last executing test programs: 1m3.298638102s ago: executing program 3 (id=4088): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080b01000000e8fe55a1180015000600142603600e120800180000000401080016000a00014006001000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) 1m3.159954505s ago: executing program 3 (id=4090): r0 = signalfd4(0xffffffffffffffff, &(0x7f00000001c0)={[0x5]}, 0x8, 0x0) signalfd4(r0, &(0x7f0000000240)={[0x2]}, 0x8, 0x0) 1m3.086095436s ago: executing program 3 (id=4092): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@getlink={0x28, 0x12, 0xb23, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0x8, 0x12, 0x0, 0x1, [{0x4}]}]}, 0x28}}, 0x0) 1m2.966852788s ago: executing program 3 (id=4094): syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./bus\x00', 0x2000000, &(0x7f0000000340)=ANY=[@ANYBLOB="6469725f756d61736b3d30303030303030303030303030303030303030303030332c63726561746f723d5854282b2c636f6465706167653d63703836342c66696c655f756d61736b3d30303030303030303030303030303030303030303030312c696f636861727365743d63703933362c00ba1cc62fbe041529634cde88021ff02412206543ae25eb5d122f77a94c2113ab796077de9bf46a3b2ed6ec105974f75d13331615810ad28e84c8f2bbd75c4ede6d5a1180afc5acdd01cf83c26042fcc06e0fa14c46671668ded793e0abb1906ae7dbe9e9685e464b1f1d9084009fd14442fac19683285a28a602058e1679c2eac481d62ed27f76c08da8a3e927b48e15d64c837cb723680909354543caa3aafc79fbd2f1a373e039f041072f2b67e922c7e3e492f2b60c93910734743df706deea148a3a296485c2c4f2d611428112a5592bc4eee256ddd27fafd8f3b8de832e181ef5be014215e88cdd7356cdc1bd8d7587c3d604f4f4f0b058dd1d15c6938aa1ffc162"], 0x1, 0x30e, &(0x7f0000000900)="$eJzs3b9u00AcB/DvnZ02pVExbRESC6hQCZaKAgNiCUJZ2ZkQkKRShFVEWyRgIVSMiAdgYuEVeAgWEC8ALExsLNmM7nx27PjiJGocp+X7kRo55/vzu/jP3VkCg4j+W3cbPz7d+K3+BODAAXAbkACqgAvgLM5Vn+8edA78diuvIkeXUH8CYUmRydPcbduKqnK6hOGpby5qyTQqRhAEd36WHQSVTl/9FhJYNNeh3l+dcVzTMti5LnChpFBKk/wNRA89vMBKieEQEdEcMOO/NMNETScJSAlsmmF/nsf/7FpjhF4xcZTlpp9JCnILJMZ/PbsLhDq+p/Wu/npP/6xqv4xWieMEUxn4voDwzErNwYR9VfkrCJlY5NJOx8VW8w1aEoeoG4kC6/qzFZ66kRHRbkx2vgyvrYJ7p8LeqBnl0uDuKKSdjt9eVBuW+Ncma/HoxBfxTTwQHj6gFc//3ECow6SPlDdwpGRFxX9teI3LupTKBXMp1ut1mcpyRjdy3rRgjOhl1b4iSdYZPSDoxhFY4jyMNnTbq0g/Vgh7t21rQPQrX7OV8uJv2bK6rfVUKcecCVvNp37uo5RiRF0U78V9sYE/+IxGYv4vVXybSFyZebd6oXOaMyPsz4I9p6tzepmRoxtvXYwjMBYn7hsBEz4te4fHuIWV/Zevnji+395TG48sG89qe8KkVN4C1jzFbzjIyYNuP0UPHq+DYNyag3TKx7/AUUJVQ18/5epUfwR1/4hT1OVjy6yusjhFFn10ohFvWhV6mP2plb/hwrar8RV5J2ShG9HUZSoVqonWkF1Tvz/RHNoX0UE3CZlJLJ1wat4lwvWfnsmbWZ2+z6gPL2eenr/IRKrG7XgFl54KrtrmLiPWBsvDV3CJFq8PWTPqNdelK8DlRKJAbouejvPEEA18x0M+/yciIiIiIiIiIiIiIiIiIiIiIiIiOm5m8S8Wyu4jEREREREREREREREREREREREREREREdFxN/77f5f6b2qy/R/x+v2/3sj3/6ZeAGxeFMX3/xKV418AAAD///k/d1Y=") mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x101040, 0x0) 1m2.875039039s ago: executing program 3 (id=4095): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='projid_map\x00') writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000280)='2', 0x1}, {0x0}], 0x2) 1m2.350970377s ago: executing program 3 (id=4101): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x0) 1m2.305425447s ago: executing program 32 (id=4101): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x0) 1.690386704s ago: executing program 5 (id=5837): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') lseek(r0, 0x9, 0x18) 1.509961997s ago: executing program 5 (id=5844): r0 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, &(0x7f00000001c0)='\x00', 0x1) 1.398940949s ago: executing program 5 (id=5848): r0 = socket(0x1, 0x803, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x2f, &(0x7f0000000000), 0x20000000) 1.30945482s ago: executing program 5 (id=5852): unshare(0x20000400) pselect6(0x7dcc7adf4cc4be85, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700}, &(0x7f0000000240), &(0x7f00000002c0)={&(0x7f0000000280), 0x8}) 1.235095921s ago: executing program 5 (id=5855): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='wchan\x00') lseek(r0, 0x9, 0x0) 1.214792612s ago: executing program 1 (id=5856): syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==") mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) 1.179903702s ago: executing program 5 (id=5858): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000001c0)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c6c6f63616c666c6f636b732c696e6f646536342c6a6f75726e616c5f6173796e635f636f6d6d69742c6e6f61636c2c6e6f61636c2c6572726f72733d636f6e74696e75652c00edc97523793b5022d016bb24c65ba594abbd38fd9c301bfa101e61d574eb5cc84215aa20846b6f33df6281eaedb4b4afaaacd321e4df0d16b4f5a8a992efe2554b52ec9c980e5544cd4b8df3e1ba594d07e0bfe3471c164430a36b7ebddc35caf2959224d8330f1807117fc520d8ff5660c5691afd66a8e397bb802ed69df198008fb799cc37"], 0x1, 0x470e, &(0x7f0000008f40)="$eJzs222IHGcBB/BnNqe5pMn1XtImafqySQQPLceln6r1QzyrNpo2L9pWU+Xcu1wvp3u7592uFgxSgyAKghIEFV+oCqVfakEM9EstQsEXpFUoFUXrF5FCFfxg0AZ6srszuZ3Zvc7mNmlp+/tBOzfPzPPMs/e/eebl2RRitVMLK8WFlWKpUqzO3r9yS/Fz1XJ9cS4UXiWv9fHpzZXISfavnSPv+8BH7rklhD8c+9qHVldXV0PDcOjqQNvP5/99erZ9mShk6jTa7d5ayx/rj7z087e80h55ToQQdnT0q2FTCOFjvwhhcwhhJC4bjZdbQgjbQghRCOHR3/zrx4P9dKHN2XtfeO7YmcP7zkw9/tgzF+aPrrtjFMJ3y7tvnl98cf+m255/x2U6PAAAvKIPHj9y99HJA+HJKAydG+i8X98ZL5P74zvf9qm7Hh5Y275Kbza9iqECAABAxtrz/3D0cpf5umRmLZkSfOKBE3c/Fa1t92D7+nboriO3v3/yQDz/G3VsvzUu+ud7NzXnULPzvtn535FM/e7zv2vHefirz/6y8taN9z/pX3Lc4RAVJlLrhcLERAjHplrru6KthXJ1pfbO+6v1ysmNH/eNIp1/dvZ+bUK/1/xHM9Xz5v93f+LzP9sy0M8nGAvZv9rGerHzT5ku0vmvP5b/5EtRT/mPZerl5X/H09vP/2pzP58ge0QuRTr/1om4r32HYmsAaOT/zYH8/Hdk2s/L//tT5x49sYHv/zTGmeGo0dfB1Ajwcly+zleYyEjn3woiNXTGv8j1zv//ZfK/JtN+Xv53Vv/xu7/1cf1fb/wfn+qnzTePdP6tIIqpPdbO/5FC/vl/bab9vPx/e+rPz36yr2t1Z/6N/o+7/vcknX98IU4Pns3fZK/j/85M+3n57xq776GFDfT7w1vifg5FYaztW6fnGpewobX56uYjTWPz0gYO8iaQzr/1W0udOkOtRfP8H84f/3dl2s/L/6E9X3/P6b6+/9t9/J80/vcknf+WZtml5P9SJv/dmfbz8v/h6b//5b7LPP431g/Kvyfp/Ld2bF97/1Po6fnvukz9vPc/+0afeuSvfTz/J/1Ljpu8/0neQ4xHrfc/dJfO/6p19+v1+r8nUy/v/P/Wf55/en8/43802PEGwK1f79L5b2sVdnkA7DX/6zPt5+X/hXu+/PE/beD5r3nHN5jk3/b8v7lVftT435N0/ttbhal/DPVg8//N63/Umft/M/nfkGk/L/8LhyYGvnKZr/+N/o93eZVNp3T+Q+vu18j/9z1c/2/M1MvL/4t7f/rizX3d/4cwacDfsHT+V6+7X/P8H8zP/6ZMvbz8v/ONXz/xYB/9f3sfdcnm37rWp06n+N681+f/Yqb9vPx/NH7+7P4r8Px3q+t/T9L5t2bNLyX/7PP/3kz7efl/78gPlgeuwPufO+QPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwIaPxcjhEhYnUeqEwMRHCWLy+K2yNZkonp2fK1dnPrISwIy4vhtFovlydKZWnFyrVk3PTpXK5OhvCNfH2HWEwWilXa9OLpaVrL7a1JTo1V1quzcyVaiGEnXH59WF70tbMQm2xtNTcN6lzVVT6bL1aK03UV+aWw+6L5duS8vnlan3puottXV2oLi+dKlWmTy4sv3tycnIy7LnY55Fo7oHaXKXW6m1ra6NOUnc4avswzc03tB3v09X6cqVUbpbf2FanXJ0tldvq3NR2vNpyvTJbqs1Nl6vzyfGKbXXbPltz895423gYSX2+pG7WwXh5+6HjHz1++EDH9mKUzrtSX5yb3N79bwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN64nb3vXt0MIA621QgjhYPJDFP+XcvbeF547dubwvjNTjz/2zIX5o932AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg/O3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi5n5cowjgOwO+MbRZIKV2EPAaGiOhNwoJ+EUnlGtmxS+egTgkZFAWGER0LgiCoW1QQdAoq/4Kog8dO1aUOHQwiqBidSdld2HKh13aeB4Z3htF3vjCwO/N+3n0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYP87uWOzK2ku7Ni9t3f0hdObnNoYQRpPl/c97O0JPCOHrl5nToUFb6Knp/83k3Hj9VZPfe/vHH14fTdZef/G/xXW7Q5IOrTremaTp0NDa+29XdwafTQ8mIaSxCyGKhbEnZyohhI7YhRDFz4/zF7PP9w2xCyGK/g93u7L7X4ldCFFs3f2pr5I/49EOOv/qr89XLwyu/u5v9gjewiM669Dbk1fepW5q6b3M3/+TfPM+WA6zJ468fx67CKKZnZs6GrsGAADg3zrXJP8PW5b3719OQk93fe7/rSb/763pv3H+v+Le9htjMy2FENvqxiaz4+F9rfTZ/k4NXL39umK8p6zk/+Um/y83+X+5yf/LTf5fbvJ/Mq/k/6X0+OaexRexiyAa+T8AAJTPoeMTU9Xhkezlf9OPzvq8vi9vq3me/uDW9MCjVeNG8sP/2+FjEwcODo/k971+QHBl/Yd06ez3fL5HbVuYrJl30Wz9h96nC/PXGvx0rfqH8zeK+orrWv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/szrEJg2AQgNH/kioTZI1kikCaRME9nMHSARzF2hmcw8oFtBDRxtJG3mvu4IPjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi+T/4r/q936iLdpojUZ/V335/rUi5jaKp2vG89Du4+TvoXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmduBABgAAAECYv3Ue7QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpwAAAP//6bfLTA==") quotactl$Q_SETINFO(0xffffffff80000601, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0x2}) 905.322716ms ago: executing program 1 (id=5863): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, 0x0, &(0x7f0000000080)) 750.422719ms ago: executing program 1 (id=5868): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000007c0)={0x50, 0x3, 0x8, 0x3, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0x2c, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_OPEN={0x8}, @CTA_TIMEOUT_DCCP_PARTOPEN={0x8}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8}, @CTA_TIMEOUT_DCCP_RESPOND={0x8}, @CTA_TIMEOUT_DCCP_TIMEWAIT={0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}]}, 0x50}}, 0x0) 715.171249ms ago: executing program 2 (id=5869): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000080)=@e={0xff, 0x0, 0x0, 0x0, @SEQ_CONTROLLER, 0x0, 0x0, 0xfd}) 677.63567ms ago: executing program 1 (id=5870): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x8010, &(0x7f0000000100)=ANY=[], 0x1, 0x1248, &(0x7f0000002b80)="$eJzs3E1rJEUYAOB3khnzsW4Sdf3agxR68dRscvAkaJAsSOYgqxF2D+KsTnBIOxPSITALuuvJq+C/8OzN3+DFv+BxLx73IIxs92Qyk2QTgnGC7PNc+p2qeqe6qKahmup+/P5P3+5sF9l2az9marWY2Y1IT1KkmIlDb21Wx7v3NtebzY07Kd1e/2z1vZTS0mDo2ue/Lv02F7+vfPH4r7WIePS0/TedInWK1O3tp1a63+vtt+7n7dnoFDtZSp/k7VbRTp1u0d4br0/beW93t59a3dlY3N1rF0Vqdftpp91P+71UH55SN2VZlq4vBs/UOFHy5fHCrV+eDAaDiMGgES/E04lciMW4Fi/G9VgqJ/GleDleiRvxarwWr8cb8WbZaoqjAAAAAAAAAAAAAAAAAAAAgOfAWe//L8eK9/8BAAAAAAAAAAAAAAAAAABgCj69e29zvdncuJPSfET+48HWwVZ5HNavb0cn8mjHrViOv6N8+79Sxbc/bm7cSqWV+CF/OMx/eLA1O5m/Wn5OYJhfL+sO81er/DSZPxeL4/lrsRw3Tu9/7ZT8xs8R774zlp/FcvzxVfQij6/Lvo/yv19N6aNH1TnFqP+bZbsjtaiN/6xPZXoAAADgUmRpZLR+/3Bs/Z5lJ+ur9XGVf4HnA8fW9/W4aQ195Yr+g51Wnrf3JoP5UfDsNpNBLSLOa3NuUBs+Yjm1TcxHnMhq/PtOLz+YOV4yOGtcRf/B7HA2zv7nw+9uHqtqxJWN9PCJ2H/SxfzZl+hFgoUrvyT+f8HYTWJuOvcipu9o0ifL/3x7FC5M/6wAAAAAAAAAAAA4z6XtGYzaaft/61HtLJvYQfhBfJdd3YgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAfduBYAAAAAECYv3UaHRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBSAAAA//9HV68d") renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x2) 619.477251ms ago: executing program 2 (id=5873): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)="e9be0d1a6e6dca638c6d9507c301a471b5d77a85d6eef5d566c391a4d9748f019181dd0e554ddc2ef94373e89df2e70bb1609114d7065cadca8b17130f4e4a72d33218ca3bea85adfcf713cf51da554588fd4b1ddd85897400811bcb6480493c7437635caaf8eed3f32de7e5bac1da18c5278e7aabb583b8e5d7", 0x7a}, 0x1, 0x0, 0x0, 0x24040001}, 0x20044806) 525.721432ms ago: executing program 2 (id=5876): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)={0x20, 0x33, 0x1, 0x70bd2a, 0x25dbdbff, {0x1}, [@nested={0xc, 0x3, 0x0, 0x1, [@typed={0x5, 0x14, 0x0, 0x0, @binary="06"}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20024000}, 0x4000000) 466.584753ms ago: executing program 0 (id=5878): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='net/udp6\x00') read$FUSE(r0, &(0x7f0000004100)={0x2020}, 0x2020) 419.749983ms ago: executing program 2 (id=5879): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140000000075c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xec}}, 0x0) 396.860274ms ago: executing program 4 (id=5880): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x3f46137792f68265) 372.100034ms ago: executing program 0 (id=5881): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$unix(r0, &(0x7f0000000300)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 340.810975ms ago: executing program 4 (id=5882): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@updpolicy={0xfc, 0x19, 0xfd3649826d894c67, 0x70bd28, 0x0, {{@in6=@mcast1, @in=@multicast1, 0xfffe, 0x0, 0x0, 0x0, 0xa}}, [@tmpl={0x44, 0x5, [{{@in=@multicast1, 0x0, 0x2b}, 0x0, @in=@empty, 0x0, 0x2}]}]}, 0xfc}}, 0x0) 294.948655ms ago: executing program 4 (id=5883): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) sync_file_range(r0, 0x8, 0x2, 0x3) 294.546055ms ago: executing program 1 (id=5884): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000000)={0x1f, 0x2, 0x0}) 294.378945ms ago: executing program 2 (id=5885): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updsa={0xf0, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in=@empty, 0x0, 0x3c}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}}, 0xf0}}, 0x0) 260.027376ms ago: executing program 0 (id=5886): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') unlinkat(r0, &(0x7f0000000140)='./mnt\x00', 0x0) 228.337226ms ago: executing program 4 (id=5887): r0 = socket$can_j1939(0x1d, 0x2, 0x7) accept(r0, 0x0, 0x0) 193.426077ms ago: executing program 2 (id=5888): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4cb, &(0x7f0000000700)="$eJzs3c1rG2caAPBHUuzYjnfzscuSZGETyEL2g1j+YIm9u7DsaXcPgWUDe9mF1LUVN7VsGUtOY5OD095y6KG0tFB66L1/QS/NqaFQem7ptfRQUtrUhbZQUNFISvwhOWrqSInn94OJ3nlH0fO+Es/r0TszmgBS63Ttn0zEcER8EBGH66tbn3C6/rBx9/pMbclEtXrxi0zyvNp686nN/3coItYjYiAi/vOPiKczO+OWV9fmp4vFwnJjPV9ZWMqXV9fOXVmYnivMFRbHJs9PTU2OToxP7Vlfb7747M0Lb/+r/61vXrhz+6V336k1a7ixbXM/9lK9631xdFPdgYj466MI1gO5Rn8Ge90QHkrt8/tFRJxJ8v9w5JJPE0iDarVa/b56sN3m9Sqwb2WTfeBMdiQi6uVsdmSkvg//yxjKFkvlyh8vl1YWZ+v7ykeiL3v5SrEw2viucCT6MrX1saR8f3182/pERLIP/HJuMFkfmSkVZ7s71AHbHNqW/1/n6vkPpISv/JBe8h/SS/5Desl/SC/5D+kl/yG95D+kl/yH9JL/kF7yH9Jrt/zv72I7gK7694ULtaXavP599urqynzp6rnZQnl+ZGFlZmSmtLw0MlcqzSXX7Cw86PWKpdLS2J9i5Vq+UihX8uXVtUsLpZXFyqXkuv5Lhb6u9AroxNFTtz7KRMT6nweTJTb9yZersL9Vq5no9TXIQG/kej0AAT1j6h/S60d8x2/7I2HAk63FT/RuMdC6+m+x9ChaA3RDttcNAHrm7AnH/yCtzP9Depn/h/Syjw885Px/mP+HJ5f5f0iv4Tb3//rZpnt3jUbEzyPiw1zfwea9voD9IPtZprH/f/bwb4e3b+3PfJscIuiPiOdev/jqtelKZXmsVv/lvfrKa4368V60H+hUM0+beQwApNfG3eszzaWbcT//e/0khJ3xDzTmJgeSY5RDG5kt5ypk9ujchfUbEXG8VfxM437n9SMfQxu5HfGPNR4z9ZdI2nsguW96d+Kf2BT/N5vin/zJ7wqkw63a+DPaKv+ySU7HvfzbMv5kh/fo3In241/23viXazP+neowxjNvPP9p2/g3Ik62jN+MN5DE2h6/1razHca/8////qrdtuqb9ddpFb+pVspXFpby5dW1c8nvyM0VFscmz09NTY5OjE/lkznqfHOmeqe/HH//9m79H2oTv97fj1v2v1b3+w77/92v3/vf6V3i/+5M68//WPLY+v0fjIg/dBj/q/FPnmq3rRZ/tk3/s7vEr9VNdBi//Mo/XTsMAI+R8ura/HSxWFhWUEgKBx+PZij0uPCgkWO9OwMU8MjcT/petwQAAAAAAAAAAADoVDdOJ+51HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9oMfAgAA//+H4NeR") truncate(&(0x7f0000000080)='./file1\x00', 0xfe0) 177.024347ms ago: executing program 0 (id=5889): setrlimit(0x7, &(0x7f00000000c0)) signalfd4(0xffffffffffffffff, &(0x7f0000000380), 0x8, 0x0) 110.963198ms ago: executing program 4 (id=5890): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x2, 0xe0482) ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f0000000140)) 98.954068ms ago: executing program 0 (id=5891): r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) write$FUSE_DIRENT(r0, 0x0, 0x40) 73.070839ms ago: executing program 1 (id=5892): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x800) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f00000001c0)=""/81) 57.585789ms ago: executing program 0 (id=5893): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x3f46137792f68265) 0s ago: executing program 4 (id=5894): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2210}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0xe7dd}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0) kernel console output (not intermixed with test programs): < PAGE_SIZE [ 160.023528][T11793] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 160.056270][T11776] EXT4-fs (loop4): re-mounted. Opts: . Quota mode: writeback. [ 160.386506][T11820] loop1: detected capacity change from 0 to 8 [ 160.464675][T11827] netlink: 'syz.2.3545': attribute type 1 has an invalid length. [ 160.478731][T11820] attempt to access beyond end of device [ 160.478731][T11820] loop1: rw=2048, want=36028797018963976, limit=8 [ 160.482076][T11820] SQUASHFS error: Failed to read block 0xfffffffffffffffa: -5 [ 160.484150][T11820] unable to read xattr id index table [ 160.988710][T11866] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3563'. [ 161.108029][T11878] netlink: 'syz.1.3569': attribute type 1 has an invalid length. [ 161.185124][T11880] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3570'. [ 161.289024][T11880] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 161.355407][T11891] libceph: resolve '0.0' (ret=-3): failed [ 161.388159][T11880] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 161.464405][T11896] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3575'. [ 161.474204][T11880] bond0 (unregistering): (slave macvlan0): Releasing backup interface [ 161.644740][T11880] device veth1_vlan left promiscuous mode [ 161.745380][T11880] bond0 (unregistering): Released all slaves [ 161.825583][T11876] loop3: detected capacity change from 0 to 32768 [ 161.837874][T11876] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.3568 (11876) [ 161.882266][T11884] loop0: detected capacity change from 0 to 32768 [ 161.897178][T11876] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 161.899749][T11876] BTRFS info (device loop3): force zlib compression, level 3 [ 161.901771][T11876] BTRFS info (device loop3): force clearing of disk cache [ 161.903645][T11876] BTRFS info (device loop3): setting nodatasum [ 161.905356][T11876] BTRFS info (device loop3): use zlib compression, level 3 [ 161.950035][T11876] BTRFS info (device loop3): allowing degraded mounts [ 161.952023][T11876] BTRFS info (device loop3): enabling disk space caching [ 161.954000][T11876] BTRFS info (device loop3): disk space caching is enabled [ 161.955991][T11876] BTRFS info (device loop3): has skinny extents [ 162.036881][T11908] loop0: detected capacity change from 0 to 64 [ 162.099550][T11894] loop4: detected capacity change from 0 to 32768 [ 162.116499][T11894] BTRFS warning: duplicate device /dev/loop4 devid 1 generation 8 scanned by syz.4.3576 (11894) [ 162.217266][T11876] BTRFS info (device loop3): enabling ssd optimizations [ 162.220139][T11876] BTRFS info (device loop3): clearing free space tree [ 162.222005][T11876] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 162.224907][T11876] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 162.369078][T11929] tmpfs: Bad value for 'mpol' [ 162.424924][T11876] BTRFS error (device loop3): target device is invalid! [ 162.658923][T11927] loop2: detected capacity change from 0 to 32768 [ 162.719451][T11927] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 162.751329][T11927] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 162.764256][T11900] loop1: detected capacity change from 0 to 32768 [ 162.775363][T11943] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3591'. [ 162.814056][T11900] XFS: attr2 mount option is deprecated. [ 162.815646][T11900] XFS: ikeep mount option is deprecated. [ 162.850525][T11900] XFS: noikeep mount option is deprecated. [ 162.876113][ T4031] ocfs2: Unmounting device (7,2) on (node local) [ 162.962120][T11900] XFS (loop1): Mounting V5 Filesystem [ 162.971532][T11943] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.995480][T11961] xt_hashlimit: max too large, truncated to 1048576 [ 163.084509][T11943] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.144938][T11900] XFS (loop1): Ending clean mount [ 163.145852][T11943] bond0 (unregistering): (slave netdevsim0): Releasing backup interface [ 163.156505][T11900] XFS (loop1): Quotacheck needed: Please wait. [ 163.211630][T11900] XFS (loop1): Quotacheck: Done. [ 163.298552][T11943] bond0 (unregistering): Released all slaves [ 163.306818][ T4023] XFS (loop1): Unmounting Filesystem [ 163.311520][T11977] netlink: 'syz.2.3603': attribute type 28 has an invalid length. [ 163.313667][T11977] netlink: 'syz.2.3603': attribute type 3 has an invalid length. [ 163.327288][T11977] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3603'. [ 163.689602][T11999] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 163.731836][T11999] device bridge1 entered promiscuous mode [ 163.834737][T12009] netlink: 8896 bytes leftover after parsing attributes in process `syz.0.3620'. [ 163.867803][ T5963] Bluetooth: hci0: command 0x0406 tx timeout [ 163.869647][ T5963] Bluetooth: hci1: command 0x0406 tx timeout [ 163.871346][ T5963] Bluetooth: hci2: command 0x0406 tx timeout [ 163.873071][ T5963] Bluetooth: hci3: command 0x0406 tx timeout [ 163.914981][T12015] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3621'. [ 164.005802][T12015] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 164.066601][T12015] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 164.121736][T12015] bond0 (unregistering): Released all slaves [ 164.194541][T12025] loop1: detected capacity change from 0 to 4096 [ 164.272347][T12025] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 164.288318][T12034] netlink: 308 bytes leftover after parsing attributes in process `syz.0.3631'. [ 164.295891][T12034] netlink: 92 bytes leftover after parsing attributes in process `syz.0.3631'. [ 164.307298][T12034] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3631'. [ 164.422413][T12039] loop0: detected capacity change from 0 to 16 [ 164.481189][T12039] erofs: (device loop0): mounted with root inode @ nid 36. [ 164.516066][T12038] loop4: detected capacity change from 0 to 4096 [ 164.523856][T12038] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 164.551696][T12013] loop2: detected capacity change from 0 to 32768 [ 164.553551][T12038] ntfs: (device loop4): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 164.563421][T12038] ntfs: (device loop4): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 164.572507][T12038] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 164.575055][T12038] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 164.596742][T12013] Dev loop2 Sun disklabel: Csum bad, label corrupted [ 164.599284][T12013] loop2: unable to read partition table [ 164.601036][T12013] loop_reread_partitions: partition scan of loop2 () failed (rc=-5) [ 164.617325][T12038] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 164.619633][T12038] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 164.625232][T12038] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 164.634210][T12038] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 164.646983][T12038] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 164.665528][T12038] ntfs: volume version 3.1. [ 165.004740][T12074] netlink: 'syz.4.3649': attribute type 8 has an invalid length. [ 165.263554][T12095] ntfs3: nbd1: try to read out of volume at offset 0x0 [ 165.443400][T12114] loop4: detected capacity change from 0 to 64 [ 165.514079][T12114] hfs: request for non-existent node 16777216 in B*Tree [ 165.520896][T12114] hfs: request for non-existent node 16777216 in B*Tree [ 166.247355][T12176] loop0: detected capacity change from 0 to 256 [ 166.331926][T12176] FAT-fs (loop0): Directory bread(block 64) failed [ 166.333804][T12176] FAT-fs (loop0): Directory bread(block 65) failed [ 166.335715][T12176] FAT-fs (loop0): Directory bread(block 66) failed [ 166.357239][T12176] FAT-fs (loop0): Directory bread(block 67) failed [ 166.382217][T12176] FAT-fs (loop0): Directory bread(block 68) failed [ 166.384099][T12176] FAT-fs (loop0): Directory bread(block 69) failed [ 166.386030][T12176] FAT-fs (loop0): Directory bread(block 70) failed [ 166.398688][T12176] FAT-fs (loop0): Directory bread(block 71) failed [ 166.400618][T12176] FAT-fs (loop0): Directory bread(block 72) failed [ 166.402450][T12176] FAT-fs (loop0): Directory bread(block 73) failed [ 166.554893][T12191] device veth1_macvtap left promiscuous mode [ 166.584531][T12131] loop1: detected capacity change from 0 to 32768 [ 167.320386][T12256] xt_recent: Unsupported userspace flags (000000de) [ 168.235922][T12326] loop2: detected capacity change from 0 to 256 [ 168.341351][T12270] loop4: detected capacity change from 0 to 32768 [ 168.344045][T12270] XFS: ikeep mount option is deprecated. [ 168.390095][T12326] FAT-fs (loop2): Directory bread(block 64) failed [ 168.391857][T12326] FAT-fs (loop2): Directory bread(block 65) failed [ 168.394108][T12326] FAT-fs (loop2): Directory bread(block 66) failed [ 168.395987][T12326] FAT-fs (loop2): Directory bread(block 67) failed [ 168.414436][T12326] FAT-fs (loop2): Directory bread(block 68) failed [ 168.416326][T12326] FAT-fs (loop2): Directory bread(block 69) failed [ 168.434745][T12326] FAT-fs (loop2): Directory bread(block 70) failed [ 168.436605][T12326] FAT-fs (loop2): Directory bread(block 71) failed [ 168.455300][T12326] FAT-fs (loop2): Directory bread(block 72) failed [ 168.457587][T12326] FAT-fs (loop2): Directory bread(block 73) failed [ 168.465337][T12270] XFS (loop4): Mounting V5 Filesystem [ 168.549150][T12296] loop1: detected capacity change from 0 to 32768 [ 168.572589][T12270] XFS (loop4): Ending clean mount [ 168.575958][T12270] XFS (loop4): Quotacheck needed: Please wait. [ 168.597350][T12296] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.3751 (12296) [ 168.632295][T12296] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 168.634840][T12296] BTRFS info (device loop1): force zlib compression, level 3 [ 168.640950][T12270] XFS (loop4): Quotacheck: Done. [ 168.668609][T12296] BTRFS info (device loop1): force clearing of disk cache [ 168.670659][T12296] BTRFS info (device loop1): setting nodatasum [ 168.672347][T12296] BTRFS info (device loop1): use zlib compression, level 3 [ 168.674328][T12296] BTRFS info (device loop1): allowing degraded mounts [ 168.676237][T12296] BTRFS info (device loop1): enabling disk space caching [ 168.721450][ T4033] XFS (loop4): Unmounting Filesystem [ 168.724065][T12296] BTRFS info (device loop1): disk space caching is enabled [ 168.726000][T12296] BTRFS info (device loop1): has skinny extents [ 168.932945][T12296] BTRFS info (device loop1): enabling ssd optimizations [ 168.964190][T12296] BTRFS info (device loop1): clearing free space tree [ 168.966098][T12296] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 168.969867][T12296] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 168.987142][ T5963] Bluetooth: hci0: command 0x0401 tx timeout [ 169.086194][T12296] BTRFS error (device loop1): target device is invalid! [ 169.136456][T12343] loop0: detected capacity change from 0 to 32768 [ 169.203482][T12338] loop3: detected capacity change from 0 to 32768 [ 169.228790][T12362] loop2: detected capacity change from 0 to 32768 [ 169.272374][T12338] non-latin1 character 0xffff found in JFS file name [ 169.288520][T12343] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.3767 (12343) [ 169.301383][T12338] mount with iocharset=utf8 to access [ 169.346608][T12372] __nla_validate_parse: 1 callbacks suppressed [ 169.346622][T12372] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3770'. [ 169.366602][T12362] XFS (loop2): Mounting V5 Filesystem [ 169.616762][T12392] loop4: detected capacity change from 0 to 512 [ 169.632886][T12362] XFS (loop2): Ending clean mount [ 169.681695][T12392] EXT2-fs (loop4): warning: mounting ext3 filesystem as ext2 [ 169.711225][T12362] XFS: no-recovery mounts must be read-only. [ 169.758921][ T4281] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 10 /dev/loop1 scanned by udevd (4281) [ 169.794221][ T4031] XFS (loop2): Unmounting Filesystem [ 169.909909][T12404] loop4: detected capacity change from 0 to 64 [ 169.951011][T12407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:00) already exists on: batadv_slave_0 [ 169.977224][T12407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.980475][T12407] device geneve3 entered promiscuous mode [ 170.090547][T12412] xt_nfacct: accounting object `syz1' does not exists [ 170.455049][T12443] SET target dimension over the limit! [ 170.532923][T12449] netlink: 'syz.2.3804': attribute type 1 has an invalid length. [ 170.538646][T12452] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3806'. [ 170.541127][T12452] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3806'. [ 170.560932][T12452] device gretap1 entered promiscuous mode [ 170.831624][T12479] loop2: detected capacity change from 0 to 1024 [ 170.853204][T12481] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 170.944678][T12479] EXT4-fs (loop2): Ignoring removed nobh option [ 170.946411][T12479] EXT4-fs (loop2): Ignoring removed bh option [ 170.951126][T12479] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 170.966279][T12490] mip6: mip6_rthdr_init_state: spi is not 0: 1 [ 170.985164][T12493] loop4: detected capacity change from 0 to 1024 [ 171.025244][T12479] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 171.060792][T12493] EXT4-fs (loop4): Ignoring removed oldalloc option [ 171.062696][T12493] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 171.138905][T12503] fuse: Invalid rootmode [ 171.156059][T12493] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x0000000000000007,barrier=0x0000000000000003,dax=inode,data_err=ignore,dioread_nolock,nojournal_checksum,data_err=ignore,oldalloc,bsdgroups,,errors=continue. Quota mode: none. [ 171.242897][T12513] loop3: detected capacity change from 0 to 64 [ 171.251487][T12515] loop0: detected capacity change from 0 to 512 [ 171.257571][T12493] fscrypt (loop4, inode 15): Error -61 getting encryption context [ 171.368496][T12515] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 172.116603][T12589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3869'. [ 172.175316][T12592] netlink: 320 bytes leftover after parsing attributes in process `syz.0.3873'. [ 172.209116][T12592] device ip6tnl3 entered promiscuous mode [ 172.211329][T12595] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3874'. [ 172.335656][T12603] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3878'. [ 172.769718][T12644] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3898'. [ 172.993986][T12660] loop3: detected capacity change from 0 to 512 [ 173.036794][T12660] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 173.052006][T12666] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 173.085013][T12660] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8001e119, mo2=0000] [ 173.090403][T12660] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3876: comm syz.3.3906: Allocating blocks 42-43 which overlap fs metadata [ 173.093487][T12660] __quota_error: 10 callbacks suppressed [ 173.093499][T12660] Quota error (device loop3): write_blk: dquota write failed [ 173.093614][T12660] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 173.093662][T12660] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.3906: Failed to acquire dquot type 0 [ 173.095230][T12660] EXT4-fs (loop3): 1 truncate cleaned up [ 173.095252][T12660] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,noblock_validity,nombcache,norecovery,acl,resgid=0x000000000000ee01,norecovery,noauto_da_alloc,resgid=0x000000000000ee002,errors=continue. Quota mode: writeback. [ 173.178718][T12660] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3876: comm syz.3.3906: Allocating blocks 42-43 which overlap fs metadata [ 173.214220][T12660] Quota error (device loop3): write_blk: dquota write failed [ 173.216492][T12660] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 173.272305][T12660] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.3906: Failed to acquire dquot type 0 [ 173.325416][T12676] IPv6: sit3: Disabled Multicast RS [ 173.407700][T12622] loop1: detected capacity change from 0 to 32768 [ 173.416589][T12682] netlink: 'syz.2.3915': attribute type 4 has an invalid length. [ 173.464945][T12684] loop4: detected capacity change from 0 to 256 [ 173.485800][T12622] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 173.497866][T12622] BTRFS info (device loop1): force zlib compression, level 3 [ 173.499798][T12622] BTRFS info (device loop1): force clearing of disk cache [ 173.506264][T12622] BTRFS info (device loop1): setting nodatasum [ 173.521450][T12622] BTRFS info (device loop1): allowing degraded mounts [ 173.523277][T12622] BTRFS info (device loop1): enabling disk space caching [ 173.524461][T12684] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 173.525135][T12622] BTRFS info (device loop1): disk space caching is enabled [ 173.540412][T12622] BTRFS info (device loop1): has skinny extents [ 173.925652][T12622] BTRFS info (device loop1): clearing free space tree [ 173.928401][T12622] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 173.930913][T12622] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 174.054818][T12622] BTRFS error (device loop1): balance: invalid convert metadata profile raid0 [ 174.162985][T12738] netlink: 'syz.4.3933': attribute type 1 has an invalid length. [ 174.244480][T12744] bond0: Error: Cannot enslave bond to itself. [ 174.465676][T12761] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3943'. [ 174.466979][ T4292] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 10 /dev/loop1 scanned by udevd (4292) [ 174.719792][T12779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3949'. [ 174.827411][T12783] netlink: 320 bytes leftover after parsing attributes in process `syz.1.3950'. [ 174.832503][T12783] device ip6tnl2 entered promiscuous mode [ 175.010366][T12788] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3952'. [ 175.114193][T12793] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 175.134691][T12793] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 175.137037][T12793] overlayfs: missing 'lowerdir' [ 175.320265][T12801] loop2: detected capacity change from 0 to 4096 [ 175.329967][T12801] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 175.417820][T12801] ntfs: (device loop2): parse_options(): NLS character set iso8(ê;3 not found. Using previous one utf8. [ 175.427032][T12801] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt mapping pairs array in non-resident attribute. [ 175.443203][T12801] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x1, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 175.459264][T12801] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt mapping pairs array in non-resident attribute. [ 175.462452][T12801] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x1, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 175.521929][T12801] ntfs: volume version 3.1. [ 175.522926][T12816] loop0: detected capacity change from 0 to 1764 [ 175.546782][T12820] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 175.657131][T12826] loop3: detected capacity change from 0 to 64 [ 175.664799][T12825] xt_CT: You must specify a L4 protocol and not use inversions on it [ 175.791719][T12832] binder: 12830 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero. [ 175.791744][T12832] binder: 12830:12832 ioctl c018620c 20000180 returned -22 [ 175.866618][T12835] netlink: 'syz.3.3975': attribute type 1 has an invalid length. [ 176.109930][T12854] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3988'. [ 176.135341][T12856] loop0: detected capacity change from 0 to 1024 [ 176.235752][T12856] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000036,nombcache,,errors=continue. Quota mode: none. [ 176.274726][T12863] loop2: detected capacity change from 0 to 256 [ 176.346416][T12873] xt_CT: You must specify a L4 protocol and not use inversions on it [ 176.466198][T12863] FAT-fs (loop2): Directory bread(block 64) failed [ 176.466763][T12877] netlink: 'syz.3.3996': attribute type 8 has an invalid length. [ 176.486360][T12863] FAT-fs (loop2): Directory bread(block 65) failed [ 176.494017][T12863] FAT-fs (loop2): Directory bread(block 66) failed [ 176.495912][T12863] FAT-fs (loop2): Directory bread(block 67) failed [ 176.499139][T12863] FAT-fs (loop2): Directory bread(block 68) failed [ 176.500857][T12863] FAT-fs (loop2): Directory bread(block 69) failed [ 176.502569][T12863] FAT-fs (loop2): Directory bread(block 70) failed [ 176.504251][T12863] FAT-fs (loop2): Directory bread(block 71) failed [ 176.535529][T12863] FAT-fs (loop2): Directory bread(block 72) failed [ 176.539656][T12863] FAT-fs (loop2): Directory bread(block 73) failed [ 177.241709][T12924] loop3: detected capacity change from 0 to 256 [ 177.275120][T12767] loop4: detected capacity change from 0 to 131072 [ 177.305675][T12924] FAT-fs (loop3): Directory bread(block 64) failed [ 177.307615][T12924] FAT-fs (loop3): Directory bread(block 65) failed [ 177.309355][T12924] FAT-fs (loop3): Directory bread(block 66) failed [ 177.321425][T12924] FAT-fs (loop3): Directory bread(block 67) failed [ 177.323309][T12924] FAT-fs (loop3): Directory bread(block 68) failed [ 177.325394][T12924] FAT-fs (loop3): Directory bread(block 69) failed [ 177.333884][T12934] dlm: no locking on control device [ 177.335709][T12924] FAT-fs (loop3): Directory bread(block 70) failed [ 177.343151][T12767] F2FS-fs (loop4): Found nat_bits in checkpoint [ 177.369708][T12924] FAT-fs (loop3): Directory bread(block 71) failed [ 177.371513][T12924] FAT-fs (loop3): Directory bread(block 72) failed [ 177.373228][T12924] FAT-fs (loop3): Directory bread(block 73) failed [ 177.423918][T12767] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 177.446041][T12767] F2FS-fs (loop4): inode (7) has corrupted xattr [ 177.539893][T12949] i2c i2c-0: Invalid block write size 34 [ 177.819237][T12972] loop0: detected capacity change from 0 to 512 [ 177.913869][T12972] EXT2-fs (loop0): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 177.916826][T12972] EXT2-fs (loop0): error: couldn't mount RDWR because of unsupported optional features (1000000) [ 177.972257][T12983] netlink: 'syz.3.4046': attribute type 1 has an invalid length. [ 178.019317][T12986] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 178.041110][T12988] delete_channel: no stack [ 178.115318][T12995] netlink: 'syz.0.4052': attribute type 1 has an invalid length. [ 178.242522][T13005] loop4: detected capacity change from 0 to 64 [ 178.265138][T13007] loop0: detected capacity change from 0 to 512 [ 178.324221][T13011] loop3: detected capacity change from 0 to 256 [ 178.341857][T13007] EXT4-fs (loop0): Unrecognized mount option "appraise_type=imasig" or missing value [ 178.500083][T13017] Soft offlining pfn 0x138200 at process virtual address 0x20000000 [ 178.558460][T13017] Memory failure: 0x138200: unhandlable page. [ 178.607788][T13021] loop3: detected capacity change from 0 to 4096 [ 178.633934][T13025] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 178.726507][T12978] loop2: detected capacity change from 0 to 32768 [ 178.871511][T12978] XFS (loop2): Mounting V5 Filesystem [ 179.035392][T13053] netlink: 172 bytes leftover after parsing attributes in process `syz.4.4075'. [ 179.057659][T12978] XFS (loop2): Ending clean mount [ 179.273991][ T4031] XFS (loop2): Unmounting Filesystem [ 179.359884][T13074] netlink: 'syz.3.4088': attribute type 16 has an invalid length. [ 179.362145][T13074] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4088'. [ 179.610323][T13085] loop3: detected capacity change from 0 to 64 [ 179.733526][T13086] loop4: detected capacity change from 0 to 4096 [ 179.898273][T13058] loop1: detected capacity change from 0 to 32768 [ 179.942613][T13068] loop0: detected capacity change from 0 to 32768 [ 179.983186][T13068] (syz.0.4085,13068,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 179.995974][T13068] (syz.0.4085,13068,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 180.024168][T13093] loop2: detected capacity change from 0 to 1764 [ 180.045669][T13068] JBD2: Ignoring recovery information on journal [ 180.055486][T13058] XFS (loop1): Mounting V5 Filesystem [ 180.111513][T13068] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 180.323364][ T4027] ocfs2: Unmounting device (7,0) on (node local) [ 180.323896][T13058] XFS (loop1): Ending clean mount [ 180.459203][ T4023] XFS (loop1): Unmounting Filesystem [ 180.469507][ T378] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.643378][T13122] IPVS: set_ctl: invalid protocol: 0 224.0.0.2:0 [ 180.672235][ T378] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.737472][T13128] ieee802154 phy0 wpan0: encryption failed: -22 [ 180.817040][T13135] loop2: detected capacity change from 0 to 2048 [ 180.845202][T13135] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 180.851934][ T378] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.874373][T13132] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 180.897255][T13135] UDF-fs: unknown compression code (0) [ 180.902662][T13132] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 180.903621][T13130] loop0: detected capacity change from 0 to 8192 [ 180.904817][T13132] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 180.949279][ T378] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.971477][T13130] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 180.990005][T13130] REISERFS (device loop0): using ordered data mode [ 180.992131][T13130] reiserfs: using flush barriers [ 181.025230][T13130] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 181.032353][T13130] REISERFS (device loop0): checking transaction log (loop0) [ 181.127769][T13142] loop4: detected capacity change from 0 to 256 [ 181.164748][T13142] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 181.451191][T13130] REISERFS (device loop0): Using tea hash to sort names [ 181.453293][T13130] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 181.494252][T13130] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 181.528987][T13138] loop1: detected capacity change from 0 to 32768 [ 181.546973][T13114] chnl_net:caif_netlink_parms(): no params data found [ 181.554243][T13154] netlink: 'syz.4.4120': attribute type 32 has an invalid length. [ 181.671292][T13138] ERROR: (device loop1): diAllocAG: ipimap->i_size is wrong [ 181.671292][T13138] [ 181.688851][T13138] ERROR: (device loop1): remounting filesystem as read-only [ 181.690742][T13138] ialloc: diAlloc returned -5! [ 181.737357][T13161] loop2: detected capacity change from 0 to 2048 [ 181.759261][T13161] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 182.056618][T13114] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.061641][T13114] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.112263][T13114] device bridge_slave_0 entered promiscuous mode [ 182.116246][T13114] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.118487][T13114] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.121157][T13114] device bridge_slave_1 entered promiscuous mode [ 182.501113][T13114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 182.575651][T13114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 182.587344][ T13] Bluetooth: hci2: command 0x0409 tx timeout [ 182.646573][T13218] loop0: detected capacity change from 0 to 2048 [ 182.690711][T13218] loop0: [ICS] [ 182.717826][T13114] team0: Port device team_slave_0 added [ 182.729885][T13114] team0: Port device team_slave_1 added [ 182.742559][T13218] futex_wake_op: syz.0.4144 tries to shift op by -1; fix this program [ 182.841428][T13232] loop1: detected capacity change from 0 to 1024 [ 182.905023][T13114] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 182.907546][T13114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 182.938592][T13114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 182.955540][T13232] __quota_error: 7 callbacks suppressed [ 182.955552][T13232] Quota error (device loop1): find_tree_dqentry: Getting block too big (64 >= 6) [ 182.962699][T13232] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 182.965139][T13232] EXT4-fs error (device loop1): ext4_acquire_dquot:6207: comm syz.1.4150: Failed to acquire dquot type 0 [ 183.011558][T13232] EXT4-fs error (device loop1): mb_free_blocks:1865: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 183.024365][T13232] EXT4-fs error (device loop1): ext4_do_update_inode:5204: inode #13: comm syz.1.4150: corrupted inode contents [ 183.039041][T13232] EXT4-fs error (device loop1): ext4_dirty_inode:6040: inode #13: comm syz.1.4150: mark_inode_dirty error [ 183.042374][T13232] EXT4-fs error (device loop1): ext4_do_update_inode:5204: inode #13: comm syz.1.4150: corrupted inode contents [ 183.046762][T13232] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #13: comm syz.1.4150: mark_inode_dirty error [ 183.053440][T13232] EXT4-fs error (device loop1): ext4_do_update_inode:5204: inode #13: comm syz.1.4150: corrupted inode contents [ 183.097562][T13232] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 183.119793][T13114] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 183.121692][T13114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 183.124532][T13232] EXT4-fs error (device loop1): ext4_do_update_inode:5204: inode #13: comm syz.1.4150: corrupted inode contents [ 183.141410][T13114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 183.181313][T13232] EXT4-fs error (device loop1): ext4_truncate:4273: inode #13: comm syz.1.4150: mark_inode_dirty error [ 183.198371][T13232] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 183.216863][T13232] EXT4-fs (loop1): 1 truncate cleaned up [ 183.220728][T13232] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 183.251466][T13258] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 183.311610][T13258] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 183.313912][T13258] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 183.377599][T13232] Quota error (device loop1): find_tree_dqentry: Getting block too big (64 >= 6) [ 183.382477][T13232] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 183.385461][T13232] EXT4-fs error (device loop1): ext4_acquire_dquot:6207: comm syz.1.4150: Failed to acquire dquot type 0 [ 183.401126][T13114] device hsr_slave_0 entered promiscuous mode [ 183.499551][T13274] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4166'. [ 183.516886][T13275] netlink: 'syz.0.4168': attribute type 11 has an invalid length. [ 183.520772][T13114] device hsr_slave_1 entered promiscuous mode [ 183.537355][T13114] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 183.539728][T13114] Cannot create hsr debugfs directory [ 183.547437][T13275] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4168'. [ 184.071342][T13313] xt_limit: Overflow, try lower: 262144/524288 [ 184.160378][T13114] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 184.358568][T13114] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 184.409524][T13114] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 184.471270][T13114] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 184.575503][T13353] netlink: 'syz.2.4198': attribute type 4 has an invalid length. [ 184.667210][ T5965] Bluetooth: hci2: command 0x041b tx timeout [ 184.787046][T13368] netlink: 'syz.0.4203': attribute type 3 has an invalid length. [ 184.853035][T13114] 8021q: adding VLAN 0 to HW filter on device bond0 [ 184.894693][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 184.897938][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 184.911511][T13114] 8021q: adding VLAN 0 to HW filter on device team0 [ 185.017675][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 185.020661][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 185.023284][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.025319][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.039555][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 185.055149][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 185.061759][T13384] loop0: detected capacity change from 0 to 2048 [ 185.071671][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.073523][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 185.075869][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 185.092617][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 185.122891][T13384] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 185.191244][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 185.204448][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 185.208984][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 185.211849][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 185.228592][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 185.236967][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 185.254967][T13114] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 185.267240][T13114] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 185.285108][T13327] loop1: detected capacity change from 0 to 32768 [ 185.297842][T13394] netlink: 'syz.4.4212': attribute type 6 has an invalid length. [ 185.299993][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 185.303229][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 185.306238][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 185.326816][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 185.330847][T13327] XFS: noikeep mount option is deprecated. [ 185.433824][T13327] XFS (loop1): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent. [ 185.443456][T13408] loop2: detected capacity change from 0 to 16 [ 185.446560][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 185.475338][T13408] erofs: (device loop2): mounted with root inode @ nid 36. [ 185.509623][T13408] erofs: (device loop2): erofs_read_inode: bogus i_mode (0) @ nid 281474976710655 [ 185.532344][T13327] XFS (loop1): Quotacheck needed: Please wait. [ 185.562469][ T5013] XFS (loop1): Metadata corruption detected at xfs_dinode_verify+0x248/0xb50, inode 0x1803 dinode [ 185.565580][ T5013] XFS (loop1): Unmount and run xfs_repair [ 185.567026][ T5013] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 185.627161][ T5013] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00 INA............. [ 185.629567][ T5013] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 185.647939][ T5013] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d 4.Xh....4.Xh...= [ 185.650288][ T5013] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20 4.Xh...=....... [ 185.652531][ T5013] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 185.679248][ T5013] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1 ..............=. [ 185.682053][ T5013] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04 ....n..-........ [ 185.684869][ T5013] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 08 ................ [ 185.730038][T13327] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 185.748857][T13426] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4221'. [ 185.776219][ T431] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 185.779945][ T431] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 185.800246][T13114] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 185.818941][T13327] XFS (loop1): ro->rw transition prohibited on norecovery mount [ 185.861533][ T4023] XFS (loop1): Unmounting Filesystem [ 185.892489][T13439] loop2: detected capacity change from 0 to 512 [ 185.931003][T13435] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.932933][T13435] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.953446][T13440] loop0: detected capacity change from 0 to 1024 [ 186.012257][T13439] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,errors=continue,quota,,errors=continue. Quota mode: writeback. [ 186.066921][T13440] Quota error (device loop0): find_tree_dqentry: Getting block too big (64 >= 6) [ 186.073486][T13440] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 186.076122][T13440] EXT4-fs error (device loop0): ext4_acquire_dquot:6207: comm syz.0.4226: Failed to acquire dquot type 0 [ 186.101736][T13440] EXT4-fs error (device loop0): mb_free_blocks:1865: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 186.106061][T13440] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #13: comm syz.0.4226: corrupted inode contents [ 186.117643][T13440] EXT4-fs error (device loop0): ext4_dirty_inode:6040: inode #13: comm syz.0.4226: mark_inode_dirty error [ 186.137676][T13440] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #13: comm syz.0.4226: corrupted inode contents [ 186.151976][ T378] device hsr_slave_0 left promiscuous mode [ 186.178937][T13440] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #13: comm syz.0.4226: mark_inode_dirty error [ 186.232624][T13440] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #13: comm syz.0.4226: corrupted inode contents [ 186.268273][T13440] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 186.288101][T13440] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #13: comm syz.0.4226: corrupted inode contents [ 186.337659][T13440] EXT4-fs error (device loop0): ext4_truncate:4273: inode #13: comm syz.0.4226: mark_inode_dirty error [ 186.344493][ T378] device hsr_slave_1 left promiscuous mode [ 186.364118][T13440] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 186.371321][T13440] EXT4-fs (loop0): 1 truncate cleaned up [ 186.372838][T13440] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 186.403454][T13440] Quota error (device loop0): find_tree_dqentry: Getting block too big (64 >= 6) [ 186.406207][T13440] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 186.409516][T13440] EXT4-fs error (device loop0): ext4_acquire_dquot:6207: comm syz.0.4226: Failed to acquire dquot type 0 [ 186.435097][ T378] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 186.437746][ T378] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 186.441083][ T378] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 186.444478][ T378] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 186.454112][ T378] device bridge_slave_1 left promiscuous mode [ 186.457269][ T378] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.522454][ T378] device bridge_slave_0 left promiscuous mode [ 186.524421][ T378] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.642616][ T378] device veth1_macvtap left promiscuous mode [ 186.644690][ T378] device veth0_macvtap left promiscuous mode [ 186.646479][ T378] device veth1_vlan left promiscuous mode [ 186.706937][T13475] loop0: detected capacity change from 0 to 512 [ 186.721276][T13475] EXT2-fs (loop0): warning: mounting ext3 filesystem as ext2 [ 186.747577][ T7379] Bluetooth: hci2: command 0x040f tx timeout [ 187.372005][ T378] team0 (unregistering): Port device team_slave_1 removed [ 187.410354][ T378] team0 (unregistering): Port device team_slave_0 removed [ 187.839871][T13491] sctp: [Deprecated]: syz.2.4241 (pid 13491) Use of int in max_burst socket option. [ 187.839871][T13491] Use struct sctp_assoc_value instead [ 188.077731][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 188.080642][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 188.145747][T13503] loop2: detected capacity change from 0 to 4096 [ 188.153497][T13114] device veth0_vlan entered promiscuous mode [ 188.185212][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 188.198756][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 188.216822][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 188.223372][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 188.251604][T13114] device veth1_vlan entered promiscuous mode [ 188.267731][T13503] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 188.284379][T13526] loop0: detected capacity change from 0 to 512 [ 188.323033][T13526] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 188.346851][T13526] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0102] [ 188.349654][T13526] System zones: 1-12 [ 188.351351][T13526] EXT4-fs (loop0): orphan cleanup on readonly fs [ 188.358597][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 188.361318][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 188.363992][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 188.374146][T13526] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.4254: invalid indirect mapped block 12 (level 1) [ 188.407755][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 188.420710][T13114] device veth0_macvtap entered promiscuous mode [ 188.442333][T13114] device veth1_macvtap entered promiscuous mode [ 188.482471][T13526] EXT4-fs (loop0): Remounting filesystem read-only [ 188.484256][T13526] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.4254: invalid indirect mapped block 2 (level 2) [ 188.499795][T13533] netlink: 'syz.4.4257': attribute type 2 has an invalid length. [ 188.501773][T13533] netlink: 244 bytes leftover after parsing attributes in process `syz.4.4257'. [ 188.513304][T13526] EXT4-fs (loop0): Remounting filesystem read-only [ 188.515297][T13526] EXT4-fs (loop0): 1 truncate cleaned up [ 188.516782][T13526] EXT4-fs (loop0): mounted filesystem without journal. Opts: noinit_itable,jqfmt=vfsv1,noload,errors=remount-ro,abort. Quota mode: none. [ 188.557567][T13114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.560418][T13114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.588891][T13114] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.590953][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 188.593562][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 188.596305][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 188.615708][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 188.622091][T13114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.624864][T13114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.660204][T13114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.663235][T13114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.666082][T13114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.697159][T13114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.699723][T13114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.702624][T13114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.730417][T13114] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.733375][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 188.736172][ T5013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 188.751841][T13114] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.754201][T13114] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.756464][T13114] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.780361][T13114] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.827408][ T7380] Bluetooth: hci2: command 0x0419 tx timeout [ 189.000316][T13570] loop2: detected capacity change from 0 to 256 [ 189.048325][ T431] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.050682][ T431] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.056476][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 189.070202][T13570] exfat: Deprecated parameter 'utf8' [ 189.071638][T13570] exfat: Deprecated parameter 'namecase' [ 189.073166][T13570] exfat: Deprecated parameter 'utf8' [ 189.105387][ T5013] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.108224][ T5013] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.115222][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 189.158362][T13570] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d) [ 189.194267][T13570] exFAT-fs (loop2): error, tried to truncate zeroed cluster. [ 189.436933][T13602] deleting an unspecified loop device is not supported. [ 189.477799][T13597] loop1: detected capacity change from 0 to 2048 [ 189.539950][T13597] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 189.545855][T13597] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 189.805432][T13625] loop2: detected capacity change from 0 to 128 [ 189.846427][T13625] befs: (loop2): No write support. Marking filesystem read-only [ 189.879229][T13625] befs: (loop2): invalid magic header [ 190.044160][T13644] loop5: detected capacity change from 0 to 1764 [ 190.100918][T13652] loop1: detected capacity change from 0 to 512 [ 190.222013][T13652] EXT4-fs (loop1): orphan cleanup on readonly fs [ 190.228791][T13652] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4301: bg 0: block 248: padding at end of block bitmap is not set [ 190.277265][T13652] Quota error (device loop1): write_blk: dquota write failed [ 190.279426][T13652] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 190.312744][T13652] EXT4-fs error (device loop1): ext4_acquire_dquot:6207: comm syz.1.4301: Failed to acquire dquot type 1 [ 190.379142][T13652] EXT4-fs (loop1): 1 truncate cleaned up [ 190.387590][T13652] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 190.607029][T13673] loop5: detected capacity change from 0 to 512 [ 190.640371][T13677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4308'. [ 190.716955][T13640] loop0: detected capacity change from 0 to 32768 [ 190.755746][T13673] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 190.779270][T13640] (syz.0.4296,13640,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 190.781855][T13640] (syz.0.4296,13640,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 190.837668][T13686] loop2: detected capacity change from 0 to 1024 [ 190.848044][T13673] fs-verity (loop5, inode 15): Unrecognized descriptor size: 0 bytes [ 191.025558][T13686] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a000c018, mo2=0002] [ 191.027933][T13686] System zones: 0-1, 3-12 [ 191.029865][T13686] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,bsddf,barrier=0x0000000000000000,debug,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,min_batch_time=0x0000000000000007,,errors=continue. Quota mode: none. [ 191.176804][T13668] loop4: detected capacity change from 0 to 32768 [ 191.239890][T13668] XFS: noikeep mount option is deprecated. [ 191.379549][T13668] XFS (loop4): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent. [ 191.442855][T13668] XFS (loop4): Quotacheck needed: Please wait. [ 191.478600][ T148] XFS (loop4): Metadata corruption detected at xfs_dinode_verify+0x248/0xb50, inode 0x1803 dinode [ 191.512880][ T148] XFS (loop4): Unmount and run xfs_repair [ 191.514415][ T148] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 191.558637][ T148] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00 INA............. [ 191.561132][ T148] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 191.563406][ T148] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d 4.Xh....4.Xh...= [ 191.571211][T13729] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4323'. [ 191.573592][T13729] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4323'. [ 191.611386][ T148] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20 4.Xh...=....... [ 191.613821][ T148] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 191.616308][ T148] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1 ..............=. [ 191.662065][ T148] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04 ....n..-........ [ 191.664518][ T148] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 08 ................ [ 191.703685][T13668] XFS (loop4): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 191.739600][T13737] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4327'. [ 191.743770][T13668] XFS (loop4): ro->rw transition prohibited on norecovery mount [ 191.795063][ T4033] XFS (loop4): Unmounting Filesystem [ 191.805311][T13742] netlink: 892 bytes leftover after parsing attributes in process `syz.1.4329'. [ 192.136583][T13765] loop0: detected capacity change from 0 to 1024 [ 192.167786][T13770] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 192.215857][ T9] hfsplus: b-tree write err: -5, ino 4 [ 192.276862][T13778] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4345'. [ 192.510784][ T2054] ieee802154 phy0 wpan0: encryption failed: -22 [ 192.512502][ T2054] ieee802154 phy1 wpan1: encryption failed: -22 [ 192.553500][T13797] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4351'. [ 192.640494][T13803] loop2: detected capacity change from 0 to 256 [ 192.686641][T13808] netlink: 'syz.4.4355': attribute type 12 has an invalid length. [ 192.687847][T13803] exfat: Deprecated parameter 'namecase' [ 192.696176][T13808] netlink: 'syz.4.4355': attribute type 12 has an invalid length. [ 192.710597][T13808] netlink: 'syz.4.4355': attribute type 12 has an invalid length. [ 192.753173][T13803] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 192.795466][T13812] libceph: resolve '4..' (ret=-3): failed [ 192.871991][T13818] IPv6: NLM_F_REPLACE set, but no existing node found! [ 192.899588][T13820] overlayfs: overlapping lowerdir path [ 193.073079][T13833] loop2: detected capacity change from 0 to 256 [ 193.118185][T13833] exfat: Deprecated parameter 'namecase' [ 193.119852][T13833] exfat: Deprecated parameter 'namecase' [ 193.151763][T13833] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 193.207694][T13833] exFAT-fs (loop2): invalid start cluster (4278190088) [ 193.334416][T13845] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4373'. [ 193.336846][T13845] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4373'. [ 193.488044][T13796] loop1: detected capacity change from 0 to 32768 [ 193.644213][T13854] loop2: detected capacity change from 0 to 4096 [ 193.738597][T13854] ntfs: volume version 3.1. [ 193.755071][T13854] ntfs: (device loop2): ntfs_is_extended_system_file(): Unindexed file name. You should run chkdsk. [ 193.757994][T13854] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 193.760288][T13854] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x18 as bad. Run chkdsk. [ 193.783584][T13867] delete_channel: no stack [ 193.795222][T13854] ntfs: (device loop2): load_and_init_quota(): Failed to load $Quota. [ 193.804830][T13854] ntfs: (device loop2): load_system_files(): Failed to load $Quota. Mounting read-only. Run chkdsk. [ 194.004533][T13835] loop5: detected capacity change from 0 to 32768 [ 194.032205][T13882] loop1: detected capacity change from 0 to 512 [ 194.068234][T13835] JBD2: Ignoring recovery information on journal [ 194.132304][T13882] EXT2-fs (loop1): warning: mounting ext3 filesystem as ext2 [ 194.195251][T13882] EXT2-fs (loop1): error: ext2_free_branches: Read failure, inode=16, block=1564416 [ 194.213961][T13835] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 194.331403][T13835] OCFS2: ERROR (device loop5): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #1792 has bad signature [ 194.381075][T13835] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 194.406797][T13835] OCFS2: File system is now read-only. [ 194.413757][T13835] (syz.5.4367,13835,0):ocfs2_search_chain:1785 ERROR: status = -30 [ 194.416325][T13835] (syz.5.4367,13835,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 194.426341][T13835] (syz.5.4367,13835,0):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 194.468287][T13835] (syz.5.4367,13835,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 194.470490][T13835] (syz.5.4367,13835,0):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 194.472590][T13835] (syz.5.4367,13835,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 194.474669][T13835] (syz.5.4367,13835,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 194.476670][T13835] (syz.5.4367,13835,0):ocfs2_mknod:385 ERROR: status = -30 [ 194.483394][T13908] loop1: detected capacity change from 0 to 256 [ 194.506821][T13835] (syz.5.4367,13835,0):ocfs2_mknod:502 ERROR: status = -30 [ 194.518890][T13835] (syz.5.4367,13835,0):ocfs2_create:676 ERROR: status = -30 [ 194.525971][T13908] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 194.546977][T13114] ocfs2: Unmounting device (7,5) on (node local) [ 194.603031][T13912] No such timeout policy "syz1" [ 194.675062][T13917] loop0: detected capacity change from 0 to 1764 [ 194.854510][T13923] loop2: detected capacity change from 0 to 4096 [ 195.021550][T13943] 9pnet: Unknown protocol version 9 [ 195.191218][T13958] loop1: detected capacity change from 0 to 1024 [ 195.264240][T13963] loop0: detected capacity change from 0 to 2048 [ 195.304410][T13963] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 195.332700][ T148] hfsplus: b-tree write err: -5, ino 4 [ 195.443738][T13979] netlink: 14 bytes leftover after parsing attributes in process `syz.4.4432'. [ 195.453964][T13978] loop5: detected capacity change from 0 to 16 [ 195.480808][T13978] erofs: (device loop5): mounted with root inode @ nid 36. [ 195.740062][T14006] loop0: detected capacity change from 0 to 128 [ 195.803536][T14006] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 195.892620][T14019] netlink: 'syz.4.4449': attribute type 21 has an invalid length. [ 195.922638][T14020] loop5: detected capacity change from 0 to 512 [ 195.934716][ T4027] sysv_free_block: flc_count > flc_size [ 195.936547][ T4027] sysv_free_block: flc_count > flc_size [ 195.962291][T14010] loop2: detected capacity change from 0 to 4096 [ 195.964439][ T4027] sysv_free_block: flc_count > flc_size [ 195.965872][ T4027] sysv_free_block: flc_count > flc_size [ 195.981557][ T4027] sysv_free_block: flc_count > flc_size [ 195.983033][ T4027] sysv_free_block: flc_count > flc_size [ 196.012384][ T4027] sysv_free_block: flc_count > flc_size [ 196.013966][ T4027] sysv_free_block: flc_count > flc_size [ 196.015357][ T4027] sysv_free_block: flc_count > flc_size [ 196.032345][ T4027] sysv_free_block: flc_count > flc_size [ 196.034547][ T4027] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 196.040221][T14020] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.4448: bad orphan inode 15 [ 196.046131][T14020] ext4_test_bit(bit=14, block=18) = 1 [ 196.050735][T14020] is_bad_inode(inode)=0 [ 196.051927][T14020] NEXT_ORPHAN(inode)=1023 [ 196.053049][T14020] max_ino=32 [ 196.053977][T14020] i_nlink=0 [ 196.100130][T14035] loop4: detected capacity change from 0 to 64 [ 196.105649][T14020] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2941: inode #15: comm syz.5.4448: corrupted xattr block 19 [ 196.112594][T14020] EXT4-fs warning (device loop5): ext4_evict_inode:302: xattr delete (err -117) [ 196.115069][T14020] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 196.199468][T14040] netlink: 'syz.1.4455': attribute type 1 has an invalid length. [ 196.214649][T14020] EXT4-fs error (device loop5): ext4_empty_dir:3139: inode #12: comm syz.5.4448: Directory hole found for htree leaf block 0 [ 196.219772][T14010] ntfs3: loop2: ino=5, "/" directory corrupted [ 196.221780][T14010] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 196.314340][T14046] xt_CT: You must specify a L4 protocol and not use inversions on it [ 196.568294][T14068] __nla_validate_parse: 1 callbacks suppressed [ 196.568308][T14068] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4468'. [ 196.736197][T14082] netlink: 'syz.0.4475': attribute type 21 has an invalid length. [ 196.743864][T14082] netlink: 'syz.0.4475': attribute type 2 has an invalid length. [ 196.745924][T14082] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4475'. [ 196.986513][T14102] loop4: detected capacity change from 0 to 256 [ 197.004290][T14107] loop5: detected capacity change from 0 to 1024 [ 197.019596][T14106] loop2: detected capacity change from 0 to 1024 [ 197.025108][T14102] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d) [ 197.144371][T14107] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 197.158704][T14116] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4490'. [ 197.161499][T14116] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4490'. [ 197.165214][ T153] hfsplus: b-tree write err: -5, ino 4 [ 197.192616][T14116] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4490'. [ 197.274030][T14121] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4494'. [ 197.421091][T14127] loop0: detected capacity change from 0 to 4096 [ 197.453195][T14135] loop5: detected capacity change from 0 to 512 [ 197.492329][T14127] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 197.532051][T14135] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 197.535193][T14143] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4502'. [ 197.548321][T14143] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4502'. [ 197.550689][T14143] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4502'. [ 197.645305][T14145] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4503'. [ 197.730944][T14153] loop1: detected capacity change from 0 to 256 [ 197.744389][T14151] loop4: detected capacity change from 0 to 2048 [ 197.752820][T14127] ntfs3: loop0: failed to convert "c46c" to maccenteuro [ 197.851265][T14151] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable=0x0000000000000001,errors=remount-ro,resgid=0x0000000000000000,barrier,bsdgroups,inode_readahead_blks=0x0000000000002000,. Quota mode: none. [ 197.934089][T14153] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 197.968903][T14151] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.4505: bg 0: block 345: padding at end of block bitmap is not set [ 197.992126][T14161] loop0: detected capacity change from 0 to 256 [ 198.058841][T14151] EXT4-fs (loop4): Remounting filesystem read-only [ 198.061507][T14151] EXT4-fs error (device loop4): ext4_xattr_block_set:2206: inode #12: comm syz.4.4505: bad block 0 [ 198.097436][T14151] EXT4-fs (loop4): Remounting filesystem read-only [ 198.128506][T14164] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 198.233330][T14168] loop5: detected capacity change from 0 to 256 [ 198.233383][T14129] loop2: detected capacity change from 0 to 32768 [ 198.305277][T14168] exfat: Deprecated parameter 'namecase' [ 198.326965][T14168] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 198.590330][T14192] netlink: 'syz.4.4526': attribute type 21 has an invalid length. [ 198.825149][T14209] loop2: detected capacity change from 0 to 512 [ 198.836998][T14211] loop4: detected capacity change from 0 to 256 [ 198.947919][T14211] FAT-fs (loop4): Directory bread(block 64) failed [ 198.955769][T14209] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 198.977808][T14211] FAT-fs (loop4): Directory bread(block 65) failed [ 198.979698][T14211] FAT-fs (loop4): Directory bread(block 66) failed [ 199.011281][T14211] FAT-fs (loop4): Directory bread(block 67) failed [ 199.027218][T14211] FAT-fs (loop4): Directory bread(block 68) failed [ 199.028967][T14211] FAT-fs (loop4): Directory bread(block 69) failed [ 199.030715][T14211] FAT-fs (loop4): Directory bread(block 70) failed [ 199.032409][T14211] FAT-fs (loop4): Directory bread(block 71) failed [ 199.034240][T14211] FAT-fs (loop4): Directory bread(block 72) failed [ 199.035948][T14211] FAT-fs (loop4): Directory bread(block 73) failed [ 199.191063][T14234] loop1: detected capacity change from 0 to 256 [ 199.279995][T14234] FAT-fs (loop1): Directory bread(block 64) failed [ 199.281796][T14234] FAT-fs (loop1): Directory bread(block 65) failed [ 199.283618][T14234] FAT-fs (loop1): Directory bread(block 66) failed [ 199.285344][T14234] FAT-fs (loop1): Directory bread(block 67) failed [ 199.295828][T14234] FAT-fs (loop1): Directory bread(block 68) failed [ 199.298477][T14234] FAT-fs (loop1): Directory bread(block 69) failed [ 199.300291][T14234] FAT-fs (loop1): Directory bread(block 70) failed [ 199.302052][T14234] FAT-fs (loop1): Directory bread(block 71) failed [ 199.332584][T14234] FAT-fs (loop1): Directory bread(block 72) failed [ 199.334704][T14234] FAT-fs (loop1): Directory bread(block 73) failed [ 199.505595][T14254] loop5: detected capacity change from 0 to 1024 [ 199.509337][T14253] ieee802154 phy0 wpan0: encryption failed: -90 [ 199.562004][T14254] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 199.565093][T14254] EXT4-fs (loop5): orphan cleanup on readonly fs [ 199.577522][T14254] Quota error (device loop5): v2_read_file_info: Can't read info structure [ 199.580233][T14254] EXT4-fs warning (device loop5): ext4_enable_quotas:6459: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 199.639936][T14254] EXT4-fs (loop5): Cannot turn on quotas: error -5 [ 199.723127][T14254] EXT4-fs (loop5): 1 truncate cleaned up [ 199.724675][T14254] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 199.811669][T14254] EXT4-fs error (device loop5): ext4_search_dir:1549: inode #2: block 16: comm syz.5.4551: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 200.245890][T14279] loop1: detected capacity change from 0 to 4096 [ 200.346142][T14279] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 200.353961][T14279] ntfs3: loop1: Failed to load $MFT. [ 200.657757][T14259] loop4: detected capacity change from 0 to 32768 [ 200.739552][T14311] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 200.856456][T14276] loop5: detected capacity change from 0 to 32768 [ 200.992871][T14276] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode. [ 201.185115][T13114] ocfs2: Unmounting device (7,5) on (node local) [ 201.317269][T14347] device netdevsim0 left promiscuous mode [ 201.318945][T14347] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 201.370960][T14352] loop1: detected capacity change from 0 to 128 [ 201.441993][T14356] tmpfs: Bad value for 'mpol' [ 201.863071][T14384] loop0: detected capacity change from 0 to 4096 [ 201.882503][T14384] ntfs3: loop0: ino=3, Correct links count -> 2. [ 201.884376][T14384] ntfs3: loop0: Failed to load $Volume. [ 202.119856][T14398] loop4: detected capacity change from 0 to 4096 [ 202.162203][T14398] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 202.226958][T14408] ieee802154 phy0 wpan0: encryption failed: -22 [ 202.307345][T14412] __nla_validate_parse: 2 callbacks suppressed [ 202.307357][T14412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4629'. [ 202.374077][T14414] loop0: detected capacity change from 0 to 8 [ 202.471930][T14414] SQUASHFS error: Unable to read inode 0xe3 [ 202.637463][ T26] audit: type=1400 audit(233.068:13): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name=":+:&" pid=14427 comm="syz.2.4638" [ 202.800764][T14402] loop1: detected capacity change from 0 to 32768 [ 202.842798][T14443] loop4: detected capacity change from 0 to 512 [ 202.880477][T14443] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 202.883032][T14443] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 202.925933][T14402] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 202.928665][T14402] BTRFS info (device loop1): force zlib compression, level 3 [ 202.930628][T14402] BTRFS info (device loop1): force clearing of disk cache [ 202.930919][T14445] loop2: detected capacity change from 0 to 512 [ 202.932497][T14402] BTRFS info (device loop1): setting nodatasum [ 202.932518][T14402] BTRFS info (device loop1): use zlib compression, level 3 [ 202.932538][T14402] BTRFS info (device loop1): allowing degraded mounts [ 202.958508][T14402] BTRFS info (device loop1): enabling disk space caching [ 202.960498][T14402] BTRFS info (device loop1): disk space caching is enabled [ 202.988908][T14402] BTRFS info (device loop1): has skinny extents [ 202.999080][T14445] EXT4-fs error (device loop2): ext4_orphan_get:1427: comm syz.2.4644: bad orphan inode 13 [ 203.003149][T14443] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters [ 203.025465][T14445] ext4_test_bit(bit=12, block=4) = 1 [ 203.026947][T14445] is_bad_inode(inode)=0 [ 203.051947][T14445] NEXT_ORPHAN(inode)=0 [ 203.053143][T14445] max_ino=32 [ 203.053951][T14445] i_nlink=1 [ 203.054861][T14445] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 203.096102][T14443] EXT4-fs (loop4): Remounting filesystem read-only [ 203.098791][T14443] Quota error (device loop4): write_blk: dquota write failed [ 203.100750][T14443] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 203.103257][T14443] EXT4-fs error (device loop4): ext4_acquire_dquot:6207: comm syz.4.4643: Failed to acquire dquot type 0 [ 203.113723][T14428] loop5: detected capacity change from 0 to 32768 [ 203.120381][T14445] EXT4-fs warning (device loop2): dx_probe:833: inode #2: comm syz.2.4644: Unrecognised inode hash code 20 [ 203.123381][T14445] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.4644: Corrupt directory, running e2fsck is recommended [ 203.127958][T14445] EXT4-fs warning (device loop2): dx_probe:833: inode #2: comm syz.2.4644: Unrecognised inode hash code 20 [ 203.129993][T14443] EXT4-fs (loop4): Remounting filesystem read-only [ 203.131048][T14445] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.4644: Corrupt directory, running e2fsck is recommended [ 203.132782][T14443] Quota error (device loop4): write_blk: dquota write failed [ 203.161252][T14443] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 203.164143][T14443] EXT4-fs error (device loop4): ext4_acquire_dquot:6207: comm syz.4.4643: Failed to acquire dquot type 0 [ 203.181402][T14443] EXT4-fs (loop4): Remounting filesystem read-only [ 203.183640][T14443] Quota error (device loop4): write_blk: dquota write failed [ 203.185950][T14443] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 203.191402][T14443] EXT4-fs error (device loop4): ext4_acquire_dquot:6207: comm syz.4.4643: Failed to acquire dquot type 0 [ 203.206035][T14428] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 203.211112][T14443] EXT4-fs (loop4): Remounting filesystem read-only [ 203.230263][T14443] EXT4-fs (loop4): 1 orphan inode deleted [ 203.231852][T14443] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,resgid=0x000000000000ee002. Quota mode: writeback. [ 203.237823][T14428] OCFS2: ERROR (device loop5): int ocfs2_reserve_suballoc_bits(struct ocfs2_super *, struct ocfs2_alloc_context *, int, u32, u64 *, int): Invalid chain allocator 74 [ 203.243055][T14428] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 203.256784][T14428] OCFS2: Returning error to the calling process. [ 203.266032][T14428] (syz.5.4637,14428,0):ocfs2_reserve_suballoc_bits:850 ERROR: status = -5 [ 203.268704][T14428] (syz.5.4637,14428,0):ocfs2_reserve_new_inode:1091 ERROR: status = -5 [ 203.271455][T14428] (syz.5.4637,14428,0):ocfs2_reserve_new_inode:1114 ERROR: status = -5 [ 203.274307][T14428] (syz.5.4637,14428,0):ocfs2_mknod:306 ERROR: status = -5 [ 203.276734][T14428] (syz.5.4637,14428,0):ocfs2_mknod:502 ERROR: status = -5 [ 203.293225][T14428] (syz.5.4637,14428,0):ocfs2_create:676 ERROR: status = -5 [ 203.378830][T13114] ocfs2: Unmounting device (7,5) on (node local) [ 203.456931][T14402] BTRFS info (device loop1): enabling ssd optimizations [ 203.478075][T14402] BTRFS info (device loop1): clearing free space tree [ 203.480151][T14402] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 203.482720][T14402] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 203.977209][ T4280] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop1 scanned by udevd (4280) [ 204.119384][T14542] device netdevsim0 left promiscuous mode [ 204.121152][T14542] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 204.238303][T14553] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 204.436139][T14565] loop5: detected capacity change from 0 to 512 [ 204.511406][T14565] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option [ 204.513536][T14565] EXT4-fs (loop5): Ignoring removed mblk_io_submit option [ 204.539299][T14565] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 204.562365][T14565] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 204.581634][T14565] EXT4-fs (loop5): 1 truncate cleaned up [ 204.593355][T14565] EXT4-fs (loop5): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 204.682764][T14565] EXT4-fs error (device loop5): ext4_map_blocks:629: inode #2: block 4: comm syz.5.4685: lblock 0 mapped to illegal pblock 4 (length 1) [ 204.770121][T14565] EXT4-fs (loop5): Remounting filesystem read-only [ 204.910542][T14595] SET target dimension over the limit! [ 205.071006][T14601] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 205.112138][T14601] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 205.179984][T14554] loop4: detected capacity change from 0 to 32768 [ 205.319996][T14616] device bond0 entered promiscuous mode [ 205.321777][T14616] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.465245][T14631] netlink: 'syz.4.4712': attribute type 20 has an invalid length. [ 205.716994][T14654] loop5: detected capacity change from 0 to 256 [ 205.725812][ T149] block nbd4: Attempted send on invalid socket [ 205.727706][ T149] blk_update_request: I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 205.760806][T14659] loop0: detected capacity change from 0 to 16 [ 205.805337][T14659] erofs: (device loop0): mounted with root inode @ nid 36. [ 205.865659][T14654] FAT-fs (loop5): Directory bread(block 64) failed [ 205.874113][T14654] FAT-fs (loop5): Directory bread(block 65) failed [ 205.880094][T14654] FAT-fs (loop5): Directory bread(block 66) failed [ 205.881853][T14654] FAT-fs (loop5): Directory bread(block 67) failed [ 205.883598][T14654] FAT-fs (loop5): Directory bread(block 68) failed [ 205.920065][T14654] FAT-fs (loop5): Directory bread(block 69) failed [ 205.921872][T14654] FAT-fs (loop5): Directory bread(block 70) failed [ 205.923584][T14654] FAT-fs (loop5): Directory bread(block 71) failed [ 205.925320][T14654] FAT-fs (loop5): Directory bread(block 72) failed [ 205.942760][T14654] FAT-fs (loop5): Directory bread(block 73) failed [ 206.291906][T14694] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4733'. [ 206.306492][T14684] loop2: detected capacity change from 0 to 4096 [ 206.404021][T14700] loop5: detected capacity change from 0 to 256 [ 206.487238][T14707] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 206.493486][T14708] Option ' ' to dns_resolver key: bad/missing value [ 206.593202][T14713] loop0: detected capacity change from 0 to 256 [ 206.618711][ T4031] ntfs3: loop2: ntfs_sync_fs r=9 failed, -22. [ 206.638858][T14718] loop4: detected capacity change from 0 to 512 [ 206.644518][ T4031] ntfs3: loop2: ntfs_evict_inode r=9 failed, -22. [ 206.652795][ T4031] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 206.791804][T14718] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 207.279999][T14768] loop1: detected capacity change from 0 to 64 [ 207.309299][T14769] netlink: 'syz.5.4764': attribute type 1 has an invalid length. [ 207.311353][T14769] netlink: 244 bytes leftover after parsing attributes in process `syz.5.4764'. [ 207.547884][ T6256] Bluetooth: hci2: command 0x0407 tx timeout [ 207.556232][T14786] loop1: detected capacity change from 0 to 64 [ 207.572882][T14794] loop2: detected capacity change from 0 to 16 [ 207.595102][T14794] erofs: (device loop2): mounted with root inode @ nid 36. [ 207.605273][T14797] loop4: detected capacity change from 0 to 256 [ 207.614103][T14796] netlink: 'syz.0.4773': attribute type 20 has an invalid length. [ 208.106156][T14831] usb usb1: check_ctrlrecip: process 14831 (syz.0.4788) requesting ep 01 but needs 81 [ 208.112347][T14833] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4790'. [ 208.124523][T14831] usb usb1: usbfs: process 14831 (syz.0.4788) did not claim interface 0 before use [ 208.202539][T14842] loop0: detected capacity change from 0 to 64 [ 208.255370][T14844] xt_l2tp: missing protocol rule (udp|l2tpip) [ 208.312610][T14842] Trying to free block not in datazone [ 208.314122][T14842] Trying to free block not in datazone [ 208.315577][T14842] Trying to free block not in datazone [ 208.316983][T14842] Trying to free block not in datazone [ 208.353095][T14842] Trying to free block not in datazone [ 208.354607][T14842] Trying to free block not in datazone [ 208.356019][T14842] minix_free_block (loop0:6): bit already cleared [ 208.363283][T14842] Trying to free block not in datazone [ 208.648980][T14855] loop1: detected capacity change from 0 to 4096 [ 208.674344][T14810] loop4: detected capacity change from 0 to 32768 [ 209.042581][T14892] vhci_hcd: default hub control req: ff03 v0010 i0005 l5 [ 209.047443][T14891] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4812'. [ 209.341462][T14913] binder: 14912:14913 Acquire 1 refcount change on invalid ref 0 ret -22 [ 209.343992][T14913] binder: 14912:14913 got transaction to invalid handle, 1 [ 209.370980][T14913] binder: 14912:14913 transaction failed 29201/-22, size 0-0 line 2917 [ 209.384100][ T6256] binder: undelivered TRANSACTION_ERROR: 29201 [ 209.795614][T14953] loop4: detected capacity change from 0 to 256 [ 209.895588][T14953] FAT-fs (loop4): Directory bread(block 64) failed [ 209.897778][T14953] FAT-fs (loop4): Directory bread(block 65) failed [ 209.899548][T14953] FAT-fs (loop4): Directory bread(block 66) failed [ 209.915296][T14953] FAT-fs (loop4): Directory bread(block 67) failed [ 209.917614][T14953] FAT-fs (loop4): Directory bread(block 68) failed [ 209.919341][T14953] FAT-fs (loop4): Directory bread(block 69) failed [ 209.921176][T14953] FAT-fs (loop4): Directory bread(block 70) failed [ 209.922962][T14953] FAT-fs (loop4): Directory bread(block 71) failed [ 209.924738][T14953] FAT-fs (loop4): Directory bread(block 72) failed [ 209.938402][T14953] FAT-fs (loop4): Directory bread(block 73) failed [ 210.020084][T14970] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4841'. [ 210.133773][T14977] loop5: detected capacity change from 0 to 128 [ 210.154911][T14981] loop2: detected capacity change from 0 to 16 [ 210.197648][T14983] overlayfs: conflicting options: userxattr,redirect_dir=on [ 210.230610][T14987] netlink: 'syz.1.4848': attribute type 32 has an invalid length. [ 210.260762][T14981] erofs: (device loop2): mounted with root inode @ nid 36. [ 210.280869][T14981] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 210.309722][T14981] erofs: (device loop2): z_erofs_lz4_decompress: failed to decompress -4 in[49, 4047] out[1851] [ 210.341451][T14981] erofs: (device loop2): z_erofs_readpage: failed to read, err [-117] [ 210.569703][T15013] xt_time: unknown flags 0x18 [ 210.639410][T15022] netlink: 'syz.1.4861': attribute type 2 has an invalid length. [ 210.736474][T15030] loop0: detected capacity change from 0 to 512 [ 210.778969][T15035] raw_sendmsg: syz.1.4868 forgot to set AF_INET. Fix it! [ 210.871539][T15044] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4873'. [ 210.945416][T15030] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,nobarrier,noload,,errors=continue. Quota mode: writeback. [ 211.045048][T15065] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4877'. [ 211.057329][T15030] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.4866: bg 0: block 145: padding at end of block bitmap is not set [ 211.260103][T15080] netlink: 'syz.0.4886': attribute type 10 has an invalid length. [ 211.288468][T15081] netlink: 'syz.2.4887': attribute type 1 has an invalid length. [ 211.290555][T15081] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4887'. [ 211.310244][T15080] device hsr_slave_0 left promiscuous mode [ 211.344219][T15080] device hsr_slave_1 left promiscuous mode [ 211.763656][T15120] loop1: detected capacity change from 0 to 256 [ 211.776975][T15121] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4906'. [ 211.791531][T15121] netlink: zone id is out of range [ 211.792974][T15121] netlink: zone id is out of range [ 211.798734][T15121] netlink: zone id is out of range [ 211.800185][T15121] netlink: zone id is out of range [ 211.801665][T15121] netlink: zone id is out of range [ 211.803022][T15121] netlink: zone id is out of range [ 211.804333][T15121] netlink: zone id is out of range [ 211.805680][T15121] netlink: zone id is out of range [ 211.807020][T15121] netlink: zone id is out of range [ 211.823307][T15121] netlink: zone id is out of range [ 211.910019][T15132] loop5: detected capacity change from 0 to 128 [ 212.413540][T15178] loop2: detected capacity change from 0 to 256 [ 212.503780][T15184] device ip6gre1 entered promiscuous mode [ 212.518590][T15178] FAT-fs (loop2): Directory bread(block 64) failed [ 212.520565][T15178] FAT-fs (loop2): Directory bread(block 65) failed [ 212.522368][T15178] FAT-fs (loop2): Directory bread(block 66) failed [ 212.524142][T15178] FAT-fs (loop2): Directory bread(block 67) failed [ 212.559482][T15178] FAT-fs (loop2): Directory bread(block 68) failed [ 212.561357][T15178] FAT-fs (loop2): Directory bread(block 69) failed [ 212.588627][T15178] FAT-fs (loop2): Directory bread(block 70) failed [ 212.590434][T15178] FAT-fs (loop2): Directory bread(block 71) failed [ 212.592247][T15178] FAT-fs (loop2): Directory bread(block 72) failed [ 212.594128][T15178] FAT-fs (loop2): Directory bread(block 73) failed [ 212.610867][T15170] loop1: detected capacity change from 0 to 4096 [ 213.113968][T15226] sctp: [Deprecated]: syz.1.4958 (pid 15226) Use of int in maxseg socket option. [ 213.113968][T15226] Use struct sctp_assoc_value instead [ 213.187928][T15230] futex_wake_op: syz.1.4961 tries to shift op by 32; fix this program [ 213.334971][T15238] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4959'. [ 213.455990][T15248] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4969'. [ 213.803435][T15271] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4980'. [ 213.852653][T15220] loop0: detected capacity change from 0 to 32768 [ 213.889587][T15220] XFS: attr2 mount option is deprecated. [ 213.891251][T15220] XFS: ikeep mount option is deprecated. [ 213.892987][T15220] XFS: noikeep mount option is deprecated. [ 213.955642][T15220] XFS (loop0): Mounting V5 Filesystem [ 214.231049][T15220] XFS (loop0): Ending clean mount [ 214.235358][T15220] XFS (loop0): Quotacheck needed: Please wait. [ 214.249204][T15302] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4992'. [ 214.256628][T15265] loop4: detected capacity change from 0 to 32768 [ 214.338273][T15220] XFS (loop0): Quotacheck: Done. [ 214.460067][ T4027] XFS (loop0): Unmounting Filesystem [ 214.606094][T15329] tipc: Trying to set illegal importance in message [ 214.730343][T15334] loop5: detected capacity change from 0 to 256 [ 214.779701][T15334] exfat: Deprecated parameter 'utf8' [ 214.856896][T15334] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 215.288439][T15331] loop1: detected capacity change from 0 to 32768 [ 215.409613][T15375] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5028'. [ 215.516536][T15386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5033'. [ 215.519314][T15386] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5033'. [ 215.521760][T15386] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5033'. [ 216.009205][T15424] xt_l2tp: v2 tid > 0xffff: 134217728 [ 216.011614][T15417] Cannot find del_set index 286 as target [ 216.298449][T15447] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5062'. [ 216.550158][T15407] loop4: detected capacity change from 0 to 32768 [ 216.871615][T15498] tmpfs: Bad value for 'mpol' [ 216.904152][T15493] device veth0_macvtap left promiscuous mode [ 216.937168][T15493] device macvtap0 entered promiscuous mode [ 216.946550][T15493] net_ratelimit: 14 callbacks suppressed [ 216.946561][T15493] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check. [ 217.017329][T15509] netlink: 19 bytes leftover after parsing attributes in process `syz.1.5094'. [ 217.266203][T15535] netlink: 'syz.0.5107': attribute type 1 has an invalid length. [ 217.349115][T15540] netlink: 'syz.1.5109': attribute type 10 has an invalid length. [ 217.437788][ T227] block nbd2: Attempted send on invalid socket [ 217.439588][ T227] blk_update_request: I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.447589][T15551] EXT2-fs (nbd2): error: unable to read superblock [ 217.552156][T15559] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 217.554314][T15559] IPv6: NLM_F_CREATE should be set when creating new route [ 217.556347][T15559] IPv6: NLM_F_CREATE should be set when creating new route [ 217.605371][T15567] netlink: 'syz.4.5122': attribute type 1 has an invalid length. [ 217.988647][T15591] loop2: detected capacity change from 0 to 4096 [ 218.071995][T15591] EXT4-fs (loop2): Ignoring removed nobh option [ 218.121817][T15591] EXT4-fs (loop2): mounted filesystem without journal. Opts: noinit_itable,nobh,acl,,errors=continue. Quota mode: writeback. [ 218.148865][T15591] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present [ 218.152073][T15591] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 218.154568][T15591] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.5135: Failed to acquire dquot type 1 [ 218.165746][T15615] loop5: detected capacity change from 0 to 256 [ 218.300812][T15615] FAT-fs (loop5): Directory bread(block 64) failed [ 218.302744][T15615] FAT-fs (loop5): Directory bread(block 65) failed [ 218.304632][T15615] FAT-fs (loop5): Directory bread(block 66) failed [ 218.306514][T15615] FAT-fs (loop5): Directory bread(block 67) failed [ 218.333965][T15615] FAT-fs (loop5): Directory bread(block 68) failed [ 218.335784][T15615] FAT-fs (loop5): Directory bread(block 69) failed [ 218.338159][T15615] FAT-fs (loop5): Directory bread(block 70) failed [ 218.340009][T15615] FAT-fs (loop5): Directory bread(block 71) failed [ 218.341815][T15615] FAT-fs (loop5): Directory bread(block 72) failed [ 218.343602][T15615] FAT-fs (loop5): Directory bread(block 73) failed [ 219.017034][T15673] loop1: detected capacity change from 0 to 128 [ 219.084076][T15673] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 219.147621][T15673] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.5173: No space for directory leaf checksum. Please run e2fsck -D. [ 219.161513][T15673] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.5173: checksumming directory block 0 [ 219.166465][T15647] loop2: detected capacity change from 0 to 32768 [ 219.169446][T15647] XFS: noikeep mount option is deprecated. [ 219.239540][T15647] XFS (loop2): Mounting V5 Filesystem [ 219.388668][T15654] loop0: detected capacity change from 0 to 32768 [ 219.412960][T15693] loop5: detected capacity change from 0 to 736 [ 219.431304][T15647] XFS (loop2): Ending clean mount [ 219.448294][T15647] XFS (loop2): Quotacheck needed: Please wait. [ 219.485614][T15654] attempt to access beyond end of device [ 219.485614][T15654] loop0: rw=1, want=4701704, limit=32768 [ 219.515634][T15647] XFS (loop2): Quotacheck: Done. [ 219.518045][T15654] metapage_write_end_io: I/O error [ 219.520570][T15654] ERROR: (device loop0): diWrite: ixpxd invalid [ 219.520570][T15654] [ 219.537652][T15654] ERROR: (device loop0): remounting filesystem as read-only [ 219.539716][T15654] ERROR: (device loop0): txAbort: [ 219.539716][T15654] [ 219.565249][T15654] blkno = 8f7c0, nblocks = 1 [ 219.566894][T15654] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map [ 219.566894][T15654] [ 219.587624][T15654] ERROR: (device loop0): dbAllocNext: Corrupt dmap page [ 219.587624][T15654] [ 219.591022][T15654] ialloc: diAlloc returned -5! [ 219.643737][T15699] __nla_validate_parse: 5 callbacks suppressed [ 219.643750][T15699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5183'. [ 219.650203][T15699] netlink: 10 bytes leftover after parsing attributes in process `syz.1.5183'. [ 219.670036][ T4031] XFS (loop2): Unmounting Filesystem [ 219.746193][ T4027] attempt to access beyond end of device [ 219.746193][ T4027] loop0: rw=1, want=4701704, limit=32768 [ 219.753487][ T4027] metapage_write_end_io: I/O error [ 219.842693][T15705] netlink: 'syz.0.5185': attribute type 24 has an invalid length. [ 219.891426][T15678] loop4: detected capacity change from 0 to 40427 [ 219.932121][T15678] F2FS-fs (loop4): Corrupted extension count (64 + 1 > 64) [ 219.934143][T15678] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 219.940036][T15711] overlayfs: missing 'lowerdir' [ 219.985187][T15678] F2FS-fs (loop4): Found nat_bits in checkpoint [ 220.049445][T15678] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 220.051451][T15678] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 220.562128][T15745] loop1: detected capacity change from 0 to 4096 [ 220.577341][T15703] loop5: detected capacity change from 0 to 32768 [ 221.135134][T15735] loop2: detected capacity change from 0 to 32768 [ 221.722628][T15830] netlink: 220 bytes leftover after parsing attributes in process `syz.1.5247'. [ 221.796245][T15840] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 221.886712][T15844] binder: 15843:15844 ioctl 40046210 0 returned -14 [ 221.901539][T15845] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5253'. [ 221.939773][ T149] block nbd5: Attempted send on invalid socket [ 221.941679][ T149] blk_update_request: I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 221.947561][T15850] hfs: can't find a HFS filesystem on dev nbd5 [ 222.019527][T15855] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5256'. [ 222.033737][T15859] netlink: 'syz.4.5259': attribute type 29 has an invalid length. [ 222.035876][T15859] netlink: 'syz.4.5259': attribute type 29 has an invalid length. [ 222.225672][T15875] netlink: 'syz.2.5268': attribute type 1 has an invalid length. [ 222.312520][T15880] loop2: detected capacity change from 0 to 128 [ 222.351138][T15886] loop4: detected capacity change from 0 to 512 [ 222.352199][T15880] ufs: You didn't specify the type of your ufs filesystem [ 222.352199][T15880] [ 222.352199][T15880] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 222.352199][T15880] [ 222.352199][T15880] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 222.383458][T15880] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 222.422656][T15886] EXT4-fs error (device loop4): ext4_get_journal_inode:5158: comm syz.4.5274: inode #1792: comm syz.4.5274: iget: illegal inode # [ 222.433829][T15886] EXT4-fs (loop4): Remounting filesystem read-only [ 222.435602][T15886] EXT4-fs (loop4): no journal found [ 222.438299][T15886] EXT4-fs (loop4): can't get journal size [ 222.457213][T15886] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 222.513666][T15886] EXT4-fs (loop4): Errors on filesystem, clearing orphan list. [ 222.515776][T15886] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,usrjquota="errors=continue,noload,data_err=ignore,grpjquota="grpquota,jqfmt=vfsold,noblock_validity,. Quota mode: writeback. [ 222.523827][T15902] overlayfs: missing 'lowerdir' [ 222.884437][T15928] loop2: detected capacity change from 0 to 8 [ 222.934877][T15928] cramfs: Error -3 while decompressing! [ 222.936463][T15928] cramfs: 00000000facfe2de(26)->00000000ad832fee(4096) [ 222.949934][T15928] cramfs: Error -5 while decompressing! [ 222.951457][T15928] cramfs: 000000002da38f44(26)->000000007bb6ac1f(4096) [ 222.960280][T15934] loop5: detected capacity change from 0 to 8 [ 222.964848][ T4292] udevd[4292]: incorrect cramfs checksum on /dev/loop2 [ 222.977131][T15928] cramfs: Error -3 while decompressing! [ 222.978736][T15928] cramfs: 000000008f85fbe1(16)->00000000ed084e18(4096) [ 222.990939][T15928] cramfs: Error -3 while decompressing! [ 222.992491][T15928] cramfs: 00000000facfe2de(26)->00000000ad832fee(4096) [ 223.403942][T15960] xt_CT: You must specify a L4 protocol and not use inversions on it [ 223.533850][T15918] loop0: detected capacity change from 0 to 32768 [ 223.570796][T15968] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5314'. [ 223.682934][T15975] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 223.761132][T15918] XFS (loop0): Mounting V5 Filesystem [ 223.853562][T15918] XFS (loop0): Ending clean mount [ 223.899713][T15957] loop1: detected capacity change from 0 to 32768 [ 223.982241][T15957] XFS (loop1): Mounting V5 Filesystem [ 224.001136][ T4027] XFS (loop0): Unmounting Filesystem [ 224.119815][T15957] XFS (loop1): Ending clean mount [ 224.123379][T15957] XFS (loop1): Quotacheck needed: Please wait. [ 224.206931][T15957] XFS (loop1): Quotacheck: Done. [ 224.342673][ T4023] XFS (loop1): Unmounting Filesystem [ 224.476868][T16021] overlayfs: unrecognized mount option "\" or missing value [ 224.781417][T16038] loop2: detected capacity change from 0 to 64 [ 225.014760][T16003] loop5: detected capacity change from 0 to 32768 [ 225.072391][T16003] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 225.075001][T16003] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 225.095290][T16003] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 225.108392][ T9041] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 225.110341][ T9041] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 225.256673][ T9041] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 146ms [ 225.259368][ T9041] gfs2: fsid=syz:syz.0: jid=0: Done [ 225.261010][T16003] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 225.283536][T16066] netlink: 'syz.2.5353': attribute type 3 has an invalid length. [ 225.375782][T16063] loop1: detected capacity change from 0 to 4096 [ 225.398115][T16063] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 225.402589][T16063] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 225.405312][T16063] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 225.409414][T16068] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5355'. [ 225.419358][T16063] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 225.454474][T16063] ntfs: volume version 3.1. [ 225.461195][T16072] xt_hashlimit: overflow, try lower: 3/0 [ 225.479550][T16063] ntfs: (device loop1): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 225.482269][T16063] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 225.623790][T16078] netlink: 'syz.1.5358': attribute type 3 has an invalid length. [ 225.819089][T16050] loop4: detected capacity change from 0 to 32768 [ 225.892070][T16097] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 225.910891][T16097] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 225.921442][T16050] (syz.4.5347,16050,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 225.926244][T16050] (syz.4.5347,16050,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 225.958010][T16097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 225.968546][T16097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 225.970855][T16097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 225.973209][T16097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 225.978597][T16100] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5370'. [ 225.998345][T16050] JBD2: Ignoring recovery information on journal [ 226.185612][T16050] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 226.368880][ T4033] ocfs2: Unmounting device (7,4) on (node local) [ 226.779621][T16137] loop1: detected capacity change from 0 to 256 [ 226.831816][T16098] loop2: detected capacity change from 0 to 40427 [ 226.842072][T16137] cgroup: none used incorrectly [ 226.856397][T16098] F2FS-fs (loop2): Corrupted extension count (64 + 1 > 64) [ 226.859165][T16098] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 226.945584][T16098] F2FS-fs (loop2): Found nat_bits in checkpoint [ 227.030743][T16098] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 227.032961][T16098] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 227.466193][T16192] netlink: 'syz.1.5411': attribute type 1 has an invalid length. [ 227.474044][T16192] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5411'. [ 227.485608][T16195] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5403'. [ 227.493525][T16195] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5403'. [ 227.585291][T16203] loop0: detected capacity change from 0 to 64 [ 227.670725][T16203] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 227.738388][T16211] loop1: detected capacity change from 0 to 256 [ 227.817256][ T26] audit: type=1400 audit(258.248:14): apparmor="DENIED" operation="change_profile" info="label not found" error=-22 profile="unconfined" name="&" pid=16216 comm="syz.0.5423" [ 227.977445][T16227] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5430'. [ 228.039433][T16231] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5432'. [ 228.164495][T16243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5436'. [ 228.519063][T16200] loop5: detected capacity change from 0 to 40427 [ 228.523881][T16271] netlink: 'syz.0.5448': attribute type 3 has an invalid length. [ 228.561547][T16200] F2FS-fs (loop5): Corrupted extension count (64 + 1 > 64) [ 228.563523][T16200] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 228.579484][T16275] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5451'. [ 228.590092][T16275] sit0: Master is either lo or non-ether device [ 228.606347][T16281] loop0: detected capacity change from 0 to 16 [ 228.614510][T16200] F2FS-fs (loop5): Found nat_bits in checkpoint [ 228.655253][T16200] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 228.659115][T16200] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 228.717410][T16281] erofs: (device loop0): mounted with root inode @ nid 36. [ 228.728377][T16289] netlink: 'syz.4.5456': attribute type 2 has an invalid length. [ 228.796338][T16292] Timeout policy `syz0' can only be used by L3 protocol number 5 [ 228.966204][T16307] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.5466'. [ 229.062432][T16300] loop2: detected capacity change from 0 to 4096 [ 229.086195][T16300] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 229.515682][T16349] loop4: detected capacity change from 0 to 1024 [ 229.610694][T16362] loop0: detected capacity change from 0 to 256 [ 229.700800][T16349] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 229.736636][T16362] FAT-fs (loop0): Directory bread(block 64) failed [ 229.770503][T16362] FAT-fs (loop0): Directory bread(block 65) failed [ 229.772391][T16362] FAT-fs (loop0): Directory bread(block 66) failed [ 229.774188][T16362] FAT-fs (loop0): Directory bread(block 67) failed [ 229.796903][T16349] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #2: block 16: comm syz.4.5485: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=2, rec_len=3, size=1024 fake=1 [ 229.807401][T16362] FAT-fs (loop0): Directory bread(block 68) failed [ 229.809262][T16362] FAT-fs (loop0): Directory bread(block 69) failed [ 229.811043][T16362] FAT-fs (loop0): Directory bread(block 70) failed [ 229.813452][T16362] FAT-fs (loop0): Directory bread(block 71) failed [ 229.832754][T16374] netlink: 'syz.2.5496': attribute type 13 has an invalid length. [ 229.842532][T16362] FAT-fs (loop0): Directory bread(block 72) failed [ 229.844623][T16362] FAT-fs (loop0): Directory bread(block 73) failed [ 230.031505][T16386] netlink: 'syz.1.5502': attribute type 10 has an invalid length. [ 230.033774][T16386] netlink: 'syz.1.5502': attribute type 10 has an invalid length. [ 230.154704][T16398] netlink: 'syz.5.5508': attribute type 7 has an invalid length. [ 230.156861][T16398] netlink: 'syz.5.5508': attribute type 8 has an invalid length. [ 230.206905][T16396] loop4: detected capacity change from 0 to 1024 [ 230.255779][T16407] loop1: detected capacity change from 0 to 512 [ 230.284157][T16407] EXT2-fs (loop1): warning: mounting ext3 filesystem as ext2 [ 230.287023][T16407] EXT2-fs (loop1): error: revision level too high, forcing read-only mode [ 230.307648][T16411] kernel profiling enabled (shift: 7) [ 230.319531][T16407] EXT2-fs (loop1): error: ext2_iget: bad extended attribute block 393216 [ 230.396877][ T4023] EXT2-fs (loop1): error: ext2_valid_block_bitmap: Invalid block bitmap - block_group = 0, block = 13 [ 230.416489][ T4023] EXT2-fs (loop1): error: ext2_free_blocks: Freeing blocks in system zones - Block = 13, count = 1 [ 230.424740][T16415] ipt_ECN: cannot use operation on non-tcp rule [ 230.425124][ T4023] EXT2-fs (loop1): error: ext2_free_inode: reserved or nonexistent inode 2 [ 230.583071][T16426] loop0: detected capacity change from 0 to 1024 [ 230.629603][T16434] loop5: detected capacity change from 0 to 1024 [ 230.638240][T16426] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 230.748217][T16434] EXT4-fs (loop5): mounted filesystem without journal. Opts: nodelalloc,nobarrier,errors=remount-ro,. Quota mode: none. [ 230.881342][T16451] loop2: detected capacity change from 0 to 1764 [ 230.891078][T16434] EXT4-fs error (device loop5): ext4_get_first_dir_block:3608: inode #11: comm syz.5.5525: directory missing '.' [ 230.892090][T16453] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 230.919335][T16434] EXT4-fs (loop5): Remounting filesystem read-only [ 230.990309][T16446] team0: Port device team_slave_1 removed [ 231.460064][T16497] libceph: resolve 'c' (ret=-3): failed [ 231.503230][T16502] loop2: detected capacity change from 0 to 512 [ 231.529139][T16502] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled [ 231.554220][T16511] xt_CT: You must specify a L4 protocol and not use inversions on it [ 231.558010][T16502] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5556: iget: bad i_size value: 38620345925642 [ 231.564509][T16507] __nla_validate_parse: 3 callbacks suppressed [ 231.564520][T16507] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5559'. [ 231.588888][T16509] loop1: detected capacity change from 0 to 256 [ 231.594187][T16515] loop5: detected capacity change from 0 to 64 [ 231.602299][T16502] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5556: couldn't read orphan inode 15 (err -117) [ 231.605930][T16507] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5559'. [ 231.615276][T16502] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=./file0,debug_want_extra_isize=0x0000000000000008,data_err=ignore,,errors=continue. Quota mode: writeback. [ 231.716155][T16509] FAT-fs (loop1): error, clusters badly computed (0 != 128) [ 231.725166][T16509] FAT-fs (loop1): Filesystem has been set read-only [ 231.727779][T16509] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 231.751976][T16502] EXT4-fs error (device loop2): empty_inline_dir:1855: inode #12: block 7: comm syz.2.5556: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 231.780926][T16502] EXT4-fs warning (device loop2): empty_inline_dir:1862: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 232.111067][T16547] loop5: detected capacity change from 0 to 256 [ 232.116477][T16546] validate_nla: 1 callbacks suppressed [ 232.116489][T16546] netlink: 'syz.0.5577': attribute type 10 has an invalid length. [ 232.196002][T16547] FAT-fs (loop5): Directory bread(block 64) failed [ 232.205488][T16547] FAT-fs (loop5): Directory bread(block 65) failed [ 232.207488][T16547] FAT-fs (loop5): Directory bread(block 66) failed [ 232.209306][T16547] FAT-fs (loop5): Directory bread(block 67) failed [ 232.211210][T16547] FAT-fs (loop5): Directory bread(block 68) failed [ 232.218744][ T26] audit: type=1400 audit(262.638:15): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=16550 comm="syz.1.5580" [ 232.234243][T16553] loop2: detected capacity change from 0 to 1024 [ 232.236408][T16547] FAT-fs (loop5): Directory bread(block 69) failed [ 232.244313][T16547] FAT-fs (loop5): Directory bread(block 70) failed [ 232.246197][T16547] FAT-fs (loop5): Directory bread(block 71) failed [ 232.250002][T16547] FAT-fs (loop5): Directory bread(block 72) failed [ 232.251814][T16547] FAT-fs (loop5): Directory bread(block 73) failed [ 232.286641][T16546] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 232.782354][T16584] loop1: detected capacity change from 0 to 256 [ 232.811881][T16587] loop0: detected capacity change from 0 to 256 [ 232.830375][T16539] loop4: detected capacity change from 0 to 32768 [ 232.856050][T16589] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 232.897809][T16539] jfs_strtoUCS: char2uni returned -22. [ 232.899331][T16539] charset = cp950, char = 0xd4 [ 233.082997][T16607] binder: 16604:16607 ioctl c018620c 0 returned -14 [ 233.288249][T16621] loop5: detected capacity change from 0 to 2048 [ 233.403018][T16636] netlink: 'syz.5.5621': attribute type 1 has an invalid length. [ 233.410984][T16636] netlink: 224 bytes leftover after parsing attributes in process `syz.5.5621'. [ 233.699405][T16653] loop4: detected capacity change from 0 to 4096 [ 233.743046][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 233.745300][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 233.752082][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 233.754222][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffc0c00 [ 233.756311][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffc1c00 [ 233.777321][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffc2c00 [ 233.779510][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffc4c00 [ 233.781632][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffc8c00 [ 233.783818][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffd0c00 [ 233.785939][T16653] ntfs3: loop4: try to read out of volume at offset 0x3fffffe0c00 [ 233.991810][T16679] loop5: detected capacity change from 0 to 4096 [ 234.071867][T16679] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 10) do not match. Run ntfsfix or chkdsk. [ 234.075178][T16679] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 234.086408][T16679] ntfs: (device loop5): ntfs_read_locked_inode(): $STANDARD_INFORMATION attribute is missing. [ 234.123916][T16679] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 234.139922][T16679] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 234.144255][T16679] ntfs: volume version 3.1. [ 234.313573][T16708] netlink: 'syz.1.5655': attribute type 11 has an invalid length. [ 234.403531][T16717] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5658'. [ 234.575193][T16728] loop0: detected capacity change from 0 to 4096 [ 234.636565][T16728] ntfs3: loop0: mft corrupted [ 234.639962][T16728] ntfs3: loop0: Failed to load $MFT. [ 234.740494][T16745] xt_TPROXY: Can be used only with -p tcp or -p udp [ 234.777380][T16751] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5676'. [ 234.797986][T16751] netlink: 'syz.0.5676': attribute type 1 has an invalid length. [ 234.800088][T16751] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5676'. [ 235.112234][T16784] loop2: detected capacity change from 0 to 256 [ 235.263859][T16792] loop1: detected capacity change from 0 to 2048 [ 235.418737][T16796] loop0: detected capacity change from 0 to 4096 [ 235.547175][ T6256] Bluetooth: hci4: command 0x0406 tx timeout [ 235.560423][T16792] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 235.699715][T16790] loop5: detected capacity change from 0 to 32768 [ 235.761527][T16790] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 235.763920][T16790] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 235.814844][T16790] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 235.818704][ T7376] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 235.820662][ T7376] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 235.945537][T16812] loop4: detected capacity change from 0 to 512 [ 235.949220][ T7376] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 128ms [ 235.951531][ T7376] gfs2: fsid=syz:syz.0: jid=0: Done [ 235.952977][T16790] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 236.033672][T16812] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 236.050292][T16806] loop1: detected capacity change from 0 to 4096 [ 236.054662][T16812] [EXT4 FS bs=4096, gc=1, bpg=42, ipg=32, mo=42c018, mo2=0000] [ 236.057957][T16812] EXT4-fs (loop4): orphan cleanup on readonly fs [ 236.062718][T16812] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 19 vs 41 free clusters [ 236.081790][T16812] Quota error (device loop4): write_blk: dquota write failed [ 236.083967][T16812] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 236.086712][T16812] EXT4-fs error (device loop4): ext4_acquire_dquot:6207: comm syz.4.5706: Failed to acquire dquot type 0 [ 236.098165][T16812] EXT4-fs (loop4): 1 truncate cleaned up [ 236.100944][T16812] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsddf,noblock_validity,nodelalloc,debug,nogrpid,dioread_nolock,noinit_itable,noinit_itable,journal_dev=0x00000000000000072,errors=continue. Quota mode: writeback. [ 236.193420][T16806] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 236.197999][T16825] xt_l2tp: missing protocol rule (udp|l2tpip) [ 236.239444][T16790] gfs2: fsid=syz:syz.0: found 1 quota changes [ 236.262787][T16806] ntfs3: loop1: failed to convert "c46c" to cp865 [ 236.326196][T16830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5713'. [ 236.341817][T16830] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5713'. [ 236.377389][T13114] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485 [ 236.381571][T13114] CPU: 0 PID: 13114 Comm: syz-executor Not tainted 5.15.186-syzkaller #0 [ 236.383968][T13114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 236.386667][T13114] Call trace: [ 236.387518][T13114] dump_backtrace+0x0/0x43c [ 236.388787][T13114] show_stack+0x2c/0x3c [ 236.389946][T13114] __dump_stack+0x30/0x40 [ 236.391141][T13114] dump_stack_lvl+0xf8/0x160 [ 236.392357][T13114] dump_stack+0x1c/0x5c [ 236.393559][T13114] gfs2_assert_warn_i+0x16c/0x26c [ 236.394983][T13114] gfs2_quota_cleanup+0x458/0x670 [ 236.396386][T13114] gfs2_make_fs_ro+0x3f0/0x51c [ 236.397699][T13114] gfs2_put_super+0x19c/0x6bc [ 236.399002][T13114] generic_shutdown_super+0x130/0x2f0 [ 236.400538][T13114] kill_block_super+0x70/0xdc [ 236.401826][T13114] gfs2_kill_sb+0xc0/0xd4 [ 236.403030][T13114] deactivate_locked_super+0xb8/0x13c [ 236.404536][T13114] deactivate_super+0xf8/0x118 [ 236.405846][T13114] cleanup_mnt+0x3a4/0x458 [ 236.407094][T13114] __cleanup_mnt+0x20/0x30 [ 236.408274][T13114] task_work_run+0x12c/0x1e0 [ 236.409500][T13114] do_notify_resume+0x24b4/0x3128 [ 236.410929][T13114] el0_svc+0xf0/0x1e0 [ 236.411995][T13114] el0t_64_sync_handler+0xcc/0xe4 [ 236.413380][T13114] el0t_64_sync+0x1a0/0x1a4 [ 236.647535][T16835] loop0: detected capacity change from 0 to 4096 [ 236.726336][T16860] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 236.740098][T16835] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 10) do not match. Run ntfsfix or chkdsk. [ 236.743522][T16835] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 236.760497][T16835] ntfs: volume version 3.1. [ 236.948959][T16880] loop1: detected capacity change from 0 to 128 [ 237.032125][T16882] loop2: detected capacity change from 0 to 4096 [ 237.083969][T16882] NILFS (loop2): invalid segment: Checksum error in segment payload [ 237.086380][T16882] NILFS (loop2): trying rollback from an earlier position [ 237.090219][T16880] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,,errors=continue. Quota mode: none. [ 237.197366][T16882] NILFS (loop2): recovery complete [ 237.241335][T16894] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 237.511499][T16910] loop4: detected capacity change from 0 to 128 [ 237.553973][T16914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5754'. [ 237.587299][T16914] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 237.658492][T16913] IPv6: NLM_F_CREATE should be specified when creating new route [ 237.660850][T16913] netlink: 1 bytes leftover after parsing attributes in process `syz.5.5753'. [ 237.879998][T16877] loop0: detected capacity change from 0 to 32768 [ 237.882556][T16920] xt_l2tp: invalid flags combination: 0 [ 238.038972][T16877] ERROR: (device loop0): diAllocBit: iag inconsistent [ 238.038972][T16877] [ 238.043806][T16877] ERROR: (device loop0): remounting filesystem as read-only [ 238.045869][T16877] ialloc: diAlloc returned -5! [ 238.120646][T16926] loop4: detected capacity change from 0 to 4096 [ 238.175916][T16900] loop1: detected capacity change from 0 to 32768 [ 238.183585][T16938] netlink: 'syz.0.5765': attribute type 2 has an invalid length. [ 238.186397][T16938] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5765'. [ 238.202631][T16926] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 238.266329][T16926] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 238.834791][T16942] loop5: detected capacity change from 0 to 32768 [ 238.914147][T16942] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.5768 (16942) [ 239.010154][T16942] BTRFS info (device loop5): using crc32c (crc32c-generic) checksum algorithm [ 239.012613][T16942] BTRFS info (device loop5): setting nodatacow, compression disabled [ 239.014867][T16942] BTRFS info (device loop5): max_inline at 0 [ 239.016522][T16942] BTRFS info (device loop5): enabling disk space caching [ 239.037155][T16942] BTRFS info (device loop5): turning off barriers [ 239.038867][T16942] BTRFS info (device loop5): turning on flush-on-commit [ 239.040772][T16942] BTRFS info (device loop5): doing ref verification [ 239.042589][T16942] BTRFS info (device loop5): force clearing of disk cache [ 239.044548][T16942] BTRFS info (device loop5): enabling ssd optimizations [ 239.078223][T16942] BTRFS info (device loop5): using spread ssd allocation scheme [ 239.080394][T16942] BTRFS info (device loop5): use zlib compression, level 3 [ 239.082393][T16942] BTRFS info (device loop5): disk space caching is enabled [ 239.116361][T16942] BTRFS info (device loop5): has skinny extents [ 239.143539][T16990] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 239.159902][T16990] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check. [ 239.284022][T16956] loop4: detected capacity change from 0 to 32768 [ 239.292441][T17006] loop1: detected capacity change from 0 to 64 [ 239.337010][T17009] loop2: detected capacity change from 0 to 512 [ 239.434486][T16956] XFS (loop4): Mounting V5 Filesystem [ 239.443736][T17009] EXT4-fs error (device loop2): ext4_do_update_inode:5204: inode #16: comm syz.2.5796: corrupted inode contents [ 239.458805][T16942] BTRFS info (device loop5): clearing free space tree [ 239.460793][T16942] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 239.463648][T16942] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 239.473146][T17009] EXT4-fs error (device loop2): ext4_dirty_inode:6040: inode #16: comm syz.2.5796: mark_inode_dirty error [ 239.492549][T17009] EXT4-fs error (device loop2): ext4_do_update_inode:5204: inode #16: comm syz.2.5796: corrupted inode contents [ 239.505409][T17009] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #16: comm syz.2.5796: mark_inode_dirty error [ 239.583999][T17009] EXT4-fs error (device loop2): ext4_do_update_inode:5204: inode #16: comm syz.2.5796: corrupted inode contents [ 239.594750][T17009] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 239.605934][T16956] XFS (loop4): Ending clean mount [ 239.613569][T17009] EXT4-fs error (device loop2): ext4_do_update_inode:5204: inode #16: comm syz.2.5796: corrupted inode contents [ 239.620019][T17009] EXT4-fs error (device loop2): ext4_truncate:4273: inode #16: comm syz.2.5796: mark_inode_dirty error [ 239.627748][T17009] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 239.722551][T16956] XFS (loop4): Quotacheck needed: Please wait. [ 239.768350][T17009] EXT4-fs (loop2): 1 truncate cleaned up [ 239.770038][T17009] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 239.778738][T16956] XFS (loop4): Quotacheck: Done. [ 239.884686][T17044] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5800'. [ 239.900861][ T4033] XFS (loop4): Unmounting Filesystem [ 240.123687][T17057] Cannot find del_set index 4 as target [ 240.262271][ T4015] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop5 scanned by udevd (4015) [ 240.288219][T17069] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5816'. [ 240.400308][T17068] block device autoloading is deprecated and will be removed. [ 240.499196][T17084] loop4: detected capacity change from 0 to 256 [ 240.555985][T17084] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 240.566030][T17084] exFAT-fs (loop4): failed to load alloc-bitmap [ 240.576027][T17084] exFAT-fs (loop4): failed to recognize exfat type [ 240.754893][T17102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5831'. [ 240.853935][T17097] loop1: detected capacity change from 0 to 8192 [ 240.924982][T17097] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 240.927976][T17097] REISERFS (device loop1): using ordered data mode [ 240.929685][T17097] reiserfs: using flush barriers [ 240.947239][T17097] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 240.951882][T17097] REISERFS (device loop1): checking transaction log (loop1) [ 241.001591][T17116] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 241.008918][T17097] REISERFS (device loop1): Using r5 hash to sort names [ 241.011282][T17097] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 241.350717][T17149] loop0: detected capacity change from 0 to 256 [ 241.420388][T17149] FAT-fs (loop0): Directory bread(block 64) failed [ 241.422279][T17149] FAT-fs (loop0): Directory bread(block 65) failed [ 241.440331][T17149] FAT-fs (loop0): Directory bread(block 66) failed [ 241.442173][T17149] FAT-fs (loop0): Directory bread(block 67) failed [ 241.443984][T17149] FAT-fs (loop0): Directory bread(block 68) failed [ 241.445759][T17149] FAT-fs (loop0): Directory bread(block 69) failed [ 241.478095][T17149] FAT-fs (loop0): Directory bread(block 70) failed [ 241.479905][T17149] FAT-fs (loop0): Directory bread(block 71) failed [ 241.481683][T17149] FAT-fs (loop0): Directory bread(block 72) failed [ 241.483423][T17149] FAT-fs (loop0): Directory bread(block 73) failed [ 241.519782][T17153] loop1: detected capacity change from 0 to 512 [ 241.551222][T17153] EXT2-fs (loop1): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 241.568376][T17153] EXT2-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 241.570954][T17153] EXT2-fs (loop1): 0.5b, 95/08/09, bs=2048, gc=1, bpg=16384, ipg=32, mo=8021c] [ 241.725499][T17167] device vlan0 entered promiscuous mode [ 241.844173][T17173] xt_TCPMSS: Only works on TCP SYN packets [ 241.985879][T17185] netlink: 'syz.0.5872': attribute type 1 has an invalid length. [ 242.017237][T17187] ieee802154 phy0 wpan0: encryption failed: -90 [ 242.143024][T17183] loop1: detected capacity change from 0 to 8192 [ 242.194996][T17183] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 242.219807][T17157] loop5: detected capacity change from 0 to 32768 [ 242.352268][T17157] (syz.5.5858,17157,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 242.356610][T17157] (syz.5.5858,17157,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 242.403593][T17157] (syz.5.5858,17157,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 242.412244][T17157] JBD2: Ignoring recovery information on journal [ 242.554801][T17157] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 242.598075][T17157] [ 242.598862][T17157] ====================================================== [ 242.600760][T17157] WARNING: possible circular locking dependency detected [ 242.602678][T17157] 5.15.186-syzkaller #0 Not tainted [ 242.604042][T17157] ------------------------------------------------------ [ 242.605945][T17157] syz.5.5858/17157 is trying to acquire lock: [ 242.607652][T17157] ffff0000ea2ee650 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_write_info+0x114/0x324 [ 242.610296][T17157] [ 242.610296][T17157] but task is already holding lock: [ 242.612325][T17157] ffff0000e9b33120 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1a8/0x22c [ 242.615375][T17157] [ 242.615375][T17157] which lock already depends on the new lock. [ 242.615375][T17157] [ 242.618309][T17157] [ 242.618309][T17157] the existing dependency chain (in reverse order) is: [ 242.620790][T17157] [ 242.620790][T17157] -> #6 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}: [ 242.623330][T17157] down_write+0xbc/0x12c [ 242.624696][T17157] ocfs2_lock_global_qf+0x1a8/0x22c [ 242.626317][T17157] ocfs2_acquire_dquot+0x244/0xa2c [ 242.627861][T17157] dqget+0x658/0xcf4 [ 242.629124][T17157] __dquot_initialize+0x2d4/0xa80 [ 242.630723][T17157] dquot_initialize+0x24/0x34 [ 242.632174][T17157] ocfs2_get_init_inode+0x134/0x1a8 [ 242.633791][T17157] ocfs2_symlink+0x68c/0x2060 [ 242.635239][T17157] vfs_symlink+0x238/0x3b0 [ 242.636635][T17157] do_symlinkat+0x184/0x5a8 [ 242.638072][T17157] __arm64_sys_symlinkat+0xa4/0xbc [ 242.639682][T17157] invoke_syscall+0x98/0x2b8 [ 242.641146][T17157] el0_svc_common+0x138/0x258 [ 242.642588][T17157] do_el0_svc+0x58/0x14c [ 242.643936][T17157] el0_svc+0x78/0x1e0 [ 242.645227][T17157] el0t_64_sync_handler+0xcc/0xe4 [ 242.646817][T17157] el0t_64_sync+0x1a0/0x1a4 [ 242.648282][T17157] [ 242.648282][T17157] -> #5 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}: [ 242.651266][T17157] down_write+0xbc/0x12c [ 242.652555][T17157] ocfs2_lock_global_qf+0x18c/0x22c [ 242.654156][T17157] ocfs2_acquire_dquot+0x244/0xa2c [ 242.655879][T17157] dqget+0x658/0xcf4 [ 242.657105][T17157] __dquot_initialize+0x2d4/0xa80 [ 242.658659][T17157] dquot_initialize+0x24/0x34 [ 242.660123][T17157] ocfs2_get_init_inode+0x134/0x1a8 [ 242.661789][T17157] ocfs2_symlink+0x68c/0x2060 [ 242.663249][T17157] vfs_symlink+0x238/0x3b0 [ 242.664624][T17157] do_symlinkat+0x184/0x5a8 [ 242.666033][T17157] __arm64_sys_symlinkat+0xa4/0xbc [ 242.667611][T17157] invoke_syscall+0x98/0x2b8 [ 242.669064][T17157] el0_svc_common+0x138/0x258 [ 242.670572][T17157] do_el0_svc+0x58/0x14c [ 242.671949][T17157] el0_svc+0x78/0x1e0 [ 242.673237][T17157] el0t_64_sync_handler+0xcc/0xe4 [ 242.674804][T17157] el0t_64_sync+0x1a0/0x1a4 [ 242.676204][T17157] [ 242.676204][T17157] -> #4 (&dquot->dq_lock){+.+.}-{3:3}: [ 242.678547][T17157] __mutex_lock_common+0x194/0x1edc [ 242.680163][T17157] mutex_lock_nested+0xac/0x11c [ 242.681749][T17157] dquot_commit+0x50/0x1c4 [ 242.683156][T17157] ext4_write_dquot+0x1b4/0x31c [ 242.684700][T17157] ext4_mark_dquot_dirty+0xe8/0x140 [ 242.686368][T17157] mark_all_dquot_dirty+0x108/0x424 [ 242.687980][T17157] __dquot_free_space+0x76c/0xaa8 [ 242.689537][T17157] ext4_free_blocks+0x1900/0x23cc [ 242.691138][T17157] ext4_ext_remove_space+0x1d9c/0x3834 [ 242.692857][T17157] ext4_ext_truncate+0x184/0x24c [ 242.694423][T17157] ext4_truncate+0x9c0/0xf94 [ 242.695853][T17157] ext4_process_orphan+0x17c/0x2b4 [ 242.697471][T17157] ext4_orphan_cleanup+0x888/0xf8c [ 242.699034][T17157] ext4_fill_super+0x7a5c/0x812c [ 242.700539][T17157] mount_bdev+0x264/0x358 [ 242.701947][T17157] ext4_mount+0x44/0x58 [ 242.703297][T17157] legacy_get_tree+0xd4/0x16c [ 242.704757][T17157] vfs_get_tree+0x90/0x274 [ 242.706120][T17157] do_new_mount+0x228/0x810 [ 242.707552][T17157] path_mount+0x5b4/0x1000 [ 242.708939][T17157] __arm64_sys_mount+0x514/0x5e4 [ 242.710518][T17157] invoke_syscall+0x98/0x2b8 [ 242.711952][T17157] el0_svc_common+0x138/0x258 [ 242.713481][T17157] do_el0_svc+0x58/0x14c [ 242.714794][T17157] el0_svc+0x78/0x1e0 [ 242.716085][T17157] el0t_64_sync_handler+0xcc/0xe4 [ 242.717690][T17157] el0t_64_sync+0x1a0/0x1a4 [ 242.719095][T17157] [ 242.719095][T17157] -> #3 (&ei->i_data_sem){++++}-{3:3}: [ 242.721201][T17157] down_write+0xbc/0x12c [ 242.722529][T17157] ext4_map_blocks+0x71c/0x167c [ 242.724112][T17157] ext4_writepages+0xf00/0x2c14 [ 242.725624][T17157] do_writepages+0x36c/0x578 [ 242.727046][T17157] __writeback_single_inode+0x148/0x11f0 [ 242.727320][T17239] loop0: detected capacity change from 0 to 256 [ 242.728711][T17157] writeback_sb_inodes+0x7fc/0x1378 [ 242.728727][T17157] __writeback_inodes_wb+0x110/0x394 [ 242.731064][T17240] netlink: 'syz.2.5899': attribute type 1 has an invalid length. [ 242.731982][T17157] wb_writeback+0x3ec/0xe44 [ 242.731999][T17157] wb_workfn+0xa7c/0xdd8 [ 242.738428][T17157] process_one_work+0x79c/0x1140 [ 242.739944][T17157] worker_thread+0x8f4/0x101c [ 242.741416][T17157] kthread+0x374/0x454 [ 242.742682][T17157] ret_from_fork+0x10/0x20 [ 242.744124][T17157] [ 242.744124][T17157] -> #2 (jbd2_handle){++++}-{0:0}: [ 242.746250][T17157] start_this_handle+0xef4/0x11a4 [ 242.747819][T17157] jbd2__journal_start+0x28c/0x744 [ 242.749478][T17157] jbd2_journal_start+0x3c/0x4c [ 242.751024][T17157] ocfs2_start_trans+0x43c/0x794 [ 242.752558][T17157] ocfs2_modify_bh+0xe4/0x450 [ 242.754022][T17157] ocfs2_local_read_info+0x102c/0x131c [ 242.755713][T17157] dquot_load_quota_sb+0x6c4/0xa24 [ 242.757335][T17157] dquot_load_quota_inode+0x274/0x4e4 [ 242.758954][T17157] ocfs2_enable_quotas+0x17c/0x3b4 [ 242.760531][T17157] ocfs2_fill_super+0x2e74/0x4074 [ 242.762076][T17157] mount_bdev+0x264/0x358 [ 242.763422][T17157] ocfs2_mount+0x44/0x58 [ 242.764727][T17157] legacy_get_tree+0xd4/0x16c [ 242.766190][T17157] vfs_get_tree+0x90/0x274 [ 242.767586][T17157] do_new_mount+0x228/0x810 [ 242.768990][T17157] path_mount+0x5b4/0x1000 [ 242.770378][T17157] __arm64_sys_mount+0x514/0x5e4 [ 242.771970][T17157] invoke_syscall+0x98/0x2b8 [ 242.773395][T17157] el0_svc_common+0x138/0x258 [ 242.774870][T17157] do_el0_svc+0x58/0x14c [ 242.776199][T17157] el0_svc+0x78/0x1e0 [ 242.777483][T17157] el0t_64_sync_handler+0xcc/0xe4 [ 242.779028][T17157] el0t_64_sync+0x1a0/0x1a4 [ 242.780369][T17157] [ 242.780369][T17157] -> #1 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 242.782696][T17157] down_read+0xc0/0x390 [ 242.784015][T17157] ocfs2_start_trans+0x430/0x794 [ 242.785569][T17157] ocfs2_modify_bh+0xe4/0x450 [ 242.787048][T17157] ocfs2_local_read_info+0x102c/0x131c [ 242.788696][T17157] dquot_load_quota_sb+0x6c4/0xa24 [ 242.790312][T17157] dquot_load_quota_inode+0x274/0x4e4 [ 242.791937][T17157] ocfs2_enable_quotas+0x17c/0x3b4 [ 242.793487][T17157] ocfs2_fill_super+0x2e74/0x4074 [ 242.795077][T17157] mount_bdev+0x264/0x358 [ 242.796474][T17157] ocfs2_mount+0x44/0x58 [ 242.797756][T17157] legacy_get_tree+0xd4/0x16c [ 242.799222][T17157] vfs_get_tree+0x90/0x274 [ 242.800595][T17157] do_new_mount+0x228/0x810 [ 242.802049][T17157] path_mount+0x5b4/0x1000 [ 242.803471][T17157] __arm64_sys_mount+0x514/0x5e4 [ 242.805132][T17157] invoke_syscall+0x98/0x2b8 [ 242.806699][T17157] el0_svc_common+0x138/0x258 [ 242.808214][T17157] do_el0_svc+0x58/0x14c [ 242.809589][T17157] el0_svc+0x78/0x1e0 [ 242.810832][T17157] el0t_64_sync_handler+0xcc/0xe4 [ 242.812354][T17157] el0t_64_sync+0x1a0/0x1a4 [ 242.813746][T17157] [ 242.813746][T17157] -> #0 (sb_internal#2){.+.+}-{0:0}: [ 242.815913][T17157] __lock_acquire+0x2928/0x651c [ 242.817405][T17157] lock_acquire+0x1f4/0x620 [ 242.818822][T17157] ocfs2_start_trans+0x2c4/0x794 [ 242.820416][T17157] ocfs2_write_info+0x114/0x324 [ 242.821982][T17157] dquot_set_dqinfo+0x370/0x5d8 [ 242.823465][T17157] quota_setinfo+0x320/0x3a8 [ 242.824986][T17157] do_quotactl+0x59c/0x738 [ 242.826356][T17157] __arm64_sys_quotactl+0x2ac/0x734 [ 242.828051][T17157] invoke_syscall+0x98/0x2b8 [ 242.829481][T17157] el0_svc_common+0x138/0x258 [ 242.830986][T17157] do_el0_svc+0x58/0x14c [ 242.832368][T17157] el0_svc+0x78/0x1e0 [ 242.833624][T17157] el0t_64_sync_handler+0xcc/0xe4 [ 242.835250][T17157] el0t_64_sync+0x1a0/0x1a4 [ 242.836662][T17157] [ 242.836662][T17157] other info that might help us debug this: [ 242.836662][T17157] [ 242.839541][T17157] Chain exists of: [ 242.839541][T17157] sb_internal#2 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3 --> &ocfs2_quota_ip_alloc_sem_key [ 242.839541][T17157] [ 242.844353][T17157] Possible unsafe locking scenario: [ 242.844353][T17157] [ 242.846588][T17157] CPU0 CPU1 [ 242.848079][T17157] ---- ---- [ 242.849591][T17157] lock(&ocfs2_quota_ip_alloc_sem_key); [ 242.851199][T17157] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3); [ 242.854001][T17157] lock(&ocfs2_quota_ip_alloc_sem_key); [ 242.856258][T17157] lock(sb_internal#2); [ 242.857412][T17157] [ 242.857412][T17157] *** DEADLOCK *** [ 242.857412][T17157] [ 242.859747][T17157] 3 locks held by syz.5.5858/17157: [ 242.861247][T17157] #0: ffff0000ea2ee0e0 (&type->s_umount_key#75){++++}-{3:3}, at: user_get_super+0x118/0x234 [ 242.864061][T17157] #1: ffff0000e9b33488 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8){+.+.}-{3:3}, at: ocfs2_lock_global_qf+0x18c/0x22c [ 242.867660][T17157] #2: ffff0000e9b33120 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1a8/0x22c [ 242.870893][T17157] [ 242.870893][T17157] stack backtrace: [ 242.872537][T17157] CPU: 0 PID: 17157 Comm: syz.5.5858 Not tainted 5.15.186-syzkaller #0 [ 242.874915][T17157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 242.877860][T17157] Call trace: [ 242.878803][T17157] dump_backtrace+0x0/0x43c [ 242.880064][T17157] show_stack+0x2c/0x3c [ 242.881244][T17157] __dump_stack+0x30/0x40 [ 242.882471][T17157] dump_stack_lvl+0xf8/0x160 [ 242.883771][T17157] dump_stack+0x1c/0x5c [ 242.884964][T17157] print_circular_bug+0x148/0x1b0 [ 242.886435][T17157] check_noncircular+0x240/0x2d4 [ 242.887865][T17157] __lock_acquire+0x2928/0x651c [ 242.889256][T17157] lock_acquire+0x1f4/0x620 [ 242.890532][T17157] ocfs2_start_trans+0x2c4/0x794 [ 242.891925][T17157] ocfs2_write_info+0x114/0x324 [ 242.893309][T17157] dquot_set_dqinfo+0x370/0x5d8 [ 242.894770][T17157] quota_setinfo+0x320/0x3a8 [ 242.896062][T17157] do_quotactl+0x59c/0x738 [ 242.897362][T17157] __arm64_sys_quotactl+0x2ac/0x734 [ 242.898926][T17157] invoke_syscall+0x98/0x2b8 [ 242.900240][T17157] el0_svc_common+0x138/0x258 [ 242.901563][T17157] do_el0_svc+0x58/0x14c [ 242.902780][T17157] el0_svc+0x78/0x1e0 [ 242.903926][T17157] el0t_64_sync_handler+0xcc/0xe4 [ 242.905313][T17157] el0t_64_sync+0x1a0/0x1a4 [ 242.964001][T13114] ocfs2: Unmounting device (7,5) on (node local) [ 242.990099][T17239] FAT-fs (loop0): Directory bread(block 64) failed [ 242.991981][T17239] FAT-fs (loop0): Directory bread(block 65) failed [ 242.993797][T17239] FAT-fs (loop0): Directory bread(block 66) failed [ 242.995667][T17239] FAT-fs (loop0): Directory bread(block 67) failed [ 243.010793][T17239] FAT-fs (loop0): Directory bread(block 68) failed [ 243.012670][T17239] FAT-fs (loop0): Directory bread(block 69) failed [ 243.014505][T17239] FAT-fs (loop0): Directory bread(block 70) failed [ 243.016365][T17239] FAT-fs (loop0): Directory bread(block 71) failed [ 243.031180][T17239] FAT-fs (loop0): Directory bread(block 72) failed [ 243.033064][T17239] FAT-fs (loop0): Directory bread(block 73) failed [ 243.084005][T17247] loop4: detected capacity change from 0 to 32768 [ 243.128757][T17247] XFS: attr2 mount option is deprecated. [ 243.130383][T17247] XFS: ikeep mount option is deprecated. [ 243.132171][T17247] XFS: noikeep mount option is deprecated. [ 243.176722][T17247] XFS (loop4): Mounting V5 Filesystem [ 243.236918][T17247] XFS (loop4): Ending clean mount [ 243.240975][T17247] XFS (loop4): Quotacheck needed: Please wait. [ 243.248742][T17247] XFS (loop4): Quotacheck: Done. [ 243.281155][ T4033] XFS (loop4): Unmounting Filesystem