a1ztP2YyK+/lvC44YWGUPzy/STz4w0ve6/nLuWeRrVt3qxY6V9Dq72sVKUORjnxXP5Rj/ecQ5uC9v/6PbF52DHudNhDqbtbpqDW3vNwYGRwXzM6UWo5Y+Zn4O7WpYfzNdUy+vz27vPwYkLp89NzH7q03fPnD52cvrk9Jk9u3ZN7tm378CBAxMnZk5NTzb+vsa9XXwbsoF0DGwN+y4eA29oW7Z5qs59bWTB+fdaj8PRLsfhxrZlV/s4HGrfuNraHJAL53Tj2PhAfaePXhnIFjnG8tdn58qPw7TdTcfhUNNx2PF7SofjcGgJx2F9mXM7l/aeZajpT6cxLP69YGVzcGPTHGx/P9I+B1f7/UhR5uBomBc/2Ln494LNYbyPjy/3/cjggjmYNjece+q3pPf7owfy0mle3lG/46aR7OLs9Pl7Hjl24cL5XVkoa+JVTXOlfb5uaNqmbMF8HVj2fD0889rH7+hw+8awr0bvrv81uuhrVV9m7z3dX6v8u1vn/dly6+4slFW21vuz03fz+v4cybKvfOczD33r0a/cv+j+rPebn51Y+Xvx1Jc2nX+HFzn/xr7/pcb60lM9Njg81Dh+B9PeGW45H7e+VEP5uauWr/vFiaWdj4fDn7U+H9/a5Xy8qW3Z1T4fD7dvXDwf13r9tGNl2l/P0TBPTk12Px/Xl9m0e7lzcqjr+fjOUGth/78xdAqpL2qaO4vN27SuoaHhsF1DcQ2t83RPy/LDoTerr+up3eFNYRrl0ubpjjsbyw82PS5aq3k61rbsas/T9LOvxeZprddP365N++s5GubFrXu6z9P6Ms/uXfm5c338Z9O5c6TXHBweHKmPeThNwvx8n82tj3Pwnux4djY7lU3l947k86mWr2v83qWdK0fCn7U+V27qMgd3tC272nMwfR9bbO7VhhZu/Cpofz1Hw7x44t7uc7C+zAP7V/e9645wS1qm6b1r+8/XFvuZ1x1tu+l6zZWhMM7v7O/+s9n6MqcOLLfP7L6f7gq33NRhP7Ufv4sdU1PZ2uynTWGcLxxYfD/Vx1Nf5ssHlzifDmdZdukT9+U/7w2/X7l08ftPt/zepdPvdC594r6fvvzEPy1n/AD0v5caZUPje13Tb6aW8vt/AAAAoC/Evn8g1ET/DwAAAKUR+/74v8IT/T8AAACURuz7h0JNytD//3HvRTY98MLMS5eylMyfC+L9aTc82FguZlwnw9djc/Pqt9/35PR//+OlpQ1vIMuyXz74Rx2X3/RgHFfDWBjn1be23r7A03cvad1HH76U1tucX/9qeP64PUudBp0iuJNZlj1zyxfz9Yx9+Epen33waF4fuvz4Y/VlXjzY+Do+/vlXNZb/qxD+PXziWMvjnw/74cehTr6z8/6Ij/vGlTdu3v/B+fXFx9W23pxv9hMfaTxv/JycLz3WWD7u58XG/60vPPWN+vKPvL7z+C8NdB7/U+F5nwz1f17TWL75Nah/HR/3uTD+uL74uHu+/u2O47/6+cby597WWO5oqHH9O8LX2972wkzz/nqkdqxlu7K3N5aL65/8/p/m98fni8/fPv7RI1da9kf7/Hj23xrPM9G2fLw9rif6h7b115+neX7G9T/1J0db9nOv9V996PnX1J+3ff13tS137hM78/XPP1/rJzb99ee+2HF9cTyH//5cy/Ycfl84jsP6n/hImI/h/v+92ni+9k9XOPq+1vNPXP6rGy+1bE/0jp831n/1zSfzum50/YabXvbymy+/rr7vsuy5dY3n67X+k39ztmX8X7utsT/i/TGj377+xcT1n//k+JmzsxdnptJeffSW/LNz3tUYTxzvLeHc2v71kbMXPjp9fmxybDLLxsr7EXrX7Ouh/rRRLndfem7BGXTnw+H1vOMvn9mw/V+/EG//9w80br/yzsb3rTeE5b4Ubt8YXr/lrX+hJ7bclh/ftWfDCOcWfl7wSmze9l8HlrRg2P729wVxvp979Ufz/VC/L/++EY/rFY7/h1ON5/lm2K9z4ZOZt942v77m5eNnI1x5f+N4X/H+C6e5+Lr+XXi93/3jxvPHccXt/WF4H/PtTa3nuzg/vnlpoP3580/xuBzOJ9nlxv1xqbi/r7x4W8fhxc8hyS7fnn/9Z+l5bl/WZi5m9lOzE6dmzlx8ZOLC9OyFidlPffrI6bMXz1w4kn+W55GP9Xr8/PlpQ35+mpretzfLz1ZnG+U6u9HjP/fw8an9k9unpk8cu3jiwsPnps+fPD47e3x6anb7sRMnpj/Z6/EzU4d27T64Z//u8ZMzU4cOHDy45+D4zJmz9WE0BtXDvsmPj585fyR/yOyhvQd33Xvv3snx02enpg/tn5wcv9jr8fn3pvH6o/9w/Pz0qWMXZk5Pj8/OfHr60K6D+/bt7vlpgKfPnZgdmzh/8czExdnp8xONbRm7kN9c/97X6/GU0+x/NN7Ptqs1Pogve+9d+9Lns9Y9+ZlFn6qxSNsHiL4QPovmu684d2ApX8e+fzjUpAz9PwAAAJCLff9IqIn+HwAAAEoj9v3rQk30/wAAAFAase8fDTX9l4CK9P+ly/9vurSk9cv/y/837y/5/4rl/99ftPx/43wh/786Vpq/l/8Pipn/H87k/+X/Czx++X/5fxYqWv4/9v3rs8zv/wEAAKCkYt+/IdRE/w8AAAClEfv+m0JN9P8AAABQGrHvf1moSUX6f/l/+X/5/5Lm/4cWX7/8v/x/mcn/d9fn+X/X/1+D/H9Wrfz/5dUc/w3I/69v/kL+nyIqWv4/9v0vDzWpSP8PAAAAVRD7/ptDTfT/AAAAUBqx778l1ET/DwAAAKUR+/6NoSYV6f/l/1eU/0+ZK/n/1vHL/7dy/f8wH+T/5f/XgPx/d/L/Pcj/u/5/f+X/W8j/U0RFy//Hvv8VoSYV6f8BAACgCmLf/8pQE/0/AAAAFM/QtT0s9v2vCjVZ0P9f4woAAACAGy72/bdmbUHwivz+X/7f9f/l/+X/5f87r3/p+f/BTP6/OOT/u5P/70H+X/5f/l/+n1VVtPx/3vdno9mrQ00q0v8DAABAFcS+/7ZQE/0/AAAAlEbs+/9fqIn+HwAAAEoj9v2bQk0q0v/L/5cm//+L5pdO/l/+v9v65f9d/7/M5P+7k//vQf5f/l/+X/6fVVW0/H/s+28PNalI/w8AAABVEPv+O0JN9P8AAABQGrHv//+hJvp/AAAAKI3Y928ONalI/y//X/D8f0yOuv6//L/8fyHz/6Py/4Uj/9+d/H8P8v/y//L/8v+sqqLl/2Pf/5pQk4r0/wAAAFAFse9/baiJ/h8AAABKI/b9rws10f8DAABAacS+fyzUpCL9/3Ly/7XL8v+Luc7X/x9ZwvX/W8j/y/93W7/8v+v/l5n8f3fy/z3I/8v/y//L/7Oqipb/j33/llCTivT/AAAAUAWx798aaqL/BwAAgNKIff+doSb6fwAAACiN2PdvCzWpSP/v+v99kf/P5P/l/+X/5f/l/5dG/r87+f8e5P/l/+X/5f9ZVUXL/8e+//WhJhXp/wEAAKAKYt+/PdRE/w8AAAClEfv+N4Sa6P8BAACgNGLfvyPUpCL9v/y//L/8f1/k/+9fn8n/y//L/y+F/H938v89yP/L/8v/y/+zqoqW/499/xtDTSrS/wMAAEAVxL5/Z6iJ/h8AAABKI/b9d4Wa6P8BAACgNGLfPx5qUpH+X/5f/l/+vy/y/67/L/8v/79E8v/dyf/3IP8v/y//L//Pqipa/j/2/XeHmlSk/wcAAIAqiH3/PaEm+n8AAAAojdj3T4Sa6P8BAACgNGLfPxlqUpH+X/5f/l/+X/5/Wfn/180/r/x/w3XN/z8g/79c8v/dyf/3IP8v/3/D8//D8v+UStHy/7Hv3xVqUpH+HwAAAKog9v27Q030/wAAAFAase/fE2qi/wcAAIDSiH3/3lCTivT/8v/y//L/8v+u/995/YXI/7v+/7LJ/3e3+vn/uIlFyf+vk/9fgRudn+/38bv+v/w/CxUt/x/7/ntDTSrS/wMAAEAVxL5/X6iJ/h8AAABKI/b9+0NN9P8AAABQGrHvPxBqUpH+X/5f/l/+X/5f/r/z+uX/+5P8f3eu/9+D/L/8fx/n/+tzS/6foila/j/2/QdDTSrS/wMAAEAVxL7/TaEm+n8AAAAojdj3/1qoif4fAAAASiP2/b8ealKR/l/+X/5f/l/+v+j5/xH5f/n/ZZD/707+vwf5f/n/Ps7/u/4/RVS0/H/s+w+FmlSk/wcAAIAqiH3/b4Sa6P8BAACgNGLf/+ZQE/0/AAAAlEbs+w+HmlSk/5f/X6P8f7xR/l/+X/7f9f/l/68r+f/u5P97kP+X/5f/l/9nVRUt/x/7/reEmlSk/wcAAIAqiH3/faEm+n8AAAAojdj33x9qov8HAACA0oh9/wOhJhXp/+X/++z6/6NlzP8Pt4xd/n/+cfL/DfL/8v/LIf/fnfx/D/L/8v/y//L/rKqi5f9j3//WUJOK9P8AAABQBbHvf1uoif4fAAAASiP2/W8PNdH/AwAAQGnEvv8doSYV6f/l//ss/+/6//L/8v/y//L/Xcn/dyf/34P8v/y//L/8P6uqaPn/2Pf/ZqhJRfp/AAAAqILY9z8YaqL/BwAAgNKIff87Q030/wAAAFAase9/V6hJRfp/+X/5f/l/+X/5/87rl//vT/L/3fVZ/v9XN4fb5f8b5P+LPf7l5v+H2r6+Lvn/Hy2W/59b1/54+X+uh6Ll/2Pf/+5Qk4r0/wAAAFAFse9/T6iJ/h8AAABKI/b97w010f8DAABAacS+/7dCTSrS/8v/18cxn16W/5f/z2+Q/19O/n9I/l/+v0jk/7vrs/y/6/+3kf8v9vhd/1/+n4WKlv+Pff/7Qk0q0v8DAABAFcS+/6FQE/0/AAAAlEbs+98faqL/BwAAgNKIff8HQk0q0v/L/7v+v/y//L/r/3dev/x/f5L/707+vwf5f/n/ouX//1P+n/5WtPx/7PsfDjWpSP8PAAAAVRD7/g+Gmuj/AQAAoDRi3//boSb6fwAAACiN2Pd/KNSkIv2//H+/5P/H5P+Xmf8fCbfJ/8v/y/9Xi/x/d/L/Pcj/y/8XLf/v+v/0uaLl/2Pf/+FQk6X3/6NLXhIAAAC4IWLf/zuhJs39f/svowAAAIC+Evv+3w01qcj//wcAAIAqiH3/74WaVKT/l//vl/y/6/9nrv8v/9+2PfL/8v+drF3+P5555P/l/+X/I/l/+X/5f9oVLf8f+/7fDzWpSP8PAAAAVRD7/o+EGvhMPwAAAOgTnf5PdrvY9x8JNfH7fwAAACiN2PcfDTWpSP8v/y//L/9f0Pz/X2z9lx987z1Hd8n/t+T/L8v/y//3sKbX/68f/K7/L/8v/5/I/8v/y//Trmj5/9j3Hws1mW/83iUMAAAAAP0t9v1/EGpSkd//AwAAQBXEvv94qIn+HwAAAEoj9v1ToSYV6f/l/+X/5f8Lmv/v4+v/x/3RT9f/H1/XR/n/eNKV/+9oTfP/H5zPicv/Lzf/P9Lx1vb8f03+v4X8/7LH/90sy+T/5f+5gYqW/499/3SoSUX6fwAAAKiC0PcPnGjU+Tv0/wAAAFAase8/GWqi/wcAAIDSiH3/R0NNKtL/y//L/8v/y//30/X/M9f/d/3/HuT/uytO/r8z1/+X/+/n8cv/y/+zUNHy/7Hvnwk1qUj/DwAAAFUQ+/6PhZro/wEAAKA0Yt//8VAT/T8AAACURuz7T4WaVKT/l/+X/5f/l/+X/++8fvn//iT/3538fw/y//L/8v/y/6yqouX/Y99/OtTk/9i7kydLyyqP4zfpJKgKNr3rRS+69/0nsGjW3X+ACyIMFxphuAAV54nCecR5HnAWBxxAESecJ3BCcRYV53nAGTXKgDrnVGXmm+/NrLqZ+dzn+XwWHkhI7y2tgPpV1rfeQfY/AAAAjCB3/6Vxi/0PAAAA3cjdf1ncYv8DAABAN3L3PzBuGWT/6//1/932//+r/9/t9fX/+v+e6f/n6f+X0P/r//X/+n9WqrX+P3f/g+KWQfY/AAAAjCB3/4PjFvsfAAAAupG7//K4xf4HAACAbuTuf0jcMsj+39b/byzG7P8z49X/99T/e/7/rq+v/9f/9+xw+/8r7/4nn/5f/6//D/p//b/+n+1a6/9z9z80bhlk/wMAAMAIcvc/LG6x/wEAAKAbufsfHrfY/wAAANCN3P2PiFsG2f+e/+/5//p//b/+f/r19f/ryfP/543U/19+24WX3nnDf964n9fX/+v/9f/6f1artf4/d/8j45ZB9j8AAACMIHf/o+IW+x8AAAC6kbv/0XGL/Q8AAABr6PjkR3P3PyZuGWT/6//1//r/6P+P6f/1//r/Huj/543U/5/N6+v/9f/6f/0/q9Va/5+7/7FxyyD7HwAAAEaQu/9xcYv9DwAAAO2a+oXYM3L3XxG32P8AAADQjdz9J+KWQfa//v/g+/9/6v/Xo//3/H/9v/6/C/r/efr/JfT/+n/9v/6flWqt/8/df2XcMsj+BwAAgBHk7n983GL/AwAAQDdy9z8hbrH/AQAAoBu5+58Ytwyy//X/nv+v/9f/6/+nX1//v570//P0/0vo/8+1nz9f/6//1/9zpn32/3fN/GN7Jf1/7v4nxS2D7H8AAAAYQe7+J8ct9j8AAAB0I3f/U+IW+x8AAAC6kbv/qXHLIPtf/6//1/+33P9vLpru/3d+17uH/n+a/v9w6P/nNdP/b2xOflj/v/b9v+f/6//1/2zR2vP/c/c/LW4ZZP8DAADACHL3Pz1umdn/+/7JfAAAAOBI5e5/Rtzi6/8AAACw9rI6y93/zLhlkP2v/9f/6/9b7v89/3/RaP9/4xnvT//fFv3/vGb6/13o//X/6/z+9f/6f3Zqrf/P3f+suGWQ/Q8AAAAjyN1/Vdxi/wMAAEA3cvc/O26x/wEAAKAbufufE7cMsv+n+//Tf13/vzf6/63vX/8//f1jVf1//jfq/2f7/4s9/39M+v95+v8l9P/6f/3/bv3/8WWfr/9nSmv9f+7+58Ytg+x/AAAAGEHu/ufFLfY/AAAAdCN3//PjFvsfAAAAupG7/wVxyyD73/P/9f/6//Xr/z3//5SjfP7/4tD7/039/x7p/+fp/5fQ/+v/9f/zz/+f+V0A9P9Maa3/z93/wrhlkP0PAAAAI8jd/6K4xf4HAACA9XDmrx3Y/gtKQ+7+F8ct9j8AAAB0I3f/S+KWfvb/7LM69f/6f/2//l//P/36bfX/nv+/V/r/efr/JfT/B9HPb3bW/1+92+e30P9fcdD9/wz9P1O29P83nf74UfX/uftfGrf0s/8BAABgeLn7Xxa32P8AAADQjdz9L49b7H8AAADoRu7+V8Qtg+z/A+//Z373Af2//l//r//X/+v/V03/P0//v4T+3/P/Pf9f/89Kben/z3BU/X/u/lfGLYPsfwAAABhB7v5XxS32PwAAAHQjd//VcYv9DwAAAN3I3f/quGWQ/e/5//p//b/+X/8//fr6//V0Tv39efr/ov/X/+v/9f/6f1agtf4/d/9r4pZB9j8AAACMIHf/a+MW+x8AAAC6kbv/dXGL/Q8AAADdyN3/+rhlkP2v/z/Y/j8/rv/X/y/0//p//f+hGPb5/xtT/ybaaZf+/5b7n/j/rR/R/+v/9f/6f/0/e/TvM3+tif7/5OkfXebuf0PcMsj+BwAAgBHk7n9j3GL/AwAAQDdy978pbrH/AQAAoBu5+6+JW/a5/+eah5bp/z3/X/+v/9f/T7++/n89Ddv/75Hn/y+h/9f/6//1/6xUE/3/GX+eu//NcYuv/wMAAEA3cve/JW6x/wEAAKAbufvfGrfY/wAAANCN3P1vi1sG2f/6f/2//l//r/+ffn39/3rS/8/T/y+xTv3/NefQ/29Of/io+/lzddTvX/+v/2en1vr/3P3Xxi2D7H8AAAAYQe7+t8ct9j8AAAB0I3f/O+IW+x8AAAC6kbv/nXHLIPtf/6//1//r//X/06+v/19P+v95+v/FYnHdzBuY6v9PXtBm/+/5/829f/2//p+dWuv/c/e/K24ZZP8DAADACHL3Xxe32P8AAADQjdz918ct9j8AAAB0I3f/u+OWQfa//l//r//X/+v/p19f/7+e9P/z9P9LrNPz//X/zb1//b/+n51a6/9z978nbhlk/wMAAMAIcvffELfY/wAAANCN3P3vjVvsfwAAAOhG7v4b45ZB9r/+X/+v/9f/6/+nX1//v54Orv9f6P/1//r/JfT/+n/9P9u11v/n7n9f3DLI/gcAAIAR5O5/f9xi/wMAAEA3cvd/IG6x/wEAAKAbufs/GLcMsv/1//p//b/+v8/+/wL9/6A8/3+e/n8J/b/+X/+v/2elpvv/K46s/8/d/6G4ZZD9DwAAACPI3X9T3GL/AwAAQDdy9384brH/AQAAoBu5+z8Stwyy//X/+v+t/f9iof/X//fR/6/F8/+PLfT/K6f/n6f/X0L/32f/f96io/7/+K6fr/+nRa09/z93/0fjlkH2PwAAAIwgd//H4hb7HwAAALqRu//jcYv9DwAAAN3I3f+JuGWQ/a//1/97/r/+X/8//fqe/7+e9P/z9P9L6P/77P89/1//z5Fprf/P3f/JuGWQ/Q8AAAAjyN3/qbjF/gcAAIBu5O7/dNxi/wMAAEA3cvd/Jm4ZZP/r//X/+n/9v/5/+vX1/+tJ/z9P/7+E/l//r//X/7NSrfX/ufs/G7fsOvy2/8gUAAAAaF3u/pvjlkG+/g8AAAAjyN1/S9xi/wMAAEA3cvd/Lm4ZZP/r//X/+v/17P+P6f/1//r/Sa30/xdd9H+36v/1//p//b/+X/8/utb6/9z9n49bBtn/AAAAMILc/V+IW+x/AAAA6Ebu/i/GLfY/AAAAdCN3/5filkH2/87+//zFqUL1lKn+Pxo1/f8Z9P9b37/+f/r7h+f/6//1/wevlf7f8//P7v3r//X/6/z+99X///fOz9f/06PW+v/c/bfGLYPsfwAAABhB7v4vxy32PwAAAHQjd/9X4hb7HwAAALqRu/+2uGWQ/e/5//p//b/+X/8//fr6//Wk/5+n/19C/6//9/z/y+77b/p/Vqe1/j93/1fjlkH2PwAAAIwgd//X4hb7HwAAALqRu//rcYv9DwAAAN3I3f+NuGWQ/a//1//r//X/+v/p19f/ryf9/zz9f9n+TTtlnP7/2NQHj7qfP1dH/f676f89/58Vaq3/z93/zbhlkP0PAAAAI8jd/624xf4HAACAbuTu/3bcYv8DAABAN3L3fyduGWT/6//1//33//fR/297ff2//r9n+v/8N/o0/f8S4/T/k466n1/396//1/+zU2v9f+7+2+OWQfY/AAAAjCB3/3fjFvsfAAAAupG7/3txi/0PAAAA3cjd//24ZZD9r/8fq//fWIzY/3v+v/5f/z8S/f88/f8S+n/9v/5f/89Ktdb/5+6/Y2NzyP0PAAAA6+pe//OA2/f6995xz38eW/wgbrl4cXKPX8YGAAAAGnf37t/YXCx+eM+f+fo/AAAA9Ch3/4/ilkH2v/5/rP5/fZ//f5P+X/+v/9f/74n+f57+fwn9v/5f/6//Z6Va6/9z9/84bjlj+G3u+1sJAAAAtCR3/0/ilkG+/g8AAAAjyN3/07hlx/732wECAADAusrd/7O4ZZCv/+v/G+//FwfU/8fftz79v+f/6//1//r/vdH/zzvH/v/khv5f/z9D/6//1/+zXWv9f+7+n8ctg+x/AAAA6NSWn1HI3f+LuMX+BwAAgG7k7v9l3GL/AwAAQDdy9/8qbhlk/+v/D73/z1T9AJ//f7z+qJ/n/+v/z6r/v+rY5Ovr//X/PdP/z/P8/yX0/730/xfo//X/tKG1/j93/6/jlvnhd+/5byUAAADQktz9v4lbBvn6PwAAAIwgd/9v4xb7HwAAALqRu/93ccsg+1//3/jz/8+q/9/D8//1/2P0/7u8fj/9/39ceOLmS+53/bX6f047zP4/vy/o//X/+v9TGur/j+T93/3/j/5f/89Wq+//N7d8cL/9f+7+38ctg+x/AAAAGEHu/jvjFvsfAAAAupG7/w9xi/0PAAAA3cjd/8e4ZZD9r//X/7fS/+f/1kfQ/5846/7/+GKxOJL+P5vi0ft/z//X/+/k+f/z9P9L6P/1/57/r/9npVbf/2/94H77/9z9f4pbBtn/AAAAMILc/X+OW3L/b+z7p+4BAACAxuTu/0vc4uv/AAAA0I3c/X+NWwbZ//p//X8r/X/y/P/Tn9fX8/8vqTh1zP7/v+qP9P8H6zD6//zRgv5f/6//30r/r//X/7PdAfX/+cOwfff/ufv/FrcMsv8BAABgBLn774pb7H8AAADoRu7+v8ct9j8AAAB0I3f/P+KWQfa//r/X/j+LeP2//r+V/t/z/z3//3B4/v88/f8S+n/9v/5f/89Ktfb8/9z9/woAAP//j2p0PQ==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 2m47.932891057s ago: executing program 1 (id=1567): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}]}}}]}, 0x40}}, 0x0) 2m44.586116928s ago: executing program 1 (id=1599): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000300)={0x3, 0x1, 0x246, 0x7ffffff7ffffffff, 0x4, 0xffffffffffffffff, 0xfffffffffffffff9, 0xdd, 0x3}) 2m43.849518617s ago: executing program 32 (id=1599): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000300)={0x3, 0x1, 0x246, 0x7ffffff7ffffffff, 0x4, 0xffffffffffffffff, 0xfffffffffffffff9, 0xdd, 0x3}) 55.754378258s ago: executing program 5 (id=2894): r0 = socket$igmp6(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0xa38}, {0xa, 0xfffe, 0xfffffffe, @dev, 0x4}, 0x1000, {[0x9, 0x8000, 0xfffffffe, 0xfc5, 0x0, 0x2d30, 0x2, 0x20]}}, 0x5c) 55.675569666s ago: executing program 5 (id=2895): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140), 0x1, 0x25f, &(0x7f0000000b00)="$eJzs3U1oHGUYB/Bn9oOYZJGoF0FQQUQkEOJN8BIvCgEJ4kFQISLiRUkETfC268mLF88iOXkJpbemPZZeQi8thZ7SNof00tKGHhoK/YAp+xXSdttsupuZNvP7wWZmknfmeQfm/74T2GECKKyJiJiJiHJETEZENSKSvQ3ebX8mOpsro+vzEWn61a2k1a693dbdbzwiGhHxcUScKSXxcyViee3brTsbn3/w91L1/f/XvhnN9CQ7trc2v9j5b+6vE7MfLZ+/eGMuiZmoPXJew5f0+F0liXj9MIq9IJJK3j2gH1/+cfxSM/dvRMR7rfzfTdsiHuyu9ZLW/7l54a2s+wsMV5pWm3NgIwUKpxQRtc5Nams9SqWpqfY9/OXyWOmXxd9+n/xpcWnhx7xHKmBYahGbn50aOTneWk9KU538Xyu38w8cVfXOcvVK8+dOOd/eAMO0f6Cb8//k9/UPQ/6hcA6U/1ey6ROQjU7+W8l+LP/X8+oTkI0Dzf9P+xoA8FLy/z8U1zPzX82nT0A2zP9QXPIPxSX/UFzyD8W1N/8AQLGkI30+KNzo7gAcFTkPPwAAAAAAAAAAAAAAAAAAQA8ro+vz3U9WNc/+G7H9aURUetUvt95H3H352NjtpNlsV9LebSDfvTPgAQZ0LOenr1+9mm/9c2/nW7++ENH4MyKmK5Unr7+kc/09v9f2+Xv1hwELDOiTrw/ryLW+Wt1fPaz6/ZndiDjdHH+me40/pXiztew9/tSG8JqEX+8NeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy8zAAAP//JS12Fg==") mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) 55.264493018s ago: executing program 5 (id=2900): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000"], 0x1, 0x1af, &(0x7f0000000480)="$eJzsmD9P20AYxp+z86euqqZru7RSIzUd6thOWzVDh8wdigQCsREREwUcghIPSTY+BTMfI2LJ94ABmBgIGxPDobPP8RFBEhBJkHh/w+vn7Nd37705PZEMgiBeLedn16casobQ75BFWt6/0OMcTcnvZW6+H9f+Hx1YVye9/r/i6HwMAOfTr58A0C/p8OWY87tvZ+V1BVqkk+rzNTCYUm9Aw6rULhjWpd5WdEPkm+ZWzXPNzYZXEcISwRbBEaEwWt9gn6ESyqBEpjxvdbo7Zc9zmzMUk/o3KGn4q/RP/b2i3lhx/2BDgy11AQzLUv9BOupN2BJl/58S8fz60/YvTtLsmzWFeC9rn8+iHzMTcpJYaDfmL8RRegFljBVvIh959OsMQlwawOJ3sUgR+xM/ZPim+FNC8Y+8X9/LtzrdH7V6uepW3V3HKfy2flrWLycfGFEYx/ifEfjTW2X+5AO5KZZCu+z7TTuMw7HTTsNvOvc5birwPw25r2HVTN5TCf4PPrAv4pLT5ZggCIIgCIIgCIIgCIIgCOLZ+QwWfAXl3OBDiuAjOEtB9m0AAAD//5oGYhw=") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0) 54.617765847s ago: executing program 5 (id=2906): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000280), 0x1, 0x1f7, &(0x7f00000004c0)="$eJzskr9rFEEUxz9zu0lWMeSQU1EEUYOJRXJ7Gz1/FFoa1EoiJAeCx90ZDy/+yB7oHSkuIASx1MJYWAhyIlb+A15hlU5B7GIgdYoUNpK4MrOzm8lfkGY+xX73zbz3Zt6bdz98Eg4A25sLFcgiccnxXQhc4IRQS1SdWD2tN7X26/1rmVh7Wv9q3b7Qni6BqJ9aLWZ6R6onRZYDuT8ra1QYusOldzc+/7hVf/3z4MaHr9L/+u3WF8RIdei9vNXyoEq/OFPSeSKZx+kdf+vJRMCrrenVNfcoOSPXIe/f4ZXn3U/FF795M0DK+Lex5Sv+4Et1NTFTClvtB+VGozYfXl3MsKGO+rW5UJE/d4EoiiJVOzAJmD6y/I+GzzEXpgCHKPWR/ZPGCJBvzj3Oh632WH2uPFubrT0Mgomif873zwf5e/VGzY+/wjhCdxCpZwFZyT5jvw/YSmrrsAthXE2yH4QZ22883ejp3bEZIzZRQS+NTToqWzDFGTzgaUfsrIo4i4sqaRKBo42Ca9xPKC9PbYxXHjWqSwhEEtbFTXMU1ulLjcA0Ji6mhS9pHY7nUr2YpAvIVq1rO5noZFJdlSGj53m0I2OflZvN+YJsUvyXrgXpWpDtyOdIGBaQdXaKk1x2kl3zKSwWi8VisVgsFotlb/gfAAD//+bVoRg=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) 54.046561137s ago: executing program 5 (id=2916): openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000180)='syzkaller\x00', 0x1}, 0x94) 52.211548942s ago: executing program 5 (id=2945): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x43, 0x7fff0000}]}) getegid() 51.747376763s ago: executing program 33 (id=2945): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x43, 0x7fff0000}]}) getegid() 4.533633609s ago: executing program 2 (id=3462): openat$comedi(0xffffffffffffff9c, 0x0, 0x8000, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000050000000000000000000a88000000000a010100000000000000000a00000008000240000000010c00044000000000000000030c00044000000000000000031f0006006cdcbf1cfe826d48bf25307caf3c613751de9e05155995167f1ba4000c00044000000000000000020900010073797a3100090000040006000900010073797a31000000000900010073797a30000000002c000000030a010300000000000000000a0000000900030073797a31000000000900010073797a300000000028000000000a010400000000000000000a0000000900010073797a3000000000080002"], 0x104}}, 0x0) 4.475089534s ago: executing program 3 (id=3463): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0xd, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x22}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 4.308895523s ago: executing program 2 (id=3465): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") open(0x0, 0x0, 0x0) llistxattr(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) 4.054020353s ago: executing program 3 (id=3467): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x31000000, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x15\x00'}]}, 0x1c}}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000240), r0) 3.916938585s ago: executing program 2 (id=3468): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x80c002, &(0x7f00000009c0)={[{@errors_remount}, {@grpquota}]}, 0x2, 0x517, &(0x7f0000000140)="$eJzs3U9vI2cZAPBnJvGS7aYkpRxKpZaKFu1WsPamgTbi0BYJcasEKvclSrwhihNHsdNuQoVS8QGQEIJKnDhxQeIDIKHyDapKK8EdAQIh2MIBIWDQ2OPdxBpvEjW2I/v3k8bzzuuZeZ53HI/nX2YCmFrPRcTrETETES9GxEJRnxZdHHW7fLyP7r+zlnfxQRJv/i2JpKiLTumha8Vkc91eqdbB4dZqo1HfK4Zr7e3dWuvg8Obm9upGfaO+s7y89PLKKysxd2vQLL5znnbm7Xr1a3/68Q9+/vVXf/3Ft39/+y83vpdnPV+8323Ho6UnhmbOFLe7ZCr5ssjd+3dRv3ee5C+xpFi2lXEnAgDAmTwZEZ+KiM91tv8XYiZme2/ZpAMAAIAJkb02H/9JIjIAAABgYr3WuQY2SavF9a3zkabVavca3k/HY2mj2Wp/4U5zf2e9e63sYlTSO5uN+q3ius/FqCT58FKn/HD4pb7h5Yh4IiJ+tHC1M1xdazbWx33wAwAAAKbEtb79/38udPf/AQAAgAmzOO4EAAAAgKEbtP+fjDgPAAAAYHic/wcAAICJ9o033si7rPf86/W3Dva3mm/dXK+3tqrb+2vVtebebnWj2dzo3LNv+7T5NZrN3S/Fzv7dWrveatdaB4e3t5v7O+3bm71HYAMAAACj9sRn3/9dEhFHX7na6XJX8peZARO4VgAmRnqekf84vDyA0Rv0Mw9MvtlxJwCMz1Gxvw9MrRO3+ijZKDh+8c6JYwYfDC8nAADgYl3/TPn5/3wXoDLu5IChOtf5f2CiOP8P06vs/P9vBo/+4TBzAUarYgsApt5pj/oYePOOM5//z7JT5wUAAAzVfL7tfxRRLc4FzkeaVqsRj3f+1b+S3Nls1G9FxCcj4rcLlU/kw0udKROPBwQAAAAAAAAAAAAAAAAAAAAAAACAM8qyJDIAAABgokWkf06K539dX3hhvv/4wJXkXwudfkS8/dM3f3J3td3eW8rr//6gvv1eUf/SOI5gAAAAwNSb7a/o7af39uMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CJ9dP+dtV43yrh//WpELJbFn425Tn8uKhHx2D+SmD02XRIRMxcQ/+jdiHiqLH6SpxWLRRb98dOIuDqa+M9kWZZGSfxrFxAfptn7+frn9bLvXxrPdfrl3//Zovu4Bq//0gfrv5kB67/Hzxjj6Xu/rA2M/27E07Pl659e/GRA/OfLZliyUL79rcPDQfGzn0VcL/39SU7EqrW3d2utg8Obm9urG/WN+s7y8tLLK6+sfHnlVu3OZqNevJbG+OEzv/pfX9V/s65O+2NA/MVT2v9CXqgcb0x/mCLYvbv3n+wWK32z6MS/8Xz55//UI+LnfxOfL34H8vev98pH3fJxz/7iw2dLEyvirw9o/2mf/41BM+3z4je//4czjgoAjEDr4HBrtdGo7w298F6WZaOKdWkK2eVI41IU5i5HGgqnFy7iyBYAAHDZPNzoP8dE3x1iQgAAAAAAAAAAAAAAAAAAADCFWgeRDrwN2JWLuZ1Yf8yj8TQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/h8AAP//oszk1w==") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) quotactl_fd$Q_GETFMT(r0, 0xffffffff80000402, 0x0, 0x0) 3.785774225s ago: executing program 3 (id=3470): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSMRU1(r0, 0x40047452, &(0x7f0000000080)=0x3) 2.43296418s ago: executing program 2 (id=3477): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) unshare(0x22020600) getsockopt$inet6_tcp_int(r0, 0x6, 0x2b, &(0x7f0000000c00), &(0x7f0000002000)=0x2) 2.221991992s ago: executing program 6 (id=3479): r0 = socket(0x2, 0x80805, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000240)={0x84, @rand_addr=0x64010102, 0x4e20, 0x3, 'lblcr\x00', 0x1, 0xa7e, 0x70}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4f21, 0x3, 'dh\x00', 0x5, 0x8, 0x10}, {@empty, 0x4e20, 0x10048, 0xcd, 0x48}}, 0x44) 1.940338222s ago: executing program 2 (id=3482): r0 = syz_open_dev$usbmon(&(0x7f0000001b00), 0x882c, 0x100) syz_usb_connect(0x0, 0x3f3, &(0x7f0000000780)=ANY=[@ANYBLOB="1201000389bc2a40560803bc29430102030109"], 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000001b80)={0x0, 0x0, 0x8}) 1.712547892s ago: executing program 6 (id=3484): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) sendmsg$nl_route(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=@ipv6_getroute={0x30, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_GATEWAY={0x14, 0x1d, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x30}}, 0x0) 1.707857325s ago: executing program 3 (id=3485): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setsig(0x4203, r0, 0x0, &(0x7f0000000300)={0x20, 0x7, 0x6}) 1.402765539s ago: executing program 0 (id=3488): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000140)={0x48, 0xc, r1, 0x0, 0xfffffffffffffffc, 0x1541}) 1.375798418s ago: executing program 3 (id=3489): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000080)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x4a7, @mcast2, 0x202}, {0xa, 0x4f24, 0x7ffc, @dev={0xfe, 0x80, '\x00', 0x40}, 0x8}, r1, 0x7}}, 0x48) 1.332941142s ago: executing program 6 (id=3490): sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40041}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001a00910c07a551559a257aac81"], 0xfe33) 1.235262415s ago: executing program 4 (id=3491): mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x0) mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 1.150777656s ago: executing program 6 (id=3492): r0 = socket$inet(0x2, 0x3, 0x6) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000380)={'syztnl2\x00', 0x0, 0x2100, 0x80, 0x3, 0x0, {{0x5, 0x4, 0x0, 0x9, 0x14, 0x65, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x5, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000000)={'tunl0\x00', r1, 0x20, 0x40, 0xb0, 0x6, {{0x5, 0x4, 0x2, 0x6, 0x14, 0x5f, 0x0, 0xf9, 0x2f, 0x0, @private=0xa0100fd, @rand_addr=0x64010100}}}}) 991.951515ms ago: executing program 4 (id=3493): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0) 942.329497ms ago: executing program 3 (id=3494): r0 = syz_usbip_server_init(0x1) syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d01011000000009"], 0x0) write$usbip_server(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000300000001"], 0x35) 916.982202ms ago: executing program 4 (id=3495): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_FLUSH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20008840) 761.830652ms ago: executing program 0 (id=3496): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000200)={[{@fat=@time_offset={'time_offset', 0x3d, 0x27}}, {}, {@fat=@check_normal}, {@nodots}, {@nodots}, {@fat=@flush}, {@nodots}, {@dots}, {@nodots}]}, 0x1, 0x167, &(0x7f0000000380)="$eJzs2zHL00AYB/Cnvn1r1KWzOARcnIr6CRSpIAYUpYNOCtWllYJdoov9KH5BQTp1O9FoW2OrdaiR9Pdb8nD/O7gbLscF8uLam8l4Nn89e7yMrNOJ7p3IY9WJflyIs6gsAgBok1VK8TmllC4u4tLHSCn90uVDIxMDAI7mgPMfAGgZ5z8AnB7nPwCcnqfPnj+8WxTDJ3meRXxalKNyVD2r/P6DYngz/6a/GbUsy9HZOr9V5fnP+Xlc/p7f3pn34sb1Kv+a3XtU1PIrMT7+8gEAAOAkDPK1nff7wWBfXlVb3wdq9/duXO3+s2UAAH9h/u795OV0+urtj6IX9ZYdRcSf+7Sl6EXEVst5RPwfE1M0UGQRh2yQFhRNv5mAY9ts+qZnAgAAAAAAAAAAAAAA7HPw/0DZ7zuv0v7hTa8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6r4EAAD//7v8SxQ=") open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 635.781395ms ago: executing program 4 (id=3497): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='task\x00') r1 = openat(r0, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r1, &(0x7f0000000000)=""/28, 0x1c) 634.421923ms ago: executing program 0 (id=3498): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000140)={0x34, r1, 0x301, 0x0, 0x0, {0x4e}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) 521.151246ms ago: executing program 6 (id=3499): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000140)=0x7, 0x4) sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4048044) 372.936496ms ago: executing program 0 (id=3500): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, '\x00', 0x30}, 0x3}], 0x1c) 364.336127ms ago: executing program 4 (id=3501): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000100)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@jqfmt_vfsv0}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}, {@noload}, {@grpjquota_path={'grpjquota', 0x3d, '.\x02'}}, {@noblock_validity}, {@resgid}, {@nobarrier}, {@errors_continue}]}, 0xfa, 0x491, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvTLulgNiK+AMEqaKR+KOl5YccvGg04aCJiR4wnmpbSKVQQ2sihGj1gEdD4p149S8wnvRi1IsmXvVuSIjhAuJlzezM0NLutlu6ZQv7+SS7fW/mte99Z+btvJk33QA61kD2lkQ8EBF/RkRfnr29wED+48a1C2P/XrswlkS1+s4/Sa3c9WsXxsqi5e9tzTPVapHfVKfei+9HjE5NTZwt8kOzpz8amjl3/qXJ06MnJ05OnBk5evTQwT09R0YOtyTOLK7ruz6d3r3z2HuX3ho7fumDX5I08rhjURytMpBv3bqebXVlbbZtQTrpzt57i9ze3+bX1DsSaKeuiMh2V6XW//uiKzbfWtcXb3zR1sYB66parVaX+VSeqwL3sSTa3QKgPcoTfXb9W77u0tBjQ7j6an4BlMV9o3jla7ojzRN7K4uub1tpICKOz928nL1ine5DAAAs9EM2/nmx3vgvjUfzRE/29mAxh9IfEQ9FxPaIeDgidkTEIxG1so9FxOOrrH/xDMnS8U965Y6Da0I2/nulmNu6ffyXlkX6u4rctlr8leTE5NTEgWKb7I/KphOTycTwMnX8+PofXzVaVxv/lYPxuZuXs/rLsWDRjivdi27QjY/Ojq4l5oWufh6xq7te/EltXiCKeb2dEbHrDuuYfL674bqF49/jdeNfRuM/27TqNxHP5ft/LhbFX0oazk8Ov3xk5PBQb0xNHBgqj4qlfv394tuN6l9T/C2Q7f8tdY//W/H3J70RM+fOn6rN186svo6Lf33Z8Jpm5fhvO/6PbSuO/57k3dqCnmLFJ6Ozs2eHI3qSN5cuH5n/a2W+LJ/Fv39f/f6/Pea3xBMRsTsi9kTEk9lFYdH2pyLi6YjYt0z8P7/2zIerj7/+XfnKMvXciSz+8ZX2fyzc/6tPdJ366fuV4++NiEb7/1Attb9Y0sznX7MNXMu2AwAAgHtF/gx8kg7Op5PBwfwZ/h2xJZ2anpl94cT0x2fG82fl+6OSlne6+hbcDx0u7g2X+ZFF+YPFfeOvuzbX8oNj01Pj7Q4eOtzWJf0/TbP+n/m7q92tA9ZdC+bRgHuU/g+dS/+HzpSs2P9b/cgRsJE4/0Pnqtf/P2tYevC7dW0McFc5/0PnaqL/z+U/Go8KgHuT8z90Lv0fOlLD/41P1/Qv/y1N7Pk2b+tyZf4rvkJlo7T5/k9EuiGacf8nupv+MotGicrSvlzty/tUtmRT3d9q68cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAy/wfAAD//3gk5XA=") chdir(&(0x7f0000000400)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x399446c, 0x0, 0x1, 0x0, &(0x7f0000000080)) 344.78221ms ago: executing program 6 (id=3502): r0 = socket$pptp(0x18, 0x1, 0x2) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e) 344.489388ms ago: executing program 0 (id=3503): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) read$sequencer(r0, &(0x7f0000000100)=""/20, 0x14) lseek(r0, 0x7fff, 0x1) 95.924711ms ago: executing program 2 (id=3504): socket$kcm(0x11, 0x3, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000040)={0x24, 0x14, 0x201, 0x2070bd25, 0x25dfdbfb, {0x11}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "256da9ee0a0b310fe9"}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20008010) 94.230032ms ago: executing program 0 (id=3505): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000000c0)={0xfd42, 0x4}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002640)=@gettaction={0x24, 0x5a, 0xc6b747b6bf1c6b95, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0) 0s ago: executing program 4 (id=3506): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000e61a000000180001801400020064756d6d7930"], 0x2c}}, 0x0) kernel console output (not intermixed with test programs): FAT-fs (loop4): Directory bread(block 65) failed [ 278.491741][ T9579] FAT-fs (loop4): Directory bread(block 66) failed [ 278.491761][ T9579] FAT-fs (loop4): Directory bread(block 67) failed [ 278.491979][ T9579] FAT-fs (loop4): Directory bread(block 68) failed [ 278.492001][ T9579] FAT-fs (loop4): Directory bread(block 69) failed [ 278.492093][ T9579] FAT-fs (loop4): Directory bread(block 70) failed [ 278.492114][ T9579] FAT-fs (loop4): Directory bread(block 71) failed [ 278.492205][ T9579] FAT-fs (loop4): Directory bread(block 72) failed [ 278.492227][ T9579] FAT-fs (loop4): Directory bread(block 73) failed [ 278.541004][ T5987] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 278.646234][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 278.712874][ T5987] usb 4-1: Using ep0 maxpacket: 32 [ 278.716379][ T5987] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 278.716409][ T5987] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 278.716431][ T5987] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 278.716512][ T5987] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 278.716536][ T5987] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 278.716561][ T5987] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 278.716587][ T5987] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 278.716610][ T5987] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 278.716634][ T5987] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 278.716679][ T5987] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 278.716703][ T5987] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.881142][ T9589] loop0: detected capacity change from 0 to 1024 [ 278.884294][ T5987] usb 4-1: config 0 descriptor?? [ 279.146888][ T5275] 8021q: adding VLAN 0 to HW filter on device eth1 [ 279.173725][ T5987] usb 4-1: USB disconnect, device number 8 [ 279.208792][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 279.251485][ T5621] __loop_clr_fd(loop4) clearing lo_backing_file (refcnt=0x0) [ 279.617598][ T9608] libceph: resolve '96' (ret=-3): failed [ 280.222030][ T9600] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 280.710764][ T9633] loop0: detected capacity change from 0 to 4096 [ 280.752204][ T9633] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 280.822365][ T9633] ntfs3(loop0): ino=19, mi_enum_attr [ 280.822398][ T9633] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 280.838389][ T9633] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 281.365221][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 281.545041][ T9648] »»»»»»: renamed from bridge_slave_1 (while UP) [ 281.800436][ T9656] loop4: detected capacity change from 0 to 512 [ 281.814314][ T9656] EXT4-fs (loop4): Test dummy encryption mode enabled [ 281.853844][ T9656] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 281.855992][ T9656] EXT4-fs (loop4): Errors on filesystem, clearing orphan list. [ 281.937366][ T9658] loop3: detected capacity change from 0 to 512 [ 281.940000][ T9658] EXT4-fs: Ignoring removed bh option [ 281.940023][ T9658] EXT4-fs: inline encryption not supported [ 281.958374][ T9658] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 281.978252][ T9398] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.978665][ T9398] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.978987][ T9398] bridge_slave_0: entered allmulticast mode [ 282.081411][ T9656] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.106646][ T9398] bridge_slave_0: entered promiscuous mode [ 282.136247][ T9398] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.136655][ T9398] bridge0: port 2(bridge_slave_1) entered disabled state [ 282.136951][ T9398] bridge_slave_1: entered allmulticast mode [ 282.141582][ T9398] bridge_slave_1: entered promiscuous mode [ 282.161395][ T9658] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1148: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 282.282304][ T9658] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1716: bg 0: block 248: padding at end of block bitmap is not set [ 282.282339][ T9658] loop3: lost filesystem error report for type 5 error -117 [ 282.282825][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 282.282845][ C0] EXT4-fs (loop3): last error at time 1778173786: ext4_validate_block_bitmap:441 [ 282.288481][ T9658] Quota error (device loop3): write_blk: dquota write failed [ 282.288725][ T9658] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 282.288890][ T9658] EXT4-fs error (device loop3): ext4_acquire_dquot:7034: comm syz.3.1716: Failed to acquire dquot type 1 [ 282.288948][ T9658] loop3: lost filesystem error report for type 5 error -28 [ 282.419611][ T9656] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 282.421016][ T9658] EXT4-fs (loop3): 1 truncate cleaned up [ 282.447026][ T9658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 282.512098][ T9656] EXT4-fs error (device loop4): __ext4_add_entry:2412: inode #2: comm syz.4.1715: Directory hole found for htree leaf block 0 [ 282.640054][ T5626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 282.693037][ T1375] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-5 [ 282.693106][ T1375] EXT4-fs error (device loop3): ext4_release_dquot:7070: comm kworker/u8:13: Failed to release dquot type 1 [ 282.693130][ T1375] loop3: lost filesystem error report for type 5 error -117 [ 282.701167][ T5621] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.758563][ T5621] __loop_clr_fd(loop4) clearing lo_backing_file (refcnt=0x0) [ 282.848978][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 283.171179][ T9682] loop2: detected capacity change from 0 to 128 [ 283.345743][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.345773][ T9682] FAT-fs (loop2): Filesystem has been set read-only [ 283.431892][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.431930][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.431958][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.431983][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.432008][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.432035][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.432059][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.473396][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.473941][ T9682] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 283.771138][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 284.026360][ T9398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 284.031808][ T9398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 284.155129][ T9699] netlink: 'syz.3.1733': attribute type 39 has an invalid length. [ 284.192966][ T836] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 284.352706][ T836] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 284.352858][ T836] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 284.352882][ T836] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.397469][ T836] usb 3-1: config 0 descriptor?? [ 284.480200][ T9708] loop0: detected capacity change from 0 to 164 [ 284.502838][ T9708] rock: corrupted directory entry. extent=41 out of volume (nzones=41) [ 284.752642][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 284.817968][ T38] audit: type=1326 audit(1778173789.120:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.0.1739" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 284.818034][ T38] audit: type=1326 audit(1778173789.120:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.0.1739" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 284.818698][ T38] audit: type=1326 audit(1778173789.120:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.0.1739" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 284.819397][ T38] audit: type=1326 audit(1778173789.120:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.0.1739" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 284.819452][ T38] audit: type=1326 audit(1778173789.120:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.0.1739" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 284.912685][ T38] audit: type=1326 audit(1778173789.190:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.0.1739" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6a2fb4d60e code=0x7ffc0000 [ 284.995268][ T38] audit: type=1326 audit(1778173789.300:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.0.1739" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 285.016634][ T836] ath6kl: Failed to read usb control message: -71 [ 285.016796][ T836] ath6kl: Unable to read the bmi data from the device: -71 [ 285.016854][ T836] ath6kl: Unable to recv target info: -71 [ 285.080887][ T836] ath6kl: Failed to init ath6kl core: -71 [ 285.081457][ T836] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 285.182971][ T13] hsr_slave_0: left promiscuous mode [ 285.286887][ T836] usb 3-1: USB disconnect, device number 11 [ 285.352676][ T13] hsr_slave_1: left promiscuous mode [ 285.414661][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 285.414824][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 285.468739][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 285.468761][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 285.599025][ T13] veth1_macvtap: left promiscuous mode [ 285.599213][ T13] veth0_macvtap: left promiscuous mode [ 285.599481][ T13] veth1_vlan: left promiscuous mode [ 285.599739][ T13] veth0_vlan: left promiscuous mode [ 285.878925][ T9734] tmpfs: Bad value for 'mpol' [ 286.237068][ T9742] loop2: detected capacity change from 0 to 64 [ 286.381762][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 286.607942][ T9746] loop2: detected capacity change from 0 to 4096 [ 286.635528][ T9746] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 286.737587][ T9746] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 286.768080][ T9746] ntfs3(loop2): mft corrupted [ 286.768184][ T9746] ntfs3(loop2): Failed to load $Extend (-22). [ 286.768204][ T9746] ntfs3(loop2): Failed to initialize $Extend. [ 286.900321][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 287.523981][ T13] team0 (unregistering): Port device team_slave_1 removed [ 287.569061][ T9756] loop2: detected capacity change from 0 to 64 [ 287.645091][ T13] team0 (unregistering): Port device team_slave_0 removed [ 287.903423][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 288.157297][ T9398] team0: Port device team_slave_0 added [ 288.162217][ T9715] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1737'. [ 288.162235][ T9715] veth0_to_bond: default FDB implementation only supports local addresses [ 288.285987][ T5275] 8021q: adding VLAN 0 to HW filter on device eth2 [ 288.349083][ T9398] team0: Port device team_slave_1 added [ 288.465282][ T9768] cgroup: Unknown subsys name 'cpuset' [ 288.695874][ T9765] vti0: entered promiscuous mode [ 288.695902][ T9765] vti0: entered allmulticast mode [ 288.864384][ T9398] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.864423][ T9398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 288.864455][ T9398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.939246][ T9398] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.939259][ T9398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 288.939281][ T9398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 289.359956][ T9791] tmpfs: Bad value for 'mpol' [ 289.471119][ T9398] hsr_slave_0: entered promiscuous mode [ 289.492623][ T9398] hsr_slave_1: entered promiscuous mode [ 289.528530][ T9398] debugfs: 'hsr0' already exists in 'hsr' [ 289.528561][ T9398] Cannot create hsr debugfs directory [ 289.635824][ T9795] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1773'. [ 290.202165][ T9811] loop2: detected capacity change from 0 to 512 [ 290.343739][ T9811] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2810: inode #11: comm syz.2.1778: corrupted xattr block 95: invalid header [ 290.343779][ T9811] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 290.353113][ C0] EXT4-fs (loop2): initial error at time 1778173794: ext4_expand_extra_isize_ea:2810: inode 11 [ 290.353155][ C0] EXT4-fs (loop2): last error at time 1778173794: ext4_expand_extra_isize_ea:2810: inode 11 [ 290.474849][ T9807] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1777'. [ 290.474909][ T9807] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1777'. [ 290.484159][ T9811] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1778: bg 0: block 7: invalid block bitmap [ 290.484255][ T9811] loop2: lost filesystem error report for type 5 error -117 [ 290.527289][ T9817] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1780'. [ 290.527331][ T9817] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1780'. [ 290.581823][ T9811] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 290.581852][ T9811] loop2: lost filesystem error report for type 5 error -117 [ 290.606888][ T9811] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2972: inode #11: comm syz.2.1778: corrupted xattr block 95: invalid header [ 290.606929][ T9811] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 290.608947][ T9811] EXT4-fs warning (device loop2): ext4_evict_inode:287: xattr delete (err -117) [ 290.609019][ T9811] EXT4-fs (loop2): 1 orphan inode deleted [ 290.637411][ T9811] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.266750][ T9832] usb usb7: usbfs: interface 0 claimed by hub while 'syz.4.1786' sets config #2 [ 292.149342][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.324599][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 292.720570][ T9845] affs: No valid root block on device nbd2 [ 292.721466][ T9848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1791'. [ 292.721491][ T9848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1791'. [ 292.721508][ T9848] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1791'. [ 293.102151][ T9858] loop3: detected capacity change from 0 to 256 [ 293.117556][ T5275] 8021q: adding VLAN 0 to HW filter on device eth3 [ 293.280568][ T9858] FAT-fs (loop3): Directory bread(block 64) failed [ 293.280604][ T9858] FAT-fs (loop3): Directory bread(block 65) failed [ 293.280704][ T9858] FAT-fs (loop3): Directory bread(block 66) failed [ 293.280728][ T9858] FAT-fs (loop3): Directory bread(block 67) failed [ 293.280824][ T9858] FAT-fs (loop3): Directory bread(block 68) failed [ 293.280849][ T9858] FAT-fs (loop3): Directory bread(block 69) failed [ 293.280947][ T9858] FAT-fs (loop3): Directory bread(block 70) failed [ 293.280971][ T9858] FAT-fs (loop3): Directory bread(block 71) failed [ 293.281169][ T9858] FAT-fs (loop3): Directory bread(block 72) failed [ 293.281196][ T9858] FAT-fs (loop3): Directory bread(block 73) failed [ 294.048311][ T5803] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 294.302433][ T9398] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 294.399519][ T9398] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 294.400715][ T9398] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 294.617063][ T5805] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 294.695050][ T9398] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 294.711814][ T9398] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 294.781346][ T9398] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 294.782569][ T9398] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 294.800325][ T5805] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 294.800358][ T5805] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.800379][ T5805] usb 5-1: Product: syz [ 294.800395][ T5805] usb 5-1: Manufacturer: syz [ 294.800409][ T5805] usb 5-1: SerialNumber: syz [ 294.845703][ T5805] usb 5-1: config 0 descriptor?? [ 294.971001][ T9398] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 295.072928][ T5805] usb 5-1: ignoring: probably an ADSL modem [ 295.286629][ T5805] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 295.345985][ T5805] usb 5-1: USB disconnect, device number 9 [ 295.792442][ T5275] 8021q: adding VLAN 0 to HW filter on device eth4 [ 296.468729][ T9398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 296.850176][ T9398] 8021q: adding VLAN 0 to HW filter on device team0 [ 296.924492][ T1375] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.924671][ T1375] bridge0: port 1(bridge_slave_0) entered forwarding state [ 297.529690][ T150] bridge0: port 2(bridge_slave_1) entered blocking state [ 297.529859][ T150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 297.631522][ T9973] loop3: detected capacity change from 0 to 512 [ 297.673008][ T9973] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 297.759016][ T9973] EXT4-fs (loop3): orphan cleanup on readonly fs [ 297.800350][ T9973] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.1840: bad orphan inode 15 [ 297.800401][ T9973] loop3: lost filesystem error report for type 5 error -117 [ 297.813024][ C0] EXT4-fs (loop3): initial error at time 1778173802: ext4_orphan_get:1423 [ 297.813064][ C0] EXT4-fs (loop3): last error at time 1778173802: ext4_orphan_get:1423 [ 297.949436][ T9973] ext4_test_bit(bit=14, block=18) = 1 [ 297.949458][ T9973] is_bad_inode(inode)=0 [ 297.949468][ T9973] NEXT_ORPHAN(inode)=1023 [ 297.949478][ T9973] max_ino=32 [ 297.949486][ T9973] i_nlink=0 [ 298.263444][ T9973] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2972: inode #15: comm syz.3.1840: corrupted xattr block 19: e_value size too large [ 298.263484][ T9973] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 298.284282][ T9973] EXT4-fs warning (device loop3): ext4_evict_inode:287: xattr delete (err -117) [ 298.408758][ T9973] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0009-000000000000 ro without journal. Quota mode: none. [ 298.591199][ T5626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 298.811380][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 299.244249][T10010] loop2: detected capacity change from 0 to 2048 [ 299.309724][T10010] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 299.543159][ T5803] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 300.097577][T10040] binder: binder_mmap: 10038 2000004cd000-2000004ce000 bad vm_flags failed -1 [ 300.405635][ T9398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 301.346053][T10081] overlayfs: conflicting options: userxattr,metacopy=on [ 301.894823][T10095] binder: 10093:10095 ioctl c018620c 0 returned -14 [ 302.047986][ T9398] veth0_vlan: entered promiscuous mode [ 302.151999][T10060] loop4: detected capacity change from 0 to 32768 [ 302.172635][ T9398] veth1_vlan: entered promiscuous mode [ 302.271638][ T9398] veth0_macvtap: entered promiscuous mode [ 302.291620][ T9398] veth1_macvtap: entered promiscuous mode [ 302.422342][T10060] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 302.463065][ T5987] usb 1-1: new full-speed USB device number 11 using dummy_hcd [ 302.493913][T10113] loop2: detected capacity change from 0 to 256 [ 302.495176][T10113] exfat: Deprecated parameter 'namecase' [ 302.517007][ T9398] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 302.706285][ T5987] usb 1-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 302.706316][ T5987] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 302.706336][ T5987] usb 1-1: Product: syz [ 302.706350][ T5987] usb 1-1: Manufacturer: syz [ 302.706364][ T5987] usb 1-1: SerialNumber: syz [ 302.754684][ T9398] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 302.806596][T10060] XFS (loop4): Ending clean mount [ 302.858946][ T5987] usb 1-1: config 0 descriptor?? [ 302.887911][T10113] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36df086c, utbl_chksum : 0xe619d30d) [ 302.903181][ T5987] ums-onetouch 1-1:0.0: USB Mass Storage device detected [ 302.920919][ T5621] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 303.166852][ T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.167603][ T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.168335][ T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.169505][ T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.386388][ T5987] usb 1-1: USB disconnect, device number 11 [ 303.519041][ T5807] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 303.610132][ T5803] __loop_clr_fd(loop4) clearing lo_backing_file (refcnt=0x0) [ 304.391505][T10142] syz.4.1906 (10142): drop_caches: 0 [ 304.900376][T10152] dvmrp0: entered allmulticast mode [ 305.358780][ T3452] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.358803][ T3452] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.811230][ T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.811253][ T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 306.082298][T10179] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1923'. [ 306.400105][T10187] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1927'. [ 306.565576][T10162] loop3: detected capacity change from 0 to 32768 [ 306.903666][T10199] IPVS: set_ctl: invalid protocol: 2 0.0.0.0:20002 [ 306.907542][T10201] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1932'. [ 306.907569][T10201] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1932'. [ 306.907587][T10201] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1932'. [ 307.329306][ T5803] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 307.472425][T10218] loop0: detected capacity change from 0 to 256 [ 307.493401][T10220] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1941'. [ 307.518230][T10221] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1943'. [ 307.786712][T10218] FAT-fs (loop0): Directory bread(block 64) failed [ 307.786745][T10218] FAT-fs (loop0): Directory bread(block 65) failed [ 307.786999][T10218] FAT-fs (loop0): Directory bread(block 66) failed [ 307.787026][T10218] FAT-fs (loop0): Directory bread(block 67) failed [ 307.787142][T10218] FAT-fs (loop0): Directory bread(block 68) failed [ 307.787166][T10218] FAT-fs (loop0): Directory bread(block 69) failed [ 307.787270][T10218] FAT-fs (loop0): Directory bread(block 70) failed [ 307.787294][T10218] FAT-fs (loop0): Directory bread(block 71) failed [ 307.787395][T10218] FAT-fs (loop0): Directory bread(block 72) failed [ 307.787419][T10218] FAT-fs (loop0): Directory bread(block 73) failed [ 308.098069][T10239] netlink: 'syz.5.1949': attribute type 10 has an invalid length. [ 308.353694][T10239] veth0_vlan: left promiscuous mode [ 308.486993][T10239] veth0_vlan: entered promiscuous mode [ 308.512861][ T5604] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 308.580124][T10239] team0: Device veth0_vlan failed to register rx_handler [ 308.660603][ T5807] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 308.680555][ T5604] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 308.680589][ T5604] usb 5-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 308.680612][ T5604] usb 5-1: Product: syz [ 308.680628][ T5604] usb 5-1: Manufacturer: syz [ 308.680645][ T5604] usb 5-1: SerialNumber: syz [ 308.819325][ T5604] usb 5-1: config 0 descriptor?? [ 308.892250][ T5604] ch341 5-1:0.0: ch341-uart converter detected [ 309.079925][ T5604] usb 5-1: failed to receive control message: -121 [ 309.079989][ T5604] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -121 [ 309.305223][ T5938] usb 5-1: USB disconnect, device number 10 [ 309.406768][T10259] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1956'. [ 309.454886][ T5938] ch341 5-1:0.0: device disconnected [ 309.589860][T10259] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 309.777448][T10269] loop5: detected capacity change from 0 to 256 [ 310.448060][T10269] FAT-fs (loop5): Directory bread(block 64) failed [ 310.448097][T10269] FAT-fs (loop5): Directory bread(block 65) failed [ 310.448306][T10269] FAT-fs (loop5): Directory bread(block 66) failed [ 310.448333][T10269] FAT-fs (loop5): Directory bread(block 67) failed [ 310.448438][T10269] FAT-fs (loop5): Directory bread(block 68) failed [ 310.448462][T10269] FAT-fs (loop5): Directory bread(block 69) failed [ 310.448564][T10269] FAT-fs (loop5): Directory bread(block 70) failed [ 310.448590][T10269] FAT-fs (loop5): Directory bread(block 71) failed [ 310.516060][T10269] FAT-fs (loop5): Directory bread(block 72) failed [ 310.516099][T10269] FAT-fs (loop5): Directory bread(block 73) failed [ 311.038667][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 311.293737][ T38] kauditd_printk_skb: 3 callbacks suppressed [ 311.293759][ T38] audit: type=1326 audit(1778173815.600:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10309 comm="syz.2.1976" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 311.293880][ T38] audit: type=1326 audit(1778173815.600:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10309 comm="syz.2.1976" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 311.355437][ T38] audit: type=1326 audit(1778173815.660:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10309 comm="syz.2.1976" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 311.355629][ T38] audit: type=1326 audit(1778173815.660:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10309 comm="syz.2.1976" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 311.382069][ T38] audit: type=1326 audit(1778173815.660:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10309 comm="syz.2.1976" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 312.266171][T10326] loop3: detected capacity change from 0 to 4096 [ 312.282635][T10326] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 312.475231][T10346] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1990'. [ 312.510290][T10326] ntfs3(loop3): ino=19, mi_enum_attr [ 312.510325][T10326] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 312.592868][ T37] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 312.755058][ T37] usb 6-1: Using ep0 maxpacket: 8 [ 312.758296][ T37] usb 6-1: config 6 has an invalid interface number: 2 but max is 0 [ 312.758324][ T37] usb 6-1: config 6 has no interface number 0 [ 312.758371][ T37] usb 6-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 312.758395][ T37] usb 6-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 312.758422][ T37] usb 6-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 312.758449][ T37] usb 6-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 312.835157][ T37] usb 6-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 312.835190][ T37] usb 6-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3 [ 312.835212][ T37] usb 6-1: Product: syz [ 312.835227][ T37] usb 6-1: Manufacturer: syz [ 312.835242][ T37] usb 6-1: SerialNumber: syz [ 312.903317][ T37] hso 6-1:6.2: Failed to find BULK eps [ 313.124474][ T37] usb 6-1: USB disconnect, device number 2 [ 313.167886][T10326] ntfs3(loop3): failed to convert "c46c" to koi8-r [ 313.226926][T10363] loop2: detected capacity change from 0 to 8 [ 313.355109][T10363] SQUASHFS error: Failed to read block 0x260685: -5 [ 313.355132][T10363] SQUASHFS error: Unable to read metadata cache entry [260685] [ 313.355148][T10363] SQUASHFS error: Unable to read directory block [260685:0] [ 313.526514][T10326] ntfs3(loop3): ino=20, mi_enum_attr [ 313.850034][ T5853] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 314.036902][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 314.462968][ T5938] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 314.589138][T10397] loop3: detected capacity change from 0 to 256 [ 314.603968][T10397] vfat: Deprecated parameter 'posix' [ 314.603988][T10397] FAT-fs: "posix" option is obsolete, not supported now [ 314.632873][ T5938] usb 6-1: Using ep0 maxpacket: 16 [ 314.647507][ T5938] usb 6-1: config 1 has an invalid interface number: 105 but max is 0 [ 314.647537][ T5938] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 314.647557][ T5938] usb 6-1: config 1 has no interface number 0 [ 314.647604][ T5938] usb 6-1: config 1 interface 105 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0 [ 314.647627][ T5938] usb 6-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 314.647653][ T5938] usb 6-1: config 1 interface 105 has no altsetting 0 [ 314.652627][ T5938] usb 6-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 314.652658][ T5938] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 314.652680][ T5938] usb 6-1: Product: syz [ 314.731607][ T5938] usb 6-1: Manufacturer: syz [ 314.731632][ T5938] usb 6-1: SerialNumber: syz [ 315.033899][ T5938] aqc111 6-1:1.105: probe with driver aqc111 failed with error -22 [ 315.061189][T10400] loop2: detected capacity change from 0 to 4096 [ 315.094246][T10400] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 315.112234][ T5807] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 315.292896][ T5604] usb 6-1: USB disconnect, device number 3 [ 315.311546][T10400] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 315.503595][T10384] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.875712][ T5803] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 316.825593][T10455] loop2: detected capacity change from 0 to 512 [ 316.855859][T10455] EXT4-fs (loop2): orphan cleanup on readonly fs [ 316.855880][T10455] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 316.857035][T10455] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 316.910162][ C0] EXT4-fs (loop2): initial error at time 1778173821: ext4_mb_generate_buddy:1317 [ 316.910201][ C0] EXT4-fs (loop2): last error at time 1778173821: ext4_mb_generate_buddy:1317 [ 316.963859][T10455] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.2038: attempt to clear invalid blocks 2 len 1 [ 316.963899][T10455] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 317.191898][T10455] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.2038: invalid indirect mapped block 1819239214 (level 0) [ 317.191950][T10455] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 317.192648][T10455] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.2038: invalid indirect mapped block 1819239214 (level 1) [ 317.192688][T10455] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 317.240886][T10455] EXT4-fs (loop2): 1 truncate cleaned up [ 317.280923][T10455] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 317.339271][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.339393][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.340901][ T1339] aoe: packet could not be sent on ipvlan1. consider increasing tx_queue_len [ 317.408207][T10455] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.461641][T10384] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 317.480014][T10384] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 317.514837][ T5805] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 317.559045][T10455] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 317.712357][ T5805] usb 6-1: unable to get BOS descriptor or descriptor too short [ 317.726600][ T5805] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 317.726629][ T5805] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 317.763025][ T5805] usb 6-1: string descriptor 0 read error: -22 [ 317.763173][ T5805] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 317.763197][ T5805] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.231553][ T5805] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 318.272943][T10481] loop2: detected capacity change from 0 to 128 [ 318.279595][ T5805] usb 6-1: USB disconnect, device number 4 [ 318.677031][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 319.967794][ T13] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.130867][ T13] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.131511][ T13] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.131557][ T13] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.525492][ T37] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 320.679024][ T37] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 320.679057][ T37] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 320.679083][ T37] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 320.679107][ T37] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 320.679148][ T37] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 320.679174][ T37] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.752986][ T37] usb 4-1: config 0 descriptor?? [ 321.013835][ T37] hdpvr 4-1:0.0: firmware version 0xf6 dated Uýö-** [ 321.013873][ T37] hdpvr 4-1:0.0: untested firmware, the driver might not work. [ 321.046092][T10570] netlink: 'syz.5.2090': attribute type 5 has an invalid length. [ 321.203552][ T37] hdpvr 4-1:0.0: device init failed [ 321.203649][ T37] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12 [ 321.244866][ T37] usb 4-1: USB disconnect, device number 9 [ 321.370810][T10580] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2095'. [ 321.700217][T10592] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2098'. [ 322.595489][T10627] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2112'. [ 323.341929][T10656] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2122'. [ 323.484694][T10660] loop2: detected capacity change from 0 to 512 [ 323.602134][T10660] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0002] [ 323.655402][T10660] System zones: 1-12 [ 323.694610][T10667] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2130'. [ 323.706918][T10660] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.2125: error while reading EA inode 32 err=-116 [ 323.706955][T10660] loop2: lost filesystem error report for type 5 error -117 [ 323.712818][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 323.712843][ C0] EXT4-fs (loop2): initial error at time 1778173828: ext4_xattr_inode_iget:446 [ 323.712869][ C0] EXT4-fs (loop2): last error at time 1778173828: ext4_xattr_inode_iget:446 [ 323.725500][T10660] EXT4-fs (loop2): Remounting filesystem read-only [ 323.725776][T10660] EXT4-fs warning (device loop2): ext4_evict_inode:270: couldn't mark inode dirty (err -30) [ 323.726053][T10660] EXT4-fs (loop2): 1 orphan inode deleted [ 323.796468][T10660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.835941][T10654] loop0: detected capacity change from 0 to 4096 [ 323.874512][T10654] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 324.162614][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.270367][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 324.499547][ T5870] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 324.941323][T10708] syz.0.2144 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 325.128444][T10714] netlink: 'syz.3.2146': attribute type 21 has an invalid length. [ 325.128541][T10714] netlink: 164 bytes leftover after parsing attributes in process `syz.3.2146'. [ 326.493439][T10762] geneve2: entered promiscuous mode [ 326.594668][T10772] loop2: detected capacity change from 0 to 64 [ 326.731656][ T1375] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.731711][ T1375] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.731751][ T1375] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.731788][ T1375] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.935053][ T38] audit: type=1326 audit(1778173831.240:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 326.935114][ T38] audit: type=1326 audit(1778173831.240:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 327.010271][ T38] audit: type=1326 audit(1778173831.270:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 327.011025][ T38] audit: type=1326 audit(1778173831.310:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 327.011170][ T38] audit: type=1326 audit(1778173831.310:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 327.011307][ T38] audit: type=1326 audit(1778173831.310:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 327.021882][ T38] audit: type=1326 audit(1778173831.320:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 327.035704][ T38] audit: type=1326 audit(1778173831.340:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 327.071949][ T38] audit: type=1326 audit(1778173831.340:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.0.2177" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f6a2fb8cdd9 code=0x7ffc0000 [ 327.139904][T10783] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2175'. [ 327.140000][T10783] netlink: 'syz.5.2175': attribute type 3 has an invalid length. [ 327.353612][T10772] syz.2.2171: attempt to access beyond end of device [ 327.353612][T10772] loop2: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 327.353935][T10772] Buffer I/O error on dev loop2, logical block 512, async page read [ 327.386766][T10772] syz.2.2171: attempt to access beyond end of device [ 327.386766][T10772] loop2: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 327.386804][T10772] Buffer I/O error on dev loop2, logical block 56576, async page read [ 327.585266][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 327.708732][T10798] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2183'. [ 329.267619][T10855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2205'. [ 330.421376][T10846] loop0: detected capacity change from 0 to 32768 [ 330.493349][T10846] jfs_strtoUCS: char2uni returned -22. [ 330.493370][T10846] charset = cp932, char = 0xfc [ 330.513673][T10849] loop3: detected capacity change from 0 to 32768 [ 330.535361][T10890] netlink: 'syz.2.2220': attribute type 10 has an invalid length. [ 330.622883][T10890] team0: Port device geneve0 added [ 331.113903][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 331.421524][T10910] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2231'. [ 331.492470][ T5807] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 331.913144][ T5950] usb 4-1: new low-speed USB device number 10 using dummy_hcd [ 332.107878][ T5950] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 332.107909][ T5950] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 332.107959][ T5950] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6 [ 332.107984][ T5950] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 26984, setting to 8 [ 332.108033][ T5950] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 332.108058][ T5950] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.193003][T10916] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 332.245415][ T5950] hub 4-1:1.0: bad descriptor, ignoring hub [ 332.245456][ T5950] hub 4-1:1.0: probe with driver hub failed with error -5 [ 332.246448][ T5950] cdc_wdm 4-1:1.0: skipping garbage [ 332.246466][ T5950] cdc_wdm 4-1:1.0: skipping garbage [ 332.296827][ T5950] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22 [ 332.556198][ T836] usb 4-1: USB disconnect, device number 10 [ 333.145836][ T5633] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 333.309642][ T5633] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 333.309678][ T5633] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.309699][ T5633] usb 3-1: Product: syz [ 333.309713][ T5633] usb 3-1: Manufacturer: syz [ 333.309728][ T5633] usb 3-1: SerialNumber: syz [ 333.381115][ T5633] r8152-cfgselector 3-1: Unknown version 0x0000 [ 333.381145][ T5633] r8152-cfgselector 3-1: config 0 descriptor?? [ 333.921474][ T5604] r8152-cfgselector 3-1: USB disconnect, device number 12 [ 333.982466][T10940] loop5: detected capacity change from 0 to 32768 [ 334.425778][T10940] blkno = 8ed2c, nblocks = 1 [ 334.425800][T10940] ERROR: (device loop5): dbFree: block to be freed is outside the map [ 334.425800][T10940] [ 334.611008][T10940] ERROR: (device loop5): remounting filesystem as read-only [ 334.611034][T10940] ialloc: diAlloc returned -17! [ 334.896188][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 335.491074][T11019] deleting an unspecified loop device is not supported. [ 335.562953][ T5604] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 335.670301][T11025] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2287'. [ 335.670328][T11025] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2287'. [ 335.670345][T11025] netlink: 'syz.0.2287': attribute type 12 has an invalid length. [ 335.715419][ T5604] usb 6-1: Using ep0 maxpacket: 8 [ 335.718457][ T5604] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 335.718487][ T5604] usb 6-1: config 0 interface 0 has no altsetting 0 [ 335.750020][ T5604] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 335.750054][ T5604] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.750075][ T5604] usb 6-1: Product: syz [ 335.750090][ T5604] usb 6-1: Manufacturer: syz [ 335.750105][ T5604] usb 6-1: SerialNumber: syz [ 335.798506][ T5604] usb 6-1: config 0 descriptor?? [ 335.845213][ T5604] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 found [ 335.918776][T11031] loop2: detected capacity change from 0 to 128 [ 336.054529][ T5604] snd_usb_toneport 6-1:0.0: cannot get proper max packet size [ 336.086228][ T5604] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 now disconnected [ 336.100000][ T5604] snd_usb_toneport 6-1:0.0: probe with driver snd_usb_toneport failed with error -22 [ 336.195603][T11042] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2295'. [ 336.234632][T11040] loop0: detected capacity change from 0 to 256 [ 336.293595][ T5604] usb 6-1: USB disconnect, device number 5 [ 336.364313][T11040] FAT-fs (loop0): Directory bread(block 64) failed [ 336.364348][T11040] FAT-fs (loop0): Directory bread(block 65) failed [ 336.364450][T11040] FAT-fs (loop0): Directory bread(block 66) failed [ 336.364473][T11040] FAT-fs (loop0): Directory bread(block 67) failed [ 336.364567][T11040] FAT-fs (loop0): Directory bread(block 68) failed [ 336.364591][T11040] FAT-fs (loop0): Directory bread(block 69) failed [ 336.364690][T11040] FAT-fs (loop0): Directory bread(block 70) failed [ 336.364713][T11040] FAT-fs (loop0): Directory bread(block 71) failed [ 336.364813][T11040] FAT-fs (loop0): Directory bread(block 72) failed [ 336.364838][T11040] FAT-fs (loop0): Directory bread(block 73) failed [ 336.546899][T11048] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2299'. [ 336.671499][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 337.348352][T11068] loop5: detected capacity change from 0 to 8 [ 337.361003][T11068] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 337.457108][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 337.588441][ T5803] udevd[5803]: incorrect cramfs checksum on /dev/loop5 [ 337.632603][ T5803] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 337.806389][T11081] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2316'. [ 337.811905][T11085] netlink: 512 bytes leftover after parsing attributes in process `syz.3.2317'. [ 338.338552][T11104] loop0: detected capacity change from 0 to 512 [ 338.444107][T11104] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2810: inode #11: comm syz.0.2325: corrupted xattr block 95: invalid header [ 338.444151][T11104] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 338.445790][T11104] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2325: bg 0: block 7: invalid block bitmap [ 338.445827][T11104] loop0: lost filesystem error report for type 5 error -117 [ 338.448268][T11104] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 338.448294][T11104] loop0: lost filesystem error report for type 5 error -117 [ 338.452904][ C1] EXT4-fs (loop0): error count since last fsck: 3 [ 338.452928][ C1] EXT4-fs (loop0): initial error at time 1778173842: ext4_expand_extra_isize_ea:2810: inode 11 [ 338.452957][ C1] EXT4-fs (loop0): last error at time 1778173842: ext4_mb_clear_bb:6679 [ 338.465509][T11104] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2972: inode #11: comm syz.0.2325: corrupted xattr block 95: invalid header [ 338.465628][T11104] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 338.549629][T11104] EXT4-fs warning (device loop0): ext4_evict_inode:287: xattr delete (err -117) [ 338.549754][T11104] EXT4-fs (loop0): 1 orphan inode deleted [ 338.607245][T11104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 338.786013][ T5625] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.919695][ T5870] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 339.029454][T11123] netlink: 'syz.0.2332': attribute type 10 has an invalid length. [ 339.096113][T11123] team0: Port device geneve0 added [ 339.150343][T11130] loop5: detected capacity change from 0 to 256 [ 339.404448][T11135] loop0: detected capacity change from 0 to 128 [ 339.456981][T11135] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 339.458552][T11135] ext4 filesystem being mounted at /479/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 339.641554][ T5803] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 339.698755][ T5625] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 339.872844][T11152] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2350'. [ 339.925534][ T5807] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 339.949085][T11144] loop2: detected capacity change from 0 to 4096 [ 339.955165][T11144] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 339.987151][T11153] loop3: detected capacity change from 0 to 512 [ 340.211026][T11144] ntfs3(loop2): ino=19, mi_enum_attr [ 340.317764][T11167] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2354'. [ 340.351720][T11153] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 340.663887][T11144] ntfs3(loop2): ino=5, "/" indx_read_ra [ 340.939578][T11182] loop0: detected capacity change from 0 to 128 [ 340.955264][T11182] EXT4-fs (loop0): Test dummy encryption mode enabled [ 340.984837][T11182] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 340.994734][T11182] ext4 filesystem being mounted at /485/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 341.040456][T11183] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2362'. [ 341.298872][T11153] EXT4-fs error (device loop3): ext4_validate_block_bitmap:423: comm syz.3.2347: bg 0: bad block bitmap checksum [ 341.359762][T11182] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 341.424323][ T5807] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 341.553533][T11153] Quota error (device loop3): write_blk: dquota write failed [ 341.553676][T11153] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 341.553720][T11153] EXT4-fs error (device loop3): ext4_acquire_dquot:7034: comm syz.3.2347: Failed to acquire dquot type 0 [ 341.689947][T11199] loop5: detected capacity change from 0 to 512 [ 341.807581][T11182] EXT4-fs error (device loop0): ext4_validate_block_bitmap:423: comm syz.0.2361: bg 0: bad block bitmap checksum [ 341.864713][T11199] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.974289][ T5755] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 342.126542][ T9398] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.162881][ T5755] usb 3-1: Using ep0 maxpacket: 32 [ 342.164970][ T5755] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 342.164998][ T5755] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 342.165019][ T5755] usb 3-1: config 0 has no interface number 0 [ 342.165077][ T5755] usb 3-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 342.168363][ T5626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.199423][ T5755] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 342.199459][ T5755] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.199480][ T5755] usb 3-1: Product: syz [ 342.199494][ T5755] usb 3-1: Manufacturer: syz [ 342.199510][ T5755] usb 3-1: SerialNumber: syz [ 342.336875][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 342.347035][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 342.375453][ T5755] usb 3-1: config 0 descriptor?? [ 342.469278][ T5625] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 342.504815][ T5755] radio-si470x 3-1:0.35: could not find interrupt in endpoint [ 342.504912][ T5755] radio-si470x 3-1:0.35: probe with driver radio-si470x failed with error -5 [ 342.647562][ T5755] radio-raremono 3-1:0.35: this is not Thanko's Raremono. [ 342.648387][ T5755] usbhid 3-1:0.35: couldn't find an input interrupt endpoint [ 342.794753][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 342.916141][ T5633] usb 3-1: USB disconnect, device number 13 [ 342.985426][T11226] loop0: detected capacity change from 0 to 256 [ 343.240313][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 343.265157][T11240] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2389'. [ 343.299629][T11243] netlink: 'syz.0.2390': attribute type 8 has an invalid length. [ 344.188346][T11268] loop3: detected capacity change from 0 to 164 [ 344.291214][T11268] rock: corrupted directory entry. extent=458780 out of volume (nzones=41) [ 344.291248][T11268] isofs_fill_super: root inode is not a directory. Corrupted media? [ 344.314702][T11272] netlink: 'syz.2.2404': attribute type 1 has an invalid length. [ 344.361987][ T5871] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 344.879131][T11289] netlink: 516 bytes leftover after parsing attributes in process `syz.2.2412'. [ 344.988922][T11295] loop5: detected capacity change from 0 to 512 [ 344.990172][T11295] EXT4-fs: Ignoring removed oldalloc option [ 345.045068][T11295] EXT4-fs error (device loop5): ext4_iget_extra_inode:5128: inode #15: comm syz.5.2417: corrupted in-inode xattr: invalid ea_ino [ 345.045107][T11295] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 345.052759][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 345.052787][ C0] EXT4-fs (loop5): initial error at time 1778173849: ext4_iget_extra_inode:5128: inode 15 [ 345.052818][ C0] EXT4-fs (loop5): last error at time 1778173849: ext4_iget_extra_inode:5128: inode 15 [ 345.131170][T11295] EXT4-fs (loop5): Remounting filesystem read-only [ 345.136998][T11295] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.297722][T11303] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2421'. [ 345.320545][T11306] loop3: detected capacity change from 0 to 164 [ 345.361246][T11306] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 345.445655][ T9398] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.582017][ T5870] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 345.649328][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 346.424168][T11351] netlink: 5 bytes leftover after parsing attributes in process `syz.5.2442'. [ 346.812167][T11366] loop2: detected capacity change from 0 to 512 [ 346.829857][T11366] EXT4-fs: Ignoring removed bh option [ 346.840569][T11366] EXT4-fs (loop2): Test dummy encryption mode enabled [ 346.840591][T11366] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 346.880679][T11366] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.2451: inode has both inline data and extents flags [ 346.880716][T11366] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 346.881281][T11366] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2451: couldn't read orphan inode 15 (err -117) [ 346.881314][T11366] loop2: lost filesystem error report for type 5 error -117 [ 346.901892][ T5755] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 346.960345][T11366] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 347.086624][ T5755] usb 1-1: unable to get BOS descriptor or descriptor too short [ 347.089524][ T5755] usb 1-1: config 1 has an invalid interface number: 48 but max is 1 [ 347.089553][ T5755] usb 1-1: config 1 has no interface number 1 [ 347.089600][ T5755] usb 1-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 347.089630][ T5755] usb 1-1: config 1 interface 0 has no altsetting 0 [ 347.141771][ T5755] usb 1-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75 [ 347.141803][ T5755] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.141822][ T5755] usb 1-1: Product: syz [ 347.141837][ T5755] usb 1-1: Manufacturer: syz [ 347.141852][ T5755] usb 1-1: SerialNumber: syz [ 347.488126][ T5755] smsusb:smsusb_probe: board id=8, interface number 0 [ 347.534015][ T5755] smsusb:smsusb_probe: board id=8, interface number 48 [ 347.569195][ T5755] usb 1-1: USB disconnect, device number 12 [ 347.800373][T11384] loop5: detected capacity change from 0 to 64 [ 347.814075][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.044127][ T5803] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 348.157915][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 348.223692][T11394] §: renamed from sit0 (while UP) [ 348.375729][T11352] loop3: detected capacity change from 0 to 32768 [ 348.378531][T11352] btrfs: Deprecated parameter 'usebackuproot' [ 348.378791][T11352] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 348.411634][T11352] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2441 (11352) [ 348.591584][T11352] BTRFS info (device loop3 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 348.591622][T11352] BTRFS info (device loop3 state S): using blake2b checksum algorithm [ 348.591712][T11352] BTRFS warning (device loop3 state ES): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 348.630214][T11352] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048 [ 348.631716][T11352] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048 [ 348.781194][T11352] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048 [ 348.796219][T11352] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048 [ 348.799970][T11352] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048 [ 348.831178][T11352] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048 [ 349.034017][ T13] BTRFS warning (device loop3 state ES): checksum verify failed on logical 5332992 mirror 1 wanted 0xb929531db417ae5491593d99afe1510df15bdaa63fb6603d26a93ec9245f098d found 0x363308d2114680d601348c08228f0717ad7958309dd0d8905f734334b97c6240 level 0, ignored [ 349.070905][T11352] BTRFS warning (device loop3 state ES): mismatching generation and generation_v2 found in root item. This root was probably mounted with an older kernel. Resetting all new fields. [ 349.234890][T11436] loop0: detected capacity change from 0 to 64 [ 349.460934][ T150] BTRFS warning (device loop3 state ECS): checksum verify failed on logical 5267456 mirror 1 wanted 0xce6a0dc39dad9e7cbba6cc000b67b0cf7f3e351c922d08ed6fd033c276f2526b found 0x64ab88c05a065dd447f4993032483e5ee243ed11629c93abf488b4eae2f264eb level 0, ignored [ 349.462029][T11436] Trying to free block not in datazone [ 349.462048][T11436] Trying to free block not in datazone [ 349.462056][T11436] Trying to free block not in datazone [ 349.462065][T11436] Trying to free block not in datazone [ 349.462084][T11436] minix_free_block (loop0:6): bit already cleared [ 349.462115][T11436] Trying to free block not in datazone [ 349.462138][T11436] Trying to free block not in datazone [ 349.540561][T11352] BTRFS info (device loop3 state ECS): enabling ssd optimizations [ 349.540589][T11352] BTRFS info (device loop3 state ECS): disabling log replay at mount time [ 349.540613][T11352] BTRFS info (device loop3 state ECS): enabling disk space caching [ 349.540632][T11352] BTRFS info (device loop3 state ECS): force clearing of disk cache [ 349.540655][T11352] BTRFS info (device loop3 state ECS): trying to use backup root at mount time [ 349.540675][T11352] BTRFS info (device loop3 state ECS): ignoring bad roots [ 349.540692][T11352] BTRFS info (device loop3 state ECS): ignoring data csums [ 349.540709][T11352] BTRFS info (device loop3 state ECS): ignoring meta csums [ 349.540730][T11352] BTRFS info (device loop3 state ECS): ignoring unknown super block flags [ 349.583316][ T13] BTRFS warning (device loop3 state ECS): checksum verify failed on logical 5308416 mirror 1 wanted 0x47c1be8eef63a64480a0d216c40351d1b0e275802e790c94e39791d738abc154 found 0xf19f77b986157fede8f5210016dedcf3b91e2eab63d44a6f9e296b017f4bdebe level 0, ignored [ 349.874516][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 349.911079][ T5626] BTRFS info (device loop3 state ECS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 350.752177][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 351.820553][T11502] loop5: detected capacity change from 0 to 1024 [ 352.368300][ T5950] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 352.525952][T11502] hfsplus: hfsplus: Invalid key length: 30819 [ 352.542887][ T5950] usb 3-1: Using ep0 maxpacket: 16 [ 352.545278][ T5950] usb 3-1: config 1 has an invalid interface number: 105 but max is 0 [ 352.545302][ T5950] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 352.545320][ T5950] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 1 [ 352.545337][ T5950] usb 3-1: config 1 has no interface number 1 [ 352.545383][ T5950] usb 3-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 352.545407][ T5950] usb 3-1: config 1 interface 105 has no altsetting 0 [ 352.548373][ T5950] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 352.548400][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 352.548420][ T5950] usb 3-1: Product: syz [ 352.548434][ T5950] usb 3-1: Manufacturer: syz [ 352.548448][ T5950] usb 3-1: SerialNumber: syz [ 352.861899][ T5950] aqc111 3-1:1.105: probe with driver aqc111 failed with error -22 [ 353.073565][ T5950] usb 3-1: USB disconnect, device number 14 [ 353.148559][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 353.813766][T11556] overlayfs: empty lowerdir [ 353.822108][T11553] loop2: detected capacity change from 0 to 512 [ 353.932908][T11553] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 353.933012][T11553] System zones: 0-2, 18-18, 34-34 [ 354.279819][T11553] EXT4-fs (loop2): 1 orphan inode deleted [ 354.303369][T11553] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.303526][T11553] ext4 filesystem being mounted at /494/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 354.379722][ T1375] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 354.379817][ T1375] EXT4-fs error (device loop2): ext4_release_dquot:7070: comm kworker/u8:13: Failed to release dquot type 1 [ 354.442857][T11574] netlink: 'syz.0.2544': attribute type 1 has an invalid length. [ 354.442880][T11574] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2544'. [ 354.526104][ T1375] EXT4-fs (loop2): Remounting filesystem read-only [ 354.567178][T11553] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.673586][T11553] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 354.980534][T11589] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2551'. [ 354.980566][T11589] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2551'. [ 354.980584][T11589] netlink: 'syz.5.2551': attribute type 6 has an invalid length. [ 355.064128][T11592] Unknown options in mask b7f2 [ 356.142992][ T5604] usb 1-1: new full-speed USB device number 13 using dummy_hcd [ 356.307378][ T5604] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 356.307445][ T5604] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 356.309589][ T5604] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 356.309619][ T5604] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 356.309641][ T5604] usb 1-1: SerialNumber: syz [ 356.428459][ T5604] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 356.429263][ T5604] usb-storage 1-1:1.0: USB Mass Storage device detected [ 356.497430][ T5604] usb-storage 1-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 356.498161][ T5604] scsi host1: usb-storage 1-1:1.0 [ 357.293122][T11682] bond0: Error: Cannot enslave bond to itself. [ 357.748171][ T5604] usb 3-1: new full-speed USB device number 15 using dummy_hcd [ 357.899093][ T5604] usb 3-1: config 0 has an invalid interface number: 41 but max is 0 [ 357.899125][ T5604] usb 3-1: config 0 has no interface number 0 [ 357.899174][ T5604] usb 3-1: config 0 interface 41 has no altsetting 0 [ 357.945105][ T5604] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 357.945138][ T5604] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 357.945162][ T5604] usb 3-1: Product: syz [ 357.945177][ T5604] usb 3-1: Manufacturer: syz [ 357.945194][ T5604] usb 3-1: SerialNumber: syz [ 358.013691][T11702] loop5: detected capacity change from 0 to 512 [ 358.017472][ T5604] usb 3-1: config 0 descriptor?? [ 358.451067][ T5604] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71 [ 358.451835][ T5604] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71 [ 358.502147][ T5604] usb 3-1: USB disconnect, device number 15 [ 358.681149][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 358.972983][T11715] bond2: entered allmulticast mode [ 359.318232][T11733] loop2: detected capacity change from 0 to 256 [ 359.471550][ T37] usb 1-1: USB disconnect, device number 13 [ 359.604920][T11733] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d) [ 360.065246][T11755] overlayfs: missing 'workdir' [ 360.399188][ T38] audit: type=1800 audit(1778173864.700:92): pid=11733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2619" name="file2" dev="loop2" ino=1048643 res=0 errno=0 [ 360.431940][T11760] bridge0: port 1(bridge_slave_0) entered disabled state [ 360.451366][T11760] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.915282][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 361.065678][ T37] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 361.101003][T11784] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2645'. [ 361.234177][ T37] usb 1-1: Using ep0 maxpacket: 32 [ 361.248391][ T37] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 361.248425][ T37] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.330376][ T37] usb 1-1: config 0 descriptor?? [ 361.428414][ T37] gspca_main: sunplus-2.14.0 probing 041e:400b [ 361.801238][ T37] gspca_sunplus: reg_w_riv err -71 [ 361.801350][ T37] sunplus 1-1:0.0: probe with driver sunplus failed with error -71 [ 361.816247][ T37] usb 1-1: USB disconnect, device number 14 [ 362.034571][T11814] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2661'. [ 362.034595][T11814] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2661'. [ 362.631339][T11835] netlink: 'syz.3.2670': attribute type 2 has an invalid length. [ 362.631363][T11835] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2670'. [ 363.024477][T11851] netlink: 'syz.5.2678': attribute type 10 has an invalid length. [ 363.074405][T11852] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2677'. [ 364.001219][T11884] loop0: detected capacity change from 0 to 128 [ 364.012296][T11884] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 364.106560][T11882] loop5: detected capacity change from 0 to 4096 [ 364.142537][T11882] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 364.337818][T11882] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 364.472922][T11882] ntfs3(loop5): Failed to load $Extend (-2). [ 364.472947][T11882] ntfs3(loop5): Failed to initialize $Extend. [ 365.267942][ T5803] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 365.377159][T11918] netlink: 'syz.5.2707': attribute type 4 has an invalid length. [ 365.377182][T11918] netlink: 152 bytes leftover after parsing attributes in process `syz.5.2707'. [ 365.444029][T11918] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 366.171455][T11947] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2726'. [ 366.402319][T11954] netlink: 'syz.0.2729': attribute type 1 has an invalid length. [ 366.776264][T11965] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2734'. [ 367.366891][T11985] loop0: detected capacity change from 0 to 2048 [ 367.380430][T11985] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=301129, location=301129 [ 367.436387][T11985] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 367.658123][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 368.759941][T12033] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2768'. [ 369.306040][T12054] netlink: 'syz.2.2778': attribute type 1 has an invalid length. [ 369.461703][T12057] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 369.466601][T12057] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 369.531149][T12060] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2780'. [ 370.620179][T12097] wlan0 speed is unknown, defaulting to 1000 [ 370.657719][T12097] wlan0 speed is unknown, defaulting to 1000 [ 371.016868][T12097] wlan0 speed is unknown, defaulting to 1000 [ 371.288171][T12097] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 371.288215][T12097] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 371.288261][T12097] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 371.630636][T12097] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 371.727242][ T5633] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 371.835299][T12097] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 371.886443][ T5633] usb 1-1: unable to get BOS descriptor or descriptor too short [ 371.888021][ T5633] usb 1-1: config 0 has an invalid interface number: 193 but max is 0 [ 371.888049][ T5633] usb 1-1: config 0 has no interface number 0 [ 371.888096][ T5633] usb 1-1: config 0 interface 193 altsetting 9 endpoint 0xF has invalid maxpacket 512, setting to 64 [ 371.888126][ T5633] usb 1-1: config 0 interface 193 altsetting 9 bulk endpoint 0x1 has invalid maxpacket 32 [ 371.888151][ T5633] usb 1-1: config 0 interface 193 has no altsetting 0 [ 371.891401][ T5633] usb 1-1: New USB device found, idVendor=1608, idProduct=0207, bcdDevice=ca.9f [ 371.891428][ T5633] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.891447][ T5633] usb 1-1: Product: syz [ 371.891461][ T5633] usb 1-1: Manufacturer: syz [ 371.891475][ T5633] usb 1-1: SerialNumber: syz [ 372.000373][ T5633] usb 1-1: config 0 descriptor?? [ 372.001715][T12120] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 372.027717][T12136] netlink: 'syz.2.2818': attribute type 4 has an invalid length. [ 372.414155][ T5633] io_ti 1-1:0.193: required endpoints missing [ 372.438205][ T5633] usb 1-1: USB disconnect, device number 15 [ 373.195632][T12097] wlan0 speed is unknown, defaulting to 1000 [ 373.255467][T12097] wlan0 speed is unknown, defaulting to 1000 [ 373.287480][T12172] loop2: detected capacity change from 0 to 64 [ 373.322300][T12097] wlan0 speed is unknown, defaulting to 1000 [ 373.323275][ T5938] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 373.347884][T12097] wlan0 speed is unknown, defaulting to 1000 [ 373.377435][T12175] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2838'. [ 373.445843][T12097] wlan0 speed is unknown, defaulting to 1000 [ 373.482924][ T5938] usb 4-1: Using ep0 maxpacket: 16 [ 373.490131][ T5938] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 373.490163][ T5938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.490183][ T5938] usb 4-1: Product: syz [ 373.490197][ T5938] usb 4-1: Manufacturer: syz [ 373.490211][ T5938] usb 4-1: SerialNumber: syz [ 373.554846][ T5938] r8152-cfgselector 4-1: Unknown version 0x0000 [ 373.554874][ T5938] r8152-cfgselector 4-1: config 0 descriptor?? [ 373.750836][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 373.991257][ T37] r8152-cfgselector 4-1: USB disconnect, device number 11 [ 374.978739][T12225] loop2: detected capacity change from 0 to 256 [ 375.107136][T12225] FAT-fs (loop2): Directory bread(block 64) failed [ 375.107171][T12225] FAT-fs (loop2): Directory bread(block 65) failed [ 375.107273][T12225] FAT-fs (loop2): Directory bread(block 66) failed [ 375.107297][T12225] FAT-fs (loop2): Directory bread(block 67) failed [ 375.107396][T12225] FAT-fs (loop2): Directory bread(block 68) failed [ 375.107420][T12225] FAT-fs (loop2): Directory bread(block 69) failed [ 375.107518][T12225] FAT-fs (loop2): Directory bread(block 70) failed [ 375.107540][T12225] FAT-fs (loop2): Directory bread(block 71) failed [ 375.107638][T12225] FAT-fs (loop2): Directory bread(block 72) failed [ 375.107661][T12225] FAT-fs (loop2): Directory bread(block 73) failed [ 375.378166][T12225] syz.2.2862: attempt to access beyond end of device [ 375.378166][T12225] loop2: rw=524288, sector=1192, nr_sectors = 4 limit=256 [ 375.408379][T12225] syz.2.2862: attempt to access beyond end of device [ 375.408379][T12225] loop2: rw=0, sector=1192, nr_sectors = 4 limit=256 [ 375.465244][ T38] audit: type=1800 audit(1778173879.770:93): pid=12225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2862" name="file1" dev="loop2" ino=1048644 res=0 errno=0 [ 375.572269][T12232] loop0: detected capacity change from 0 to 8192 [ 375.684290][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 375.843174][T12232] loop0: p1 < > p3 p4 < > [ 375.885519][T12232] loop0: p3 start 201326592 is beyond EOD, truncated [ 375.887624][T12254] loop5: detected capacity change from 0 to 512 [ 375.959554][T12254] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 375.959729][T12254] ext4 filesystem being mounted at /172/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 376.221648][T12260] netlink: zone id is out of range [ 376.221664][T12260] netlink: zone id is out of range [ 376.221674][T12260] netlink: zone id is out of range [ 376.221683][T12260] netlink: zone id is out of range [ 376.221691][T12260] netlink: zone id is out of range [ 376.221700][T12260] netlink: zone id is out of range [ 376.221709][T12260] netlink: zone id is out of range [ 376.221717][T12260] netlink: zone id is out of range [ 376.221725][T12260] netlink: zone id is out of range [ 376.221734][T12260] netlink: set zone limit has 4 unknown bytes [ 376.385835][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 376.647806][ T9398] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.746102][ T5803] udevd[5803]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 376.747154][ T5807] udevd[5807]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 377.066204][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 377.159941][T12282] loop3: detected capacity change from 0 to 256 [ 377.265364][T12290] loop5: detected capacity change from 0 to 128 [ 377.267609][T12290] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 377.309883][T12282] FAT-fs (loop3): Directory bread(block 64) failed [ 377.309918][T12282] FAT-fs (loop3): Directory bread(block 65) failed [ 377.310023][T12282] FAT-fs (loop3): Directory bread(block 66) failed [ 377.310048][T12282] FAT-fs (loop3): Directory bread(block 67) failed [ 377.310282][T12282] FAT-fs (loop3): Directory bread(block 68) failed [ 377.310307][T12282] FAT-fs (loop3): Directory bread(block 69) failed [ 377.310410][T12282] FAT-fs (loop3): Directory bread(block 70) failed [ 377.310435][T12282] FAT-fs (loop3): Directory bread(block 71) failed [ 377.310545][T12282] FAT-fs (loop3): Directory bread(block 72) failed [ 377.310571][T12282] FAT-fs (loop3): Directory bread(block 73) failed [ 377.454114][T12290] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 377.504117][T12290] EXT4-fs error (device loop5): __ext4_find_entry:1626: inode #2: comm syz.5.2895: checksumming directory block 0 [ 377.730354][ T9398] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 377.795950][ T5803] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 377.900273][ T5803] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 378.003531][T12308] loop5: detected capacity change from 0 to 16 [ 378.012141][T12308] erofs (device loop5): mounted with root inode @ nid 36. [ 378.056519][T12308] syz.5.2900: attempt to access beyond end of device [ 378.056519][T12308] loop5: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 378.102509][T12308] erofs (device loop5): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 4096 [ 378.102554][T12308] erofs (device loop5): read error -117 @ 0 of nid 89 [ 378.123521][ T38] audit: type=1800 audit(1778173882.430:94): pid=12308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2900" name="file2" dev="loop5" ino=89 res=0 errno=0 [ 378.489154][ T9398] __loop_clr_fd(loop5) clearing lo_backing_file (refcnt=0x0) [ 378.629953][T12327] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2911'. [ 378.689827][T12328] loop5: detected capacity change from 0 to 8 [ 378.793187][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.793302][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.859886][ T9398] SQUASHFS error: Unable to read inode 0x1 [ 378.871827][ T9398] SQUASHFS error: Unable to read inode 0x1 [ 379.323190][T12354] loop0: detected capacity change from 0 to 256 [ 379.601895][T12359] netlink: 'syz.2.2926': attribute type 1 has an invalid length. [ 379.601918][T12359] netlink: 'syz.2.2926': attribute type 2 has an invalid length. [ 379.830841][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 380.814881][T12398] loop2: detected capacity change from 0 to 8 [ 380.847839][T12400] loop3: detected capacity change from 0 to 256 [ 381.009933][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 381.162997][T12399] loop0: detected capacity change from 0 to 4096 [ 381.165471][T12399] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 381.417310][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 381.443838][T12399] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 381.993280][ T5636] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 382.012491][ T5636] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 382.025041][ T5636] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 382.028421][ T5636] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 382.036554][ T5636] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 382.524391][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 382.965062][ T1184] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.138727][T12433] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2962'. [ 383.138756][T12433] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2962'. [ 383.138775][T12433] netlink: 31 bytes leftover after parsing attributes in process `syz.0.2962'. [ 383.138792][T12433] netlink: 'syz.0.2962': attribute type 3 has an invalid length. [ 383.138806][T12433] netlink: 'syz.0.2962': attribute type 2 has an invalid length. [ 383.138819][T12433] netlink: 31 bytes leftover after parsing attributes in process `syz.0.2962'. [ 383.138837][T12433] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2962'. [ 383.800195][T12420] loop2: detected capacity change from 0 to 32768 [ 383.869609][T12420] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 383.981885][T12420] XFS (loop2): Ending clean mount [ 384.211080][ T1184] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 384.232187][ T5630] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 384.322921][ T61] Bluetooth: hci3: command tx timeout [ 384.782940][ T5803] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 385.344667][ T1184] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.463394][T12446] loop0: detected capacity change from 0 to 32768 [ 385.563251][T12474] bridge3: entered promiscuous mode [ 385.563278][T12474] bridge3: entered allmulticast mode [ 385.677949][T12446] XFS (loop0): Mounting V5 filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d in no-recovery mode. Filesystem will be inconsistent. [ 385.946648][T12446] XFS (loop0): Metadata corruption detected at xfs_dinode_verify+0x1a9/0x1590, inode 0x1803 dinode [ 385.946699][T12446] XFS (loop0): Unmount and run xfs_repair [ 385.946712][T12446] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 385.946732][T12446] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00 INA............. [ 385.946748][T12446] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 385.946764][T12446] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d 4.Xh....4.Xh...= [ 385.946779][T12446] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20 4.Xh...=....... [ 385.946796][T12446] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 385.946812][T12446] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1 ..............=. [ 385.946828][T12446] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04 ....n..-........ [ 385.946843][T12446] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 06 ................ [ 386.117058][T12502] ieee802154 phy0 wpan0: encryption failed: -22 [ 386.297476][ T5625] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 386.379828][ T61] Bluetooth: hci3: command tx timeout [ 386.622465][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 386.810769][ T1184] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.208223][T12530] loop0: detected capacity change from 0 to 64 [ 387.388019][T12530] Bad inode number on dev loop0: 2 is out of range [ 387.426439][T12535] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2995'. [ 387.426464][T12535] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2995'. [ 387.710009][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 387.856433][T12412] wlan0 speed is unknown, defaulting to 1000 [ 388.143256][T12550] loop3: detected capacity change from 0 to 1024 [ 388.144464][T12550] EXT4-fs: Ignoring removed orlov option [ 388.218128][T12556] loop0: detected capacity change from 0 to 1024 [ 388.388527][T12550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 388.458304][ T61] Bluetooth: hci3: command tx timeout [ 388.817943][ T5626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.939342][ T5807] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 388.967145][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 389.859011][ T1184] bridge_slave_1: left allmulticast mode [ 389.859061][ T1184] bridge_slave_1: left promiscuous mode [ 389.859357][ T1184] bridge0: port 2(bridge_slave_1) entered disabled state [ 390.114569][ T1184] bridge_slave_0: left allmulticast mode [ 390.114605][ T1184] bridge_slave_0: left promiscuous mode [ 390.114866][ T1184] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.447580][T12627] ieee802154 phy0 wpan0: encryption failed: -22 [ 390.536412][ T61] Bluetooth: hci3: command tx timeout [ 390.690268][ T38] audit: type=1326 audit(1778173894.990:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 390.690409][ T38] audit: type=1326 audit(1778173894.990:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 390.690619][ T38] audit: type=1326 audit(1778173894.990:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f21c685dbc9 code=0x7ffc0000 [ 390.710749][ T38] audit: type=1326 audit(1778173895.010:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f21c6819b3b code=0x7ffc0000 [ 390.710819][ T38] audit: type=1326 audit(1778173895.010:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f21c681922c code=0x7ffc0000 [ 390.715632][ T38] audit: type=1326 audit(1778173895.020:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f21c681928e code=0x7ffc0000 [ 390.715836][ T38] audit: type=1326 audit(1778173895.010:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 390.725050][ T38] audit: type=1326 audit(1778173895.020:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f21c685ca6b code=0x7ffc0000 [ 390.725197][ T38] audit: type=1326 audit(1778173895.030:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 390.736012][ T38] audit: type=1326 audit(1778173895.030:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.2.3031" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 392.046593][ T1184] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 392.124311][ T1184] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 392.191047][ T1184] bond0 (unregistering): Released all slaves [ 392.319462][ T5275] 8021q: adding VLAN 0 to HW filter on device eth5 [ 392.426020][T12678] loop3: detected capacity change from 0 to 256 [ 392.426911][T12678] exfat: Deprecated parameter 'utf8' [ 392.426930][T12678] exfat: Deprecated parameter 'utf8' [ 392.427016][T12678] exfat: Deprecated parameter 'namecase' [ 392.427064][T12678] exfat: Deprecated parameter 'namecase' [ 392.641995][T12678] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 393.069218][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 393.107813][T12697] netlink: 'syz.0.3059': attribute type 3 has an invalid length. [ 393.670394][T12713] IPv6: Can't replace route, no match found [ 395.009483][T12755] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3082'. [ 395.736442][ T5275] 8021q: adding VLAN 0 to HW filter on device eth6 [ 395.768315][T12783] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 395.771747][ T37] wlan0 speed is unknown, defaulting to 1000 [ 395.808920][ T37] syz2: Port: 1 Link DOWN [ 395.809835][ T3341] smbdirect: ib_dev[syz2] removed [ 396.425862][T12412] bridge0: port 1(bridge_slave_0) entered blocking state [ 396.427445][T12412] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.427790][T12412] bridge_slave_0: entered allmulticast mode [ 396.458135][T12412] bridge_slave_0: entered promiscuous mode [ 396.579495][T12806] loop2: detected capacity change from 0 to 2048 [ 396.588858][T12412] bridge0: port 2(bridge_slave_1) entered blocking state [ 396.589201][T12412] bridge0: port 2(bridge_slave_1) entered disabled state [ 396.589907][T12412] bridge_slave_1: entered allmulticast mode [ 396.610710][T12806] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 396.689562][T12412] bridge_slave_1: entered promiscuous mode [ 396.853112][T12819] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3109'. [ 396.981550][T12806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 396.981711][T12806] ext4 filesystem being mounted at /592/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 397.342821][T12806] __quota_error: 9 callbacks suppressed [ 397.342840][T12806] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 397.342896][T12806] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 397.342917][T12806] EXT4-fs error (device loop2): ext4_acquire_dquot:7034: comm syz.2.3104: Failed to acquire dquot type 0 [ 397.595048][T12412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 397.606320][T12412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 397.650787][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 397.824870][ T1184] hsr_slave_0: left promiscuous mode [ 397.844714][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 397.866085][ T1184] hsr_slave_1: left promiscuous mode [ 397.871319][ T1184] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 397.871347][ T1184] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 397.921689][ T1184] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 397.921720][ T1184] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 398.253558][ T1184] veth1_macvtap: left promiscuous mode [ 398.253662][ T1184] veth0_macvtap: left promiscuous mode [ 398.254216][ T1184] veth1_vlan: left promiscuous mode [ 398.389789][T12857] netlink: 'syz.3.3128': attribute type 21 has an invalid length. [ 398.599309][T12863] loop3: detected capacity change from 0 to 512 [ 398.759973][T12863] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 398.760124][T12863] ext4 filesystem being mounted at /570/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 398.870013][T12872] netlink: 252 bytes leftover after parsing attributes in process `syz.0.3134'. [ 399.027645][ T5626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.117992][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 399.672536][T12896] binder: 12895:12896 ioctl c018620c 200000000000 returned -22 [ 400.585368][ T1184] team0 (unregistering): Port device team_slave_1 removed [ 400.703499][ T1184] team0 (unregistering): Port device team_slave_0 removed [ 401.493194][T12412] team0: Port device team_slave_0 added [ 401.527727][T12412] team0: Port device team_slave_1 added [ 402.144961][T12412] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 402.144979][T12412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 402.145010][T12412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 402.249344][T12412] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 402.249373][T12412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 402.249399][T12412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 402.911240][T12412] hsr_slave_0: entered promiscuous mode [ 402.929271][T12412] hsr_slave_1: entered promiscuous mode [ 402.944000][T12412] debugfs: 'hsr0' already exists in 'hsr' [ 402.944019][T12412] Cannot create hsr debugfs directory [ 403.636164][T12965] loop0: detected capacity change from 0 to 32768 [ 403.637197][T12965] xfs: Deprecated parameter 'noikeep' [ 403.637212][T12965] XFS: noikeep mount option is deprecated. [ 403.700987][ T5275] 8021q: adding VLAN 0 to HW filter on device eth7 [ 403.741643][T12965] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 403.877746][T12965] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 403.982205][T12965] XFS (loop0): Starting recovery (logdev: internal) [ 404.558434][T12965] XFS (loop0): Ending recovery (logdev: internal) [ 404.633709][T12965] XFS (loop0): Metadata corruption detected at xfs_btree_lookup_get_block+0x3d6/0x510, xfs_finobt block 0x20 [ 404.633755][T12965] XFS (loop0): Unmount and run xfs_repair [ 404.634099][T12965] loop0: lost filesystem error report for type 5 error -117 [ 404.634222][T12965] XFS (loop0): Failed to initialize disk quotas, err -117. [ 404.895278][ T5625] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 404.897298][ T5625] XFS (loop0): Uncorrected metadata errors detected; please run xfs_repair. [ 405.376008][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 405.859794][T13074] netlink: 'syz.3.3221': attribute type 58 has an invalid length. [ 406.564331][T12412] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 406.622633][T12412] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 406.631385][T12412] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 406.733015][ T37] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 406.787081][T12412] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 406.801069][ T5275] 8021q: adding VLAN 0 to HW filter on device eth8 [ 406.801651][T12412] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 406.912860][ T37] usb 1-1: Using ep0 maxpacket: 16 [ 406.915187][ T37] usb 1-1: config index 0 descriptor too short (expected 65, got 36) [ 406.915270][ T37] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 406.915375][ T37] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 55, changing to 9 [ 406.915404][ T37] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 8496, setting to 1024 [ 406.915433][ T37] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 406.915477][ T37] usb 1-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 406.915501][ T37] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.016268][ T37] usb 1-1: config 0 descriptor?? [ 407.021451][T12412] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 407.053809][ T37] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input13 [ 407.089317][T12412] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 407.370135][T12412] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 407.570443][ C1] pxrc 1-1:0.0: pxrc_usb_irq - usb_submit_urb failed with result: -19 [ 407.570449][ T5755] usb 1-1: USB disconnect, device number 16 [ 407.681050][T13123] netlink: 'syz.3.3239': attribute type 5 has an invalid length. [ 408.100254][T13131] loop3: detected capacity change from 0 to 256 [ 408.101252][T13131] exfat: Deprecated parameter 'namecase' [ 408.213668][T13131] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1cbb3694, utbl_chksum : 0xe619d30d) [ 408.559847][T13144] loop0: detected capacity change from 0 to 164 [ 408.573549][ T5870] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 408.656936][T13148] loop3: detected capacity change from 0 to 64 [ 408.840891][ T5803] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 409.015005][T12412] 8021q: adding VLAN 0 to HW filter on device bond0 [ 409.147864][ T5803] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 409.369587][T12412] 8021q: adding VLAN 0 to HW filter on device team0 [ 409.439896][ T1029] bridge0: port 1(bridge_slave_0) entered blocking state [ 409.440068][ T1029] bridge0: port 1(bridge_slave_0) entered forwarding state [ 409.703710][ T3341] bridge0: port 2(bridge_slave_1) entered blocking state [ 409.703857][ T3341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 410.749108][T13207] bond0: (slave bond_slave_1): Releasing backup interface [ 410.880540][T13218] loop3: detected capacity change from 0 to 256 [ 411.000220][T13218] FAT-fs (loop3): Directory bread(block 64) failed [ 411.000258][T13218] FAT-fs (loop3): Directory bread(block 65) failed [ 411.000484][T13218] FAT-fs (loop3): Directory bread(block 66) failed [ 411.000509][T13218] FAT-fs (loop3): Directory bread(block 67) failed [ 411.000616][T13218] FAT-fs (loop3): Directory bread(block 68) failed [ 411.000642][T13218] FAT-fs (loop3): Directory bread(block 69) failed [ 411.000741][T13218] FAT-fs (loop3): Directory bread(block 70) failed [ 411.000765][T13218] FAT-fs (loop3): Directory bread(block 71) failed [ 411.000882][T13218] FAT-fs (loop3): Directory bread(block 72) failed [ 411.000915][T13218] FAT-fs (loop3): Directory bread(block 73) failed [ 411.400668][ T38] audit: type=1326 audit(1778173915.700:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13232 comm="syz.2.3286" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 411.432283][ T38] audit: type=1326 audit(1778173915.700:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13232 comm="syz.2.3286" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 411.462842][ T38] audit: type=1326 audit(1778173915.760:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13232 comm="syz.2.3286" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 411.463228][ T38] audit: type=1326 audit(1778173915.770:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13232 comm="syz.2.3286" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 411.463531][ T38] audit: type=1326 audit(1778173915.770:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13232 comm="syz.2.3286" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 411.608364][T13236] loop0: detected capacity change from 0 to 256 [ 411.720536][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 411.804130][T13243] loop2: detected capacity change from 0 to 256 [ 412.080058][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 412.109615][T13243] FAT-fs (loop2): Directory bread(block 64) failed [ 412.109656][T13243] FAT-fs (loop2): Directory bread(block 65) failed [ 412.109759][T13243] FAT-fs (loop2): Directory bread(block 66) failed [ 412.109785][T13243] FAT-fs (loop2): Directory bread(block 67) failed [ 412.109889][T13243] FAT-fs (loop2): Directory bread(block 68) failed [ 412.109916][T13243] FAT-fs (loop2): Directory bread(block 69) failed [ 412.110018][T13243] FAT-fs (loop2): Directory bread(block 70) failed [ 412.110045][T13243] FAT-fs (loop2): Directory bread(block 71) failed [ 412.110156][T13243] FAT-fs (loop2): Directory bread(block 72) failed [ 412.110181][T13243] FAT-fs (loop2): Directory bread(block 73) failed [ 412.561820][T12412] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 412.643489][ T5633] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 412.739447][T13266] loop0: detected capacity change from 0 to 2048 [ 412.816258][ T5633] usb 4-1: unable to get BOS descriptor or descriptor too short [ 412.818312][ T5633] usb 4-1: config 5 has an invalid interface number: 241 but max is 3 [ 412.818337][ T5633] usb 4-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config [ 412.818357][ T5633] usb 4-1: config 5 has 1 interface, different from the descriptor's value: 4 [ 412.818378][ T5633] usb 4-1: config 5 has no interface number 0 [ 412.818416][ T5633] usb 4-1: config 5 interface 241 altsetting 135 has an invalid descriptor for endpoint zero, skipping [ 412.818441][ T5633] usb 4-1: config 5 interface 241 altsetting 135 has an invalid endpoint descriptor of length 4, skipping [ 412.818463][ T5633] usb 4-1: config 5 interface 241 altsetting 135 has 4 endpoint descriptors, different from the interface descriptor's value: 15 [ 412.818492][ T5633] usb 4-1: config 5 interface 241 has no altsetting 0 [ 412.894432][ T5633] usb 4-1: New USB device found, idVendor=06cd, idProduct=0101, bcdDevice=14.a6 [ 412.894465][ T5633] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 412.894487][ T5633] usb 4-1: Product: syz [ 412.894503][ T5633] usb 4-1: Manufacturer: syz [ 412.894519][ T5633] usb 4-1: SerialNumber: syz [ 412.955244][T13258] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 412.978690][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 413.050894][T13272] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 413.224660][ T5633] keyspan 4-1:5.241: Keyspan - (without firmware) converter detected [ 413.229707][T13275] netlink: 'syz.2.3300': attribute type 1 has an invalid length. [ 413.229739][T13275] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3300'. [ 413.305462][ T5633] usb 4-1: USB disconnect, device number 12 [ 413.310010][ T5633] keyspan 4-1:5.241: device disconnected [ 413.692566][T13280] loop2: detected capacity change from 0 to 4096 [ 413.847705][T13291] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 414.595829][T13272] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 414.595870][T13272] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 414.756454][ T5803] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 414.938724][T12412] veth0_vlan: entered promiscuous mode [ 415.080555][T12412] veth1_vlan: entered promiscuous mode [ 415.108396][T13272] Remounting filesystem read-only [ 415.110684][ T5625] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 415.188361][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 415.299660][T12412] veth0_macvtap: entered promiscuous mode [ 415.400973][T13316] netlink: 'syz.0.3307': attribute type 6 has an invalid length. [ 415.400998][T13316] netlink: 176 bytes leftover after parsing attributes in process `syz.0.3307'. [ 415.446960][T12412] veth1_macvtap: entered promiscuous mode [ 415.615249][T13325] loop3: detected capacity change from 0 to 512 [ 415.642970][T13325] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 415.650795][T13325] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 415.655749][T13325] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 415.655881][T13325] System zones: 0-2, 18-18, 34-35 [ 415.717265][T12412] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 415.728791][T13325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.773215][T12412] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 415.947568][ T1375] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.948483][ T1375] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.948740][ T1375] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.948797][ T1375] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.241972][ T5626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.308945][ T5626] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 416.811223][T13357] loop0: detected capacity change from 0 to 16 [ 416.909002][T13357] erofs (device loop0): mounted with root inode @ nid 36. [ 417.407445][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 417.542232][T13367] netlink: 'syz.0.3339': attribute type 1 has an invalid length. [ 417.567269][ T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 417.567291][ T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 417.575825][T13363] loop2: detected capacity change from 0 to 1764 [ 418.036529][ T5803] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 418.212487][ T1029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.212511][ T1029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.828506][T13403] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 419.346322][ T5950] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 419.502838][ T5950] usb 4-1: Using ep0 maxpacket: 16 [ 419.505570][ T5950] usb 4-1: config index 0 descriptor too short (expected 51443, got 18) [ 419.521405][ T5950] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 419.521435][ T5950] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 419.521456][ T5950] usb 4-1: Product: syz [ 419.521470][ T5950] usb 4-1: Manufacturer: syz [ 419.521484][ T5950] usb 4-1: SerialNumber: syz [ 419.586898][ T5950] r8152-cfgselector 4-1: Unknown version 0x0000 [ 419.586925][ T5950] r8152-cfgselector 4-1: config 0 descriptor?? [ 420.035678][ T5633] r8152-cfgselector 4-1: USB disconnect, device number 13 [ 420.182814][T13448] loop2: detected capacity change from 0 to 1764 [ 420.246465][T13449] loop0: detected capacity change from 0 to 4096 [ 420.252635][T13449] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 420.459735][T13448] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 420.574641][T13463] loop6: detected capacity change from 0 to 512 [ 420.698299][T13463] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 420.698320][T13463] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 420.698416][T13463] System zones: 0-1, 15-15, 18-18, 34-34 [ 420.698753][T13463] EXT4-fs (loop6): orphan cleanup on readonly fs [ 420.698845][T13463] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0 [ 420.698929][T13463] EXT4-fs warning (device loop6): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 420.698956][T13463] EXT4-fs (loop6): Cannot turn on quotas: error -22 [ 420.785663][T13463] EXT4-fs error (device loop6): ext4_orphan_get:1423: comm syz.6.3382: bad orphan inode 16 [ 420.785696][T13463] loop6: lost filesystem error report for type 5 error -117 [ 420.793146][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 420.793165][ C1] EXT4-fs (loop6): initial error at time 1778173925: ext4_orphan_get:1423 [ 420.793183][ C1] EXT4-fs (loop6): last error at time 1778173925: ext4_orphan_get:1423 [ 420.793860][T13463] ext4_test_bit(bit=15, block=18) = 1 [ 420.793877][T13463] is_bad_inode(inode)=0 [ 420.793886][T13463] NEXT_ORPHAN(inode)=0 [ 420.793893][T13463] max_ino=32 [ 420.793900][T13463] i_nlink=2 [ 420.937063][ T5803] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 420.968160][ T5871] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 420.998909][T13463] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 421.028425][T13463] fscrypt (loop6, inode 16): Error -61 getting encryption context [ 421.108970][T12412] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.251112][T13472] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3387'. [ 421.470672][ T5807] __loop_clr_fd(loop6) clearing lo_backing_file (refcnt=0x0) [ 421.612369][ T38] audit: type=1326 audit(1778173925.910:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13488 comm="syz.2.3393" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 421.612428][ T38] audit: type=1326 audit(1778173925.910:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13488 comm="syz.2.3393" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 421.700399][ T38] audit: type=1326 audit(1778173925.990:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13488 comm="syz.2.3393" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 421.700457][ T38] audit: type=1326 audit(1778173925.990:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13488 comm="syz.2.3393" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 421.700501][ T38] audit: type=1326 audit(1778173925.990:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13488 comm="syz.2.3393" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c685cdd9 code=0x7ffc0000 [ 422.033504][T13492] loop6: detected capacity change from 0 to 4096 [ 422.185608][T13503] loop2: detected capacity change from 0 to 1024 [ 422.262020][T13492] ntfs3(loop6): ino=3, ntfs_set_state failed, -22. [ 422.262058][T13492] ntfs3(loop6): Failed to initialize $Extend/$ObjId. [ 422.529480][ T1184] ntfs3(loop6): ino=3, ntfs3_write_inode failed, -22. [ 422.530250][T12412] ntfs3(loop6): ino=3, ntfs_set_state failed, -22. [ 422.530278][T12412] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 422.530298][T12412] ntfs3(loop6): ino=3, ntfs_set_state failed, -22. [ 422.535477][ T1184] ntfs3(loop6): ino=3, ntfs3_write_inode failed, -22. [ 422.741342][T12412] __loop_clr_fd(loop6) clearing lo_backing_file (refcnt=0x0) [ 422.992281][T13503] hfsplus: xattr search failed [ 423.675650][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 423.690795][ T5604] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 423.902902][ T5604] usb 1-1: Using ep0 maxpacket: 16 [ 423.919826][ T5604] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 423.919859][ T5604] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.961533][ T5604] usb 1-1: config 0 descriptor?? [ 424.075625][ T5604] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 424.392541][ T5604] gspca_sonixj: reg_r err -71 [ 424.392640][ T5604] sonixj 1-1:0.0: probe with driver sonixj failed with error -71 [ 424.487752][ T5604] usb 1-1: USB disconnect, device number 17 [ 424.605567][T13576] nftables ruleset with unbound set [ 424.726918][T13548] loop3: detected capacity change from 0 to 32768 [ 424.741139][T13548] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3412 (13548) [ 424.780554][T13548] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 424.780592][T13548] BTRFS info (device loop3): using sha256 checksum algorithm [ 424.866649][T13595] loop2: detected capacity change from 0 to 256 [ 424.951604][T13595] FAT-fs (loop2): Directory bread(block 64) failed [ 424.951636][T13595] FAT-fs (loop2): Directory bread(block 65) failed [ 424.951732][T13595] FAT-fs (loop2): Directory bread(block 66) failed [ 424.951755][T13595] FAT-fs (loop2): Directory bread(block 67) failed [ 424.951845][T13595] FAT-fs (loop2): Directory bread(block 68) failed [ 424.951868][T13595] FAT-fs (loop2): Directory bread(block 69) failed [ 424.951974][T13595] FAT-fs (loop2): Directory bread(block 70) failed [ 424.951995][T13595] FAT-fs (loop2): Directory bread(block 71) failed [ 424.952096][T13595] FAT-fs (loop2): Directory bread(block 72) failed [ 424.952118][T13595] FAT-fs (loop2): Directory bread(block 73) failed [ 425.319468][T13604] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3425'. [ 425.500164][T13548] BTRFS info (device loop3): enabling ssd optimizations [ 425.500195][T13548] BTRFS info (device loop3): turning on async discard [ 425.500213][T13548] BTRFS info (device loop3): enabling free space tree [ 425.600392][ T5803] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 425.797371][ T5626] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 427.436215][ T5803] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 427.724986][T13673] loop3: detected capacity change from 0 to 2048 [ 427.762460][T13675] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3452'. [ 427.762512][T13675] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3452'. [ 427.782245][T13671] macsec1: entered promiscuous mode [ 427.794231][T13673] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 427.824747][T13671] macsec1: entered allmulticast mode [ 427.824769][T13671] veth1_macvtap: entered allmulticast mode [ 427.901188][T13678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3453'. [ 427.901979][T13678] Zero length message leads to an empty skb [ 428.344707][ T5803] __loop_clr_fd(loop3) clearing lo_backing_file (refcnt=0x0) [ 428.468652][ T836] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 428.626819][ T836] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 428.626856][ T836] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 428.626897][ T836] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 428.626923][ T836] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.676621][T13699] loop2: detected capacity change from 0 to 512 [ 428.694541][ T836] usb 1-1: config 0 descriptor?? [ 428.712098][T13699] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 428.759156][T13699] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 428.759360][T13699] System zones: 1-12 [ 428.866169][T13699] EXT4-fs (loop2): 1 truncate cleaned up [ 428.869137][T13699] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 429.110402][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.194991][ T836] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 429.195032][ T836] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 429.195062][ T836] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 429.195090][ T836] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 429.195118][ T836] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 429.195144][ T836] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 429.195171][ T836] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 429.207750][ T5633] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 429.285077][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 429.360245][ T836] hid-thrustmaster 0003:044F:B65D.0001: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.0-1/input0 [ 429.360548][ T836] hid-thrustmaster 0003:044F:B65D.0001: Wrong number of endpoints? [ 429.360810][ C0] hid-thrustmaster 0003:044F:B65D.0001: URB to get model id failed with error -71 [ 429.384087][ T5633] usb 7-1: Using ep0 maxpacket: 8 [ 429.416884][ T5633] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 429.435173][ T5633] usb 7-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 429.435194][ T5633] usb 7-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 429.435207][ T5633] usb 7-1: Product: syz [ 429.435217][ T5633] usb 7-1: Manufacturer: syz [ 429.435226][ T5633] usb 7-1: SerialNumber: syz [ 429.547703][ T836] usb 1-1: USB disconnect, device number 18 [ 429.678736][T13716] loop2: detected capacity change from 0 to 512 [ 429.695289][ T5633] usb 7-1: Handspring Visor / Palm OS: No valid connect info available [ 429.695312][ T5633] usb 7-1: Handspring Visor / Palm OS: port 0, is for Debugger use [ 429.695330][ T5633] usb 7-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 429.695347][ T5633] usb 7-1: Handspring Visor / Palm OS: Number of ports: 2 [ 429.896019][ T5633] usb 7-1: palm_os_3_probe - error -71 getting bytes available request [ 429.896102][ T5633] visor 7-1:1.0: Handspring Visor / Palm OS converter detected [ 429.932777][ T5633] usb 7-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 429.966585][T13716] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 430.017250][T13717] fido_id[13717]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 430.022817][ T5633] usb 7-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 430.024936][T13716] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended [ 430.112977][T13716] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3468: inode #15: comm syz.2.3468: iget: illegal inode # [ 430.113012][T13716] loop2: lost filesystem error report for type 5 error -117 [ 430.122902][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 430.122921][ C0] EXT4-fs (loop2): initial error at time 1778173934: ext4_orphan_get:1397 [ 430.122940][ C0] EXT4-fs (loop2): last error at time 1778173934: ext4_orphan_get:1397 [ 430.133695][ T5633] usb 7-1: USB disconnect, device number 2 [ 430.191584][ T5633] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 430.209851][T13716] EXT4-fs (loop2): Remounting filesystem read-only [ 430.283338][T13716] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 430.402041][ T5633] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 430.433280][ T5633] visor 7-1:1.0: device disconnected [ 430.535629][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 430.610853][ T5630] __loop_clr_fd(loop2) clearing lo_backing_file (refcnt=0x0) [ 430.685612][T13731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3478'. [ 430.985003][ T32] IPVS: starting estimator thread 0... [ 431.023374][T13740] loop0: detected capacity change from 0 to 2048 [ 431.025288][T13740] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 431.051961][T13740] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 431.055175][T13740] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 431.072247][T13740] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 431.073169][T13741] IPVS: using max 8 ests per chain, 19200 per kthread [ 431.359479][T13750] netlink: 'syz.6.3484': attribute type 29 has an invalid length. [ 431.559823][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 431.603416][ T32] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 431.767418][T13762] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 431.980133][ T32] usb 3-1: unable to get BOS descriptor or descriptor too short [ 431.983766][ T32] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 431.983813][ T32] usb 3-1: can't read configurations, error -71 [ 432.176963][T13777] loop0: detected capacity change from 0 to 128 [ 432.304274][ T5625] __loop_clr_fd(loop0) clearing lo_backing_file (refcnt=0x0) [ 432.305697][T13772] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 432.305723][T13772] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 432.423061][ T5755] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 432.487104][T13772] vhci_hcd vhci_hcd.0: Device attached [ 432.574032][ T5755] usb 4-1: Using ep0 maxpacket: 8 [ 432.589287][ T5755] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 432.589317][ T5755] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 432.589338][ T5755] usb 4-1: config 16 has 0 interfaces, different from the descriptor's value: 1 [ 432.589386][ T5755] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 432.589426][ T5755] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.724791][ T5633] usb 39-1: new low-speed USB device number 2 using vhci_hcd [ 432.910320][ T5950] usb 4-1: USB disconnect, device number 14 [ 432.925563][T13780] ================================================================== [ 432.925580][T13780] BUG: KASAN: slab-use-after-free in vhci_tx_loop+0x3e9/0x1c50 [ 432.925616][T13780] Read of size 8 at addr ffff88802e4982a0 by task vhci_tx/13780 [ 432.925634][T13780] [ 432.925663][T13780] CPU: 0 UID: 0 PID: 13780 Comm: vhci_tx Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 432.925694][T13780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 432.925712][T13780] Call Trace: [ 432.925721][T13780] [ 432.925730][T13780] dump_stack_lvl+0xe8/0x150 [ 432.925760][T13780] print_address_description+0x55/0x1e0 [ 432.925790][T13780] ? vhci_tx_loop+0x3e9/0x1c50 [ 432.925812][T13780] print_report+0x58/0x70 [ 432.925847][T13780] kasan_report+0x117/0x150 [ 432.925882][T13780] ? vhci_tx_loop+0x3e9/0x1c50 [ 432.925911][T13780] vhci_tx_loop+0x3e9/0x1c50 [ 432.925934][T13780] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 432.925962][T13780] ? __set_cpus_allowed_ptr_locked+0x7bb/0x19c0 [ 432.925998][T13780] ? __pfx_vhci_tx_loop+0x10/0x10 [ 432.926028][T13780] ? __lock_acquire+0x6b5/0x2d10 [ 432.926065][T13780] ? do_raw_spin_lock+0x12b/0x2f0 [ 432.926101][T13780] ? lock_acquire+0x106/0x350 [ 432.926129][T13780] ? __pfx_autoremove_wake_function+0x10/0x10 [ 432.926164][T13780] ? __kthread_parkme+0x7a/0x1f0 [ 432.926200][T13780] kthread+0x388/0x470 [ 432.926223][T13780] ? __pfx_vhci_tx_loop+0x10/0x10 [ 432.926244][T13780] ? __pfx_kthread+0x10/0x10 [ 432.926267][T13780] ret_from_fork+0x514/0xb70 [ 432.926294][T13780] ? __pfx_ret_from_fork+0x10/0x10 [ 432.926319][T13780] ? __switch_to+0xc79/0x1410 [ 432.926342][T13780] ? __pfx_kthread+0x10/0x10 [ 432.926364][T13780] ret_from_fork_asm+0x1a/0x30 [ 432.926403][T13780] [ 432.926411][T13780] [ 432.926416][T13780] Allocated by task 5633: [ 432.926435][T13780] kasan_save_track+0x3e/0x80 [ 432.926462][T13780] __kasan_kmalloc+0x93/0xb0 [ 432.926491][T13780] __kmalloc_cache_noprof+0x3a6/0x690 [ 432.926520][T13780] vhci_urb_enqueue+0x5c9/0xe10 [ 432.926544][T13780] usb_hcd_submit_urb+0x323/0x1b50 [ 432.926565][T13780] usb_start_wait_urb+0x13f/0x5b0 [ 432.926592][T13780] usb_control_msg+0x234/0x3e0 [ 432.926618][T13780] hub_port_init+0xb1e/0x28c0 [ 432.926647][T13780] hub_event+0x25d3/0x4f60 [ 432.926676][T13780] process_one_work+0x98b/0x1630 [ 432.926704][T13780] worker_thread+0xb49/0x1140 [ 432.926733][T13780] kthread+0x388/0x470 [ 432.926751][T13780] ret_from_fork+0x514/0xb70 [ 432.926775][T13780] ret_from_fork_asm+0x1a/0x30 [ 432.926801][T13780] [ 432.926807][T13780] Freed by task 13779: [ 432.926817][T13780] kasan_save_track+0x3e/0x80 [ 432.926843][T13780] kasan_save_free_info+0x46/0x50 [ 432.926864][T13780] __kasan_slab_free+0x5c/0x80 [ 432.926892][T13780] kfree+0x1c5/0x6c0 [ 432.926918][T13780] pickup_urb_and_free_priv+0x225/0x3f0 [ 432.926941][T13780] vhci_rx_loop+0x3c5/0xa00 [ 432.926963][T13780] kthread+0x388/0x470 [ 432.926983][T13780] ret_from_fork+0x514/0xb70 [ 432.927005][T13780] ret_from_fork_asm+0x1a/0x30 [ 432.927034][T13780] [ 432.927039][T13780] The buggy address belongs to the object at ffff88802e498280 [ 432.927039][T13780] which belongs to the cache kmalloc-64 of size 64 [ 432.927059][T13780] The buggy address is located 32 bytes inside of [ 432.927059][T13780] freed 64-byte region [ffff88802e498280, ffff88802e4982c0) [ 432.927081][T13780] [ 432.927087][T13780] The buggy address belongs to the physical page: [ 432.927105][T13780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802e498500 pfn:0x2e498 [ 432.927131][T13780] flags: 0x80000000000200(workingset|node=0|zone=1) [ 432.927153][T13780] page_type: f5(slab) [ 432.927174][T13780] raw: 0080000000000200 ffff88813fe168c0 ffffea0000d2cbd0 ffffea0001358810 [ 432.927194][T13780] raw: ffff88802e498500 000000080020001e 00000000f5000000 0000000000000000 [ 432.927206][T13780] page dumped because: kasan: bad access detected [ 432.927217][T13780] page_owner tracks the page as allocated [ 432.927224][T13780] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 22692419449, free_ts 0 [ 432.927260][T13780] post_alloc_hook+0x1f9/0x250 [ 432.927289][T13780] get_page_from_freelist+0x27d6/0x2850 [ 432.927310][T13780] __alloc_frozen_pages_noprof+0x18d/0x380 [ 432.927330][T13780] allocate_slab+0x74/0x5e0 [ 432.927351][T13780] refill_objects+0x33c/0x3d0 [ 432.927372][T13780] __pcs_replace_empty_main+0x373/0x720 [ 432.927396][T13780] __kmalloc_noprof+0x530/0x7b0 [ 432.927431][T13780] handler_new_ref+0x261/0x9c0 [ 432.927462][T13780] v4l2_ctrl_add_handler+0x19f/0x290 [ 432.927482][T13780] vivid_create_controls+0x3403/0x3bd0 [ 432.927510][T13780] vivid_probe+0x425f/0x72c0 [ 432.927528][T13780] platform_probe+0xf9/0x190 [ 432.927553][T13780] really_probe+0x267/0xaf0 [ 432.927580][T13780] __driver_probe_device+0x1e2/0x350 [ 432.927607][T13780] driver_probe_device+0x4f/0x240 [ 432.927636][T13780] __driver_attach+0x33c/0x600 [ 432.927662][T13780] page_owner free stack trace missing [ 432.927676][T13780] [ 432.927681][T13780] Memory state around the buggy address: [ 432.927692][T13780] ffff88802e498180: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 432.927707][T13780] ffff88802e498200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 432.927723][T13780] >ffff88802e498280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 432.927734][T13780] ^ [ 432.927745][T13780] ffff88802e498300: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 432.927760][T13780] ffff88802e498380: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 432.927771][T13780] ================================================================== [ 432.927879][T13780] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 432.927900][T13780] CPU: 0 UID: 0 PID: 13780 Comm: vhci_tx Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 432.927926][T13780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 432.927940][T13780] Call Trace: [ 432.927948][T13780] [ 432.927957][T13780] vpanic+0x56c/0xa60 [ 432.927990][T13780] ? __pfx_vpanic+0x10/0x10 [ 432.928024][T13780] panic+0xc5/0xd0 [ 432.928053][T13780] ? __pfx_panic+0x10/0x10 [ 432.928083][T13780] ? preempt_schedule_thunk+0x16/0x40 [ 432.928107][T13780] ? vhci_tx_loop+0x3e9/0x1c50 [ 432.928130][T13780] ? preempt_schedule_thunk+0x16/0x40 [ 432.928153][T13780] ? vhci_tx_loop+0x3e9/0x1c50 [ 432.928175][T13780] check_panic_on_warn+0x89/0xb0 [ 432.928202][T13780] ? vhci_tx_loop+0x3e9/0x1c50 [ 432.928226][T13780] end_report+0x73/0x170 [ 432.928259][T13780] ? vhci_tx_loop+0x3e9/0x1c50 [ 432.928282][T13780] kasan_report+0x128/0x150 [ 432.928315][T13780] ? vhci_tx_loop+0x3e9/0x1c50 [ 432.928343][T13780] vhci_tx_loop+0x3e9/0x1c50 [ 432.928365][T13780] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 432.928391][T13780] ? __set_cpus_allowed_ptr_locked+0x7bb/0x19c0 [ 432.928433][T13780] ? __pfx_vhci_tx_loop+0x10/0x10 [ 432.928464][T13780] ? __lock_acquire+0x6b5/0x2d10 [ 432.928501][T13780] ? do_raw_spin_lock+0x12b/0x2f0 [ 432.928532][T13780] ? lock_acquire+0x106/0x350 [ 432.928561][T13780] ? __pfx_autoremove_wake_function+0x10/0x10 [ 432.928598][T13780] ? __kthread_parkme+0x7a/0x1f0 [ 432.928637][T13780] kthread+0x388/0x470 [ 432.928661][T13780] ? __pfx_vhci_tx_loop+0x10/0x10 [ 432.928683][T13780] ? __pfx_kthread+0x10/0x10 [ 432.928707][T13780] ret_from_fork+0x514/0xb70 [ 432.928736][T13780] ? __pfx_ret_from_fork+0x10/0x10 [ 432.928763][T13780] ? __switch_to+0xc79/0x1410 [ 432.928785][T13780] ? __pfx_kthread+0x10/0x10 [ 432.928808][T13780] ret_from_fork_asm+0x1a/0x30 [ 432.928847][T13780] [ 432.929452][T13780] Kernel Offset: disabled