last executing test programs: 6m5.877063092s ago: executing program 0 (id=436): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x4, 0x0, 0x6000, 0x1000, &(0x7f00000af000/0x1000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x12, 0x0, 0x0) 6m4.559701773s ago: executing program 0 (id=444): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201100300000040"], 0x0) ioctl$EVIOCRMFF(r0, 0x40045506, &(0x7f0000000300)=0x40005) 6m3.065047507s ago: executing program 3 (id=451): r0 = socket$igmp6(0xa, 0x3, 0x2) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ed50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1, 0x0, 0x692}, 0x18) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000180)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0xfffffffd, 0x2, 0x4, 0x400, 0xc}) 6m2.112725455s ago: executing program 3 (id=455): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x42, &(0x7f00000000c0)=ANY=[@ANYBLOB="6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f646174612c6469736361726400aa19fd46b492dc6cf59d696e6c696e655f64656e7472792c00"], 0x1, 0x54f3, &(0x7f000000ab40)="$eJzs3M9rI+UbAPAn7XZ/f/dbRNDbDixCC5uw6XYXvVXdxR/Ypfjj4EnTZBqym2RKk6a1Jw8exYP/iSh48ujf4MGzt8WD4k1QMjPRrSgITRu7/Xxg8sz75s0zz5tD4ZkpCeDMWkx++akS1+JSRMxHxNWI/LxSHrm1IjwfEdcjYu6Jo1LO/zFxPiIuR8S1cfIiZ6V86/Oboxt3fnzz52++u3Duyhdffz+7XQOz9kJE9LaL871eEbN2ER+W841RJ4+91VEZizd6j8pxVsS9dDPPsNeYrGvk8Xa7WJ9t7w7GcavbaI5ju7OVz2/3iwsORu1JnvwDDxs7+biVbuaxM8jy2D4o6to/KP62HQyGRZ5Wme+jPH0Mh5NYzKf7abGf7Ud5bPaH5XyRN2ul++M4KmN5uWhm3VZex+ZRvun/trc6/d39ZJTuDDpZP7lTq79Yq9+t1neyVjpMV6uNXuvuarLU7o6XVYdpo7fWzrJ2N601s95ystRuNqv1erJ0L93sNPpJvV67XbtVvbNcnt1MXnvwXtJtJUvj+EqnvzvsdAfJVraTFJ9YTlZqt19aTm7Uk3fWN5KNt+/fX99494N77z94ef2NV8tFh8t6nK4mSyu3Vlaq9VvVlfryGdr/J2XRU9w/HEll1gUAnD76f2AWTnv/H/r/qThV/e+krLPa/x/D/uFI9P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfWDwtfvp6fLBbjK+X8/8qpZ8pxJSLmIuK3vzEf5w/lnC/zLPzD+oW/1PBtJfIM42tcKI/LEbFWHr/+/7i/BQAAAHh6ffXx9c+Kbr14WZx1QZyk4qbN3NUPp5SvEhELi4+nlG1u/PLslJLFcxFxLvanlC2/gXVxSsmKW27nppXtX5k/FC4+ESpFmDvRcgAAgBNxuBM42S4EAACAk/TprAtgNioxeZQ5eRac/+f9nw8ELx0aAQAAAKdQZdYFAAAAAMcu7//9/h8AAAA83Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n535yUoeiOACfFvoe74+RGOduxRkswyU4dGhYgJtgCbgFN8AacOYSDBjaEq3BxKS3bSTfl7SX25Afp4TJuZcUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuvRcrOaP91cPbXO2u3bS3A0AAABwzKZYzcsX02r+r75+Vl+6qOdZROQRcax3H8WvRuaozim+eH/xqYaniDJh/xm/6+NvRFzXx+t5198CAAAAnK71YjmruvXqNB26IPpULdrk/28S5WURUUxfEqXl+9NlorDy9z2Ou0Rp5QLWJFFYteQ2TpX2LaPGMPkwZNWQ91oOAADQi2Yn0G8XAgAAQJ9uhy6AYWRx2Mo87AWX/7x/3xD805gBAAAAP1A2dAEAAABA58r+3/P/AAAA4LRVz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS5tiNV8vlrO2OdtdO2nuBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmZna6viGmUPEVHwoBe73dbWXj0owYN/ghDSbY1u/dHmYEsRcvEmOfciehQRlHjr/9BzC73UWw57iCAeI/MrmfwAt4TMbJLPB9687w6bed83CSHfeS8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZfLATJ9mhV8Rxee7R5r2lrH+8p888WHsyn7UsjppM+nh4vf4i6reXCAAAAKdHUtX3IYSn6fpC1se9vP5Pq/dkNf9PLxZxVc/vrfurvqr9s/bnHxuvbg/UK8bJLnp9eTy6sD+VztHNckb8u1XYc/ql//3CTn7n82cvSf4NiT9efWWS5vcz+uHhww+7eXjmqBIHAA7rfNWXQfX3UNYP20wMgFOjUyu8q/o/6bWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEATJqvh+SqOQgjznZ0483jz3tJB/YO1J/NVu3L//lr9mtkl0hDC9eXx6EKDc5l1t+/c/WJxPB7daj54I4TQ3uhl8OkU7wmhzQwFhw3i8md9VvI5HkHLv5gAADhx0rJldf3TdH0hOxfNhbD18+76/+1aHKas/zc+u/KoPla9/h82NsPZN1i5+fXg9p277y7fXLwxujH68r2Lw/eHl65evnx1kD8rGXhiAgAAwOF0y1av/+O5/ev/52pxmLL+/+bH4Xf1sRL1/4F2Fv3azgQAAOB0e/nNf/6ODjgfdbvh28WVlVvD4rj9+mJxbCHVZ3ambPX6P5lrOysAAACgCZPVaNf6/7VaHKZc/3/hl9d+q18zCSGcLdf/zy99Nb7W3HRmWhP/Ttz2HAEAAGjX2bLV1//TfP9/vL3lIQ4hvPNWEZcfAzhV/Z989P2v9bHq+/8vNTfFmRT3i/uR9/0QOv22MwIAAOAke65sWbH/V7q+8Pnv5z7p2v8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LT/AgAA//8Yl0ni") unlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 6m1.976451222s ago: executing program 0 (id=456): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000340)={0xffffffffffffffff}, 0x2}}, 0x20) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001840), 0x2, 0x0) write$RDMA_USER_CM_CMD_ACCEPT(r2, &(0x7f0000001880)={0x8, 0x120, 0xfa00, {0x4, {0x6, 0x9, "0d1dee4e1c7b035757f0efa3692cb0c370bcfd892e67b6577aacabd6967be8047e38523486c9d5712bac520a27c9e38dd605427f2302e9a8c6dc5f521d5c9855b3fd2aa0f0a12da4d1e9191fb9fc44555e306619094e3d101d7d8a260663026ff7afd87d18e86b69e465dfcc50e9456c3747f226a691ab62cd918ad2f8cadb1abae034823a29721f838ff49daefd588edc095a8ae3ed5875a3e4c034b797ea88ab8d98c857cd8657cbc1fa2120c766d5317c5ab6de7ce7742dd718ba52f84134cb3596ffd86c574d4a1094f6683d9ba8dfb0968a9759fc4e652bc63db1e2fc90f07e5a7b4618b3a11f3bd9d7c615f8c74c20da8987fbef2e82a7f56135fca148", 0xf8, 0x7, 0x5, 0xcb, 0x2, 0x10, 0xc, 0x1}, r1}}, 0x128) 6m0.582829172s ago: executing program 0 (id=460): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") r0 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='\x00', 0x89901) move_mount(r0, &(0x7f0000000400)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000380)='./file0/../file0/../file0/../file0\x00') 6m0.41823466s ago: executing program 3 (id=461): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0) r1 = socket(0x840000000002, 0x3, 0xff) sendmmsg$inet(r1, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @local}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000140)="a1c0ffff000039a9029e2d34161c0000", 0xff69}, {0x0}], 0x2}}], 0x1, 0x0) 5m58.760524162s ago: executing program 0 (id=467): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x300060c1) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0xe, 0x40, 0x3, 0x41}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140), &(0x7f0000000040), 0x1003, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={r0, &(0x7f0000000300), 0x0}, 0x20) 5m58.711731203s ago: executing program 3 (id=468): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES32=0x0], 0x11, 0x6f2, &(0x7f0000000ac0)="$eJzs3U9sHFcZAPBv1mt7N1Udt03TIFWqaVFBWCSxLRfMJQYhZKQKqiDB2WqcxsrmD7aL3B6wC0hcOXBFKgdzgRMIISEhRSpnuFXcLE4VSFx6Snpg0Pxbr93d9TquvS78ftFk3rw3780338y+2V3J2gD+by1NR/1BNGNp+tXNbHt3Z661uzN3pyjXWhExHhG1iHpHr+S9iMUolvhMVlE19DrOL1YXrr//4e4HxVa9XGpR/NfsHWB9kLPYLpeYioiRcn0M+8Z7/fHGG98rJu3MZAl7qUocDNtoRKT7/ODiXks36UjHRs/XO/DpkRTPzQ7F638y4lxENKoH2nbRWDv9CA91pLlo++TiAAAAgDPj/MOtiM2YGHYcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GlS/v5/Ui6PqvJUJNXv/3+uY/exIYbaX//IGlXhQe00ggEAAAAAAACAk/XCw/jN9TSdqLbTJGrfGyk3muX6zViPlXrE5diM5diIjViLmYiY7BhobHN5Y2NtJl7Mty58lKZpPFH0jLV9PWe79pwdMODmcc8YAAAAAAAAAP6nXJsfz9c/jqWYGHYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQKYkYKVb5cqEqT0atHhGNiBjL9tuO+FtVPkPqR+3w4GTiAAAAgCEb3bd1/mE8jM2YqLbTJP/MfzH/3N+IN+NubMRqbEQrVuJG/l1A8am/truzNb27M3cnW8phv/Nke9yv/XvvGL+fODSofMQovnvofuRL+R7NuBmrec3leD3uRStuRC3vmblUxdMRV4d3spiSa4U0jfFB0nWjXGdn/vNyfSqah+0wmWdktJ2Rq1lsSZHHp/pnovPqDODgkWai1v7m50LvI7W/jKlyfq3vUZL/pGlROlfVRDzxrb45z++X0SOdzLEczMRsx913sX/OIz7/h99+/1br7u1byfb0qd1Gj+WF7tXj/6iuUJWJwnasxFxHJp4bOBM31894Jnra/01jLZ5tl5fim/HdmI6peC3WYjV+GMuxESsxFd/IS8vl/Zz9P9k/U4v7tl47LKax8rqMHIjps+eLdb+YXsz7TsRqfDvuxY1YiVfyf7MxE1+O+ZiPhY4r/OwAM22ty6v+j72Df+kLZSGb+H62NwGe4qu7lyyvT3XktXPOnczbOmtqkZZPlqeP8DzqPzdW9h5Z2ZX4ScdrcPjamWhE+ylRRfdMlYHRrpn4VT6trLfu3l67tXz/wLjJdvfjvRz7T//sTCTZ/fJ0e47Yf3dkbc90bZvJ2y6022oH237dbLcd9kodK9/DfXyk2bztuYj4ZRlt1pbJ5vCs7VJHv+z9ViNv+yhN0+L9FgBn3rkvnhtr/qv51+a7zZ82bzVfbXx9/Cvjz4/F6F9Gv1q/OvJy7fnkd/Fu/CgO/4QOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcav2tt28vt1orawcKaZpu9Wg6kULUI/bV/PlPHfvkvzUWEYMPmO29WIvIa+pRFgbo/s+IKGu2Hu903nncJPy9vCankvA+hWTgnRs975+ycO/J8nQepWl66qdT/VbbkbunpaFdgk+4UP1E1seaknpEj15DmY6AU3Rl4879K+tvvf2l1TvLb6y8sXJ3YX5+4erC/CtzV26uthrDDg84QfmzPn+fM+xIAAAAAAAAAAAAgEEN9sc5ye3lKGrq3f6K4LDuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMewNB31B5HEzNXLV7Pt3Z25VrZU5Ww9ku/5KCJqEZFMRSTvRSxGscRkx3BJr+NsR1x//8PdD4qternk+9eOfxbb5RJTZbhT3fdrdKtMt3qNl+Tj3O893oCSchlp1yweazz4hPw3AAD//xEwCSs=") mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x40) getdents(r0, 0x0, 0x58) 5m57.639184996s ago: executing program 3 (id=475): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={0x18, 0x56, 0x1, 0x0, 0x0, {0x7}, [@generic='[']}, 0x18}, 0x1, 0x0, 0x0, 0x84}, 0x0) 5m56.736485198s ago: executing program 3 (id=480): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0) syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) 5m54.133146538s ago: executing program 32 (id=480): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0) syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) 5m47.420602259s ago: executing program 0 (id=499): r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x0, [0x4]}}]}}]}, 0x8c}}, 0x0) 5m44.635636889s ago: executing program 33 (id=499): r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x0, [0x4]}}]}}]}, 0x8c}}, 0x0) 3m59.738521941s ago: executing program 1 (id=896): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000000)) fcntl$lock(r0, 0x25, &(0x7f0000000340)={0x2, 0x0, 0x4004, 0xffffffffffffffff}) close(r0) 3m59.319046383s ago: executing program 1 (id=898): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8000, 0x1f7) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x201, 0x4800003e, r0, 0x0) fanotify_mark(r1, 0x2, 0x1, r0, 0x0) 3m58.667302757s ago: executing program 1 (id=901): syz_open_dev$sndpcmc(&(0x7f0000000080), 0xb, 0x2) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) unshare(0x2040600) ioctl$SNDRV_PCM_IOCTL_UNLINK(r0, 0x40044160, 0x3) 3m58.196579782s ago: executing program 1 (id=904): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x81008e, &(0x7f0000003f80)=ANY=[@ANYBLOB="726f6469722c7379735f696d6d757461626c652c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c636865636b3d7374726963742c636f6465706167653d3935302c696f636861727365743d63703836302c696f636861727365743d63703433372c73686f72746e616d653d77696e6e742c696f636861727365743d63703933322c6e6f6e756d7461696c3d302c6e66732c726f6469722c757466383d312c73686f72746e616d653d6d697865642c757466383d302c00e23bb66df271dc392ed708", @ANYRES16], 0x4, 0x2ba, &(0x7f00000001c0)="$eJzs3T9ra2UYAPDnpPmnDskgDiJ4QIc7XW7v6mCq9MLFTEoGXfTiTUGaILRQ8A+mnVxdHP0EguDW1Q/g4jcQXAU3OxSOnJNzmqZN00ZMq97fb+nTc97nfZ+3edvSwnny0Svj3adp7Bx9+Wu020nUetGLkyS6UYvKYczpfRMAwH/ZSZbFH9nUKnlJRLTXVxYAsEYr//7/ce0lAQBr9t77H7yz1e9vv5um7Xg0/vpgkP9ln3+c3t/aiU9iFMN4EJ04jcjOTONHWZZN6mmuG6+PJweDPHP84c/l/Fu/RxT5m9GJbnFpPv9xf3sznTqXP8nreL5cv5fnP6x34sUF6z/ubz9ckB+DZtx7raw/4jDuRyd++Tg+jVE8LYqY5X+1maZvZ9/++UXxH408P5kcDFrFuJls47ZfGwAAAAAAAAAAAAAAAAAAAAAA/r/ul71zWlH078kvlf13Nk7zTxqRVrrz/Xmm+Uk10YX+QJMsvqv66zxIX2pl5cBZfj1erkf9bnYNAAAAAAAAAAAAAAAAAAAA/y77n32++2Q0Gu4tC248uOoGUD3Wf+3MVwS94d5xdeXVWD64NVurVoajYV7IwqzYqMYkEUvLyDfxt4pfPXiuqHnBre9/WHXC9vVjGovX+ieD6sDsPkkWfw1bZ69Ouzokx+fHNOOGazWnwZuXbmUrHb/mwludG6Qn8/O8UASTJVmRLCvsjd8iGhHVmU8u7qJ51cEeDRtFcO/qb732Suf58s+KRLcOAAAAAAAAAAAAAAAAAABYq8sP+Z9ztDS1lrXWVhYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3KrZ+/+vEEzK5OmVn95aMrgZe/t3vEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeAX8FAAD//9OuWkY=") recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 3m57.434615443s ago: executing program 1 (id=907): setresuid(0xee00, 0xee00, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpgid(0x0) kcmp(r0, r1, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) 3m56.344858033s ago: executing program 1 (id=912): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000000c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050003"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 3m54.479160141s ago: executing program 34 (id=912): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000000c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050003"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 2m34.384047318s ago: executing program 7 (id=1438): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000880)=@newqdisc={0x54, 0x24, 0xf0b, 0x18000020, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x8}, {0xffff, 0xffff}, {0x1, 0x4}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x6, 0x2, 0x3, 0x1, 0x4, 0x239}}, {0x4}}]}, @qdisc_kind_options=@q_clsact={0xb}]}, 0x54}, 0x1, 0x0, 0x0, 0x4048005}, 0x0) 2m33.913979871s ago: executing program 7 (id=1442): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000500)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0xb0, 0x24, 0xf0b, 0x0, 0xfffffffd, {0x0, 0x0, 0x12, r1, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0x8001}]}}]}, 0xb0}}, 0x0) 2m32.694357656s ago: executing program 7 (id=1446): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfd5d}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR={0xa, 0x9, @dev}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x48}}, 0x0) 2m31.029159895s ago: executing program 7 (id=1453): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x40, &(0x7f0000000a80)={[{@resuid}, {@max_dir_size_kb}]}, 0x0, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=") mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1250d1, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) 2m29.059741281s ago: executing program 7 (id=1457): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000023c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 2m27.089679489s ago: executing program 7 (id=1461): syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000080)='./file1\x00', 0x2, &(0x7f0000000400)=ANY=[], 0x1, 0xf0d, &(0x7f0000001e80)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiICYHhCVEEVCnCoOVFwolQJSkUCVKtRT21Or3npCvVCpSqWgHtpIiavYb9a7L/vY9cSetXd/P+nz2zdvdr5vbMeZmZ19G4CR1Vj7evToQhHCO5+9/ejLTxWfXF12V2uNA2tfi9hrhhAm2vpFsr0v4oLLF1860a0twuG1r2U/PHah9dyZEMJKOBA+D83w4dLyVx+8+8jBj1+bvuXNs8+8sk2735LuBwAADKPzf17++33//NMD85fO7z8eplrLy+PzZuzPxOP+Q/FAuTxeboTOftEW7SaT9cZiNJL1xpL1xpM845l8E8l2JjLrTfbIN9a2rNt+AgAAwG5Untc2Q9FY7Og3GouL6+f9V30xN1ksPnd6+dSZARUKAAAAVPafc2s33QohhBBCCCGEEGKIY3Vu0FcgAAAAgFGTzhd2jZWtnamrtbVmf/kvPNzo/nzYAnX//n99/ukB5+9ixPO//6q/OAAAVDesR5PlfpXH0eU8Buk8gmPJ8zZ7/N9ItjO+yTpz8wrulvkGc3Wm39edKlf/Zn+Og5KrP50Pc6fK1Z/O07lT5eqfqrmOqnL1d7nysyPl6t9Tcx1V5erfW3MdVeXqn6m5jqpy9c/WXEdVufpvqLmOqnL176u5jqpy9e+W22pz9TdrrqOqXP3zNddRVa7+G2uuo6pc/TfVXEdVufpvrrmOQbkztuX3YX9mvZku53S75RwPAAAARt3/zP8nhBBCtMf6LRCDr0MIIYQQYkvj3KAvQAAAAAADV74voHzX+2pUjo/1GB9vH5/eWKEcn+jx/Mke41M9xgEAAIAQfvf6qdveKjbmu7ve+fDKeaP2hE+uhArzGKXzEW42//XOe3a9+XfLvGUAAACMluIHn1+5/9H3Xpi/dH7/8baz3yvxfLecB3Q8Xhv4NPbL+wJmk35RnkMf78zTyKyXXh+4Ibe9x69zRwEAAGCElefvzVA0FtvOu5uh0Vhc3DgfXwgTxanTyycPxX75+Sx/nJuYurr8oZrrBgAAAPq3cb7f/fy//BzfhTBZLD53evnUmfX+bGv5RKP9usDcxvKi/bpAM1l+OLP8SOyXn9/5o7k9a8sXT/x4+amt3nkAAAAYEWdePPvMk8vLJ3/igQceeNB6MOi/TAAAwFb78su3J356ZPb36+//35j/7kp8cCD2m3Fuv7/E5eV9AuX7AK55v/4TnXnmcus937leM1lvLMZUUvd023bC2nyDnc+bz+Vrdm5nMpNvJsk3m+RL5ykYT9YvuswlGLrMT1iuN5csT+dhHE9yFEn+u7vkAgAAgNLSC88+v3TmxbMPnn72yadPPn3yuSOHj33/2LFDD33voaW1+/qX2u/uBwAAAHajjZt+B10JAAAAAAAAAAAAAAAAAAAAjK46Pk5s0PsIAAAAo+7f50IIK0JkovyAwUHXIXZyrE4NvobhjrBD/x2+/tHgaxBCCCF2R0wN/P9y531iJYTV1fST5gEAAAC21+WLL51ob6+xUmxpvtbWmuvNlZi3bGcf/Nv81ShXu/Bw5/WSvVtaDaOu7t9/+Xdq/qmu4++/urX5p8PG377Q19+/RucGjnf09vSb996lXy+08ocQbh/vM3+6/4/3m7HTwST/vaG//KvvJfmf6Og1+s1/X5J/b5/5r9n/5/vN2On+mH8h9g/e02/+zl0sf0vL/ej3F+C7yf4/FfrNn+x/s8+EiQdifgAYRa3/zVfPDbaQLVYeJZTH0zOxX+5vPNwM6d0Pmz3+byTbGb/uyju3Wx4H3Rr70606OvOWNlt/+X2Zje0NFetM7Za7SnL1b9XPcbvl6p+ouY6qcvVP1lxHVbn6u5+97zy5+qdrrqOqXP19X4gYsFz9u+W6cq7+mZrrqCpX/2zNdVSVq3+z/48PSq7+fTXXUVWu/rma66gqV3/Fy2q1y9U/X3MdVeXqv7HmOqrK1X9TzXVUlav/5prrGJQ7Yps7Hy7PP+fiWNlvJv2pLt/Lvl8MAQAAALbVv3bkPBBtVw4GXosQQgghhBDDH/9dXTfoOoQQ2xerq4O8+sCgbe+7mQHYqfz9H21+/qPNz3+0+fnzdcpX4oukXxrrMT7eY3yix/hkMp7+vk71GL8p2e5qeV0zurnH+DfiHuTG9/V4/q09xhd6jN/WY/z2HuN39BgHAABgNNwSW+eHAAAAMLxe/s2nb/z23icuzl86v/94mLxm3vlDsT8VX1t/PfbTee9LE/E1/5/F/q9i+4fY/iNZ3/0nAAAAsP3Kz4nx+j8AAAAMr/JzSp3/AwAAwPCaj63zfwAAABheN8bW+T8AAAAMsWK6++LYltcF7o5tv/P6AQA73zdje2ds98f2rth+K7blccA9sf12TfUBAFvnlz/8+bG3io35/o8k45fj8rK9xsr6lYKi0TmT/57Y7o3td/qsJ/08gH7zl/b1mWe78s9dZ34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHg01r4ePbpQhPDOZ28/+ovJN/56ddldrTUOrH0tYq8ZQphoPa8c3eh/FFe8fPGlE+3tldgW4XAoQtFaHh670Mo0E0JYCQfC56EZPlxa/uqDdx85+PFr07e8efaZV7bxW9CxfwAAADCM/h8AAP//PZYhLQ==") name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@FILEID_UDF_WITH_PARENT={0x14, 0x52, {{0x3, 0x6, 0x7, 0xa}, 0x10001, 0x9}}, &(0x7f0000000000), 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 2m23.317940539s ago: executing program 35 (id=1461): syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000080)='./file1\x00', 0x2, &(0x7f0000000400)=ANY=[], 0x1, 0xf0d, &(0x7f0000001e80)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiICYHhCVEEVCnCoOVFwolQJSkUCVKtRT21Or3npCvVCpSqWgHtpIiavYb9a7L/vY9cSetXd/P+nz2zdvdr5vbMeZmZ19G4CR1Vj7evToQhHCO5+9/ejLTxWfXF12V2uNA2tfi9hrhhAm2vpFsr0v4oLLF1860a0twuG1r2U/PHah9dyZEMJKOBA+D83w4dLyVx+8+8jBj1+bvuXNs8+8sk2735LuBwAADKPzf17++33//NMD85fO7z8eplrLy+PzZuzPxOP+Q/FAuTxeboTOftEW7SaT9cZiNJL1xpL1xpM845l8E8l2JjLrTfbIN9a2rNt+AgAAwG5Untc2Q9FY7Og3GouL6+f9V30xN1ksPnd6+dSZARUKAAAAVPafc2s33QohhBBCCCGEEGKIY3Vu0FcgAAAAgFGTzhd2jZWtnamrtbVmf/kvPNzo/nzYAnX//n99/ukB5+9ixPO//6q/OAAAVDesR5PlfpXH0eU8Buk8gmPJ8zZ7/N9ItjO+yTpz8wrulvkGc3Wm39edKlf/Zn+Og5KrP50Pc6fK1Z/O07lT5eqfqrmOqnL1d7nysyPl6t9Tcx1V5erfW3MdVeXqn6m5jqpy9c/WXEdVufpvqLmOqnL176u5jqpy9e+W22pz9TdrrqOqXP3zNddRVa7+G2uuo6pc/TfVXEdVufpvrrmOQbkztuX3YX9mvZku53S75RwPAAAARt3/zP8nhBBCtMf6LRCDr0MIIYQQYkvj3KAvQAAAAAADV74voHzX+2pUjo/1GB9vH5/eWKEcn+jx/Mke41M9xgEAAIAQfvf6qdveKjbmu7ve+fDKeaP2hE+uhArzGKXzEW42//XOe3a9+XfLvGUAAACMluIHn1+5/9H3Xpi/dH7/8baz3yvxfLecB3Q8Xhv4NPbL+wJmk35RnkMf78zTyKyXXh+4Ibe9x69zRwEAAGCElefvzVA0FtvOu5uh0Vhc3DgfXwgTxanTyycPxX75+Sx/nJuYurr8oZrrBgAAAPq3cb7f/fy//BzfhTBZLD53evnUmfX+bGv5RKP9usDcxvKi/bpAM1l+OLP8SOyXn9/5o7k9a8sXT/x4+amt3nkAAAAYEWdePPvMk8vLJ3/igQceeNB6MOi/TAAAwFb78su3J356ZPb36+//35j/7kp8cCD2m3Fuv7/E5eV9AuX7AK55v/4TnXnmcus937leM1lvLMZUUvd023bC2nyDnc+bz+Vrdm5nMpNvJsk3m+RL5ykYT9YvuswlGLrMT1iuN5csT+dhHE9yFEn+u7vkAgAAgNLSC88+v3TmxbMPnn72yadPPn3yuSOHj33/2LFDD33voaW1+/qX2u/uBwAAAHajjZt+B10JAAAAAAAAAAAAAAAAAAAAjK46Pk5s0PsIAAAAo+7f50IIK0JkovyAwUHXIXZyrE4NvobhjrBD/x2+/tHgaxBCCCF2R0wN/P9y531iJYTV1fST5gEAAAC21+WLL51ob6+xUmxpvtbWmuvNlZi3bGcf/Nv81ShXu/Bw5/WSvVtaDaOu7t9/+Xdq/qmu4++/urX5p8PG377Q19+/RucGjnf09vSb996lXy+08ocQbh/vM3+6/4/3m7HTwST/vaG//KvvJfmf6Og1+s1/X5J/b5/5r9n/5/vN2On+mH8h9g/e02/+zl0sf0vL/ej3F+C7yf4/FfrNn+x/s8+EiQdifgAYRa3/zVfPDbaQLVYeJZTH0zOxX+5vPNwM6d0Pmz3+byTbGb/uyju3Wx4H3Rr70606OvOWNlt/+X2Zje0NFetM7Za7SnL1b9XPcbvl6p+ouY6qcvVP1lxHVbn6u5+97zy5+qdrrqOqXP19X4gYsFz9u+W6cq7+mZrrqCpX/2zNdVSVq3+z/48PSq7+fTXXUVWu/rma66gqV3/Fy2q1y9U/X3MdVeXqv7HmOqrK1X9TzXVUlav/5prrGJQ7Yps7Hy7PP+fiWNlvJv2pLt/Lvl8MAQAAALbVv3bkPBBtVw4GXosQQgghhBDDH/9dXTfoOoQQ2xerq4O8+sCgbe+7mQHYqfz9H21+/qPNz3+0+fnzdcpX4oukXxrrMT7eY3yix/hkMp7+vk71GL8p2e5qeV0zurnH+DfiHuTG9/V4/q09xhd6jN/WY/z2HuN39BgHAABgNNwSW+eHAAAAMLxe/s2nb/z23icuzl86v/94mLxm3vlDsT8VX1t/PfbTee9LE/E1/5/F/q9i+4fY/iNZ3/0nAAAAsP3Kz4nx+j8AAAAMr/JzSp3/AwAAwPCaj63zfwAAABheN8bW+T8AAAAMsWK6++LYltcF7o5tv/P6AQA73zdje2ds98f2rth+K7blccA9sf12TfUBAFvnlz/8+bG3io35/o8k45fj8rK9xsr6lYKi0TmT/57Y7o3td/qsJ/08gH7zl/b1mWe78s9dZ34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHg01r4ePbpQhPDOZ28/+ovJN/56ddldrTUOrH0tYq8ZQphoPa8c3eh/FFe8fPGlE+3tldgW4XAoQtFaHh670Mo0E0JYCQfC56EZPlxa/uqDdx85+PFr07e8efaZV7bxW9CxfwAAADCM/h8AAP//PZYhLQ==") name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@FILEID_UDF_WITH_PARENT={0x14, 0x52, {{0x3, 0x6, 0x7, 0xa}, 0x10001, 0x9}}, &(0x7f0000000000), 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 18.769773972s ago: executing program 8 (id=2266): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00') getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002) 18.289360152s ago: executing program 8 (id=2271): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x12, 0x8, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x4}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={r3, &(0x7f00000002c0), &(0x7f0000000300)=@tcp6=r0, 0x1}, 0x20) 17.849449712s ago: executing program 8 (id=2276): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x40740}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x3f01) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0) close(r1) 17.382021732s ago: executing program 8 (id=2282): syz_mount_image$ext4(&(0x7f0000002080)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x400, &(0x7f00000020c0), 0x0, 0x548, &(0x7f0000000cc0)="$eJzs3c9vI1cdAPDvTH42TZst9AAVsAsUFrRae+OlUdVLuxcQqiohKg6IwzYkThRixyF2ShMikf4NIIHECf4EDkgckHriwI0jN4RUDkgLRKANEhVGHk+yadbeeDeOTePPR5qdHy953/fsnXnPb+J5AYysaxGxHxGTEfFWRMzlx5N8idfaS+vn7h/sLR0e7C3Ff5vNN/+eZOmtY0d5NfP103me0xHxza9FfDd5OG59Z3d9sVIpb+X7xUZ1s1jf2b25Vl1cLa+WN0qlhfmFWy/ffqnUt7perf7q3lfXXv/Wb3/z6ff/sP/lH7aKNZunnaxHP7WrPnEcp2U8Il6/iGBDMJavJ4dcDp5MGhEfi4jPZef/XIxl/zsBgMus2ZyL5tzJfQDgskuzMbAkLeRjAbORpoVCewzv+ZhJK7V648ZKbXtjuT1WdiUm0qm8r/D97N+JZGWtUp7P0rL0bL90av92RDwXET+ZeirbLyzVKsvD6fIAwMh7+lT7/6+pdvvfgw539QCAj4zpYRcAABg47T8AjB7tPwCMnh7a//xm//6FlwUAGAyf/wFg9Gj/AWD0aP8BYKR84403WkvzMH/+9fLbO9vrtbdvLpfr64Xq9lJhqba1WVit1VazZ/ZUz8qvUqttjkfEO8VGud4o1nd271Zr2xuNu9lzve+WJwZSKwDgUZ67+t4fk4jYf+WpbAlzOcDISIddAGBoxoZdAGBozPYFo6v38fjfX2g5gOHp+DDv6Y6bHx40+NljBPF3RvB/5fonu4//n+4buC8Al4vxfxhdTzb+/2rfywEMXqfxf/18GA3NZnI05/9kPv3/5HESAHApneP7eM0f9asTAgzVWZN5d711/zj3/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCSmY2I70WSFvK5wGcjTQuFiGci4kpMJCtrlfKtiHg2rkbExNTK2rBLDACcX/rXJJ//6/rci7OnUyeTf09FPif4D37+5k/fWWw0tuZbx/9xfHzqaPqw0oPfO8e8ggBAn2Xtdylfzz84fv9gb+loGWR57t2JD/KpiJcOD/aypZ0yHuPZejrrS8z8M8n323ORvhARY32Iv/9uRHziuP7JB81mHj/Jxkau5DOfnowfeexn+h1/5uTrfzp++qH4aZbWXrc6Xx8/lW/ah7LBZffenYh4rdP1L41r2brz+T+dXaHO796ddmZH177DE/GPrn9jHeK3zvlrvcb4yu++/tDB5lw77d2IF8Y7xU+O4ydd4r/YY/w/feozP361S1rzFxHXo3P8k7GKjepmsb6ze3OturhaXi1vlEoL8wu3Xr79UqmYjVEXj0aqH/a3V248261srfrPdIk/3bH+k8e/+4Ue6//L/7z1nc8+Iv6XPt/5/X++Y/y2Vpv4xR7jL878uuv03a34y13qf9b7f6PH+O//ZXe5xx8FAAagvrO7vliplLfOtdH6tNmPfLKNyRNHWkXsSwl73PhzDC7WmRsT/XxVB7oxftxX7G/O327lOODqpH2vxbk27g8q1nCvS8DFe3DSD7skAAAAAAAAAAAAAABAN4P46tKw6wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDl9b8AAAD//zGbxOs=") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x24000, 0x0) 16.887000931s ago: executing program 8 (id=2285): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10) syz_emit_ethernet(0x82, &(0x7f0000000140)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x16, 0x4, 0x0, 0x3c, 0x0, 0x0, 0x4de, 0x0, 0x1, 0x0, @dev, @local, {[@timestamp_addr={0x44, 0x44, 0x0, 0x1, 0x0, [{@private}, {}, {@local}, {@loopback}, {@private}, {@multicast2}, {@broadcast, 0x3}, {@broadcast}]}]}}}}}}}, 0x0) 16.309615309s ago: executing program 8 (id=2289): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x11, r0, 0x75fb3000) r1 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f00000000c0)={0x0, 0x35, 0x0, 0x0, 0x2f, 0x0, 0x0, 0xfffffe9c, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000fc0)=[{}, {}]}) 14.961808391s ago: executing program 36 (id=2289): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x11, r0, 0x75fb3000) r1 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f00000000c0)={0x0, 0x35, 0x0, 0x0, 0x2f, 0x0, 0x0, 0xfffffe9c, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000fc0)=[{}, {}]}) 3.330836869s ago: executing program 6 (id=2351): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="bf16000000000000b70700000100e0ff5070000028000000770000000000000095000200000000007ae9413df8ff0af5aa35339f4b382c4cad9db6fa7a9b857b72abaca100af1ba23d699b89e890c10500000000000000000000000000ac0e064c27bdfbd301150500000000000000bfdc995279d64072aacbb0595b95060000009ad3bf16a461e48e955a772d4062093f4cb1c3d9532abad2085401f098eb039ae4f4103699b9e079227e98cc07c09c1a72cb6d47cef1595e84d21951010f0274b1445a2ad6a7ad73827cccc21842599e0ae7b91f0b878b9267aa0b28d69a74ffdea613e892f0f9ff94e690b6ad68e4cb6dd65fd7bf3124702c6b1c2aea53ee0cb83ff1807459c7cba77cedca0bff6d8370c33e2bd9cebd29c152ff9dc8c2772fe552fecfcd1778b0838100000031d521207e5223d86508416780983c2f380bc01cefe9773a9a5cd5b24aa24a561e72393c0ce2bf44825b05c138779fe74f884c2472ab45c2af60289cb199963312dd1929096c6f49d116f1612a7b97f77169fa5e8a66a372ef8e3ee7167f7d2a26fc6c3cfa4dc5860277223d6eb3460e3b10a0dc9495635a9fca19d7beb5e700498b43bdadc916c01264d22d7969530633f94b257fbc5da7a96820e31444c0b0f62619c9e351996185e4015510875b774666ba5c0ba9845ad25b578d"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x15}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x2c, &(0x7f00000002c0)={&(0x7f00000004c0)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x30}]]}, {0x10}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x84}}, 0x0) 3.329182454s ago: executing program 4 (id=2352): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018ed8, &(0x7f0000000180)={[{@sysvgroups}, {@noload}, {@nobh}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@norecovery}, {@errors_continue}, {@quota}]}, 0x1, 0x644, &(0x7f00000006c0)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEPCgoiHgt0ov/gHfp3ZsI6s2zUEUqFrR0ZWZnm81mN7ttsrtJ5vOBzT7zzLN5nm9mn8wzM/vsBFBas9mPNOJUxNubScR007qpqK+cLcq9+teTW9kjiVrtu/9MIinyGuWT4vlEsTAeEX+8EvHpyu561x89vrNYrdU9jTi3cffBufVHj8+u3l28vXx7+d7C+a9duDj/9YULC00N/XAniuer177z+V/85IdfXflT9WwSl+LG6I+XoiWOgzIbs/G2CLE5fyQiLmaJNn+Xo+YYhFBqleL9OBoRn43pqORLddOx+vOhNg7oq1olora3pFsB4KjSvaGsGuOAxrF9b8fBN/o8Khmcl5frB0C74x8pTjmM58dGk6+SpiOj+rmNkwdQf1bHmyfjz948mXkWO85DvH63dUYOoJ5ONrci4nPt4k/ytp3MI83iT3cc6ycRMR8RY0X7vrWPNiRN6X6ch9lLj/FXsvibt0MaEZeK5yz/ygfW33paa9DxA1BOLy4XO/LNbGl7/5eNPRrjn9ge/zxtvG5q/5dkcsPe/3Ue/zX29+P5uCdtGYdlY5br7X/laGvG33529Ved6q+P/2aeNR5Z/Y2x4CC83IqYaYn/p1mwxfgniz9pM/7Nity81Fsd3/7zP652Wjfs+GvPI063Pf7ZHpVmqT2uT55bWa0uz9d/tq3j93/4wW871d8+/o/6EGl72faf7BB/0/ZPW1+X/U0etP+VW60Zv7v+/G6n+qe6bv/072NJ/XhzrMj50dbGxtpCxFhyrShS5C9ubKyd3zveepnXtfx5oR7/mS+17/873v8tUU00/mX24MH37rzqtO5D3v9NF5Pf1npsQydZ/Evdt/+u/p/l/bLHOv7z/Ydf6LSuffzJvmICAAAAAACAskrza7BJOvcunaZzc/X5sp+JybR6f33jyyv3H95bijiTfx5yNI00yT8yMl1fTlZWq8sLxedhG8vnW5a/EhGfRMSvKxP58tyt+9WlYQcPAAAAAAAAAAAAAAAAAAAAh8SJYv5/4z7V/67U5/8DJdH9BnO77v8AHBP9vMEkcLjl/X+vXfzHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9MkXX/w1iYjNb0zkj8xYsc6kXzjeRt+rdKVv7QAGT4+G8np36d9gH0qnp/H/f4svB+x/c4AhSNpl5oOD2t6d/0XbV27b2n/bAAAAAAAAAAAAAIC606c6z/9/v7nBwFFj2h+U1z7m//vqADjifPU/lJdjfKDLLP4Y77Si2/x/AAAAAAAAAAAAAODATOWPJJ0r5gJPRZrOzUV8KiJOxmiyslpdno+IjyPiL5XRj7LlhWE3GgAAAAAAAAAAAAAAAAAAAI6Z9UeP7yxWq8trzYn/7co53onGXVC7F671UGbPxDfjPV8VyeD/LBMRMfSN0rfESFNOErGZbflD0bC19TgczcgTQ/7HBAAAAAAAAAAAAAAAAAAAJdQ097i9md8MuEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHjb9//vkliarL+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//6AzO/k=") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000002540)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000140)={0x0, 0x2, 0xa, 0x7ec, 0x2000000000, 0x2000000000002, 0x3, 0x0, 0x7ffc}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000b40)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) 2.891887138s ago: executing program 5 (id=2353): r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f0000002640)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) ioperm(0x0, 0xd, 0x4000000000000020) tkill(r1, 0x17) 2.890020634s ago: executing program 2 (id=2354): r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xcd1d, 0x10100, 0x1}, &(0x7f0000000000)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x0, @fd_index=0x5, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee8, 0x2031, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x26c3, 0xdffffffb, 0x4c, 0x0, 0x0) 2.757738025s ago: executing program 6 (id=2355): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x200) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x70bd2b, 0x8, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x20000004) 2.648715336s ago: executing program 6 (id=2356): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000c40)={0x1, 0x0, [{0x0, 0xfffffffffffffe1d, &(0x7f00000008c0)=""/243}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) 2.464141665s ago: executing program 2 (id=2357): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='numa_maps\x00') pread64(r0, &(0x7f0000000600)=""/4118, 0x1016, 0x5) 2.146508241s ago: executing program 6 (id=2358): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_group_source_req(r1, 0x0, 0x2e, &(0x7f0000000140)={0x24, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108) close_range(r0, 0xffffffffffffffff, 0x0) 2.144632992s ago: executing program 5 (id=2359): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x149802, 0x0) r1 = dup(r0) read$FUSE(r1, &(0x7f0000019300)={0x2020}, 0x2020) sendfile(r0, r1, 0x0, 0x80006) 1.853765836s ago: executing program 2 (id=2360): r0 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xf) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 1.7861913s ago: executing program 4 (id=2361): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="0200000003"], 0x10) 1.758173072s ago: executing program 6 (id=2362): r0 = syz_io_uring_setup(0x3ff1, &(0x7f0000000500)={0x0, 0x51e8, 0x0, 0x0, 0x33c}, &(0x7f0000000080), &(0x7f00000000c0)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10) io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x20) 1.433715744s ago: executing program 5 (id=2363): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0xde8de000) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_buf(r1, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x192) 1.379610195s ago: executing program 2 (id=2364): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000580)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0xe}, 0x5}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000340)="f2", 0x1}], 0x1}}, {{&(0x7f0000000180)={0xa, 0x4e24, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, 0x1c, &(0x7f0000000400)=[{&(0x7f00000001c0)="17", 0x1}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x8) 1.248855302s ago: executing program 6 (id=2365): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x24, &(0x7f0000000440)={0x20, 0xd, 0x1, '\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000680)={0x1, 0x2, 0x3, &(0x7f0000000400)={0x1b, "65c28678ec59b73ade02da39a66f440cfa56ec4319a52702236bf319b49de48232"}}) 1.10230124s ago: executing program 4 (id=2366): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000000, 0x0, 0x1, 0xa, 0xcf02}, 0x20) 1.009339197s ago: executing program 5 (id=2367): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x24}}, 0x0) 869.354253ms ago: executing program 4 (id=2368): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket(0x10, 0x2, 0x0) sendmsg$SOCK_DESTROY(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f00000010c0)={0x14, 0x15, 0x1, 0x0, 0x0, {0x23}}, 0x14}}, 0x0) 819.954347ms ago: executing program 2 (id=2369): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)={0x60, r1, 0x1, 0x50bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r2}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r2}}}]}}]}, 0x60}, 0x1, 0x1000000, 0x0, 0xf25d614554dae2d5}, 0x40844) 525.31972ms ago: executing program 5 (id=2370): r0 = socket(0x15, 0x5, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x12, 0xa01, 0x0, 0x0, {0xb}}, 0x14}}, 0xc0) connect$unix(r0, &(0x7f0000000080)=@abs={0xa}, 0x6e) getsockname$packet(r0, 0x0, &(0x7f0000000240)) 444.181498ms ago: executing program 4 (id=2371): unshare(0x20040600) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0x1, 0x1000, 0x1}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x5, 0x4, 0x6, 0x0, r0}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f00000001c0), &(0x7f0000000300)=@udp6}, 0x20) 306.165235ms ago: executing program 2 (id=2372): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e800000000000000ea850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000004040)={0x0, 0x0, &(0x7f0000004000)={&(0x7f0000000840)=@newtaction={0xe68, 0x30, 0x1, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7, 0x0, 0x8865}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) 189.686471ms ago: executing program 5 (id=2373): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x2, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f0000000480)={0x2020}, 0x2020) 0s ago: executing program 4 (id=2374): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000180), &(0x7f0000000200), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r1, 0x7c, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x8, 0x0, 0x0}}, 0x10) kernel console output (not intermixed with test programs): 594.592102][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.225017][ T9892] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.794620][ T3066] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0 [ 596.802585][ T3066] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0 [ 596.810425][ T3066] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0 [ 597.061914][ T3066] hid-generic 0003:0004:0000.000A: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 597.089541][ T14] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 597.592524][ T14] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 598.007400][ T14] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 598.173549][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 598.182413][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 598.392287][ T14] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.114734][ T14] bridge_slave_1: left allmulticast mode [ 599.120929][ T14] bridge_slave_1: left promiscuous mode [ 599.128632][ T14] bridge0: port 2(bridge_slave_1) entered disabled state [ 599.222714][ T14] bridge_slave_0: left allmulticast mode [ 599.229933][ T14] bridge_slave_0: left promiscuous mode [ 599.236520][ T14] bridge0: port 1(bridge_slave_0) entered disabled state [ 600.373296][ T14] bond0 (unregistering): left promiscuous mode [ 600.379943][ T14] bond_slave_0: left promiscuous mode [ 600.386556][ T14] bond_slave_1: left promiscuous mode [ 600.588260][ T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 600.668852][ T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 600.720887][ T14] bond0 (unregistering): Released all slaves [ 601.447742][T10061] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 601.454629][T10061] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 601.465900][T10061] vhci_hcd vhci_hcd.0: Device attached [ 601.570260][T10066] loop4: detected capacity change from 0 to 256 [ 602.318739][T10067] loop6: detected capacity change from 0 to 32768 [ 602.399457][ T5852] vhci_hcd: vhci_device speed not set [ 602.464329][T10067] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1466 (10067) [ 602.524588][T10069] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(5) [ 602.531356][T10069] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 602.541078][T10069] vhci_hcd vhci_hcd.0: Device attached [ 602.548009][ T5852] usb 43-1: new full-speed USB device number 2 using vhci_hcd [ 602.804193][T10061] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(8) [ 602.811066][T10061] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 602.819364][T10061] vhci_hcd vhci_hcd.0: Device attached [ 602.986594][ T14] hsr_slave_0: left promiscuous mode [ 603.028395][T10069] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(7) [ 603.035158][T10069] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 603.043486][T10069] vhci_hcd vhci_hcd.0: Device attached [ 603.100430][ T14] hsr_slave_1: left promiscuous mode [ 603.108552][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 603.116208][ T14] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 603.249030][T10062] vhci_hcd: connection reset by peer [ 603.255201][T10070] vhci_hcd: connection closed [ 603.255643][T10074] vhci_hcd: connection closed [ 603.262656][T10072] vhci_hcd: connection closed [ 603.288521][T10067] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 603.307874][T10067] BTRFS info (device loop6): using crc32c (crc32c-x86_64) checksum algorithm [ 603.317969][T10067] BTRFS info (device loop6): using free-space-tree [ 603.357090][ T3806] vhci_hcd: stop threads [ 603.361616][ T3806] vhci_hcd: release socket [ 603.366496][ T3806] vhci_hcd: disconnect device [ 603.394342][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 603.406672][ T14] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 603.509262][ T3806] vhci_hcd: stop threads [ 603.513842][ T3806] vhci_hcd: release socket [ 603.518937][ T3806] vhci_hcd: disconnect device [ 603.634698][ T3806] vhci_hcd: stop threads [ 603.639466][ T3806] vhci_hcd: release socket [ 603.644375][ T3806] vhci_hcd: disconnect device [ 603.667478][ T14] veth1_macvtap: left promiscuous mode [ 603.673304][ T14] veth0_macvtap: left promiscuous mode [ 603.679866][ T14] veth1_vlan: left promiscuous mode [ 603.685421][ T14] veth0_vlan: left promiscuous mode [ 603.734388][ T3806] vhci_hcd: stop threads [ 603.739186][ T3806] vhci_hcd: release socket [ 603.743877][ T3806] vhci_hcd: disconnect device [ 603.835499][ T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 603.865521][ T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 603.925729][ T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 603.989378][ T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 604.008985][ T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 604.042134][ T7227] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 604.657522][T10101] loop5: detected capacity change from 0 to 128 [ 604.857733][T10097] loop4: detected capacity change from 0 to 4096 [ 604.889480][T10101] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 604.920557][T10097] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 604.986209][ T14] team0 (unregistering): Port device team_slave_1 removed [ 605.088652][ T14] team0 (unregistering): Port device team_slave_0 removed [ 605.605791][T10101] UDF-fs: error (device loop5): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 605.919889][T10100] loop2: detected capacity change from 0 to 65536 [ 605.928729][T10100] XFS: ikeep mount option is deprecated. [ 605.980216][T10102] ntfs3(loop4): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ntfs_rename [ 606.136547][ T50] Bluetooth: hci4: command tx timeout [ 606.260137][T10100] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 606.401692][T10100] XFS (loop2): Ending clean mount [ 606.417736][T10100] XFS (loop2): Quotacheck needed: Please wait. [ 606.536888][T10100] XFS (loop2): Quotacheck: Done. [ 606.689479][ T5796] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 606.829005][T10093] chnl_net:caif_netlink_parms(): no params data found [ 607.196726][T10126] loop6: detected capacity change from 0 to 256 [ 607.291092][T10126] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x0a42a509, utbl_chksum : 0xe619d30d) [ 607.307666][T10126] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 607.662367][ T5852] vhci_hcd: vhci_device speed not set [ 607.765671][T10135] loop5: detected capacity change from 0 to 128 [ 607.803154][T10132] loop4: detected capacity change from 0 to 2048 [ 608.035110][T10132] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 608.212622][T10093] bridge0: port 1(bridge_slave_0) entered blocking state [ 608.224831][T10093] bridge0: port 1(bridge_slave_0) entered disabled state [ 608.226866][ T50] Bluetooth: hci4: command tx timeout [ 608.232509][T10093] bridge_slave_0: entered allmulticast mode [ 608.247623][T10093] bridge_slave_0: entered promiscuous mode [ 608.335484][T10142] loop5: detected capacity change from 0 to 128 [ 608.390258][T10142] EXT4-fs: Ignoring removed nobh option [ 608.417373][T10142] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities [ 608.441822][T10093] bridge0: port 2(bridge_slave_1) entered blocking state [ 608.449520][T10093] bridge0: port 2(bridge_slave_1) entered disabled state [ 608.457319][T10093] bridge_slave_1: entered allmulticast mode [ 608.466514][T10093] bridge_slave_1: entered promiscuous mode [ 608.504088][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 608.627700][T10093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 608.651251][T10093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 608.756898][ T5855] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 608.773988][T10093] team0: Port device team_slave_0 added [ 608.811292][T10093] team0: Port device team_slave_1 added [ 608.955746][ T5855] usb 6-1: Using ep0 maxpacket: 32 [ 608.994421][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 608.998475][T10093] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 609.005753][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 609.012692][T10093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 609.022638][ T5855] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 609.052329][T10093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 609.064313][ T5855] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 609.064447][ T5855] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 609.108310][T10093] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 609.115455][T10093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 609.145060][T10093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 609.278952][T10093] hsr_slave_0: entered promiscuous mode [ 609.288773][T10093] hsr_slave_1: entered promiscuous mode [ 609.297146][T10093] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 609.304903][T10093] Cannot create hsr debugfs directory [ 609.376809][ T5855] usb 6-1: config 0 descriptor?? [ 609.829258][ T5855] hid (null): unknown global tag 0xc [ 609.835249][ T5855] hid (null): unknown global tag 0xe [ 609.840951][ T5855] hid (null): unknown global tag 0xc [ 609.846633][ T5855] hid (null): unknown global tag 0xc [ 610.053225][ T5855] input: HID 0458:5011 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5011.000B/input/input22 [ 610.132205][ T5855] input: HID 0458:5011 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5011.000B/input/input23 [ 610.235121][T10093] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 610.261020][ T5855] kye 0003:0458:5011.000B: input,hiddev0,hidraw0: USB HID v9.00 Mouse [HID 0458:5011] on usb-dummy_hcd.5-1/input0 [ 610.296772][ T50] Bluetooth: hci4: command tx timeout [ 610.310870][ T5855] usb 6-1: USB disconnect, device number 7 [ 610.323643][T10093] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 610.346404][T10093] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 610.385596][T10093] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 611.123696][T10176] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1498'. [ 611.225278][T10093] 8021q: adding VLAN 0 to HW filter on device bond0 [ 611.339403][T10093] 8021q: adding VLAN 0 to HW filter on device team0 [ 611.396118][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 611.403719][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 611.521195][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 611.528768][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 611.805987][T10183] loop2: detected capacity change from 0 to 512 [ 611.845868][T10183] EXT4-fs: Ignoring removed i_version option [ 612.028425][T10183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 612.041721][T10183] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 612.378591][ T50] Bluetooth: hci4: command tx timeout [ 612.437128][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 612.513049][T10199] Driver unsupported XDP return value 0 on prog (id 154) dev N/A, expect packet loss! [ 612.994459][T10093] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 615.027477][T10093] veth0_vlan: entered promiscuous mode [ 615.122810][T10093] veth1_vlan: entered promiscuous mode [ 615.368605][T10093] veth0_macvtap: entered promiscuous mode [ 615.417278][T10093] veth1_macvtap: entered promiscuous mode [ 615.607765][T10093] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 615.657372][T10093] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 615.785891][T10093] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.798201][T10093] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.808132][T10093] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.817567][T10093] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.269098][T10248] loop6: detected capacity change from 0 to 1024 [ 616.331888][ T30] audit: type=1326 audit(1751571395.070:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10249 comm="syz.2.1526" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f132198e929 code=0x0 [ 616.376950][T10248] EXT4-fs: Ignoring removed nobh option [ 616.382772][T10248] EXT4-fs: Ignoring removed bh option [ 616.573528][T10246] loop5: detected capacity change from 0 to 40427 [ 616.583305][T10246] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 616.583396][T10248] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 616.591350][T10246] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 616.605985][T10246] F2FS-fs (loop5): invalid crc value [ 616.728469][T10254] loop4: detected capacity change from 0 to 2048 [ 616.823895][T10254] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 616.912641][T10246] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 616.923661][T10246] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 616.982131][T10246] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 617.034627][T10248] EXT4-fs (loop6): changing journal_checksum during remount not supported; ignoring [ 617.046947][T10248] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000. [ 617.558641][ T7227] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.857629][T10298] loop6: detected capacity change from 0 to 32768 [ 619.970296][T10303] loop5: detected capacity change from 0 to 256 [ 619.982549][T10298] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names [ 619.982690][T10298] allowing incompatible features above 0.0: (unknown version) [ 619.982773][T10298] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 620.031135][T10298] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0 [ 620.039640][T10298] bcachefs (loop6): initializing new filesystem [ 620.055778][T10298] bcachefs (loop6): going read-write [ 620.081812][T10298] bcachefs (loop6): marking superblocks [ 620.129266][ T3066] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 620.131497][T10298] bcachefs (loop6): initializing freespace [ 620.162975][T10298] bcachefs (loop6): done initializing freespace [ 620.175043][T10303] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 620.183828][T10298] bcachefs (loop6): reading snapshots table [ 620.193607][T10298] bcachefs (loop6): reading snapshots done [ 620.279783][T10298] bcachefs (loop6): done starting filesystem [ 620.367060][ T3066] usb 3-1: Using ep0 maxpacket: 16 [ 620.428050][T10298] syz.6.1538 (10298) used greatest stack depth: 1216 bytes left [ 620.437092][ T3066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 620.448422][ T3066] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 620.459000][ T3066] usb 3-1: config 0 interface 0 has no altsetting 0 [ 620.465873][ T3066] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 620.475369][ T3066] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.525022][ T3066] usb 3-1: config 0 descriptor?? [ 620.530078][ T7227] bcachefs (loop6): shutting down [ 620.530136][ T7227] bcachefs (loop6): going read-only [ 620.530236][ T7227] bcachefs (loop6): finished waiting for writes to stop [ 620.555395][ T7227] bcachefs (loop6): flushing journal and stopping allocators, journal seq 2 [ 620.791553][ T7227] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3 [ 620.831960][ T7227] bcachefs (loop6): clean shutdown complete, journal seq 4 [ 620.848172][ T7227] bcachefs (loop6): marking filesystem clean [ 620.962515][T10321] loop4: detected capacity change from 0 to 512 [ 621.012366][ T7227] bcachefs (loop6): shutdown complete [ 621.049082][ T3066] hid (null): invalid report_count 18947 [ 621.054973][ T3066] hid (null): report_id 0 is invalid [ 621.193023][T10321] EXT4-fs (loop4): 1 orphan inode deleted [ 621.201808][T10321] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 621.257298][ T35] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 621.268162][ T35] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1 [ 621.325187][ T3066] usb 3-1: USB disconnect, device number 9 [ 621.334222][T10321] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 621.567833][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.653303][ T3581] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 621.662782][ T3581] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 621.766033][ T5852] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 621.795451][ T3904] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 621.803903][ T3904] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 621.928098][ T5852] usb 6-1: Using ep0 maxpacket: 16 [ 621.952696][ T5852] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 621.965263][ T5852] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 622.044139][ T5852] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 622.053990][ T5852] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 622.063981][ T5852] usb 6-1: Product: syz [ 622.069020][ T5852] usb 6-1: Manufacturer: syz [ 622.073835][ T5852] usb 6-1: SerialNumber: syz [ 622.322738][ T5852] usb 6-1: 0:2 : does not exist [ 622.400586][ T5852] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 622.536982][ T5852] usb 6-1: USB disconnect, device number 8 [ 622.642400][T10342] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1550'. [ 622.688310][T10342] netlink: 'syz.2.1550': attribute type 2 has an invalid length. [ 623.550959][T10357] loop4: detected capacity change from 0 to 24 [ 623.885580][T10364] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 0 [ 624.533890][T10377] netlink: 'syz.2.1565': attribute type 11 has an invalid length. [ 624.583930][T10380] netlink: 'syz.5.1567': attribute type 58 has an invalid length. [ 624.592357][T10380] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1567'. [ 624.857570][T10384] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1568'. [ 626.643782][T10415] loop6: detected capacity change from 0 to 512 [ 626.729282][T10415] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 626.882953][T10415] EXT4-fs (loop6): Remounting filesystem read-only [ 626.907623][T10415] EXT4-fs (loop6): 1 truncate cleaned up [ 626.915610][T10415] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 627.238899][ T7227] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 627.414765][T10429] loop4: detected capacity change from 0 to 4096 [ 627.651553][T10429] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 627.714351][T10429] ntfs3(loop4): Failed to load $Extend (-22). [ 627.721108][T10429] ntfs3(loop4): Failed to initialize $Extend. [ 628.264087][T10446] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1594'. [ 628.273560][T10446] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1594'. [ 628.507057][T10450] netlink: 'syz.4.1595': attribute type 11 has an invalid length. [ 628.517268][T10450] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1595'. [ 628.622653][T10445] loop2: detected capacity change from 0 to 2048 [ 628.765122][T10445] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 628.778390][T10451] loop6: detected capacity change from 0 to 4096 [ 628.795441][T10451] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 629.006217][T10457] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 629.786797][ T30] audit: type=1326 audit(1751571408.620:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe35a58e929 code=0x7ffc0000 [ 629.874273][T10468] loop6: detected capacity change from 0 to 512 [ 629.890904][ T30] audit: type=1326 audit(1751571408.670:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe35a58e929 code=0x7ffc0000 [ 629.914245][ T30] audit: type=1326 audit(1751571408.670:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe35a58e963 code=0x7ffc0000 [ 629.939620][ T30] audit: type=1326 audit(1751571408.670:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe35a58d3df code=0x7ffc0000 [ 629.963317][ T30] audit: type=1326 audit(1751571408.710:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe35a58e9b7 code=0x7ffc0000 [ 629.986125][ T30] audit: type=1326 audit(1751571408.710:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe35a58d290 code=0x7ffc0000 [ 630.009419][ T30] audit: type=1326 audit(1751571408.710:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe35a58e52b code=0x7ffc0000 [ 630.034007][ T30] audit: type=1326 audit(1751571408.850:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe35a58d58a code=0x7ffc0000 [ 630.057130][ T30] audit: type=1326 audit(1751571408.850:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe35a58d58a code=0x7ffc0000 [ 630.079765][ T30] audit: type=1326 audit(1751571408.850:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.6.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe35a58d197 code=0x7ffc0000 [ 630.207530][T10468] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 630.225536][T10468] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1604: invalid indirect mapped block 2683928664 (level 1) [ 630.267779][T10468] EXT4-fs (loop6): Remounting filesystem read-only [ 630.275393][T10468] EXT4-fs (loop6): 1 truncate cleaned up [ 630.283368][T10468] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 630.445539][ T7227] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 630.513072][T10480] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 630.513072][T10480] The task syz.8.1608 (10480) triggered the difference, watch for misbehavior. [ 631.267232][T10489] xt_hashlimit: size too large, truncated to 1048576 [ 631.696804][T10493] : renamed from bridge_slave_0 (while UP) [ 631.861071][T10495] loop8: detected capacity change from 0 to 512 [ 632.069410][T10465] loop5: detected capacity change from 0 to 32768 [ 632.116096][T10495] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 632.129625][T10495] ext4 filesystem being mounted at /18/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 632.289795][T10465] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode. [ 632.680413][T10093] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.748445][ T7164] ocfs2: Unmounting device (7,5) on (node local) [ 634.146958][T10516] loop8: detected capacity change from 0 to 32768 [ 634.164085][T10516] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.1623 (10516) [ 634.196035][T10516] BTRFS info (device loop8): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 634.208078][T10516] BTRFS info (device loop8): using xxhash64 (xxhash64-generic) checksum algorithm [ 634.217818][T10516] BTRFS info (device loop8): disk space caching is enabled [ 634.228572][T10516] BTRFS warning (device loop8): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 634.264704][T10522] loop2: detected capacity change from 0 to 1024 [ 634.404697][T10516] BTRFS info (device loop8): rebuilding free space tree [ 634.435065][T10516] BTRFS info (device loop8): disabling free space tree [ 634.443059][T10516] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 634.455495][T10516] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 634.591141][T10093] BTRFS info (device loop8): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 635.463634][ T3581] hfsplus: b-tree write err: -5, ino 4 [ 637.126918][ T9856] kernel read not supported for file /dsp1 (pid: 9856 comm: kworker/1:0) [ 637.153916][T10576] loop5: detected capacity change from 0 to 1024 [ 637.305610][T10576] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 637.318543][T10576] ext4 filesystem being mounted at /224/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 637.698387][ T1138] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 393: padding at end of block bitmap is not set [ 637.751895][ T1138] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 117 [ 637.764935][ T1138] EXT4-fs (loop5): This should not happen!! Data will be lost [ 637.764935][ T1138] [ 637.795825][ T7164] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.185955][T10591] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1649'. [ 638.359724][T10596] loop2: detected capacity change from 0 to 512 [ 638.401068][T10596] EXT4-fs: Ignoring removed mblk_io_submit option [ 638.486008][T10596] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 638.814050][T10603] loop5: detected capacity change from 0 to 512 [ 638.879741][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.948701][T10603] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 638.963572][T10603] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 639.189658][T10613] loop2: detected capacity change from 0 to 64 [ 639.211897][T10613] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 639.317634][ T7164] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 639.807145][T10626] loop6: detected capacity change from 0 to 128 [ 639.955337][T10626] loop6: detected capacity change from 0 to 1024 [ 640.010405][T10626] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 640.023268][T10626] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 640.148890][ T7227] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 640.591127][T10641] loop5: detected capacity change from 0 to 2048 [ 640.687266][T10641] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 640.889876][T10645] loop4: detected capacity change from 0 to 2048 [ 640.949062][T10645] EXT4-fs: Ignoring removed bh option [ 640.996715][T10645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 641.110367][T10644] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 641.177356][ T7164] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 641.241413][T10659] loop8: detected capacity change from 0 to 512 [ 641.271746][T10659] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 641.285576][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 641.326926][T10659] EXT4-fs (loop8): 1 truncate cleaned up [ 641.334740][T10659] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 641.492712][T10664] loop2: detected capacity change from 0 to 256 [ 641.668759][T10664] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 641.740513][T10093] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 641.742373][T10670] loop6: detected capacity change from 0 to 8 [ 643.536546][T10709] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 643.548648][ T9856] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 643.707023][T10699] loop5: detected capacity change from 0 to 8192 [ 643.732244][ T9856] usb 9-1: config 0 has no interfaces? [ 643.738378][ T9856] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 643.749066][ T9856] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 643.817563][ T9856] usb 9-1: config 0 descriptor?? [ 644.067549][ T9856] usb 9-1: USB disconnect, device number 2 [ 644.313398][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 644.313467][ T30] audit: type=1326 audit(1751571423.150:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 644.342885][ T30] audit: type=1326 audit(1751571423.150:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 644.366803][ T30] audit: type=1326 audit(1751571423.190:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 644.395673][T10718] vivid-000: disconnect [ 644.418942][T10718] vivid-000: reconnect [ 644.586682][ T30] audit: type=1326 audit(1751571423.240:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 644.609656][ T30] audit: type=1326 audit(1751571423.260:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 644.633154][ T30] audit: type=1326 audit(1751571423.260:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 644.655901][ T30] audit: type=1326 audit(1751571423.260:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ebab858e7 code=0x7ffc0000 [ 644.679817][ T30] audit: type=1326 audit(1751571423.270:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ebab2ab19 code=0x7ffc0000 [ 644.702700][ T30] audit: type=1326 audit(1751571423.270:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 644.725389][ T30] audit: type=1326 audit(1751571423.270:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ebab858e7 code=0x7ffc0000 [ 645.540981][T10743] batadv0: entered promiscuous mode [ 645.551218][T10743] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 645.563122][T10743] batadv0: left promiscuous mode [ 645.596692][T10745] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 645.952296][T10739] loop5: detected capacity change from 0 to 4096 [ 645.986866][T10739] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 646.105920][T10738] loop4: detected capacity change from 0 to 8192 [ 646.129609][T10749] loop8: detected capacity change from 0 to 1024 [ 646.159148][T10738] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 646.276086][T10749] hfsplus: bad catalog entry type [ 646.549566][ T1138] hfsplus: b-tree write err: -5, ino 4 [ 646.930850][T10764] loop2: detected capacity change from 0 to 512 [ 646.952906][T10765] loop5: detected capacity change from 0 to 1024 [ 646.989502][T10764] EXT4-fs: Ignoring removed orlov option [ 647.003132][T10764] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 647.051135][T10764] EXT4-fs (loop2): 1 truncate cleaned up [ 647.059298][T10764] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 647.098250][T10765] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 647.134789][T10764] EXT4-fs error (device loop2): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.2.1728: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 647.186610][T10764] EXT4-fs error (device loop2) in ext4_delete_entry:2739: Corrupt filesystem [ 647.268810][T10765] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #14: comm syz.5.1725: attempt to clear invalid blocks 1886221359 len 1 [ 647.296092][T10764] EXT4-fs warning (device loop2): ext4_rename_delete:3726: inode #2: comm syz.2.1728: Deleting old file: nlink 5, error=-117 [ 647.493424][ T7164] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 647.523491][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 647.726615][T10779] loop6: detected capacity change from 0 to 16 [ 647.748956][T10779] erofs: DAX unsupported by block device. Turning off DAX. [ 647.757386][T10779] erofs (device loop6): mounted with root inode @ nid 36. [ 648.479466][T10780] loop4: detected capacity change from 0 to 32768 [ 648.563756][T10786] loop5: detected capacity change from 0 to 4096 [ 648.582619][T10788] loop8: detected capacity change from 0 to 1024 [ 648.596960][T10780] ERROR: (device loop4): dbAlloc: the hint is outside the map [ 648.596960][T10780] [ 648.727628][ T3581] read_mapping_page failed! [ 648.732430][ T3581] ERROR: (device loop4): txAbort: [ 648.732430][ T3581] [ 648.740742][ T3581] jfs_write_inode: jfs_commit_inode failed! [ 649.259879][T10791] loop6: detected capacity change from 0 to 40427 [ 649.271965][T10791] F2FS-fs (loop6): heap/no_heap options were deprecated [ 649.283384][T10791] F2FS-fs (loop6): build fault injection rate: 19 [ 649.290970][T10791] F2FS-fs (loop6): build fault injection type: 0x3bfe8c [ 649.302660][T10791] F2FS-fs (loop6): invalid crc value [ 649.384844][T10791] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0xd0b/0x1e80 [ 649.601356][T10797] loop2: detected capacity change from 0 to 512 [ 649.645533][T10797] EXT4-fs: Ignoring removed orlov option [ 649.659010][T10791] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x1d2/0x4b0 [ 649.679496][T10791] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 649.687971][T10786] ntfs3(loop5): failed to convert "0080" to maciceland [ 649.699875][T10797] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 649.758116][T10797] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 649.775426][T10791] F2FS-fs (loop6): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x179/0xe70 [ 649.889236][T10797] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.1741: corrupted in-inode xattr: e_value size too large [ 649.945114][T10797] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1741: couldn't read orphan inode 15 (err -117) [ 649.989066][T10797] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 650.052401][ C0] F2FS-fs (loop6): inject write IO error in f2fs_write_end_io of bio_endio+0xe27/0xf80 [ 650.062656][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G W 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(undef) [ 650.062824][ C0] Tainted: [W]=WARN [ 650.062869][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 650.062958][ C0] Call Trace: [ 650.063006][ C0] [ 650.063053][ C0] __dump_stack+0x26/0x30 [ 650.063215][ C0] dump_stack_lvl+0x1df/0x270 [ 650.063385][ C0] dump_stack+0x1e/0x25 [ 650.063537][ C0] f2fs_handle_critical_error+0xa6f/0xc20 [ 650.063765][ C0] f2fs_stop_checkpoint+0x65/0x80 [ 650.063958][ C0] f2fs_write_end_io+0xb4b/0x1920 [ 650.064102][ C0] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 650.064305][ C0] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 650.064439][ C0] bio_endio+0xe27/0xf80 [ 650.064607][ C0] blk_update_request+0xf9e/0x1ae0 [ 650.064795][ C0] blk_mq_end_request+0x50/0xb0 [ 650.064949][ C0] lo_complete_rq+0x188/0x3a0 [ 650.065123][ C0] ? __pfx_lo_complete_rq+0x10/0x10 [ 650.065295][ C0] blk_done_softirq+0x10f/0x1f0 [ 650.065481][ C0] ? __pfx_blk_done_softirq+0x10/0x10 [ 650.065668][ C0] handle_softirqs+0x169/0x6e0 [ 650.065821][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 650.065969][ C0] run_ksoftirqd+0x29/0x50 [ 650.066111][ C0] smpboot_thread_fn+0x569/0xa30 [ 650.066317][ C0] kthread+0xd5c/0xf00 [ 650.066445][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 650.066640][ C0] ? __pfx_kthread+0x10/0x10 [ 650.066776][ C0] ret_from_fork+0x1e0/0x310 [ 650.066920][ C0] ? __pfx_kthread+0x10/0x10 [ 650.067060][ C0] ret_from_fork_asm+0x1a/0x30 [ 650.067252][ C0] [ 650.228420][ C0] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 650.235562][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G W 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(undef) [ 650.235726][ C0] Tainted: [W]=WARN [ 650.235773][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 650.235852][ C0] Call Trace: [ 650.235902][ C0] [ 650.235948][ C0] __dump_stack+0x26/0x30 [ 650.236104][ C0] dump_stack_lvl+0x1df/0x270 [ 650.236281][ C0] dump_stack+0x1e/0x25 [ 650.236428][ C0] f2fs_handle_critical_error+0xa6f/0xc20 [ 650.236661][ C0] f2fs_stop_checkpoint+0x65/0x80 [ 650.236848][ C0] f2fs_write_end_io+0xb4b/0x1920 [ 650.237020][ C0] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 650.237152][ C0] bio_endio+0xe27/0xf80 [ 650.237318][ C0] blk_update_request+0xf9e/0x1ae0 [ 650.237504][ C0] blk_mq_end_request+0x50/0xb0 [ 650.237650][ C0] lo_complete_rq+0x188/0x3a0 [ 650.237815][ C0] ? __pfx_lo_complete_rq+0x10/0x10 [ 650.237998][ C0] blk_done_softirq+0x10f/0x1f0 [ 650.238184][ C0] ? __pfx_blk_done_softirq+0x10/0x10 [ 650.238366][ C0] handle_softirqs+0x169/0x6e0 [ 650.238520][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 650.238664][ C0] run_ksoftirqd+0x29/0x50 [ 650.238804][ C0] smpboot_thread_fn+0x569/0xa30 [ 650.239010][ C0] kthread+0xd5c/0xf00 [ 650.239135][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 650.239334][ C0] ? __pfx_kthread+0x10/0x10 [ 650.239467][ C0] ret_from_fork+0x1e0/0x310 [ 650.239599][ C0] ? __pfx_kthread+0x10/0x10 [ 650.239731][ C0] ret_from_fork_asm+0x1a/0x30 [ 650.239932][ C0] [ 650.395191][ C0] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 650.402390][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G W 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(undef) [ 650.402556][ C0] Tainted: [W]=WARN [ 650.402603][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 650.402682][ C0] Call Trace: [ 650.402728][ C0] [ 650.402773][ C0] __dump_stack+0x26/0x30 [ 650.402937][ C0] dump_stack_lvl+0x1df/0x270 [ 650.403100][ C0] dump_stack+0x1e/0x25 [ 650.403245][ C0] f2fs_handle_critical_error+0xa6f/0xc20 [ 650.403465][ C0] f2fs_stop_checkpoint+0x65/0x80 [ 650.403652][ C0] f2fs_write_end_io+0xb4b/0x1920 [ 650.403814][ C0] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 650.403952][ C0] bio_endio+0xe27/0xf80 [ 650.404119][ C0] blk_update_request+0xf9e/0x1ae0 [ 650.404309][ C0] blk_mq_end_request+0x50/0xb0 [ 650.404458][ C0] lo_complete_rq+0x188/0x3a0 [ 650.404638][ C0] ? __pfx_lo_complete_rq+0x10/0x10 [ 650.404812][ C0] blk_done_softirq+0x10f/0x1f0 [ 650.405002][ C0] ? __pfx_blk_done_softirq+0x10/0x10 [ 650.405193][ C0] handle_softirqs+0x169/0x6e0 [ 650.405349][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 650.405494][ C0] run_ksoftirqd+0x29/0x50 [ 650.405637][ C0] smpboot_thread_fn+0x569/0xa30 [ 650.405831][ C0] kthread+0xd5c/0xf00 [ 650.405966][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 650.406162][ C0] ? __pfx_kthread+0x10/0x10 [ 650.406303][ C0] ret_from_fork+0x1e0/0x310 [ 650.406431][ C0] ? __pfx_kthread+0x10/0x10 [ 650.406565][ C0] ret_from_fork_asm+0x1a/0x30 [ 650.406757][ C0] [ 650.561818][ C0] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 650.569043][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G W 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(undef) [ 650.569208][ C0] Tainted: [W]=WARN [ 650.569253][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 650.569335][ C0] Call Trace: [ 650.569381][ C0] [ 650.569427][ C0] __dump_stack+0x26/0x30 [ 650.569585][ C0] dump_stack_lvl+0x1df/0x270 [ 650.569756][ C0] dump_stack+0x1e/0x25 [ 650.569907][ C0] f2fs_handle_critical_error+0xa6f/0xc20 [ 650.570128][ C0] f2fs_stop_checkpoint+0x65/0x80 [ 650.570314][ C0] f2fs_write_end_io+0xb4b/0x1920 [ 650.570481][ C0] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 650.570619][ C0] bio_endio+0xe27/0xf80 [ 650.570787][ C0] blk_update_request+0xf9e/0x1ae0 [ 650.570978][ C0] blk_mq_end_request+0x50/0xb0 [ 650.571121][ C0] lo_complete_rq+0x188/0x3a0 [ 650.571294][ C0] ? __pfx_lo_complete_rq+0x10/0x10 [ 650.571467][ C0] blk_done_softirq+0x10f/0x1f0 [ 650.571658][ C0] ? __pfx_blk_done_softirq+0x10/0x10 [ 650.571841][ C0] handle_softirqs+0x169/0x6e0 [ 650.571994][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 650.572140][ C0] run_ksoftirqd+0x29/0x50 [ 650.572281][ C0] smpboot_thread_fn+0x569/0xa30 [ 650.572480][ C0] kthread+0xd5c/0xf00 [ 650.572611][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 650.572805][ C0] ? __pfx_kthread+0x10/0x10 [ 650.572943][ C0] ret_from_fork+0x1e0/0x310 [ 650.573080][ C0] ? __pfx_kthread+0x10/0x10 [ 650.573216][ C0] ret_from_fork_asm+0x1a/0x30 [ 650.573410][ C0] [ 650.573461][ C0] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 650.737360][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G W 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(undef) [ 650.737535][ C0] Tainted: [W]=WARN [ 650.737589][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 650.737685][ C0] Call Trace: [ 650.737732][ C0] [ 650.737779][ C0] __dump_stack+0x26/0x30 [ 650.737934][ C0] dump_stack_lvl+0x1df/0x270 [ 650.738101][ C0] dump_stack+0x1e/0x25 [ 650.738249][ C0] f2fs_handle_critical_error+0xa6f/0xc20 [ 650.738467][ C0] f2fs_stop_checkpoint+0x65/0x80 [ 650.738648][ C0] f2fs_write_end_io+0xb4b/0x1920 [ 650.738800][ C0] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 650.738918][ C0] bio_endio+0xe27/0xf80 [ 650.739067][ C0] blk_update_request+0xf9e/0x1ae0 [ 650.739236][ C0] blk_mq_end_request+0x50/0xb0 [ 650.739368][ C0] lo_complete_rq+0x188/0x3a0 [ 650.739522][ C0] ? __pfx_lo_complete_rq+0x10/0x10 [ 650.739682][ C0] blk_done_softirq+0x10f/0x1f0 [ 650.739846][ C0] ? __pfx_blk_done_softirq+0x10/0x10 [ 650.740017][ C0] handle_softirqs+0x169/0x6e0 [ 650.740154][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 650.740283][ C0] run_ksoftirqd+0x29/0x50 [ 650.740408][ C0] smpboot_thread_fn+0x569/0xa30 [ 650.740592][ C0] kthread+0xd5c/0xf00 [ 650.740704][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 650.740885][ C0] ? __pfx_kthread+0x10/0x10 [ 650.741005][ C0] ret_from_fork+0x1e0/0x310 [ 650.741125][ C0] ? __pfx_kthread+0x10/0x10 [ 650.741247][ C0] ret_from_fork_asm+0x1a/0x30 [ 650.741415][ C0] [ 650.741475][ C0] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 650.919666][ T7227] F2FS-fs (loop6): do_checkpoint failed err:-5, stop checkpoint [ 651.249651][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 651.601272][T10812] loop2: detected capacity change from 0 to 256 [ 652.440663][T10827] loop4: detected capacity change from 0 to 16 [ 653.235262][T10845] xt_CT: You must specify a L4 protocol and not use inversions on it [ 654.018610][T10861] No such timeout policy "syz1" [ 654.397191][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 654.547655][T10864] loop4: detected capacity change from 0 to 32768 [ 654.587538][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 654.587606][ T30] audit: type=1326 audit(1751571433.410:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10863 comm="syz.2.1771" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f132198e929 code=0x0 [ 654.667257][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 654.768509][T10864] bcachefs (loop4): starting version 0.263: (unknown version) opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 654.768592][T10864] allowing incompatible features above 0.0: (unknown version) [ 654.768648][T10864] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 654.809711][T10864] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 654.818629][T10864] bcachefs (loop4): initializing new filesystem [ 654.836116][T10864] bcachefs (loop4): going read-write [ 654.876696][T10864] bcachefs (loop4): marking superblocks [ 654.914918][T10864] bcachefs (loop4): initializing freespace [ 654.935497][T10864] bcachefs (loop4): done initializing freespace [ 654.950406][T10864] bcachefs (loop4): reading snapshots table [ 654.956703][T10864] bcachefs (loop4): reading snapshots done [ 655.033663][T10864] bcachefs (loop4): done starting filesystem [ 655.137030][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 655.147785][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 655.242796][ T5797] bcachefs (loop4): shutting down [ 655.248164][ T5797] bcachefs (loop4): going read-only [ 655.253674][ T5797] bcachefs (loop4): finished waiting for writes to stop [ 655.313157][ T5797] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2 [ 655.558373][ T5797] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3 [ 655.598881][ T5797] bcachefs (loop4): clean shutdown complete, journal seq 4 [ 655.617896][ T5797] bcachefs (loop4): marking filesystem clean [ 655.747696][ T5797] bcachefs (loop4): shutdown complete [ 655.915220][T10892] xt_hashlimit: max too large, truncated to 1048576 [ 656.110028][T10895] loop2: detected capacity change from 0 to 1764 [ 656.390018][ T9856] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 656.570923][ T9856] usb 6-1: Using ep0 maxpacket: 32 [ 656.604628][ T9856] usb 6-1: config 0 has an invalid interface number: 196 but max is 0 [ 656.613317][ T9856] usb 6-1: config 0 has no interface number 0 [ 656.619878][ T9856] usb 6-1: config 0 interface 196 has no altsetting 0 [ 656.678203][ T9856] usb 6-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 656.687772][ T9856] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 656.696003][ T9856] usb 6-1: Product: syz [ 656.700490][ T9856] usb 6-1: Manufacturer: syz [ 656.705303][ T9856] usb 6-1: SerialNumber: syz [ 656.760372][ T9856] usb 6-1: config 0 descriptor?? [ 657.048931][T10899] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1783'. [ 657.109634][ T9856] ipheth 6-1:0.196: Unable to find endpoints [ 657.155554][ T9856] usb 6-1: USB disconnect, device number 9 [ 657.193983][T10911] loop8: detected capacity change from 0 to 512 [ 657.245524][T10911] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 657.281052][T10913] tap0: tun_chr_ioctl cmd 1074025677 [ 657.287179][T10913] tap0: linktype set to 774 [ 657.294126][T10911] EXT4-fs (loop8): 1 truncate cleaned up [ 657.301896][T10911] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 657.372591][T10917] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1791'. [ 657.701362][T10093] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 658.205048][T10928] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1796'. [ 659.298256][T10940] loop8: detected capacity change from 0 to 4096 [ 659.354575][T10940] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512). [ 659.632207][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 659.639111][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 660.144065][T10962] loop4: detected capacity change from 0 to 128 [ 660.323632][T10962] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 660.427514][T10962] ext4 filesystem being mounted at /414/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 660.546834][ T9856] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 660.740860][ T9856] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 660.751627][ T9856] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 660.780466][ T5797] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 660.815166][ T9856] usb 6-1: config 0 descriptor?? [ 661.070904][T10978] loop6: detected capacity change from 0 to 256 [ 661.168819][T10978] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 661.284232][ T30] audit: type=1800 audit(1751571440.120:73): pid=10978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1814" name="bus" dev="loop6" ino=1048686 res=0 errno=0 [ 661.348468][T10981] Invalid ELF header magic: != ELF [ 661.471707][ T9856] usb 6-1: Cannot set autoneg [ 661.477418][ T9856] MOSCHIP usb-ethernet driver 6-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 661.538299][ T9856] usb 6-1: USB disconnect, device number 10 [ 661.644802][T10985] input: syz0 as /devices/virtual/input/input25 [ 662.021344][T10992] syz.4.1821: attempt to access beyond end of device [ 662.021344][T10992] nbd4: rw=0, sector=64, nr_sectors = 1 limit=0 [ 662.034972][T10992] syz.4.1821: attempt to access beyond end of device [ 662.034972][T10992] nbd4: rw=0, sector=256, nr_sectors = 1 limit=0 [ 662.048407][T10992] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256 [ 662.059090][T10992] syz.4.1821: attempt to access beyond end of device [ 662.059090][T10992] nbd4: rw=0, sector=512, nr_sectors = 1 limit=0 [ 662.072444][T10992] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512 [ 662.081618][T10995] loop2: detected capacity change from 0 to 512 [ 662.135661][T10992] syz.4.1821: attempt to access beyond end of device [ 662.135661][T10992] nbd4: rw=0, sector=64, nr_sectors = 2 limit=0 [ 662.150167][T10992] syz.4.1821: attempt to access beyond end of device [ 662.150167][T10992] nbd4: rw=0, sector=512, nr_sectors = 2 limit=0 [ 662.163409][T10992] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256 [ 662.173513][T10992] syz.4.1821: attempt to access beyond end of device [ 662.173513][T10992] nbd4: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 662.190240][T10992] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512 [ 662.236152][T10995] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 662.250826][T10995] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 662.268075][T10995] EXT4-fs (loop2): mount failed [ 662.275969][T10992] syz.4.1821: attempt to access beyond end of device [ 662.275969][T10992] nbd4: rw=0, sector=64, nr_sectors = 4 limit=0 [ 662.291223][T10992] syz.4.1821: attempt to access beyond end of device [ 662.291223][T10992] nbd4: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 662.304908][T10992] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256 [ 662.314904][T10992] syz.4.1821: attempt to access beyond end of device [ 662.314904][T10992] nbd4: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 662.328313][T10992] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512 [ 662.420659][T10992] syz.4.1821: attempt to access beyond end of device [ 662.420659][T10992] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0 [ 662.434958][T10992] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256 [ 662.445235][T10992] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512 [ 662.455225][T10992] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1) [ 662.733445][T11003] loop5: detected capacity change from 0 to 2048 [ 662.855644][T11003] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 662.926461][T11013] loop6: detected capacity change from 0 to 512 [ 662.935882][T11013] EXT4-fs: Ignoring removed mblk_io_submit option [ 662.955931][T11011] loop4: detected capacity change from 0 to 8 [ 662.967216][T10108] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 663.013278][T11013] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 663.139468][T11013] EXT4-fs error (device loop6): ext4_lookup:1787: inode #15: comm syz.6.1828: iget: bad i_size value: 15393162788874 [ 663.146876][T10108] usb 3-1: Using ep0 maxpacket: 32 [ 663.221568][T10108] usb 3-1: config 0 has an invalid interface number: 127 but max is 0 [ 663.231658][T10108] usb 3-1: config 0 has no interface number 0 [ 663.268313][T10108] usb 3-1: New USB device found, idVendor=0421, idProduct=05af, bcdDevice= 7.42 [ 663.277967][T10108] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 663.286465][T10108] usb 3-1: Product: syz [ 663.290857][T10108] usb 3-1: Manufacturer: syz [ 663.295690][T10108] usb 3-1: SerialNumber: syz [ 663.368465][T10108] usb 3-1: config 0 descriptor?? [ 663.413296][ T7227] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 663.427821][T10108] usb-storage 3-1:0.127: USB Mass Storage device detected [ 663.459975][T10108] usb-storage 3-1:0.127: Quirks match for vid 0421 pid 05af: 400 [ 663.665624][T11027] tap0: tun_chr_ioctl cmd 1074025677 [ 663.671824][T11027] tap0: linktype set to 270 [ 663.672744][ T5808] Bluetooth: latency 1455 > 499 [ 663.687729][T10108] usb 3-1: USB disconnect, device number 10 [ 663.847645][T11029] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1835'. [ 663.857305][T11029] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1835'. [ 663.900534][T11029] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1835'. [ 663.909934][T11029] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1835'. [ 665.740231][ T5808] Bluetooth: hci0: command 0x0406 tx timeout [ 665.826801][T11076] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1856'. [ 666.020553][T11079] loop2: detected capacity change from 0 to 1024 [ 666.077698][T11080] netlink: 'syz.8.1858': attribute type 13 has an invalid length. [ 666.133840][T11079] hfsplus: bad catalog entry type [ 666.212171][T11080] gretap0: refused to change device tx_queue_len [ 666.220454][T11080] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 666.359181][T11087] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1861'. [ 666.368678][T11087] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1861'. [ 666.384749][T11084] 8021q: adding VLAN 0 to HW filter on device bond2 [ 666.395189][T11084] bridge0: port 1(bond2) entered blocking state [ 666.404343][T11084] bridge0: port 1(bond2) entered disabled state [ 666.411436][T11084] bond2: entered allmulticast mode [ 666.422291][T11084] bond2: entered promiscuous mode [ 666.429857][T11084] bridge0: port 1(bond2) entered blocking state [ 666.436795][T11084] bridge0: port 1(bond2) entered forwarding state [ 666.469084][ T35] bridge0: port 1(bond2) entered disabled state [ 666.517833][ T4248] hfsplus: b-tree write err: -5, ino 4 [ 666.772446][T11092] loop5: detected capacity change from 0 to 256 [ 666.860137][T11095] netlink: 'syz.4.1865': attribute type 2 has an invalid length. [ 666.868309][T11095] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1865'. [ 666.877674][T11095] netlink: 'syz.4.1865': attribute type 1 has an invalid length. [ 666.885634][T11095] netlink: 'syz.4.1865': attribute type 2 has an invalid length. [ 666.917642][T11092] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 666.986434][ T30] audit: type=1804 audit(1751571445.820:74): pid=11092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1864" name="/newroot/261/file2/bus" dev="loop5" ino=1048687 res=1 errno=0 [ 668.490462][T11114] loop4: detected capacity change from 0 to 32768 [ 668.633372][T11114] JFS: metapage_get_blocks failed [ 668.642158][T11114] ERROR: (device loop4): release_metapage: metapage_write_one() failed [ 668.642158][T11114] [ 668.655242][T11114] ERROR: (device loop4): remounting filesystem as read-only [ 668.736110][ T111] blkno = 5002c, nblocks = 1 [ 668.741787][ T111] ERROR: (device loop4): dbUpdatePMap: blocks are outside the map [ 668.741787][ T111] [ 668.924600][T11126] sctp: [Deprecated]: syz.8.1880 (pid 11126) Use of int in max_burst socket option deprecated. [ 668.924600][T11126] Use struct sctp_assoc_value instead [ 669.073626][T11129] loop5: detected capacity change from 0 to 256 [ 669.146805][T11129] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 669.263935][T11129] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001) [ 669.453674][T11135] loop6: detected capacity change from 0 to 64 [ 669.692990][T11139] loop8: detected capacity change from 0 to 64 [ 669.899321][T11141] netlink: 124 bytes leftover after parsing attributes in process `syz.5.1887'. [ 669.952078][T11143] loop6: detected capacity change from 0 to 64 [ 669.987927][T11143] BFS-fs: bfs_fill_super(): loop6 is unclean, continuing [ 671.219265][T11173] loop8: detected capacity change from 0 to 16 [ 671.247786][T11173] erofs (device loop8): rootino(nid 36) is not a directory(i_mode 66300) [ 672.128591][T11187] loop4: detected capacity change from 0 to 512 [ 672.169589][T11187] EXT4-fs: Ignoring removed mblk_io_submit option [ 672.217895][T11187] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 672.241607][T11174] loop6: detected capacity change from 0 to 32768 [ 672.295343][T11174] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 672.304353][T11174] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 672.349428][T11174] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 672.474484][T11187] EXT4-fs (loop4): 1 truncate cleaned up [ 672.482743][T11187] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 672.578070][T11174] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 672.819013][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 673.153677][T11204] netlink: 'syz.4.1910': attribute type 10 has an invalid length. [ 673.172125][T11204] team0: Cannot enslave team device to itself [ 673.358491][ T3066] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 673.580784][ T3066] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 673.590475][ T3066] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 673.640035][ T3066] usb 3-1: config 0 descriptor?? [ 673.681248][ T3066] cp210x 3-1:0.0: cp210x converter detected [ 674.098736][ T3066] usb 3-1: cp210x converter now attached to ttyUSB0 [ 674.275775][T11220] netlink: 'syz.5.1918': attribute type 10 has an invalid length. [ 674.284200][T11220] netlink: 65015 bytes leftover after parsing attributes in process `syz.5.1918'. [ 674.533367][T11226] rtc_cmos 00:00: Alarms can be up to one day in the future [ 675.013255][T11224] loop8: detected capacity change from 0 to 32768 [ 675.022990][T11224] XFS: ikeep mount option is deprecated. [ 675.067519][ T5856] rtc_cmos 00:00: Alarms can be up to one day in the future [ 675.075444][ T5856] rtc_cmos 00:00: Alarms can be up to one day in the future [ 675.084573][ T5856] rtc_cmos 00:00: Alarms can be up to one day in the future [ 675.092788][ T5856] rtc_cmos 00:00: Alarms can be up to one day in the future [ 675.100732][ T5856] rtc rtc0: __rtc_set_alarm: err=-22 [ 675.199543][T11224] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 675.611458][T11224] XFS (loop8): Ending clean mount [ 675.623761][T11224] XFS (loop8): Quotacheck needed: Please wait. [ 675.693902][T11224] XFS (loop8): Quotacheck: Done. [ 675.963857][T10093] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 676.121751][T11240] loop4: detected capacity change from 0 to 32768 [ 676.123064][T11244] netlink: 88 bytes leftover after parsing attributes in process `syz.6.1925'. [ 676.146708][T11240] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1923 (11240) [ 676.179570][T11240] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 676.190838][T11240] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm [ 676.201962][T11240] BTRFS info (device loop4): using free-space-tree [ 676.385760][T11240] BTRFS info (device loop4): rebuilding free space tree [ 676.499280][ T5856] usb 3-1: USB disconnect, device number 11 [ 676.556206][ T5797] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 676.583106][ T5856] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 676.634726][ T5856] cp210x 3-1:0.0: device disconnected [ 677.204681][T11269] loop6: detected capacity change from 0 to 1024 [ 677.221518][T11271] loop2: detected capacity change from 0 to 512 [ 677.248652][T11271] EXT4-fs: Ignoring removed nobh option [ 677.276946][T11271] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 677.329828][T11271] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.1932: iget: bad i_size value: 38620345925642 [ 677.377017][T11271] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1932: couldn't read orphan inode 15 (err -117) [ 677.447289][T11271] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 677.489706][ T7382] hfsplus: b-tree write err: -5, ino 4 [ 677.643600][T11271] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.1932: invalid indirect mapped block 3973251072 (level 0) [ 677.969096][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 678.282263][T11284] netlink: 'syz.6.1935': attribute type 6 has an invalid length. [ 678.431389][ T5808] Bluetooth: hci4: link tx timeout [ 678.436904][ T5808] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 679.004439][T11296] loop6: detected capacity change from 0 to 256 [ 679.116813][T11296] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d) [ 679.207068][T11296] exFAT-fs (loop6): error, data size is invalid(150994954) [ 679.214499][T11296] exFAT-fs (loop6): Filesystem has been set read-only [ 680.215779][T11309] loop6: detected capacity change from 0 to 1024 [ 680.284794][T11309] hfsplus: Unknown parameter 'fowner<00000000000000000000' [ 680.457852][ T5808] Bluetooth: hci4: command 0x0406 tx timeout [ 681.016371][T11325] loop4: detected capacity change from 0 to 1024 [ 681.335213][ T3806] hfsplus: b-tree write err: -5, ino 4 [ 682.065464][T11333] loop6: detected capacity change from 0 to 32768 [ 682.080701][T11333] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1955 (11333) [ 682.112469][T11333] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 682.124603][T11333] BTRFS info (device loop6): using sha256 (sha256-x86_64) checksum algorithm [ 682.135667][T11333] BTRFS info (device loop6): using free-space-tree [ 682.433485][ T7227] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 682.680566][T11361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1960'. [ 683.024107][T11370] loop5: detected capacity change from 0 to 128 [ 683.638798][T11372] loop2: detected capacity change from 0 to 4096 [ 683.695719][T11372] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 683.776465][T11376] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 683.790898][T11379] loop5: detected capacity change from 0 to 512 [ 683.818941][T11379] EXT4-fs: Ignoring removed orlov option [ 683.910233][T11379] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 683.925150][T11379] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 684.199858][T11372] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 684.270786][T11372] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 684.278055][T11372] ntfs3(loop2): ino=5, mi_enum_attr [ 684.283601][T11372] ntfs3(loop2): Failed to load root (-22). [ 684.312064][ T7164] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 684.395944][T11392] loop8: detected capacity change from 0 to 128 [ 685.641996][T11408] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1980'. [ 685.877360][T11412] x_tables: (null)_tables: DNAT target: only valid in nat table, not syz0 [ 686.138082][ T5808] Bluetooth: hci4: command 0x0406 tx timeout [ 686.433807][T11422] loop2: detected capacity change from 0 to 512 [ 686.628747][T11422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 686.641894][T11422] ext4 filesystem being mounted at /411/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 686.684159][T11430] sctp: [Deprecated]: syz.6.1988 (pid 11430) Use of struct sctp_assoc_value in delayed_ack socket option. [ 686.684159][T11430] Use struct sctp_sack_info instead [ 686.814384][T11422] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1985: corrupted inode contents [ 686.921487][T11435] EXT4-fs (loop2): shut down requested (1) [ 686.966733][T11436] could not allocate digest TFM handle _!5(iHP,omxę*71U"~ 2.>~e>/y [ 687.215048][T11442] loop6: detected capacity change from 0 to 256 [ 687.308569][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 687.322843][ T3581] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 687.348217][ T5856] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 687.577371][ T5856] usb 5-1: Using ep0 maxpacket: 8 [ 687.588992][ T5856] usb 5-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00 [ 687.598505][ T5856] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.651758][ T5856] usb 5-1: config 0 descriptor?? [ 688.096170][ T5856] uclogic 0003:145F:0212.000D: interface is invalid, ignoring [ 688.301180][T11455] binder: BINDER_SET_CONTEXT_MGR already set [ 688.308058][T11455] binder: 11453:11455 ioctl 4018620d 200000000040 returned -16 [ 688.316825][ T3066] usb 5-1: USB disconnect, device number 8 [ 688.666143][T11462] loop5: detected capacity change from 0 to 512 [ 688.775891][T11462] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 688.789687][T11462] ext4 filesystem being mounted at /294/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 688.978482][T11462] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.2006: corrupted inode contents [ 689.028388][T11462] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #2: comm syz.5.2006: mark_inode_dirty error [ 689.057022][T11462] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.2006: corrupted inode contents [ 689.105409][T11472] loop6: detected capacity change from 0 to 16 [ 689.174024][T11472] erofs (device loop6): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 689.186519][T11472] erofs (device loop6): mounted with root inode @ nid 36. [ 689.241440][T11472] erofs (device loop6): invalid logical cluster 0 at nid 36 [ 689.249442][T11472] bio_check_eod: 2 callbacks suppressed [ 689.249504][T11472] syz.6.2008: attempt to access beyond end of device [ 689.249504][T11472] loop6: rw=0, sector=131072, nr_sectors = 1 limit=16 [ 689.269074][T11472] erofs (device loop6): read error -5 @ 0 of nid 36 [ 689.343792][ T7164] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 689.714145][T11485] loop6: detected capacity change from 0 to 256 [ 689.887975][T11485] FAT-fs (loop6): Directory bread(block 64) failed [ 689.894936][T11485] FAT-fs (loop6): Directory bread(block 65) failed [ 689.902104][T11485] FAT-fs (loop6): Directory bread(block 66) failed [ 689.908968][T11485] FAT-fs (loop6): Directory bread(block 67) failed [ 689.915822][T11485] FAT-fs (loop6): Directory bread(block 68) failed [ 689.922665][T11485] FAT-fs (loop6): Directory bread(block 69) failed [ 689.931330][T11485] FAT-fs (loop6): Directory bread(block 70) failed [ 689.938506][T11485] FAT-fs (loop6): Directory bread(block 71) failed [ 689.945365][T11485] FAT-fs (loop6): Directory bread(block 72) failed [ 689.952226][T11485] FAT-fs (loop6): Directory bread(block 73) failed [ 690.872427][T11490] loop5: detected capacity change from 0 to 32768 [ 691.038842][T11490] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=xxhash,data_checksum=xxhash,compression=lz4,str_hash=crc64,norecovery,reconstruct_alloc [ 691.038965][T11490] allowing incompatible features above 0.0: (unknown version) [ 691.039049][T11490] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 691.081356][T11490] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 691.090625][T11490] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 691.099403][T11490] bcachefs (loop5): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete [ 691.099403][T11490] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive [ 691.099403][T11490] running recovery passes: check_extents_to_backpointers,check_inodes [ 691.130373][T11490] bcachefs (loop5): dropping and reconstructing all alloc info [ 691.174047][T11490] bcachefs (loop5): error reading btree root btree=dirents level=0: btree_node_read_error, fixing [ 691.192841][T11490] bcachefs (loop5): btree node read error at btree xattrs level 0/0 [ 691.192925][T11490] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0 [ 691.193019][T11490] loop5 node offset 0/16: got wrong btree node: got [ 691.193099][T11490] btree=xattrs level=0 seq ded0abe32 1 [ 691.193162][T11490] min: POS_MIN [ 691.193218][T11490] max: SPOS_MAX [ 691.193272][T11490] flagging btree xattrs lost data [ 691.193335][T11490] ret btree_node_read_validate_error [ 691.247533][T11490] bcachefs (loop5): error reading btree root btree=xattrs level=0: btree_node_read_error, fixing [ 691.282194][T11490] bcachefs (loop5): check_topology... [ 691.283058][T11490] bcachefs (loop5): btree root dirents unreadable, must recover from scan [ 691.297805][T11490] bcachefs (loop5): running recovery pass scan_for_btree_nodes (1), currently at check_topology (2) - rewinding [ 691.310110][T11490] bcachefs (loop5): bch2_check_root(): error restart_recovery [ 691.317860][T11490] bcachefs (loop5): scan_for_btree_nodes... [ 691.376816][T11490] bcachefs (loop5): btree node scan found 3 nodes after overwrites [ 691.393205][T11490] done [ 691.396172][T11490] bcachefs (loop5): check_topology... [ 691.397237][T11490] bcachefs (loop5): btree root dirents unreadable, must recover from scan [ 691.411984][T11490] bcachefs (loop5): no nodes found for btree dirents, continuing [ 691.420474][T11490] bcachefs (loop5): btree root xattrs unreadable, must recover from scan [ 691.429672][T11490] bcachefs (loop5): bch2_get_scanned_nodes(): recovery btree=xattrs level=0 POS_MIN - SPOS_MAX [ 691.441016][T11490] bcachefs (loop5): bch2_get_scanned_nodes(): recovering u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ded0abe32 written 8 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0 [ 691.484975][T11490] done [ 691.488018][T11490] bcachefs (loop5): accounting_read... done [ 691.500628][T11490] bcachefs (loop5): alloc_read... done [ 691.508451][T11490] bcachefs (loop5): snapshots_read... done [ 691.517328][T11490] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean [ 691.528615][T11490] bcachefs (loop5): done starting filesystem [ 691.636958][ T7164] bcachefs (loop5): shutting down [ 691.732164][ T7164] bcachefs (loop5): shutdown complete [ 691.928729][T11513] loop6: detected capacity change from 0 to 524287999 [ 693.847268][T11545] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 693.854062][T11545] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 693.862599][T11545] vhci_hcd vhci_hcd.0: Device attached [ 693.983178][T11549] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5) [ 693.989935][T11549] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 693.998074][T11549] vhci_hcd vhci_hcd.0: Device attached [ 694.089116][T11545] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 694.146878][ T5856] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 694.387006][T11545] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(7) [ 694.393785][T11545] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 694.402582][T11545] vhci_hcd vhci_hcd.0: Device attached [ 694.619820][T11557] vhci_hcd: connection closed [ 694.623521][T11546] vhci_hcd: connection reset by peer [ 694.664138][T11563] cgroup: No subsys list or none specified [ 694.670923][T11551] vhci_hcd: connection closed [ 694.704011][ T7382] vhci_hcd: stop threads [ 694.713529][ T7382] vhci_hcd: release socket [ 694.718269][ T7382] vhci_hcd: disconnect device [ 694.818882][ T7382] vhci_hcd: stop threads [ 694.823553][ T7382] vhci_hcd: release socket [ 694.828351][ T7382] vhci_hcd: disconnect device [ 694.893814][ T7382] vhci_hcd: stop threads [ 694.898487][ T7382] vhci_hcd: release socket [ 694.903297][ T7382] vhci_hcd: disconnect device [ 694.960084][T11556] loop8: detected capacity change from 0 to 32768 [ 694.969844][T11556] XFS: attr2 mount option is deprecated. [ 695.046692][T11556] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 695.553672][T11556] XFS (loop8): Ending clean mount [ 695.580842][T11556] XFS (loop8): Quotacheck needed: Please wait. [ 695.617101][T11556] XFS (loop8): Quotacheck: Done. [ 695.719515][T10093] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 695.815504][T11579] input: syz0 as /devices/virtual/input/input26 [ 696.060240][T11583] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.2048'. [ 696.663368][T11591] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 697.708010][T11607] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2059'. [ 697.910342][T11611] netlink: 46 bytes leftover after parsing attributes in process `syz.4.2062'. [ 698.497471][T11623] loop2: detected capacity change from 0 to 512 [ 698.678490][T11623] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2066: casefold flag without casefold feature [ 698.775231][T11623] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2066: couldn't read orphan inode 15 (err -117) [ 698.828488][T11623] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 698.934006][T11636] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2073'. [ 699.313236][ T5856] vhci_hcd: vhci_device speed not set [ 699.393088][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 699.586498][ T5855] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 699.773406][ T5855] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 699.782943][ T5855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 699.848917][ T5855] usb 5-1: config 0 descriptor?? [ 699.887104][ T5855] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 699.958632][T11650] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2078'. [ 699.971914][T11650] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2078'. [ 700.287112][ T5855] gspca_cpia1: usb_control_msg 03, error -32 [ 700.320739][ T5855] gspca_cpia1: usb_control_msg 03, error -71 [ 700.336905][ T5855] gspca_cpia1: usb_control_msg 01, error -71 [ 700.343195][ T5855] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0) [ 700.379281][T11657] team0: No ports can be present during mode change [ 700.392314][ T5855] usb 5-1: USB disconnect, device number 9 [ 700.944284][T11666] loop8: detected capacity change from 0 to 2048 [ 701.155329][T11666] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 701.480527][ T5855] usb 6-1: new full-speed USB device number 11 using dummy_hcd [ 701.690777][ T5855] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 701.701414][ T5855] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 701.714465][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 701.725994][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 701.736173][ T5855] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 701.803357][T11684] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2096'. [ 701.832572][ T5855] usb 6-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 701.842388][ T5855] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 701.850858][ T5855] usb 6-1: Product: syz [ 701.855243][ T5855] usb 6-1: Manufacturer: syz [ 701.860245][ T5855] usb 6-1: SerialNumber: syz [ 701.886893][ T5855] usb 6-1: config 0 descriptor?? [ 702.155481][ T5855] radio-si470x 6-1:0.0: DeviceID=0x6465 ChipID=0x7669 [ 702.304571][T11690] loop8: detected capacity change from 0 to 512 [ 702.330667][T11690] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 702.369893][ T5855] radio-si470x 6-1:0.0: software version 100, hardware version 101 [ 702.402784][T11690] EXT4-fs (loop8): 1 truncate cleaned up [ 702.411816][T11690] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 702.555203][T11690] fscrypt (loop8, inode 18): Can't use IV_INO_LBLK_32 policy with contents mode other than AES-256-XTS [ 702.569394][ T5855] radio-si470x 6-1:0.0: submitting int urb failed (-90) [ 702.745434][T10093] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 702.773931][ T5855] radio-si470x 6-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 702.776899][ T3066] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 702.783889][ T5855] radio-si470x 6-1:0.0: probe with driver radio-si470x failed with error -22 [ 702.873456][T10108] kernel write not supported for file /fb0 (pid: 10108 comm: kworker/0:1) [ 702.897145][ T5855] usb 6-1: USB disconnect, device number 11 [ 702.961836][ T3066] usb 7-1: Using ep0 maxpacket: 8 [ 702.969783][T11698] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2101'. [ 702.979394][T11698] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2101'. [ 702.989067][T11698] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2101'. [ 702.998847][T11698] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2101'. [ 703.008130][T11698] netlink: 'syz.2.2101': attribute type 6 has an invalid length. [ 703.045035][ T3066] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 703.071708][ T3066] usb 7-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 703.081237][ T3066] usb 7-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 703.089661][ T3066] usb 7-1: Product: syz [ 703.094034][ T3066] usb 7-1: Manufacturer: syz [ 703.098999][ T3066] usb 7-1: SerialNumber: syz [ 703.430273][ T3066] usb 7-1: Invalid connection information received from device [ 703.668154][ T5855] usb 7-1: USB disconnect, device number 5 [ 703.784918][T11708] loop2: detected capacity change from 0 to 512 [ 703.857393][T11708] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 703.944240][T11708] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 703.953419][T11708] System zones: 0-2, 18-18, 34-34 [ 704.008236][T11708] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 704.021873][T11708] ext4 filesystem being mounted at /430/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 704.112966][T11716] loop4: detected capacity change from 0 to 1024 [ 704.224374][T11716] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 704.237404][T11716] ext4 filesystem being mounted at /476/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 704.336465][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 704.656642][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 705.038521][T11731] erspan0: entered promiscuous mode [ 705.070234][T11725] loop5: detected capacity change from 0 to 4096 [ 705.217192][T11736] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 706.597379][T11759] loop4: detected capacity change from 0 to 1024 [ 706.655397][T11763] netlink: 'syz.8.2130': attribute type 14 has an invalid length. [ 706.717250][T11759] hfsplus: trying to free free bnode 0(1) [ 707.105580][ T35] hfsplus: b-tree write err: -5, ino 4 [ 707.355052][T11772] tipc: Started in network mode [ 707.360824][T11772] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 707.370881][T11772] tipc: Enabling of bearer rejected, failed to enable media [ 707.458346][T11774] loop4: detected capacity change from 0 to 256 [ 707.492982][T11774] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 707.504368][T11774] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 707.677732][T11774] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 707.824728][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.831930][T11774] exFAT-fs (loop4): Filesystem has been set read-only [ 707.839203][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 8, err : -5) [ 707.853171][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.860401][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 8, err : -5) [ 707.870834][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.879225][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 9, err : -5) [ 707.890134][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.897124][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 10, err : -5) [ 707.907485][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.913662][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 11, err : -5) [ 707.924103][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.930649][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 12, err : -5) [ 707.941022][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.947393][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 13, err : -5) [ 707.948064][T11782] loop5: detected capacity change from 0 to 256 [ 707.962140][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.972438][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 14, err : -5) [ 707.984974][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 707.991844][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 15, err : -5) [ 708.002242][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.008577][T11774] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880139e10f0 iblock : 16, err : -5) [ 708.019111][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.025303][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.031680][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.038020][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.043214][T11782] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 708.044125][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.067626][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.073839][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.082328][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.089234][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.095503][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.101865][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.108190][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.114386][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.120779][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.127117][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.133309][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.139792][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.146011][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.153393][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.163587][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.170845][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.177269][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.185641][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.188458][T11782] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 708.192655][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.209020][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.215249][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.221684][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.228026][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.234253][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.240601][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.246959][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.253158][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.263413][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.270552][T11774] exFAT-fs (loop4): error, broken FAT chain. [ 708.307273][ T30] audit: type=1800 audit(1751571487.120:75): pid=11774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2134" name="file1" dev="loop4" ino=1048698 res=0 errno=0 [ 708.648120][T11789] syz.2.2142 uses obsolete (PF_INET,SOCK_PACKET) [ 709.051304][T11800] loop5: detected capacity change from 0 to 64 [ 709.235416][T11791] loop8: detected capacity change from 0 to 4096 [ 709.260333][T11791] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512). [ 709.644729][T11791] ntfs3(loop8): Failed to initialize $Extend/$Reparse. [ 709.711692][T11804] loop6: detected capacity change from 0 to 2048 [ 709.718825][ T30] audit: type=1800 audit(1751571488.540:76): pid=11791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2144" name="file1" dev="loop8" ino=30 res=0 errno=0 [ 709.844533][T11804] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 709.866076][T11806] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2148'. [ 709.895223][T11808] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551615) [ 709.908005][T11808] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 710.521735][T11816] loop8: detected capacity change from 0 to 512 [ 710.550188][T11816] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found [ 710.558272][T11816] UDF-fs: Scanning with blocksize 512 failed [ 710.585216][T11816] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found [ 710.593217][T11816] UDF-fs: Scanning with blocksize 1024 failed [ 710.629474][T11816] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found [ 710.637364][T11816] UDF-fs: Scanning with blocksize 2048 failed [ 710.758095][T11816] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256 [ 710.864170][T11816] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 710.965585][T11822] loop4: detected capacity change from 0 to 64 [ 711.037266][T11825] program syz.5.2160 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 711.121488][T11826] loop6: detected capacity change from 0 to 1024 [ 711.202806][T11826] EXT4-fs (loop6): filesystem is read-only [ 711.941781][ T30] audit: type=1326 audit(1751571490.760:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11837 comm="syz.8.2165" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1f8358e929 code=0x0 [ 712.111662][T11843] netlink: 292 bytes leftover after parsing attributes in process `syz.5.2168'. [ 712.148137][T11845] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 712.289989][T11847] netlink: 116 bytes leftover after parsing attributes in process `syz.6.2169'. [ 712.299830][T11847] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2169'. [ 712.591788][T11851] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 713.087205][T11859] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 713.419437][ T5855] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 713.455686][T11863] loop5: detected capacity change from 0 to 256 [ 713.567370][T11863] exFAT-fs (loop5): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 713.603244][ T5855] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 713.614574][ T5855] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 713.624827][ T5855] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 713.634245][ T5855] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.662211][ T5855] usb 7-1: config 0 descriptor?? [ 713.679286][T11863] exFAT-fs (loop5): valid_size(10) is greater than size(0) [ 713.689131][T11863] overlayfs: missing 'lowerdir' [ 714.042417][T11865] loop8: detected capacity change from 0 to 4096 [ 714.155948][T11861] loop6: detected capacity change from 0 to 256 [ 714.240452][ T5855] cm6533_jd 0003:0D8C:0022.000E: collection stack underflow [ 714.248132][ T5855] cm6533_jd 0003:0D8C:0022.000E: item 0 2 0 12 parsing failed [ 714.302755][ T5855] cm6533_jd 0003:0D8C:0022.000E: parse failed [ 714.309558][ T5855] cm6533_jd 0003:0D8C:0022.000E: probe with driver cm6533_jd failed with error -22 [ 714.442556][ T3066] usb 7-1: USB disconnect, device number 6 [ 714.514933][T11875] loop2: detected capacity change from 0 to 64 [ 714.777097][T11879] netlink: 'syz.4.2184': attribute type 14 has an invalid length. [ 715.169461][T11885] loop4: detected capacity change from 0 to 64 [ 715.500378][T11892] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 715.920509][T11902] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2194'. [ 716.017465][T11907] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2194'. [ 716.550476][T11912] loop8: detected capacity change from 0 to 1024 [ 716.563529][T11912] EXT4-fs: Ignoring removed bh option [ 716.667815][T11912] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 716.773922][T11918] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2198'. [ 716.951184][T11912] EXT4-fs error (device loop8): ext4_xattr_inode_iget:437: inode #19: comm syz.8.2199: missing EA_INODE flag [ 716.954568][T11924] loop2: detected capacity change from 0 to 128 [ 717.009035][T11924] EXT4-fs: Ignoring removed nobh option [ 717.024540][T11912] EXT4-fs (loop8): Remounting filesystem read-only [ 717.031622][T11912] EXT4-fs warning (device loop8): ext4_xattr_block_set:2190: inode #20: comm syz.8.2199: dec ref error=-30 [ 717.054424][T11924] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 717.088521][T11924] ext4 filesystem being mounted at /445/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 717.398437][T10093] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 717.445718][ T5796] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 718.599424][T11950] loop6: detected capacity change from 0 to 512 [ 718.688099][T11950] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 718.837937][T11957] loop8: detected capacity change from 0 to 512 [ 718.886911][T11957] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 718.906723][ T3066] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 718.992359][T11957] EXT4-fs (loop8): 1 truncate cleaned up [ 719.003727][T11957] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 719.046186][ T7227] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 719.063622][T11957] EXT4-fs (loop8): shut down requested (1) [ 719.091306][ T3066] usb 3-1: Using ep0 maxpacket: 16 [ 719.110955][ T3066] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 719.125603][ T3066] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 719.168914][ T3066] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 719.179321][ T3066] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 719.187908][ T3066] usb 3-1: Product: syz [ 719.192284][ T3066] usb 3-1: Manufacturer: syz [ 719.197238][ T3066] usb 3-1: SerialNumber: syz [ 719.254284][ T3066] usb 3-1: config 0 descriptor?? [ 719.261109][T10108] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 719.279674][T10093] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 719.298247][ T3066] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 719.310012][ T3066] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 719.333557][T11966] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2220'. [ 719.343177][T11966] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2220'. [ 719.414612][T11966] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2220'. [ 719.425476][T11966] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2220'. [ 719.469655][T10108] usb 5-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 719.479303][T10108] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 719.504147][T10108] usb 5-1: config 0 descriptor?? [ 719.560441][T10108] gspca_main: spca508-2.14.0 probing 8086:0110 [ 719.725283][T10108] gspca_spca508: reg_read err -32 [ 719.757338][T10108] gspca_spca508: reg_read err -32 [ 719.916118][ T3066] em28xx 3-1:0.0: chip ID is em2870 [ 719.967609][T10108] gspca_spca508: reg_read err -71 [ 719.986985][T10108] gspca_spca508: reg_read err -71 [ 720.011144][T10108] gspca_spca508: reg write: error -71 [ 720.017146][T10108] spca508 5-1:0.0: probe with driver spca508 failed with error -71 [ 720.056571][T10108] usb 5-1: USB disconnect, device number 10 [ 720.117374][ T30] audit: type=1326 audit(1751571498.950:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm="syz.5.2226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bb7f8e929 code=0x7ffc0000 [ 720.131689][ T3066] usb 3-1: USB disconnect, device number 12 [ 720.144511][ T30] audit: type=1326 audit(1751571498.950:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm="syz.5.2226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bb7f8e929 code=0x7ffc0000 [ 720.150991][ T3066] em28xx 3-1:0.0: Disconnecting em28xx [ 720.171414][ T30] audit: type=1326 audit(1751571498.960:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm="syz.5.2226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f3bb7f8e929 code=0x7ffc0000 [ 720.171618][ T30] audit: type=1326 audit(1751571498.960:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm=08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bb7f8e929 code=0x7ffc0000 [ 720.171809][ T30] audit: type=1326 audit(1751571498.960:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm=08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bb7f8e929 code=0x7ffc0000 [ 720.249716][ T30] audit: type=1326 audit(1751571499.040:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm=08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f3bb7f8e929 code=0x7ffc0000 [ 720.271832][ T30] audit: type=1326 audit(1751571499.040:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm=08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bb7f8e929 code=0x7ffc0000 [ 720.293802][ T30] audit: type=1326 audit(1751571499.040:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm=08 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bb7f8e929 code=0x7ffc0000 [ 720.390121][ T3066] em28xx 3-1:0.0: Freeing device [ 720.967431][T11986] loop8: detected capacity change from 0 to 1764 [ 721.042663][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 721.051978][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 721.072895][T11986] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2229'. [ 721.157216][ T5855] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 721.309273][T11992] loop5: detected capacity change from 0 to 256 [ 721.340781][ T5855] usb 5-1: Using ep0 maxpacket: 32 [ 721.368206][ T5855] usb 5-1: config 0 has an invalid interface number: 85 but max is 0 [ 721.376844][ T5855] usb 5-1: config 0 has no interface number 0 [ 721.383203][ T5855] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 721.394564][ T5855] usb 5-1: config 0 interface 85 has no altsetting 0 [ 721.475898][ T5855] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 721.485897][ T5855] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 721.494708][ T5855] usb 5-1: Product: syz [ 721.499905][ T5855] usb 5-1: Manufacturer: syz [ 721.504815][ T5855] usb 5-1: SerialNumber: syz [ 721.590470][T11994] loop2: detected capacity change from 0 to 1024 [ 721.610923][ T5855] usb 5-1: config 0 descriptor?? [ 721.737684][T11994] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 721.854771][T12001] Bluetooth: hci5: Frame reassembly failed (-84) [ 721.990671][T11994] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2234: bg 0: block 88: padding at end of block bitmap is not set [ 722.422100][T12007] loop6: detected capacity change from 0 to 2048 [ 722.429036][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.515014][ T5855] appletouch 5-1:0.85: Geyser mode initialized. [ 722.524898][ T5855] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.85/input/input27 [ 722.548417][T12007] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 722.558958][ C1] appletouch 5-1:0.85: appletouch: OVERFLOW with data length 64, actual length is 64 [ 722.772376][ T5855] usb 5-1: USB disconnect, device number 11 [ 722.823062][ T5855] appletouch 5-1:0.85: input: appletouch disconnected [ 723.321613][T12023] loop2: detected capacity change from 0 to 256 [ 723.476507][T12023] syz.2.2244: attempt to access beyond end of device [ 723.476507][T12023] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256 [ 723.727235][ T3806] kworker/u8:13: attempt to access beyond end of device [ 723.727235][ T3806] loop2: rw=1, sector=256, nr_sectors = 4 limit=256 [ 723.827681][T12033] nbd: socks must be embedded in a SOCK_ITEM attr [ 723.834647][T12033] block nbd0: shutting down sockets [ 723.897740][T12002] Bluetooth: hci5: command 0x1003 tx timeout [ 723.898798][ T50] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 724.274735][T12041] loop8: detected capacity change from 0 to 2048 [ 724.310440][T12041] UDF-fs: error (device loop8): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 724.366110][T12041] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 724.445965][T12045] loop2: detected capacity change from 0 to 1024 [ 724.470488][T12045] EXT4-fs: Ignoring removed oldalloc option [ 724.574002][T12045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 724.940536][T12056] loop5: detected capacity change from 0 to 256 [ 724.958089][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 725.065981][T12056] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 725.100602][T12061] loop4: detected capacity change from 0 to 128 [ 725.147089][T12061] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 725.258802][T12061] ext4 filesystem being mounted at /502/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 725.383251][T12061] fscrypt (loop4, inode 12): Mutually exclusive encryption flags (0x19) [ 725.622468][ T5797] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 726.671956][T12096] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2277'. [ 726.682730][T12096] netem: change failed [ 727.114941][T12106] loop8: detected capacity change from 0 to 512 [ 727.164297][T12100] loop2: detected capacity change from 0 to 4096 [ 727.217544][T12106] EXT4-fs (loop8): revision level too high, forcing read-only mode [ 727.233566][T12106] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 727.360218][T12100] ntfs3(loop2): Failed to load $Extend (-22). [ 727.366807][T12100] ntfs3(loop2): Failed to initialize $Extend. [ 727.572703][T10093] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 727.702171][T12115] loop6: detected capacity change from 0 to 512 [ 727.744309][T12115] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.2286: iget: bad i_size value: 38620345925642 [ 727.845596][T12115] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2286: couldn't read orphan inode 15 (err -117) [ 727.861338][T12115] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 727.892207][ T3581] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 728.044941][ T3581] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 728.110404][T12115] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.2286: bg 0: block 5: invalid block bitmap [ 728.187809][T12115] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 108 with error 28 [ 728.201046][T12115] EXT4-fs (loop6): This should not happen!! Data will be lost [ 728.201046][T12115] [ 728.212654][T12115] EXT4-fs (loop6): Total free blocks count 0 [ 728.219053][T12115] EXT4-fs (loop6): Free/Dirty block details [ 728.225165][T12115] EXT4-fs (loop6): free_blocks=0 [ 728.231713][T12115] EXT4-fs (loop6): dirty_blocks=108 [ 728.237504][T12115] EXT4-fs (loop6): Block reservation details [ 728.243694][T12115] EXT4-fs (loop6): i_reserved_data_blocks=108 [ 728.274529][ T3581] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 728.411728][ T3581] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 728.577025][ T7227] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 728.677076][ T3581] bridge_slave_1: left allmulticast mode [ 728.682974][ T3581] bridge_slave_1: left promiscuous mode [ 728.689736][ T3581] bridge0: port 2(bridge_slave_1) entered disabled state [ 728.703556][ T3581] bridge_slave_0: left allmulticast mode [ 728.709765][ T3581] bridge_slave_0: left promiscuous mode [ 728.716319][ T3581] bridge0: port 1(bridge_slave_0) entered disabled state [ 729.104982][ T3581] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 729.135903][ T3581] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 729.161390][ T3581] bond0 (unregistering): Released all slaves [ 729.513432][T12131] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2292'. [ 729.881667][ T3581] hsr_slave_0: left promiscuous mode [ 729.937871][ T3581] hsr_slave_1: left promiscuous mode [ 729.945704][ T3581] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 729.953691][ T3581] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 730.066759][ T3581] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 730.078105][ T3581] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 730.222816][T12133] loop5: detected capacity change from 0 to 32768 [ 730.263157][ T3581] veth1_macvtap: left promiscuous mode [ 730.269525][ T3581] veth0_macvtap: left promiscuous mode [ 730.278659][ T3581] veth1_vlan: left promiscuous mode [ 730.284235][ T3581] veth0_vlan: left promiscuous mode [ 730.455348][T12133] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 730.455485][T12133] allowing incompatible features above 0.0: (unknown version) [ 730.455565][T12133] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 730.500696][T12133] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 730.509832][T12133] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 730.519328][T12133] bcachefs (loop5): Version upgrade required: [ 730.519328][T12133] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 730.519328][T12133] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 730.519328][T12133] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 730.596009][T12133] bcachefs (loop5): dropping and reconstructing all alloc info [ 730.785247][T12002] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 730.800309][T12002] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 730.809701][T12002] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 730.822705][T12002] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 730.834395][T12002] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 730.952413][T12133] bcachefs (loop5): accounting_read... done [ 730.965525][T12133] bcachefs (loop5): alloc_read... done [ 730.973582][T12133] bcachefs (loop5): snapshots_read... done [ 730.983754][T12133] bcachefs (loop5): done starting filesystem [ 731.087838][ T7164] bcachefs (loop5): shutting down [ 731.285978][ T7164] bcachefs (loop5): shutdown complete [ 731.330441][ T3581] team0 (unregistering): Port device team_slave_1 removed [ 731.368680][ T3581] team0 (unregistering): Port device team_slave_0 removed [ 731.745111][T12159] overlayfs: upper fs does not support file handles, falling back to index=off. [ 732.004573][T12164] loop4: detected capacity change from 0 to 512 [ 732.048658][T12164] EXT4-fs: Ignoring removed nomblk_io_submit option [ 732.083963][T12164] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 732.092274][T12164] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102] [ 732.131122][T12164] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80) [ 732.141258][T12164] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features [ 732.156808][T12164] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 732.305420][T12164] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80) [ 732.490516][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 732.572606][T12150] chnl_net:caif_netlink_parms(): no params data found [ 732.602015][T12171] loop2: detected capacity change from 0 to 2048 [ 732.722637][T12171] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 732.936597][T12002] Bluetooth: hci4: command tx timeout [ 733.358751][T12176] UDF-fs: warning (device loop2): udf_truncate_tail_extent: Too long extent after EOF in inode 1415: i_size: 61440 lbcount: 65536 extent 129+41984 [ 733.528406][T12180] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2309'. [ 733.765610][T12150] bridge0: port 1(bridge_slave_0) entered blocking state [ 733.773342][T12150] bridge0: port 1(bridge_slave_0) entered disabled state [ 733.781270][T12150] bridge_slave_0: entered allmulticast mode [ 733.790386][T12150] bridge_slave_0: entered promiscuous mode [ 733.890666][T12150] bridge0: port 2(bridge_slave_1) entered blocking state [ 733.899756][T12150] bridge0: port 2(bridge_slave_1) entered disabled state [ 733.907447][T12150] bridge_slave_1: entered allmulticast mode [ 733.916644][T12150] bridge_slave_1: entered promiscuous mode [ 733.931523][T12187] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2311'. [ 734.192705][T12150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 734.284859][T12150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 734.372331][ T42] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 734.591200][T12150] team0: Port device team_slave_0 added [ 734.663704][T12150] team0: Port device team_slave_1 added [ 734.683928][T12197] loop2: detected capacity change from 0 to 256 [ 734.719731][T12197] exfat: Deprecated parameter 'namecase' [ 734.726118][T12197] exfat: Deprecated parameter 'namecase' [ 734.733027][T12197] exfat: Deprecated parameter 'namecase' [ 734.838927][T12150] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 734.846571][T12150] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 734.873067][T12150] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 734.921670][T12150] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 734.929278][T12150] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 734.955767][T12150] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 735.004504][T12197] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf0064b2e, utbl_chksum : 0xe619d30d) [ 735.006824][ T30] audit: type=1326 audit(1751571513.820:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 735.039942][ T30] audit: type=1326 audit(1751571513.820:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 735.062659][ T30] audit: type=1326 audit(1751571513.860:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 735.091745][T12002] Bluetooth: hci4: command tx timeout [ 735.113200][ T3806] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 735.287173][ T30] audit: type=1326 audit(1751571513.950:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 735.312624][ T30] audit: type=1326 audit(1751571513.950:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ebab858e7 code=0x7ffc0000 [ 735.336109][ T30] audit: type=1326 audit(1751571513.950:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ebab2ab19 code=0x7ffc0000 [ 735.338154][ T42] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 735.359000][ T30] audit: type=1326 audit(1751571513.950:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 735.389687][ T30] audit: type=1326 audit(1751571513.950:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ebab858e7 code=0x7ffc0000 [ 735.415338][ T30] audit: type=1326 audit(1751571513.950:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ebab2ab19 code=0x7ffc0000 [ 735.438717][ T30] audit: type=1326 audit(1751571513.950:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12199 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebab8e929 code=0x7ffc0000 [ 735.488665][T12150] hsr_slave_0: entered promiscuous mode [ 735.500238][T12150] hsr_slave_1: entered promiscuous mode [ 735.508618][T12150] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 735.516568][T12150] Cannot create hsr debugfs directory [ 736.148075][ T3581] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 736.157155][ T3581] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 736.668053][T10108] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 736.713380][T12150] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 736.806486][T12150] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 736.879560][T12150] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 736.963435][T12150] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 737.178716][T12002] Bluetooth: hci4: command tx timeout [ 737.643704][T12236] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2331'. [ 737.812397][ T3066] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 737.911895][T12150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 737.986623][ T3066] usb 6-1: Using ep0 maxpacket: 32 [ 738.018475][T12239] Context (ID=0x1) not attached to queue pair (handle=0x4db:0xd) [ 738.026754][T12150] 8021q: adding VLAN 0 to HW filter on device team0 [ 738.040306][ T3066] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 738.052423][ T3066] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 738.067484][ T3066] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 738.080043][ T3066] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 738.084158][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 738.089515][ T3066] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 738.105232][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 738.209242][ T3066] usb 6-1: config 0 descriptor?? [ 738.217987][T12233] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 738.252288][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 738.259845][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 738.316729][ T3066] hub 6-1:0.0: USB hub found [ 738.551077][ T3066] hub 6-1:0.0: config failed, hub has too many ports! (err -19) [ 738.769953][ T3066] usbhid 6-1:0.0: can't add hid device: -71 [ 738.770212][T12246] netlink: 'syz.2.2335': attribute type 2 has an invalid length. [ 738.781151][ T3066] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 738.787203][T12246] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2335'. [ 738.816362][T12247] netlink: 'syz.4.2336': attribute type 8 has an invalid length. [ 738.848665][ T3066] usb 6-1: USB disconnect, device number 12 [ 739.152094][T12249] xt_CT: No such helper "snmp" [ 739.258335][T12002] Bluetooth: hci4: command tx timeout [ 739.392376][T12150] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 740.536991][ C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 740.562493][T12281] tap0: tun_chr_ioctl cmd 1074025677 [ 740.568914][T12281] tap0: linktype set to 65534 [ 741.039405][T12288] serio: Serial port ttyS3 [ 741.193503][T12150] veth0_vlan: entered promiscuous mode [ 741.264550][T12293] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2351'. [ 741.281226][T12294] loop4: detected capacity change from 0 to 1024 [ 741.298073][T12150] veth1_vlan: entered promiscuous mode [ 741.309162][T12294] EXT4-fs: Ignoring removed nobh option [ 741.380225][T12294] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 741.563018][T12299] block nbd6: NBD_DISCONNECT [ 741.604100][T12294] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #11: comm syz.4.2352: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 741.644248][T12150] veth0_macvtap: entered promiscuous mode [ 741.716900][T12150] veth1_macvtap: entered promiscuous mode [ 741.730351][T12294] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2352: couldn't read orphan inode 11 (err -117) [ 741.811765][T12294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 741.883695][T12150] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 741.957379][T12150] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 741.992504][T12294] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.2352: Invalid block bitmap block 0 in block_group 0 [ 742.012454][T12150] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.022457][T12150] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.031542][T12150] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.040624][T12150] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.065319][T12294] __quota_error: 1 callbacks suppressed [ 742.065390][T12294] Quota error (device loop4): write_blk: dquota write failed [ 742.079492][T12294] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 742.090066][T12294] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2352: Failed to acquire dquot type 0 [ 742.514705][ T4248] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm kworker/u8:23: Invalid inode table block 8589934593 in block_group 0 [ 742.581320][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 743.597397][ T5855] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 743.796645][ T5855] usb 7-1: Using ep0 maxpacket: 32 [ 743.864824][ T5855] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 743.874275][ T5855] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 743.897803][ T5855] usb 7-1: config 0 descriptor?? [ 744.172061][ T5855] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 744.215174][ T5855] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 744.246983][ T5855] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 744.254522][ T5855] usb 7-1: media controller created [ 744.371352][T12334] ===================================================== [ 744.378917][T12334] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 [ 744.386800][T12334] _copy_to_user+0xcc/0x120 [ 744.388260][ T5855] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 744.391442][T12334] i2cdev_ioctl_smbus+0x586/0x660 [ 744.405217][T12334] i2cdev_ioctl+0xa14/0xf40 [ 744.412884][T12334] __se_sys_ioctl+0x23c/0x400 [ 744.418839][T12334] __x64_sys_ioctl+0x97/0xe0 [ 744.424135][T12334] x64_sys_call+0x1ebe/0x3db0 [ 744.429202][T12334] do_syscall_64+0xd9/0x210 [ 744.433892][T12334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.440113][T12334] [ 744.442540][T12334] Uninit was stored to memory at: [ 744.448022][T12334] __i2c_smbus_xfer+0x254d/0x2f60 [ 744.453248][T12334] i2c_smbus_xfer+0x31d/0x4d0 [ 744.458252][T12334] i2cdev_ioctl_smbus+0x4a1/0x660 [ 744.463456][T12334] i2cdev_ioctl+0xa14/0xf40 [ 744.468609][T12334] __se_sys_ioctl+0x23c/0x400 [ 744.473481][T12334] __x64_sys_ioctl+0x97/0xe0 [ 744.478651][T12334] x64_sys_call+0x1ebe/0x3db0 [ 744.483551][T12334] do_syscall_64+0xd9/0x210 [ 744.488339][T12334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.494446][T12334] [ 744.497026][T12334] Local variable msgbuf1.i created at: [ 744.502600][T12334] __i2c_smbus_xfer+0x86a/0x2f60 [ 744.507905][T12334] i2c_smbus_xfer+0x31d/0x4d0 [ 744.515643][T12334] [ 744.518979][T12334] Bytes 0-1 of 2 are uninitialized [ 744.524227][T12334] Memory access of size 2 starts at ffff8881192e7d06 [ 744.531178][T12334] Data copied to user address 0000200000000400 [ 744.538172][T12334] [ 744.540627][T12334] CPU: 0 UID: 0 PID: 12334 Comm: syz.6.2365 Tainted: G W 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(undef) [ 744.554696][T12334] Tainted: [W]=WARN [ 744.558759][T12334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 744.569118][T12334] ===================================================== [ 744.576177][T12334] Disabling lock debugging due to kernel taint [ 744.582625][T12334] Kernel panic - not syncing: kmsan.panic set ... [ 744.589184][T12334] CPU: 0 UID: 0 PID: 12334 Comm: syz.6.2365 Tainted: G B W 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(undef) [ 744.603102][T12334] Tainted: [B]=BAD_PAGE, [W]=WARN [ 744.608231][T12334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 744.618431][T12334] Call Trace: [ 744.621831][T12334] [ 744.624861][T12334] __dump_stack+0x26/0x30 [ 744.629366][T12334] dump_stack_lvl+0x53/0x270 [ 744.634171][T12334] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 744.640177][T12334] dump_stack+0x1e/0x25 [ 744.644545][T12334] panic+0x4bd/0xd50 [ 744.648677][T12334] kmsan_report+0x31c/0x320 [ 744.653367][T12334] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 744.659880][T12334] ? kmsan_internal_check_memory+0x1e1/0x230 [ 744.666043][T12334] ? kmsan_copy_to_user+0xf1/0x190 [ 744.671337][T12334] ? _copy_to_user+0xcc/0x120 [ 744.676176][T12334] ? i2cdev_ioctl_smbus+0x586/0x660 [ 744.681570][T12334] ? i2cdev_ioctl+0xa14/0xf40 [ 744.686440][T12334] ? __se_sys_ioctl+0x23c/0x400 [ 744.691497][T12334] ? __x64_sys_ioctl+0x97/0xe0 [ 744.696446][T12334] ? x64_sys_call+0x1ebe/0x3db0 [ 744.701542][T12334] ? do_syscall_64+0xd9/0x210 [ 744.706397][T12334] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.712654][T12334] ? __pfx_az6027_i2c_xfer+0x10/0x10 [ 744.718110][T12334] ? __i2c_transfer+0x11cd/0x3110 [ 744.723313][T12334] ? kmsan_get_metadata+0xfb/0x160 [ 744.728669][T12334] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 744.735207][T12334] ? kmsan_get_metadata+0xfb/0x160 [ 744.740526][T12334] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 744.746554][T12334] ? __i2c_smbus_xfer+0x1e93/0x2f60 [ 744.751950][T12334] ? kmsan_get_metadata+0xfb/0x160 [ 744.757284][T12334] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 744.763408][T12334] kmsan_internal_check_memory+0x1e1/0x230 [ 744.769470][T12334] kmsan_copy_to_user+0xf1/0x190 [ 744.774635][T12334] _copy_to_user+0xcc/0x120 [ 744.779324][T12334] i2cdev_ioctl_smbus+0x586/0x660 [ 744.784558][T12334] i2cdev_ioctl+0xa14/0xf40 [ 744.789247][T12334] ? __pfx_kmsan_get_shadow_origin_ptr+0x2/0x10 [ 744.795706][T12334] ? __pfx_i2cdev_ioctl+0x10/0x10 [ 744.800893][T12334] __se_sys_ioctl+0x23c/0x400 [ 744.805770][T12334] __x64_sys_ioctl+0x97/0xe0 [ 744.810558][T12334] x64_sys_call+0x1ebe/0x3db0 [ 744.815441][T12334] do_syscall_64+0xd9/0x210 [ 744.820130][T12334] ? irqentry_exit+0x16/0x60 [ 744.824866][T12334] ? clear_bhb_loop+0x40/0x90 [ 744.829719][T12334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.835777][T12334] RIP: 0033:0x7fe35a58e929 [ 744.840319][T12334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 744.860100][T12334] RSP: 002b:00007fe35b3a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 744.868684][T12334] RAX: ffffffffffffffda RBX: 00007fe35a7b5fa0 RCX: 00007fe35a58e929 [ 744.876799][T12334] RDX: 0000200000000680 RSI: 0000000000000720 RDI: 0000000000000004 [ 744.884898][T12334] RBP: 00007fe35a610b39 R08: 0000000000000000 R09: 0000000000000000 [ 744.892996][T12334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 744.901095][T12334] R13: 0000000000000000 R14: 00007fe35a7b5fa0 R15: 00007ffe9aa43ff8 [ 744.909232][T12334] [ 744.912715][T12334] Kernel Offset: disabled [ 744.917123][T12334] Rebooting in 86400 seconds..