last executing test programs: 1m10.371392714s ago: executing program 2 (id=2831): socket$alg(0x26, 0x5, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5) syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) io_setup(0x8, &(0x7f0000000600)=0x0) io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r0, 0x0}]) 1m9.900617019s ago: executing program 2 (id=2833): syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='shortad,partition=00000000000000000005,noadinicb,uid=', @ANYRESDEC=0x0, @ANYBLOB=',gid=', @ANYRESDEC=0x0, @ANYBLOB=',volume=0000000000000006,\x00\x00\x00\x00\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0)) name_to_handle_at(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0) rmdir(&(0x7f0000000100)='./bus\x00') open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 1m9.475378291s ago: executing program 2 (id=2837): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x52e, &(0x7f0000000ac0)="$eJzs3c9vI1cdAPDvjOPUabMkBQ6lEiVCoG0FaycNbSMO/SEhOBUo5R5C4kRRnDhKnHYTVSgVZ4SEECC4wIkLEn8AEuqfgJAqwb1CCLSCbTlwaDEae7zreO1udteOs8nnI83Om7cz8/0+Z/3i53k7E8ClNRcRL0dEISKeiYiZvD7NlzhuL9l+7998azVbkmg2X/9XEkle1zlXkq8fyw8rRcR3vhHx/SRpV3TZPzzaWqnVqnv5dqWxvVvZPzy6trm9slHdqO4sLi48v/TC0nNL83fk/Epyf2198Wt//9mPf/v1F//45TffW/7n0z/ITjOd/113O4apnWqx9Vp0TETE3iiCjUEh/3dSPM3O9/lzAwBgeLLPbp+MiM9HxAe/HHc2AAAAwCg0X5qOD5OI5p2++a18FwAAAODhlrbmwCZpOZ8LMB1pWi635/B+Ol6KWn2/8aX1+sHOWnuu7GwU0/XNWnU+nys8G8Uk215olW9vP9uzvRgRj0fET2emWtvl1XptbdxffgAAAMAlkY3zp9N2OVv9ZyZNy5PjzgoAAAAYutlxJwAAAACMnPE/AAAAXHx3jv/n2qtk4uyTAQAAAIbt26++mi3NzvOv1944PNiqv3Ftrbq/Vd4+WC2v1vd2yxv1+kbrnn3bt498pO/5avX67ldi5+B6pVHdb1QmD4+Wt+sHO43l1nO9l6unek40AAAAMFSPfzTx1yQijr861Voyndv/GavDxZbe2+7JqPIAzl6h3yy/wpiSAc6UCb5weXn/A3cb2JfOKA8AAGB0rn7mnc71/6nouv5/5T3X/+Giu8fr/8AF4lI/XF491/9+faqDPmyOJhngTBnjA3f7HqA0aKbQn0aRDQAAMArTrSVJy/kYYDrStFyOuNJ6LEAxWd+sVecj4hMR8ZeZ4iPZ9sK4kwYAAAAAAAAAAAAAAAAAAAAAAACAh0yzmUQTAAAAuNAi0n8kEZFEKWLmC9O93w9MJv+daa0j4s1fvf7z6yuNxt5CVv/vW/WNX+T1z47jGwwAAACgV2ec3hnHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAwvX/zrdXO0lX9xVHHvfFKRMz2iz8Rpda6FMWIePSDJCa6jksiojCE+MdvR8QT/eInWVoxm2fRGz+NiKkxx39sCPHhMnsn639e7vf+S2Oute7//pvIlwd1Y25Q/5fe6v8KA/q/K3c592S+fvLd31cGxn874smJ/v1PJ/7kKfvf5Lh/jO999+iop+q1Tt/Z/E3E1b6/f5ITsSqN7d3K/uHRtc3tlY3qRnVncXHh+aUXlp5bmq+sb9aq+Z994//ks3/438e1/9EB8Wfz9iet9pdOND6razb7n/NzPdsfvXv95qf67ZhE3PhRXu7z83/iRPyTr38h/+Wc5q/P1U75uF3u9tTv/vzU4PYXYm1A+0sfEz+re3rQSXs889oP/9YuFU95BAAwSvuHR1srtVp172EvZI05B2l0F7LPuA9w+Nz5aMVFL3RGUecln9EVknt6vyfJeHsmAABg2G5/6B93JgAAAAAAAAAAAAAAAAAAAHB5df7/f+dezqO491h3vFt3UXZ7MQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgnPl/AAAA//9/98Yc") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x820f8, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f00000000c0)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 1m8.802885537s ago: executing program 2 (id=2841): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000240)='./file3\x00', 0x4002, &(0x7f0000000200)={[{@errors_remount}, {@bh}, {@grpquota}, {@stripe={'stripe', 0x3d, 0x1}}]}, 0x1, 0xbd2, &(0x7f0000000540)="$eJzs3N1rXGUaAPDnnEymaZvtpMuybPdmsyxLC8tOky4p27KwrVS88ULQW6EhnZSQ6QdJpCbNxUT/AVGvBW8EtShe2OveKHrrjba3ihdCkdgoiGjkzEeSNjNJ2s70hPb3g3fO+553Zp7nmcPMOS/MTABPrOHsJo04FBFnk4hSc38aEcV6byCi1rjfyvLixE/LixNJrK4+/30SSUTcWV6caD1X0tzubw4GIuKLp5L446ub487OL0yPV6uVmeb46NyFy0dn5xf+PXVh/HzlfOXi6PH/jh0bOz5yYqxrtf789anrP/79mW9rv7z367Uf3ngniVMx2JzbWEe3DMfw2muyUSEixrsdLCd9zXo21pkUtnlQ2uOkAADoKN1wDffnKEVfrF+8leKTL3NNDgAAAOiK1b6IVQAAAOAxl1j/AwAAwGOu9T2AO8uLE62W7zcSHq3bpyNiqFH/SrM1ZgpRq28Hoj8i9t1JYuPPWpPGwx7acER8c+vEh1mLHv0OeSu1pYj4S7vjn9TrH6r/intz/WlEjHQh/vA9423q7+tCyLs8TP2nuhD/PusHgK64cbpxItt8/kvXrn+izfmv0Obc9SDanP+6fo7fSuv6b2XT9d96/X0drv+e22GMq+++daXTXFb//64//UGrZfGz7bZPuu2frOzM7aWIvxba1Z+s1Z90qP/sDmOUfrtS6TT3wPV3yerbEYejff0tydb/T3R0cqpaGWncto2x9PnY+53i511/dvz3dai/9f9PnY7/5R3GePHMmY827by13t26/vS7YvJCvVds7nl5fG5uZjSimDy7ef+xrXNp3af1HFn9R/6x9fu/Xf3ZZ0Kt+Tpka4Gl5jYbv3JPzP9fu/pxp3xa6788j/+5Dsd/Y/2fFTYf/9d2GOOfn75+pNPcxvVv1rL4rbUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVpe66dpuRyxPyL+FPvS6qXZuX9NXnrp4rlsLmIo+tPJqWplJCJKjXGSjUfr/fXxsXvG/4mIgxHxZmlvfVyeuFQ9l3fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNkfEYORpOWISCNipZSm5XLeWQEAAABddyDvBAAAAICeG8o7AQAAAKDnrP8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADosYN/u3EziYjayb31lik25/pzzQzotTTvBIDc9OWdAJCbQt4JALm5zzW+ywV4DCXbzA90nNnT9VwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L0OH7pxM4mI2sm99ZYpNuf6c80M6LU07wSA3PR1mhiIiMKjzQV4tLzF4clljQ8k28wPrN+ndvfMnp7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDuM1hvSVqOiGJzX7kc8YeIGIr+ZHKqWhmJiAMR8VWpf082Hs05ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALpvdn5herxarcxknTSanbU9OuudpPGK1XZLPjoP2SnGrkhjl3by/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPs/ML0+PVamVmNu9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLzNzi9Mj1erlZkedvKuEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/PweAAD//1pFCiI=") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mounts\x00') ppoll(&(0x7f00000000c0)=[{r0, 0xa5a0}, {r0, 0x1410}], 0x2, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1a42028, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) 1m7.948672712s ago: executing program 2 (id=2842): syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000140)='./file2\x00', 0x1000000, &(0x7f00000000c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x40800, 0x0) r1 = fanotify_init(0xf00, 0x0) fanotify_mark(r1, 0x1, 0x5000003a, r0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000280)='./file1\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) 1m7.267299248s ago: executing program 2 (id=2844): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r1, 0x0, 0x0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x58, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) 1m6.752121956s ago: executing program 32 (id=2844): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r1, 0x0, 0x0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x58, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) 4.766574788s ago: executing program 4 (id=3254): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1a4) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000000100030000000000040001000000000020"], 0x1c, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f0000000000)='./file0\x00', 0x80, 0x3) 4.333270461s ago: executing program 4 (id=3259): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0xfffffffffffffff7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000140)={0x7, 0x1, 0x2}) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000002dc0)=@userptr={0x0, 0x1, 0x4, 0x0, 0x1, {0x77359400}, {0x1, 0xc, 0x9, 0x48, 0x3, 0x8}, 0x3, 0x2, {&(0x7f00000002c0)}, 0x496000}) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x1a00040, &(0x7f0000000340)=ANY=[@ANYBLOB="757466383d302c726f6469722c726f6469722c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c646f733178666c6f7070792c73686f72746e616d653d6d697865642c636f6465706167653d3835322c696f636861727365743d6370313235312c756e695f786c6174653d302c757365667265652c757466383d302c756e695f786c6174653d312c757466383d302c757466383d302c000c92a2ebb3078016143217a27fa76dd70e0a48a1d34f4dedd5a451c3f5becc47efeb79d7e4a6996c3f6e4da63ffdaf683cf16f36033754820b4773355653d56d2cef62b755e2dbf6b7eab87571d21d926f57f789e17ad85e267c649cb763c329b273111303c55dab9bafe4496b6792309b30c4462d6f87fd3620a37a2e5f15f4f0cfcfa913aa93097e252a9e95915782bf8d654d4d8d1afad25f05461d6d7670d85f539a5d92c325cf85efe646350d61f4cf9619e5a7ec197556b6696cbbeb6ddaebec7105b4a6791a2d20f26323880aa90aafcc083fe9f292a8eb6041b63e50725a4e1c32ce10"], 0x1, 0x355, &(0x7f0000000500)="$eJzs3U9oHFUYAPBvO5vdpFCTg1AUhNGboKGNeNBTQkmhmIvK4p+DuNhUJYmFLC6mh2zjRTwKHtWLNw967FkERbx58GoFqYoH7a1gcWR3ZrOz2c02Fba1+Psdhi/vvW/f93aHZDLJvn11OTbOz8SF69evxexsJarLZ5bjRiUWIom+yzGqNqYNALg33Miy+DPLHTGl0j0sTLcsAGCKej//Xz9Rann360njs8r0awIApqv4/X9u0pjZwzouTqUkAGDKRu7/PzLUXRv+U3+19F8BAMC96vmXXn5mZS3iuTSdjdh6r91oN+LpQf/KhXgzNmM9TsV83IzILxS6h0rvePbc2uqpNE078ctCNLoZ7UbEVqfdyK8UVpJefj1Ox3wsFPnF1UaWZcnZTyIi7YmIy53e/LFVaTdm4ngx/4/HYz2WIo37R/Ijzq2tLqXFAzS2+vmdiL3BfYtu/YsxH9+/FhdjM85HN7d/WbO2uns6Tc9ka0P57Ua9Ny536B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTfQv7+99kg/17FhfH9Pf2x8nzi/2B9vL9gbJ6Fln2xzuPN95PYmh/oIP787Qb1Th2d5cOAAAAAAAAAAAAAAAAAAAA/xmtnVo0NzfXt1s7lzbKQWe7tXMsIrotb337+VdzMTrmFkG1mKPUlRZNlzaaWdIfnCVDY4og6U7eb/nsyn7F5TH1/VWMLaOedx2LcRWeePjnjwYtDyX9R/57MCaJ8QtMDpRRDrbuy0u6nSdqP1i6xZirWZYdlr77ymhWVCKqt//CTQ5mu8/qN9feeOCJ1skney1fZrlHH5t/4eqHn/620dzszhy9V7C23bqZbTSLr8efbIcHSen8qUQeVMpnQnVS+t5wSzP54fcXH/zgu6PNnpVb3h4zJsmX88XBrloedMs80DU3bq6ZMSf/FIKTHy83r+z+9OtRs0rfJGzUAQAAAAAAAAAAAAAAAAAAd0TpveKF4s2+M5Oynnp2+pUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ0z+Pz/UrA30nKU4K9OjHbV17dbEbW7vUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7n/gkAAP//YA9qrg==") close(0x3) 3.288733966s ago: executing program 4 (id=3270): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x2000) ppoll(&(0x7f0000000100)=[{r0, 0x20}], 0x1, 0x0, 0x0, 0x0) mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x4000) 2.876105568s ago: executing program 3 (id=3276): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x40000, 0x6, 0xffffffff, 0x0, "5debca561a5fbf61048955f6f876b2ff", 0x0, 0x2, 0x0, 0x0, 0xff}) r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000800)={r0, r0, r0}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}}) 2.579801144s ago: executing program 3 (id=3277): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x8, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000300)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0xff, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xfffc, 0x0, 0xff6b}}}}}}}, 0x0) 2.498251358s ago: executing program 3 (id=3278): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000340)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0xb29, 0x14}, @ipv4=@udp={{0x6, 0x4, 0x3, 0x1b, 0x30, 0x66, 0x0, 0x40, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x3a}, {[@noop]}}, {0x4e20, 0x4e23, 0x18, 0x0, @wg=@data={0x4, 0x202, 0x1ff}}}}, 0x3e) 2.204405783s ago: executing program 1 (id=3279): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r2, 0x408007}, 0xfd78) getsockopt$bt_hci(r0, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9) 2.140640327s ago: executing program 4 (id=3280): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nombcache}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x2) 2.130235147s ago: executing program 3 (id=3281): r0 = socket(0x21, 0x2, 0xa) r1 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0xfffffffe, 0x0, 0x0, 0x2b4}) syz_usb_connect(0x0, 0x2d, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000009968810524711004f320102030109021b0001000000000904000001ff01320009050d0353"], 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0) close_range(r0, r1, 0x0) 1.883925711s ago: executing program 1 (id=3282): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000e80)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WOWLAN(r0, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000ec0)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0xc0c0}, 0x800) 1.718308709s ago: executing program 1 (id=3285): sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x25, &(0x7f0000000400)={r2, @in={{0x2, 0x4e23, @empty}}, 0x4000}, 0x90) 1.683866291s ago: executing program 4 (id=3286): syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000002a40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x41, 0xaf6, &(0x7f0000002b80)="$eJzs3V2IXFcdAPBzd3c2u2lrNjXRNY1tYrWt2m6azRqrQZOSIBiaIL4Uii8h3dZgjNAKaimY5Mk3W0oKPvmBT30pVQQLIqFPvhRsoAh5qoI+NEQs+FCjycjO3DNz78lM7s5md2Zn5/eDu2fuPefO/9zZO3fu17knACNrrPF3YWE2C+HCm68cef+Bf0wvTTnYKjHT+DtRGKuFELJ8fCJ5v/fGm+n1D1482SnNwnzjbxwPx6+25r0jhHA27AoXw0zYceHSy2/PP3Hs3NHzu9957cCVtVl6AAAYLd+4eGBh+1//fM/Wa6/feyhsak2P++czccJUc7//UL7jH/f/x0J5fCndejkJ0n7b0nHD0jA2XS463qFcMU4tKTfRIf7SMJlUodal3KZw6/jjhWmdlhuGWVyPZ0I2NhdC2NwaHxubm2sek4fGcf1kNnfm1Olnnh9QRYFV9+/7Qgi7CsPh8+Xx9TYcXAd1WOFQXwd1GMrhUP9iXas3DXyZ+zTUtwx6CwTQlF4vvMnZbFXjtd5tYnnxrz4+1nl+WAX9Xv97ij95U/zpvsYPA17+dRD/1+dscVg9G3VtissVv0d35uPpdYT0/qVX/1Cery290lGeml6PqC2znt2uIwzL9YVu9Rzvcz1Wqlv90/Vio/pKnsbP4aul3PtK35/0fzos/2Ogsw/T8/8GwxoOj70/+DoM/RBK47Xbea/6gLc/wPqV3jdXj9dHc5MV+Zsq8qcq8qcr8jdX5N9RkQ+j7Lff/2l4KWuf70qP6Xs9Hx7Ps92Vpx/psT7p+che46f3/fbqduOn9xPDevb7E08uPvb0U5ea9/9nrfX/Rr6+x8ONmfy7dTEvEM8XpufV43317YYD5fy03N1Jfe7qUL7xelu5XLat/T6hsJ25qR6z5fm2dCu3s1xuJik3nQ9TSX3T/ZPNyXxx/yNuV+PnNZEsby1ZjsmkHnG7sjVP03rASsT1sXH/f+GiVbz/P66fs6GWPXPq9OKj+XhcT/80Xtu0NH1vPysNrIq0/U97vNz+ZzaU2//c2ZpeGytuF7a0p2fN7cIb+fuVp8+34hSmF37U4u/ct8enG+XnTn7v9NOrvOww6p7/0QvfOXH69OJzXqz4xdfWRzV6eREPW9ZLfbzo9cWutQ4x4A0TsOb2/Li5E/DIqe+eeHbx2cUz+/bv3zc/v/9L+xZCY79+T3HvvujsAGoLrKbmb/2mxec81wMAAAAAAAAAAACGxg+OHrn07ltfvNxs/99u/xfb/8c7f2P7/58k7f/TdvKxHXxsB7i1Q36jTPKA1cmkXC0fPprUd1sSZ3sy38fytNWPX97+P4ZLn+sa6/PxZHqty2jyOIGbnpcymTyDJO0v8FN5ej5PfxVggLLOj/BP19sOz7fOPiys6/H5FIUmvHXPBx4e8f/WWBsKjzSK7b87PtepQ3tthks/WiwOehmBzv45Us///ld7wXuY7+GB13vUhon+xvtZ7+vERhnqXffSl9uDDcDqGHT/n38Pzbjx/OeZP359ammIxa4+Xt5eps8vhV785d3y+Hrvf3Kt46f99vU7/qCXv9/9f7b6v8u3f3G71337l/SYN7OyuP/5+ZXLhbBhx3Ljp8sfnwO9rbf41/L4cWkeDMuLX/9lEj+9ILRM/03ib15m/JuWf+fK4v8vjx8/tofuX278Zo2zsXI9ppPliNf/0vPG0fVk+eOzPW8R/5svdFr+FXbUeCOPD6NsWPqZ7VWyH9Haaa/q/7fX3//b7f+3VdmsXJn0Powv5ONxQxzvc0j7O+m1/vH+ivg7sD15/6zi903/v8Pty3la9X2I/f/G9XEm/8kvjDc+yzhe6/DZbtRtDQyr90bq+l+/hivNw6CVzT81+Pobehjq48sue7z1utVP3IDrX6/X1/aEVoWBBmfgn/+gjxMGHX/Qn3+VtP/fdB8+7f83zU/7/03z0/5/0/zp/D/ULT/t/zf9PNP+f7O04sn7pv0Dz1bkf6Iif0fn/Fb0eyrm31mR/8mK/N2t/IOlEjH/3lvO3y7X7f3vrsi/vyL/0xX5n6nIf6Ai/6FCfrEP6Jj/2WT+LMnf6GJ7lG6fH7Bxpe3zfP9hdMTrP92+/9va+ZPFIv2tJbAWXn197+GnfvOtmWb7/8nW+ZB4He9QPl7Lj41+mI+n171DYXwp7618/G9J/no/3wGjJH1+Rvr7/2BFPjC84n1evt8wgrKpzpPztOq5Vd328xkun8vTz+fpw3n6SJ7O5emePN2bp/N9qh9r4/AbvzvwUtY+3t+S5C/3fvK0PVDpOVEhhH3LrE96fqDX+9nT5/j16nbjr7A5GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMCMNf4uLMxmIVx485UjTx47tWdpysFWiZnG34nCWK01XwiP5ul4nv4if3H9gxdPFtMbeZqF+ZCFrDU9HL/ainRHCOFs2BUuhpmw48Kll9+ef+LYuaPnd7/z2oEra/cJAAAAwMb3/wAAAP//bhYJfg==") syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9f6c67, 0x0, 0x5, 0x0, &(0x7f00000001c0)) mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000180)='./bus\x00', 0x2800002, 0x0, 0x1, 0x0, 0x0) open(0x0, 0x145142, 0x0) 1.547265788s ago: executing program 1 (id=3288): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) read$eventfd(0xffffffffffffffff, 0x0, 0x0) r1 = socket(0x11, 0x3, 0x0) sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x14, 0xa, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x24048014}, 0x4040000) r2 = epoll_create1(0x0) epoll_pwait2(r2, &(0x7f0000000140)=[{}], 0x1, 0x0, 0x0, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000)={0xe000202b}) epoll_pwait(r3, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffffffffffff7, 0x0, 0x0) r4 = dup3(r1, r3, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f00000001c0)={0x200f}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='nr0\x00', 0x10) r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000340), 0x20200, 0x0) ioctl$SOUND_MIXER_READ_DEVMASK(r5, 0x80044dfe, &(0x7f0000000380)) r6 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180) ioctl$CEC_ADAP_S_LOG_ADDRS(r6, 0xc05c6104, &(0x7f00000000c0)={"218ff100", 0x8, 0x6, 0x2, 0x0, 0x8a, "f700", '\x00\x00G\x00', "0500000c", "2600ffff", ["50d59404000100", "818e71e2e9fffffff2ff00", "0c436d743c97c443084000", '5\x00']}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r7 = syz_open_dev$vim2m(&(0x7f0000000080), 0x10004, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f00000001c0)={0x2, @pix={0x32acd5bb, 0x6, 0x3231564e, 0x0, 0x44, 0x3, 0x7, 0x4, 0x862aa8af9d90c3d8, 0x0, 0x0, 0x2}}) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000b80)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a5bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d419c62701d3d6f007c7e50da9608a03eff5843f6739a8ec5ff3379fc01c41c75018b5d92bbd7d9874589f3561fbdfc44653bb6c56b522a34130000000000000000000000000000f8dac0a0dd55bff12e04e2311fc18f4f3eb5b7003b3ad58f78f62408c05fc929"], 0x3, 0x39a, &(0x7f00000002c0)="$eJzs3UFoW2UcAPB/+pKm1c32IIiC8PQm6NimIHqxZXQwzGVKmHoQg9t0NFVYMbgdltWLeBR21JM3D3rwsJsXUZHdPHh1gkzFg+42cOzJy3tpXprWDUc6h7/fIfz7ff//976XfG1e0+Tra0uxerwRJ69evRJzc7WoLx1aimu1WIwkhs7HpNlt2gCAu8O1LIs/s0LEl7dSUpv+rACAaRo8/7+xt9Ly3jej+OuJ/Kx49m/sxtwAgOkof/+fr7YlW3LmJqrmpz0tAGCK8uf/qFcaHp1Iqfypvz5xbQAA3H1efPmV55dbES+k6VzE2vu9dq8dz476l0/GqejGidgfC3E9onijQH5TG9wePtJa2Z+maT9+WYx2XtFrR6z1e+3iSmE5GdQ340AsxGJZX77bIMuy5PAXrZUD6UBEnO/3Gvkoa7VeuzF4lWF5Pk79eE+ciIORxv0T9RFHWiub1yTt/LiD4zciNkavW+Tz3xcL8f3r8XZ043jktcPLmtbKuQNpeihr7amN6vu9dnOQV5h8BQQAAAAAAAAAAAAAAAAAAAAAAG7HvmLvnb1pmi5u7p+Tjfbv2VcmlP33RkR7sF9gu6gv9wfaKPYHyppZZNkf7z7R/iCJsf2BBhv8jO2vU4+ZO3vqAAAAAAAAAAAAAAAAAAAA8J+xfmY2Ot3uidPrZ86uVoP+6fUzMxGRt7z13Wdfzcd4znw5wHjVWFAvUypd6agqS4bJWTKWUwZJfvBavWj59OLmjCs5lbMYlc+McppbusaCvY/8/NHZ1eEIDyfDqhujnCS2Pa+zyfg0xoK1+4oBhy0Xdr5/JoODN8m5nGXZTuXnXp2silpEfcep/ssgy4Nvr7z54JPrw0WQFR57fOHY5Quf/Lba6eZHznW7s6fXr2ernfLr7RfbRNAcLpuksn5q5WKrVVdCvfPUjaN7dhh5Y7ylk/zw+0sPfXipbJmpPEzbTCM7dmnU8s42OUlx0M+3ds0WQT7Nza7n8iC/jybGGX6X3PRueTpu64F74OOlzsVzP/16q1WVHxI26gAAAAAAAAAAAAAAAAAAgF1R+ax4qfywb+Ofqp45Ov2ZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDuGf3//80gZja2tNxa8Fc/hi3HYtjVzAeM2coRF+/g2QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8H/1dwAAAP//kp5N2g==") mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file1\x00', 0x42, 0x5) unlinkat(0xffffffffffffff9c, &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) ppoll(0x0, 0x0, &(0x7f0000000240)={r10, r11+10000000}, &(0x7f0000000280)={[0xa9]}, 0x8) sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x0, 0xb}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x100, 0x0, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@getqdisc={0x24, 0x26, 0x1, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {}, {0x0, 0xb}, {0xa, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c021}, 0x4048000) 1.460663042s ago: executing program 0 (id=3289): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000040)={@val={0x0, 0x22f0}, @void, @eth={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @val={@val, {0x8100, 0x0, 0x0, 0x20}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x17c1, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0x4, 0x100}}}}}}}}, 0x3e) 1.369639397s ago: executing program 3 (id=3290): r0 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000180)={'#! ', './file0', [{0x20, '/]-+.+'}]}, 0x12) write$UHID_INPUT(r1, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf0e3a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e0187ce2ad692a18219d881057c04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f92b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b17941c4c4fbfac18c8b74e5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b5089061537fdeb1a53040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c4ec319f64b6a12da585bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c73405baf9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746063d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7b0e000f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d8690379f39ab22c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c5169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f59d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d00bf58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5913c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a60000564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e666e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9de9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd9efc79b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2c77c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d60a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78f97900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae73815e052d6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f0000000000000006b050e9319fe88033f830a8490917a9c0572ebbc549000000000000000015a34abef947b5b9a950e780662de18873e55899c92db3ad00437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef261cb00800000000000000ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c040000002b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e400", 0x1000}}, 0x1006) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000480)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8, 0x10000000000, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3e06e00d96072081000000000000002000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a03c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6, 0x200000000]}}) 1.14176774s ago: executing program 3 (id=3291): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.self_freezing\x00', 0x275a, 0x0) syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000, &(0x7f0000000140)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceeca11a757cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5cf8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12a0000800100000000b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe39b131cab48d99bd1b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYRES16=0x0, @ANYRES16], 0x1, 0x628e, &(0x7f0000022880)="$eJzs3U1vHVf9B/Df3Cc/9N826qLqv0LIfQBaSvNYQqBA2wUs2LBA2aJErltFpICSgNLKIo68YcGLACGxBMSSFS+gC7bseAFEspGArjpo7HOc8eU610nqO9c+n4/kzPzmzPie0feO772ZmXsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvffcH56qIuPLztOBUxP9FP6IXsdTUKxGxtHIqrz+IiOdipzmejYjhQkSVG5+OeCMiPn4qYmt7fbVZdP6Q/fjOH//22x8+8f2//n545t9/utV/86D1bt/+1b/+fOfR9xcAAABKVNd1XaWP+c+nz/e9rjsFAMxEfv2vk7xcPXf1xpz1R61WH/t6OGf9Uc+ibqsnu9MuImKjvU3znsHpeAA4Zjbik667QIfkX7RBRDzRdSeAuVZ13QGOxNb2+mqV8q3arwcru+35WpB9+W9Ue/d3HDSdZvwak1k9vzajH88c0J+lGfVhnuT8e+P5X9ltH6X1jjr/WTko/9HurU/Fyfn3x/Mfc3Ly703Mv1Q5/8FD5d+XPwAAAAAAzLH8//+nOj7/u/D4u3IoDzr/uzKjPgAAAAAAAADAZ+1xx//bUxn/DwAAAOZV81m98eun7i876LvYmuWXq4gnx9YHCpNullnuuh8AAAAAAAAAAAAAUJLB7jW8l6uIYUQ8ubxc13Xz0zZeP6zH3f64K33/oWRd/5EHAIBdHz81di9/FbEYEZfTd/0Nl5eX63pxablerpcW8vvZ0cJivdT6XJunzbKF0SHeEA9GdfPLFlvbtU37vDytffz3NY81qvuH6NhsdBg4AETE7qvRllekE6aun46u3+VwPDj+Tx7HP4fR9fMUAAAAOHp1XddV+jrv59M5/17XnQIAZiK//o+fF1Cr1Wq1Wn3y6rZ6sjvtIiI22ts07xkMxw8Ax8xGfNJ1F+iQ/Is2iIjnuu4EMNeqrjvAkdjaXl+tUr5V+/Ugje+erwXZl/9GtbNd3n7SdJrxa0xm9fzajH48c0B/np1RH+ZJzr83nv+V3fZRWu+o85+Vg/Jv9vNUB/3pWs6/P57/mJOTf29i/qXK+Q8eKv++/AEAAAAAYI7l//8/NVfnf0ePujtTPej878qRPSoAAAAAAAAAHK2t7fXVfN9rPv//uQnruf/zZMr5V/IvUs4/3f+/d+HNK2Pr9Vvz9965n/8/t9dXf3frH/+fp4fNfyHPVOmZVaVnRJUeqRqk6SPu2AE2h/1R80jDqtcfpGt+6uF7cS2ux1qc3bduLx0P99vP7Wtvejrcaa/7u+3n97UP9trz9hf2tQ/TlU71Um4/Havxk7ge7+60N20LU/Z/cUp7PaU95993/Bcp5z9o/TT5L6f2amzauHe39z/HfXs66XHevvb5X549+t2ZajPuTlze7N+LM+9N7P7FeWIUP7u5duP07au3bt04F2myb+n5SJPPWM5/mH5y/q+8tNue/+63j9d7d0cPnf+82IzB3nO7rcn/pdZ8s7+vzrhvXcj5j9JPzv/d1D75+D/O+fcPzP+1DvoDAAAAAAAAAAAAAAAAD1LX9c4tom9HxMV0/09X92YCALOVX//rJC+fVd1/1O3/sH8/uuq/Wj3jupqz/sy0/rSer/6o57L+z5z1Z+7qtnqyt9pFRPylvU3znuEXk34ZADDPPo2Iv3fdCToj/4Ll7/trpi933Rlgpm5++NGPrl6/vnbjZtc9AQAAAAAAAAAeVR7/c6U1/vPLdV3fGVtv3/iv78TK447/OcgzewOMHjBQdf/h9+lBNnujfq813PgLcdD438O9uQeN/z2Y8njDKe2jKe0LU9oXp7RPvNGjJef/Qmu885cj4vmx4ddLGP91fMz7EuT8X2w9n5v8vzS2Xjv/+jfHOf/evvzP3Prgp2dufvjR69c+uPr+2vtrP75w7tzZCxcvXrp06cx7166vnd39t8MeH62cfx772nWgZcn558zlX5ac/xdSLf+y5Py/mGr5lyXnn9/vyb8sOf/82Uf+Zcn5v5pq+Zcl5//lVMu/LDn/11It/7Lk/L+SavmXJef/eqrlX5ac/+lUy78sOf8zqT5k/ktH3S9mI+efz3A5/suS889XNsi/LDn/86mWf1ly/hdSLf+y5PzfSLX8y5Lz/2qq5V+WnP/FVMu/LDn/r6Va/mXZ2l7fudL7UqrlX5Z8/H891fIvS87/G6mWf1ly/m+mWv5lyfl/M9XyL0vO/1upln9Zcv7fTrX8y5LzfyvV8i/L/e//TzOLMb7EjBkzxc10/ZcJAAAAAAAAAAAAABg3i8uJu95HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xch113cAP7M3rx1IDITUSU1YO8YYZ5NdX+ILrYsJ14ZbSQiFXrBd79os+IbXLiGNakeBEgmj0oq24aEtoKjNS4VV5YFWAeUBtapUibQP9AVRofIQVQEFpEq0Ctlq5vz//52ZnZ3Z9Y53Z875fKTkl505M+fMmTNn92vnuwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqbXnb9OcrWZZVKpX8ho1Z9orqXD+2sXbLm9d2+wAAAICV+0Xt3y/elG44vIQH1S3zz7d/9+m5ubm57CODfzb85bm5dMdYlg2vy7LafdHVH360Ur9M8Fg2Whmo+3qgw+oHO9w/1OH+4Q73j3S4f12H+0c73L9gByywPqukJ9tW+8+N+S7Nbs6Ga/dta/GoxyrrBqr7Lj02q9QeMzd8IpvJTmXT2WTD8vmyldryz2ypruvdWVzXQN26NlePkJ8+cjxuQyXs420N65p/zujHb83GfvbTR47/zYUXbm01O+6GhufLt3PH1up2fjbckm9rJVuX9knczoG67dzc4j0ZbNjOSu1x1f9u3s4Xl7idg/Obuaqa3/PRbKD238/V9tNQJWuxnzaH235+R5Zll+c3u3mZBevKBrINDbcMzL8/o/kRWX2O6qH06mxoWcfpliUcp9U5ta3xOG3+TMT3f0t43NAi21D/Nv340ZG69/2luWs5TqPqq17ss9J8DHb7s9Irx2A8Lp6rvejHWx6D28Lrf2T74sdgy2OnxTGYXnfdMbi10zE4MDJY2+b0JlRqj5k/Bnc1LD9YW1OlNp/f3v4YnLhw+tzE7Gcevmvm9LGT0yenz+zZtWtyz759Bw4cmDgxc2p6Mv/3Ne7t3rchG0ifga1h38XPwBublq0/VOe+NrLg/Hutn8PRNp/DjU3LdvtzONT84iqr84FceEznn40PVXf66JWBbJHPWO392bnyz2F63XWfw6G6z2HL7yktPodDS/gcVpc5t3NpP7MM1f3TahsW/16wsmNwY90x2PzzSPMx2O2fR3rlGBwNx8X3dy7+vWBz2N7Hx5f788jggmMwvdxw7qnekn7eHz1QG62Oy9uqd9wwkl2cnT5/90PHLlw4vysLY1W8pu5YaT5eN9S9pmzB8Tqw7OP18Mztj9/W4vaNYV+N3lX91+ii71V1mb13t3+vat/dWu/Phlt3Z2F02Wrvz1bfzav7cyTLvvKdR+//1iNfedui+7OaNz87sfKfxVMurTv/Di9y/o25/+V8fempHhscHso/v4Np7ww3nI8b36qh2rmrUlv3ixNLOx8Ph39W+3x8c5vz8aamZbt9Ph5ufnHxfFzp9KcdK9P8fo6G4+TUZPvzcXWZTbuXe0wOtT0f3xFmJez/N4WkkHJR3bGz2HGb1jU0NBxe11BcQ+Nxuqdh+eGQzarremr3tR2nO+7In2swvbp5q3WcjjUt2+3jNP3Z12LHaaXTn75dm+b3czQcFzfvaX+cVpd5du/Kz53r43/WnTtHOh2Dw4Mj1W0eTgdh7Xyfza2Px+Dd2fHsbHYqm6rdO1I7niq1dY3fs7RjcCT8s9rnyk1tjsEdTct2+xhM38cWO/YqQwtffBc0v5+j4bh44p72x2B1mbfv7+7PrjvCLWmZup9dm/98bbE/87qtaTddr2NlKGznd/a3/7PZ6jKnDiw3Z7bfT3eGW25osZ+aP7+LfaamstXZT5vCdr5wYPH9VN2e6jJfPrjE4+lwlmWXPnXvc1urb33+9yt/f/F7Tzf8vUurv9O59Kl7f/LKE/+0nO0HoP+9nI8N+fe6ur+ZWsrf/wMAAAB9Ieb+gTAT+R8AAAAKI+b++H+FJ/I/AAAAFEbM/UNhJiXJ/5ve/sLMy5ey1MyfC+L9aTfcly8XO66T4euxuXnV2+99cvp//vHS0tY9kGXZS/f9QcvlN90Xtys3Frbz6jsab1/g6buWtO6jD15K663vr381PH98PUs9DFpVcCezLHvmpi/W1jP20Su1+ex9R2vz/suPP1Zd5sWD+dfx8c+/Jl/+L0P59/CJYw2Pfz7shx+FOfme1vsjPu4bV960ef+H59cXH1fZemPtZT/xsfx54+/J+dJj+fJxPy+2/d/6wlPfqC7/0Btab/+lgdbb/1R43ifD/N/X5cvXvwfVr+PjPhe2P64vPu7ur3+75fZf/Xy+/Ll35ssdDTOuf0f4ets7X5ip318PVY41vK7sXflycf2T3/vj2v3x+eLzN2//6JErDfuj+fh49t/z55loWj7eHtcT/UPT+qvPU398xvU/9UdHG/Zzp/Vfvf/511Wft3n9dzYtd+5TO2vrn3++xt/Y9Fef+2LL9cXtOfx35xpez+EPhs9xWP8THwvHY7j//67mz9f82xWOfrDx/BOX/+rGSw2vJ3r3z/L1X33LydpcN7p+ww2veOWNl19f3XdZ9ty6/Pk6rf/kX59t2P6v3ZLvj3h/7Og3r38xcf3nPz1+5uzsxZmptFcfuan2u3Pem29P3N6bwrm1+esjZy98fPr82OTYZJaNFfdX6F2zr4f5k3xcbr/03IIz6M4Hw/t52188s2H7v30h3v4fH8pvv/Ke/PvWG8NyXwq3bwzv3/LWv9ATW26pfb4rz4YtnFv4+4JXYvO2/z6wpAXD62/+uSAe7+de+/HafqjeV/u+ET/XK9z+H0zlz/PNsF/nwm9m3nrL/Prql4+/G+HKA/nnfcX7L5zm4vv6t+H9ft+P8ueP2xVf7w/CzzHf3tR4vovHxzcvDTQ/f+23eFwO55Pscn5/XCru7ysv3tJy8+LvIcku31r7+k/T89y6rJe5mNnPzE6cmjlz8aGJC9OzFyZmP/PwkdNnL565cKT2uzyPfKLT4+fPTxtq56ep6X17s9rZ6mw+rrO13v5zDx6f2j+5fWr6xLGLJy48eG76/Mnjs7PHp6dmtx87cWL6050ePzN1aNfug3v27x4/OTN16MDBg3sOjs+cOVvdjHyjOtg3+cnxM+eP1B4ye2jvwV333LN3cvz02anpQ/snJ8cvdnp87XvTePXRvz9+fvrUsQszp6fHZ2cenj606+C+fbs7/jbA0+dOzI5NnL94ZuLi7PT5ify1jF2o3Vz93tfp8RTT7H/mP882q+S/iC/7wJ370u9nrXry0UWfKl+k6ReIvhB+F82/vOrcgaV8HXP/cJhJSfI/AAAAlEHM/SNhJvI/AAAAFEbM/evCTOR/AAAAKIyY+0fDTEqS/wvX/990aUnr1//vSv9/7pL+v/5/P/b/H+i1/n9+vtD/746V9u/1/wP9f/1//X/9f/1/uqDX+v8x96/PslLmfwAAACiDmPs3hJnI/wAAAFAYMfffEGYi/wMAAEBhxNz/ijCTkuR//X/9f9f/1//X/2+9fv3//qT/357+fwf6/xNZufr/l7u5/fr/+v8s1Gv9/5j7XxlmUpL8DwAAAGUQc/+NYSbyPwAAABRGzP03hZnI/wAAAFAYMfdvDDMpSf7X/9f/1//X/9f/b71+/f/+pP/fnv5/B/r/rv+v/6//T1f1Wv8/5v5XhZmUJP8DAABAGcTc/+owE/kfAAAAes/QtT0s5v7XhJksyP/XuAIAAABgzcXcf3PWVAQvyd//6/+Xrf8fX1k/9f/Xpfv0//X/s57s/w9m+v+9Q/+/Pf3/DvT/9f/1//X/6ape6//Xcn82mr02zKQk+R8AAADKIOb+W8JM5H8AAAAojJj7fynMRP4HAACAwoi5f1OYSUnyv/5/2fr/rv+v/6//7/r/xab/357+fwf6//r/+v/6/3RVr/X/Y+6/NcykJPkfAAAAyiDm/tvCTOR/AAAAKIyY+385zET+BwAAgMKIuX9zmElJ8r/+f4/3/2NzVP9f/1//X/9f/39J9P/b0//vQP9f/1//X/+fruq1/n/M/a8LMylJ/gcAAIAyiLn/9jAT+R8AAAAKI+b+14eZyP8AAABQGDH3j4WZlCT/6//3eP8/78GPuP6//r/+v/6//v/S6P+3p//fgf6//n9X+v9zl1r0/9d1erz+P0XUa/3/mPu3hJmUJP8DAABAGcTcvzXMRP4HAACAwoi5/44wE/kfAAAACiPm/m1hJiXJ//r/fdH/z/T/9f/1//X/9f+XRv+/Pf3/DvT/9f9d/1//n67qtf5/zP1vCDMpSf4HAACAMoi5f3uYifwPAAAAhRFz/xvDTOR/AAAAKIyY+3eEmZQk/+v/6//r/+v/6/+3Xr/+f39aaf+++qOA/r/+v/6//r/+v/4/3dFr/f+Y+98UZlKS/A8AAABlEHP/zjAT+R8AAAAKI+b+O8NM5H8AAAAojJj7x8NMSpL/9f/1//X/9f/L0f//E/3/knD9//b0/zvQ/9f/1//X/6ereq3/H3P/XWEmJcn/AAAAUAYx998dZiL/AwAAQGHE3D8RZiL/AwAAQGHE3D8ZZlKS/K//r/+v/6//v6z+/+vnn7e/+v+u/18W+v/t6f93UJD+//CyXvS8te7Pr9Rab393+v/D+v8USq/1/2Pu3xVmUpL8DwAAAGUQc//uMBP5HwAAAAoj5v49YSbyPwAAABRGzP17w0xKkv/1//X/9f/1/8tx/X/9/7LQ/2+v+/3/+BL1/3up/3+t1ro/3+/b7/r/+v8s1Gv9/5j77wkzKUn+BwAAgDKIuX9fmIn8DwAAAIURc//+MBP5HwAAAAoj5v4DYSYlyf/6//r/a9n/z7LL+v/6//r/+v9dpf/fnuv/d6D/r/+v/6//zwo98If1X/Va/z/m/oNhJiXJ/wAAAFAGMfe/OcxE/gcAAIDCiLn/V8JM5H8AAAAojJj7fzXMpCT5X/+/oXtefbn6/2tx/f+6wrf+//zj9P9z+v/6/8uh/9+e/n8H+v/6//r/+v901aL9/xC9V7v/H3P/oTCTkuR/AAAAKIOY+38tzET+BwAAgMKIuf8tYSbyPwAAABRGzP2Hw0xKkv/1//vv+v+xPlOo/n/dtuv/zz9O/z9Xlv7/SHxe/f8VWUH/vvbW6v8H+v/l6P83ncDXuj+/Umu9/fr/+v8s1GvX/4+5/61hJiXJ/wAAAFAGMfffG2Yi/wMAAEBhxNz/tjAT+R8AAAAKI+b+t4eZlCT/6//3X/+/kNf/r9t2/f/5x+n/58rS/3f9/+5w/f/29P87KFv/v8la9+f7ffv1//X/WajX+v8x978jzKQk+R8AAADKIOb+d4aZyP8AAABQGDH3vyvMRP4HAACAwoi5/91hJiXJ/6ve/68rCuv/6//r/5ex/z+Svtb/n9+r+v/ds/L+/0thT+v/6//r/+v/6//r/7NSvdb/j7n/18NMSpL/AQAAoAxi7r8vzET+BwAAgMKIuf89YSbyPwAAABRGzP3vDTMpSf53/X/9f/1//X/X/2+9fv3//tQL1/8f0v/vVv//FzeG2/X/c/r/vb39y+3/DzV9fV36/z9crP8/t6758fr/XA+91v+Puf99YSYlyf8AAABQBjH3vz/MRP4HAACAwoi5/wNhJvI/AAAAFEbM/b8RZlKS/K//X92O+fay/n9R+/8D+v/6//r/JdEL/f+VrF//v++u/z+o/z9P/9/1//X/adZr/f+Y+z8YZlKS/A8AAABlEHP//WEm8j8AAAAURsz9D4SZyP8AAABQGDH3fyjMpCT5X//f9f/L0f93/f9M/1//vyT0/9vT/+/A9f/1/3ut//9f+v/0t17r/8fc/2CYSUnyPwAAAJRBzP0fDjOR/wEAAKAwYu7/zTAT+R8AAAAKI+b+j4SZlCT/6//3S/9/rE/7/4/q/1/H/v/tN+bL6f/r/zNP/789/f8O9P/1/3ut/+/6//S5Xuv/x9z/0TCTpef/0SUvCQAAAKyJmPt/K8ykJH//DwAAAGUQc/9vh5nI/wAAAFAYMff/TphJSfK//n+/9P9d/z/T/3f9/6bXo/+v/9/K6vX/45lH/1//X/8/0v/X/9f/p1mv9f9j7v/dMJOS5H8AAAAog5j7PxZmIv8DAABAX2j1/2Q3i7n/SJiJ/A8AAACFEXP/0TCTkuR//X/9f/3/Hu3///nWf/3+d99/dJf+v/6//v+yrOr1/6sfftf/1//X/0/0//X/9f9p1mv9/5j7j4WZlCT/AwAAQBnE3P97YSbyPwAAABRGzP3Hw0zkfwAAACiMmPunwkxKkv/1//X/9f97tP/fx9f/j/tD/79R1/r/8aSr/99S3r9PR9H17f9/eL4nrv+/3P7/SMtb9f/1//t5+/X/9f9ZqNf6/zH3T4eZlCT/AwAAQBmE3D9wIp/zd8j/AAAAUBgx958MM5H/AQAAoDBi7v94mElJ8r/+v/6//r/+v+v/t15/u/5/Zcj1/3tV6t//vPZB0f9v0jv9/9b0//X/+3n79f/1/1mo1/r/MffPhJmUJP8DAABAGcTc/4kwE/kfAAAACiPm/k+Gmcj/AAAAUBgx958KMylJ/tf/1//X/9f/1/9vvf6evf7//7N3H02W1ecdx2/bg6en8MI7L7xxlZd+A65iYa/tF+CFN964yuUq44BtnBmMc8DGNs4WAuWAAggESALlAEpIKIMklHNAATQSNSq6n+eZDqfP7Z6+3fec///zWfCY9jT3ipqamd/0fDn6/1HH7e/1/0H/33f//6T+X/+v/2c1ptb/5+7/zbilk/0PAAAAPcjdf3XcYv8DAABAM3L3/1bcYv8DAABAM3L3/3bc0sn+1/8fp/+/VCnr/3e//0n0/z+v/z/o9fX/+v+W6f/H6f+X0P97/r/+X//PSk2t/8/d/ztxSyf7HwAAAHqQu/934xb7HwAAAJqRu/+auMX+BwAAgGbk7v+9uKWT/b+n/99Y9Nn/Z8br+f8t9f+e/3/g6+v/9f8tO93+//pnfuTT/+v/9f9B/3+o/v/sQZ+v/6dFU+v/c/f/ftzSyf4HAACAHuTu/4O4xf4HAACAZuTuvzZusf8BAACgGbn7/zBu6WT/r+75/+e2Pj7T/r/o//X/Wx/Q/+v/9f+z5fn/43rq/6955Mqrn7j7p+45yuvr//X/nv9/tP5/53/MQP/PkKn1/7n7/yhu6WT/AwAAQA9y9/9x3GL/AwAAQDNy9/9J3GL/AwAAQDNy9/9p3NLJ/l9d/z/r5/8X/b/+f+sD+n/9v/5/tvT/43rq/y/n9fX/+n/9v+f/s1pT6/9z9/9Z3NLJ/gcAAIAe5O7/87jF/gcAAIBm5O6/Lm6x/wEAAKAZufvPxy2d7H/9/8n3/0/r//X/cfX/+n/9/8nT/4/T/y+h/9f/6//1/6zU1Pr/3P3Xxy2d7H8AAADoQe7+v4hb7H8AAABoRu7+G+IW+x8AAACakbv/L+OWTva//t/z//X/+n/9//Dr6//nSf8/Tv+/hP7/uP38Ffp//b/+n52O2P9fGPlheyX9f+7+v4pbOtn/AAAA0IPc/X8dt9j/AAAA0Izc/X8Tt9j/AAAA0Izc/X8bt3Sy//X/+n/9v/7/svv//d/1tuj/h+n/T4f+f9xk+v+NM4Mf1v/Pvv/3/H/9v/6fXab2/P/c/X8Xt3Sy/wEAAKAHufv/Pm4Z2f9H/s18AAAAYK1y9/9D3OLr/wAAADB7WZ3l7v/HuKWT/a//1//r//X/nv8//Ppj/f89O96f/n9a9P/jJtP/H0D/r/+f8/vX/+v/2W9q/X/u/n+KWzrZ/wAAANCD3P03xi32PwAAADQjd/8/xy32PwAAADQjd/+/xC2d7P/h/v/S/1//fzj6/93vX/8//P1jVf1//hP1/6P9/y94/n+f9P/jTr//P6v/3/3P1/+foHW//8b7/3PLPl//z5Cp9f+5+2+KWzrZ/wAAANCD3P3/GrfY/wAAANCM3P3/FrfY/wAAANCM3P3/Hrd0sv89/1//r/+fX//v+f/b1vn8/8Wp9/9n9P+HpP8f5/n/S+j/9f/6f8//Z6Wm1v/n7r85bulk/wMAAEAPbn5qsbX7/2OxsP8BAABgjnb+2YG9f6A05O7/z7jF/gcAAIBm5O7/r7ilk/2v/9f/6//1//r/4defVv/v+f+Hpf8fN5f+/5z+f/DtzbT/P9NY/3/LQZ8/hf7/Ov0/E7Or/7//0sfX1f/n7v/vuKWT/Q8AAAA9yN3/P3GL/Q8AAADNyN3/v3GL/Q8AAADNyN3/f3FLJ/v/xPv/cwe/tv5f/6//1//r//X/q6b/HzeX/t/z/5vq/z3/3/P/9f8du9T/7/7xcF39f+7+/49bOtn/AAAA0IPc/c+KW+x/AAAAaEbu/lviFvsfAAAAmpG7/9lxSyf73/P/9f/6f/2//n/49fX/86T/H6f/X0L/r//X/+v/Waldz//fYV39f+7+W+OWTvY/AAAA9CB3/21xi/0PAAAAzcjd/5y4xf4HAACAZuTuf27c0sn+1/+fbP+fH9f/6/8X+v819P8b+v8Oddv/bwz9TLTfAf3/Q79+/pd2f0T/r//X/+v/9f+swCT6/4uXfnWZu/95cUsn+x8AAAB6kLv/+XGL/Q8AAADNyN3/grjF/gcAAIBm5O5/YdxyxP3/Eyt9V6dH/+/5//p//X+7/b/n//eo2/7/kDz/fwn9v/5f/6//Z6Um0f/v+Pvc/S+KW3z9HwAAAJqRu//FcYv9DwAAAM3I3f+SuMX+BwAAgGbk7n9p3NLJ/tf/6//1//p//f/w6x+9/9/+nri5GKb/Px36/3H6/yX0//p//b/+n5WaWv+fu//2uKWT/Q8AAAA9yN3/srjF/gcAAIBm5O5/edxi/wMAAEAzcve/Im7pZP/r//X/+n/9v/5/+PU9/3+e9P/j9P+LxeKOkTcw1P9fPKv/1//r//X/XKap9f+5+18Zt3Sy/wEAAKAHufvviFvsfwAAAGhG7v474xb7HwAAAJqRu/9VcUsn+1//r//X/+v/9f/Dr6//nyf9/zj9/xKe/6//1//r/1mpqfX/ufvvils62f8AAADQg9z9d8ct9j8AAAA0I3f/q+MW+x8AAACakbv/nrilk/2v/9f/6//1/yfS/5/X/++l/z8dJ9f/L/T/+n/9/xL6f/2//p+9Tqv/vxA/3i/r/3P33xu3dLL/AQAAoAe5+++LW+x/AAAAaEbu/tfELfY/AAAANCN3/2vjlk72v/5f/6//1/97/v/w6+v/58nz/8fp/5fQ/+v/9f/6f1bqtPr/g3r/vX+fu/91cUsn+x8AAAB6kLv//rjF/gcAAIBm5O5/IG6x/wEAAKAZuftfH7d0sv/1//r/3f3/YqH/1//r/7edQv+/udD/r5z+f5z+fwn9f5v9/48sGur/zx34+fp/pmhq/X/u/jfELZ3sfwAAAOhB7v43xi32PwAAADQjd/+b4hb7HwAAAJqRu//NcUtL+//pg9O3+ff/Z/d8ov5/sVg8eq3n/+v/R15f/z+Z/r/+rer/V0f/P07/v4T+v83+3/P/9f+szdT6/9z9b4lbWtr/AAAA0Lnc/W+NW+x/AAAAaEbu/rfFLfY/AAAANCN3/9vjlk72//z7/72fqP9fHOv5//r/rQ/o//X/+v/ZOm5/f+tm/Jym/9f/6/8H+/mNA37ds9D/6//1/wyYWv+fu/8dccv28Nv7y1AAAABghnL3Pxi3dPL1fwAAAOhB7v6H4hb7HwAAAJqRu/+dcUsn+1//r//X/8+z/9/U/+v/9f+DpvL8/6uu+sWH9f/6/xb7/zH6f/2//p+9ptb/5+5/V9zSyf4HAACAHuTuf3fcYv8DAABAM3L3vydusf8BAACgGbn73xu3dLL/9/f/Vyy2C9VtQ/1/NGr6/x30/7vfv/5/+PuH5//r//X/J28q/f80nv+//2cn/f8S+n/9/2n1/z+9//P1/7Roav1/7v6H45ZO9j8AAAD0IHf/++IW+x8AAACakbv//XGL/Q8AAADNyN3/SNzSyf73/H/9v/5f/6//H359/f886f/H6f+X0P8fv5/PH1X1//N9/v+P6v9Znan1/7n7PxC3bA2/n/nxy/yfCQAAAExI7v4Pxi2dfP0fAAAAepC7/0Nxi/0PAAAAzcjd/+G4pZP9r//X/+v/9f/6/+HX1//Pk/5/nP5/iX76/82hD667nz+udb//Zvp/z/9nhabW/+fu/0jc0sn+BwAAgLY9tfXX3P0fjVvsfwAAAGhG7v6PxS32PwAAADQjd/+jcUsn+1//r/9vv///Vf3/ntfX/596/3/Dvfr/U6P/z5/Rh+n/l+in/x+07n5+7u9f/6//Z7+p9f+5+x+LWzrZ/wAAANCD3P0fj1vsfwAAAGhG7v5PxC32PwAAADQjd/8n45ZO9r/+v6/+f2PRY//v+f/6/7X3/1v0/6djPv3/bWeGPur5//p//f9837/+X//PflPr/3P3P75xpsv9DwAAAHP1yz/7G48d9ts+vvXXzcWn4hb7HwAAAJqRu//TcYv9DwAAAM3I3f+ZuKWT/a//76v/7/P5//p//b/+vyfz6f+H6f/1//r/+b5//b/+n/2m1v/n7v9s3LJj+A3+B3oAAACA9fmxo33z3P2fi1s6+fo/AAAA9CB3/+fjln37/+Ih/1Q7AAAAMDW5+78Qt3Ty9X/9/8T7/8UJ9f/x7fT/2/T/+v+h19f/z5P+f9wx+/+LG/p//f8I/b/+X//PXlPr/3P333fXosv9DwAAAI3a9TsKX9z66+biS3GL/Q8AAADNyN3/5bjF/gcAAIBm5O7/StzSyf7X/0+8/7+s5/+fq//L8/877/9v3Bx8/Un2/z+n/9f/r4b+f5zn/y+h/9f/6//1/6zUEfr/rUF60v1/7v6vxi2d7H8AAADoQe7+r8Ut9j8AAAA0I3f/1+MW+x8AAACakbv/G3FLJ/tf/7+G/v+ms4vFifb/h3j+v/6/j/7/gNefZP9/Wc///8krzz/4K7925+36fy45zf4/vy/o//X/+v9t+n/9v/6fvab2/P/c/d+MWzrZ/wAAANCD3P1PxC32PwAAADQjd/+34pZn9v8D63pXAAAAwCrl7v923NLJ1//1/y0+/3+e/X/+u15D/39+fv1/NsW99/+e/6//38/z/8fp/5fQ/+v/9f/6f1Zqav1/7v7vxC2d7H8AAADoQe7+78Ytuf83jvxb9wAAAMDE5O5/Mm7x9X8AAABoRu7+p+KWTvb/HPv/C3ve4+5P1P8vZtr/J8//v/R5nv+/Tf+v/z8K/f84/f8S+n/9v/5f/89KTa3/z93/vbilk/0PAAAAPcjdfyFusf8BAACgGbn7vx+32P8AAADQjNz9P4hbOtn/c+z/Pf9f/6//1/8v9P/6/wPo/8fp/5fQ/+v/9f/6f1Zqav1/7v4fBgAA//8vgHW/") r1 = open(&(0x7f00000000c0)='./file1\x00', 0x66842, 0x21) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x3000) 1.032661166s ago: executing program 0 (id=3292): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r1}, 0xc) 863.768044ms ago: executing program 0 (id=3293): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x2368810, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x1) open_by_handle_at(r0, &(0x7f0000000300)=@OVL_FILEID_V0={0x15, 0xfb, {0x0, 0xfb, 0x15, 0x6, 0x3, "3e2face0f1002aca5463040755b7dea2"}}, 0x59b300) 625.663347ms ago: executing program 0 (id=3294): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x80000000}]) io_getevents(r1, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0) io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 474.251325ms ago: executing program 1 (id=3295): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000040)={0x24, r1, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0xfa}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0xff}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x801) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}}, 0x28}}, 0x0) 272.521286ms ago: executing program 0 (id=3296): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001140)=@newtaction={0x208, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x1f4, 0x1, [@m_tunnel_key={0x74, 0x1, 0x0, 0x0, {{0xf}, {0x44, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x0, 0x0, 0x200000}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xc, @local}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @loopback}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e20}]}, {0x4}, {0xc}, {0xc}}}, @m_tunnel_key={0xa8, 0x17, 0x0, 0x0, {{0xf}, {0x24, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xd}}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e20}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e24}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0xfffffff7}]}, {0x55, 0x6, "b36c9360a687b7b48dab4646d9ca683e6f662cdd59e47700fe58c607f2e1944e6d769925ab9d591039d5e685ae47c195900d58202e5b7c9f7144b2ec9b078940184666c5cf7d3e11408e96ff85bc8b3529"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_xt={0x9c, 0xb, 0x0, 0x0, {{0x7}, {0x5c, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_INDEX={0x8, 0x3, 0x6}, @TCA_IPT_HOOK={0x8, 0x2, 0x3}]}, {0x19, 0x6, "b0c788834491db917a9a992c9833c17cff3b436365"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_sample={0x38, 0xa, 0x0, 0x0, {{0xb}, {0x4}, {0x9, 0x6, "2e8a9ae58e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x208}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)={0x29, 0x0, [{0x296, 0x0, 0x2}]}) 174.043821ms ago: executing program 1 (id=3297): r0 = socket(0x10, 0x80002, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@RTM_NEWMDB={0x38, 0x54, 0xe5, 0x70bd2a, 0xffffffff, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x0, 0x0, 0x0, {@in6_addr=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x86dd}}}]}, 0x38}}, 0xc4c4) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) 103.342305ms ago: executing program 0 (id=3298): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000300)={[{@grpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x10}}, {@nodioread_nolock}, {@test_dummy_encryption}, {@lazytime}, {@nodelalloc}, {@minixdf}, {@orlov}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q") inotify_add_watch(0xffffffffffffffff, 0x0, 0x80000001) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x40) fallocate(r0, 0x0, 0x8e14, 0x8ffff) copy_file_range(r0, 0x0, r0, &(0x7f0000000500)=0xffff, 0x9, 0x0) 0s ago: executing program 4 (id=3299): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file4\x00', 0x80c406, &(0x7f0000001980)=ANY=[@ANYBLOB="646f74732c646f747300646d61736b3d30303030303030303003994db69d6fadd9fe8357bb9b326973636172642c0166733d6e6f7774066c655f726f2c6769643d8bde74b54a903862b1d491a0644fd032adf103782b3e6ab9bb8b7d5a0000008000000000831cac568a8781052c1f78a90d525fbffbbe712b3588cd20fd6b4fa30f99796b63d0000200006bf7964f30b515830fe521179cb856fcec51525e76986850e3c2079c07811902047009a8bd311ec4398a92a06f061a5a0ba1eb2b3db991e65cb55232662ecb874cb1ea47734fd6c56b06c03f20235fad7299622ac7c70fbb5466c8f69e506f15f9048273682c4abdddc8cbc849980b03000000000000000000000063e0c97554c132b6effff3b3e0c109c72f794db4da27b9108716f1877464f58d22d0ea6e75321d887a6a375c5cf8cce358a8df2720e76ce466c78c7901cc6071bc2eafaa394d4290e95d4db56b59ed5d9bd10d94b075a7ace6d3f19993baa452c9ecc39f61cc383b51b627ad3b736c045f8c784b64bbaac710f4372841998dee85b80f515bdeba72caeb00c76ae7cb06986d7e9f9fec03b990c1fc56d5161ae3c622a649f9f95781dd32bc8e4090861fcad6bed6a3be33f3602b136695e7543543b93f62312f5387cd4c6d1aa22271ec1be39d675c08f44ed601b6c8fbf92f448158194570618bfd504dfd0ff459eff7bc34e453816efefe372fcecc66f0956afbe155f1f53d0eff4872d6921804209e82af2ed0a588b8ebbef33bbbc3d495d110acf1a7537f33a8f7a82a29e2d6761b50d3db9dae0a9606eb4b0a92cdb504659776a21344b8fdc9ca3851a76938dd00e59cb1d1ad7ec9ac6e19d3244e209fd56e67caf895cf9f8507b063cac9ddc2ae46f7dff3f9b86b5b3838383015a502f3540a8a796580c78737b10f54977af5cee89e91cc54e21101973aed1e03820294e9811ef0c389ec53e04e14f226213fa4fd2f9c32cd317f936edcf16bffd78d69907336f1e4cf69c22d2e8f0a1caa2623483b45be9f59f1b74cd3f19a92db916f959d4bcb800c50bfabd4d63861e036ef6d614d46c31ab711ad2ead248d781e89017fc7c22d22be274e450e5f1837bf10921f4b117439ad4503f11682542bdba745be99695d4c3d64b96997f1a6f8f3145f94f227694be7682e8a2a1a288b69474164171c6dc00e770cb068702087467ee08643516fbc3f5f71715559152dbdb61082060c73a9338db0407ed89b6941d034f623a6643e39445697eb0d6867f0ddf0b4a45ce8687fc9", @ANYRES8, @ANYRES32], 0xfb, 0x2b1, &(0x7f0000000100)="$eJzs3E1rE0EYwPEn2TabVvpyEvTig170stR4VKFRWhADStoV9SBs6VZDYlJ2gyYimLOnfo7i0ZsgfoHe/QDeiiA99eRKk826iemLISY1/f8g7Mw8O5uZnQSeCWx2H2+9LG741oZTlWRaJSnSkH2ReSlIWyI8pprlVNQutzPSkGsLr/berzx5ej+byy3lVZezqzcyqjp76fPrtx8uf6mee/Rx1jRlZ/7Z7o/Mt53zOxd2f66+KPha8LVcqaqja5VK1Vkrubpe8IuW6sOS6/iuFsq+63XEN0qVzc26OuX1melNz/V9dcp1TUpdqxVNh6Mqq2VZOjN9UE7LGZL66x72dj7vZHuGztSdG2+el3UMEZn6Y03t7dGMCAAAjNLh+X8yOqed/ye783+RY/L/d+FZs58Gnv8bEuX/RbeZ/1e9ujrPnUI8/8eR7MXO/H/xRL2S/25A6FeiEavc6Qh5XnaqdyfyfwAAAAAAAAAAAAAAAAAAAAAA/gf7QTAXBMHcwTEpIkFYN0XEiNV7dOUJ8TEQX/8g9jLDBT5i/TEGYg/upUW+N2p2zU40j6348r3c0oI2xR7826vVbCOKX2/FtTM+KdNhPNMznpKrV1rxg9jdB7l4fKtmT8l611iNjlpjkLcBAAAAAICxZmlkPmpMS7S/tyw1pTve3L83CxMi0v59oGt/PyEXJ4Y4EQAAAAAAcCi//qbolEquN5yCMcT36rsg0l/3m4E5kGEYIhJrMcOlip+TXxEZ3JRTcuyU9UQXNMVtj3a4C/c123f39Cn51J2wcGtgFwwSIq2WyXDNur4FAAAAAMbL7/3AqEcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDZNYy/Lhv1HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDT4lcAAAD//4aMsuk=") write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)) kernel console output (not intermixed with test programs): dpoint not found (using control endpoint instead) [ 802.899064][ T5809] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 803.044991][ T787] gs_usb 1-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 803.063324][T14815] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2437'. [ 803.085405][ T787] gs_usb 1-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO) [ 803.107965][ T787] gs_usb: probe of 1-1:0.0 failed with error -71 [ 803.142807][T14817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2437'. [ 803.156727][ T787] usb 1-1: USB disconnect, device number 15 [ 803.296171][ T7146] usb 3-1: USB disconnect, device number 12 [ 803.302340][ C1] ldusb 3-1:0.0: usb_submit_urb failed (-19) [ 803.323052][ T7146] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 803.338030][T14818] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 803.376155][T14818] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 803.386237][T14818] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 803.394187][T14818] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 803.411847][T14818] kvm: requested 13409 ns i8254 timer period limited to 200000 ns [ 805.034942][T14866] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 805.077521][T14866] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 805.115367][T14866] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 805.197177][T14870] loop1: detected capacity change from 0 to 1024 [ 805.439437][T14880] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2458'. [ 806.034378][T13667] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 806.046506][T13667] Bluetooth: hci0: Injecting HCI hardware error event [ 806.056900][T13667] Bluetooth: hci0: hardware error 0x00 [ 806.109465][T14901] syz_tun: entered allmulticast mode [ 806.151030][T14900] syz_tun: left allmulticast mode [ 806.495628][T14907] loop0: detected capacity change from 0 to 4096 [ 806.517313][T14913] loop2: detected capacity change from 0 to 512 [ 806.537460][T14907] EXT4-fs: inline encryption not supported [ 806.549812][T14907] EXT4-fs (loop0): Test dummy encryption mode enabled [ 806.585361][T14913] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 806.604924][T14907] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 806.607127][T14915] loop1: detected capacity change from 0 to 2048 [ 806.621174][T14907] System zones: 0-5 [ 806.643888][T14907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 806.691158][T14913] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 806.753218][T14913] ext4 filesystem being mounted at /574/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 806.886805][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.940331][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 807.327779][T14924] create_pit_timer: 43 callbacks suppressed [ 807.327794][T14924] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 807.391213][T14924] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 807.427978][T14924] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 807.486050][T14937] loop2: detected capacity change from 0 to 8192 [ 807.904130][ T11] wlan1: Trigger new scan to find an IBSS to join [ 808.021869][T14956] loop1: detected capacity change from 0 to 256 [ 808.260669][T13667] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 808.385146][ T787] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 808.598718][ T787] usb 3-1: Using ep0 maxpacket: 16 [ 808.620929][ T787] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 808.666828][ T787] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 808.693703][ T787] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 808.703561][ T787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 808.712076][ T787] usb 3-1: Product: syz [ 808.716685][ T787] usb 3-1: Manufacturer: syz [ 808.721691][ T787] usb 3-1: SerialNumber: syz [ 808.944122][ T48] wlan1: Creating new IBSS network, BSSID 76:67:44:e2:a5:bc [ 809.033753][T14973] loop1: detected capacity change from 0 to 32768 [ 809.057668][T14973] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 809.072531][T14973] JBD2: Ignoring recovery information on journal [ 809.113379][ T787] usb 3-1: 0:2 : does not exist [ 809.126899][ T787] usb 3-1: 5:0: failed to get current value for ch 0 (-22) [ 809.152891][T14973] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 809.163980][ T787] usb 3-1: USB disconnect, device number 13 [ 809.232646][T13498] udevd[13498]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 809.286821][T14973] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #32 has an invalid bg_blkno of 393248 [ 809.304066][T14973] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 809.314937][T14973] OCFS2: File system is now read-only. [ 809.320663][T14973] (syz.1.2489,14973,0):ocfs2_search_chain:1761 ERROR: status = -30 [ 809.329685][T14973] (syz.1.2489,14973,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 809.337821][T14973] (syz.1.2489,14973,0):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30 [ 809.346480][T14973] (syz.1.2489,14973,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30 [ 809.355118][T14973] (syz.1.2489,14973,0):__ocfs2_claim_clusters:2365 ERROR: status = -30 [ 809.363462][T14973] (syz.1.2489,14973,0):__ocfs2_claim_clusters:2373 ERROR: status = -30 [ 809.371859][T14973] (syz.1.2489,14973,0):ocfs2_local_alloc_new_window:1203 ERROR: status = -30 [ 809.380765][T14973] (syz.1.2489,14973,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -30 [ 809.389787][T14973] (syz.1.2489,14973,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30 [ 809.399519][T14973] (syz.1.2489,14973,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30 [ 809.409387][T14973] (syz.1.2489,14973,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30 [ 809.419343][T14973] (syz.1.2489,14973,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30 [ 809.429102][T14973] (syz.1.2489,14973,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30 [ 809.438525][T14973] (syz.1.2489,14973,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30 [ 809.448122][T14973] (syz.1.2489,14973,0):ocfs2_expand_inline_dir:2858 ERROR: status = -30 [ 809.456603][T14973] (syz.1.2489,14973,0):ocfs2_extend_dir:3205 ERROR: status = -30 [ 809.464482][T14973] (syz.1.2489,14973,0):ocfs2_prepare_dir_for_insert:4326 ERROR: status = -30 [ 809.473318][T14973] (syz.1.2489,14973,0):ocfs2_symlink:1867 ERROR: status = -30 [ 809.480935][T14973] (syz.1.2489,14973,0):ocfs2_symlink:2068 ERROR: status = -30 [ 809.625945][ T5764] ocfs2: Unmounting device (7,1) on (node local) [ 810.116049][ T7146] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 810.252195][T14997] loop0: detected capacity change from 0 to 256 [ 810.319167][ T7146] usb 3-1: Using ep0 maxpacket: 32 [ 810.325452][T14997] FAT-fs (loop0): Directory bread(block 64) failed [ 810.334169][ T7146] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 810.349425][T14997] FAT-fs (loop0): Directory bread(block 65) failed [ 810.356390][ T7146] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 810.356901][T14997] FAT-fs (loop0): Directory bread(block 66) failed [ 810.380559][T14997] FAT-fs (loop0): Directory bread(block 67) failed [ 810.389434][T14997] FAT-fs (loop0): Directory bread(block 68) failed [ 810.394391][ T7146] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 810.422793][T14997] FAT-fs (loop0): Directory bread(block 69) failed [ 810.433088][ T7146] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 810.441017][T14997] FAT-fs (loop0): Directory bread(block 70) failed [ 810.473039][T14997] FAT-fs (loop0): Directory bread(block 71) failed [ 810.480214][ T7146] usb 3-1: config 0 interface 0 has no altsetting 0 [ 810.487970][T14997] FAT-fs (loop0): Directory bread(block 72) failed [ 810.505327][ T7146] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 810.516173][T14997] FAT-fs (loop0): Directory bread(block 73) failed [ 810.533186][ T7146] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 810.541996][ T7146] usb 3-1: Product: syz [ 810.556161][T14993] loop1: detected capacity change from 0 to 32768 [ 810.566474][ T7146] usb 3-1: Manufacturer: syz [ 810.571162][ T7146] usb 3-1: SerialNumber: syz [ 810.584267][ T7146] usb 3-1: config 0 descriptor?? [ 810.609531][ T7146] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 810.654186][ T7146] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 810.835634][T14990] ldusb 3-1:0.0: Write buffer overflow, 64885 bytes dropped [ 810.871433][ T787] usb 3-1: USB disconnect, device number 14 [ 810.877574][ C0] ldusb 3-1:0.0: usb_submit_urb failed (-19) [ 810.905183][ T787] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 811.084411][T15011] loop0: detected capacity change from 0 to 512 [ 811.113975][T15011] EXT4-fs: Ignoring removed i_version option [ 811.134977][T15011] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 811.167506][T15011] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.2504: invalid block [ 811.199854][T15011] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2504: invalid indirect mapped block 4294967295 (level 1) [ 811.226585][T15011] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2504: invalid indirect mapped block 4294967295 (level 1) [ 811.252467][T15011] EXT4-fs (loop0): 2 truncates cleaned up [ 811.269441][T15011] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 811.695079][T15022] netlink: 'syz.3.2507': attribute type 1 has an invalid length. [ 812.017731][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 812.165682][T15037] loop0: detected capacity change from 0 to 256 [ 812.198595][T15037] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 812.340550][T15041] loop0: detected capacity change from 0 to 24 [ 812.352577][T15041] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 812.392292][ T7147] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 812.414294][T15041] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 812.611890][ T7147] usb 3-1: config 0 has too many interfaces: 253, using maximum allowed: 32 [ 812.627528][ T7147] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 253 [ 812.767241][T15047] loop0: detected capacity change from 0 to 8192 [ 812.853637][ T7147] usb 3-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac [ 812.862962][ T7147] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 812.871787][ T7147] usb 3-1: Product: syz [ 812.876146][ T7147] usb 3-1: Manufacturer: syz [ 812.880803][ T7147] usb 3-1: SerialNumber: syz [ 812.893921][ T7147] usb 3-1: config 0 descriptor?? [ 812.903909][ T7147] gspca_main: sunplus-2.14.0 probing 055f:c630 [ 813.755385][T15051] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (at-a2150c) [ 813.962491][T15043] loop1: detected capacity change from 0 to 32768 [ 814.047838][ T7147] usb 3-1: USB disconnect, device number 15 [ 814.074376][T15043] JBD2: Ignoring recovery information on journal [ 814.157730][T15043] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 814.222610][T15065] loop0: detected capacity change from 0 to 256 [ 814.252825][T15065] exfat: Deprecated parameter 'utf8' [ 814.318359][T15065] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 814.524749][ T5764] ocfs2: Unmounting device (7,1) on (node local) [ 814.704416][T15072] loop0: detected capacity change from 0 to 64 [ 814.730605][T15072] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 814.913059][T15076] loop2: detected capacity change from 0 to 2048 [ 814.980200][T15076] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 815.049053][T15076] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 815.292569][T15091] loop2: detected capacity change from 0 to 128 [ 815.337385][T15091] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 815.484655][T15085] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 815.544815][T15085] ntfs3: loop1: Failed to load $Extend (-22). [ 815.551078][T15085] ntfs3: loop1: Failed to initialize $Extend. [ 815.776934][T15097] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 815.877738][T15097] ext4 filesystem being mounted at /590/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 816.066265][ T5772] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 816.222087][T15110] set_capacity_and_notify: 2 callbacks suppressed [ 816.222104][T15110] loop2: detected capacity change from 0 to 4096 [ 816.236943][T15110] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 816.302810][T15114] loop1: detected capacity change from 0 to 128 [ 816.347682][T15114] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 816.433256][T15114] ext4 filesystem being mounted at /568/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 816.531135][T15114] fscrypt (loop1, inode 12): Unsupported encryption flags (0x10) [ 816.672339][ T5764] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 817.025806][T15128] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 817.097782][T15118] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 817.120305][T15118] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 817.138175][T15118] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 817.306856][T15134] loop2: detected capacity change from 0 to 8192 [ 817.336266][T15134] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 817.382750][T15134] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 817.421263][T15134] REISERFS (device loop2): using ordered data mode [ 817.439312][T15134] reiserfs: using flush barriers [ 817.504241][T15134] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 817.588303][T15134] REISERFS (device loop2): checking transaction log (loop2) [ 817.599246][ T787] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 817.621281][T15134] REISERFS (device loop2): Using r5 hash to sort names [ 817.633557][T15134] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 817.648720][T15134] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 817.705676][T15134] REISERFS warning (device loop2): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 817.753131][T15134] REISERFS warning (device loop2): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 817.787912][T15134] REISERFS warning (device loop2): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 817.837928][ T787] usb 1-1: Using ep0 maxpacket: 16 [ 817.856020][ T787] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 817.873060][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 817.886353][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 817.899720][ T787] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 817.955252][ T787] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 817.988437][ T787] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 818.002697][ T787] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 818.021715][ T787] usb 1-1: Manufacturer: syz [ 818.055290][ T787] usb 1-1: config 0 descriptor?? [ 818.366488][T15167] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 818.408752][T15160] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 818.417193][T15160] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 818.446999][T15160] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 818.472683][ T787] rc_core: IR keymap rc-hauppauge not found [ 818.483182][ T787] Registered IR keymap rc-empty [ 818.499004][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.547408][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.580485][ T787] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 818.637238][ T787] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input75 [ 818.678369][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.722306][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.771869][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.822973][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.878896][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.921457][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.950902][T15163] loop2: detected capacity change from 0 to 32768 [ 818.964613][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 818.983454][T15163] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2556 (15163) [ 819.023955][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 819.031329][T15163] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 819.054110][T15163] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 819.064064][T15163] BTRFS info (device loop2): setting nodatasum [ 819.070433][T15163] BTRFS info (device loop2): force zlib compression, level 3 [ 819.078364][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 819.087529][T15163] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8) [ 819.107906][T15163] BTRFS info (device loop2): use lzo compression, level 0 [ 819.129575][T15163] BTRFS info (device loop2): turning on flush-on-commit [ 819.137009][ T787] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 819.161151][T15163] BTRFS info (device loop2): enabling auto defrag [ 819.177875][T15163] BTRFS info (device loop2): max_inline at 4096 [ 819.187296][T15163] BTRFS info (device loop2): using free space tree [ 819.196326][ T787] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 819.206313][ T787] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 819.219926][ T787] usb 1-1: USB disconnect, device number 16 [ 819.310767][T15187] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 819.398723][T15181] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 819.429113][T15163] BTRFS info (device loop2): enabling ssd optimizations [ 819.929731][ T5773] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 820.765526][T15215] loop1: detected capacity change from 0 to 32768 [ 820.866261][ T7155] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 821.079913][ T7155] usb 3-1: Using ep0 maxpacket: 16 [ 821.093377][ T7155] usb 3-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4 [ 821.112184][ T7155] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 821.120281][ T7155] usb 3-1: Product: syz [ 821.143995][ T7155] usb 3-1: Manufacturer: syz [ 821.148670][ T7155] usb 3-1: SerialNumber: syz [ 821.169972][ T7155] usb 3-1: config 0 descriptor?? [ 821.178783][ T7155] gspca_main: spca508-2.14.0 probing 041e:4018 [ 821.422017][ T7155] gspca_spca508: reg_read err -32 [ 821.433606][ T7155] gspca_spca508: reg_read err -32 [ 821.666830][ T7155] gspca_spca508: reg_read err -71 [ 821.674353][ T7155] gspca_spca508: reg_read err -71 [ 821.710466][ T7155] gspca_spca508: reg write: error -71 [ 821.721694][ T7155] spca508: probe of 3-1:0.0 failed with error -71 [ 821.740490][ T7155] usb 3-1: USB disconnect, device number 16 [ 821.761387][T15231] program syz.0.2579 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 822.395620][T15247] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 822.474622][T15250] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 822.509857][T15250] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 822.547510][T15250] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 822.560154][T15250] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 822.606311][T15237] loop1: detected capacity change from 0 to 32768 [ 822.661664][T15237] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2582 (15237) [ 822.717738][T15237] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 822.742724][T15237] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 822.760531][T15237] BTRFS info (device loop1): setting nodatasum [ 822.777933][T15237] BTRFS info (device loop1): force zlib compression, level 3 [ 822.802171][T15233] loop0: detected capacity change from 0 to 40427 [ 822.814455][T15237] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 822.834310][T15237] BTRFS info (device loop1): use lzo compression, level 0 [ 822.843748][T15233] F2FS-fs (loop0): invalid crc value [ 822.849314][T15237] BTRFS info (device loop1): turning on flush-on-commit [ 822.864701][T15237] BTRFS info (device loop1): enabling auto defrag [ 822.889796][T15237] BTRFS info (device loop1): max_inline at 4096 [ 822.897059][T15233] F2FS-fs (loop0): Found nat_bits in checkpoint [ 822.911119][T15237] BTRFS info (device loop1): using free space tree [ 823.070311][T15274] loop2: detected capacity change from 0 to 512 [ 823.077886][T15237] BTRFS info (device loop1): enabling ssd optimizations [ 823.126288][T15233] F2FS-fs (loop0): Start checkpoint disabled! [ 823.136482][T15274] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 823.218104][T15233] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 823.324153][T15274] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 823.414876][T15274] ext4 filesystem being mounted at /592/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 823.594472][ T5764] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 823.619223][ T7635] kworker/u4:12: attempt to access beyond end of device [ 823.619223][ T7635] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 823.770843][ T7635] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 823.792812][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 823.803548][ T7635] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 824.825461][T15301] syz.0.2598: vmalloc error: size 70368744185856, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 824.841908][T15301] CPU: 1 PID: 15301 Comm: syz.0.2598 Not tainted syzkaller #0 [ 824.849452][T15301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 824.859567][T15301] Call Trace: [ 824.862891][T15301] [ 824.865861][T15301] dump_stack_lvl+0x18c/0x250 [ 824.870628][T15301] ? show_regs_print_info+0x20/0x20 [ 824.875886][T15301] ? load_image+0x420/0x420 [ 824.880476][T15301] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 824.886958][T15301] ? cpuset_print_current_mems_allowed+0x2e7/0x360 [ 824.893518][T15301] warn_alloc+0x246/0x340 [ 824.898095][T15301] ? zone_watermark_ok_safe+0x230/0x230 [ 824.903717][T15301] __vmalloc_node_range+0x126/0x1330 [ 824.909065][T15301] ? __mutex_trylock_common+0x159/0x260 [ 824.914666][T15301] ? trace_raw_output_contention_end+0xd0/0xd0 [ 824.920878][T15301] ? trace_contention_end+0x39/0xe0 [ 824.926127][T15301] ? __mutex_lock+0x315/0xcc0 [ 824.931030][T15301] ? free_vm_area+0x50/0x50 [ 824.935604][T15301] ? dvb_demux_do_ioctl+0x317/0x530 [ 824.940861][T15301] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 824.946385][T15301] ? mutex_lock_nested+0x20/0x20 [ 824.951400][T15301] ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0 [ 824.957263][T15301] vmalloc+0x79/0x90 [ 824.961227][T15301] ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0 [ 824.967102][T15301] dvb_dmxdev_set_buffer_size+0xbe/0x1f0 [ 824.972807][T15301] dvb_demux_do_ioctl+0x454/0x530 [ 824.977900][T15301] dvb_usercopy+0x195/0x2b0 [ 824.982459][T15301] ? dvb_dmxdev_buffer_read+0x4c0/0x4c0 [ 824.988111][T15301] ? dvb_generic_ioctl+0xb0/0xb0 [ 824.993137][T15301] ? dvb_demux_poll+0x220/0x220 [ 824.998047][T15301] dvb_demux_ioctl+0x29/0x30 [ 825.002693][T15301] __se_sys_ioctl+0xfd/0x170 [ 825.007364][T15301] do_syscall_64+0x55/0xa0 [ 825.011907][T15301] ? clear_bhb_loop+0x40/0x90 [ 825.016727][T15301] ? clear_bhb_loop+0x40/0x90 [ 825.021480][T15301] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 825.027438][T15301] RIP: 0033:0x7f208c79cdd9 [ 825.031916][T15301] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 825.051588][T15301] RSP: 002b:00007f208d5c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 825.060063][T15301] RAX: ffffffffffffffda RBX: 00007f208ca15fa0 RCX: 00007f208c79cdd9 [ 825.068104][T15301] RDX: 0000400000002000 RSI: 0000000000006f2d RDI: 0000000000000003 [ 825.076140][T15301] RBP: 00007f208c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 825.084175][T15301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 825.092230][T15301] R13: 00007f208ca16038 R14: 00007f208ca15fa0 R15: 00007ffd809de878 [ 825.100286][T15301] [ 825.104908][T15301] Mem-Info: [ 825.108319][T15301] active_anon:52417 inactive_anon:0 isolated_anon:0 [ 825.108319][T15301] active_file:18244 inactive_file:40845 isolated_file:0 [ 825.108319][T15301] unevictable:20059 dirty:348 writeback:25 [ 825.108319][T15301] slab_reclaimable:11528 slab_unreclaimable:93742 [ 825.108319][T15301] mapped:25790 shmem:47317 pagetables:1006 [ 825.108319][T15301] sec_pagetables:0 bounce:0 [ 825.108319][T15301] kernel_misc_reclaimable:0 [ 825.108319][T15301] free:1266416 free_pcp:14944 free_cma:0 [ 825.156790][T15301] Node 0 active_anon:209680kB inactive_anon:0kB active_file:72976kB inactive_file:163184kB unevictable:78700kB isolated(anon):0kB isolated(file):0kB mapped:103788kB dirty:1388kB writeback:104kB shmem:187672kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11392kB pagetables:4068kB sec_pagetables:0kB all_unreclaimable? no [ 825.191419][T15301] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 825.222112][T15301] Node 0 DMA free:15296kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 825.251047][T15301] lowmem_reserve[]: 0 2521 2522 2522 2522 [ 825.256914][T15301] Node 0 DMA32 free:1151644kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:209644kB inactive_anon:0kB active_file:72976kB inactive_file:162360kB unevictable:78700kB writepending:1192kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:41748kB local_pcp:21140kB free_cma:0kB [ 825.288093][T15301] lowmem_reserve[]: 0 0 0 0 0 [ 825.293364][T15301] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 825.321111][T15301] lowmem_reserve[]: 0 0 0 0 0 [ 825.326005][T15301] Node 1 Normal free:3898724kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18012kB local_pcp:6436kB free_cma:0kB [ 825.356363][T15301] lowmem_reserve[]: 0 0 0 0 0 [ 825.361487][T15301] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15296kB [ 825.375742][T15301] Node 0 DMA32: 893*4kB (UME) 801*8kB (UME) 376*16kB (UM) 337*32kB (UME) 94*64kB (UME) 61*128kB (UME) 18*256kB (UME) 5*512kB (UM) 14*1024kB (UME) 4*2048kB (UM) 264*4096kB (UM) = 1151644kB [ 825.394773][T15301] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 825.406458][T15301] Node 1 Normal: 149*4kB (UME) 56*8kB (UME) 25*16kB (UME) 74*32kB (UME) 22*64kB (UE) 6*128kB (UME) 2*256kB (UE) 2*512kB (ME) 0*1024kB 2*2048kB (UE) 949*4096kB (M) = 3898724kB [ 825.424558][T15301] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.434369][T15301] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB [ 825.443874][T15301] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.453517][T15301] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.462916][T15301] 125298 total pagecache pages [ 825.467732][T15301] 0 pages in swap cache [ 825.472059][T15301] Free swap = 124384kB [ 825.476257][T15301] Total swap = 124996kB [ 825.480439][T15301] 2097051 pages RAM [ 825.484375][T15301] 0 pages HighMem/MovableOnly [ 825.489083][T15301] 416927 pages reserved [ 825.493332][T15301] 0 pages cma reserved [ 825.889375][T15320] loop0: detected capacity change from 0 to 2048 [ 825.918308][T15320] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 825.935930][T15320] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 826.066435][T15325] pim6reg: entered allmulticast mode [ 826.077297][T15324] pim6reg: left allmulticast mode [ 826.769187][T15345] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 826.823513][T15339] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 826.843564][T15339] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 826.861208][T15339] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 827.009252][T15329] loop0: detected capacity change from 0 to 32768 [ 827.077871][T15329] JBD2: Ignoring recovery information on journal [ 827.116428][T15329] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 827.366043][ T27] audit: type=1800 audit(1777343887.120:346): pid=15329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2607" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 827.524412][T15355] loop1: detected capacity change from 0 to 512 [ 827.680958][T15350] loop2: detected capacity change from 0 to 32768 [ 827.695281][T15350] XFS: ikeep mount option is deprecated. [ 827.748824][T15350] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 827.856168][T15350] XFS (loop2): Ending clean mount [ 828.006909][ T5772] ocfs2: Unmounting device (7,0) on (node local) [ 828.188586][ T5773] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 828.453281][ T7151] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 828.504960][T15383] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2620'. [ 828.661739][ T7151] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 828.672003][T15387] loop0: detected capacity change from 0 to 256 [ 828.678638][ T7151] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 828.689249][ T7151] usb 2-1: config 0 descriptor?? [ 828.702564][T15387] exfat: Deprecated parameter 'utf8' [ 828.707975][T15387] exfat: Deprecated parameter 'utf8' [ 828.717568][T15387] exfat: Deprecated parameter 'utf8' [ 828.743319][ T7151] cp210x 2-1:0.0: cp210x converter detected [ 828.759429][T15387] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d) [ 828.991937][T15390] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 829.050580][T15388] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 829.064134][T15388] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 829.072309][T15388] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 829.080867][T15388] kvm: requested 13409 ns i8254 timer period limited to 200000 ns [ 829.089427][T15388] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 829.098338][T15388] kvm: requested 41904 ns i8254 timer period limited to 200000 ns [ 829.120555][T15388] kvm: requested 160914 ns i8254 timer period limited to 200000 ns [ 829.195036][ T7151] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 829.237754][ T7151] usb 2-1: cp210x converter now attached to ttyUSB0 [ 829.421423][T15397] IPVS: persistence engine module ip_vs_pe_ not found [ 829.466825][ T7151] usb 2-1: USB disconnect, device number 19 [ 829.473378][T13667] Bluetooth: hci2: unexpected event for opcode 0x041c [ 829.494510][ T7151] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 829.551907][ T7151] cp210x 2-1:0.0: device disconnected [ 829.825366][T15413] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2637'. [ 829.836244][T15413] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2637'. [ 830.017492][T15418] bridge0: port 3(syz_tun) entered blocking state [ 830.046885][T15418] bridge0: port 3(syz_tun) entered disabled state [ 830.053625][T15418] syz_tun: entered allmulticast mode [ 830.068796][T15418] syz_tun: entered promiscuous mode [ 830.089568][T15418] bridge0: port 3(syz_tun) entered blocking state [ 830.096209][T15418] bridge0: port 3(syz_tun) entered forwarding state [ 830.271835][T15431] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 830.307508][T15423] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 830.391255][T15437] loop0: detected capacity change from 0 to 128 [ 830.417823][T15436] loop1: detected capacity change from 0 to 1024 [ 830.456439][T15436] EXT4-fs: Ignoring removed bh option [ 830.516013][T15436] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 830.607836][T15436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 830.812718][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 831.547489][T15467] bridge0: port 1(syz_tun) entered blocking state [ 831.579187][T15467] bridge0: port 1(syz_tun) entered disabled state [ 831.596410][T15467] syz_tun: entered allmulticast mode [ 831.622722][T15467] syz_tun: entered promiscuous mode [ 832.414759][T15498] loop2: detected capacity change from 0 to 256 [ 832.467473][T15498] FAT-fs (loop2): Directory bread(block 64) failed [ 832.483852][T15498] FAT-fs (loop2): Directory bread(block 65) failed [ 832.490511][T15498] FAT-fs (loop2): Directory bread(block 66) failed [ 832.507550][T15498] FAT-fs (loop2): Directory bread(block 67) failed [ 832.515162][T15498] FAT-fs (loop2): Directory bread(block 68) failed [ 832.521746][T15498] FAT-fs (loop2): Directory bread(block 69) failed [ 832.528694][T15498] FAT-fs (loop2): Directory bread(block 70) failed [ 832.535683][T15498] FAT-fs (loop2): Directory bread(block 71) failed [ 832.542348][T15498] FAT-fs (loop2): Directory bread(block 72) failed [ 832.549020][T15498] FAT-fs (loop2): Directory bread(block 73) failed [ 832.556852][ T7155] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 832.707185][T15503] bridge0: port 1(syz_tun) entered blocking state [ 832.714000][T15503] bridge0: port 1(syz_tun) entered disabled state [ 832.720876][T15503] syz_tun: entered allmulticast mode [ 832.729237][T15503] syz_tun: entered promiscuous mode [ 832.770608][ T7155] usb 2-1: Using ep0 maxpacket: 16 [ 832.794928][ T7155] usb 2-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4 [ 832.820605][ T7155] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 832.849383][ T7155] usb 2-1: Product: syz [ 832.858826][ T7155] usb 2-1: Manufacturer: syz [ 832.868862][ T7155] usb 2-1: SerialNumber: syz [ 832.889636][ T7155] usb 2-1: config 0 descriptor?? [ 832.898372][ T7155] gspca_main: spca508-2.14.0 probing 041e:4018 [ 832.962231][T15507] netlink: 'syz.3.2669': attribute type 32 has an invalid length. [ 832.973891][T15507] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2669'. [ 832.983089][T15507] (unnamed net_device) (uninitialized): option coupled_control: invalid value (17) [ 833.134411][ T7155] gspca_spca508: reg_read err -32 [ 833.145886][ T7155] gspca_spca508: reg_read err -32 [ 833.367415][ T7155] gspca_spca508: reg_read err -71 [ 833.391856][ T7155] gspca_spca508: reg_read err -71 [ 833.411663][ T7155] gspca_spca508: reg write: error -71 [ 833.417193][ T7155] spca508: probe of 2-1:0.0 failed with error -71 [ 833.447576][ T7155] usb 2-1: USB disconnect, device number 20 [ 833.639869][T15512] loop0: detected capacity change from 0 to 32768 [ 833.666349][T15512] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.2671 (15512) [ 833.726912][T15512] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 833.753760][T15512] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 833.771763][T15512] BTRFS info (device loop0): setting nodatasum [ 833.782496][T15512] BTRFS info (device loop0): force zlib compression, level 3 [ 833.801021][T15512] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 833.815186][T13667] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 833.827745][T13667] Bluetooth: hci2: Injecting HCI hardware error event [ 833.838108][ T5767] Bluetooth: hci2: hardware error 0x00 [ 833.871925][T15512] BTRFS info (device loop0): use lzo compression, level 0 [ 833.903288][T15512] BTRFS info (device loop0): turning on flush-on-commit [ 833.910380][T15512] BTRFS info (device loop0): enabling auto defrag [ 833.917427][T15512] BTRFS info (device loop0): max_inline at 4096 [ 833.923740][T15512] BTRFS info (device loop0): using free space tree [ 834.085272][T15512] BTRFS info (device loop0): enabling ssd optimizations [ 834.332280][ T5772] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 834.583526][ T7033] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop0 scanned by udevd (7033) [ 834.788090][T15565] loop1: detected capacity change from 0 to 512 [ 835.092600][T15565] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #16: comm syz.1.2688: corrupted inode contents [ 835.169944][T15565] EXT4-fs error (device loop1): ext4_dirty_inode:6143: inode #16: comm syz.1.2688: mark_inode_dirty error [ 835.248912][T15565] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #16: comm syz.1.2688: corrupted inode contents [ 835.317645][T15565] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.2688: mark_inode_dirty error [ 835.373544][T15565] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #16: comm syz.1.2688: corrupted inode contents [ 835.420883][T15565] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 835.445143][T15563] loop2: detected capacity change from 0 to 32768 [ 835.456679][T15565] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #16: comm syz.1.2688: corrupted inode contents [ 835.495875][T15563] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.2687 (15563) [ 835.527186][T15565] EXT4-fs error (device loop1): ext4_truncate:4301: inode #16: comm syz.1.2688: mark_inode_dirty error [ 835.545009][T15565] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 835.569054][T15563] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 835.600252][T15563] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 835.613799][T15565] EXT4-fs (loop1): 1 truncate cleaned up [ 835.638793][ T990] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 835.640543][T15565] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 835.663274][T15563] BTRFS info (device loop2): enabling disk space caching [ 835.666542][ T990] EXT4-fs error (device loop1): ext4_release_dquot:6989: comm kworker/u4:5: Failed to release dquot type 1 [ 835.685447][T15563] BTRFS info (device loop2): force clearing of disk cache [ 835.706056][T15563] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 835.717297][T15565] ext4 filesystem being mounted at /597/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 835.752188][T15563] BTRFS info (device loop2): use zstd compression, level 3 [ 835.795618][T15563] BTRFS info (device loop2): disk space caching is enabled [ 835.940444][T15563] BTRFS info (device loop2): enabling ssd optimizations [ 835.955248][T15563] BTRFS info (device loop2): auto enabling async discard [ 835.981740][T15563] BTRFS info (device loop2): rebuilding free space tree [ 836.017549][T15563] BTRFS info (device loop2): disabling free space tree [ 836.026121][T15563] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 836.036018][T15563] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 836.036607][ T5767] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 836.053872][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 836.347603][ T5773] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 836.381122][T15607] create_pit_timer: 38 callbacks suppressed [ 836.381138][T15607] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 836.435237][T15601] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 837.476967][T15616] loop2: detected capacity change from 0 to 32768 [ 837.486865][T15616] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.2694 (15616) [ 837.521745][T15616] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 837.536810][T15616] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 837.584037][T15616] BTRFS info (device loop2): using free space tree [ 837.796959][T15616] BTRFS info (device loop2): enabling ssd optimizations [ 837.825187][T15616] BTRFS info (device loop2): auto enabling async discard [ 838.234906][ T5773] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 838.399941][ T7033] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop2 scanned by udevd (7033) [ 838.545276][T15650] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 839.519220][T15674] tipc: Enabling of bearer rejected, failed to enable media [ 839.624920][ T5809] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 839.653101][T15676] syz.2.2718[15676] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 839.653252][T15676] syz.2.2718[15676] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 839.846045][ T5809] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 839.911166][ T5809] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 839.928699][ T5809] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 839.952102][ T5809] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 839.978035][ T5809] usb 2-1: config 0 descriptor?? [ 840.125126][T15686] loop2: detected capacity change from 0 to 256 [ 840.159565][T15686] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d) [ 840.350489][T15690] wlan0 speed is unknown, defaulting to 1000 [ 840.375968][T15690] lo speed is unknown, defaulting to 1000 [ 840.470518][T15695] input: syz1 as /devices/virtual/input/input76 [ 840.471058][ T5809] playstation 0003:054C:0DF2.000B: unknown main item tag 0x0 [ 840.496790][ T5809] playstation 0003:054C:0DF2.000B: unknown main item tag 0x0 [ 840.511292][ T5809] playstation 0003:054C:0DF2.000B: unknown main item tag 0x6 [ 840.536074][ T5809] playstation 0003:054C:0DF2.000B: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.1-1/input0 [ 840.677869][ T5809] playstation 0003:054C:0DF2.000B: Failed to retrieve feature with reportID 9: -71 [ 840.698332][ T5809] playstation 0003:054C:0DF2.000B: Failed to retrieve DualSense pairing info: -71 [ 840.714757][ T5809] playstation 0003:054C:0DF2.000B: Failed to get MAC address from DualSense [ 840.723941][ T5809] playstation 0003:054C:0DF2.000B: Failed to create dualsense. [ 840.734040][ T5809] playstation: probe of 0003:054C:0DF2.000B failed with error -71 [ 840.745804][ T5809] usb 2-1: USB disconnect, device number 21 [ 840.833640][T15696] fido_id[15696]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 841.039612][ T7635] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 841.156633][T15690] IPVS: You probably need to specify IP address on multicast interface. [ 841.176899][T15690] IPVS: Error connecting to the multicast addr [ 841.202388][T15711] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2731'. [ 841.211595][T15711] netlink: 'syz.2.2731': attribute type 30 has an invalid length. [ 841.220374][T15711] netlink: 'syz.2.2731': attribute type 29 has an invalid length. [ 841.228698][T15711] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2731'. [ 841.456662][T15713] netlink: 2124 bytes leftover after parsing attributes in process `syz.2.2732'. [ 841.631507][T15715] loop1: detected capacity change from 0 to 2048 [ 841.680453][T15715] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 841.883822][T15709] loop0: detected capacity change from 0 to 32768 [ 841.915003][T15709] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 842.169935][T13498] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 842.335633][T15734] 9pnet_fd: Insufficient options for proto=fd [ 843.256835][T15736] loop2: detected capacity change from 0 to 32768 [ 843.372820][T15736] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 843.387021][T15740] loop0: detected capacity change from 0 to 32768 [ 843.439222][T15740] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 843.637239][T15736] XFS (loop2): Ending clean mount [ 843.644707][T15740] XFS (loop0): Ending clean mount [ 843.695932][T15740] XFS (loop0): User initiated shutdown received. [ 843.738406][T15762] syzkaller1: entered promiscuous mode [ 843.743974][T15762] syzkaller1: entered allmulticast mode [ 843.751614][T15740] XFS (loop0): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 843.773700][T15740] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 843.793039][T15736] XFS (loop2): User initiated shutdown received. [ 843.818054][T15736] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 843.851935][T15736] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 843.945523][ T5772] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 844.002256][ T5773] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 844.539566][T15773] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2753'. [ 844.793933][T15782] loop1: detected capacity change from 0 to 512 [ 844.905289][T15782] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 845.160503][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 845.453865][T15790] syzkaller1: entered promiscuous mode [ 845.462402][T15790] syzkaller1: entered allmulticast mode [ 846.092528][T15810] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 846.151558][T15810] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 846.188248][T15810] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 846.214761][T15810] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 846.329773][T15816] loop2: detected capacity change from 0 to 64 [ 846.365504][T15816] hfs: unable to locate alternate MDB [ 846.398162][T15816] hfs: continuing without an alternate MDB [ 846.646240][T15826] loop2: detected capacity change from 0 to 512 [ 846.702765][T15826] EXT4-fs error (device loop2): ext4_orphan_get:1404: inode #15: comm syz.2.2773: inode has both inline data and extents flags [ 846.717089][T15826] EXT4-fs error (device loop2): ext4_orphan_get:1409: comm syz.2.2773: couldn't read orphan inode 15 (err -117) [ 846.736790][T15826] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 846.803614][T15831] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2774'. [ 846.879996][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 847.091592][T15835] loop0: detected capacity change from 0 to 8192 [ 847.106064][T15835] FAT-fs (loop0): bogus logical sector size 155 [ 847.114657][T15835] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 847.127171][T15835] FAT-fs (loop0): Can't find a valid FAT filesystem [ 847.589029][T15837] loop2: detected capacity change from 0 to 32768 [ 847.640735][T15837] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 847.704363][T15850] loop1: detected capacity change from 0 to 1024 [ 847.846934][T15840] loop0: detected capacity change from 0 to 32768 [ 847.885180][T15840] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 848.007540][T15837] XFS (loop2): Ending clean mount [ 848.146903][ T7100] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 848.214968][T15857] loop1: detected capacity change from 0 to 512 [ 848.261792][T15857] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 848.356715][ T5773] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 848.387540][T15857] EXT4-fs warning (device loop1): ext4_enable_quotas:7188: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 848.443681][T15863] loop0: detected capacity change from 0 to 256 [ 848.465401][T15863] exfat: Deprecated parameter 'utf8' [ 848.486352][T15863] exfat: Deprecated parameter 'utf8' [ 848.493368][T15857] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 848.614446][T15857] EXT4-fs warning (device loop1): ext4_enable_quotas:7188: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 848.795303][ T5764] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 848.965123][T15866] loop0: detected capacity change from 0 to 128 [ 849.013540][T15866] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 849.032298][T15868] syzkaller1: entered promiscuous mode [ 849.042475][T15866] hpfs: filesystem error: improperly stopped [ 849.061404][T15866] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 849.065286][T15868] syzkaller1: entered allmulticast mode [ 849.088484][T15866] hpfs: You really don't want any checks? You are crazy... [ 849.096230][T15866] hpfs: hpfs_map_sector(): read error [ 849.132549][T15866] hpfs: code page support is disabled [ 849.152382][T15866] hpfs: hpfs_map_4sectors(): unaligned read [ 849.184725][T15866] hpfs: hpfs_map_4sectors(): unaligned read [ 849.190705][T15866] hpfs: filesystem error: unable to find root dir [ 849.249586][T15866] hpfs: hpfs_map_4sectors(): unaligned read [ 849.280791][T15866] hpfs: hpfs_map_sector(): read error [ 849.316121][T15879] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 849.397950][T15879] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 849.424217][T15879] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 849.456304][T15879] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 849.812996][T15889] loop1: detected capacity change from 0 to 4096 [ 850.468551][T15909] netlink: 'syz.0.2803': attribute type 4 has an invalid length. [ 850.488573][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 850.495338][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 850.540736][T15912] loop2: detected capacity change from 0 to 256 [ 850.618050][T15912] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x1d73664b, utbl_chksum : 0xe619d30d) [ 850.883793][T15923] loop2: detected capacity change from 0 to 128 [ 850.960724][T15923] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 851.038446][T15923] ext4 filesystem being mounted at /647/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 851.256793][ T5773] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 851.601866][T15926] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 851.680807][T15926] XFS (loop0): Ending clean mount [ 851.730763][T15926] XFS (loop0): Quotacheck needed: Please wait. [ 851.856682][T15926] XFS (loop0): Quotacheck: Done. [ 852.290340][T15951] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 852.336680][T15951] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 852.377872][T15951] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 852.407424][ T5772] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 853.302029][T15917] set_capacity_and_notify: 1 callbacks suppressed [ 853.302048][T15917] loop1: detected capacity change from 0 to 131072 [ 853.319001][T15917] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0) [ 853.345859][T15917] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 853.401696][T15917] F2FS-fs (loop1): invalid crc value [ 853.442136][T15917] F2FS-fs (loop1): Found nat_bits in checkpoint [ 853.613278][T15917] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 853.629596][T15917] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 853.816995][ T27] audit: type=1800 audit(1777343911.844:347): pid=15917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2807" name="bus" dev="loop1" ino=10 res=0 errno=0 [ 853.852112][T15917] Invalid ELF header magic: != ELF [ 854.084180][T15977] loop0: detected capacity change from 0 to 64 [ 855.185798][T15986] loop0: detected capacity change from 0 to 8192 [ 855.245268][T15986] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 855.322553][T15986] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 855.384198][T15986] REISERFS (device loop0): using ordered data mode [ 855.390885][T15986] reiserfs: using flush barriers [ 855.435247][T15986] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 855.511983][T15986] REISERFS (device loop0): checking transaction log (loop0) [ 855.748285][T15986] REISERFS (device loop0): Using tea hash to sort names [ 855.774131][T15986] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 855.797555][T15991] loop1: detected capacity change from 0 to 256 [ 855.878664][T15991] FAT-fs (loop1): Directory bread(block 64) failed [ 855.905764][T15991] FAT-fs (loop1): Directory bread(block 65) failed [ 855.913081][T15991] FAT-fs (loop1): Directory bread(block 66) failed [ 855.921406][T15991] FAT-fs (loop1): Directory bread(block 67) failed [ 855.948548][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 855.960137][T15991] FAT-fs (loop1): Directory bread(block 68) failed [ 855.966762][T15991] FAT-fs (loop1): Directory bread(block 69) failed [ 856.020959][T15991] FAT-fs (loop1): Directory bread(block 70) failed [ 856.052135][T15991] FAT-fs (loop1): Directory bread(block 71) failed [ 856.074993][T15991] FAT-fs (loop1): Directory bread(block 72) failed [ 856.083005][T15991] FAT-fs (loop1): Directory bread(block 73) failed [ 856.121418][T15996] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2) [ 856.318110][T16000] loop2: detected capacity change from 0 to 128 [ 856.366597][T16000] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 856.418174][T16000] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 856.529928][T16003] loop1: detected capacity change from 0 to 512 [ 856.555339][T16003] EXT4-fs: Ignoring removed nobh option [ 856.598277][T16003] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 856.664049][T16003] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 856.699929][T16003] EXT4-fs (loop1): 1 truncate cleaned up [ 856.708171][T16003] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 856.736309][T16009] loop2: detected capacity change from 0 to 512 [ 856.828877][T16009] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 857.021019][T16009] EXT4-fs warning (device loop2): ext4_enable_quotas:7188: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 857.053880][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 857.055881][T16009] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 857.132250][T16009] EXT4-fs warning (device loop2): ext4_enable_quotas:7188: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 857.304178][ T5773] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 857.395859][T16011] loop0: detected capacity change from 0 to 40427 [ 857.454158][T16011] F2FS-fs (loop0): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 857.478549][T16011] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 857.498294][T16011] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x35f7 [ 857.520554][T16011] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff [ 857.529957][T16011] F2FS-fs (loop0): Image doesn't support compression [ 857.572724][T16011] F2FS-fs (loop0): invalid crc value [ 857.600370][T16022] loop2: detected capacity change from 0 to 4096 [ 857.618534][T16022] EXT4-fs: Ignoring removed bh option [ 857.636889][T16011] F2FS-fs (loop0): Found nat_bits in checkpoint [ 857.698486][T16022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 857.831070][T16011] F2FS-fs (loop0): Start checkpoint disabled! [ 857.864522][T16011] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 857.874132][T16011] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 857.903225][T16027] overlayfs: failed to create directory ./file0/work (errno: 117); mounting read-only [ 858.127616][ T5773] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 33: comm syz-executor: path /657/file3/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=3584, inode=0, rec_len=0, size=4096 fake=0 [ 858.185993][ T5773] EXT4-fs (loop2): Remounting filesystem read-only [ 858.534240][ T6387] syz_tun (unregistering): left allmulticast mode [ 858.540870][ T6387] syz_tun (unregistering): left promiscuous mode [ 858.547725][ T6387] bridge0: port 1(syz_tun) entered disabled state [ 858.570483][ T11] F2FS-fs (loop0): inject checkpoint error in f2fs_balance_fs of __write_node_page+0xbe0/0x1a40 [ 858.600228][ T11] kworker/u4:0: attempt to access beyond end of device [ 858.600228][ T11] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 858.636676][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 858.674742][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 1 [ 858.753146][ T6387] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 859.112153][ T48] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 859.407685][ T48] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 859.607825][ T48] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 859.734895][ T48] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 859.766685][T16038] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2848'. [ 859.813919][T16039] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2848'. [ 859.827629][ T5809] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 859.855906][T16041] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2849'. [ 859.882852][T16041] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2849'. [ 859.936084][T13667] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 859.948318][T13667] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 859.969923][T13667] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 859.986505][T13667] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 859.996286][T13667] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 860.009327][T13667] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 860.033205][ T5809] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 860.043206][ T5809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 860.095106][ T5809] usb 1-1: config 0 descriptor?? [ 860.106558][ T5809] cp210x 1-1:0.0: cp210x converter detected [ 860.323257][T16042] wlan0 speed is unknown, defaulting to 1000 [ 860.458000][T16042] lo speed is unknown, defaulting to 1000 [ 860.576388][ T5809] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 860.819500][ T5809] usb 1-1: cp210x converter now attached to ttyUSB0 [ 861.029610][ T787] usb 1-1: USB disconnect, device number 17 [ 861.049383][ T787] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 861.149238][ T787] cp210x 1-1:0.0: device disconnected [ 861.328213][T16060] loop1: detected capacity change from 0 to 32768 [ 861.393807][T16060] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 861.609656][ T27] audit: type=1804 audit(1777343919.162:348): pid=16060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2854" name="/newroot/636/file1/file1" dev="loop1" ino=17058 res=1 errno=0 [ 861.749536][T16042] chnl_net:caif_netlink_parms(): no params data found [ 861.901407][ T5764] ocfs2: Unmounting device (7,1) on (node local) [ 862.279274][ T5767] Bluetooth: hci2: command tx timeout [ 862.532046][T16042] bridge0: port 1(bridge_slave_0) entered blocking state [ 862.539643][T16042] bridge0: port 1(bridge_slave_0) entered disabled state [ 862.565148][T16042] bridge_slave_0: entered allmulticast mode [ 862.597034][T16042] bridge_slave_0: entered promiscuous mode [ 862.650239][T16042] bridge0: port 2(bridge_slave_1) entered blocking state [ 862.657447][T16042] bridge0: port 2(bridge_slave_1) entered disabled state [ 862.680144][T16042] bridge_slave_1: entered allmulticast mode [ 862.692950][T16042] bridge_slave_1: entered promiscuous mode [ 862.910943][T16042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 862.952240][T16042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 863.309219][T16042] team0: Port device team_slave_0 added [ 863.409483][T16042] team0: Port device team_slave_1 added [ 863.556323][T16106] loop1: detected capacity change from 0 to 32768 [ 863.620004][T16042] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 863.635768][T16042] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 863.666981][T16042] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 863.716899][T16106] JBD2: Ignoring recovery information on journal [ 863.773919][ T48] hsr_slave_0: left promiscuous mode [ 863.807500][ T48] hsr_slave_1: left promiscuous mode [ 863.856504][ T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 863.864470][T16106] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 863.898992][ T48] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 863.943530][ T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 863.951040][ T48] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 864.006694][ T48] batman_adv: batadv0: Interface deactivated: vlan1 [ 864.013419][ T48] batman_adv: batadv0: Removing interface: vlan1 [ 864.038121][ T48] batman_adv: batadv0: Interface deactivated: macsec1 [ 864.045871][ T48] batman_adv: batadv0: Removing interface: macsec1 [ 864.149439][ T48] veth1_macvtap: left promiscuous mode [ 864.166390][ T48] veth0_macvtap: left promiscuous mode [ 864.172313][ T48] veth1_vlan: left promiscuous mode [ 864.190759][ T48] veth0_vlan: left promiscuous mode [ 864.488251][ T5764] ocfs2: Unmounting device (7,1) on (node local) [ 864.518175][ T5767] Bluetooth: hci2: command tx timeout [ 866.260122][T16151] loop0: detected capacity change from 0 to 4096 [ 866.326471][T16151] EXT4-fs (loop0): Test dummy encryption mode enabled [ 866.341148][T16151] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=8843c01c, mo2=0003] [ 866.380739][T16151] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 866.466639][T16151] EXT4-fs (loop0): shut down requested (2) [ 866.551364][ T48] team0 (unregistering): Port device team_slave_1 removed [ 866.559001][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 866.721663][ T5767] Bluetooth: hci2: command tx timeout [ 866.723387][ T48] team0 (unregistering): Port device team_slave_0 removed [ 866.821392][ T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 866.909789][ T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 867.457685][ T48] bond0 (unregistering): Released all slaves [ 867.490406][T16042] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 867.497490][T16042] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 867.526254][T16042] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 867.731122][T16042] hsr_slave_0: entered promiscuous mode [ 867.793088][T16042] hsr_slave_1: entered promiscuous mode [ 867.803674][T16042] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 867.814970][T16042] Cannot create hsr debugfs directory [ 868.492335][ T48] IPVS: stop unused estimator thread 0... [ 868.596754][T16042] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 868.629748][T16042] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 868.658813][T16042] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 868.679868][T16042] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 868.944048][ T5767] Bluetooth: hci2: command tx timeout [ 869.001618][T16042] 8021q: adding VLAN 0 to HW filter on device bond0 [ 869.090433][T16042] 8021q: adding VLAN 0 to HW filter on device team0 [ 869.148739][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 869.156175][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 869.336170][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 869.343438][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 869.602753][T16212] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 869.657865][T16212] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 870.060411][T16042] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 870.622262][T16242] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 870.654287][T16242] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 870.685402][T16242] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 870.946563][T16042] veth0_vlan: entered promiscuous mode [ 870.977553][T16042] veth1_vlan: entered promiscuous mode [ 871.134230][T16042] veth0_macvtap: entered promiscuous mode [ 871.165891][T16042] veth1_macvtap: entered promiscuous mode [ 871.244358][T16042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 871.288570][T16042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 871.320243][T16042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 871.357761][T16042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 871.376524][T16251] loop1: detected capacity change from 0 to 512 [ 871.392087][T16042] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 871.414428][T16042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 871.457945][T16042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 871.490442][T16042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 871.508608][T16251] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 871.544295][T16042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 871.557493][T16251] ext4 filesystem being mounted at /649/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 871.626281][T16042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2 [ 871.668264][T16042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 871.714207][T16042] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 871.763492][T16042] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 871.783736][T16042] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 871.818797][T16042] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 871.838745][T16042] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 872.060264][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 872.112149][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 872.135731][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 872.239064][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 872.270888][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 872.939607][T16285] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 872.988365][T16285] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 873.800370][T16276] loop1: detected capacity change from 0 to 40427 [ 873.829944][T16276] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 873.869451][T16276] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 873.916944][T16276] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7 [ 873.933660][T16276] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff [ 873.971818][T16276] F2FS-fs (loop1): Image doesn't support compression [ 874.000699][T16276] F2FS-fs (loop1): invalid crc value [ 874.033766][T16276] F2FS-fs (loop1): Found nat_bits in checkpoint [ 874.194967][ T59] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 874.287106][T16276] F2FS-fs (loop1): Start checkpoint disabled! [ 874.319008][T16276] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 874.335079][T16276] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 874.400253][ T27] audit: type=1800 audit(1777343931.131:349): pid=16276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2898" name="file2" dev="loop1" ino=10 res=0 errno=0 [ 874.648152][T16276] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x5b4/0x19c0 [ 874.678919][T16276] F2FS-fs (loop1): invalid blkaddr: 5639, type: 7, run fsck to fix. [ 874.714101][T16276] syz.1.2898: attempt to access beyond end of device [ 874.714101][T16276] loop1: rw=2049, sector=45096, nr_sectors = 32 limit=40427 [ 875.097274][ T59] kworker/u4:4: attempt to access beyond end of device [ 875.097274][ T59] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 875.153174][ T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 875.160158][ T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 875.419389][T16329] loop5: detected capacity change from 0 to 7 [ 875.450679][T16329] Dev loop5: unable to read RDB block 7 [ 875.456370][T16329] loop5: unable to read partition table [ 875.512724][T16329] loop5: partition table beyond EOD, truncated [ 875.553622][T16329] loop_reread_partitions: partition scan of loop5 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 875.652871][T16337] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2909'. [ 875.934014][T16346] x_tables: unsorted underflow at hook 4 [ 876.572902][ T7155] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 876.775806][ T7155] usb 1-1: Using ep0 maxpacket: 8 [ 876.789281][ T7155] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 876.809976][ T7155] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 876.830620][T16372] loop1: detected capacity change from 0 to 8192 [ 876.839666][ T7155] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 876.863219][ T7155] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 876.895548][ T7155] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 876.951695][ T7155] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 876.978277][ T7155] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 877.007106][T16382] loop4: detected capacity change from 0 to 128 [ 877.081749][T16382] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 877.858886][T16401] usbtmc 1-1:16.0: simple usb_control_msg failed -32 [ 877.893656][ T787] usb 1-1: USB disconnect, device number 18 [ 878.233379][T16394] loop1: detected capacity change from 0 to 32768 [ 878.247594][T16394] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 878.391936][ T7033] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 878.635488][T16418] loop0: detected capacity change from 0 to 512 [ 878.731864][T16418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 878.814349][T16418] ext4 filesystem being mounted at /668/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 878.837608][T16418] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.2933: bg 0: block 217: padding at end of block bitmap is not set [ 879.029127][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 879.076490][T16432] loop1: detected capacity change from 0 to 512 [ 879.107542][T16432] EXT4-fs: Ignoring removed orlov option [ 879.139838][T16432] EXT4-fs (loop1): Test dummy encryption mode enabled [ 879.168929][T16432] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 879.210814][T16437] loop4: detected capacity change from 0 to 64 [ 879.227545][T16432] EXT4-fs (loop1): 1 truncate cleaned up [ 879.251311][T16432] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 879.340016][T16432] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 879.427901][T16444] overlayfs: failed to resolve './file0': -2 [ 879.454850][T16437] Trying to free block not in datazone [ 879.503754][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 880.123190][T16464] loop1: detected capacity change from 0 to 512 [ 880.174707][T16442] loop0: detected capacity change from 0 to 32768 [ 880.186563][T16464] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2946: invalid indirect mapped block 256 (level 2) [ 880.206696][T16464] EXT4-fs (loop1): 2 truncates cleaned up [ 880.217970][T16442] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 880.260683][T16464] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 880.372092][T16464] EXT4-fs (loop1): shut down requested (2) [ 880.396160][T16464] EXT4-fs warning (device loop1): empty_inline_dir:1882: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 880.486290][T13498] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 880.599287][ T5764] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 880.858200][ T7155] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 881.073606][ T7155] usb 1-1: config 1 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0 [ 881.095154][ T7155] usb 1-1: config 1 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 881.130764][ T7155] usb 1-1: config 1 interface 0 has no altsetting 0 [ 881.148649][ T7155] usb 1-1: New USB device found, idVendor=046d, idProduct=c101, bcdDevice= 0.40 [ 881.160977][ T7155] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 881.192489][ T7155] usb 1-1: Product: syz [ 881.196741][ T7155] usb 1-1: Manufacturer: syz [ 881.231699][ T7155] usb 1-1: SerialNumber: syz [ 881.374543][ T27] audit: type=1326 audit(1777343951.660:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 881.419697][ T27] audit: type=1326 audit(1777343951.689:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 881.485761][ T27] audit: type=1326 audit(1777343951.689:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 881.566431][ T27] audit: type=1326 audit(1777343951.689:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 881.597217][ T27] audit: type=1326 audit(1777343951.689:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 881.629147][ T27] audit: type=1326 audit(1777343951.689:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 881.671685][ T27] audit: type=1326 audit(1777343951.689:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 881.702953][ T27] audit: type=1326 audit(1777343951.689:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 881.798110][ T27] audit: type=1326 audit(1777343951.689:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16502 comm="syz.3.2962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb449b9cdd9 code=0x7ffc0000 [ 882.195961][ T7155] usbhid 1-1:1.0: can't add hid device: -71 [ 882.222705][ T7155] usbhid: probe of 1-1:1.0 failed with error -71 [ 882.245127][ T7155] usb 1-1: USB disconnect, device number 19 [ 882.303317][T15813] syz_tun (unregistering): left allmulticast mode [ 882.324367][T15813] syz_tun (unregistering): left promiscuous mode [ 882.330889][T15813] bridge0: port 1(syz_tun) entered disabled state [ 883.143223][T13667] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 883.157797][T13667] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 883.169799][T13667] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 883.180830][T13667] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 883.188751][T13667] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 883.196192][T13667] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 883.248673][T16539] wlan0 speed is unknown, defaulting to 1000 [ 883.289091][T16539] lo speed is unknown, defaulting to 1000 [ 883.461024][T16548] loop4: detected capacity change from 0 to 128 [ 883.521348][T16548] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 883.553334][T16548] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 883.616805][T16548] fscrypt (loop4, inode 12): Unsupported encryption modes (contents 0, filenames 0) [ 883.678083][T16042] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 883.697124][T16539] chnl_net:caif_netlink_parms(): no params data found [ 883.817753][T16560] loop4: detected capacity change from 0 to 1024 [ 883.855287][ T27] audit: type=1800 audit(1777343953.981:359): pid=16560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2985" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 883.882448][T16560] syz.4.2985: attempt to access beyond end of device [ 883.882448][T16560] loop4: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 883.924647][T16560] buffer_io_error: 6 callbacks suppressed [ 883.924665][T16560] Buffer I/O error on dev loop4, logical block 2889, async page read [ 883.948369][T16560] syz.4.2985: attempt to access beyond end of device [ 883.948369][T16560] loop4: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 883.981705][T16560] Buffer I/O error on dev loop4, logical block 2889, async page read [ 884.090934][T16539] bridge0: port 1(bridge_slave_0) entered blocking state [ 884.098268][T16539] bridge0: port 1(bridge_slave_0) entered disabled state [ 884.105691][T16539] bridge_slave_0: entered allmulticast mode [ 884.113229][T16539] bridge_slave_0: entered promiscuous mode [ 884.124428][T16539] bridge0: port 2(bridge_slave_1) entered blocking state [ 884.131886][T16539] bridge0: port 2(bridge_slave_1) entered disabled state [ 884.139210][T16539] bridge_slave_1: entered allmulticast mode [ 884.146624][T16539] bridge_slave_1: entered promiscuous mode [ 884.228883][T16539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 884.270257][T16539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 884.389295][T16539] team0: Port device team_slave_0 added [ 884.418974][T16539] team0: Port device team_slave_1 added [ 884.501178][T16539] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 884.519179][T16539] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 884.549097][T16539] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 884.565431][T16570] syzkaller1: entered promiscuous mode [ 884.572713][T16570] syzkaller1: entered allmulticast mode [ 884.585497][T16539] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 884.592971][T16539] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 884.627479][T16539] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 884.878389][T16558] loop0: detected capacity change from 0 to 40427 [ 884.907079][T16558] F2FS-fs (loop0): invalid crc value [ 884.928458][T16539] hsr_slave_0: entered promiscuous mode [ 884.943402][T16558] F2FS-fs (loop0): Found nat_bits in checkpoint [ 884.962306][T16539] hsr_slave_1: entered promiscuous mode [ 884.994341][T16539] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 885.002069][T16539] Cannot create hsr debugfs directory [ 885.145391][T16558] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 885.344309][T16558] syz.0.2986: attempt to access beyond end of device [ 885.344309][T16558] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 885.445703][ T5767] Bluetooth: hci0: command tx timeout [ 885.731411][ T5772] syz-executor: attempt to access beyond end of device [ 885.731411][ T5772] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 885.760401][ T5772] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 886.978100][T16539] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 886.993248][T16539] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 887.009138][T16539] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 887.016207][T16603] loop0: detected capacity change from 0 to 164 [ 887.032706][T16539] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 887.122310][T16603] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 887.380194][T16539] 8021q: adding VLAN 0 to HW filter on device bond0 [ 887.452714][T16539] 8021q: adding VLAN 0 to HW filter on device team0 [ 887.499104][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 887.506400][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 887.561592][ T990] bridge0: port 2(bridge_slave_1) entered blocking state [ 887.568855][ T990] bridge0: port 2(bridge_slave_1) entered forwarding state [ 887.666869][ T5767] Bluetooth: hci0: command tx timeout [ 887.881142][ T7146] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 887.991400][T16539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 888.063470][T16539] veth0_vlan: entered promiscuous mode [ 888.086456][T16539] veth1_vlan: entered promiscuous mode [ 888.092390][ T7146] usb 1-1: Using ep0 maxpacket: 8 [ 888.100504][ T7146] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 888.124376][ T7146] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 888.134226][ T7146] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 888.157498][ T7146] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 888.173060][ T7146] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 888.197313][T16539] veth0_macvtap: entered promiscuous mode [ 888.208027][T16539] veth1_macvtap: entered promiscuous mode [ 888.216488][ T7146] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 888.228956][ T7146] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 888.263589][T16539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 888.274340][T16539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.284273][T16539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 888.312446][T16539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.323130][T16539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 888.334122][T16539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.365845][T16539] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 888.392882][T16539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 888.407301][T16539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.419824][T16539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 888.431334][T16539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.451086][T16539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2 [ 888.465261][T16539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.493533][T16539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 888.504570][ T7146] usb 1-1: usb_control_msg returned -32 [ 888.514661][ T7146] usbtmc 1-1:16.0: can't read capabilities [ 888.521282][T16539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 888.539632][T16539] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 888.581479][T16539] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.603821][T16539] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.614520][T16539] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.624390][T16539] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 888.791543][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 888.817611][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 888.870029][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 888.881366][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 889.463817][T16650] loop1: detected capacity change from 0 to 4096 [ 889.887649][ T5767] Bluetooth: hci0: command tx timeout [ 889.935831][T16665] loop1: detected capacity change from 0 to 4096 [ 889.999836][T16665] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 890.045432][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 890.045450][ T27] audit: type=1800 audit(2000000004.660:361): pid=16665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3019" name="file1" dev="loop1" ino=30 res=0 errno=0 [ 890.819243][ T7147] usb 1-1: USB disconnect, device number 20 [ 891.100603][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805bce4400: rx timeout, send abort [ 891.114271][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805bce4400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 891.602509][T16723] loop0: detected capacity change from 0 to 64 [ 891.639897][ T787] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 891.867906][ T787] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 891.895154][ T787] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 891.926109][ T787] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 891.958016][ T787] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 891.988187][ T787] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 892.004690][ T787] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 892.030948][ T787] usb 5-1: Manufacturer: syz [ 892.059721][ T787] usb 5-1: config 0 descriptor?? [ 892.110101][ T5767] Bluetooth: hci0: command tx timeout [ 892.552916][ T787] appleir 0003:05AC:8243.000C: unknown main item tag 0x0 [ 892.576696][ T787] appleir 0003:05AC:8243.000C: No inputs registered, leaving [ 892.618575][T16754] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 892.665827][T16754] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 892.667973][ T787] appleir 0003:05AC:8243.000C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 892.875465][ T5830] usb 5-1: USB disconnect, device number 2 [ 892.998010][T16759] fido_id[16759]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 894.143455][T16794] loop4: detected capacity change from 0 to 256 [ 894.173495][T16794] exfat: Deprecated parameter 'utf8' [ 894.192466][T16794] exfat: Deprecated parameter 'namecase' [ 894.211473][T16790] loop0: detected capacity change from 0 to 4096 [ 894.218218][T16794] exfat: Deprecated parameter 'utf8' [ 894.236598][T16794] exfat: Deprecated parameter 'utf8' [ 894.309666][T16794] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36332e94, utbl_chksum : 0xe619d30d) [ 895.561656][ T7147] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 895.797021][ T7147] usb 5-1: Using ep0 maxpacket: 32 [ 895.818840][ T7147] usb 5-1: config 0 has no interfaces? [ 895.827776][ T7147] usb 5-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 895.861023][ T7147] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 895.881318][ T7147] usb 5-1: config 0 descriptor?? [ 896.064334][ T27] audit: type=1326 audit(2000000010.293:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16844 comm="syz.0.3059" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f208c79cdd9 code=0x0 [ 896.157072][ T7147] usb 5-1: USB disconnect, device number 3 [ 897.060324][T16879] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 897.102697][T16879] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 897.140917][T16879] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 897.175456][T16879] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 899.694861][T16955] loop4: detected capacity change from 0 to 512 [ 899.823214][T16955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 899.875782][T16934] loop0: detected capacity change from 0 to 131072 [ 899.892087][T16934] F2FS-fs (loop0): invalid crc value [ 899.930243][T16955] ext4 filesystem being mounted at /59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 899.988124][T16934] F2FS-fs (loop0): Found nat_bits in checkpoint [ 900.083855][T16934] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 900.362253][T16042] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 900.635000][T16982] loop4: detected capacity change from 0 to 64 [ 900.749975][ T27] audit: type=1800 audit(2000000014.682:363): pid=16982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3093" name="file1" dev="loop4" ino=21 res=0 errno=0 [ 900.795398][T16982] hfs: request for non-existent node -16318464 in B*Tree [ 900.819554][T16982] hfs: request for non-existent node -16318464 in B*Tree [ 900.879878][T16982] hfs: request for non-existent node -16318464 in B*Tree [ 900.915049][T16982] hfs: request for non-existent node -16318464 in B*Tree [ 900.984138][T16986] hfs: request for non-existent node -16318464 in B*Tree [ 901.004523][T16986] hfs: request for non-existent node -16318464 in B*Tree [ 901.094939][ T48] hfs: request for non-existent node -16318464 in B*Tree [ 901.118549][ T48] hfs: request for non-existent node -16318464 in B*Tree [ 901.575090][T17003] syzkaller1: entered promiscuous mode [ 901.606919][T17005] sctp: [Deprecated]: syz.4.3099 (pid 17005) Use of struct sctp_assoc_value in delayed_ack socket option. [ 901.606919][T17005] Use struct sctp_sack_info instead [ 901.623959][T17003] syzkaller1: entered allmulticast mode [ 902.982822][T17034] loop1: detected capacity change from 0 to 32768 [ 903.075251][T17034] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 903.244136][T17034] XFS (loop1): Ending clean mount [ 903.420716][T16539] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 904.931589][T17079] loop4: detected capacity change from 0 to 131072 [ 904.965623][T17079] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0) [ 904.974167][T17079] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 904.984264][T17079] F2FS-fs (loop4): invalid crc value [ 904.995430][T17079] F2FS-fs (loop4): Found nat_bits in checkpoint [ 905.083977][T17079] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 905.091143][T17079] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 905.188413][T17079] F2FS-fs (loop4): access invalid blkaddr:81410 [ 905.196821][T17079] CPU: 1 PID: 17079 Comm: syz.4.3124 Not tainted syzkaller #0 [ 905.204432][T17079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 905.214556][T17079] Call Trace: [ 905.217893][T17079] [ 905.220896][T17079] dump_stack_lvl+0x18c/0x250 [ 905.225656][T17079] ? show_regs_print_info+0x20/0x20 [ 905.230938][T17079] ? f2fs_get_meta_page+0x30/0x30 [ 905.236046][T17079] f2fs_is_valid_blkaddr+0xef8/0x1580 [ 905.241493][T17079] f2fs_get_node_info+0x705/0x12b0 [ 905.246769][T17079] read_node_page+0x154/0x990 [ 905.251517][T17079] ? folio_add_lru+0x54f/0xd30 [ 905.256343][T17079] ? f2fs_ra_node_page+0x230/0x230 [ 905.261513][T17079] ? filemap_add_folio+0x192/0x3c0 [ 905.266710][T17079] __get_node_page+0x1fb/0xf40 [ 905.271540][T17079] ? read_node_page+0x990/0x990 [ 905.276465][T17079] ? do_raw_spin_unlock+0x121/0x230 [ 905.281728][T17079] ? _raw_spin_unlock+0x28/0x40 [ 905.286622][T17079] f2fs_iget+0x77a/0x47e0 [ 905.291016][T17079] ? f2fs_free_filename+0x3f/0xd0 [ 905.296113][T17079] f2fs_lookup+0x37f/0x780 [ 905.300662][T17079] ? f2fs_encrypted_symlink_getattr+0x50/0x50 [ 905.306762][T17079] ? d_hash_and_lookup+0x1b0/0x1b0 [ 905.311943][T17079] ? __init_waitqueue_head+0xa9/0x150 [ 905.317367][T17079] __lookup_slow+0x2a1/0x400 [ 905.321998][T17079] ? lookup_one_len+0x2e0/0x2e0 [ 905.326947][T17079] ? try_to_unlazy+0x34c/0x5a0 [ 905.331748][T17079] ? down_read+0x1ac/0x2e0 [ 905.336193][T17079] lookup_slow+0x53/0x70 [ 905.340498][T17079] link_path_walk+0x990/0xe30 [ 905.345232][T17079] ? handle_lookup_down+0x130/0x130 [ 905.350470][T17079] __filename_parentat+0x22a/0x650 [ 905.355623][T17079] ? vfs_path_parent_lookup+0x50/0x50 [ 905.361054][T17079] do_renameat2+0x214/0xce0 [ 905.365608][T17079] ? lock_chain_count+0x20/0x20 [ 905.370498][T17079] ? fsnotify_move+0x4e0/0x4e0 [ 905.375293][T17079] ? kmem_cache_free+0xf8/0x270 [ 905.380196][T17079] ? getname_flags+0x277/0x500 [ 905.385007][T17079] __x64_sys_rename+0x86/0x90 [ 905.389719][T17079] do_syscall_64+0x55/0xa0 [ 905.394161][T17079] ? clear_bhb_loop+0x40/0x90 [ 905.398876][T17079] ? clear_bhb_loop+0x40/0x90 [ 905.403596][T17079] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 905.409556][T17079] RIP: 0033:0x7f7101b9cdd9 [ 905.414013][T17079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 905.433655][T17079] RSP: 002b:00007f7102b21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 905.442187][T17079] RAX: ffffffffffffffda RBX: 00007f7101e15fa0 RCX: 00007f7101b9cdd9 [ 905.450189][T17079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080 [ 905.458194][T17079] RBP: 00007f7101c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 905.466198][T17079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 905.474198][T17079] R13: 00007f7101e16038 R14: 00007f7101e15fa0 R15: 00007ffdbe0f4928 [ 905.482218][T17079] [ 905.616191][T17079] F2FS-fs (loop4): access invalid blkaddr:81410 [ 905.623319][T17079] CPU: 1 PID: 17079 Comm: syz.4.3124 Not tainted syzkaller #0 [ 905.630839][T17079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 905.640951][T17079] Call Trace: [ 905.644369][T17079] [ 905.647349][T17079] dump_stack_lvl+0x18c/0x250 [ 905.652119][T17079] ? show_regs_print_info+0x20/0x20 [ 905.657383][T17079] ? f2fs_get_meta_page+0x30/0x30 [ 905.662481][T17079] f2fs_is_valid_blkaddr+0xef8/0x1580 [ 905.667930][T17079] f2fs_get_node_info+0x705/0x12b0 [ 905.673449][T17079] read_node_page+0x154/0x990 [ 905.678168][T17079] ? folio_contains+0x29f/0x5c0 [ 905.683100][T17079] ? f2fs_ra_node_page+0x230/0x230 [ 905.688284][T17079] ? pagecache_get_page+0x107/0x250 [ 905.693578][T17079] ? f2fs_grab_cache_page+0x38/0x330 [ 905.698946][T17079] __get_node_page+0x1fb/0xf40 [ 905.703774][T17079] ? read_node_page+0x990/0x990 [ 905.708677][T17079] ? do_raw_spin_unlock+0x121/0x230 [ 905.713939][T17079] ? _raw_spin_unlock+0x28/0x40 [ 905.718858][T17079] f2fs_iget+0x77a/0x47e0 [ 905.723277][T17079] ? f2fs_free_filename+0x3f/0xd0 [ 905.728385][T17079] f2fs_lookup+0x37f/0x780 [ 905.732871][T17079] ? f2fs_encrypted_symlink_getattr+0x50/0x50 [ 905.739005][T17079] ? d_hash_and_lookup+0x1b0/0x1b0 [ 905.744183][T17079] ? __init_waitqueue_head+0xa9/0x150 [ 905.749618][T17079] __lookup_slow+0x2a1/0x400 [ 905.754293][T17079] ? lookup_one_len+0x2e0/0x2e0 [ 905.759234][T17079] ? try_to_unlazy+0x34c/0x5a0 [ 905.764065][T17079] ? down_read+0x1ac/0x2e0 [ 905.768548][T17079] lookup_slow+0x53/0x70 [ 905.772854][T17079] walk_component+0x2be/0x3f0 [ 905.777713][T17079] ? path_lookupat+0x15c/0x440 [ 905.782552][T17079] path_lookupat+0x169/0x440 [ 905.787228][T17079] filename_lookup+0x228/0x560 [ 905.792153][T17079] ? hashlen_string+0x110/0x110 [ 905.797113][T17079] ? strncpy_from_user+0x197/0x2d0 [ 905.802294][T17079] ? getname_flags+0x20a/0x500 [ 905.807122][T17079] user_path_at_empty+0x42/0x60 [ 905.812027][T17079] do_fchownat+0xf9/0x240 [ 905.816412][T17079] ? chown_common+0x5d0/0x5d0 [ 905.821180][T17079] __x64_sys_lchown+0x85/0x90 [ 905.825916][T17079] do_syscall_64+0x55/0xa0 [ 905.830464][T17079] ? clear_bhb_loop+0x40/0x90 [ 905.835212][T17079] ? clear_bhb_loop+0x40/0x90 [ 905.839945][T17079] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 905.845897][T17079] RIP: 0033:0x7f7101b9cdd9 [ 905.850363][T17079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 905.870032][T17079] RSP: 002b:00007f7102b21028 EFLAGS: 00000246 ORIG_RAX: 000000000000005e [ 905.878516][T17079] RAX: ffffffffffffffda RBX: 00007f7101e15fa0 RCX: 00007f7101b9cdd9 [ 905.886568][T17079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 905.894595][T17079] RBP: 00007f7101c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 905.902761][T17079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 905.910889][T17079] R13: 00007f7101e16038 R14: 00007f7101e15fa0 R15: 00007ffdbe0f4928 [ 905.919033][T17079] [ 906.418829][ T7155] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 906.613125][ T7155] usb 5-1: Using ep0 maxpacket: 32 [ 906.628728][ T7155] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 906.658854][ T7155] usb 5-1: config 0 has no interface number 0 [ 906.682404][ T7155] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 906.707225][ T7155] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 906.737206][ T7155] usb 5-1: Product: syz [ 906.748006][ T7155] usb 5-1: Manufacturer: syz [ 906.760550][ T7155] usb 5-1: SerialNumber: syz [ 906.792883][ T7155] usb 5-1: config 0 descriptor?? [ 906.802564][ T7155] smsc95xx v2.0.0 [ 907.685323][ T7155] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 907.794017][T17142] 9pnet_fd: Insufficient options for proto=fd [ 907.899684][ T7155] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 907.936204][ T7155] smsc95xx: probe of 5-1:0.67 failed with error -71 [ 907.961955][ T7155] usb 5-1: USB disconnect, device number 4 [ 908.987422][T17156] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 908.994800][T17156] IPv6: NLM_F_CREATE should be set when creating new route [ 909.002064][T17156] IPv6: NLM_F_CREATE should be set when creating new route [ 909.074814][T17156] netlink: 18 bytes leftover after parsing attributes in process `syz.4.3157'. [ 909.102276][T17156] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 909.109583][T17156] IPv6: NLM_F_CREATE should be set when creating new route [ 909.116968][T17156] IPv6: NLM_F_CREATE should be set when creating new route [ 910.094852][ T7147] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 910.177060][T17167] loop4: detected capacity change from 0 to 32768 [ 910.245341][T17167] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 910.300947][ T7147] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 910.365176][ T7147] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 910.435721][ T7147] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 910.468026][T17167] XFS (loop4): Ending clean mount [ 910.485470][ T7147] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 910.515727][T17167] XFS (loop4): Quotacheck needed: Please wait. [ 910.563824][ T7147] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 910.601119][ T7147] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 910.646378][ T7147] usb 2-1: Manufacturer: syz [ 910.663129][ T990] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 910.681808][ T7147] usb 2-1: config 0 descriptor?? [ 910.719506][T17167] XFS (loop4): Quotacheck: Done. [ 910.906257][ T27] audit: type=1804 audit(2000000024.181:364): pid=17167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3162" name="/newroot/74/file0/file1" dev="loop4" ino=9286 res=1 errno=0 [ 911.040735][T16042] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 911.180238][ T7147] appleir 0003:05AC:8243.000D: unknown main item tag 0x0 [ 911.229018][ T7147] appleir 0003:05AC:8243.000D: No inputs registered, leaving [ 911.263458][ T7147] appleir 0003:05AC:8243.000D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 911.491727][ T7146] usb 2-1: USB disconnect, device number 22 [ 911.567928][T17185] fido_id[17185]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 911.975456][ T7151] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 912.190981][ T7151] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 912.210450][ T7151] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 912.241389][ T7151] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 912.261820][ T7151] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 912.281005][ T7151] usb 5-1: Product: syz [ 912.291785][ T7151] usb 5-1: Manufacturer: syz [ 912.302581][ T7151] usb 5-1: SerialNumber: syz [ 912.359615][ T7151] cdc_ncm 5-1:1.0: skipping garbage [ 912.641131][T17205] ./file0: Can't lookup blockdev [ 913.025367][T17206] loop1: detected capacity change from 0 to 32768 [ 913.329392][T17217] loop1: detected capacity change from 0 to 4096 [ 913.488341][ T7151] cdc_ncm 5-1:1.0: bind() failure [ 913.520408][ T7151] usbtest: probe of 5-1:1.1 failed with error -71 [ 913.546844][ T7151] usb 5-1: USB disconnect, device number 5 [ 914.009460][T17231] loop1: detected capacity change from 0 to 256 [ 914.389713][T17245] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 914.417171][T17237] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 914.444080][T17237] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 914.452370][T17237] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 914.460969][T17237] kvm: requested 13409 ns i8254 timer period limited to 200000 ns [ 914.674122][T17249] wlan0 speed is unknown, defaulting to 1000 [ 914.682771][T17249] lo speed is unknown, defaulting to 1000 [ 914.997803][ T48] tipc: Subscription rejected, illegal request [ 916.098706][T17284] wg1: entered promiscuous mode [ 916.127237][T17284] wg1: entered allmulticast mode [ 916.149356][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 916.155840][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 916.888163][T17313] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 916.934200][T17313] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 916.958231][T17313] kvm: requested 53638 ns i8254 timer period limited to 200000 ns [ 917.008735][T17316] wg1: entered promiscuous mode [ 917.014004][T17316] wg1: entered allmulticast mode [ 917.017231][T17313] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 917.045994][T17313] kvm: requested 13409 ns i8254 timer period limited to 200000 ns [ 917.858907][T17342] loop4: detected capacity change from 0 to 256 [ 917.881034][T17342] exfat: Deprecated parameter 'utf8' [ 917.920871][T17342] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf8a64500, utbl_chksum : 0xe619d30d) [ 918.617334][T17362] dummy0: entered promiscuous mode [ 918.643981][T17362] macsec1: entered promiscuous mode [ 918.649564][T17362] macsec1: entered allmulticast mode [ 918.660199][T17362] dummy0: entered allmulticast mode [ 918.676066][T17362] dummy0: left allmulticast mode [ 918.686636][T17362] dummy0: left promiscuous mode [ 919.284669][ T787] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 919.511071][ T787] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 919.520436][ T787] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 919.539586][ T787] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 919.570507][ T787] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 919.594292][ T787] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 919.609799][ T787] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 919.626517][ T787] usb 2-1: Product: syz [ 919.637230][ T787] usb 2-1: Manufacturer: syz [ 919.653245][ T787] cdc_wdm 2-1:1.0: skipping garbage [ 919.668974][ T787] cdc_wdm 2-1:1.0: skipping garbage [ 919.681890][ T787] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 919.687918][ T787] cdc_wdm 2-1:1.0: Unknown control protocol [ 919.728387][T17384] netlink: 'syz.0.3244': attribute type 10 has an invalid length. [ 919.749188][T17384] netdevsim netdevsim0 netdevsim0: left allmulticast mode [ 919.780350][T17384] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 919.803127][T17384] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3244'. [ 920.231062][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.238075][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.245097][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.251790][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.260145][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.266819][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.273249][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.279892][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.287697][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.294423][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.302162][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.308817][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.315264][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.322004][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.328371][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.335013][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.341398][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.348050][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.354574][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 920.361223][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 920.684949][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 920.699127][ T7151] usb 2-1: USB disconnect, device number 23 [ 920.750904][T17384] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 920.793546][T17384] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 920.823167][T17384] bond0 (unregistering): (slave netdevsim0): Releasing backup interface [ 920.846239][T17384] bond0 (unregistering): Released all slaves [ 920.861366][T17388] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3245'. [ 921.387614][T17411] loop4: detected capacity change from 0 to 512 [ 921.440966][T17411] EXT4-fs error (device loop4): ext4_orphan_get:1404: inode #15: comm syz.4.3254: inode has both inline data and extents flags [ 921.497269][T17411] EXT4-fs error (device loop4): ext4_orphan_get:1409: comm syz.4.3254: couldn't read orphan inode 15 (err -117) [ 921.545501][T17411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 921.601698][T17417] bridge0: port 3(syz_tun) entered blocking state [ 921.655054][T17417] bridge0: port 3(syz_tun) entered disabled state [ 921.669195][T17417] syz_tun: entered allmulticast mode [ 921.676304][T17417] syz_tun: entered promiscuous mode [ 921.697193][T17417] bridge0: port 3(syz_tun) entered blocking state [ 921.703863][T17417] bridge0: port 3(syz_tun) entered forwarding state [ 921.733467][T17423] overlayfs: failed to clone upperpath [ 921.787136][T16042] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 921.973867][T17431] loop1: detected capacity change from 0 to 512 [ 922.008280][T17431] EXT4-fs: Ignoring removed nomblk_io_submit option [ 922.093030][T17431] EXT4-fs error (device loop1): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 922.157522][T17437] loop4: detected capacity change from 0 to 256 [ 922.181614][T17431] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3262: corrupted inode contents [ 922.202139][T17431] EXT4-fs error (device loop1): ext4_dirty_inode:6143: inode #11: comm syz.1.3262: mark_inode_dirty error [ 922.231690][T17431] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.3262: invalid indirect mapped block 1 (level 1) [ 922.249379][T17431] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3262: corrupted inode contents [ 922.299664][T17437] FAT-fs (loop4): Directory bread(block 64) failed [ 922.306293][T17437] FAT-fs (loop4): Directory bread(block 65) failed [ 922.320528][T17437] FAT-fs (loop4): Directory bread(block 66) failed [ 922.321014][T17431] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 922.327152][T17437] FAT-fs (loop4): Directory bread(block 67) failed [ 922.349843][T17437] FAT-fs (loop4): Directory bread(block 68) failed [ 922.359087][T17437] FAT-fs (loop4): Directory bread(block 69) failed [ 922.370295][T17437] FAT-fs (loop4): Directory bread(block 70) failed [ 922.378037][T17437] FAT-fs (loop4): Directory bread(block 71) failed [ 922.394942][T17431] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3262: corrupted inode contents [ 922.420217][T17431] EXT4-fs error (device loop1): ext4_truncate:4301: inode #11: comm syz.1.3262: mark_inode_dirty error [ 922.431468][T17437] FAT-fs (loop4): Directory bread(block 72) failed [ 922.431508][T17437] FAT-fs (loop4): Directory bread(block 73) failed [ 922.457397][T17431] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 922.468626][T17431] EXT4-fs (loop1): 1 truncate cleaned up [ 922.480599][T17431] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 922.544234][T17431] EXT4-fs error (device loop1): ext4_find_dest_de:2115: inode #2: block 13: comm syz.1.3262: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 922.703853][T16539] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 923.279309][T17458] loop1: detected capacity change from 0 to 256 [ 923.390342][T17458] FAT-fs (loop1): Directory bread(block 64) failed [ 923.409915][T17458] FAT-fs (loop1): Directory bread(block 65) failed [ 923.416645][T17458] FAT-fs (loop1): Directory bread(block 66) failed [ 923.442424][T17458] FAT-fs (loop1): Directory bread(block 67) failed [ 923.449179][T17458] FAT-fs (loop1): Directory bread(block 68) failed [ 923.468882][T17458] FAT-fs (loop1): Directory bread(block 69) failed [ 923.484307][T17458] FAT-fs (loop1): Directory bread(block 70) failed [ 923.490925][T17458] FAT-fs (loop1): Directory bread(block 71) failed [ 923.509138][T17458] FAT-fs (loop1): Directory bread(block 72) failed [ 923.527226][T17458] FAT-fs (loop1): Directory bread(block 73) failed [ 924.069677][T17479] loop4: detected capacity change from 0 to 512 [ 924.104364][T17479] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 924.140128][T17479] EXT4-fs (loop4): 1 truncate cleaned up [ 924.197643][T17479] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 924.429760][T16042] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 924.612209][T17495] loop4: detected capacity change from 0 to 2048 [ 924.675777][T17500] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 924.783175][T17500] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 924.805093][T17500] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4) [ 924.837642][T17500] Remounting filesystem read-only [ 924.846746][T17499] loop1: detected capacity change from 0 to 256 [ 924.855977][ T7635] NILFS (loop4): discard dirty page: offset=4096, ino=6 [ 924.866748][ T7635] NILFS (loop4): discard dirty block: blocknr=39, size=1024 [ 924.914876][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 924.958930][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 924.980628][T17499] FAT-fs (loop1): Directory bread(block 64) failed [ 924.984721][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 924.987852][T17499] FAT-fs (loop1): Directory bread(block 65) failed [ 925.046097][T17499] FAT-fs (loop1): Directory bread(block 66) failed [ 925.052728][T17499] FAT-fs (loop1): Directory bread(block 67) failed [ 925.065839][ T7635] NILFS (loop4): discard dirty page: offset=0, ino=3 [ 925.079231][ T7635] NILFS (loop4): discard dirty block: blocknr=42, size=1024 [ 925.086823][T17499] FAT-fs (loop1): Directory bread(block 68) failed [ 925.105080][ T7635] NILFS (loop4): discard dirty block: blocknr=43, size=1024 [ 925.119461][T17499] FAT-fs (loop1): Directory bread(block 69) failed [ 925.131508][ T7635] NILFS (loop4): discard dirty block: blocknr=44, size=1024 [ 925.142185][T17499] FAT-fs (loop1): Directory bread(block 70) failed [ 925.148899][T17499] FAT-fs (loop1): Directory bread(block 71) failed [ 925.155707][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.165087][T17499] FAT-fs (loop1): Directory bread(block 72) failed [ 925.171756][ T7635] NILFS (loop4): discard dirty page: offset=65536, ino=3 [ 925.179604][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.204645][T17499] FAT-fs (loop1): Directory bread(block 73) failed [ 925.212348][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.233924][ T7635] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 925.253015][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.285035][ T7635] NILFS (loop4): discard dirty page: offset=98304, ino=3 [ 925.304518][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.322773][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.348058][ T7635] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 925.359184][T17515] overlayfs: failed to clone upperpath [ 925.372060][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.404104][ T7635] NILFS (loop4): discard dirty page: offset=196608, ino=3 [ 925.431573][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.456953][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.470611][ T7635] NILFS (loop4): discard dirty block: blocknr=49, size=1024 [ 925.511333][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.542686][ T7635] NILFS (loop4): discard dirty page: offset=0, ino=18 [ 925.559719][ T7635] NILFS (loop4): discard dirty block: blocknr=0, size=1024 [ 925.580986][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.600124][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.622957][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.642453][ T7635] NILFS (loop4): discard dirty page: offset=0, ino=2 [ 925.664175][ T7635] NILFS (loop4): discard dirty block: blocknr=18, size=1024 [ 925.671611][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.718006][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.726967][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.760717][ T7635] NILFS (loop4): discard dirty page: offset=0, ino=5 [ 925.767799][ T7635] NILFS (loop4): discard dirty block: blocknr=41, size=1024 [ 925.785330][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.794768][T17521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3295'. [ 925.813879][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.822867][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.852245][ T7635] NILFS (loop4): discard dirty page: offset=0, ino=4 [ 925.867329][ T7635] NILFS (loop4): discard dirty block: blocknr=40, size=1024 [ 925.879875][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.899527][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.922225][ T7635] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 925.944641][T17495] NILFS (loop4): mounting fs with errors [ 926.066007][T17500] ------------[ cut here ]------------ [ 926.072450][T17500] WARNING: CPU: 0 PID: 17500 at fs/buffer.c:1188 mark_buffer_dirty+0x2bb/0x4c0 [ 926.081980][T17500] Modules linked in: [ 926.085962][T17500] CPU: 0 PID: 17500 Comm: segctord Not tainted syzkaller #0 [ 926.093529][T17500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 926.103708][T17500] RIP: 0010:mark_buffer_dirty+0x2bb/0x4c0 [ 926.109536][T17500] Code: 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 9f 9a fc ff e8 ba b6 88 ff 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 ea 08 e8 ff e8 a5 b6 88 ff <0f> 0b e9 84 fd ff ff e8 99 b6 88 ff 0f 0b e9 b0 fd ff ff e8 8d b6 [ 926.129290][T17500] RSP: 0018:ffffc9000376f6f0 EFLAGS: 00010293 [ 926.135631][T17500] RAX: ffffffff81fe6b5b RBX: ffff88805a707bc8 RCX: ffff88804639bc00 [ 926.143674][T17500] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 926.151801][T17500] RBP: ffffc9000376fb01 R08: ffff88805a707bcf R09: 1ffff1100b4e0f79 [ 926.160056][T17500] R10: dffffc0000000000 R11: ffffed100b4e0f7a R12: 1ffff11008507cf7 [ 926.168190][T17500] R13: ffff88804283e7c8 R14: ffff88807b8ac328 R15: 1ffff11008507cf9 [ 926.176690][T17500] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 926.185937][T17500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 926.193056][T17500] CR2: 0000555591ad0a28 CR3: 000000006171e000 CR4: 00000000003506f0 [ 926.201256][T17500] Call Trace: [ 926.204601][T17500] [ 926.207592][T17500] nilfs_segctor_do_construct+0x307/0x68a0 [ 926.213573][T17500] ? verify_lock_unused+0x140/0x140 [ 926.218941][T17500] ? verify_lock_unused+0x140/0x140 [ 926.224918][T17500] ? nilfs_transaction_unlock+0x220/0x220 [ 926.230783][T17500] ? nilfs_bmap_test_and_clear_dirty+0x50/0x70 [ 926.237021][T17500] ? nilfs_segctor_confirm+0x24d/0x2d0 [ 926.242598][T17500] ? __lock_acquire+0x7d40/0x7d40 [ 926.247693][T17500] ? __rwlock_init+0x150/0x150 [ 926.252593][T17500] ? do_raw_spin_unlock+0x121/0x230 [ 926.257867][T17500] ? _raw_spin_unlock+0x28/0x40 [ 926.262849][T17500] ? nilfs_segctor_confirm+0x24d/0x2d0 [ 926.268380][T17500] nilfs_segctor_construct+0x17b/0x690 [ 926.273966][T17500] nilfs_segctor_thread+0x536/0x10d0 [ 926.279401][T17500] ? nilfs_iput_work_func+0x70/0x70 [ 926.285094][T17500] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 926.291071][T17500] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 926.297180][T17500] ? wake_bit_function+0x200/0x200 [ 926.302758][T17500] ? __kthread_parkme+0x7a/0x1c0 [ 926.307925][T17500] kthread+0x2fa/0x390 [ 926.312066][T17500] ? nilfs_iput_work_func+0x70/0x70 [ 926.317405][T17500] ? kthread_blkcg+0xd0/0xd0 [ 926.322061][T17500] ret_from_fork+0x48/0x80 [ 926.326562][T17500] ? kthread_blkcg+0xd0/0xd0 [ 926.331277][T17500] ret_from_fork_asm+0x11/0x20 [ 926.336127][T17500] [ 926.339274][T17500] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 926.346613][T17500] CPU: 0 PID: 17500 Comm: segctord Not tainted syzkaller #0 [ 926.353948][T17500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 926.364054][T17500] Call Trace: [ 926.367365][T17500] [ 926.370344][T17500] dump_stack_lvl+0x18c/0x250 [ 926.375071][T17500] ? show_regs_print_info+0x20/0x20 [ 926.380316][T17500] ? load_image+0x420/0x420 [ 926.384890][T17500] panic+0x2dc/0x730 [ 926.388953][T17500] ? bpf_jit_dump+0xd0/0xd0 [ 926.393501][T17500] ? ret_from_fork_asm+0x11/0x20 [ 926.398484][T17500] __warn+0x2e0/0x470 [ 926.402512][T17500] ? mark_buffer_dirty+0x2bb/0x4c0 [ 926.407673][T17500] ? mark_buffer_dirty+0x2bb/0x4c0 [ 926.412858][T17500] report_bug+0x2be/0x4f0 [ 926.417252][T17500] ? mark_buffer_dirty+0x2bb/0x4c0 [ 926.422402][T17500] ? mark_buffer_dirty+0x2bb/0x4c0 [ 926.427549][T17500] ? mark_buffer_dirty+0x2bd/0x4c0 [ 926.432691][T17500] handle_bug+0xcf/0x120 [ 926.436989][T17500] exc_invalid_op+0x1a/0x50 [ 926.441518][T17500] asm_exc_invalid_op+0x1a/0x20 [ 926.446401][T17500] RIP: 0010:mark_buffer_dirty+0x2bb/0x4c0 [ 926.452155][T17500] Code: 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 9f 9a fc ff e8 ba b6 88 ff 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 ea 08 e8 ff e8 a5 b6 88 ff <0f> 0b e9 84 fd ff ff e8 99 b6 88 ff 0f 0b e9 b0 fd ff ff e8 8d b6 [ 926.471793][T17500] RSP: 0018:ffffc9000376f6f0 EFLAGS: 00010293 [ 926.477889][T17500] RAX: ffffffff81fe6b5b RBX: ffff88805a707bc8 RCX: ffff88804639bc00 [ 926.485892][T17500] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 926.493892][T17500] RBP: ffffc9000376fb01 R08: ffff88805a707bcf R09: 1ffff1100b4e0f79 [ 926.501894][T17500] R10: dffffc0000000000 R11: ffffed100b4e0f7a R12: 1ffff11008507cf7 [ 926.509890][T17500] R13: ffff88804283e7c8 R14: ffff88807b8ac328 R15: 1ffff11008507cf9 [ 926.517900][T17500] ? mark_buffer_dirty+0x2bb/0x4c0 [ 926.523245][T17500] nilfs_segctor_do_construct+0x307/0x68a0 [ 926.529222][T17500] ? verify_lock_unused+0x140/0x140 [ 926.534505][T17500] ? verify_lock_unused+0x140/0x140 [ 926.539833][T17500] ? nilfs_transaction_unlock+0x220/0x220 [ 926.545584][T17500] ? nilfs_bmap_test_and_clear_dirty+0x50/0x70 [ 926.551787][T17500] ? nilfs_segctor_confirm+0x24d/0x2d0 [ 926.557279][T17500] ? __lock_acquire+0x7d40/0x7d40 [ 926.562348][T17500] ? __rwlock_init+0x150/0x150 [ 926.567147][T17500] ? do_raw_spin_unlock+0x121/0x230 [ 926.572399][T17500] ? _raw_spin_unlock+0x28/0x40 [ 926.577289][T17500] ? nilfs_segctor_confirm+0x24d/0x2d0 [ 926.582779][T17500] nilfs_segctor_construct+0x17b/0x690 [ 926.589344][T17500] nilfs_segctor_thread+0x536/0x10d0 [ 926.594702][T17500] ? nilfs_iput_work_func+0x70/0x70 [ 926.599937][T17500] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 926.605872][T17500] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 926.611837][T17500] ? wake_bit_function+0x200/0x200 [ 926.616982][T17500] ? __kthread_parkme+0x7a/0x1c0 [ 926.621989][T17500] kthread+0x2fa/0x390 [ 926.626115][T17500] ? nilfs_iput_work_func+0x70/0x70 [ 926.631373][T17500] ? kthread_blkcg+0xd0/0xd0 [ 926.636017][T17500] ret_from_fork+0x48/0x80 [ 926.640477][T17500] ? kthread_blkcg+0xd0/0xd0 [ 926.645102][T17500] ret_from_fork_asm+0x11/0x20 [ 926.649914][T17500] [ 926.653546][T17500] Kernel Offset: disabled [ 926.658022][T17500] Rebooting in 86400 seconds..