last executing test programs: 2m11.706559248s ago: executing program 4 (id=850): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet6(r0, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000140)=0x6, 0x4) recvmmsg(r0, &(0x7f0000000d80), 0x4000000000001e9, 0x10162, 0x0) 2m11.672823689s ago: executing program 4 (id=851): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000003c0)='cubic', 0xb) getsockopt$inet_tcp_buf(r0, 0x29, 0x1c, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x18, 0x0, 0x0) 2m11.635416599s ago: executing program 4 (id=852): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$caif_stream(0x25, 0x1, 0x0) writev(r1, &(0x7f00000000c0)=[{&(0x7f00000002c0)='S', 0x1}], 0x1) 2m10.450912892s ago: executing program 4 (id=854): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) umount2(&(0x7f0000000340)='./file0\x00', 0x1) 2m10.131038738s ago: executing program 4 (id=856): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="1546010000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1, @ANYBLOB="080003"], 0x44}}, 0x40) 2m6.772176703s ago: executing program 4 (id=869): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0) read$hiddev(r0, &(0x7f00000000c0)=""/4092, 0xffc) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000001100)=""/223, 0xdf}], 0x1, 0x40000004, 0x6) read$watch_queue(r0, &(0x7f0000000000)=""/50, 0x32) 2m6.342175931s ago: executing program 32 (id=869): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0) read$hiddev(r0, &(0x7f00000000c0)=""/4092, 0xffc) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000001100)=""/223, 0xdf}], 0x1, 0x40000004, 0x6) read$watch_queue(r0, &(0x7f0000000000)=""/50, 0x32) 46.373673459s ago: executing program 3 (id=1074): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffffffff, @empty, 0x0, 0x3}, 0x20) connect$l2tp6(r0, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) sendmmsg$inet6(r0, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00) 44.631715252s ago: executing program 3 (id=1078): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x70bd2e, 0x2, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_COALESCE_RX_USECS_IRQ={0x8, 0x4, 0x4}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x144}, 0x0) 43.673936121s ago: executing program 3 (id=1084): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./bus\x00', 0x808008, &(0x7f0000000380)=ANY=[@ANYBLOB="636f6465706167653d757466382c66696c655f756d61736b3d30303030303030303030303030303030303030303030332c696f636861727365743d63703737352c71756965742c008f7881d185c35a6a28ef06c5b85628f12a02248de249c2a338d049166371583781680d171f47"], 0x1, 0x2df, &(0x7f0000000400)="$eJzs3T9v004cx/HPOUmb/lF//rVFSCygQiVYKgoMiCUIZWVnQkCTShVREW2RgIWCGBEPgJ2nwINgAfEEYGLiAXQzuvPZdVLHaaCJ2/J+SYmc893569oX39dSagH4Z91pfv94/ad9GamiiqRbUiCpLlUlndHZ+rPNnY2dTrtV1FHFtbAvo7ilOVBnbbOd19S2cy280H6qajZbhtGIouj2j7KDQOnc6M8RSJN+HLr19THHNSq70vmyYxi37AE2e9rTc82VGA4A4Bjw1//AXyZmXZFREEjL/rJ/qq7/e2UHcLRudA4URYUNMtd/N7uLjD2+/7lV+/meS+Hs+iDJEg8TTK3n84TiM6trgmkGZZUulmBqfaOqlbXXagV6o4aXqbbo3lvxqZsYEO1STm5aoH9vNd2djvfGzSh7JSGtb3Tak3YhJ/6F4bb498xn89XcN6E+qJXO/6qRsYfJHamw50gFNRv/1f49zrhWtpZ82t9oNIKuKv+7jZzzW/AG7GU9PyPJ9pncINhNIyiK0217Xt23FeK9Wx3QaiGvVZh+6tNqsatVxZ8JK2tPOoW3UkYj2UXz3twzS/qlT2pm5v+BjW9ZmZFZ9FVvXE1/ZsT7M5FfM/3b9HS3P1wu9NacHGq/4A13t+ydHumm5rZfvHxc6XTaW3bhYc7C09kt40tqb6XcOqNfqKigjnb3SyLrVRQdtudolMFfOdIO7fdHWmKHT15lO8rSkmDch+nULdiRkrOq+UVFJ+TJWYgiqc+qUX1N4TjZNslB9wVTJQeEcbPzLhPnf24m72d1LkWyb2HBPL04yVRXj6tpBtc9FZx379NDZXAz/TO4zBav9ckZXc518bJ0KVNoVLjF0Md5SpimvukB9/8BAAAAAAAAAAAAAAAAAABOmiP8OUHyS8YDq0reRQAAAAAAAAAAAAAAAAAAAAAATrw/ev5v3v+Id8//Dcf1/N/iJwMBOJTfAQAA//+YznN8") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x103042, 0x0) pwrite64(r0, &(0x7f0000000340)='!', 0x1, 0x400b5e) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) 41.898009675s ago: executing program 3 (id=1090): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x6, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x4}, 0x94) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0) getsockopt$netlink(r0, 0x10e, 0x9, 0x0, &(0x7f0000000100)) 41.241256718s ago: executing program 3 (id=1091): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x3) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) writev(r0, &(0x7f00000013c0)=[{&(0x7f0000001180)="db409d86964412f734f0745a4278008efddca5d4bf6b2ab0029751cfd85eb8cdfe1a777febc73531c9a0f1e71deb395294730773eb6b2593a3ec760207c7a01d570724773a4e99e0b732cd9d2304c42e867723e57410945e6353e03ab076fb818e9d4ca4bb720aa6d28f26b7af2dc2fef66ec7b6bba16c88cf1ccd47d0be05a458102613990999a2", 0x88}, {&(0x7f0000000100)="4eacbb57d87ac25c71bf0442b0990bcc374e6df9930d1c65a49b35ceb8531eb0598c55be51dbefb156695e3cdafc02b057ca06fec6e615a2f07cace401eddda9f84ccd5614e7a8f757", 0x49}, {&(0x7f0000000200)="ddc3dfbc378a5d189b4f07aa9ccec5f62010d063f22cb68fd48c80268f3fb29bc7f62a1bd794927aa0e5624de813fbb77658f271b965d737415afb5d76c008bc2e5de929abb07743a81c3894cfbd1da8c2e7264971818648c80e90a8d058f7ec6e0852847972aaf7b297ec3b0b4d6aaed9", 0x71}, {&(0x7f0000000280)="16be20a0baa0745196e7b233b69ea45c924dd8a3b0adf32cdfa79ba727e3c105e34d06e579e97507b653ae2b98ef6691252457b1329e626f226109450e9716db429e5c92df01fae216ba07db150dfb506fd38d372014707fe6d47c4f2b3762b6954428a33cce84eef997fcef88435690bca9614d2ee8148494fa2814b240598dc67fba7607621c0905a6b5d1222da07b51bfd24b9d8ba14144fb06bcfc1d6aa1f0a115328cf2ab59c1f4a5b6a9a1364ab6e1fd514ed63b1545cbcd2262d3e0a82805807a65090b0c992e5614", 0xcc}, {&(0x7f0000000380)="91b129ae3192851e234c38669e0bdde47e7ac38bee3b18b3888452ae24ab72b857088c6102db480b3bfb655af1535d963506040375195499b2daa73104d28e0c8db65971a87cfa3dfbe7dafaa968a713ff9f0a4d66a08c66c02afa1e1a93ef19f3cf833fee026522c89c295b22160315f934129a5ab9fa3f7fc72a8681805c31f693756cfab6e3c628688edded4f25a25ab3c3b3e0e7960ff10e8320210a9d420988256adf526a9082e4685eb2ab29afde60d976a81eededb9dca4213cadbbdafc8330199d0e773792686a651fcc1477ef270c16abc65fe81200493eb65508eaa1ef5d9aa93fa8574ff4f6c35e09c75290d70b9f4e2d3d87917ea408a81f648338732e0346617aabfc8846125702d77f6fdd7f7fc2183b7c7670baaa4462ea991b09d7db273d43c250574a48cf347cd6ab84be1b358e5b6e9b7aae0122e87d786dc9997ea35b7ca281c5d55fa75dc4ffc5f38e90b2037858b4bcf097280751d1beb0164df683d921357d47a2e002b9398a7455cc07fc920df3209316c90e69888e6cde094cf1a5364acd32d85f48be2947b4b316269b2a355c101bc2948bf48234a78c66638ddbc2ef98a92b4805cca326568e0ae4c8c87246d69393f6a111bad503b88aa947805d101be6ea2fd4c4971c9ae0c3f89f095a4d4c6f457a2dc865e6c2cd4337bf36dfcee67d9869eeb7be7fe61700d777c49650e7f0e64ca160580f393958ce3642c11b8ba7b8bae879f249b82da50aa87d84b1a23e173484a253d02eb0cb1d4eb97cc0717677a761cc8b89bc1e0a6719e99c8445fc00f1706bc68c8c81106a0bca71b46747d163f5c926a0724913e4ad66893baf1bea587dd356b1efa1bf2337219ca4ed238fa206ebcf4c813b05890e3662a5872c6c4d53ba114117d557a74f08cd09587a856a27a49e8f93705423a18b5710f2fe36aaee544be0a1265c9321d8261d370bc42a3b9ef3213ff4f207f0f39bede9b7c4be371ec072a9957c0d49ea900e7031b5a9fab70befe79d1243a38700243aa1676a8c05ba2a9207db79db6531c3dc2a5c95a0cf2219aa76ad2bcecf28ee51079ea30631c147a550f6524107467bb846a39175503fb8e8b0e277bb24fb9ec0ade36576c275767ad1cbb482df10ec1c075ee349fb927add445c917c36cc7d09af2dccaf4c6d7be657c84a107038917b085a0ab9c3fc9e972bd03ea7935bf0586ff0f0c878019acf768f745f58631281c273ec30fc4234306f64d75eb4970c5f9767f18ca007d8245c6342cdd187baefd0fba1ca29659600330be603bea348b7599d6ee89f1267281213af9f430d1de651a5936fed1a3f6e32d85f0b798de30dce34cb7c0c5da3388dea76e1122919358b98c67870a935c8759d79a057ddb0a287fbc412834678cdf1ea03e9dad1cd561201b028b54d6fdda82d76a411c242de9fbfe88a2204c9a510da3b0690bec1977d4fa370a95817d5b035bf1ab34e1d0f4c3d44a330264270735a2af719341785aadcb7290ddf10563ec96abddc2d5d5c62828babaee25448217c1cc85c04b2faa2181c846ecb5492e72e3f0ea7c120826254fb6a12d235d7f0fa078169afe797102ad86abac2b9c7758038f2e409055099f7f88f83cd70e5fc8cb290db750982d63fc9be182ac4f72ec47c2c6956ccb6f0c26c0c91b5f118119d17b175720b9088bd92370f4084b13cf6c016287ebd39d0aa2367c59f0ae02d551080a71e7a069c703ab74b58dedf3d17f9ad43b7b045a1d9eb808ab2c00a201ded816e60362b27f12269b012d9e821148b8f41eac4cb8dbdef047496ee95393b4e4fcb2ef94da2c9fa877d4444be9818ca2fa27ea8785c3c86c2301c02ad52bd7fa9aac1bf4ec4f537fcae1f0de083b6feb1f73e6fb9ec1468bde438711731b7a5cfee9f0a88b8f7225bcec88ccbf54c4aebf14a56b999461f4e45b571a58939704755227a6625f4ca4ca9cbbae6ba67b52b7d0870947b76a19bdf303c8b9229031803d0260dae7d40f321feaab5418d09e85d587fb9b0a2ef152c93111cc079d4ec64fbd1d510fa7c2f092f4c1de85045ab0c65ca7b8079850b39a910fa40b15519793a007facbddb20a9fad0794505b3c518b47d126e8dfddabf247c3b4280e4ca34fda7804142a414e620b2f4160720ab25b61790c896dac27b183aebfcd1b4ce9c5ed01571212ddd1fb304206e9847c8dcae3bc7816e4507e4217cd1a80ef9dc58bbb3331122b4f76b65e4774acc5dd6875b63474a8908ba4226edffcb87a0d883c59482ba9c3d1e0a54151a45a85cb691317da947a1814560976d9da53153dbaab2e2d3093db6c9a65d8b21da485423967232c6a36a97fb72ec3c2d40e45ecf60948d1a7133a0ae7af0877b54fde6df45602d888f3a29efd67646cb315d5666ec0f5322d2cc275de18026f84a00877cae857d342a0c658e023f073d17efd1af5af4fddba558e340cdf271867b79a439237f8b9a76a44c5eed1adfcc05f7968f3a21375351374c1604841cab00beac4e2001b49742ad4f35c9d838c4922db8951e3046a04d5bcde903ffc977e2bde7dc4d5998a1c09588f27d299432757e19efe656b5d738bc269160c301bae8a1bb3d940801540dfca33eaa2c700495374dcc37bd878b396cf2b8cc1c0f0f135616e1c34790223faaa1b1b4f8e94f5594f727e48b7e20734228ff89a45505b56f60f559522b3e0f90ffe7e6a80adede59f2ffe556c1f6bbdb66461b80cdbfe43f95560dcf4d7a2fdaf085e6ec08b933faccd57f4fe8e57fb295f7b763413c187c4947b043c9ec68f21b6c125225b031ba47dd9e28eba228f5580f59bd25c1a4cd1b4eb7cb89795246f4c3700a7e04af7f91a70a498c3917b7986d5d98cf205a0fe0f3e7b9dae7f6404d78aa15a0dd24d5ab1149f2d6c592bedd586416f62114d8d8c5fbe9acc719d366069213fa0a2837d660174ed8455e9bb532ed4da2d938294331a3646923653696e6b6ddff443bcd6cf03a3c894397b211895f5d21860bb5e373824f4e5021132e6dd107070be0c725b240935d02446c88c164b91857e89d5dd3d62052008fb9490c210675fe14ae4cb8b10c863c61c4876a4dca2055aa3c2f795a499d0b80c396a86d097f98468517181ba25107166cf8fad9fc064e618fb05e06fdf92f8701f7f58f2500e66d6b57f3fa9316d2291fbbc1ca9e73fff886dede50d1ee8f0cc0f0cbfb95eb66a6039d7be245e5faacf3f56eb3f885d201965ed60837d11c7441a66fe4a464017eb075cd033bdbadb41e9e2ff8d00debddac515997c62600d1f74de0986c530e11e58733b9f8c4511ffc1334f9039a7683cd71fae0a2e94ee9abfaa34ccc1aa8d1ceb87e53dab7ba5bb24c9b6ad389ff02e81b8cf1efd3cbf0e7e7db629821b3b3c44b01a4c9ef9babeffd326d9a7fe9c9c8a4730bd8351e98cc5f05eaf8ec8ed6018c442a8bf88bbcb54aaad022c05ea0cfebe0c1b261943904033297bdcfb58df8086737e1d5d678727c63c57c1893ef5d66da60acc491b2b81eadf3c24c5ce259b795e9851e6c71af018099e52ab655ce61b04525d226622907a16ad47c5258ea85c33412c7aa6b72060c4bc955cfa53c59aa4b2fbf15d59c78dc5abcb1b8cccd6bde26f11d51ce09385ed225e07c7dc7f82610cc27449fcf8ab0811d803fa6258af08183694ff52a07a69dbd2ef8dc2c343ffe4372179814c0843f770849f514747c436cdc00058219573b1ced74b7b1c1a0382ec2aefba82af6b10bb0aed4aefa647ec8b4668ace404cf158b9358b8c8946ea5090086f12f68f4668a4a7219f29bcc2e41d94b94dfe4d528dd224b71a3330a893ae5ec1539b0187cf66fc2b0cc0261c4af5f8464a8d628fb844db6b706b8bb68532f7e9a7df4d6bcc88f95b1510a66ebeae08fd3a7983660c1a34f9402c8db53c86ad25bbbc23860fe33e65a28712bdcb6233eaea93546c8a2a268f8864e00dd11d486e011b7415cb619c54bc55744c9c37d682cd9751d9610a13487d2c72dc1f21a553c5ffc783d20b4ee8d5bbf2b9279f51645a91544ef51c79c68403dac17012750fe6f5023c8823d4fb79a81684e33e1e0a8e82747cc54a09e054eb7db415885141acf1fdfb9f1d6c252d7fc4db13db77cc99d822c7bff68d5a2607912ba4c8865ed7aed8b84566ca1b13bf423fafa1b0058247ef93e0de27749399095eab33073fb4f04b196c36a3f27098860b604e0a100eee06d411cf69e44799b115f016e6df2d25f0fab06cf79fb6720f54a521dde6e6d94de8eab652c1ff891c7fa3dc46d55d40647c539af13686845618adc7426270668d46476d840e508348c51e5f9b37ed1c2b113c40b71f98ef9bc2e2a796baeb65e0f12e5e50f9bb97b520112dea8ea07a8a1425bded6cff1216f7fa8c9354554599acae89611c4a8500178c4d027a6bfcfb29cb4875644b4837ed891b7ee816f341cc9158c8105523f34643f913bb836bdd302e7e17d74c33126ed266575b7a0ac422dc1c9b331d538f9103587a46574a593f48ff9db2e516891494f4beb0657e4c95e73e42f74f52bd85b1c63ac4c60787679b2ad43ce910dd753bac398a580b2c6707e1ee55b411d1b5cd0e4ab23a05a01185bfa418dfac1779ca57a1b520791748b4e6f88328fd5d5fe4ae90f0dc761fb58d92d8f1eabb4b009d389594d4aa92f24e77520c69b62ceac70b8996fe71ee5cad439991ce77a093bb17a6e6c550abe35517ac288a23a621f4d9913d9a39d0ad7a27b96609620573cf192b250823e1962f5ab62d998dc8527da7b14e1178cca890edee03a35c43cc7ac038ec0ebf698653f2d8fec82c55090bd18a80048a090c2d2dad8565ca708f7e197be052d4443e3a42c79403be0f328f78ba1c5a418e972e2b0570ee0f0db73054bcd5d8ac994f5cc1c521b6c0d8fa270a03a5a668bad4b9bb39bc9f66d7a1c3d0d1c8463a844cb1a50a282766c5f2fe8ceee57c5507cc8473061bd478ece59045dbe38b5ccd5f08121aca1f70d7bc4250b57964f8325daf7f010b436b3c0c0195b41337cc0a0093b5", 0xdf1}], 0x5) ioctl$SNDCTL_DSP_RESET(r0, 0x5000, 0x0) 40.102536059s ago: executing program 3 (id=1095): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000100)={0x66, 0xfe, 0x4, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x9}, 0xe) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f0000005000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0) 24.656813696s ago: executing program 33 (id=1095): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000100)={0x66, 0xfe, 0x4, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x9}, 0xe) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f0000005000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0) 13.148595858s ago: executing program 0 (id=1147): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='signal_generate\x00', r1}, 0x18) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r2, 0x22) 12.948801002s ago: executing program 1 (id=1148): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'fo\x00', 0x1, 0x4, 0x72}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @loopback, 0x4e21, 0x3, 'lblcr\x00', 0x0, 0x81, 0x39}, {@rand_addr=0x64010500, 0x4e25, 0x2000, 0xc3, 0xfffffff8, 0x12d5c}}, 0x44) r1 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000140)=@in6={0x2, 0x15, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 11.673099686s ago: executing program 0 (id=1150): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x3200014, &(0x7f00000000c0)=ANY=[], 0x1, 0x625, &(0x7f0000002c40)="$eJzs3U9oHNcdB/DvrFay5IKjJHZiSqAihrRU1NYflFa92C2l6BBKSA+9VthyLLxWgqQUJYdW/X/tIddCetCtp0Lvhvbc3HLVMVDoJSdBDyozO7ta2autLNvSKvl8zNv33r437735zcyudhczAb6ylqbTfJgiS9NvbZX1n+/Mt3Z35i/Uza0kZbmRNNtZirWk+efkVtopoz3DFUfN8/Hq4juffbH7ebvWrFPVv3F4iJPYrlOmkozUebJ/4XC3AdPs7x853u3ueCdVdCNTBuxamW8/1YDwbOw/pnNm/vc4mx95vQPnR9F+33zMZHIxyXj9d0DqV4fG6a7u2fP+CwAAwFfBC3vZy1YunfU6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dyp7/9f1KnRKU+l6Nz/f6x+LnX5nCkO1R6e2ToAAAAAAAAA4Nn5xl72spVLnfp+Uf3m/3pVuVw9fi0fZCMrWc/1bGU5m9nMemaTTPYMNLa1vLm5PnuMLef6bjl3OvsLAAAAAAAAAOfHzSfp/JssHfz+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw6BIRtpZlS53ypNpNJOMJxkr+20nn3bK59nDs14AAAAAnIIX9rKXrVzq1PeL6jP/K9Xn/vF8kLVsZjWbaWUld6rvAtqf+hu7O/Ot3Z35B2V6fNwf/OeJllGNmPZ3D/1nvlr1mMjdrFbPXM/tvJdW7qRRbVm62llP/3X9ulxTcbOtOObK7tR52f9PdT4cJquIjHYjMlOvrYzGi4Mj8YRH59GZZtPofvNz+dGZRg5teijmN48538U6L/fnD0Md87n67Pu0vGYGxzz55t//+rN7rbX79+5uTA/PLp1QHYntZh2J+Z7r8NVzGonRE201U0XiSre+lB/np5nOVN7e/1WSX2Q5m1nJVH5UlZZTdM/oycGRunWo9vb/W8lYfVzal+ARa8p6Vvus6fVq20tZzU/yXu5kJW9W/+Yym+9mIQtZ7DnCV47xStt4sqv+2rfqwkSSP9b5MBit4vpiT1x7X3Mnq7beZw6i9NLRUSpO+NrY/HpdKOf4bZ0Ph0cjMdsTiZcHny9/2S8fN1pr99fvLb9/zPneqPMylL8fqneJ8nx5qTxYVe3w2VG2vdy3bbZqu9xtazzWdqXb1vdKXe/Mv1j1fqXvSHNV26t92+artqs9bf3+3gJg6F389sWxiX9P/Gvik4nfTdybeGv8hxe+d+G1sYz+c/T7zZmRNxqvFX/LJ/nlwed/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5DY+/Oj+cqu1sj6g0LnBzqA+T1so6hv5PMcpFIaskPGhWMbzLDQzFMs40dEBvuRubD54/8bGhx99Z/XB8rsr766sjS4sLM4sLrw5f+Puamtlpv141qsEnoeDN/2zXgkAAAAAAAAAAABwXKfx3wnOeh8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA821pOs2HKTI7c32mrO/uzLfK1Ckf9GwmaSTjZbn4R3Ir7ZTJnuGKo+b5eHXxnc++2P38YKxmp39j0HZ9jT76xHadMpVkpM6fwqHxbj/1eEV3D8uAXesEDs7a/wIAAP//XHoJeA==") mlock2(&(0x7f0000004000/0x4000)=nil, 0x40ef, 0x0) 11.272472853s ago: executing program 1 (id=1151): r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20) read$msr(r0, &(0x7f00000001c0)=""/121, 0x79) syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120141014813442024040075ee69010203010902"], 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000005b80)={0x2020}, 0x2020) 9.92008986s ago: executing program 2 (id=1154): syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x20, r1, 0x1, 0x0, 0x0, {0x8}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) 9.38235816s ago: executing program 0 (id=1155): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, 0x0, 0x0, 0x0, 0xd5e855c9ff29405c}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140)) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000000c0)={0x1, r0}) 9.262571022s ago: executing program 5 (id=1156): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000400)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x5422) 8.655505604s ago: executing program 5 (id=1157): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x1, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0xb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="8b"}, @fils_params=[@NL80211_ATTR_FILS_ERP_USERNAME={0x4}]]}, 0x28}, 0x1, 0x0, 0x0, 0x20004005}, 0x0) 8.213832842s ago: executing program 0 (id=1158): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @empty, 0x3}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x9, 0x6}, 0x9c) 7.727101662s ago: executing program 2 (id=1159): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x18, 0x1c, &(0x7f0000000100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x11}, {}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0xfffffffe, 0xcf, &(0x7f0000000340)=""/207, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x8, 0x7ff, 0xfffffff7}, 0x10, 0x0, 0x0, 0x2, &(0x7f00000002c0)=[0x1, 0x1], &(0x7f0000000440)=[{0x5, 0x1, 0x7, 0x1}, {0x2, 0x2, 0x8, 0xa}], 0x10, 0x4000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='i2c_result\x00', r0, 0x0, 0x8}, 0x18) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x490, &(0x7f0000000580)="$eJzs3UFrXNUeAPD/nSR9aZu+pO+9RV/BWmwlLdqZpLFtcFEriK4Kat3HmExCyCQTMpO2CUVS/ACCiAquXLkR/ACC9COIUNC9iCiirS5cqCMzudPWOJMETHNx5veD03vOPTPzP6eTOXPPPZe5AXSt4xFxKSJ6IuJ0RAym+3NpivWNVH/c3Ts3puopiVrtyg9JJOm+5msl6fZg+rT+iHj5hYjXkr/GrayuzU+WSsXltFyoLiwVKqtrZ+YWJmeLs8XFsbHR8+MXxs+Nj+xaXy8+9807b374/MVPn7z21cR3p16vN2sgrXuwH7tpo+t9jf+Lpt6IWH4YwTLQk/anL+uGAACwI/Vj/P9ExGON4//B6GkczQEAAACdpPbMQPyaRNQAAACAjpVrXAOb5PLptQADkcvl8xvX8P4vDuRK5Ur1iZnyyuL0xrWyQ9GXm5krFUfSa4WHoi+pl0cb+fvls5vKYxFxOCLeHtzfKOenyqXprE9+AAAAQJc4uGn+//PgxvwfAAAA6DBDWTcAAAAAeOjM/wEAAKDzmf8DAABAR3vx8uV6qjXvfz19dXVlvnz1zHSxMp9fWJnKT5WXl/Kz5fJs4zf7FrZ7vVK5vPRULK5cL1SLlWqhsro2sVBeWaxONO7rPVF0n2gAAADYe4cfvfVlEhHrT+9vpLp9aZ25OnS2XNYNADLTk3UDgMz0Zt0AIDPm+ECyTX1/u4rPdr8tAADAwzH8f+v/0K2s/0P3sv4P3cv6P3Qvc3zA+j8AAHS+gUZKcvl0LXAgcrl8PuJQ47YAfcnMXKk4EhH/jogvBvv+VS+PZt1oAAAAAAAAAAAAAAAAAAAAAAAAAPiHqdWSqAEAAAAdLSL3bZLe/2t48OTA5vMD+5JfBhvbiLj2/pV3r09Wq8uj9f0/3ttffS/dfzaLMxgAAADAZs15enMeDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76e6dG1PNtJdxv382IoZaxe+N/sa2P/oi4sBPSfQ+8LwkInp2If76zYg40ip+Um9WDKWt2Bw/FxH7M45/cBfiQze7VR9/LrX6/OXieGPb+vPXm6a/q/34l7s3/vW0Gf8O7TDG0dsfF9rGvxlxtLf1+NOMn7SJf2KH8V99ZW2tXV3tg4jhlt8/yZ9iFaoLS4XK6tqZuYXJ2eJscXFsbPT8+IXxc+MjhZm5UjH9t2WMtx755Pet+n+gTfyhbfp/cof9/+329Tv/3SL+qROt3/8jW8Sv/008nn4P1OuHm/n1jfyDjn30+bGt+j/dpv/bvf+ndtj/0y+98fUOHwoA7IHK6tr8ZKlUXJaRkZG5l8l6ZAIAAHbb/YP+rFsCAAAAAAAAAAAAAAAAAAAA3Wsvfk4s6z4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzEHwEAAP//0wfUAw==") lsetxattr$security_ima(&(0x7f0000000300)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "ca46bb42f431c3e0a36fd25058505cb8e13b6aee"}, 0xfd3f, 0x0) lsetxattr$security_ima(&(0x7f0000000300)='./file0\x00', &(0x7f0000000080), &(0x7f0000000000)=@sha1={0x1, "ca46bb42f431c3e0a36fd25058505cb8e13b6aee"}, 0x9ab7, 0x0) 7.611712434s ago: executing program 5 (id=1160): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x9da, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0xfa, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xf4f6, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x1a, 0x0, 0x89}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000540)={0x24, 0x0, 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB="002216000000770bed9cd0"], 0x0}, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) socket$can_raw(0x1d, 0x3, 0x1) 6.998925006s ago: executing program 1 (id=1161): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000f80)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000001080)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000200)={r2, 0xfffe, 0x20, 0xd8ba, 0x9}, &(0x7f00000001c0)=0x18) 6.729861741s ago: executing program 0 (id=1162): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000140)=[{0x48, 0x0, 0x0, 0x7ffffffd}, {0x6, 0x1, 0xfb, 0x2}]}) write(r0, &(0x7f0000000080)="3aa0", 0x2) 5.968686756s ago: executing program 2 (id=1163): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@errors_remount}]}, 0xfe, 0x264, &(0x7f0000000700)="$eJzs3TtoJHUcB/Df7MM1JkjURhAfICIaCLEQBBttFAISgoigQkTEShIhJthlrWwstFZJZRPE7nJXHteEaw6uzd2lyDVXXLjiwhV3xR6zs3tsNhvy2Mccmc8HNjP/nf9rYL7/TIqZBFBYkxHxUUSUI2IqIqoRkXRWeCP7TLaK62NbCxGNxuf3kma9rJxptxuPiHpEfBBRaR9b3fx698H2p2//vlJ969/Nr8ZGdX6d9nZ3Ptv/Z+63C7PvrZZa3020tp3nMUhJj+8qScSLwxjsKZFU8p4BJzH/y/830ty/FBFvNvNfjVIrsn8sP3OlGu/+fVTbP+9ef2WUcwUGr9Gopr8D6w2gcErNe+CkNB0R2X6pND2d3cPfLCfx49Lyz1M/LK0sfp/3SgUMQFLP/u7d+eRS7eJ4V/7vlLP8n8j7Q54pMBRp/r+Y37iV7u+X854NMBKvZps0/1Pfrr0T8g+FI/9QXPIPxSX/cA6cMbvyD8Ul/1Bc8g/nWLW9U+95WP6huOQfiqsr/7k8jwvkozP/AECxNGp5P4EM5CXv9QcAAAAAAAAAAAAAAAAAADhsfWxrof0Z1ZhX/4rY+zgiKgfHrzWPlpv/jzji2ebP5+4nabUnkqxZX755vc8O+vTfgJ++nqudrv7ztwc7/mlde204/f56sHjku+3WFiPqaeWZSuXw9Z+0rr9jHdn/C8c0rH53sgEGJekqf/jlaMfv9mgj3/FntyMup+vPTK/1rxQvN7e915+Jzlcsn9FPD/vsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJF5HAAA//+4Vmsn") sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[], 0xa0}}, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019ef00000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4004}, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 5.906992377s ago: executing program 1 (id=1164): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) read$FUSE(r1, &(0x7f0000007fc0)={0x2020}, 0x2020) 5.080833413s ago: executing program 1 (id=1165): syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1010006, &(0x7f00000003c0)={[{@quota}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@discard}, {}, {@quota}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@uid={'uid', 0x3d, 0xee01}}]}, 0x24, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo") r0 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000003fc0)=""/4133, 0x1025) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000180)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) 4.965033975s ago: executing program 0 (id=1166): r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0xfffc, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24) sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000000d00), 0xf000, 0x10002, 0x0) recvmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x12040) 3.939156055s ago: executing program 2 (id=1167): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000088fe508a8500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000000c0)='kmem_cache_free\x00', r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x800700, &(0x7f0000000880)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=") setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='system.posix_acl_access\x00', &(0x7f00000001c0), 0x24, 0x0) listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) 3.816079737s ago: executing program 5 (id=1168): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x4, 0x0, 0x0, 'queue0\x00'}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x8882) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x1, 0x2, 0x0, 0x0, 0x3}, 0x1000d023}) write$sndseq(r1, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0xfd, @tick=0x4, {}, {}, @raw32={[0x0, 0x8]}}], 0x1c) 2.232853228s ago: executing program 5 (id=1169): syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x1210082, &(0x7f00000008c0)={[{@codepage={'codepage', 0x3d, 'cp932'}}, {@creator={'creator', 0x3d, "a4b5bda4"}}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@uid}, {@part={'part', 0x3d, 0xe78}}, {@umask}]}, 0x7, 0x324, &(0x7f0000000580)="$eJzs3U9r1EwcB/DvJLvd3aelT2wrBY9VwVNp60HxYpHixTfgQYq13UJprKAVtCCunkW8CYJHb55F34JexDegpx7Ek16KByPzy2STTSfZ7LY2W/b7ga67yfz5TSaTzLSsARENrStLX9+c39U/qgrABXAJcADUgQqAk5iu39/a3tj2m2t5BbmSQ/8ohDnVvjSrW01bVp1Pchie/lTBWHIb/RtBEATfuqb6eSSxUHlUOPb3cYCaGZ2yv37kkR2O9MWoFbZruCR6WO1hDw9GyoyGiIgGgLn/O+YuMWZumY4DnDXz8GN9/0dqfrNXXhwDIbz/Y1x6XK8DlD4+/8uueL0nsybd+060SrSVZT0ngvhwyyzDSXWA6raqlFicxvqG35xtSQFPcdlIJJuS1zVEDRFZ0Zr5zoxlbZojr+35RqUNVd2GhYz4J3uu8cN3vLRXt/ypQEzqo/qslpWHV1jDuNlYCZQ+OHJ8vFRPhfHPZZcorfTCVB2tjNfvJ6SSU1EPvH8bt7KRdVzrcHUsNroUlZ6/e1GcL0bQyMqFCXT+WiFs3Xx26yTXpDXXQvvzb2uuqXSuxnrVb86u3vFzf5VyaKwrOvVcXVcz+IF3WGr3vx4+rr7UZ4/MjlGuJKU5M3LbU5GUGf3YQQbw7Z5GJomr1o7O9wy3cBHj9x7ubK74fvNu+W+ioTIg8YQnojkd9Rb9byIN6vpNFcChVfonCALrrgqKZK8dMIyqNPXC67jJO5srqhV+PFgD0WoXGO1azE4MYBGA2RJdEfqp/XE7Vy0usFD2X7q3ZYv9hIyiOoITMqqqY5eLWqGR0uij0muPNlf8vq5EdMzEnY7pG2UHQ2XQ8y4Vrv8S65U5ueroFy9nNRJ0KzxR4nzGCmhCXv8rtoJrF5s5TxyN3nRZc50+B5xJ1eggqvFJuljPxIlB/Ktk73/KUEv4gpuJ+T8RERERERERERERERERERERERERER0LvX4boZ+vE3TWuDuE//EGEREREREREREREREREREREREREREREdHBJJ7/C7jyxJiR0p//6xZ4/m/0XAoi6tvfAAAA//8QG2Ax") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2b1245d, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 1.152938808s ago: executing program 1 (id=1170): syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=") r0 = inotify_init1(0x800) inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x20000301) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 1.018932751s ago: executing program 2 (id=1171): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f00000001c0)=0x0) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="3103000000000000000000080003", @ANYRES32=0x0, @ANYBLOB='\b'], 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4007, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 701.339827ms ago: executing program 5 (id=1172): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f00000004c0)={[{@jqfmt_vfsold}, {@nobh}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@noload}, {@delalloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@bsdgroups}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc") r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01012abd7000000008002b00000008000300", @ANYRES32=r2, @ANYBLOB="040046000500340076000000080026006c090000300051802c0000800500020000000000080003000aac0f0009000100"], 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x4804) 0s ago: executing program 2 (id=1173): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") mkdir(&(0x7f0000000040)='./control\x00', 0x0) rmdir(&(0x7f0000000280)='./control\x00') mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0) truncate(&(0x7f0000000180)='./control\x00', 0x9) kernel console output (not intermixed with test programs): 3): Directory bread(block 66) failed [ 124.333359][ T5325] FAT-fs (loop3): Directory bread(block 67) failed [ 124.418754][ T5325] FAT-fs (loop3): Directory bread(block 68) failed [ 124.490754][ T5325] FAT-fs (loop3): Directory bread(block 69) failed [ 124.540830][ T5325] FAT-fs (loop3): Directory bread(block 70) failed [ 124.589439][ T5325] FAT-fs (loop3): Directory bread(block 71) failed [ 124.643494][ T5325] FAT-fs (loop3): Directory bread(block 72) failed [ 124.686929][ T5325] FAT-fs (loop3): Directory bread(block 73) failed [ 124.930041][ T5297] loop1: detected capacity change from 0 to 32768 [ 125.057148][ T5297] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.381 (5297) [ 125.226675][ T5297] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 125.304278][ T5297] BTRFS info (device loop1): using free space tree [ 125.311937][ T5297] BTRFS info (device loop1): has skinny extents [ 125.322961][ T5320] loop2: detected capacity change from 0 to 32768 [ 125.559674][ T5320] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 125.776697][ T5297] BTRFS info (device loop1): enabling ssd optimizations [ 126.369791][ T4189] ocfs2: Unmounting device (7,2) on (node local) [ 126.587451][ T4202] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop1 scanned by udevd (4202) [ 127.974791][ T4405] kernel write not supported for file /snd/seq (pid: 4405 comm: kworker/0:12) [ 128.211774][ T5371] loop3: detected capacity change from 0 to 40427 [ 128.319727][ T5371] F2FS-fs (loop3): invalid crc value [ 128.367886][ T5371] F2FS-fs (loop3): Found nat_bits in checkpoint [ 128.392372][ T5383] loop2: detected capacity change from 0 to 32768 [ 128.482839][ T5383] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.397 (5383) [ 128.547093][ T5404] netlink: 32 bytes leftover after parsing attributes in process `syz.0.408'. [ 128.564040][ T4187] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 128.607879][ T5383] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 128.646718][ T5371] F2FS-fs (loop3): Start checkpoint disabled! [ 128.657164][ T5383] BTRFS info (device loop2): enabling auto defrag [ 128.694223][ T5383] BTRFS info (device loop2): max_inline at 0 [ 128.714070][ T5383] BTRFS info (device loop2): force clearing of disk cache [ 128.727717][ T5371] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 128.764128][ T5383] BTRFS info (device loop2): turning on sync discard [ 128.771048][ T5383] BTRFS info (device loop2): using free space tree [ 128.833962][ T5383] BTRFS info (device loop2): has skinny extents [ 128.944276][ T4187] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30 [ 129.045169][ T4187] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 129.078561][ T4187] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 129.080608][ T5385] loop1: detected capacity change from 0 to 32768 [ 129.118946][ T5385] XFS: noikeep mount option is deprecated. [ 129.126464][ T4187] usb 5-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00 [ 129.137940][ T4187] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.152643][ T4187] usb 5-1: config 0 descriptor?? [ 129.224468][ T5383] BTRFS info (device loop2): enabling ssd optimizations [ 129.255633][ T5385] XFS (loop1): Mounting V5 Filesystem [ 129.308827][ T5383] BTRFS info (device loop2): clearing free space tree [ 129.346441][ T5383] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 129.363383][ T5383] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 129.506536][ T5383] BTRFS info (device loop2): creating free space tree [ 129.539660][ T5383] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 129.556581][ T5385] XFS (loop1): Ending clean mount [ 129.586261][ T5385] XFS (loop1): Quotacheck needed: Please wait. [ 129.609516][ T5383] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 129.638590][ T4187] thrustmaster 0003:044F:B323.0003: unknown main item tag 0x0 [ 129.659598][ T4187] thrustmaster 0003:044F:B323.0003: unknown main item tag 0x0 [ 129.674213][ T4187] thrustmaster 0003:044F:B323.0003: item fetching failed at offset 2/5 [ 129.686343][ T4187] thrustmaster 0003:044F:B323.0003: parse failed [ 129.695380][ T4187] thrustmaster: probe of 0003:044F:B323.0003 failed with error -22 [ 129.787086][ T5385] XFS (loop1): Quotacheck: Done. [ 129.871583][ T4414] usb 5-1: USB disconnect, device number 4 [ 130.118857][ T4183] XFS (loop1): Unmounting Filesystem [ 131.626328][ T5470] loop4: detected capacity change from 0 to 64 [ 131.780365][ T5474] loop0: detected capacity change from 0 to 1024 [ 132.494449][ T5488] loop0: detected capacity change from 0 to 256 [ 132.527310][ T5491] CUSE: unknown device info "" [ 132.532527][ T5491] CUSE: zero length info key specified [ 132.539067][ T5490] loop4: detected capacity change from 0 to 256 [ 132.635002][ T5490] exfat: Deprecated parameter 'utf8' [ 132.659262][ T5488] FAT-fs (loop0): Directory bread(block 64) failed [ 132.690167][ T5490] exfat: Deprecated parameter 'utf8' [ 132.706354][ T5488] FAT-fs (loop0): Directory bread(block 65) failed [ 132.760653][ T5488] FAT-fs (loop0): Directory bread(block 66) failed [ 132.806003][ T5490] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 132.828746][ T5488] FAT-fs (loop0): Directory bread(block 67) failed [ 132.850425][ T5488] FAT-fs (loop0): Directory bread(block 68) failed [ 132.901735][ T5488] FAT-fs (loop0): Directory bread(block 69) failed [ 132.924033][ T5488] FAT-fs (loop0): Directory bread(block 70) failed [ 132.930741][ T5488] FAT-fs (loop0): Directory bread(block 71) failed [ 132.969797][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.976962][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.005607][ T5488] FAT-fs (loop0): Directory bread(block 72) failed [ 133.007563][ T5455] loop3: detected capacity change from 0 to 32768 [ 133.080778][ T5488] FAT-fs (loop0): Directory bread(block 73) failed [ 133.471518][ T5505] netlink: 'syz.4.435': attribute type 2 has an invalid length. [ 133.571005][ T5507] loop2: detected capacity change from 0 to 1024 [ 133.634606][ T5505] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.435'. [ 133.797153][ T5510] loop1: detected capacity change from 0 to 512 [ 134.001017][ T154] hfsplus: b-tree write err: -5, ino 4 [ 134.459432][ T5524] loop3: detected capacity change from 0 to 256 [ 134.586957][ T5524] exfat: Deprecated parameter 'utf8' [ 134.596234][ T5524] exfat: Deprecated parameter 'utf8' [ 134.632305][ T5530] CUSE: unknown device info "" [ 134.648906][ T5524] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 134.671357][ T5530] CUSE: zero length info key specified [ 134.814101][ T4271] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 135.054344][ T4271] usb 5-1: Using ep0 maxpacket: 8 [ 135.204253][ T4271] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 135.222678][ T4271] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 135.283688][ T4271] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 135.371133][ T4271] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 135.442957][ T4271] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 135.458424][ T5540] loop3: detected capacity change from 0 to 1024 [ 135.485357][ T4271] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 135.500730][ T4271] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.601575][ T5514] loop0: detected capacity change from 0 to 32768 [ 135.639206][ T4308] hfsplus: b-tree write err: -5, ino 4 [ 135.734891][ T5543] netlink: 40 bytes leftover after parsing attributes in process `syz.1.465'. [ 135.835236][ T4271] usb 5-1: GET_CAPABILITIES returned 0 [ 135.841529][ T4271] usbtmc 5-1:16.0: can't read capabilities [ 136.057613][ T5551] loop3: detected capacity change from 0 to 64 [ 136.078009][ T7] usb 5-1: USB disconnect, device number 5 [ 136.430734][ T5557] loop2: detected capacity change from 0 to 512 [ 136.593732][ T5557] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 136.804504][ T5557] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended [ 136.821214][ T5564] loop3: detected capacity change from 0 to 512 [ 137.043149][ T5557] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.463: inode #15: comm syz.2.463: iget: illegal inode # [ 137.225111][ T5557] EXT4-fs (loop2): Remounting filesystem read-only [ 137.304084][ T5557] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.463: couldn't read orphan inode 15 (err -117) [ 137.525823][ T5557] EXT4-fs (loop2): Remounting filesystem read-only [ 137.604395][ T5557] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable,noblock_validity,noquota,errors=remount-ro,dioread_nolock,. Quota mode: none. [ 140.754022][ T7] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 140.782538][ T5596] loop2: detected capacity change from 0 to 1024 [ 141.074759][ T7] usb 1-1: Using ep0 maxpacket: 8 [ 141.204781][ T7] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 141.245641][ T5592] loop3: detected capacity change from 0 to 4096 [ 141.260289][ T7] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 141.371734][ T7] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 141.414790][ T5592] __ntfs_error: 7 callbacks suppressed [ 141.414845][ T5592] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 141.494348][ T7] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 141.614479][ T5592] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 141.634571][ T7] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 141.743153][ T5592] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 141.773112][ T7] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 141.794412][ T5600] loop1: detected capacity change from 0 to 512 [ 141.830717][ T5592] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 141.876364][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.920773][ T5600] EXT4-fs (loop1): Ignoring removed oldalloc option [ 142.034262][ T5592] ntfs: volume version 3.1. [ 142.084172][ T5600] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 142.276430][ T5600] EXT4-fs (loop1): 1 truncate cleaned up [ 142.285111][ T5600] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,oldalloc,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback. [ 142.354672][ T7] usb 1-1: GET_CAPABILITIES returned 0 [ 142.361366][ T7] usbtmc 1-1:16.0: can't read capabilities [ 142.633853][ T1108] usb 1-1: USB disconnect, device number 4 [ 143.792860][ T5616] 9pnet: Insufficient options for proto=fd [ 144.280346][ T5626] loop0: detected capacity change from 0 to 64 [ 144.412494][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.446659][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.471836][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.596985][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.669607][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.722795][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.755068][ T5630] loop1: detected capacity change from 0 to 4096 [ 144.857135][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.938030][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.991129][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.126106][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.208047][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.261199][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.395970][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.476838][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.489296][ T5644] netlink: 8 bytes leftover after parsing attributes in process `syz.4.495'. [ 145.530575][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.665104][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.746155][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.799030][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.931671][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.013470][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.066785][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.201031][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.282851][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.334528][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.468381][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.542316][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.587831][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.654107][ T5633] loop2: detected capacity change from 0 to 32768 [ 146.719192][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.800226][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.843971][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.876614][ T5654] netlink: 28 bytes leftover after parsing attributes in process `syz.0.496'. [ 146.977436][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.056015][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.106951][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.154388][ T5659] program syz.3.501 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 147.240061][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.318196][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.343895][ T5657] loop0: detected capacity change from 0 to 512 [ 147.361152][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.495018][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.576525][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.634869][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.773291][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.873146][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.936343][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.000791][ T5657] EXT4-fs (loop0): 1 orphan inode deleted [ 148.042609][ T5657] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 148.079835][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.160058][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.212626][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.265446][ T5652] loop1: detected capacity change from 0 to 32768 [ 148.346190][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.416259][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.454100][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.585169][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.646779][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.683364][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.751576][ T5675] loop4: detected capacity change from 0 to 4096 [ 148.805593][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.886440][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.939275][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.941004][ T5652] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 149.005530][ T4395] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 149.074800][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.159327][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.212777][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.335302][ T5689] loop2: detected capacity change from 0 to 1024 [ 149.347164][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.428034][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.480000][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.568730][ T5675] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 149.571791][ T5689] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 149.613553][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.636904][ T4395] usb 4-1: config 0 has an invalid interface number: 32 but max is 0 [ 149.691687][ T4395] usb 4-1: config 0 has no interface number 0 [ 149.693575][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.742483][ T4395] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 149.751601][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.811405][ T5689] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 149.939970][ T4395] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.138737][ T4395] usb 4-1: config 0 descriptor?? [ 150.273878][ T4183] ocfs2: Unmounting device (7,1) on (node local) [ 150.299042][ T4395] cp210x 4-1:0.32: cp210x converter detected [ 150.653833][ T5702] overlayfs: statfs failed on './file0' [ 150.696669][ T5675] syz.4.509 (5675) used greatest stack depth: 20712 bytes left [ 150.754748][ T4395] cp210x 4-1:0.32: failed to get vendor val 0x000e size 3: -71 [ 150.862886][ T4395] usb 4-1: cp210x converter now attached to ttyUSB0 [ 150.944441][ T4395] usb 4-1: USB disconnect, device number 5 [ 150.978749][ T4395] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 150.998116][ T4395] cp210x 4-1:0.32: device disconnected [ 151.120204][ T5707] loop0: detected capacity change from 0 to 8192 [ 151.562246][ T5712] loop1: detected capacity change from 0 to 128 [ 152.015528][ T5707] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 152.025110][ T5707] REISERFS (device loop0): using ordered data mode [ 152.031654][ T5707] reiserfs: using flush barriers [ 152.041578][ T5707] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 152.058073][ T5707] REISERFS (device loop0): checking transaction log (loop0) [ 152.066933][ T5707] REISERFS (device loop0): Using r5 hash to sort names [ 152.644276][ T5714] loop2: detected capacity change from 0 to 40427 [ 152.654206][ T5712] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 152.687827][ T5712] ext4 filesystem being mounted at /86/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 152.769887][ T5712] fscrypt (loop1, inode 12): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS [ 153.455591][ T5729] netem: incorrect ge model size [ 153.461295][ T5729] netem: change failed [ 153.732773][ T5719] loop3: detected capacity change from 0 to 32768 [ 154.006184][ T5714] F2FS-fs (loop2): Found nat_bits in checkpoint [ 154.117576][ T5731] loop1: detected capacity change from 0 to 32768 [ 154.296907][ T5714] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 154.353694][ T5739] loop0: detected capacity change from 0 to 4096 [ 154.371497][ T5714] attempt to access beyond end of device [ 154.371497][ T5714] loop2: rw=10241, want=45104, limit=40427 [ 154.494490][ T5725] loop4: detected capacity change from 0 to 32768 [ 154.531620][ T5714] attempt to access beyond end of device [ 154.531620][ T5714] loop2: rw=2049, want=45104, limit=40427 [ 154.547309][ T5719] XFS: noikeep mount option is deprecated. [ 154.570838][ T4189] attempt to access beyond end of device [ 154.570838][ T4189] loop2: rw=2049, want=45112, limit=40427 [ 154.616485][ T5725] XFS: attr2 mount option is deprecated. [ 154.649390][ T5725] XFS (loop4): Mounting V5 Filesystem [ 154.776520][ T5725] XFS (loop4): Ending clean mount [ 154.793880][ T5725] XFS (loop4): Quotacheck needed: Please wait. [ 154.811256][ T5739] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 154.829126][ T5731] XFS (loop1): Mounting V5 Filesystem [ 154.973268][ T5725] XFS (loop4): Quotacheck: Done. [ 155.260490][ T4193] XFS (loop4): Unmounting Filesystem [ 155.899480][ T5731] XFS (loop1): Ending clean mount [ 155.936162][ T5731] XFS (loop1): Quotacheck needed: Please wait. [ 156.333300][ T5731] XFS (loop1): Quotacheck: Done. [ 156.386086][ T5763] program syz.0.530 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 157.759493][ T4183] XFS (loop1): Unmounting Filesystem [ 158.344401][ T4395] Bluetooth: hci2: command 0x0401 tx timeout [ 158.376816][ T5779] loop4: detected capacity change from 0 to 512 [ 158.584415][ T1108] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 158.914568][ T5779] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 159.004675][ T5779] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 159.366744][ T5765] loop0: detected capacity change from 0 to 32768 [ 159.511848][ T5768] loop3: detected capacity change from 0 to 32768 [ 159.934109][ T1108] usb 3-1: Using ep0 maxpacket: 16 [ 160.720772][ T5795] loop0: detected capacity change from 0 to 256 [ 160.787160][ T5795] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 160.904629][ T5795] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 161.312142][ T5809] loop2: detected capacity change from 0 to 512 [ 161.321933][ T5795] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xce89e5da, utbl_chksum : 0xe619d30d) [ 161.333042][ T5810] input: syz1 as /devices/virtual/input/input9 [ 161.744790][ T1108] usb 3-1: unable to read config index 0 descriptor/all [ 161.751842][ T1108] usb 3-1: can't read configurations, error -71 [ 161.757122][ T5818] loop4: detected capacity change from 0 to 256 [ 161.798966][ T5823] loop0: detected capacity change from 0 to 512 [ 161.824195][ T5809] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.546: invalid indirect mapped block 10 (level 1) [ 161.988664][ T5809] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.546: invalid indirect mapped block 8 (level 1) [ 162.005998][ T5809] EXT4-fs (loop2): 1 truncate cleaned up [ 162.012416][ T5809] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,,errors=continue. Quota mode: writeback. [ 162.124279][ T4421] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 162.208168][ T5818] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 162.218830][ T5818] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 162.244366][ T5818] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xce89e5da, utbl_chksum : 0xe619d30d) [ 162.594566][ T4421] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 162.814476][ T4421] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 162.852098][ T4421] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 162.876642][ T4421] usb 2-1: config 0 interface 0 has no altsetting 0 [ 162.889587][ T5834] loop3: detected capacity change from 0 to 512 [ 163.009549][ T5842] netlink: 4 bytes leftover after parsing attributes in process `syz.2.564'. [ 163.020141][ T5842] netlink: 4 bytes leftover after parsing attributes in process `syz.2.564'. [ 163.098478][ T4421] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.140714][ T4421] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.173882][ T4421] usb 2-1: config 0 interface 0 has no altsetting 0 [ 163.300828][ T5823] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 163.313940][ T5823] ext4 filesystem being mounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 163.324380][ T7] Bluetooth: hci2: command 0x0401 tx timeout [ 163.375598][ T4421] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.396928][ T4421] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.420298][ T4421] usb 2-1: config 0 interface 0 has no altsetting 0 [ 163.604771][ T4421] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.633447][ T4421] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.646862][ T4421] usb 2-1: config 0 interface 0 has no altsetting 0 [ 163.709731][ T5852] loop2: detected capacity change from 0 to 256 [ 163.844478][ T4421] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.864599][ T4421] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.877858][ T4421] usb 2-1: config 0 interface 0 has no altsetting 0 [ 164.040819][ T5852] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 164.059022][ T5834] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 164.067393][ T5852] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 164.083194][ T4421] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 164.095377][ T4421] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 164.108845][ T4421] usb 2-1: config 0 interface 0 has no altsetting 0 [ 164.242737][ T5852] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xce89e5da, utbl_chksum : 0xe619d30d) [ 164.300611][ T5844] loop4: detected capacity change from 0 to 40427 [ 164.324523][ T4421] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 164.354278][ T4421] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 164.423917][ T4421] usb 2-1: config 0 interface 0 has no altsetting 0 [ 164.518550][ T5844] F2FS-fs (loop4): invalid crc value [ 164.526850][ T5844] F2FS-fs (loop4): Found nat_bits in checkpoint [ 164.674581][ T4421] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 164.685241][ T4421] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 164.699011][ T4421] usb 2-1: config 0 interface 0 has no altsetting 0 [ 164.719513][ T5844] F2FS-fs (loop4): Start checkpoint disabled! [ 164.732586][ T5844] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 165.171290][ T5873] syz.0.572 uses obsolete (PF_INET,SOCK_PACKET) [ 165.209823][ T5873] netlink: 'syz.0.572': attribute type 10 has an invalid length. [ 165.230332][ T5873] netlink: 40 bytes leftover after parsing attributes in process `syz.0.572'. [ 165.254025][ T4421] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 165.266232][ T5873] device bond0 entered promiscuous mode [ 165.273196][ T4421] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 165.283837][ T5873] device bond_slave_0 entered promiscuous mode [ 165.292627][ T5873] device bond_slave_1 entered promiscuous mode [ 165.317393][ T4421] usb 2-1: config 0 descriptor?? [ 165.339839][ T5873] bridge0: port 3(bond0) entered blocking state [ 165.357150][ T5873] bridge0: port 3(bond0) entered disabled state [ 165.374477][ T4421] usb 2-1: can't set config #0, error -71 [ 165.406522][ T4421] usb 2-1: USB disconnect, device number 4 [ 165.417245][ T5873] bridge0: port 3(bond0) entered blocking state [ 165.424665][ T5873] bridge0: port 3(bond0) entered forwarding state [ 166.286221][ T5897] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 166.312459][ T5897] CIFS mount error: No usable UNC path provided in device string! [ 166.312459][ T5897] [ 166.322749][ T5897] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 166.513402][ T5890] loop2: detected capacity change from 0 to 2048 [ 166.694723][ T5904] loop1: detected capacity change from 0 to 512 [ 166.812568][ T5909] loop3: detected capacity change from 0 to 256 [ 167.154372][ T5909] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 167.200604][ T5909] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 167.343443][ T5890] UDF-fs: iocharset defauovrs not found [ 167.353935][ T5904] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13 [ 167.357719][ T5890] schedule_timeout: wrong timeout value fffd0a900a742175 [ 167.364529][ T5909] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xce89e5da, utbl_chksum : 0xe619d30d) [ 167.369250][ T5890] CPU: 1 PID: 5890 Comm: syz.2.584 Not tainted syzkaller #0 [ 167.369276][ T5890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 167.369298][ T5890] Call Trace: [ 167.369308][ T5890] [ 167.369318][ T5890] dump_stack_lvl+0x168/0x230 [ 167.369358][ T5890] ? print_unlock_imbalance_bug+0x160/0x160 [ 167.369382][ T5890] ? show_regs_print_info+0x20/0x20 [ 167.369407][ T5890] ? load_image+0x3b0/0x3b0 [ 167.369432][ T5890] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 167.369462][ T5890] ? lock_chain_count+0x20/0x20 [ 167.369489][ T5890] schedule_timeout+0x20a/0x280 [ 167.369514][ T5890] ? console_conditional_schedule+0x40/0x40 [ 167.369538][ T5890] ? __local_bh_enable_ip+0x12a/0x1b0 [ 167.369565][ T5890] ? _local_bh_enable+0xa0/0xa0 [ 167.369586][ T5890] ? release_sock+0x2b/0x1b0 [ 167.369618][ T5890] vsock_connect+0x3d0/0xcf0 [ 167.369654][ T5890] ? vsock_auto_bind+0xf0/0xf0 [ 167.369678][ T5890] ? aa_af_perm+0x2b0/0x2b0 [ 167.369702][ T5890] ? init_wait_entry+0xd0/0xd0 [ 167.369733][ T5890] ? bpf_lsm_socket_connect+0x5/0x10 [ 167.369755][ T5890] ? security_socket_connect+0x7c/0xa0 [ 167.369775][ T5890] ? vsock_auto_bind+0xf0/0xf0 [ 167.369800][ T5890] __sys_connect+0x389/0x410 [ 167.369825][ T5890] ? __sys_connect_file+0x170/0x170 [ 167.369859][ T5890] ? vtime_user_exit+0x2dc/0x400 [ 167.369889][ T5890] __x64_sys_connect+0x76/0x80 [ 167.369913][ T5890] do_syscall_64+0x4c/0xa0 [ 167.369931][ T5890] ? clear_bhb_loop+0x30/0x80 [ 167.369949][ T5890] ? clear_bhb_loop+0x30/0x80 [ 167.369971][ T5890] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 167.370008][ T5890] RIP: 0033:0x7fdeb2a51ec9 [ 167.370031][ T5890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.370049][ T5890] RSP: 002b:00007fdeb0cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 167.370073][ T5890] RAX: ffffffffffffffda RBX: 00007fdeb2ca8fa0 RCX: 00007fdeb2a51ec9 [ 167.370089][ T5890] RDX: 0000000000000010 RSI: 0000200000001240 RDI: 0000000000000003 [ 167.370104][ T5890] RBP: 00007fdeb2ad4f91 R08: 0000000000000000 R09: 0000000000000000 [ 167.370118][ T5890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.370131][ T5890] R13: 00007fdeb2ca9038 R14: 00007fdeb2ca8fa0 R15: 00007fff0710a3c8 [ 167.370162][ T5890] [ 167.613865][ T1108] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 167.657875][ T5904] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #13: comm syz.1.586: iget: bad i_size value: 12154757448730 [ 167.673720][ T5904] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.586: couldn't read orphan inode 13 (err -117) [ 167.862762][ T5904] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,stripe=0x000000000000ffff,sysvgroups,jqfmt=vfsold,nouid32,grpjquota=.,errors=continue. Quota mode: writeback. [ 167.897175][ T5904] fscrypt (loop1, inode 2): Error -61 getting encryption context [ 167.946173][ T5904] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback. [ 168.330237][ T5924] loop0: detected capacity change from 0 to 1024 [ 168.531484][ T5929] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 169.222055][ T5927] loop0: detected capacity change from 0 to 32768 [ 169.251489][ T5927] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 169.261413][ T5927] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 169.409294][ T5927] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 169.517396][ T5927] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 170.466388][ T1108] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 170.474046][ T1108] usb 5-1: can't read configurations, error -71 [ 170.744297][ T5946] netlink: 4 bytes leftover after parsing attributes in process `syz.1.604'. [ 170.814295][ T5951] loop2: detected capacity change from 0 to 256 [ 170.922725][ T5951] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 171.074045][ T5951] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 171.164973][ T5951] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xce89e5da, utbl_chksum : 0xe619d30d) [ 171.205046][ T5948] loop0: detected capacity change from 0 to 512 [ 172.044203][ T5948] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 172.252254][ T5948] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.602: invalid indirect mapped block 4294967295 (level 1) [ 172.271223][ T5948] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.602: invalid indirect mapped block 4294967295 (level 1) [ 172.294498][ T5948] EXT4-fs (loop0): 2 truncates cleaned up [ 173.402210][ T5971] loop4: detected capacity change from 0 to 32768 [ 173.424031][ T5948] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,init_itable=0x0000000000000007,dioread_nolock,auto_da_alloc=0x000000007fffffff,,errors=continue. Quota mode: writeback. [ 173.553009][ T5967] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 173.607111][ T5963] block device autoloading is deprecated and will be removed. [ 173.804686][ T5973] loop2: detected capacity change from 0 to 32768 [ 173.995841][ T5971] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 174.005513][ T5971] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 174.047372][ T5971] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 174.194798][ T5971] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 174.469305][ T5975] loop3: detected capacity change from 0 to 32768 [ 174.477003][ T5973] XFS: noikeep mount option is deprecated. [ 174.529847][ T5977] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 174.715386][ T5973] XFS (loop2): Mounting V5 Filesystem [ 174.939367][ T5973] XFS (loop2): Ending clean mount [ 174.946703][ T5973] XFS (loop2): Quotacheck needed: Please wait. [ 174.966873][ T5975] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 175.178688][ T5973] XFS (loop2): Quotacheck: Done. [ 175.437800][ T5993] loop4: detected capacity change from 0 to 64 [ 175.756322][ T4184] ocfs2: Unmounting device (7,3) on (node local) [ 175.803847][ T5998] loop0: detected capacity change from 0 to 128 [ 175.847254][ T5997] input: syz1 as /devices/virtual/input/input10 [ 176.148557][ T5998] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 176.227296][ T6004] overlayfs: statfs failed on './file0' [ 176.233328][ T5998] ext4 filesystem being mounted at /130/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 176.278772][ T5998] fscrypt (loop0, inode 12): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS [ 176.305778][ T4189] XFS (loop2): Unmounting Filesystem [ 177.148870][ T6014] loop1: detected capacity change from 0 to 256 [ 177.545683][ T6014] exfat: Deprecated parameter 'utf8' [ 177.621468][ T6020] loop4: detected capacity change from 0 to 4096 [ 177.880181][ T6030] loop2: detected capacity change from 0 to 256 [ 178.276026][ T6030] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 178.354433][ T6030] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 178.469139][ T6044] loop0: detected capacity change from 0 to 256 [ 178.513206][ T6014] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 178.519788][ T6030] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xce89e5da, utbl_chksum : 0xe619d30d) [ 178.859875][ T4187] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 179.295383][ T6044] exfat: Deprecated parameter 'utf8' [ 179.546446][ T26] audit: type=1326 audit(1759325086.092:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.4.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac28c7ec9 code=0x7ffc0000 [ 179.568681][ T26] audit: type=1326 audit(1759325086.092:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.4.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac28c7ec9 code=0x7ffc0000 [ 179.594714][ T26] audit: type=1326 audit(1759325086.142:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.4.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ac28c7ec9 code=0x7ffc0000 [ 179.750708][ T6052] netlink: 'syz.2.643': attribute type 12 has an invalid length. [ 179.758540][ T6052] netlink: 132 bytes leftover after parsing attributes in process `syz.2.643'. [ 180.005418][ T26] audit: type=1326 audit(1759325086.492:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.4.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac28c7ec9 code=0x7ffc0000 [ 180.183020][ T4187] usb 4-1: Using ep0 maxpacket: 8 [ 180.188893][ T26] audit: type=1326 audit(1759325086.492:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.4.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac28c7ec9 code=0x7ffc0000 [ 180.635730][ T6068] loop0: detected capacity change from 0 to 128 [ 181.542047][ T6068] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 181.552968][ T6068] ext4 filesystem being mounted at /136/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 181.573822][ T1108] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 181.985760][ T4187] usb 4-1: unable to read config index 0 descriptor/all [ 181.994704][ T4187] usb 4-1: can't read configurations, error -71 [ 182.724275][ T6100] loop1: detected capacity change from 0 to 4096 [ 182.915982][ T6100] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 182.918993][ T6100] ntfs3: loop1: Failed to load $Extend. [ 183.128282][ T6089] loop4: detected capacity change from 0 to 40427 [ 183.967393][ T6089] F2FS-fs (loop4): Found nat_bits in checkpoint [ 184.048947][ T6089] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 184.084923][ T6119] sctp: Trying to GSO but underlying device doesn't support it. [ 184.276069][ T4395] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 184.465550][ T1108] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 184.473196][ T1108] usb 3-1: can't read configurations, error -71 [ 184.796955][ T6130] loop1: detected capacity change from 0 to 256 [ 184.943467][ T6136] loop3: detected capacity change from 0 to 2048 [ 184.952466][ T6134] loop2: detected capacity change from 0 to 512 [ 185.034483][ T4395] usb 1-1: config 0 has no interfaces? [ 185.041490][ T4395] usb 1-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00 [ 185.052973][ T4395] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.066371][ T4395] usb 1-1: config 0 descriptor?? [ 185.443331][ T6130] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x507066df, utbl_chksum : 0xe619d30d) [ 185.467903][ T4395] usb 1-1: USB disconnect, device number 5 [ 185.600451][ T6134] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 185.773360][ T6136] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 185.893697][ T6134] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.678: Invalid inode bitmap blk 4 in block_group 0 [ 185.910560][ T6134] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,mblk_io_submit,noload,nobarrier,grpquota,acl,barrier=0x0000000000000008,grpjquota=,quota,data_err=ignore,,errors=continue. Quota mode: writeback. [ 186.006422][ T6134] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 186.282261][ T4199] Bluetooth: hci2: unexpected event for opcode 0x1003 [ 186.683736][ T6154] program syz.0.687 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 186.876073][ T6144] loop3: detected capacity change from 0 to 8192 [ 186.932442][ T6160] netlink: 4 bytes leftover after parsing attributes in process `syz.0.689'. [ 187.395775][ T6144] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 187.405279][ T6144] REISERFS (device loop3): using ordered data mode [ 187.411817][ T6144] reiserfs: using flush barriers [ 187.608308][ T6173] loop2: detected capacity change from 0 to 8 [ 187.738864][ T6144] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 187.895193][ T6144] REISERFS (device loop3): checking transaction log (loop3) [ 187.959615][ T6144] REISERFS (device loop3): Using r5 hash to sort names [ 187.982656][ T6144] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 188.078079][ T6173] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 188.737104][ T6191] loop1: detected capacity change from 0 to 512 [ 188.955669][ T6191] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 189.117560][ T6200] netlink: 24 bytes leftover after parsing attributes in process `syz.0.706'. [ 189.201885][ T6191] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.701: invalid indirect mapped block 4294967295 (level 1) [ 189.242617][ T6191] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.701: invalid indirect mapped block 4294967295 (level 1) [ 189.259927][ T6191] EXT4-fs (loop1): 2 truncates cleaned up [ 189.267188][ T6191] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,init_itable=0x0000000000000007,dioread_nolock,auto_da_alloc=0x000000007fffffff,,errors=continue. Quota mode: writeback. [ 189.360941][ T6207] loop2: detected capacity change from 0 to 128 [ 189.374744][ T6205] loop0: detected capacity change from 0 to 4096 [ 189.495064][ T6201] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 189.785845][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 189.793759][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 189.801672][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 189.809550][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 189.817428][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffc1c00 [ 189.825521][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffc2c00 [ 189.833492][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffc4c00 [ 189.841377][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffc8c00 [ 189.849262][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffd0c00 [ 189.855512][ T6207] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 189.857293][ T6205] ntfs3: loop0: try to read out of volume at offset 0x3fffffe0c00 [ 189.989301][ T6207] ext4 filesystem being mounted at /155/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 190.367670][ T4421] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 190.390024][ T4421] Bluetooth: hci2: Injecting HCI hardware error event [ 190.425118][ T4201] Bluetooth: hci2: hardware error 0x00 [ 190.626834][ T6216] loop3: detected capacity change from 0 to 8192 [ 190.699001][ T6229] loop0: detected capacity change from 0 to 128 [ 191.354504][ T6229] FAT-fs (loop0): Directory bread(block 32770) failed [ 191.361944][ T6229] FAT-fs (loop0): Directory bread(block 32771) failed [ 191.368777][ T6229] FAT-fs (loop0): Directory bread(block 32772) failed [ 191.374533][ T4271] Bluetooth: hci0: command 0x0406 tx timeout [ 191.375590][ T6229] FAT-fs (loop0): Directory bread(block 32773) failed [ 191.386716][ T6229] FAT-fs (loop0): Directory bread(block 32770) failed [ 191.397089][ T6229] FAT-fs (loop0): Directory bread(block 32771) failed [ 191.404010][ T6229] FAT-fs (loop0): Directory bread(block 32772) failed [ 191.410835][ T6229] FAT-fs (loop0): Directory bread(block 32773) failed [ 191.417669][ T6229] FAT-fs (loop0): Directory bread(block 32770) failed [ 191.424484][ T6229] FAT-fs (loop0): Directory bread(block 32771) failed [ 191.483253][ T4271] Bluetooth: hci4: command 0x0406 tx timeout [ 191.483355][ T4271] Bluetooth: hci3: command 0x0406 tx timeout [ 191.494265][ T4271] Bluetooth: hci1: command 0x0406 tx timeout [ 191.611739][ T6216] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 191.693301][ T6216] REISERFS (device loop3): using ordered data mode [ 191.714830][ T6247] loop1: detected capacity change from 0 to 512 [ 191.792715][ T6216] reiserfs: using flush barriers [ 191.863951][ T6216] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 192.017232][ T6216] REISERFS (device loop3): checking transaction log (loop3) [ 192.027614][ T6216] REISERFS (device loop3): Using r5 hash to sort names [ 192.035588][ T6216] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 192.094233][ T6256] loop4: detected capacity change from 0 to 256 [ 192.252309][ T6247] EXT4-fs (loop1): Ignoring removed orlov option [ 192.258722][ T6247] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 192.328184][ T6247] EXT4-fs (loop1): 1 orphan inode deleted [ 192.424447][ T6247] EXT4-fs (loop1): 1 truncate cleaned up [ 192.460341][ T6256] exfat: Deprecated parameter 'utf8' [ 192.465736][ T6256] exfat: Deprecated parameter 'namecase' [ 192.471471][ T6256] exfat: Deprecated parameter 'namecase' [ 192.477179][ T6256] exfat: Deprecated parameter 'utf8' [ 192.507647][ T6247] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable=0x0000000000000957,inode_readahead_blks=0x0000000000000020,debug_want_extra_isize=0x0000000000000008,init_itable,orlov,errors=remount-ro,. Quota mode: none. [ 192.739693][ T6247] EXT4-fs error (device loop1): empty_inline_dir:1863: inode #12: block 7: comm syz.1.725: bad entry in directory: rec_len is too small for name_len - offset=4, inode=13, rec_len=16, size=60 fake=0 [ 192.769676][ T6247] EXT4-fs (loop1): Remounting filesystem read-only [ 192.776271][ T6247] EXT4-fs warning (device loop1): empty_inline_dir:1870: bad inline directory (dir #12) - inode 13, rec_len 16, name_len 53inline size 60 [ 193.209936][ T6256] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x822ffc2e, utbl_chksum : 0xe619d30d) [ 194.467431][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.474977][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.570053][ T6287] loop2: detected capacity change from 0 to 2048 [ 194.605375][ T6289] loop4: detected capacity change from 0 to 256 [ 194.763943][ T6287] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 194.982224][ T6292] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 194.988506][ T21] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 195.008320][ T6280] syz.1.740 (6280) used greatest stack depth: 18880 bytes left [ 195.253262][ T6289] FAT-fs (loop4): Directory bread(block 64) failed [ 195.267039][ T6289] FAT-fs (loop4): Directory bread(block 65) failed [ 195.273732][ T6289] FAT-fs (loop4): Directory bread(block 66) failed [ 195.286927][ T6289] FAT-fs (loop4): Directory bread(block 67) failed [ 195.420203][ T6289] FAT-fs (loop4): Directory bread(block 68) failed [ 195.476459][ T6289] FAT-fs (loop4): Directory bread(block 69) failed [ 195.506579][ T6289] FAT-fs (loop4): Directory bread(block 70) failed [ 195.513197][ T6289] FAT-fs (loop4): Directory bread(block 71) failed [ 195.519943][ T6289] FAT-fs (loop4): Directory bread(block 72) failed [ 195.652691][ T6289] FAT-fs (loop4): Directory bread(block 73) failed [ 195.851230][ T4298] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 196.080905][ T1108] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 196.294140][ T21] usb 4-1: Using ep0 maxpacket: 32 [ 196.357500][ T6302] netem: incorrect gi model size [ 196.363162][ T6302] netem: change failed [ 196.854161][ T6310] loop4: detected capacity change from 0 to 4096 [ 197.057392][ T6312] loop3: detected capacity change from 0 to 128 [ 197.217596][ T6312] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 197.262909][ T6312] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 197.439793][ T4298] usb 2-1: Using ep0 maxpacket: 8 [ 197.527840][ T6310] ntfs: volume version 3.1. [ 197.679911][ T21] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 197.687636][ T21] usb 4-1: can't read configurations, error -71 [ 197.750783][ T6310] ntfs: (device loop4): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28). [ 197.762036][ T6310] ntfs: (device loop4): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because the allocation of clusters failed with error code -28. [ 198.801599][ T4298] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 198.809891][ T4298] usb 2-1: can't read configurations, error -71 [ 198.816415][ T4301] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 198.887069][ T6332] loop4: detected capacity change from 0 to 2048 [ 199.038316][ T6334] loop1: detected capacity change from 0 to 64 [ 199.224077][ T1108] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 199.231866][ T1108] usb 1-1: can't read configurations, error -71 [ 199.957540][ T6332] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 199.980594][ T6332] EXT4-fs (loop4): shut down requested (2) [ 200.001029][ T26] audit: type=1800 audit(1759325106.492:35): pid=6332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.763" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 200.136762][ T4301] usb 3-1: Using ep0 maxpacket: 8 [ 200.229070][ T6347] loop1: detected capacity change from 0 to 1024 [ 200.294273][ T4395] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 200.369108][ T6348] loop0: detected capacity change from 0 to 256 [ 200.744244][ T4395] usb 4-1: Using ep0 maxpacket: 32 [ 201.034833][ T6348] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 201.063340][ T6348] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008) [ 201.066260][ T4395] usb 4-1: config index 0 descriptor too short (expected 156, got 27) [ 201.137069][ T4395] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 201.203974][ T4395] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 201.258303][ T4395] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 201.286872][ T6347] hfsplus: xattr searching failed [ 201.334105][ T4395] usb 4-1: config 0 interface 0 has no altsetting 0 [ 201.703574][ T9] hfsplus: b-tree write err: -5, ino 3 [ 201.864784][ T4395] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 201.896566][ T4395] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 201.924385][ T4395] usb 4-1: Product: syz [ 201.942810][ T4301] usb 3-1: unable to read config index 0 descriptor/all [ 201.949846][ T4301] usb 3-1: can't read configurations, error -71 [ 201.950728][ T4395] usb 4-1: Manufacturer: syz [ 201.956283][ T1108] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 201.964526][ T6367] loop0: detected capacity change from 0 to 128 [ 201.980355][ T4395] usb 4-1: SerialNumber: syz [ 201.993028][ T4395] usb 4-1: config 0 descriptor?? [ 202.103062][ T4395] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 202.148938][ T4395] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 202.314187][ T6371] syzkaller0: tun_chr_ioctl cmd 2147767517 [ 202.908140][ T6380] loop2: detected capacity change from 0 to 1024 [ 203.129106][ T144] hfsplus: b-tree write err: -5, ino 4 [ 203.292975][ T1108] usb 5-1: Using ep0 maxpacket: 32 [ 203.376530][ T6389] Zero length message leads to an empty skb [ 203.528970][ T6385] nbd0: detected capacity change from 0 to 549764202496 [ 203.656405][ T4201] block nbd0: Receive control failed (result -104) [ 203.830432][ T6393] loop0: detected capacity change from 0 to 256 [ 203.965765][ T4298] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 204.219335][ T23] usb 4-1: USB disconnect, device number 10 [ 204.227404][ T23] ldusb 4-1:0.0: LD USB Device #0 now disconnected [ 204.247845][ T6400] loop3: detected capacity change from 0 to 128 [ 204.511572][ T6393] FAT-fs (loop0): Directory bread(block 64) failed [ 204.682232][ T6408] program syz.4.794 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.824082][ T6393] FAT-fs (loop0): Directory bread(block 65) failed [ 204.853186][ T6393] FAT-fs (loop0): Directory bread(block 66) failed [ 204.925407][ T6393] FAT-fs (loop0): Directory bread(block 67) failed [ 204.933173][ T6393] FAT-fs (loop0): Directory bread(block 68) failed [ 205.034717][ T6393] FAT-fs (loop0): Directory bread(block 69) failed [ 205.107572][ T1108] usb 5-1: unable to read config index 0 descriptor/all [ 205.114630][ T1108] usb 5-1: can't read configurations, error -71 [ 205.149832][ T6393] FAT-fs (loop0): Directory bread(block 70) failed [ 205.166809][ T6400] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 205.234764][ T6400] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 205.272063][ T6393] FAT-fs (loop0): Directory bread(block 71) failed [ 205.349126][ T6393] FAT-fs (loop0): Directory bread(block 72) failed [ 205.531615][ T6393] FAT-fs (loop0): Directory bread(block 73) failed [ 205.582820][ T4298] usb 2-1: Using ep0 maxpacket: 16 [ 207.135766][ T4298] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 207.143501][ T4298] usb 2-1: can't read configurations, error -71 [ 207.380704][ T6412] loop2: detected capacity change from 0 to 32768 [ 207.596498][ T6429] loop3: detected capacity change from 0 to 512 [ 208.039508][ T6437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.807'. [ 208.193327][ T4298] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 208.554362][ T4395] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 208.930472][ T6449] loop2: detected capacity change from 0 to 1024 [ 209.363962][ T4395] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.397746][ T4395] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.404219][ T6446] loop3: detected capacity change from 0 to 32768 [ 209.451289][ T4395] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 209.451354][ T4395] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.570630][ T4395] usb 1-1: config 0 descriptor?? [ 209.604704][ T6449] EXT4-fs (loop2): Ignoring removed nobh option [ 209.612094][ T6449] EXT4-fs (loop2): Ignoring removed bh option [ 209.660548][ T6449] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 209.784032][ T4298] usb 2-1: Using ep0 maxpacket: 16 [ 209.842289][ T6449] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 210.449367][ T4395] hid-steam 0003:28DE:1142.0004: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0 [ 210.465255][ T6456] loop4: detected capacity change from 0 to 40427 [ 210.493727][ T6446] JBD2: Ignoring recovery information on journal [ 210.664944][ T6446] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 210.681266][ T4395] hid-steam 0003:28DE:1142.0005: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0 [ 210.756191][ T4184] ocfs2: Unmounting device (7,3) on (node local) [ 210.814802][ T4395] hid-steam 0003:28DE:1142.0004: Steam wireless receiver connected [ 210.831383][ T4395] usb 1-1: USB disconnect, device number 8 [ 210.852379][ T4395] hid-steam 0003:28DE:1142.0004: Steam wireless receiver disconnected [ 210.993886][ T6456] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 211.001692][ T6456] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 211.028276][ T6456] F2FS-fs (loop4): Found nat_bits in checkpoint [ 211.140338][ T4298] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 211.148108][ T4298] usb 2-1: can't read configurations, error -71 [ 211.161809][ T4298] usb usb2-port1: attempt power cycle [ 211.198783][ T6456] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 211.205882][ T6456] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 211.311462][ T6472] loop2: detected capacity change from 0 to 512 [ 212.679281][ T4298] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 212.719762][ T6472] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 212.869122][ T6472] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 212.974044][ T6490] device team0 entered promiscuous mode [ 212.980609][ T6490] device team_slave_0 entered promiscuous mode [ 213.357476][ T6490] device team_slave_1 entered promiscuous mode [ 213.532932][ T6486] device team0 left promiscuous mode [ 213.662602][ T6489] fido_id[6489]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 213.734457][ T6486] device team_slave_0 left promiscuous mode [ 213.798125][ T4298] usb 2-1: device descriptor read/8, error -71 [ 213.875559][ T6486] device team_slave_1 left promiscuous mode [ 214.257527][ T6476] loop3: detected capacity change from 0 to 32768 [ 214.554179][ T6493] loop0: detected capacity change from 0 to 32768 [ 214.564141][ T6476] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 215.067588][ T6515] IPv6: ADDRCONF(NETDEV_CHANGE): rose0: link becomes ready [ 215.175136][ T6493] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.825 (6493) [ 215.179144][ T4184] ocfs2: Unmounting device (7,3) on (node local) [ 215.401130][ T6496] loop1: detected capacity change from 0 to 32768 [ 215.597432][ T6522] loop2: detected capacity change from 0 to 512 [ 215.673279][ T6526] loop4: detected capacity change from 0 to 256 [ 215.838062][ T6493] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 215.851331][ T6493] BTRFS info (device loop0): force zlib compression, level 3 [ 215.876038][ T6493] BTRFS info (device loop0): force clearing of disk cache [ 215.885475][ T6493] BTRFS info (device loop0): setting nodatasum [ 215.892869][ T6493] BTRFS info (device loop0): disabling tree log [ 215.900664][ T6493] BTRFS info (device loop0): enabling disk space caching [ 215.927779][ T6493] BTRFS info (device loop0): disk space caching is enabled [ 215.937194][ T6493] BTRFS info (device loop0): has skinny extents [ 216.071576][ T6526] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 216.090111][ T6496] blk_update_request: I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 216.100075][ T6526] exFAT-fs (loop4): hint_cluster is invalid (17) [ 216.337045][ T6496] lbmIODone: I/O error in JFS log [ 216.345125][ T6496] *** Log Format Error ! *** [ 216.468973][ T6522] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 216.469301][ T6522] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 216.543564][ T6496] lmLogInit: exit(-22) [ 216.900989][ T6493] BTRFS error (device loop0): open_ctree failed: -12 [ 216.925530][ T4882] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by udevd (4882) [ 216.949826][ T6496] lmLogOpen: exit(-22) [ 216.977309][ T6496] ERROR: (device loop1): jfs_link: read-only filesystem [ 216.977309][ T6496] [ 217.342685][ T6496] ERROR: (device loop1): remounting filesystem as read-only [ 218.081647][ T6562] loop1: detected capacity change from 0 to 512 [ 218.255042][ T6549] loop3: detected capacity change from 0 to 32768 [ 218.331605][ T6566] loop2: detected capacity change from 0 to 512 [ 218.763526][ T6566] EXT4-fs (loop2): mounted filesystem without journal. Opts: nouid32,,errors=continue. Quota mode: none. [ 218.781744][ T6565] loop0: detected capacity change from 0 to 8192 [ 219.438801][ T6562] EXT4-fs (loop1): Test dummy encryption mode enabled [ 219.447265][ T6562] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 219.767606][ T6562] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.846: corrupted in-inode xattr [ 219.786039][ T6562] EXT4-fs (loop1): 1 orphan inode deleted [ 219.791847][ T6562] EXT4-fs (loop1): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,test_dummy_encryption,,errors=continue. Quota mode: none. [ 220.037373][ T6565] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 220.058843][ T6565] REISERFS (device loop0): using ordered data mode [ 220.104685][ T6565] reiserfs: using flush barriers [ 220.240706][ T6565] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 220.311092][ T6565] REISERFS (device loop0): checking transaction log (loop0) [ 220.387336][ T6565] REISERFS (device loop0): Using r5 hash to sort names [ 220.445466][ T6565] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 222.821503][ T6607] sch_fq: defrate 0 ignored. [ 223.234514][ T6594] loop2: detected capacity change from 0 to 32768 [ 223.685189][ T6625] loop0: detected capacity change from 0 to 47 [ 224.750167][ T6634] loop3: detected capacity change from 0 to 64 [ 225.374400][ T6647] device ip6_vti0 entered promiscuous mode [ 225.733506][ T6634] attempt to access beyond end of device [ 225.733506][ T6634] loop3: rw=0, want=1026, limit=64 [ 225.745112][ T6634] Buffer I/O error on dev loop3, logical block 512, async page read [ 225.753397][ T6634] attempt to access beyond end of device [ 225.753397][ T6634] loop3: rw=0, want=113154, limit=64 [ 225.764358][ T6634] Buffer I/O error on dev loop3, logical block 56576, async page read [ 226.637504][ T6661] loop2: detected capacity change from 0 to 256 [ 226.698613][ T6665] netlink: 4 bytes leftover after parsing attributes in process `syz.0.887'. [ 226.994155][ T4271] Bluetooth: hci4: command 0x0409 tx timeout [ 227.141628][ T6671] loop0: detected capacity change from 0 to 8192 [ 227.302297][ T6635] chnl_net:caif_netlink_parms(): no params data found [ 227.339178][ T6661] FAT-fs (loop2): Directory bread(block 64) failed [ 227.345796][ T6661] FAT-fs (loop2): Directory bread(block 65) failed [ 227.352434][ T6661] FAT-fs (loop2): Directory bread(block 66) failed [ 227.359138][ T6661] FAT-fs (loop2): Directory bread(block 67) failed [ 227.365772][ T6661] FAT-fs (loop2): Directory bread(block 68) failed [ 227.372357][ T6661] FAT-fs (loop2): Directory bread(block 69) failed [ 227.999206][ T6661] FAT-fs (loop2): Directory bread(block 70) failed [ 228.014683][ T6661] FAT-fs (loop2): Directory bread(block 71) failed [ 228.023451][ T6661] FAT-fs (loop2): Directory bread(block 72) failed [ 228.026403][ T6671] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 228.031577][ T6661] FAT-fs (loop2): Directory bread(block 73) failed [ 228.039226][ T6671] REISERFS (device loop0): using ordered data mode [ 228.039242][ T6671] reiserfs: using flush barriers [ 228.045578][ T6671] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 228.311850][ T6671] REISERFS (device loop0): checking transaction log (loop0) [ 228.468253][ T6671] REISERFS (device loop0): Using r5 hash to sort names [ 228.496418][ T6663] loop1: detected capacity change from 0 to 32768 [ 228.508627][ T6671] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 228.680970][ T6679] loop3: detected capacity change from 0 to 256 [ 228.886927][ T4289] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 228.908432][ T6635] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.915647][ T6635] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.923918][ T6635] device bridge_slave_0 entered promiscuous mode [ 228.932819][ T6635] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.054505][ T1326] Bluetooth: hci4: command 0x041b tx timeout [ 229.094276][ T6679] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 229.104941][ T6679] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 229.119088][ T6635] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.130232][ T6635] device bridge_slave_1 entered promiscuous mode [ 229.303511][ T6679] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 229.362503][ T6635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 229.374362][ T6635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 229.757337][ T4298] kernel write not supported for file /cpu/0/msr (pid: 4298 comm: kworker/1:5) [ 229.949327][ T4289] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.110745][ T6635] team0: Port device team_slave_0 added [ 230.160520][ T6635] team0: Port device team_slave_1 added [ 230.405433][ T6695] loop3: detected capacity change from 0 to 2048 [ 230.572515][ T6700] loop1: detected capacity change from 0 to 512 [ 230.652721][ T6635] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 230.659869][ T6635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.687143][ T6635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 230.846489][ T4289] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.866907][ T6635] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 230.873953][ T6635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.899951][ T6635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 231.118724][ T6703] loop2: detected capacity change from 0 to 4096 [ 231.147702][ T6700] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 231.154411][ T4405] Bluetooth: hci4: command 0x040f tx timeout [ 231.290517][ T6695] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 231.293511][ T6635] device hsr_slave_0 entered promiscuous mode [ 231.323625][ T6635] device hsr_slave_1 entered promiscuous mode [ 231.345679][ T6635] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 231.360913][ T6635] Cannot create hsr debugfs directory [ 231.518966][ T4289] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.525327][ T6700] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.897: invalid block [ 231.560439][ T6700] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.897: invalid indirect mapped block 4294967295 (level 1) [ 231.580716][ T6703] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 231.974816][ T6700] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.897: invalid indirect mapped block 4294967295 (level 1) [ 231.992170][ T6700] EXT4-fs (loop1): 2 truncates cleaned up [ 231.997979][ T6700] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,init_itable=0x0000000000000007,dioread_nolock,auto_da_alloc=0x000000007fffffff,,errors=continue. Quota mode: writeback. [ 232.031383][ T6700] EXT4-fs (loop1): shut down requested (2) [ 232.208055][ T6703] ntfs3: loop2: ino=1b, "file0" directory corrupted [ 233.254148][ T4405] Bluetooth: hci4: command 0x0419 tx timeout [ 233.389296][ T6635] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 233.588281][ T6635] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 233.620108][ T6635] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 233.643559][ T6635] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 234.264189][ T150] block nbd0: Possible stuck request ffff888020810000: control (read@0,4096B). Runtime 30 seconds [ 234.274767][ T4271] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 234.730513][ T4271] usb 2-1: Using ep0 maxpacket: 8 [ 235.064455][ T4271] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 235.090865][ T4271] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 235.126412][ T4271] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 235.234091][ T4271] usb 2-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 235.245444][ T4271] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.282057][ T4271] usb 2-1: config 0 descriptor?? [ 235.396267][ T6753] netlink: 20 bytes leftover after parsing attributes in process `syz.0.920'. [ 235.854677][ T4271] logitech 0003:046D:C293.0006: unknown main item tag 0x0 [ 235.863312][ T4271] logitech 0003:046D:C293.0006: unknown main item tag 0x0 [ 235.903478][ T4271] logitech 0003:046D:C293.0006: unknown main item tag 0x0 [ 235.915004][ T4271] logitech 0003:046D:C293.0006: unknown main item tag 0x0 [ 235.959150][ T4271] logitech 0003:046D:C293.0006: hidraw0: USB HID v0.00 Device [HID 046d:c293] on usb-dummy_hcd.1-1/input0 [ 235.994930][ T4271] logitech 0003:046D:C293.0006: no inputs found [ 236.018345][ T6764] loop3: detected capacity change from 0 to 1024 [ 236.113128][ T4271] usb 2-1: USB disconnect, device number 11 [ 236.366876][ T6635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 236.429697][ T6635] 8021q: adding VLAN 0 to HW filter on device team0 [ 236.454961][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 236.462979][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 236.470950][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 236.479796][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 236.488326][ T1274] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.495418][ T1274] bridge0: port 1(bridge_slave_0) entered forwarding state [ 236.684497][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 236.692761][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 236.701714][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 236.710207][ T1274] bridge0: port 2(bridge_slave_1) entered blocking state [ 236.717304][ T1274] bridge0: port 2(bridge_slave_1) entered forwarding state [ 236.768190][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 237.327115][ T6769] fido_id[6769]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 237.393849][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 237.394410][ T6764] hfsplus: xattr search failed [ 237.424287][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 237.435026][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 237.443805][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 237.689695][ T6766] loop2: detected capacity change from 0 to 32768 [ 238.033406][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 238.042442][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 238.056020][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 238.064640][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 238.109796][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 238.118403][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 238.168098][ T6635] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 239.180297][ T6790] loop3: detected capacity change from 0 to 32768 [ 239.402743][ T4301] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 239.608749][ T6790] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.929 (6790) [ 239.666650][ T6790] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 239.676896][ T6790] BTRFS info (device loop3): enabling auto defrag [ 239.684495][ T6790] BTRFS info (device loop3): doing ref verification [ 239.692313][ T6790] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 239.704160][ T6790] BTRFS info (device loop3): force lzo compression, level 0 [ 239.713244][ T6790] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 239.725858][ T6790] BTRFS info (device loop3): trying to use backup root at mount time [ 239.735395][ T6790] BTRFS info (device loop3): max_inline at 4096 [ 239.742787][ T6790] BTRFS info (device loop3): enabling ssd optimizations [ 239.750967][ T6790] BTRFS info (device loop3): using spread ssd allocation scheme [ 239.759943][ T6790] BTRFS info (device loop3): using free space tree [ 239.769146][ T6790] BTRFS info (device loop3): has skinny extents [ 239.776766][ T6790] workqueue: max_active 65524 requested for btrfs-worker is out of range, clamping between 1 and 512 [ 239.853865][ T4298] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 240.095088][ T6790] workqueue: max_active 65524 requested for btrfs-worker-high is out of range, clamping between 1 and 512 [ 240.122150][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 240.179106][ T6790] workqueue: max_active 65524 requested for btrfs-delalloc is out of range, clamping between 1 and 512 [ 240.195983][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 240.312417][ T26] audit: type=1326 audit(1759325146.822:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6808 comm="syz.0.934" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f886db06ec9 code=0x0 [ 240.337501][ T6635] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 240.434276][ T6790] workqueue: max_active 65524 requested for btrfs-endio is out of range, clamping between 1 and 512 [ 240.511893][ T6790] workqueue: max_active 65524 requested for btrfs-endio-meta is out of range, clamping between 1 and 512 [ 240.534828][ T6790] workqueue: max_active 65524 requested for btrfs-endio-meta-write is out of range, clamping between 1 and 512 [ 240.624418][ T6790] workqueue: max_active 65524 requested for btrfs-endio-raid56 is out of range, clamping between 1 and 512 [ 240.641525][ T6790] workqueue: max_active 65524 requested for btrfs-rmw is out of range, clamping between 1 and 512 [ 240.784367][ T6790] workqueue: max_active 65524 requested for btrfs-endio-write is out of range, clamping between 1 and 512 [ 240.914946][ T6790] workqueue: max_active 65524 requested for btrfs-readahead is out of range, clamping between 1 and 512 [ 242.308828][ T4301] usb 3-1: unable to read config index 0 descriptor/all [ 242.316034][ T4301] usb 3-1: can't read configurations, error -71 [ 242.688736][ T6854] loop1: detected capacity change from 0 to 64 [ 242.752152][ T4298] usb 2-1: unable to read config index 0 descriptor/all [ 242.759290][ T4298] usb 2-1: can't read configurations, error -71 [ 242.824624][ T4882] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop3 scanned by udevd (4882) [ 243.718605][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 243.728888][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 244.190435][ T6635] device veth0_vlan entered promiscuous mode [ 244.203970][ T6635] device veth1_vlan entered promiscuous mode [ 244.605040][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 244.671405][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 244.736547][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 244.803988][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 244.812046][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 244.853044][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 244.861802][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 244.873962][ T6635] device veth0_macvtap entered promiscuous mode [ 244.892263][ T6875] input: syz0 as /devices/virtual/input/input11 [ 245.050881][ T6635] device veth1_macvtap entered promiscuous mode [ 245.115468][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 245.286031][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.299559][ T6864] loop1: detected capacity change from 0 to 32768 [ 245.320402][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 245.333975][ T6881] loop3: detected capacity change from 0 to 256 [ 245.335937][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.367294][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 245.383091][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.395365][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 245.409165][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.442066][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 245.458684][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.488565][ T6635] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 245.523468][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 245.537885][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.561317][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 245.589815][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.604562][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 245.656112][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.668293][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 245.681081][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.693116][ T6635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 245.706902][ T6635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.833226][ T6635] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 246.329138][ T6864] XFS (loop1): Mounting V5 Filesystem [ 246.440636][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 246.470515][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 246.478835][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 246.487759][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 246.496795][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 246.505671][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 246.567425][ T6864] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 246.688207][ T6635] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.700848][ T6864] XFS (loop1): Starting recovery (logdev: internal) [ 246.715879][ T6635] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.724753][ T6635] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.733996][ T6635] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.892259][ T4301] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 246.939189][ T6864] XFS (loop1): Ending recovery (logdev: internal) [ 246.955867][ T6895] netlink: 16 bytes leftover after parsing attributes in process `syz.2.948'. [ 247.095049][ T6904] netlink: 12 bytes leftover after parsing attributes in process `syz.0.949'. [ 247.159246][ T4183] XFS (loop1): Unmounting Filesystem [ 247.462940][ T6910] siw: device registration error -23 [ 248.267957][ T4301] usb 4-1: Using ep0 maxpacket: 32 [ 248.298770][ T4289] device hsr_slave_0 left promiscuous mode [ 248.307595][ T4289] device hsr_slave_1 left promiscuous mode [ 248.314651][ T4289] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.322182][ T4289] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 248.331279][ T4289] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 248.338798][ T4289] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 248.346789][ T4289] device bridge_slave_1 left promiscuous mode [ 248.491346][ T4289] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.531654][ T4289] device bridge_slave_0 left promiscuous mode [ 248.539555][ T4289] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.584751][ T4289] device veth1_macvtap left promiscuous mode [ 248.622558][ T6923] ipt_CLUSTERIP: Please specify destination IP [ 248.688627][ T4289] device veth0_macvtap left promiscuous mode [ 248.695167][ T4289] device veth1_vlan left promiscuous mode [ 248.701331][ T4289] device veth0_vlan left promiscuous mode [ 249.104191][ T4301] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 249.112354][ T4301] usb 4-1: config 0 has no interface number 0 [ 249.424454][ T4301] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 249.533825][ T4301] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.693849][ T4301] usb 4-1: Product: syz [ 249.738219][ T4301] usb 4-1: Manufacturer: syz [ 249.749025][ T6938] loop3: detected capacity change from 0 to 128 [ 249.770819][ T6938] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 249.795397][ T4301] usb 4-1: config 0 descriptor?? [ 249.953370][ T6938] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 249.963995][ T4301] usb 4-1: can't set config #0, error -71 [ 250.074969][ T4301] usb 4-1: USB disconnect, device number 11 [ 251.188987][ T382] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 251.252231][ T6944] loop2: detected capacity change from 0 to 4096 [ 251.400238][ T6944] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 251.810986][ T6952] EXT4-fs (loop2): shut down requested (1) [ 251.939673][ T6944] EXT4-fs error (device loop2): ext4_do_update_inode:5204: inode #15: comm syz.2.959: corrupted inode contents [ 252.120653][ T6944] EXT4-fs error (device loop2): ext4_dirty_inode:6040: inode #15: comm syz.2.959: mark_inode_dirty error [ 252.377937][ T9] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 252.421654][ T4289] team0 (unregistering): Port device team_slave_1 removed [ 252.484141][ T9] Quota error (device loop2): write_blk: dquota write failed [ 252.574151][ T9] Quota error (device loop2): free_dqentry: Can't write quota data block 5 [ 252.628971][ T4289] team0 (unregistering): Port device team_slave_0 removed [ 252.685134][ T6954] loop3: detected capacity change from 0 to 4096 [ 252.770568][ T4289] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 252.793967][ T6954] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 252.944271][ T4289] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 253.655270][ T4184] ntfs3: loop3: ntfs_sync_fs r=1a failed, -22. [ 253.694298][ T4184] ntfs3: loop3: ntfs_evict_inode r=1a failed, -22. [ 253.702067][ T4184] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 253.999795][ T4289] bond0 (unregistering): Released all slaves [ 254.384951][ T6551] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 254.555596][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 254.650564][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 254.788030][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 254.855334][ T6551] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 254.888322][ T6551] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.052546][ T6551] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 255.094935][ T3062] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 255.145778][ T3062] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 255.192889][ T6551] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.292251][ T6551] usb 4-1: config 0 descriptor?? [ 255.366490][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #04!!! [ 255.415563][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 255.535252][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #28e!!! [ 255.757642][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #38e!!! [ 255.849475][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.860290][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.019454][ T6551] arvo 0003:1E7D:30D4.0007: unknown main item tag 0x0 [ 256.232461][ T6551] arvo 0003:1E7D:30D4.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0 [ 256.349452][ T6967] loop2: detected capacity change from 0 to 8192 [ 256.375766][ T6551] arvo 0003:1E7D:30D4.0007: couldn't init struct arvo_device [ 256.390819][ T6973] loop1: detected capacity change from 0 to 4096 [ 256.428883][ T6551] arvo 0003:1E7D:30D4.0007: couldn't install keyboard [ 256.569211][ T6551] arvo: probe of 0003:1E7D:30D4.0007 failed with error -71 [ 256.693125][ T6967] attempt to access beyond end of device [ 256.693125][ T6967] loop2: rw=0, want=57848, limit=8192 [ 256.717841][ T6551] usb 4-1: USB disconnect, device number 12 [ 256.720976][ T6967] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1) [ 256.922106][ T6967] FAT-fs (loop2): Filesystem has been set read-only [ 257.191397][ T6967] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1) [ 257.446591][ T6967] FAT-fs (loop2): Filesystem has been set read-only [ 257.704802][ T6967] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1) [ 257.782692][ T6987] loop5: detected capacity change from 0 to 4096 [ 257.980647][ T6991] fido_id[6991]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 258.246722][ T6987] ntfs: volume version 3.1. [ 258.730509][ T4183] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 258.804002][ T4183] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 259.677669][ T4266] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 260.085758][ T4266] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 260.105686][ T7008] tipc: Started in network mode [ 260.127600][ T7010] loop0: detected capacity change from 0 to 128 [ 260.152298][ T4266] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 260.194572][ T7008] tipc: Node identity 7f000001, cluster identity 4711 [ 260.330208][ T4266] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 260.350033][ T7008] tipc: Enabled bearer , priority 10 [ 260.390240][ T4266] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 260.453979][ T4266] usb 3-1: SerialNumber: syz [ 260.458952][ T7010] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 260.459277][ T7010] ext4 filesystem being mounted at /206/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 260.686321][ T7016] loop5: detected capacity change from 0 to 128 [ 260.909793][ T4266] usb 3-1: 0:2 : does not exist [ 261.053266][ T7016] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 261.216729][ T7016] hpfs: filesystem error: improperly stopped [ 261.329921][ T4298] tipc: Node number set to 2130706433 [ 261.334384][ T7016] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 261.366907][ T4266] usb 3-1: USB disconnect, device number 13 [ 261.483828][ T7016] hpfs: You really don't want any checks? You are crazy... [ 261.785161][ T7016] hpfs: hpfs_map_sector(): read error [ 261.808075][ T7016] hpfs: code page support is disabled [ 261.975581][ T7016] hpfs: hpfs_map_4sectors(): unaligned read [ 261.983346][ T7016] hpfs: hpfs_map_4sectors(): unaligned read [ 262.061915][ T7016] hpfs: filesystem error: unable to find root dir [ 262.338248][ T4882] udevd[4882]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 262.819230][ T7016] hpfs: hpfs_map_4sectors(): unaligned read [ 262.866147][ T7016] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at aib [ 263.593569][ T26] audit: type=1326 audit(1759325170.132:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.2.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdeb2a51ec9 code=0x7ffc0000 [ 263.735828][ T7040] loop0: detected capacity change from 0 to 64 [ 264.021153][ T26] audit: type=1326 audit(1759325170.222:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.2.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdeb2a51ec9 code=0x7ffc0000 [ 264.141615][ T7046] loop5: detected capacity change from 0 to 8 [ 264.421910][ T26] audit: type=1326 audit(1759325170.222:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.2.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7fdeb2a51ec9 code=0x7ffc0000 [ 264.625338][ T7046] SQUASHFS error: lzo decompression failed, data probably corrupt [ 264.784363][ T26] audit: type=1326 audit(1759325170.222:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.2.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdeb2a51ec9 code=0x7ffc0000 [ 264.818295][ T150] block nbd0: Possible stuck request ffff888020810000: control (read@0,4096B). Runtime 60 seconds [ 264.819455][ T7046] SQUASHFS error: Failed to read block 0x91: -5 [ 264.964549][ T7046] SQUASHFS error: Unable to read metadata cache entry [8f] [ 264.973991][ T26] audit: type=1326 audit(1759325170.222:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.2.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdeb2a51ec9 code=0x7ffc0000 [ 265.294650][ T7046] SQUASHFS error: Unable to read inode 0x7 [ 265.590384][ T7059] loop1: detected capacity change from 0 to 128 [ 265.603829][ T7054] loop0: detected capacity change from 0 to 1024 [ 265.777400][ T4298] usb 4-1: new low-speed USB device number 13 using dummy_hcd [ 265.890866][ T7059] FAT-fs (loop1): Directory bread(block 32) failed [ 265.933955][ T1111] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 265.934519][ T7059] FAT-fs (loop1): Directory bread(block 33) failed [ 265.960167][ T7063] loop2: detected capacity change from 0 to 2048 [ 266.026836][ T7054] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 266.030851][ T7059] FAT-fs (loop1): Directory bread(block 34) failed [ 266.046841][ T7059] FAT-fs (loop1): Directory bread(block 35) failed [ 266.055268][ T7059] FAT-fs (loop1): Directory bread(block 36) failed [ 266.063233][ T7059] FAT-fs (loop1): Directory bread(block 37) failed [ 266.071579][ T7059] FAT-fs (loop1): Directory bread(block 38) failed [ 266.080034][ T7059] FAT-fs (loop1): Directory bread(block 39) failed [ 266.099277][ T7059] FAT-fs (loop1): Directory bread(block 40) failed [ 266.107534][ T7054] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 266.144918][ T7063] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 266.234833][ T4298] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 266.265194][ T7059] FAT-fs (loop1): Directory bread(block 41) failed [ 266.304725][ T1111] usb 6-1: config 0 has an invalid interface number: 120 but max is 0 [ 266.319868][ T4298] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.363972][ T1111] usb 6-1: config 0 has no interface number 0 [ 266.436161][ T7069] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 266.479843][ T1111] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 45800, setting to 64 [ 266.493343][ T4298] usb 4-1: config 0 descriptor?? [ 266.742896][ T1111] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 266.937935][ T1111] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.187593][ T1111] usb 6-1: config 0 descriptor?? [ 267.344949][ T1111] usb 6-1: can't set config #0, error -71 [ 267.472021][ T1111] usb 6-1: USB disconnect, device number 2 [ 267.492138][ T7054] EXT4-fs error (device loop0): ext4_map_blocks:739: inode #15: comm syz.0.989: lblock 0 mapped to illegal pblock 0 (length 6) [ 267.520615][ T4298] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 267.597702][ T7054] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 267.656375][ T4298] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9 [ 267.770460][ T7054] EXT4-fs (loop0): This should not happen!! Data will be lost [ 267.770460][ T7054] [ 267.895056][ T4298] asix: probe of 4-1:0.0 failed with error -71 [ 268.101071][ T4298] usb 4-1: USB disconnect, device number 13 [ 268.124040][ T4420] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 268.424592][ T4420] usb 3-1: Using ep0 maxpacket: 16 [ 268.438350][ T144] EXT4-fs error (device loop0): ext4_map_blocks:739: inode #15: block 8: comm kworker/u4:1: lblock 8 mapped to illegal pblock 8 (length 8) [ 268.544846][ T4420] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.665628][ T144] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 268.709082][ T4420] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 268.815963][ T4420] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 268.975384][ T144] EXT4-fs (loop0): This should not happen!! Data will be lost [ 268.975384][ T144] [ 269.008809][ T4420] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 269.169237][ T4420] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.386230][ T4420] usb 3-1: config 0 descriptor?? [ 269.661972][ T4298] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 270.024318][ T4405] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 270.035756][ T4420] microsoft 0003:045E:07DA.0008: item 0 4 0 8 parsing failed [ 270.115875][ T4420] microsoft 0003:045E:07DA.0008: parse failed [ 270.194061][ T4420] microsoft: probe of 0003:045E:07DA.0008 failed with error -22 [ 270.235579][ T4298] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 270.270158][ T4298] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.274173][ T4405] usb 6-1: Using ep0 maxpacket: 8 [ 270.364518][ T4420] usb 3-1: USB disconnect, device number 14 [ 270.450139][ T4298] usb 4-1: config 0 descriptor?? [ 270.634785][ T4405] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 270.686986][ T4298] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 270.702878][ T4405] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.848303][ T4405] usb 6-1: Product: syz [ 270.928549][ T4298] gp8psk: usb in 128 operation failed. [ 270.944447][ T4405] usb 6-1: Manufacturer: syz [ 270.950019][ T4405] usb 6-1: SerialNumber: syz [ 270.994879][ T4298] gp8psk: usb in 137 operation failed. [ 271.034714][ T4298] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 271.067683][ T4405] usb 6-1: config 0 descriptor?? [ 271.171883][ T4405] gspca_main: se401-2.14.0 probing 047d:5003 [ 271.241382][ T4298] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 271.285325][ T4298] usb 4-1: media controller created [ 271.566614][ T4298] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 271.604950][ T4405] gspca_se401: Bayer format not supported! [ 271.986075][ T4298] gp8psk_fe: Frontend attached [ 272.026939][ T4405] usb 6-1: USB disconnect, device number 3 [ 272.128289][ T4298] usb 4-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 272.343351][ T4298] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 272.920226][ T7107] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1003'. [ 273.459224][ T4298] gp8psk: usb in 138 operation failed. [ 273.459424][ T4298] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 273.459585][ T4298] gp8psk: found Genpix USB device pID = 203 (hex) [ 273.467878][ T4298] usb 4-1: USB disconnect, device number 14 [ 274.353629][ T7115] loop1: detected capacity change from 0 to 1024 [ 274.746355][ T7115] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,abort,dax=inode,,errors=continue. Quota mode: none. [ 275.058805][ T4298] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 276.181158][ T7130] loop0: detected capacity change from 0 to 1024 [ 276.630775][ T7130] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 276.761283][ T26] audit: type=1800 audit(1759325183.302:42): pid=7130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1009" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 277.595915][ T7141] loop1: detected capacity change from 0 to 256 [ 278.066762][ T7147] loop3: detected capacity change from 0 to 512 [ 278.186001][ T7141] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 278.364917][ T7147] EXT4-fs (loop3): Ignoring removed bh option [ 278.373406][ T7147] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 278.521325][ T7147] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 278.729434][ T7153] loop0: detected capacity change from 0 to 128 [ 278.807552][ T7147] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,mblk_io_submit,nojournal_checksum,init_itable=0x0000000000000006,dioread_nolock,,errors=continue. Quota mode: writeback. [ 279.220168][ T7153] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 279.264860][ T7153] ext4 filesystem being mounted at /213/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 279.294670][ T7147] ext4 filesystem being mounted at /190/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 279.701608][ T7147] EXT4-fs error (device loop3): ext4_ext_remove_space:2929: inode #15: comm syz.3.1014: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0) [ 279.741833][ T7153] EXT4-fs (loop0): shut down requested (0) [ 279.820641][ T7147] EXT4-fs error (device loop3): ext4_evict_inode:293: comm syz.3.1014: couldn't truncate inode 15 (err -117) [ 280.189543][ T7158] loop2: detected capacity change from 0 to 8192 [ 280.546347][ T7158] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 280.578301][ T7158] REISERFS (device loop2): using ordered data mode [ 280.598017][ T7159] loop5: detected capacity change from 0 to 8192 [ 280.753999][ T7158] reiserfs: using flush barriers [ 280.851521][ T26] audit: type=1800 audit(1759325187.392:43): pid=7161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1014" name="file1" dev="loop3" ino=16 res=0 errno=0 [ 280.876027][ T7158] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 281.246442][ T7159] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 281.303761][ T7158] REISERFS (device loop2): checking transaction log (loop2) [ 281.764498][ T7169] loop1: detected capacity change from 0 to 1024 [ 282.338377][ T7169] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none. [ 282.504534][ T7169] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.759115][ T7158] REISERFS (device loop2): Using tea hash to sort names [ 283.788149][ T7177] loop3: detected capacity change from 0 to 4096 [ 283.885998][ T7158] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 284.044106][ T7177] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 284.571283][ T7177] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 286.300115][ T7201] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1024'. [ 286.455041][ T7201] chnl_net:caif_netlink_parms(): no params data found [ 286.471953][ T7209] loop2: detected capacity change from 0 to 136 [ 286.688218][ T7200] loop5: detected capacity change from 0 to 4096 [ 286.875449][ T7200] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 287.113711][ T7209] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 289.127369][ T7235] loop2: detected capacity change from 0 to 1024 [ 289.364871][ T7235] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 289.615644][ T7232] loop3: detected capacity change from 0 to 4096 [ 289.721914][ T7235] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,nojournal_checksum,barrier=0x0000000000010002,dioread_lock,data_err=ignore,mb_optimize_scan=0x0000000000000000,dioread_nolock,nobarrier,abort,user_xattr,norecovery,errors=remount-ro,. Quota mode: none. [ 289.959873][ T7235] EXT4-fs error (device loop2): ext4_remount:6035: comm syz.2.1039: Abort forced by user [ 290.232138][ T7235] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: none. [ 290.357244][ T7249] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 292.981763][ T7264] loop0: detected capacity change from 0 to 2048 [ 293.150059][ T7269] loop1: detected capacity change from 0 to 128 [ 293.653109][ T7264] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 293.837835][ T7264] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 294.155505][ T26] audit: type=1800 audit(1759325200.702:44): pid=7269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1046" name="file1" dev="loop1" ino=1048668 res=0 errno=0 [ 294.929728][ T150] block nbd0: Possible stuck request ffff888020810000: control (read@0,4096B). Runtime 90 seconds [ 295.009906][ T7279] loop3: detected capacity change from 0 to 4096 [ 295.440764][ T7279] EXT4-fs (loop3): Test dummy encryption mode enabled [ 295.446083][ T7290] loop5: detected capacity change from 0 to 128 [ 295.635316][ T7279] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 295.646412][ T7279] System zones: 0-5 [ 295.834779][ T7279] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,delalloc,resuid=0x0000000000000000,test_dummy_encryption,nodiscard,data_err=ignore,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback. [ 295.974399][ T7290] FAT-fs (loop5): error, invalid access to FAT (entry 0x0fff0000) [ 296.091742][ T7290] FAT-fs (loop5): Filesystem has been set read-only [ 296.244413][ T7303] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 296.584149][ T4397] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 296.824337][ T4397] usb 1-1: Using ep0 maxpacket: 16 [ 296.991056][ T7310] [U] vÔ3 [ 297.104736][ T4397] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 297.145333][ T7315] loop5: detected capacity change from 0 to 128 [ 297.204484][ T4397] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.334237][ T4397] usb 1-1: Product: syz [ 297.382512][ T7279] fscrypt (loop3): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))") [ 297.403935][ T4397] usb 1-1: Manufacturer: syz [ 297.515214][ T4397] usb 1-1: SerialNumber: syz [ 297.595109][ T4397] usb 1-1: config 0 descriptor?? [ 297.789687][ T4397] visor 1-1:0.0: Sony Clie 3.5 converter detected [ 298.004641][ T4397] usb 1-1: clie_3_5_startup: get config number bad return length: 0 [ 298.091312][ T4397] visor: probe of 1-1:0.0 failed with error -5 [ 298.284707][ T4397] usb 1-1: USB disconnect, device number 9 [ 300.911032][ T7342] loop3: detected capacity change from 0 to 2048 [ 300.934886][ T7346] loop5: detected capacity change from 0 to 128 [ 301.184452][ T7346] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 301.239859][ T7342] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 301.325873][ T7342] UDF-fs: Scanning with blocksize 512 failed [ 301.444464][ T7346] hpfs: filesystem error: improperly stopped [ 301.560688][ T7342] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 301.571324][ T7346] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 301.728524][ T7346] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 302.153951][ T7346] hpfs: filesystem error: dir band size mismatch: dir_band_start==7b318cc2, dir_band_end==7b318cc3, n_dir_band==00000003 [ 306.469333][ T26] audit: type=1326 audit(1759325213.012:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7392 comm="syz.0.1081" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f886db06ec9 code=0x0 [ 307.131936][ T7404] loop3: detected capacity change from 0 to 64 [ 307.331593][ T7401] loop1: detected capacity change from 0 to 1024 [ 308.186307][ T7412] tap0: tun_chr_ioctl cmd 1074025677 [ 308.337668][ T7412] tap0: linktype set to 773 [ 308.427520][ T7415] loop5: detected capacity change from 0 to 512 [ 308.464020][ T7413] tap0: tun_chr_ioctl cmd 2148553947 [ 308.716758][ T7418] netlink: 'syz.2.1089': attribute type 21 has an invalid length. [ 308.783604][ T7418] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1089'. [ 308.821387][ T7415] EXT4-fs (loop5): Ignoring removed orlov option [ 308.872088][ T7415] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 308.897212][ T7422] netlink: 'syz.2.1089': attribute type 21 has an invalid length. [ 308.939701][ T7422] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1089'. [ 309.059774][ T7415] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 309.186684][ T144] hfsplus: b-tree write err: -5, ino 4 [ 309.331849][ T7415] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.1088: corrupted in-inode xattr [ 309.388930][ T7415] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.1088: couldn't read orphan inode 15 (err -117) [ 309.566826][ T7415] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none. [ 310.050419][ T7435] loop2: detected capacity change from 0 to 1024 [ 310.466699][ T7437] syz.1.1092 sent an empty control message without MSG_MORE. [ 311.097087][ T154] hfsplus: b-tree write err: -5, ino 3 [ 311.708901][ T7450] loop2: detected capacity change from 0 to 128 [ 312.914628][ T7451] loop0: detected capacity change from 0 to 4096 [ 313.536927][ T7465] loop5: detected capacity change from 0 to 256 [ 316.174000][ T4421] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 316.593320][ T4421] usb 1-1: config 1 has an invalid descriptor of length 170, skipping remainder of the config [ 316.690419][ T7472] loop2: detected capacity change from 0 to 8192 [ 316.712210][ T4421] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 43520, setting to 1024 [ 316.877171][ T7472] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 316.964888][ T7472] REISERFS (device loop2): using ordered data mode [ 316.971311][ T4421] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 316.977438][ T7472] reiserfs: using flush barriers [ 317.074005][ T7472] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 317.191443][ T7472] REISERFS (device loop2): checking transaction log (loop2) [ 317.216775][ T4421] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 317.293651][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.301153][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.484394][ T4421] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 317.549101][ T4421] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 317.667297][ T4421] usb 1-1: SerialNumber: syz [ 317.791945][ T4421] cdc_ether: probe of 1-1:1.0 failed with error -22 [ 318.408640][ T4421] usb 1-1: USB disconnect, device number 10 [ 318.660714][ T7472] REISERFS (device loop2): Using tea hash to sort names [ 318.693490][ T7472] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 318.793540][ T7472] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 319.553292][ T7502] loop5: detected capacity change from 0 to 512 [ 319.809666][ T7502] EXT4-fs (loop5): Ignoring removed mblk_io_submit option [ 319.832695][ T7502] EXT4-fs (loop5): Test dummy encryption mode enabled [ 320.245941][ T7502] EXT4-fs error (device loop5): ext4_orphan_get:1401: comm syz.5.1111: inode #13: comm syz.5.1111: iget: illegal inode # [ 320.394679][ T7510] loop1: detected capacity change from 0 to 128 [ 320.494064][ T7502] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.1111: couldn't read orphan inode 13 (err -117) [ 320.528199][ T7502] EXT4-fs (loop5): mounted filesystem without journal. Opts: nouid32,i_version,noblock_validity,abort,mblk_io_submit,data_err=ignore,max_dir_size_kb=0x000000000080222a,delalloc,test_dummy_encryption,,errors=continue. Quota mode: none. [ 321.039780][ T7502] EXT4-fs (loop5): shut down requested (1) [ 323.241948][ T7529] loop1: detected capacity change from 0 to 1024 [ 324.975711][ T150] block nbd0: Possible stuck request ffff888020810000: control (read@0,4096B). Runtime 120 seconds [ 325.353291][ T3062] hfsplus: b-tree write err: -5, ino 8 [ 328.487452][ T7577] loop2: detected capacity change from 0 to 512 [ 329.102638][ T7577] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 329.254150][ T7577] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 329.852238][ T7585] loop0: detected capacity change from 0 to 512 [ 330.322421][ T7585] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 330.527200][ T7585] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:163: inode #17: comm syz.0.1132: inline data xattr refers to an external xattr inode [ 330.708890][ T7585] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.1132: couldn't read orphan inode 17 (err -117) [ 330.725571][ T4405] Bluetooth: hci5: command 0x0409 tx timeout [ 330.875031][ T7585] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodiscard,jqfmt=vfsv0,data_err=ignore,inode_readahead_blks=0x0000000000010000,resuid=0x0000000000000000,norecovery,,errors=continue. Quota mode: none. [ 332.326707][ T7606] TCP: TCP_TX_DELAY enabled [ 332.660130][ T7611] loop2: detected capacity change from 0 to 64 [ 332.803984][ T4421] Bluetooth: hci5: command 0x041b tx timeout [ 332.823971][ T4405] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 333.064058][ T4405] usb 1-1: Using ep0 maxpacket: 8 [ 333.184803][ T4405] usb 1-1: config 162 has an invalid interface number: 97 but max is 0 [ 333.254380][ T4405] usb 1-1: config 162 has no interface number 0 [ 333.364406][ T4405] usb 1-1: config 162 interface 97 has no altsetting 0 [ 333.634320][ T4405] usb 1-1: New USB device found, idVendor=0c2e, idProduct=0700, bcdDevice=e1.3b [ 333.708076][ T4405] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.864022][ T4405] usb 1-1: Product: syz [ 333.874869][ T4405] usb 1-1: Manufacturer: syz [ 334.002243][ T4405] usb 1-1: SerialNumber: syz [ 334.450838][ T4405] metro_usb 1-1:162.97: Metrologic USB to Serial converter detected [ 334.705804][ T4405] usb 1-1: Metrologic USB to Serial converter now attached to ttyUSB0 [ 334.986651][ T4405] usb 1-1: USB disconnect, device number 11 [ 335.215702][ T4405] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0 [ 335.345825][ T7575] chnl_net:caif_netlink_parms(): no params data found [ 335.395632][ T4405] metro_usb 1-1:162.97: device disconnected [ 335.499706][ T4397] Bluetooth: hci5: command 0x040f tx timeout [ 337.578375][ T7575] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.609043][ T1111] Bluetooth: hci5: command 0x0419 tx timeout [ 337.722253][ T7575] bridge0: port 1(bridge_slave_0) entered disabled state [ 337.853136][ T7575] device bridge_slave_0 entered promiscuous mode [ 338.024210][ T7575] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.153971][ T7575] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.222458][ T7654] loop5: detected capacity change from 0 to 128 [ 338.294387][ T7575] device bridge_slave_1 entered promiscuous mode [ 338.481662][ T7654] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 338.679277][ T7654] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 339.122723][ T7575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 339.466630][ T7575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 339.742828][ T3562] udevd[3562]: worker [4882] terminated by signal 33 (Unknown signal 33) [ 339.828126][ T7658] loop0: detected capacity change from 0 to 1024 [ 339.923086][ T3562] udevd[3562]: worker [4882] failed while handling '/devices/virtual/block/loop5' [ 340.122548][ T7658] hfsplus: unable to parse mount options [ 340.474305][ T4405] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 340.608723][ T7575] team0: Port device team_slave_0 added [ 340.724359][ T4405] usb 2-1: Using ep0 maxpacket: 32 [ 340.848715][ T4405] usb 2-1: config 0 has no interfaces? [ 340.860316][ T7575] team0: Port device team_slave_1 added [ 341.034243][ T4405] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 341.109061][ T4405] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.220438][ T4405] usb 2-1: Product: syz [ 341.299698][ T4405] usb 2-1: Manufacturer: syz [ 341.352398][ T4405] usb 2-1: SerialNumber: syz [ 341.457542][ T4405] usb 2-1: config 0 descriptor?? [ 342.737367][ T7575] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 342.853433][ T7575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.031430][ T7681] loop2: detected capacity change from 0 to 512 [ 343.229470][ T7575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.254414][ T6551] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 343.378541][ T7575] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.435289][ T7681] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 343.525439][ T7575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.569270][ T7575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 343.602372][ T7681] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 343.825295][ T6551] usb 6-1: config 0 interface 0 altsetting 250 endpoint 0x81 has an invalid bInterval 26, changing to 8 [ 343.850833][ T6551] usb 6-1: config 0 interface 0 has no altsetting 0 [ 343.931638][ T6551] usb 6-1: New USB device found, idVendor=09da, idProduct=001a, bcdDevice= 0.00 [ 344.040118][ T7575] device hsr_slave_0 entered promiscuous mode [ 344.102547][ T7575] device hsr_slave_1 entered promiscuous mode [ 344.105659][ T6551] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.186073][ T7575] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 344.250160][ T7575] Cannot create hsr debugfs directory [ 344.271501][ T6551] usb 6-1: config 0 descriptor?? [ 344.888193][ T7695] loop2: detected capacity change from 0 to 128 [ 344.903694][ T6551] a4tech 0003:09DA:001A.0009: invalid report_size -795022069 [ 344.920973][ T6551] a4tech 0003:09DA:001A.0009: item 0 4 1 7 parsing failed [ 344.939528][ T6551] a4tech 0003:09DA:001A.0009: parse failed [ 344.965769][ T6551] a4tech: probe of 0003:09DA:001A.0009 failed with error -22 [ 345.247582][ T7695] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: none. [ 345.375028][ T7695] ext4 filesystem being mounted at /260/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 345.582182][ T1111] usb 6-1: USB disconnect, device number 4 [ 347.112713][ T7708] loop2: detected capacity change from 0 to 512 [ 347.432358][ T7708] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1167: inode #1: comm syz.2.1167: iget: illegal inode # [ 347.597353][ T7708] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1167: error while reading EA inode 1 err=-117 [ 347.616586][ T7707] ALSA: seq fatal error: cannot create timer (-19) [ 347.639263][ T7575] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 347.828860][ T7575] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 347.844133][ T7575] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 347.859237][ T7708] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1167: inode #1: comm syz.2.1167: iget: illegal inode # [ 347.926367][ T7575] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 347.999826][ T7708] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1167: error while reading EA inode 1 err=-117 [ 348.081982][ T7714] loop5: detected capacity change from 0 to 64 [ 348.258053][ T7708] EXT4-fs (loop2): 1 orphan inode deleted [ 348.363860][ T7708] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,nogrpid,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,sysvgroups,usrjquota=,,errors=continue. Quota mode: none. [ 349.867385][ T7575] 8021q: adding VLAN 0 to HW filter on device bond0 [ 350.079681][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 350.088893][ T4421] Bluetooth: hci4: command 0x0406 tx timeout [ 350.123075][ T7726] loop5: detected capacity change from 0 to 512 [ 350.133391][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 350.287797][ T7575] 8021q: adding VLAN 0 to HW filter on device team0 [ 350.334462][ T7726] EXT4-fs (loop5): Ignoring removed nobh option [ 350.576810][ T7724] loop1: detected capacity change from 0 to 2048 [ 350.608566][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 350.634871][ T7726] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.1172: corrupted in-inode xattr [ 350.685958][ T7730] loop2: detected capacity change from 0 to 2048 [ 350.731746][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 350.736456][ T7726] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.1172: couldn't read orphan inode 15 (err -117) [ 350.812477][ T7730] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 350.838173][ T7726] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,nobh,journal_ioprio=0x0000000000000004,noload,delalloc,max_batch_time=0x0000000000000001,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000800,bsdgroups,init_itable=0x0000000000000fff,,errors=continue. Quota mode: none. [ 350.966183][ T1274] bridge0: port 1(bridge_slave_0) entered blocking state [ 350.974616][ T1274] bridge0: port 1(bridge_slave_0) entered forwarding state [ 351.187447][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 351.300591][ T7724] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 351.500998][ T7724] ext4 filesystem being mounted at /217/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 351.567128][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 351.706614][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 351.844442][ T27] INFO: task udevd:4202 blocked for more than 143 seconds. [ 351.853032][ T27] Not tainted syzkaller #0 [ 351.896835][ T1274] bridge0: port 2(bridge_slave_1) entered blocking state [ 351.905291][ T1274] bridge0: port 2(bridge_slave_1) entered forwarding state [ 351.976590][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 352.119496][ T27] task:udevd state:D stack:23328 pid: 4202 ppid: 3562 flags:0x00004002 [ 352.135321][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 352.215566][ T27] Call Trace: [ 352.252832][ T27] [ 352.275243][ T7726] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1172'. [ 352.282223][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 352.328358][ T27] __schedule+0x11bb/0x4390 [ 352.369484][ T27] ? release_firmware_map_entry+0x190/0x190 [ 352.437863][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 352.469715][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 352.548328][ T27] ? lock_chain_count+0x20/0x20 [ 352.610785][ T27] ? _raw_spin_lock_irq+0xab/0xe0 [ 352.651447][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 352.681697][ T27] schedule+0x11b/0x1e0 [ 352.733535][ T27] io_schedule+0x7c/0xd0 [ 352.784845][ T1274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 352.803591][ T27] wait_on_page_bit_common+0x815/0xe00 [ 352.870573][ T27] ? wait_on_page_bit+0x50/0x50 [ 352.930402][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 352.963039][ T27] ? blkdev_fallocate+0x4d0/0x4d0 [ 352.967681][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 353.005426][ T27] ? rcu_lock_release+0x20/0x20 [ 353.027233][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 353.053678][ T27] ? add_to_page_cache_lru+0x2a8/0x4a0 [ 353.065117][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 353.091526][ T27] do_read_cache_page+0xb05/0x1030 [ 353.105190][ T27] read_part_sector+0xd4/0x4f0 [ 353.298417][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 353.315855][ T27] ? string+0x26d/0x2b0 [ 353.348686][ T27] adfspart_check_ICS+0xbf/0xe00 [ 353.380899][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 353.402890][ T27] ? vsnprintf+0x1905/0x1a00 [ 353.439686][ T27] ? adfspart_check_ADFS+0x830/0x830 [ 353.499186][ T7575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 353.529600][ T27] ? snprintf+0xd7/0x120 [ 353.537647][ T27] ? vscnprintf+0x80/0x80 [ 353.571446][ T27] bdev_disk_changed+0x917/0x16b0 [ 353.599665][ T27] ? blkdev_get_by_dev+0x157/0xa60 [ 353.633209][ T27] ? blk_drop_partitions+0x1a0/0x1a0 [ 353.665677][ T27] ? _atomic_dec_and_lock+0x8f/0x110 [ 353.740431][ T27] blkdev_get_whole+0x2f9/0x390 [ 353.776287][ T27] blkdev_get_by_dev+0x2d0/0xa60 [ 353.851709][ T27] blkdev_open+0x12d/0x2c0 [ 353.882998][ T27] ? block_ioctl+0xf0/0xf0 [ 353.912450][ T27] do_dentry_open+0x7ff/0xf80 [ 353.944147][ T27] path_openat+0x2682/0x2f30 [ 353.970013][ T27] ? __kasan_slab_alloc+0xb3/0xd0 [ 354.002363][ T27] ? __kasan_slab_alloc+0x9c/0xd0 [ 354.034668][ T27] ? slab_post_alloc_hook+0x4c/0x380 [ 354.114539][ T27] ? verify_lock_unused+0x140/0x140 [ 354.120833][ T27] ? __x64_sys_openat+0x135/0x160 [ 354.214087][ T27] ? do_filp_open+0x3e0/0x3e0 [ 354.219820][ T27] do_filp_open+0x1b3/0x3e0 [ 354.303910][ T27] ? vfs_tmpfile+0x300/0x300 [ 354.309573][ T27] ? _raw_spin_unlock+0x24/0x40 [ 354.434093][ T27] ? alloc_fd+0x598/0x630 [ 354.439319][ T27] do_sys_openat2+0x142/0x4a0 [ 354.544686][ T27] ? __lock_acquire+0x7c60/0x7c60 [ 354.550816][ T27] ? do_sys_open+0xe0/0xe0 [ 354.644238][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 354.651577][ T27] ? lock_chain_count+0x20/0x20 [ 354.803984][ T27] ? vtime_user_exit+0x2dc/0x400 [ 354.809913][ T27] __x64_sys_openat+0x135/0x160 [ 354.886026][ T27] do_syscall_64+0x4c/0xa0 [ 354.891729][ T27] ? clear_bhb_loop+0x30/0x80 [ 355.005666][ T27] ? clear_bhb_loop+0x30/0x80 [ 355.025305][ T27] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 355.044417][ T150] block nbd0: Possible stuck request ffff888020810000: control (read@0,4096B). Runtime 150 seconds [ 355.077679][ T27] RIP: 0033:0x7f7b92bc2407 [ 355.082180][ T27] RSP: 002b:00007ffd27779a60 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 355.101351][ T27] RAX: ffffffffffffffda RBX: 00007f7b92ad4880 RCX: 00007f7b92bc2407 [ 355.109566][ T27] RDX: 00000000000a0800 RSI: 0000561538211480 RDI: ffffffffffffff9c [ 355.132335][ T27] RBP: 0000561538210910 R08: 0000000000000000 R09: 0000000000000000 [ 355.139421][ T3562] udevd[3562]: worker [4202] /devices/virtual/block/nbd0 is taking a long time [ 355.140550][ T27] R10: 0000000000000000 R11: 0000000000000202 R12: 00005615382641a0 [ 355.140597][ T27] R13: 0000561538228410 R14: 0000000000000000 R15: 00005615382641a0 [ 355.140631][ T27] [ 355.140770][ T27] [ 355.140770][ T27] Showing all locks held in the system: [ 355.413960][ T4289] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 355.495453][ T4289] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 355.533884][ T27] 1 lock held by khungtaskd/27: [ 355.593557][ T27] #0: ffffffff8c11c660 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 [ 355.634036][ T7575] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 355.718539][ T27] 2 locks held by kworker/u4:3/382: [ 355.771781][ T27] #0: ffff888016879138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x760/0x1000 [ 355.939881][ T27] #1: ffff8880b9027888 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x4d6/0x810 [ 356.087398][ T27] 2 locks held by kworker/0:2/1111: [ 356.162182][ T27] #0: ffff888016870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x760/0x1000 [ 356.324375][ T27] #1: ffffc900049c7d00 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000 [ 356.453975][ T27] 2 locks held by kworker/u4:5/3062: [ 356.460366][ T27] #0: ffff888016879138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x760/0x1000 [ 356.633940][ T27] #1: ffffc9000c91fd00 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000 [ 356.773921][ T27] 2 locks held by getty/3945: [ 356.779561][ T27] #0: ffff88807f5fa098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 356.954313][ T27] #1: ffffc900025e62e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x5ba/0x1a30 [ 357.084072][ T27] 2 locks held by syz-executor/4183: [ 357.090402][ T27] #0: ffff888020152118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xf9/0x7d0 [ 357.243786][ T27] #1: ffff88814753e468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xaa/0xb90 [ 357.350742][ T27] 1 lock held by udevd/4202: [ 357.369717][ T27] #0: ffff8880205f0518 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x157/0xa60 [ 357.389066][ T27] 2 locks held by kworker/0:8/4271: [ 357.394328][ T27] #0: ffff888016872138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x760/0x1000 [ 357.492608][ T27] #1: ffffc900033efd00 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000 [ 357.563385][ T27] 3 locks held by kworker/0:12/4405: [ 357.609583][ T27] #0: ffff888016870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x760/0x1000 [ 357.773800][ T27] #1: ffffc9000430fd00 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000 [ 357.818806][ T27] #2: ffffffff8c1210e8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x347/0x6b0 [ 357.889763][ T27] 3 locks held by kworker/0:21/4421: [ 357.922478][ T27] #0: ffff888016870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x760/0x1000 [ 358.059742][ T27] #1: ffffc900034ffd00 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000 [ 358.125565][ T27] #2: ffffffff8c1210e8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x320/0x6b0 [ 358.131177][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 358.213887][ T27] 2 locks held by kworker/1:7/6551: [ 358.229351][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 358.234566][ T27] #0: ffff888016870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x760/0x1000 [ 358.399545][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 358.425172][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 358.438600][ T27] #1: ffffc90003da7d00 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000 [ 358.508822][ T7575] device veth0_vlan entered promiscuous mode [ 358.537788][ T27] 2 locks held by syz.3.1095/7445: [ 358.579216][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 358.595403][ T27] 1 lock held by syz-executor/7575: [ 358.619486][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 358.646911][ T27] #0: ffffffff8d238048 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x974/0xe60 [ 358.732529][ T27] 2 locks held by syz.1.1151/7676: [ 358.769954][ T27] [ 358.805376][ T7575] device veth1_vlan entered promiscuous mode [ 358.821992][ T27] ============================================= [ 358.821992][ T27] [ 358.872285][ T27] NMI backtrace for cpu 0 [ 358.876684][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 [ 358.883911][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 358.893995][ T27] Call Trace: [ 358.897379][ T27] [ 358.900328][ T27] dump_stack_lvl+0x168/0x230 [ 358.905038][ T27] ? show_regs_print_info+0x20/0x20 [ 358.910263][ T27] ? load_image+0x3b0/0x3b0 [ 358.914788][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 358.920822][ T27] ? nmi_cpu_backtrace+0x1b6/0x3d0 [ 358.925983][ T27] nmi_cpu_backtrace+0x397/0x3d0 [ 358.930956][ T27] ? nmi_trigger_cpumask_backtrace+0x280/0x280 [ 358.937143][ T27] ? nmi_trigger_cpumask_backtrace+0x44/0x280 [ 358.943242][ T27] ? kasan_check_range+0x7b/0x290 [ 358.948295][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 358.954389][ T27] nmi_trigger_cpumask_backtrace+0x163/0x280 [ 358.960411][ T27] watchdog+0xe0f/0xe50 [ 358.964614][ T27] kthread+0x436/0x520 [ 358.968711][ T27] ? hungtask_pm_notify+0x40/0x40 [ 358.973767][ T27] ? kthread_blkcg+0xd0/0xd0 [ 358.978386][ T27] ret_from_fork+0x1f/0x30 [ 358.982856][ T27] [ 359.004820][ T27] Sending NMI from CPU 0 to CPUs 1: [ 359.010114][ C1] NMI backtrace for cpu 1 [ 359.010129][ C1] CPU: 1 PID: 20 Comm: ksoftirqd/1 Not tainted syzkaller #0 [ 359.010146][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 359.010156][ C1] RIP: 0010:kasan_check_range+0x68/0x290 [ 359.010181][ C1] Code: c1 eb 03 49 b8 00 00 00 00 00 fc ff df 4f 8d 0c 03 48 8d 5c 37 ff 48 c1 eb 03 4e 8d 14 3b 4d 89 d6 4d 29 ce 49 83 fe 10 7f 26 <4d> 85 f6 0f 84 39 01 00 00 48 f7 d3 4c 01 db 41 80 39 00 0f 85 c1 [ 359.010196][ C1] RSP: 0018:ffffc90000dd08c0 EFLAGS: 00000083 [ 359.010210][ C1] RAX: 0000000000000001 RBX: 1ffffffff1ff7819 RCX: ffffffff815c027b [ 359.010222][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8ffbc0c8 [ 359.010233][ C1] RBP: ffffc90000dd0b30 R08: dffffc0000000000 R09: fffffbfff1ff7819 [ 359.010245][ C1] R10: fffffbfff1ff781a R11: 1ffffffff1ff7819 R12: ffff88813fe70b38 [ 359.010257][ C1] R13: 0000000000000008 R14: 0000000000000001 R15: dffffc0000000001 [ 359.010268][ C1] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 359.010282][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 359.010293][ C1] CR2: 0000200000d76030 CR3: 0000000029b79000 CR4: 00000000003506e0 [ 359.010308][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 359.010317][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 359.010327][ C1] Call Trace: [ 359.010332][ C1] [ 359.010338][ C1] __lock_acquire+0x51b/0x7c60 [ 359.010365][ C1] ? mark_lock+0x94/0x320 [ 359.010384][ C1] ? __lock_acquire+0x13ad/0x7c60 [ 359.010401][ C1] ? verify_lock_unused+0x140/0x140 [ 359.010420][ C1] ? verify_lock_unused+0x140/0x140 [ 359.010436][ C1] ? mark_lock+0x94/0x320 [ 359.010463][ C1] lock_acquire+0x197/0x3f0 [ 359.010480][ C1] ? __hrtimer_run_queues+0x5ff/0xc40 [ 359.010503][ C1] ? read_lock_is_recursive+0x10/0x10 [ 359.010522][ C1] ? __rwlock_init+0x140/0x140 [ 359.010536][ C1] ? _raw_spin_lock_irqsave+0xb0/0xf0 [ 359.010559][ C1] _raw_spin_lock_irq+0x9f/0xe0 [ 359.010577][ C1] ? __hrtimer_run_queues+0x5ff/0xc40 [ 359.010595][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 359.010623][ C1] __hrtimer_run_queues+0x5ff/0xc40 [ 359.010644][ C1] ? taprio_free_sched_cb+0x190/0x190 [ 359.010667][ C1] ? hrtimer_interrupt+0x8d0/0x8d0 [ 359.010685][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 359.010705][ C1] hrtimer_interrupt+0x3bb/0x8d0 [ 359.010732][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 359.010750][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 359.010768][ C1] [ 359.010772][ C1] [ 359.010777][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 359.010794][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0x100 [ 359.010814][ C1] Code: 74 05 e8 5e 8d cb f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 c6 15 9f f7 65 8b 05 a7 13 50 76 85 c0 74 3c 48 c7 04 24 0e 36 [ 359.010827][ C1] RSP: 0018:ffffc90000da78a0 EFLAGS: 00000206 [ 359.010839][ C1] RAX: ff988a484e6a1c00 RBX: 0000000000000a06 RCX: ff988a484e6a1c00 [ 359.010851][ C1] RDX: dffffc0000000000 RSI: ffffffff8a0b1820 RDI: 0000000000000001 [ 359.010862][ C1] RBP: ffffc90000da7928 R08: dffffc0000000000 R09: fffffbfff2c62371 [ 359.010875][ C1] R10: fffffbfff2c62371 R11: 1ffffffff2c62370 R12: dffffc0000000000 [ 359.010887][ C1] R13: ffff88802750b400 R14: ffffffff96311b80 R15: 1ffff920001b4f14 [ 359.010907][ C1] ? _raw_spin_unlock+0x40/0x40 [ 359.010929][ C1] debug_check_no_obj_freed+0x515/0x530 [ 359.010955][ C1] slab_free_freelist_hook+0x8b/0x170 [ 359.010972][ C1] ? rcu_core+0x962/0x15d0 [ 359.010988][ C1] kmem_cache_free+0x8f/0x210 [ 359.011005][ C1] rcu_core+0x962/0x15d0 [ 359.011027][ C1] ? local_bh_disable+0x20/0x20 [ 359.011047][ C1] ? net_tx_action+0x800/0x870 [ 359.011068][ C1] ? process_backlog+0x780/0x780 [ 359.011084][ C1] ? rcu_softirq_qs+0x75/0x280 [ 359.011103][ C1] ? rcu_get_gp_kthreads_prio+0x10/0x10 [ 359.011123][ C1] ? handle_softirqs+0x1fd/0x820 [ 359.011141][ C1] handle_softirqs+0x328/0x820 [ 359.011157][ C1] ? run_ksoftirqd+0x98/0xf0 [ 359.011174][ C1] ? do_softirq+0x200/0x200 [ 359.011189][ C1] ? run_ksoftirqd+0x75/0xf0 [ 359.011203][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 359.011218][ C1] ? lockdep_hardirqs_off+0x70/0x100 [ 359.011235][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 359.011250][ C1] run_ksoftirqd+0x98/0xf0 [ 359.011265][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 359.011281][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 359.011301][ C1] ? smpboot_thread_fn+0x5bc/0x970 [ 359.011321][ C1] smpboot_thread_fn+0x4f6/0x970 [ 359.011343][ C1] kthread+0x436/0x520 [ 359.011357][ C1] ? cpu_report_death+0x180/0x180 [ 359.011374][ C1] ? kthread_blkcg+0xd0/0xd0 [ 359.011389][ C1] ret_from_fork+0x1f/0x30 [ 359.011411][ C1] [ 359.153829][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 359.852405][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 359.883413][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 359.948247][ T7575] device veth0_macvtap entered promiscuous mode [ 360.030010][ T7575] device veth1_macvtap entered promiscuous mode [ 360.094536][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 360.101474][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 [ 360.108718][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 360.119059][ T27] Call Trace: [ 360.122367][ T27] [ 360.125323][ T27] dump_stack_lvl+0x168/0x230 [ 360.130179][ T27] ? show_regs_print_info+0x20/0x20 [ 360.135441][ T27] ? load_image+0x3b0/0x3b0 [ 360.140008][ T27] panic+0x2c9/0x7f0 [ 360.143964][ T27] ? schedule_preempt_disabled+0x20/0x20 [ 360.149647][ T27] ? bpf_jit_dump+0xd0/0xd0 [ 360.154187][ T27] ? __irq_work_queue_local+0x12c/0x190 [ 360.159896][ T27] ? nmi_trigger_cpumask_backtrace+0x260/0x280 [ 360.161448][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 360.166185][ T27] watchdog+0xe4e/0xe50 [ 360.166225][ T27] kthread+0x436/0x520 [ 360.166245][ T27] ? hungtask_pm_notify+0x40/0x40 [ 360.166265][ T27] ? kthread_blkcg+0xd0/0xd0 [ 360.166287][ T27] ret_from_fork+0x1f/0x30 [ 360.166323][ T27] [ 360.167097][ T27] Kernel Offset: disabled [ 360.204290][ T27] Rebooting in 86400 seconds..