last executing test programs: 7.738219228s ago: executing program 1 (id=2475): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)}, 0x4048043) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) 7.508419248s ago: executing program 1 (id=2479): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x9c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x74, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x3c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_MASK={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x8, 0x1, "6eee7e00"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x110}}, 0x0) 7.296897597s ago: executing program 1 (id=2481): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@block_validity}, {}, {@nombcache}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@abort}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000a80)='./file1\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@usrjquota}, {@orlov}, {@norecovery}, {@barrier}, {@data_journal}]}, 0x66, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000002680)='.\x00', 0xa0, &(0x7f00000008c0)=ANY=[], 0xc, 0x0, &(0x7f0000000000)) 6.742728791s ago: executing program 1 (id=2484): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', 0x0}) r2 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r2, &(0x7f0000000240)="800000800000210ee7decd7a00", 0xd, 0x40, &(0x7f00000001c0)={0x11, 0x88a8, r1, 0x1, 0xd8, 0x6, @broadcast}, 0x14) 6.197598324s ago: executing program 1 (id=2485): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newtaction={0x70, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_FD={0x8, 0x5, r0}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) 6.028927802s ago: executing program 1 (id=2486): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)}, 0x4048043) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) 3.472229512s ago: executing program 2 (id=2497): syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f0000000140)={[{@nossd_spread}, {@acl}, {@enospc_debug}, {@nossd}, {@nodatasum}, {@autodefrag}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x39, 0x65, 0x36]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x0) 2.439583546s ago: executing program 0 (id=2503): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a", 0x23}], 0x1}, 0x0) 2.208372416s ago: executing program 0 (id=2505): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@block_validity}, {}, {@nombcache}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@abort}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000a80)='./file1\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@usrjquota}, {@orlov}, {@norecovery}, {@barrier}, {@data_journal}]}, 0x66, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000002680)='.\x00', 0xa0, &(0x7f00000008c0)=ANY=[], 0xc, 0x0, &(0x7f0000000000)) 1.824438152s ago: executing program 2 (id=2508): syz_emit_ethernet(0x7a, &(0x7f0000000580)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @loopback, {[@rr={0x7, 0x3}, @ssrr={0x89, 0x3, 0x2b}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0xc, [{@multicast1}, {@loopback, 0x200}, {@local}, {}, {@dev}, {@private}]}]}}}}}}}, 0x0) 1.570132003s ago: executing program 3 (id=2509): socket$inet6(0xa, 0x2, 0x0) r0 = fsopen(&(0x7f00000001c0)='mqueue\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 1.568765493s ago: executing program 0 (id=2510): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newtaction={0x70, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) 1.360039032s ago: executing program 3 (id=2511): r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYRESHEX]) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x1018}, './file0\x00'}) 1.17662988s ago: executing program 0 (id=2512): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_io_uring_setup(0x1774, &(0x7f0000000640)={0x0, 0x6005, 0x0, 0x1, 0x3b9}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) r4 = socket$alg(0x26, 0x5, 0x0) close(0x3) bind$alg(r4, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0) accept4(r4, 0x0, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0) sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000d00)=ANY=[], 0x124}, 0x1, 0x0, 0x0, 0x40}, 0x4000040) 1.083897524s ago: executing program 3 (id=2513): socket$inet6_sctp(0xa, 0x1, 0x84) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000740)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000380)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback, 0x8e9}, {0xa, 0x0, 0x0, @local}, r1}}, 0x48) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={0xffffffffffffffff}, 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000280)={0x1, 0x10, 0xfa00, {&(0x7f00000001c0), r2}}, 0x18) 984.568318ms ago: executing program 2 (id=2514): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2d19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) 742.956488ms ago: executing program 2 (id=2515): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/if_inet6\x00') read$FUSE(r0, &(0x7f0000004fc0)={0x2020}, 0x2020) pread64(r0, &(0x7f0000000940)=""/126, 0x7e, 0xe) read$usbmon(r0, &(0x7f00000000c0)=""/170, 0xaa) 741.839839ms ago: executing program 3 (id=2516): r0 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) 481.00373ms ago: executing program 3 (id=2517): r0 = socket(0x2, 0x3, 0x7f) sendto$inet(r0, 0x0, 0x0, 0x48890, &(0x7f0000000100)={0x2, 0x4e24, @broadcast}, 0x10) 474.16206ms ago: executing program 2 (id=2518): syz_mount_image$hfs(&(0x7f0000000480), &(0x7f0000000140)='./file1\x00', 0x3000840, &(0x7f00000004c0)=ANY=[@ANYBLOB="6469725f756d61736b3d303030303030303030303030303030342c66696c655f756d61736b3d30303030303030303030303030303030303030313334302c696f636861727365743d6d61637475726b6973682c636f6465706167653d69736f383835392d362c63726561746f723d4ddd71752c00eace691af6ae10469da9b01baceb6a9486a6be7f83429052dab3e6e5e287ba3d79e809945e4361c0019a8ed88ae1c6c541bb9a966c0e4d7bde2f8e3add0af5a9c74c520f889381fbcf573e0000000000"], 0x11, 0x2e1, &(0x7f0000000ac0)="$eJzs3U9rE08cx/HPbNIm/bX0t9qK4EGkGtCLaL2Il4jkQXgStUmhuFTUin9OVTyJ2Lt3n4KPQbwoPgE9eRLP9SArMzv5s0k2SaWbbfX9AstmZ2bnO52dnZmAXQH4Z11rfHl76Zv9Z6SSStLLK1IgqSqVJR3T8erDza2NrajVHHWhkk5WklJGSUkzkGdtszWsaFW+hBfaT2Ut9J5DPuI4vvq16CBQODf641L65Cn3JKj40ekSqwXFl+XZ3ov8mJO0nUcwh4jZ1a4ea7HoOAAAxTLJ/B74eX7Br9+DQKr5ad+txg/a/P+ndosOIHfxyNSe+d/1a2xsv//vkrr7PbeFs+lBe5c4Sc0zfZ9nldxZqdWlGberdLEEc+sbUev82t2oGei56l5PtmX3s5ncum1jol0ZsjcdoXO1ucwsZviKct61Yca2YTWJ/5GkVPxLI2vMgflgPpkbJtQbNTvrv3JsbDe5ngr7eiqJ/0L2FV0rQ5tL/rFRr9eDVJYjrpITvgZvTCurKmXVOOuvmfqCIBwXpyt1tK9U0rqLY0otDS212v6UUWo5Vcq2Zn0jep9d1VSY1+a6WdF3vVOjZ/0f2PhqGjkyu6PG1JKpwP3G7ehM92yPcs2n9M0cg8Ol81usZIX+c/QzDXvwSrd1WYsPnjy9U4qi1n17cCuyt6s76Jy5t+APotbMC6k36aAcaLt7pqLYGcjcnpSmGdi5fb2gfX6MzWxHWe7tss+BA9DvxR00PuZ4I/2K43iKzdnxA6M/qcBnE6am2+lFR4KC2HWXSfZ/3f1KOVns2R/h0HX6hF8E+CvGdo3d2cF1y8bJilzSf3vawc1n7+AG91wDe0a35zp9VjozeY2hj/MvYRr6rJt8/w8AAAAAAAAAAAAAAAAAAHDYTOP/SxTdRgAAAAAAAAAAAAAAAAAAAAAADrvO+3/Vfv+vJnv/b/+rWErJnwTfl/f/7myK9/8C+fsdAAD///XWeXc=") syz_mount_image$exfat(0x0, &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000)) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file1\x00', 0x120000, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0xc4) openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) 298.996537ms ago: executing program 3 (id=2519): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000002900)={0x64, 0x19, 0x1, 0x0, 0x0, {0x1d, 0xd601, 0x9}, [@nested={0x4d, 0x11, 0x0, 0x1, [@generic="25b57efaa223b473fe7783bc4a506cf756740574b89d316af9b5963870ef3391f3ac176f88d6e1db9b2bb2e5c90fafb663cdebaede447dc8f6f61c6615fcf740adda4853b2d23adb37"]}]}, 0x64}}, 0x8000) 184.876932ms ago: executing program 0 (id=2520): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newtaction={0x70, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) 48.422828ms ago: executing program 2 (id=2521): syz_emit_ethernet(0x7a, &(0x7f0000000580)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @loopback, {[@rr={0x7, 0x3}, @ssrr={0x89, 0x3, 0x2b}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0xc, [{@multicast1}, {@loopback, 0x200}, {@local}, {}, {@dev}, {@private}]}]}}}}}}}, 0x0) 0s ago: executing program 0 (id=2522): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2d19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) kernel console output (not intermixed with test programs): .074844][ T7724] loop0: detected capacity change from 0 to 2048 [ 153.127043][ T7724] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 153.184937][ T7724] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 153.894964][ T7747] loop3: detected capacity change from 0 to 2048 [ 153.951174][ T7747] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 154.017827][ T7747] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 154.714558][ T7779] 9pnet: Found fid 0 not clunked [ 156.485463][ T7842] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.781'. [ 158.077130][ T7848] netlink: 'syz.3.784': attribute type 39 has an invalid length. [ 161.993905][ T7919] netlink: 'syz.0.816': attribute type 39 has an invalid length. [ 162.540446][ T7942] netlink: 24 bytes leftover after parsing attributes in process `syz.1.826'. [ 162.622059][ T7944] loop0: detected capacity change from 0 to 4096 [ 162.695606][ T7944] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 162.878507][ T7944] ntfs3: loop0: ino=0, "file1" failed to parse mft record [ 163.518932][ T7961] loop1: detected capacity change from 0 to 4096 [ 163.618947][ T7973] loop3: detected capacity change from 0 to 64 [ 164.016413][ T27] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 164.246547][ T27] usb 2-1: Using ep0 maxpacket: 16 [ 164.266507][ T27] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.295728][ T27] usb 2-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00 [ 164.320957][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.359267][ T27] usb 2-1: config 0 descriptor?? [ 164.505041][ T8001] netlink: 24 bytes leftover after parsing attributes in process `syz.2.852'. [ 164.684732][ T7976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.720209][ T7976] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.006066][ T27] usbhid 2-1:0.0: can't add hid device: -71 [ 165.012266][ T27] usbhid: probe of 2-1:0.0 failed with error -71 [ 165.050697][ T27] usb 2-1: USB disconnect, device number 2 [ 165.087270][ T8020] loop0: detected capacity change from 0 to 128 [ 166.171392][ T8056] loop0: detected capacity change from 0 to 2048 [ 166.217618][ T8056] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 166.262652][ T8059] loop1: detected capacity change from 0 to 4096 [ 166.332932][ T8059] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 166.572526][ T8063] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 166.634634][ T8066] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 166.659518][ T8063] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 167.110574][ T1190] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 167.305999][ T1190] usb 4-1: Using ep0 maxpacket: 16 [ 167.325100][ T1190] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.341137][ T1190] usb 4-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00 [ 167.352444][ T1190] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.368349][ T1190] usb 4-1: config 0 descriptor?? [ 167.792012][ T8073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.853855][ T8073] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 168.086923][ T8094] loop1: detected capacity change from 0 to 32768 [ 168.116419][ T8094] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 168.127261][ T8094] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 168.136662][ T8094] BTRFS info (device loop1): setting nodatasum [ 168.142878][ T8094] BTRFS info (device loop1): enabling auto defrag [ 168.149511][ T8094] BTRFS info (device loop1): max_inline at 0 [ 168.155550][ T8094] BTRFS info (device loop1): using free space tree [ 168.234997][ T1190] usbhid 4-1:0.0: can't add hid device: -71 [ 168.249863][ T1190] usbhid: probe of 4-1:0.0 failed with error -71 [ 168.276748][ T1190] usb 4-1: USB disconnect, device number 2 [ 168.311162][ T8094] BTRFS info (device loop1): auto enabling async discard [ 168.459212][ T8094] overlayfs: missing 'lowerdir' [ 168.597955][ T8093] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 168.775450][ T8126] netlink: 'syz.2.900': attribute type 39 has an invalid length. [ 169.227277][ T8138] netlink: 4 bytes leftover after parsing attributes in process `syz.1.904'. [ 169.256381][ T8138] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 169.308509][ T8136] loop0: detected capacity change from 0 to 4096 [ 169.345531][ T8136] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 169.424378][ T8138] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 170.066943][ T8163] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 170.366762][ T5828] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 170.496663][ T8178] netlink: 4 bytes leftover after parsing attributes in process `syz.3.920'. [ 170.506232][ T8178] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 170.558190][ T5828] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 4 [ 170.576844][ T5828] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 170.596086][ T5828] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.612215][ T5828] usb 1-1: Product: syz [ 170.621673][ T5828] usb 1-1: Manufacturer: syz [ 170.634883][ T5828] usb 1-1: SerialNumber: syz [ 170.649028][ T5828] usb 1-1: config 0 descriptor?? [ 170.666499][ T8178] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 170.667660][ T5828] em28xx 1-1:0.0: New device syz syz @ 12 Mbps (2040:0264, interface 0, class 0) [ 170.685594][ T5828] em28xx 1-1:0.0: Device initialization failed. [ 170.692376][ T5828] em28xx 1-1:0.0: Device must be connected to a high-speed USB 2.0 port. [ 170.853141][ T8182] netlink: 'syz.1.931': attribute type 39 has an invalid length. [ 171.070964][ T27] usb 1-1: USB disconnect, device number 2 [ 171.169836][ T8184] loop3: detected capacity change from 0 to 32768 [ 171.182738][ T8184] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.922 (8184) [ 171.211870][ T8184] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 171.222329][ T8184] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 171.231498][ T8184] BTRFS info (device loop3): setting nodatasum [ 171.237772][ T8184] BTRFS info (device loop3): enabling auto defrag [ 171.244758][ T8184] BTRFS info (device loop3): max_inline at 0 [ 171.250874][ T8184] BTRFS info (device loop3): using free space tree [ 171.354555][ T8184] BTRFS info (device loop3): auto enabling async discard [ 171.375258][ T8205] fuse: Bad value for 'fd' [ 171.499690][ T8184] overlayfs: missing 'lowerdir' [ 171.618554][ T8184] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 171.937263][ T8218] netlink: 'syz.1.933': attribute type 39 has an invalid length. [ 172.862710][ T5828] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 172.892088][ T8243] netlink: 'syz.2.944': attribute type 39 has an invalid length. [ 173.067602][ T5828] usb 2-1: Using ep0 maxpacket: 16 [ 173.087601][ T5828] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.129442][ T5828] usb 2-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00 [ 173.146168][ T5828] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.171982][ T5828] usb 2-1: config 0 descriptor?? [ 173.315024][ T8259] loop3: detected capacity change from 0 to 2048 [ 173.354313][ T8259] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 173.462019][ T8241] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 173.480589][ T8241] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 173.516994][ T5828] usbhid 2-1:0.0: can't add hid device: -71 [ 173.531294][ T5828] usbhid: probe of 2-1:0.0 failed with error -71 [ 173.549607][ T5828] usb 2-1: USB disconnect, device number 3 [ 173.571015][ T8263] loop0: detected capacity change from 0 to 1024 [ 173.627164][ T8263] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a803c018, mo2=0002] [ 173.663209][ T8263] System zones: 0-1, 3-8 [ 173.690321][ T8263] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 173.710807][ T8263] ext4 filesystem being mounted at /269/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 173.743368][ T8270] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 173.791481][ T8270] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 173.800221][ T8263] EXT4-fs warning (device loop0): ext4_empty_dir:3156: inode #12: comm syz.0.954: directory missing '..' [ 173.885465][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 174.150913][ T8280] netlink: 24 bytes leftover after parsing attributes in process `syz.0.959'. [ 174.431524][ T8285] loop3: detected capacity change from 0 to 4096 [ 174.545776][ T8285] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 174.992118][ T8303] netlink: 24 bytes leftover after parsing attributes in process `syz.3.971'. [ 175.015686][ T8301] loop0: detected capacity change from 0 to 2048 [ 175.117727][ T8301] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 175.500650][ T8318] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 175.517508][ T8318] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 175.926872][ T8333] netlink: 'syz.3.983': attribute type 39 has an invalid length. [ 176.472134][ T8357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.994'. [ 176.529411][ T8360] netlink: 'syz.1.996': attribute type 39 has an invalid length. [ 176.622203][ T8362] netlink: 4 bytes leftover after parsing attributes in process `syz.3.997'. [ 176.680448][ T8367] netlink: 24 bytes leftover after parsing attributes in process `syz.1.999'. [ 177.766348][ T8395] netlink: 'syz.0.1007': attribute type 39 has an invalid length. [ 178.020514][ T8394] loop3: detected capacity change from 0 to 32768 [ 178.030687][ T8394] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.1009 (8394) [ 178.048869][ T8394] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 178.059188][ T8394] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 178.068610][ T8394] BTRFS info (device loop3): force clearing of disk cache [ 178.075778][ T8394] BTRFS info (device loop3): using free space tree [ 178.208749][ T8394] BTRFS info (device loop3): enabling ssd optimizations [ 178.216375][ T8394] BTRFS info (device loop3): auto enabling async discard [ 178.235816][ T8394] BTRFS info (device loop3): rebuilding free space tree [ 178.355457][ T8418] loop0: detected capacity change from 0 to 1024 [ 178.553778][ T5787] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 178.584385][ T8418] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5 [ 178.643822][ T8418] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 178.715999][ T8418] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1013: Failed to acquire dquot type 0 [ 178.779472][ T8418] EXT4-fs error (device loop0): mb_free_blocks:1938: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 178.817616][ T8418] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.1013: corrupted inode contents [ 178.894286][ T8418] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #13: comm syz.0.1013: mark_inode_dirty error [ 178.953784][ T8418] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.1013: corrupted inode contents [ 179.001409][ T8418] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #13: comm syz.0.1013: mark_inode_dirty error [ 179.051216][ T8418] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.1013: corrupted inode contents [ 179.146054][ T8418] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 179.194383][ T8438] netlink: 'syz.3.1019': attribute type 39 has an invalid length. [ 179.209800][ T8418] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.1013: corrupted inode contents [ 179.271386][ T8418] EXT4-fs error (device loop0): ext4_truncate:4294: inode #13: comm syz.0.1013: mark_inode_dirty error [ 179.311538][ T8418] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 179.369788][ T8418] EXT4-fs (loop0): 1 truncate cleaned up [ 179.397448][ T8418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.460609][ T8445] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1022'. [ 179.580465][ T8418] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 179.623653][ T8418] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5 [ 179.655016][ T8418] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 179.684059][ T8418] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1013: Failed to acquire dquot type 0 [ 179.821981][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.520386][ T8472] netlink: 'syz.1.1030': attribute type 39 has an invalid length. [ 180.790848][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d57fc00: rx timeout, send abort [ 180.814452][ T8487] loop3: detected capacity change from 0 to 512 [ 180.843883][ T8487] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 180.875228][ T8487] EXT4-fs (loop3): 1 truncate cleaned up [ 180.909586][ T8487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 180.997364][ T8487] syz.3.1038 (pid 8487) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 181.122854][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.290952][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d57e800: rx timeout, send abort [ 181.300833][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d57fc00: abort rx timeout. Force session deactivation [ 181.358165][ T8505] netlink: 'syz.1.1043': attribute type 39 has an invalid length. [ 181.780729][ T8523] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 181.799314][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d57e800: abort rx timeout. Force session deactivation [ 181.932715][ T8531] netlink: 'syz.1.1055': attribute type 39 has an invalid length. [ 182.152834][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d1f1c00: rx timeout, send abort [ 182.232723][ T8542] netlink: 'syz.1.1061': attribute type 39 has an invalid length. [ 182.358742][ T8549] loop1: detected capacity change from 0 to 256 [ 182.377175][ T8549] exfat: Deprecated parameter 'utf8' [ 182.409908][ T8549] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 182.500885][ T8553] loop3: detected capacity change from 0 to 512 [ 182.515117][ T8553] EXT4-fs (loop3): Cannot use DAX on a filesystem that may contain inline data [ 182.652974][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d1f1000: rx timeout, send abort [ 182.661829][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d1f1c00: abort rx timeout. Force session deactivation [ 182.931156][ T8559] loop0: detected capacity change from 0 to 1024 [ 182.967062][ T8559] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5 [ 182.980283][ T8559] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 182.990516][ T8559] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1067: Failed to acquire dquot type 0 [ 183.006813][ T8559] EXT4-fs error (device loop0): mb_free_blocks:1938: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 183.036058][ T8559] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.1067: corrupted inode contents [ 183.060402][ T8559] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #13: comm syz.0.1067: mark_inode_dirty error [ 183.076413][ T8559] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.1067: corrupted inode contents [ 183.106905][ T8559] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #13: comm syz.0.1067: mark_inode_dirty error [ 183.158139][ T8559] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.1067: corrupted inode contents [ 183.161384][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d1f1000: abort rx timeout. Force session deactivation [ 183.200832][ T8559] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 183.223473][ T8559] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.1067: corrupted inode contents [ 183.248268][ T8559] EXT4-fs error (device loop0): ext4_truncate:4294: inode #13: comm syz.0.1067: mark_inode_dirty error [ 183.260096][ T8559] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 183.290178][ T8559] EXT4-fs (loop0): 1 truncate cleaned up [ 183.300582][ T8559] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.399554][ T8559] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 183.453469][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.564683][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1071'. [ 185.573864][ T8572] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 185.666154][ T8572] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 185.718767][ T8581] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1075'. [ 185.902592][ T8589] 9pnet_fd: Insufficient options for proto=fd [ 185.955578][ T8593] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1078'. [ 186.168516][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d978c00: rx timeout, send abort [ 186.220125][ T8598] loop1: detected capacity change from 0 to 2048 [ 186.238668][ T8598] NILFS (loop1): unrecognized mount option "0x0000000000000003" [ 186.492946][ T8609] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1087'. [ 186.556421][ T8612] 9pnet_fd: Insufficient options for proto=fd [ 186.564276][ T8613] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1088'. [ 186.668647][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d5a2800: rx timeout, send abort [ 186.677365][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d978c00: abort rx timeout. Force session deactivation [ 187.036262][ T8628] loop1: detected capacity change from 0 to 2048 [ 187.078515][ T8628] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 187.177185][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d5a2800: abort rx timeout. Force session deactivation [ 187.385065][ T8636] 9pnet_fd: Insufficient options for proto=fd [ 187.414700][ T8638] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1100'. [ 187.558913][ T8642] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1101'. [ 188.043878][ T8658] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1111'. [ 188.068092][ T8660] 9pnet_fd: Insufficient options for proto=fd [ 188.371157][ T8669] loop3: detected capacity change from 0 to 512 [ 189.200387][ T8683] 9pnet_fd: Insufficient options for proto=fd [ 190.835830][ T8702] loop3: detected capacity change from 0 to 512 [ 190.912251][ T8702] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 190.944864][ T8702] EXT4-fs (loop3): 1 truncate cleaned up [ 190.952941][ T8702] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 191.038553][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.166426][ T8706] loop3: detected capacity change from 0 to 2048 [ 191.199992][ T8706] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 191.513158][ T8710] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 191.524859][ T8710] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 191.907298][ T8684] netlink: 'syz.2.1121': attribute type 39 has an invalid length. [ 191.915360][ T8695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1125'. [ 192.053516][ T8714] 9pnet_fd: Insufficient options for proto=fd [ 192.276748][ T9] libceph: connect (1)[c::]:6789 error -101 [ 192.283818][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 192.331395][ T8719] ceph: No mds server is up or the cluster is laggy [ 192.431268][ T8731] loop3: detected capacity change from 0 to 256 [ 192.454745][ T8731] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 192.704075][ T5871] kernel write not supported for file /video8 (pid: 5871 comm: kworker/1:5) [ 192.762029][ T8738] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 194.674492][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.681998][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.337456][ T8746] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1141'. [ 195.356059][ T8756] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1144'. [ 195.666208][ T5871] kernel read not supported for file /input/event1 (pid: 5871 comm: kworker/1:5) [ 195.901710][ T8774] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1153'. [ 196.052913][ T8780] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1154'. [ 198.742741][ T8791] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1158'. [ 198.756553][ T8800] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1162'. [ 199.028409][ T8806] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1164'. [ 199.318507][ T8821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1172'. [ 199.390905][ T8823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1173'. [ 199.507539][ T8830] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 199.859593][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 199.876198][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 199.904069][ T8844] ceph: No mds server is up or the cluster is laggy [ 200.001528][ T8852] loop0: detected capacity change from 0 to 256 [ 200.012678][ T8853] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1183'. [ 200.112944][ T8852] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 200.380043][ T8863] 9pnet_fd: Insufficient options for proto=fd [ 200.766777][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 200.773291][ T8882] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1193'. [ 200.776996][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 200.800485][ T8878] ceph: No mds server is up or the cluster is laggy [ 200.819513][ T8883] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 200.941861][ T8889] loop0: detected capacity change from 0 to 256 [ 201.031155][ T8889] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 201.599595][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 201.605993][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 201.636751][ T8912] ceph: No mds server is up or the cluster is laggy [ 201.738290][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805d6a6000: rx timeout, send abort [ 201.748705][ T8920] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1207'. [ 201.861121][ T5791] Bluetooth: hci0: command 0x0406 tx timeout [ 201.867434][ T5797] Bluetooth: hci2: command 0x0406 tx timeout [ 201.867513][ T5803] Bluetooth: hci1: command 0x0406 tx timeout [ 201.873458][ T5797] Bluetooth: hci3: command 0x0406 tx timeout [ 202.238425][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805d6a6400: rx timeout, send abort [ 202.247262][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805d6a6000: abort rx timeout. Force session deactivation [ 202.314803][ T8936] loop1: detected capacity change from 0 to 128 [ 202.380594][ T8936] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 202.406940][ T8936] ext4 filesystem being mounted at /288/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 202.747074][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805d6a6400: abort rx timeout. Force session deactivation [ 203.167795][ T5786] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 203.233385][ T8969] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 204.062201][ T9005] 9pnet: Could not find request transport: fd0x0000000000000003 [ 204.106833][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d1e0c00: rx timeout, send abort [ 204.204556][ T9] libceph: connect (1)[c::]:6789 error -101 [ 204.220079][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 204.488506][ T9] libceph: connect (1)[c::]:6789 error -101 [ 204.494645][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 204.508773][ T9028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 204.606952][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d1e1800: rx timeout, send abort [ 204.615371][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d1e0c00: abort rx timeout. Force session deactivation [ 204.667458][ T9031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1248'. [ 204.886539][ T9037] 9pnet: Could not find request transport: fd0x0000000000000003 [ 204.902746][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 205.016570][ T9] libceph: connect (1)[c::]:6789 error -101 [ 205.023933][ T9014] ceph: No mds server is up or the cluster is laggy [ 205.036233][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 205.115330][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d1e1800: abort rx timeout. Force session deactivation [ 205.329968][ T9047] 9pnet_fd: Insufficient options for proto=fd [ 205.351033][ T9051] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1257'. [ 205.737661][ T9062] 9pnet: Could not find request transport: fd0x0000000000000003 [ 205.905399][ T9072] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1264'. [ 206.317573][ T9082] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1269'. [ 206.537192][ T9087] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1271'. [ 206.730110][ T9095] 9pnet_fd: Insufficient options for proto=fd [ 206.778231][ T9097] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1275'. [ 206.885950][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 207.015358][ T9106] loop3: detected capacity change from 0 to 2048 [ 207.064789][ T9108] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 207.083668][ T9] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 207.104553][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.123818][ T9] usb 2-1: Product: syz [ 207.136326][ T9] usb 2-1: Manufacturer: syz [ 207.150441][ T9] usb 2-1: SerialNumber: syz [ 207.165808][ T9] usb 2-1: config 0 descriptor?? [ 207.190540][ T9] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 207.221738][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 207.237030][ T9] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 207.258713][ T9] usb 2-1: media controller created [ 207.322353][ T9114] overlayfs: failed to resolve './file1/file0': -2 [ 207.338177][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 207.498923][ T9] DVB: Unable to find symbol mt352_attach() [ 207.509766][ T9118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1283'. [ 207.565573][ T9] DVB: Unable to find symbol nxt6000_attach() [ 207.579744][ T9] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 207.624670][ T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input8 [ 207.635133][ T9123] 9pnet_fd: Insufficient options for proto=fd [ 207.653071][ T9] dvb-usb: schedule remote query interval to 1000 msecs. [ 207.661347][ T9] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 207.678434][ T9] dvb-usb: bulk message failed: -22 (7/0) [ 207.695310][ T9] dvb-usb: bulk message failed: -22 (7/0) [ 207.748693][ T9] usb 2-1: USB disconnect, device number 4 [ 207.853053][ T9125] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1286'. [ 208.018408][ T9] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 208.171390][ T9138] 9pnet_fd: Insufficient options for proto=fd [ 208.353791][ T9142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1292'. [ 208.356094][ T9143] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 208.394164][ T9144] overlayfs: failed to resolve './file1/file0': -2 [ 208.816441][ T9164] loop0: detected capacity change from 0 to 128 [ 208.853088][ T9164] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 208.876421][ T9164] ext4 filesystem being mounted at /353/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 208.933073][ T9169] 9pnet_fd: Insufficient options for proto=fd [ 209.022883][ T9171] loop1: detected capacity change from 0 to 2048 [ 209.044396][ T9171] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 209.147078][ T9172] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 209.166620][ T9172] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 209.184139][ T5789] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 209.436858][ T9179] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1304'. [ 209.519954][ T9181] overlayfs: failed to resolve './file1/file0': -2 [ 209.996657][ T9193] 9pnet_fd: Insufficient options for proto=fd [ 210.200379][ T9202] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 210.296538][ T9207] process 'syz.2.1316' launched '/dev/fd/4' with NULL argv: empty string added [ 210.662189][ T9223] overlayfs: failed to clone upperpath [ 210.834602][ T9227] 9pnet_fd: Insufficient options for proto=fd [ 211.337085][ T9249] loop1: detected capacity change from 0 to 512 [ 211.351267][ T9249] EXT4-fs: Ignoring removed bh option [ 211.382423][ T9250] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1332'. [ 211.399143][ T9249] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 211.438621][ T9249] EXT4-fs (loop1): 1 truncate cleaned up [ 211.449721][ T9249] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.484918][ T9254] overlayfs: failed to clone upperpath [ 211.754323][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.882071][ T9260] loop3: detected capacity change from 0 to 4096 [ 211.924343][ T9260] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 212.495172][ T9282] overlayfs: failed to clone upperpath [ 212.586738][ T9286] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1344'. [ 213.191891][ T9312] overlayfs: overlapping lowerdir path [ 213.339004][ T9317] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1356'. [ 213.433662][ T9323] loop0: detected capacity change from 0 to 512 [ 213.465334][ T9323] EXT4-fs: Ignoring removed bh option [ 213.498438][ T9323] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 213.667431][ T9330] loop3: detected capacity change from 0 to 2048 [ 213.713405][ T9330] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 213.767712][ T9323] EXT4-fs (loop0): 1 truncate cleaned up [ 213.785135][ T9323] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 213.933253][ T9332] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 213.992449][ T9332] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 214.114418][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.637015][ T9353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1368'. [ 215.536470][ T9390] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1383'. [ 216.152011][ T9409] loop0: detected capacity change from 0 to 2048 [ 216.170157][ T9409] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 216.270368][ T9413] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 216.317492][ T9413] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 216.813445][ T9428] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1396'. [ 217.662880][ T9456] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1407'. [ 218.142789][ T9472] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 218.149918][ T9472] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 218.165229][ T9472] vhci_hcd vhci_hcd.0: Device attached [ 218.172652][ T9477] overlayfs: missing 'lowerdir' [ 218.196118][ T9472] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(6) [ 218.202720][ T9472] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 218.225973][ T9472] vhci_hcd vhci_hcd.0: Device attached [ 218.240465][ T9472] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 218.293574][ T9472] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 218.318651][ T9474] vhci_hcd: cannot find a urb of seqnum 257 max seqnum 0 [ 218.335170][ T9479] vhci_hcd: connection closed [ 218.357575][ T11] vhci_hcd: stop threads [ 218.381234][ T11] vhci_hcd: release socket [ 218.396375][ T11] vhci_hcd: disconnect device [ 218.407285][ T11] vhci_hcd: stop threads [ 218.416382][ T11] vhci_hcd: release socket [ 218.421135][ T11] vhci_hcd: disconnect device [ 218.426036][ T5828] usb 39-1: new high-speed USB device number 2 using vhci_hcd [ 218.433676][ T5828] usb 39-1: enqueue for inactive port 0 [ 218.528578][ T9488] syzkaller0: create flow: hash 178354757 index 1 [ 218.562024][ T5828] vhci_hcd: vhci_device speed not set [ 218.726003][ T9481] syzkaller0: delete flow: hash 178354757 index 1 [ 219.161314][ T9507] overlayfs: missing 'lowerdir' [ 219.361519][ T9] libceph: connect (1)[c::]:6789 error -101 [ 219.368570][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 219.393488][ T9513] ceph: No mds server is up or the cluster is laggy [ 220.065114][ T9534] overlayfs: missing 'lowerdir' [ 220.475310][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 220.480899][ T9544] ceph: No mds server is up or the cluster is laggy [ 220.483032][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 220.650138][ T9549] overlayfs: failed to resolve './cgroup': -2 [ 222.558302][ T9563] fuse: Bad value for 'fd' [ 222.775678][ T9] libceph: connect (1)[c::]:6789 error -101 [ 222.784455][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 222.850347][ T9568] ceph: No mds server is up or the cluster is laggy [ 223.044024][ T28] audit: type=1326 audit(1764741921.771:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288618f749 code=0x7ffc0000 [ 223.083104][ T9582] overlayfs: failed to clone upperpath [ 223.116249][ T28] audit: type=1326 audit(1764741921.801:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288618f749 code=0x7ffc0000 [ 223.191467][ T28] audit: type=1326 audit(1764741921.801:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f288618f749 code=0x7ffc0000 [ 223.234433][ T28] audit: type=1326 audit(1764741921.801:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288618f749 code=0x7ffc0000 [ 223.268677][ T28] audit: type=1326 audit(1764741921.801:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f288618f749 code=0x7ffc0000 [ 223.274987][ T9589] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 223.297452][ T9589] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 223.346484][ T9589] vhci_hcd vhci_hcd.0: Device attached [ 223.363628][ T9590] vhci_hcd: connection closed [ 223.364034][ T49] vhci_hcd: stop threads [ 223.394181][ T49] vhci_hcd: release socket [ 223.407425][ T49] vhci_hcd: disconnect device [ 223.498693][ T9598] Bluetooth: MGMT ver 1.22 [ 223.527196][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 223.533822][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 223.554357][ T9602] ceph: No mds server is up or the cluster is laggy [ 223.681698][ T28] audit: type=1326 audit(1764741922.411:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.2.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 223.714261][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 223.725645][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 223.732420][ T9609] ceph: No mds server is up or the cluster is laggy [ 223.742107][ T28] audit: type=1326 audit(1764741922.411:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.2.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 223.764818][ T28] audit: type=1326 audit(1764741922.411:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.2.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 223.788829][ T28] audit: type=1326 audit(1764741922.411:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.2.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 223.811189][ T28] audit: type=1326 audit(1764741922.411:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.2.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 224.144346][ T9625] fuse: Bad value for 'fd' [ 224.478092][ T9] kernel write not supported for file /dsp (pid: 9 comm: kworker/0:1) [ 224.500063][ T9627] loop0: detected capacity change from 0 to 32768 [ 224.516045][ T9627] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 224.559823][ T9627] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 224.739235][ T9627] overlayfs: upper fs does not support tmpfile. [ 224.752359][ T9627] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 224.759478][ T9627] overlayfs: failed to set xattr on upper [ 224.765246][ T9627] overlayfs: ...falling back to redirect_dir=nofollow. [ 224.772229][ T9627] overlayfs: ...falling back to index=off. [ 224.778407][ T9627] overlayfs: ...falling back to uuid=null. [ 224.784505][ T9627] overlayfs: upper fs missing required features. [ 224.819525][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 224.825679][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 224.872124][ T9643] ceph: No mds server is up or the cluster is laggy [ 224.916253][ T9627] (syz.0.1468,9627,1):ocfs2_file_write_iter:2445 ERROR: status = -27 [ 224.937657][ T9627] syz.0.1468 (9627) used greatest stack depth: 19248 bytes left [ 225.043178][ T5789] ocfs2: Unmounting device (7,0) on (node local) [ 225.729990][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 225.745399][ T9674] ceph: No mds server is up or the cluster is laggy [ 225.746378][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 225.767458][ T9678] 9pnet_fd: Insufficient options for proto=fd [ 225.798606][ T9682] loop0: detected capacity change from 0 to 64 [ 226.496922][ T5828] libceph: connect (1)[c::]:6789 error -101 [ 226.503152][ T5828] libceph: mon0 (1)[c::]:6789 connect error [ 226.533385][ T9701] ceph: No mds server is up or the cluster is laggy [ 226.539928][ T9706] 9pnet_fd: Insufficient options for proto=fd [ 227.361871][ T5871] libceph: connect (1)[c::]:6789 error -101 [ 227.378611][ T5871] libceph: mon0 (1)[c::]:6789 connect error [ 227.405021][ T9730] ceph: No mds server is up or the cluster is laggy [ 227.478694][ T9726] loop0: detected capacity change from 0 to 32768 [ 227.604737][ T9726] mmap: syz.0.1511 (9726) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 228.851170][ T9777] 9pnet_fd: Insufficient options for proto=fd [ 228.944240][ T9780] loop0: detected capacity change from 0 to 2048 [ 229.152831][ T9780] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 229.280693][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 229.280710][ T28] audit: type=1800 audit(1764741928.011:49): pid=9780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1534" name="file1" dev="loop0" ino=1367 res=0 errno=0 [ 229.326911][ T9780] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 229.379133][ T9790] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 229.989124][ T9809] loop3: detected capacity change from 0 to 1024 [ 230.041105][ T9813] overlayfs: failed to clone upperpath [ 230.294793][ T9816] loop0: detected capacity change from 0 to 2048 [ 230.355473][ T9816] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 230.441835][ T28] audit: type=1800 audit(1764741929.161:50): pid=9816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1549" name="file1" dev="loop0" ino=1367 res=0 errno=0 [ 230.474225][ T9816] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 230.521955][ T9816] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 230.552934][ T11] hfsplus: bad catalog file entry [ 230.631653][ T11] hfsplus: b-tree write err: -5, ino 3 [ 230.685554][ T9817] loop1: detected capacity change from 0 to 32768 [ 230.710795][ T9817] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 230.776793][ T9817] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 231.074391][ T5786] ocfs2: Unmounting device (7,1) on (node local) [ 231.221242][ T9835] loop3: detected capacity change from 0 to 128 [ 231.675075][ T9845] loop3: detected capacity change from 0 to 2048 [ 231.754542][ T9845] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 231.795303][ T28] audit: type=1800 audit(1764741930.521:51): pid=9845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1561" name="file1" dev="loop3" ino=1367 res=0 errno=0 [ 231.837498][ T9845] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 231.856808][ T9845] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 232.138657][ T9851] loop1: detected capacity change from 0 to 32768 [ 232.181256][ T9851] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 232.224633][ T9851] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 232.305961][ T5828] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 232.441217][ T5786] ocfs2: Unmounting device (7,1) on (node local) [ 232.505967][ T5828] usb 1-1: Using ep0 maxpacket: 16 [ 232.537281][ T5828] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 232.557783][ T5828] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFC, skipping [ 232.578254][ T5828] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 232.613276][ T5828] usb 1-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 232.623698][ T5828] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.665166][ T5828] usb 1-1: Product: syz [ 232.685500][ T5828] usb 1-1: Manufacturer: syz [ 232.695524][ T5828] usb 1-1: SerialNumber: syz [ 232.736155][ T5828] usb 1-1: config 0 descriptor?? [ 233.004303][ T9878] loop1: detected capacity change from 0 to 2048 [ 233.041052][ T9880] 9pnet_fd: Insufficient options for proto=fd [ 233.092812][ T9878] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 233.094917][ T9876] loop3: detected capacity change from 0 to 32768 [ 233.121852][ T9876] OCFS2: ERROR (device loop3): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #69: i_blkno is 134217797 [ 233.137914][ T9876] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 233.147967][ T9876] OCFS2: File system is now read-only. [ 233.153470][ T9876] (syz.3.1574,9876,0):ocfs2_read_locked_inode:521 ERROR: status = -30 [ 233.162301][ T9876] (syz.3.1574,9876,0):_ocfs2_get_system_file_inode:144 ERROR: status = -30 [ 233.171482][ T9876] (syz.3.1574,9876,0):ocfs2_init_global_system_inodes:461 ERROR: status = -30 [ 233.180497][ T9876] (syz.3.1574,9876,0):ocfs2_init_global_system_inodes:463 ERROR: Unable to load system inode 2, possibly corrupt fs? [ 233.180541][ T9876] (syz.3.1574,9876,0):ocfs2_init_global_system_inodes:472 ERROR: status = -30 [ 233.202217][ T9876] (syz.3.1574,9876,0):ocfs2_initialize_super:2254 ERROR: status = -30 [ 233.210658][ T9876] (syz.3.1574,9876,0):ocfs2_fill_super:1178 ERROR: status = -30 [ 233.245165][ T9849] loop0: detected capacity change from 0 to 2048 [ 233.311264][ T9849] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.317289][ T9884] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 233.387815][ T27] usb 1-1: USB disconnect, device number 3 [ 233.406429][ T9884] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 233.781642][ T9889] loop3: detected capacity change from 0 to 32768 [ 233.835125][ T9889] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 233.875698][ T9889] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 234.055979][ T5787] ocfs2: Unmounting device (7,3) on (node local) [ 234.088358][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.253337][ T9904] loop3: detected capacity change from 0 to 764 [ 234.298021][ T9904] rock: directory entry would overflow storage [ 234.304765][ T9904] rock: sig=0x4654, size=5, remaining=4 [ 234.422761][ T9909] loop1: detected capacity change from 0 to 512 [ 234.488880][ T9909] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1586: inode has both inline data and extents flags [ 234.536364][ T9909] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1586: couldn't read orphan inode 15 (err -117) [ 234.588797][ T9909] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 234.909880][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.229023][ T9921] loop3: detected capacity change from 0 to 32768 [ 235.445227][ T9921] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 235.475726][ T9929] loop1: detected capacity change from 0 to 1024 [ 235.524502][ T9921] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 235.593279][ T9929] EXT4-fs: Ignoring removed nomblk_io_submit option [ 235.754213][ T5787] ocfs2: Unmounting device (7,3) on (node local) [ 235.767637][ T9929] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.922839][ T28] audit: type=1800 audit(1764741934.651:52): pid=9929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1593" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 236.109872][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.624727][ T9958] loop1: detected capacity change from 0 to 2048 [ 236.692438][ T9961] loop3: detected capacity change from 0 to 512 [ 236.721340][ T9958] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 236.815171][ T9961] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1606: inode has both inline data and extents flags [ 236.923865][ T9961] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1606: couldn't read orphan inode 15 (err -117) [ 236.985782][ T9965] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 237.027823][ T9961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.032279][ T9965] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 237.190101][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.446814][ T9984] loop1: detected capacity change from 0 to 32768 [ 238.477529][ T9984] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 238.556986][ T9984] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 240.200118][ T5786] ocfs2: Unmounting device (7,1) on (node local) [ 240.580092][ T9998] loop1: detected capacity change from 0 to 764 [ 240.595615][ T9998] rock: directory entry would overflow storage [ 240.602264][ T9998] rock: sig=0x4654, size=5, remaining=4 [ 240.847189][T10006] overlayfs: failed to resolve './file1': -2 [ 240.963456][T10012] loop1: detected capacity change from 0 to 64 [ 241.038118][T10012] hfs: get root inode failed [ 241.157545][T10018] loop3: detected capacity change from 0 to 2048 [ 241.160702][ T9133] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 241.221438][T10018] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 241.351817][T10018] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 241.371180][T10018] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh [ 241.419729][T10012] loop1: detected capacity change from 0 to 4096 [ 241.666691][T10028] block device autoloading is deprecated and will be removed. [ 242.181759][T10054] overlayfs: missing 'lowerdir' [ 242.442764][T10066] 9pnet_fd: Insufficient options for proto=fd [ 242.568304][T10069] loop1: detected capacity change from 0 to 256 [ 242.597186][T10069] exfat: Deprecated parameter 'namecase' [ 242.602941][T10069] exfat: Deprecated parameter 'namecase' [ 242.654520][T10069] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 242.711227][T10074] overlayfs: failed to resolve './file0': -2 [ 242.850463][T10076] overlayfs: missing 'lowerdir' [ 243.986327][T10106] loop1: detected capacity change from 0 to 2048 [ 244.015667][T10106] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 244.112428][T10106] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 244.171931][T10106] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 244.388494][T10110] overlayfs: missing 'workdir' [ 244.982604][T10120] 9pnet_fd: Insufficient options for proto=fd [ 245.826099][ T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 246.020088][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 246.063220][ T9] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 246.072714][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.080942][ T9] usb 2-1: Product: syz [ 246.085156][ T9] usb 2-1: Manufacturer: syz [ 246.089957][ T9] usb 2-1: SerialNumber: syz [ 246.110664][ T9] usb 2-1: config 0 descriptor?? [ 246.126481][ T9] gspca_main: sq930x-2.14.0 probing 2770:930c [ 246.479348][T10094] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1664'. [ 246.488722][T10094] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1664'. [ 246.497854][T10094] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1664'. [ 246.509956][T10094] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1664'. [ 247.385974][ T9] gspca_sq930x: reg_w 0105 0c00 failed -71 [ 247.545924][T10152] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.555383][T10152] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.639937][ T9] gspca_sq930x: Sensor ov9630 not yet treated [ 247.651945][ T9] sq930x: probe of 2-1:0.0 failed with error -22 [ 247.672230][ T9] usb 2-1: USB disconnect, device number 5 [ 247.823307][T10152] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.241872][T10152] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.252365][T10152] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.266069][T10152] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.275007][T10152] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.957643][T10207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1699'. [ 250.012031][T10233] loop3: detected capacity change from 0 to 32768 [ 250.129973][T10233] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 250.175054][T10233] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 250.369863][ T5787] ocfs2: Unmounting device (7,3) on (node local) [ 252.619711][T10232] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1710'. [ 252.844723][T10250] loop1: detected capacity change from 0 to 764 [ 252.860306][T10250] rock: directory entry would overflow storage [ 252.867319][T10250] rock: sig=0x4654, size=5, remaining=4 [ 253.088252][T10263] netlink: 'syz.3.1723': attribute type 4 has an invalid length. [ 253.181320][T10264] loop1: detected capacity change from 0 to 2048 [ 253.249281][T10267] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 253.491294][T10273] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1728'. [ 254.064131][T10266] loop0: detected capacity change from 0 to 32768 [ 254.111594][T10266] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 254.220618][T10266] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 254.433521][ T5789] ocfs2: Unmounting device (7,0) on (node local) [ 254.775166][T10297] loop0: detected capacity change from 0 to 128 [ 255.386766][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 255.428781][T10307] loop0: detected capacity change from 0 to 2048 [ 255.462309][T10307] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 256.100156][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.109146][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.536136][T10178] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 256.737148][T10178] usb 1-1: Using ep0 maxpacket: 16 [ 256.745260][T10178] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 256.762796][T10178] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 256.771986][T10178] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.785790][T10178] usb 1-1: config 0 descriptor?? [ 257.274087][T10178] mcp2221 0003:04D8:00DD.0001: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 257.412909][T10293] netlink: 'syz.1.1737': attribute type 4 has an invalid length. [ 257.654645][T10318] overlayfs: missing 'workdir' [ 257.864006][ T5174] usb 1-1: USB disconnect, device number 4 [ 258.397793][T10330] loop1: detected capacity change from 0 to 1024 [ 258.433080][T10330] EXT4-fs: Ignoring removed orlov option [ 258.495756][T10330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 258.515490][T10326] loop3: detected capacity change from 0 to 32768 [ 258.543587][T10326] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 258.552396][T10326] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 258.585512][T10326] gfs2: fsid=syz:syz.s: journal 0 mapped with 7 extents in 0ms [ 258.659845][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.683900][T10336] loop0: detected capacity change from 0 to 128 [ 258.729666][T10336] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 258.764229][T10326] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 258.777788][T10326] gfs2: fsid=syz:syz.s: can't initialize statfs subsystem: -30 [ 258.838851][T10330] EXT4-fs: Ignoring removed orlov option [ 258.839393][T10336] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 258.844651][T10330] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 258.891096][T10330] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1754: Abort forced by user [ 258.947538][T10330] EXT4-fs (loop1): Remounting filesystem read-only [ 258.954126][T10330] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 259.179859][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.318627][T10343] overlayfs: missing 'workdir' [ 259.691426][T10355] loop1: detected capacity change from 0 to 128 [ 259.730153][T10355] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 259.773320][T10355] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 259.848551][T10356] netlink: 'syz.0.1763': attribute type 2 has an invalid length. [ 260.112754][T10358] loop3: detected capacity change from 0 to 32768 [ 260.438002][T10366] overlayfs: missing 'workdir' [ 260.692256][T10378] loop0: detected capacity change from 0 to 764 [ 260.747185][T10378] rock: directory entry would overflow storage [ 260.757120][T10378] rock: sig=0x4654, size=5, remaining=4 [ 260.855744][T10382] loop1: detected capacity change from 0 to 128 [ 260.879420][T10382] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 260.929331][T10382] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 261.229639][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 261.393598][T10396] loop0: detected capacity change from 0 to 128 [ 261.853818][T10406] loop3: detected capacity change from 0 to 764 [ 261.944750][T10406] rock: directory entry would overflow storage [ 261.976768][T10406] rock: sig=0x4654, size=5, remaining=4 [ 262.105612][T10414] overlayfs: missing 'lowerdir' [ 262.305475][T10418] loop1: detected capacity change from 0 to 128 [ 262.555046][T10426] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1800'. [ 262.565708][T10426] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1800'. [ 262.575327][T10426] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1800'. [ 262.715133][T10432] loop3: detected capacity change from 0 to 764 [ 262.734050][T10432] rock: directory entry would overflow storage [ 262.762599][T10432] rock: sig=0x4654, size=5, remaining=4 [ 262.802383][T10434] overlayfs: missing 'lowerdir' [ 263.089896][T10445] netlink: 'syz.0.1807': attribute type 4 has an invalid length. [ 263.394844][T10457] loop3: detected capacity change from 0 to 128 [ 263.454002][T10457] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 263.499469][T10457] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 263.779922][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.007577][T10475] netlink: 'syz.2.1821': attribute type 4 has an invalid length. [ 264.193516][T10178] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 264.237502][T10178] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 264.345125][T10494] binder: 10491:10494 unknown command 0 [ 264.354749][T10494] binder: 10491:10494 ioctl c0306201 200000000080 returned -22 [ 264.459678][T10490] fido_id[10490]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 264.839776][T10511] loop1: detected capacity change from 0 to 764 [ 264.872304][T10511] rock: directory entry would overflow storage [ 264.886608][T10511] rock: sig=0x4654, size=5, remaining=4 [ 265.634808][T10543] loop1: detected capacity change from 0 to 128 [ 265.695597][T10543] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 265.751123][T10547] loop3: detected capacity change from 0 to 64 [ 265.769329][T10543] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 265.797210][T10547] hfs: get root inode failed [ 266.987206][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.211296][T10571] loop0: detected capacity change from 0 to 128 [ 267.258513][T10571] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 267.295116][T10571] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 268.906571][ T132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.736642][T10565] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1861'. [ 269.877294][T10583] netlink: 'syz.2.1870': attribute type 4 has an invalid length. [ 269.978158][T10590] loop3: detected capacity change from 0 to 128 [ 269.999508][T10590] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 270.049858][T10590] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 270.843007][T10611] loop3: detected capacity change from 0 to 1764 [ 270.910699][T10613] warning: `syz.2.1885' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 271.490088][T10635] netlink: 'syz.1.1895': attribute type 4 has an invalid length. [ 271.899753][T10653] overlayfs: failed to clone upperpath [ 272.247315][T10663] loop3: detected capacity change from 0 to 764 [ 272.296227][T10663] rock: directory entry would overflow storage [ 272.302452][T10663] rock: sig=0x4654, size=5, remaining=4 [ 272.747123][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 274.661987][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.256076][T10689] netlink: 'syz.2.1921': attribute type 27 has an invalid length. [ 275.521819][T10697] loop1: detected capacity change from 0 to 1024 [ 275.547379][T10697] EXT4-fs: Ignoring removed orlov option [ 275.590591][T10697] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.747078][T10697] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 275.900818][T10715] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1932'. [ 276.112773][T10719] loop0: detected capacity change from 0 to 256 [ 276.212538][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.690876][T10737] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1942'. [ 276.982034][T10747] loop0: detected capacity change from 0 to 764 [ 276.994700][T10747] rock: directory entry would overflow storage [ 277.008293][T10747] rock: sig=0x4654, size=5, remaining=4 [ 277.509794][T10763] loop3: detected capacity change from 0 to 256 [ 277.606417][T10759] loop1: detected capacity change from 0 to 32768 [ 277.613977][T10759] XFS: noikeep mount option is deprecated. [ 277.727895][T10759] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 277.846717][T10759] XFS (loop1): Ending clean mount [ 277.857600][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 277.878334][T10759] XFS (loop1): Quotacheck needed: Please wait. [ 277.961512][T10759] XFS (loop1): Quotacheck: Done. [ 278.055070][ T28] audit: type=1800 audit(1764741976.761:53): pid=10759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1953" name="file2" dev="loop1" ino=6151 res=0 errno=0 [ 278.129884][ T5786] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 278.431085][T10788] loop3: detected capacity change from 0 to 256 [ 278.442369][T10788] exfat: Deprecated parameter 'utf8' [ 278.483327][T10788] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 279.253643][T10796] loop0: detected capacity change from 0 to 32768 [ 279.288316][T10796] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 279.308470][T10796] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 279.544203][ T5789] ocfs2: Unmounting device (7,0) on (node local) [ 279.640729][T10818] loop0: detected capacity change from 0 to 1024 [ 279.656387][T10161] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 279.667223][T10818] EXT4-fs: Ignoring removed orlov option [ 279.697555][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.742438][T10818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.843546][T10827] loop3: detected capacity change from 0 to 256 [ 279.858776][T10161] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 279.922430][T10161] usb 2-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39 [ 279.947194][T10161] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.986000][T10161] usb 2-1: Product: syz [ 279.996285][T10161] usb 2-1: Manufacturer: syz [ 280.000975][T10161] usb 2-1: SerialNumber: syz [ 280.041030][T10161] usb 2-1: config 0 descriptor?? [ 280.081105][T10161] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b [ 280.116500][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.930371][T10161] gspca_pac7302: reg_w() failed i: ff v: 01 error -71 [ 280.943524][T10161] gspca_pac7302: probe of 2-1:0.0 failed with error -71 [ 280.975029][T10161] usb 2-1: USB disconnect, device number 6 [ 281.287683][T10853] loop0: detected capacity change from 0 to 1024 [ 281.295422][T10853] EXT4-fs: Ignoring removed orlov option [ 281.375299][T10853] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 281.388041][T10855] serio: Serial port ttyS3 [ 281.794375][ T28] audit: type=1326 audit(1764741980.521:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 281.886079][ T28] audit: type=1326 audit(1764741980.551:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 281.921504][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.964167][ T28] audit: type=1326 audit(1764741980.551:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 282.026643][ T28] audit: type=1326 audit(1764741980.551:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 282.077051][ T28] audit: type=1326 audit(1764741980.551:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 282.134724][ T28] audit: type=1326 audit(1764741980.551:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 282.163428][T10879] loop1: detected capacity change from 0 to 256 [ 282.226118][ T28] audit: type=1326 audit(1764741980.551:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 282.302176][ T28] audit: type=1326 audit(1764741980.551:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 282.365916][ T28] audit: type=1326 audit(1764741980.551:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10866 comm="syz.2.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e598f749 code=0x7ffc0000 [ 282.567696][T10888] block device autoloading is deprecated and will be removed. [ 282.592192][T10888] syz.1.2007: attempt to access beyond end of device [ 282.592192][T10888] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 283.652951][ T42] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 283.925543][T10922] loop3: detected capacity change from 0 to 40427 [ 283.936382][T10922] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 283.960631][T10922] F2FS-fs (loop3): invalid crc value [ 284.017416][T10922] F2FS-fs (loop3): Found nat_bits in checkpoint [ 284.092128][T10922] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 284.163558][T10935] pimreg: entered allmulticast mode [ 284.329216][T10933] pimreg: left allmulticast mode [ 285.548426][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.288836][T11024] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2067'. [ 287.570070][T11024] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 287.585903][T11024] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 287.606976][T11024] bond0 (unregistering): Released all slaves [ 288.425387][T11065] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2082'. [ 289.309125][T11096] loop3: detected capacity change from 0 to 1024 [ 289.323166][T11096] EXT4-fs: Ignoring removed orlov option [ 289.370044][T11096] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.397364][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 289.583848][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.911890][T11125] loop0: detected capacity change from 0 to 256 [ 289.927574][T11125] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 289.938980][T11125] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 289.966333][T11125] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 290.209236][T11132] loop3: detected capacity change from 0 to 1024 [ 290.231861][T11132] EXT4-fs: Ignoring removed orlov option [ 290.272681][T11132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.405072][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.297084][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.325427][T11163] loop0: detected capacity change from 0 to 40427 [ 291.336373][T11163] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x7ffff [ 291.347135][T11163] F2FS-fs (loop0): invalid crc value [ 291.387728][T11163] F2FS-fs (loop0): Found nat_bits in checkpoint [ 291.443084][T11163] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 293.155237][T11228] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2154'. [ 294.070517][T11257] loop1: detected capacity change from 0 to 512 [ 294.122320][T11261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2165'. [ 294.146302][T11257] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 294.166214][T11261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2165'. [ 294.191727][T11257] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.2166: iget: bad extended attribute block 851968 [ 294.246820][T11257] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2166: couldn't read orphan inode 15 (err -117) [ 294.294913][T11257] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.490429][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.146694][ T132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.066680][ T1117] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.346646][T11267] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2169'. [ 298.624364][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 298.829159][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 299.036165][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 299.533613][T11313] loop1: detected capacity change from 0 to 256 [ 299.634973][T11313] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 300.222229][T11324] loop0: detected capacity change from 0 to 32768 [ 300.230791][T11324] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.2192 (11324) [ 300.254774][T11324] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 300.265672][T11324] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 300.274535][T11324] BTRFS info (device loop0): setting nodatasum [ 300.280800][T11324] BTRFS info (device loop0): enabling auto defrag [ 300.287615][T11324] BTRFS info (device loop0): max_inline at 0 [ 300.293654][T11324] BTRFS info (device loop0): using free space tree [ 300.452871][T11324] BTRFS info (device loop0): auto enabling async discard [ 300.753232][T11358] loop3: detected capacity change from 0 to 128 [ 300.897359][ T132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 301.474050][ T5789] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 302.526120][T10163] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 302.747065][T10163] usb 4-1: Using ep0 maxpacket: 16 [ 302.759322][T10163] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 302.780096][T10163] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 302.801117][T10163] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 302.811207][T10163] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.820622][ T1131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 302.840111][T10163] usb 4-1: config 0 descriptor?? [ 303.095220][ T5793] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 303.109781][ T5793] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 303.121285][ T5793] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 303.123262][T11416] loop1: detected capacity change from 0 to 512 [ 303.142834][ T5793] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 303.170499][ T5793] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 303.181801][ T5793] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 303.238170][T11416] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 303.310887][T11416] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.2220: iget: bad extended attribute block 851968 [ 303.339047][T11416] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2220: couldn't read orphan inode 15 (err -117) [ 303.372459][T11416] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 303.650076][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.812753][T11415] chnl_net:caif_netlink_parms(): no params data found [ 304.254617][T11415] bridge0: port 1(bridge_slave_0) entered blocking state [ 304.299429][T11415] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.318530][T11415] bridge_slave_0: entered allmulticast mode [ 304.345503][T11415] bridge_slave_0: entered promiscuous mode [ 304.431618][T11415] bridge0: port 2(bridge_slave_1) entered blocking state [ 304.444810][T11415] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.462193][T11415] bridge_slave_1: entered allmulticast mode [ 304.471269][T11415] bridge_slave_1: entered promiscuous mode [ 304.524585][T11452] loop0: detected capacity change from 0 to 512 [ 304.544293][T11452] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 304.574432][T11452] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.2229: iget: bad extended attribute block 851968 [ 304.588969][T11452] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.2229: couldn't read orphan inode 15 (err -117) [ 304.620888][T11452] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 304.672907][T11415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 304.700933][T11415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 304.842708][T11415] team0: Port device team_slave_0 added [ 304.858624][T11415] team0: Port device team_slave_1 added [ 304.898509][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.004752][T11415] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 305.013525][T11415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 305.053628][T11415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 305.103757][T11455] loop1: detected capacity change from 0 to 32768 [ 305.115234][T11455] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2230 (11455) [ 305.143418][T11415] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 305.145213][ T5174] usb 4-1: USB disconnect, device number 3 [ 305.157152][T11455] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 305.167542][T11455] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 305.176483][T11455] BTRFS info (device loop1): setting nodatasum [ 305.182870][T11455] BTRFS info (device loop1): enabling auto defrag [ 305.188393][T11415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 305.189458][T11455] BTRFS info (device loop1): max_inline at 0 [ 305.221573][T11455] BTRFS info (device loop1): using free space tree [ 305.230944][ T5793] Bluetooth: hci4: command tx timeout [ 305.233951][T11415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 305.386306][T11455] BTRFS info (device loop1): auto enabling async discard [ 305.432868][T11477] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 305.441864][T11477] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 305.468088][T11477] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 305.622925][T11415] hsr_slave_0: entered promiscuous mode [ 305.663366][T11415] hsr_slave_1: entered promiscuous mode [ 305.701882][T11415] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 305.721544][T11415] Cannot create hsr debugfs directory [ 305.823444][ T5786] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 306.660991][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.889039][ T132] tipc: Disabling bearer [ 306.918225][ T132] tipc: Left network mode [ 307.139891][T11504] loop1: detected capacity change from 0 to 32768 [ 307.171941][T11504] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2243 (11504) [ 307.204916][T11504] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 307.215657][T11504] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 307.224834][T11504] BTRFS info (device loop1): setting nodatasum [ 307.231779][T11504] BTRFS info (device loop1): enabling auto defrag [ 307.239207][T11504] BTRFS info (device loop1): max_inline at 0 [ 307.245236][T11504] BTRFS info (device loop1): using free space tree [ 307.298545][ T5793] Bluetooth: hci4: command tx timeout [ 307.436474][T11504] BTRFS info (device loop1): auto enabling async discard [ 307.936869][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.979112][ T5786] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 308.373845][T11548] loop1: detected capacity change from 0 to 256 [ 308.475751][T11548] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 308.636200][T10178] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 308.868976][T10178] usb 4-1: Using ep0 maxpacket: 16 [ 308.884772][T10178] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 308.933037][T10178] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 308.988406][T10178] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 309.005256][T10178] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.027917][T11415] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 309.033162][T10178] usb 4-1: config 0 descriptor?? [ 309.063034][T11415] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 309.081625][T10178] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 309.190919][T11415] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 309.307737][T10178] usb 4-1: USB disconnect, device number 4 [ 309.324101][T11415] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 309.376139][ T5793] Bluetooth: hci4: command tx timeout [ 309.882223][T11415] 8021q: adding VLAN 0 to HW filter on device bond0 [ 310.005753][T11415] 8021q: adding VLAN 0 to HW filter on device team0 [ 310.101588][ T132] hsr_slave_0: left promiscuous mode [ 310.164618][ T132] hsr_slave_1: left promiscuous mode [ 310.183933][ T132] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 310.207481][ T132] bridge_slave_1: left allmulticast mode [ 310.217735][ T132] bridge_slave_1: left promiscuous mode [ 310.233624][ T132] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.281928][ T132] bridge_slave_0: left allmulticast mode [ 310.304011][ T132] bridge_slave_0: left promiscuous mode [ 310.318500][ T132] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.460772][ T5793] Bluetooth: hci4: command tx timeout [ 311.530557][ T132] team0 (unregistering): Port device team_slave_1 removed [ 311.539043][T10178] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 311.646573][ T132] team0 (unregistering): Port device team_slave_0 removed [ 311.736176][T10178] usb 2-1: Using ep0 maxpacket: 16 [ 311.752539][ T132] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 311.757144][T10178] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 311.774588][T10178] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 311.788346][T10178] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 311.798709][T10178] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.820841][T10178] usb 2-1: config 0 descriptor?? [ 311.834509][T10178] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 311.864594][ T132] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 312.055504][T10178] usb 2-1: USB disconnect, device number 7 [ 312.431730][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 312.648466][ T132] bond0 (unregistering): Released all slaves [ 312.861679][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.870193][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 312.967725][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.974995][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 313.122233][T11415] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 313.281902][T11635] loop1: detected capacity change from 0 to 256 [ 313.340668][T11635] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 313.656058][T11643] loop1: detected capacity change from 0 to 512 [ 313.664745][T11643] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 313.700800][ T42] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 313.761914][T11643] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.2281: iget: bad extended attribute block 851968 [ 313.848614][T11415] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 313.858138][T11643] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2281: couldn't read orphan inode 15 (err -117) [ 313.920102][T11643] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 314.084415][T11415] veth0_vlan: entered promiscuous mode [ 314.121723][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.131788][T11415] veth1_vlan: entered promiscuous mode [ 314.251802][T11415] veth0_macvtap: entered promiscuous mode [ 314.299417][T11415] veth1_macvtap: entered promiscuous mode [ 314.362227][T11415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 314.386547][T11415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.404601][T11415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 314.426187][T11415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.445220][T11415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 314.467100][T11415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.491261][T11415] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 314.525399][T11415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 314.547096][T11415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 314.571111][T11415] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 314.605764][T11415] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.615409][T11415] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.646423][T11415] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.655195][T11415] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.806076][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.826348][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 314.874168][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.931832][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 315.001643][T11661] loop0: detected capacity change from 0 to 256 [ 315.042332][T11661] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 315.111904][T11657] loop3: detected capacity change from 0 to 32768 [ 315.164820][T11657] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 315.338972][T11657] XFS (loop3): Ending clean mount [ 315.375165][T11657] XFS (loop3): Quotacheck needed: Please wait. [ 315.533136][T11657] XFS (loop3): Quotacheck: Done. [ 315.642746][ T5787] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 315.766360][T11686] loop1: detected capacity change from 0 to 512 [ 315.784853][T11686] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 315.859931][T11686] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.2294: iget: bad extended attribute block 851968 [ 315.966866][T11686] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2294: couldn't read orphan inode 15 (err -117) [ 316.051497][T11686] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 316.327371][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.602576][T11706] loop0: detected capacity change from 0 to 256 [ 316.645247][T11706] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 317.212324][T11728] loop0: detected capacity change from 0 to 512 [ 317.239951][T11728] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 317.291742][T11728] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.2305: iget: bad extended attribute block 851968 [ 317.353567][T11728] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.2305: couldn't read orphan inode 15 (err -117) [ 317.381866][T11728] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 317.549277][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.555671][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.605399][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.705744][T11743] loop1: detected capacity change from 0 to 256 [ 317.735050][T11743] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 317.782424][T11741] loop2: detected capacity change from 0 to 2048 [ 317.805687][T11741] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 317.910438][T11747] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 317.921754][T11741] syz.2.2308: attempt to access beyond end of device [ 317.921754][T11741] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 318.800588][T11773] loop0: detected capacity change from 0 to 512 [ 318.904260][T11773] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 318.971715][T11773] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.2318: iget: bad extended attribute block 851968 [ 319.091972][T11773] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.2318: couldn't read orphan inode 15 (err -117) [ 319.169192][T11773] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 319.421282][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.459383][ T1131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.480681][ T42] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.631815][T11793] loop0: detected capacity change from 0 to 256 [ 319.706117][T11793] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 319.755052][T11761] loop2: detected capacity change from 0 to 32768 [ 319.816861][T11761] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 319.996618][T11761] XFS (loop2): Ending clean mount [ 320.053580][T11761] XFS (loop2): Quotacheck needed: Please wait. [ 320.211790][T11811] loop1: detected capacity change from 0 to 1024 [ 320.259372][T11811] EXT4-fs: Ignoring removed orlov option [ 320.281444][T11761] XFS (loop2): Quotacheck: Done. [ 320.381640][T11811] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 320.477004][T11819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.485286][T11819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.498152][T11819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.507113][T11415] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 320.664239][T11811] EXT4-fs: Ignoring removed orlov option [ 320.686162][T11811] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 320.730120][T11811] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.2328: Abort forced by user [ 320.767419][T11811] EXT4-fs (loop1): Remounting filesystem read-only [ 320.785912][T11811] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 320.820941][T11823] loop3: detected capacity change from 0 to 4096 [ 320.874531][T11824] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 320.885709][T10161] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 320.935033][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.080062][T11827] loop2: detected capacity change from 0 to 512 [ 321.091434][T11827] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 321.103253][T10161] usb 1-1: Using ep0 maxpacket: 32 [ 321.116340][T10161] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 321.126083][T10161] usb 1-1: config 0 has no interface number 0 [ 321.132659][T10161] usb 1-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 321.174512][T10161] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 321.188269][T11827] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2332: iget: bad extended attribute block 851968 [ 321.223752][T10161] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.261007][T10161] usb 1-1: Product: syz [ 321.286074][T10161] usb 1-1: Manufacturer: syz [ 321.303144][T11834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 321.309177][T10161] usb 1-1: SerialNumber: syz [ 321.311653][T11834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 321.328857][T11827] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2332: couldn't read orphan inode 15 (err -117) [ 321.358172][T10161] usb 1-1: config 0 descriptor?? [ 321.413234][T10161] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 321.433744][T11827] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.564789][T11415] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.988716][T11853] netlink: 'syz.2.2346': attribute type 10 has an invalid length. [ 322.004811][T11853] team0: Device hsr_slave_0 failed to register rx_handler [ 322.194885][T11852] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 322.236957][T11852] overlayfs: failed to set xattr on upper [ 322.253104][T11852] overlayfs: ...falling back to redirect_dir=nofollow. [ 322.272480][T11852] overlayfs: ...falling back to index=off. [ 322.279760][T11852] overlayfs: ...falling back to uuid=null. [ 322.419729][T11862] loop2: detected capacity change from 0 to 512 [ 322.476111][T11862] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 322.511306][T11862] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2350: iget: bad extended attribute block 851968 [ 322.581485][T11862] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2350: couldn't read orphan inode 15 (err -117) [ 322.608798][T11862] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.683197][T11415] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.996152][T11876] loop1: detected capacity change from 0 to 4096 [ 323.044007][T11879] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 323.423806][T11872] loop3: detected capacity change from 0 to 32768 [ 323.443138][T11872] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.2361 (11872) [ 323.493618][T11872] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 323.514540][T11872] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 323.527484][T11872] BTRFS info (device loop3): setting nodatasum [ 323.533719][T11872] BTRFS info (device loop3): enabling auto defrag [ 323.567231][T11872] BTRFS info (device loop3): max_inline at 0 [ 323.573320][T11872] BTRFS info (device loop3): using free space tree [ 323.686162][T10161] usb 1-1: qt2_attach - failed to power on unit: -71 [ 323.737498][T10161] quatech2: probe of 1-1:0.51 failed with error -71 [ 323.831374][T10161] usb 1-1: USB disconnect, device number 5 [ 323.845966][T11872] BTRFS info (device loop3): auto enabling async discard [ 324.227075][ T5787] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 324.726042][T10174] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 324.936064][T10174] usb 2-1: Using ep0 maxpacket: 32 [ 324.957642][T10174] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 324.980498][T10174] usb 2-1: config 0 has no interface number 0 [ 324.988824][T10174] usb 2-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 325.009955][T10174] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 325.043560][T10174] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.066524][T10174] usb 2-1: Product: syz [ 325.070766][T10174] usb 2-1: Manufacturer: syz [ 325.090669][T10174] usb 2-1: SerialNumber: syz [ 325.117561][T10174] usb 2-1: config 0 descriptor?? [ 325.160913][T10174] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 325.183274][T11944] overlayfs: failed to resolve './file2': -2 [ 325.228335][ T132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.124703][ T5174] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 326.198306][T11964] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.236685][T11964] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.254459][T11965] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.346074][ T5174] usb 3-1: Using ep0 maxpacket: 32 [ 326.387648][ T5174] usb 3-1: config 0 has an invalid interface number: 2 but max is 0 [ 326.418227][ T5174] usb 3-1: config 0 has no interface number 0 [ 326.453224][ T5174] usb 3-1: config 0 interface 2 has no altsetting 0 [ 326.501715][ T5174] usb 3-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f [ 326.518964][ T5174] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.566194][ T5174] usb 3-1: Product: syz [ 326.570562][ T5174] usb 3-1: Manufacturer: syz [ 326.575275][ T5174] usb 3-1: SerialNumber: syz [ 326.633956][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 326.645759][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 326.660618][ T5174] usb 3-1: config 0 descriptor?? [ 326.680946][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 326.714198][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 326.733091][T11971] loop3: detected capacity change from 0 to 1024 [ 326.753587][T11971] EXT4-fs: Ignoring removed orlov option [ 326.759667][ T5794] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 326.767743][ T5794] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 326.837853][T11971] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 326.971981][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.983727][ T5174] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 327.001238][ T5174] usb 3-1: invalid MIDI in EP 0 [ 327.296886][ T5174] snd-usb-audio: probe of 3-1:0.2 failed with error -22 [ 327.326084][ T5174] usb 3-1: USB disconnect, device number 3 [ 327.407691][ T5958] udevd[5958]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 327.445956][T10174] usb 2-1: qt2_attach - failed to power on unit: -71 [ 327.495014][T10174] quatech2: probe of 2-1:0.51 failed with error -71 [ 327.529286][T10174] usb 2-1: USB disconnect, device number 8 [ 327.759683][T11968] chnl_net:caif_netlink_parms(): no params data found [ 328.230535][T11999] autofs4:pid:11999:autofs_fill_super: called with bogus options [ 328.248227][T11968] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.255660][T11968] bridge0: port 1(bridge_slave_0) entered disabled state [ 328.296889][T11968] bridge_slave_0: entered allmulticast mode [ 328.304682][T11968] bridge_slave_0: entered promiscuous mode [ 328.333172][T11968] bridge0: port 2(bridge_slave_1) entered blocking state [ 328.372469][T11968] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.414908][T11968] bridge_slave_1: entered allmulticast mode [ 328.438038][T11968] bridge_slave_1: entered promiscuous mode [ 328.529923][T12005] overlayfs: workdir and upperdir must reside under the same mount [ 328.782985][T11968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 328.816531][ T5794] Bluetooth: hci1: command tx timeout [ 328.821484][T11968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 329.028639][T11968] team0: Port device team_slave_0 added [ 329.184788][T12019] autofs4:pid:12019:autofs_fill_super: called with bogus options [ 329.250815][ T1117] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.317848][T11968] team0: Port device team_slave_1 added [ 329.511463][ T1117] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.561633][T11968] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 329.585490][T11968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.654420][T11968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 329.692891][T11968] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 329.730834][T11968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.792047][T11968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 329.805080][T12017] loop3: detected capacity change from 0 to 32768 [ 329.836585][T12017] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.2403 (12017) [ 329.881288][T12017] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 329.903482][T12017] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 329.937762][T12017] BTRFS info (device loop3): setting nodatasum [ 329.939344][ T1117] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.944036][T12017] BTRFS info (device loop3): enabling auto defrag [ 329.944107][T12017] BTRFS info (device loop3): max_inline at 0 [ 330.075936][T12017] BTRFS info (device loop3): using free space tree [ 330.104046][T12037] loop1: detected capacity change from 0 to 1024 [ 330.117247][T12037] EXT4-fs: Ignoring removed orlov option [ 330.171073][T12037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.314447][ T1117] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.317247][T12037] EXT4-fs: Ignoring removed orlov option [ 330.346961][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.409880][T11968] hsr_slave_0: entered promiscuous mode [ 330.421935][T12037] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 330.433463][T11968] hsr_slave_1: entered promiscuous mode [ 330.447390][T12037] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.2411: Abort forced by user [ 330.457861][T11968] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 330.457950][T12017] BTRFS info (device loop3): auto enabling async discard [ 330.471020][T11968] Cannot create hsr debugfs directory [ 330.494048][T12037] EXT4-fs (loop1): Remounting filesystem read-only [ 330.513767][T12037] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 330.551654][T12017] overlayfs: failed to resolve './bus': -2 [ 330.653482][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.812938][ T5787] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 330.898514][ T5794] Bluetooth: hci1: command tx timeout [ 331.307417][ T1117] tipc: Left network mode [ 331.515410][T12086] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.897934][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.976403][ T5794] Bluetooth: hci1: command tx timeout [ 333.135118][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 333.135136][ T28] audit: type=1326 audit(1764742031.861:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.191696][ T28] audit: type=1326 audit(1764742031.901:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.250487][ T28] audit: type=1326 audit(1764742031.921:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.273351][ T28] audit: type=1326 audit(1764742031.921:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.307383][ T28] audit: type=1326 audit(1764742031.921:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.415969][ T28] audit: type=1326 audit(1764742031.921:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.438243][T11968] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 333.496167][ T28] audit: type=1326 audit(1764742031.921:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.497065][T11968] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 333.549157][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 333.554797][ T28] audit: type=1326 audit(1764742031.921:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.593829][ T28] audit: type=1326 audit(1764742031.921:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12127 comm="syz.3.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 333.701247][T11968] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 333.723289][T11968] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 333.793791][T12140] loop2: detected capacity change from 0 to 4096 [ 333.905561][T12146] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 334.214404][T12145] loop3: detected capacity change from 0 to 32768 [ 334.247956][T12145] gfs2: can't find protocol lock_noloc [ 334.455646][T11000] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 334.958623][T11968] 8021q: adding VLAN 0 to HW filter on device bond0 [ 335.009538][T12145] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 335.017090][T12145] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 335.034503][T12145] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 335.040869][T12145] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 335.048665][T12145] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 335.054690][T12145] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 335.062064][ T5793] Bluetooth: hci1: command tx timeout [ 335.072888][T12145] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 335.083179][T12145] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 335.091080][T12145] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 335.119834][T12145] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 335.153241][ T1117] hsr_slave_0: left promiscuous mode [ 335.206203][ T1117] hsr_slave_1: left promiscuous mode [ 335.239155][ T1117] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 335.296122][ T1117] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 335.346684][ T1117] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 335.354263][ T1117] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 335.376923][ T1117] bridge_slave_1: left allmulticast mode [ 335.382662][ T1117] bridge_slave_1: left promiscuous mode [ 335.391752][ T1117] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.442524][ T1117] bridge_slave_0: left allmulticast mode [ 335.456278][ T1117] bridge_slave_0: left promiscuous mode [ 335.457245][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 335.472180][ T1117] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.587993][ T1117] veth1_macvtap: left promiscuous mode [ 335.603308][ T1117] veth0_macvtap: left promiscuous mode [ 335.624113][ T1117] veth1_vlan: left promiscuous mode [ 335.639849][ T1117] veth0_vlan: left promiscuous mode [ 336.390582][T12201] loop1: detected capacity change from 0 to 16 [ 336.427774][T12201] erofs: (device loop1): mounted with root inode @ nid 36. [ 336.976679][ T5793] Bluetooth: hci0: command 0x0406 tx timeout [ 337.088262][ T5793] Bluetooth: hci3: command 0x0406 tx timeout [ 337.145303][ T5793] Bluetooth: hci1: command 0x0c1a tx timeout [ 337.145992][ T5794] Bluetooth: hci4: command 0x0c1a tx timeout [ 337.302550][ T1117] team0 (unregistering): Port device team_slave_1 removed [ 337.369797][ T1117] team0 (unregistering): Port device team_slave_0 removed [ 337.451751][ T1117] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 337.519655][ T1117] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 338.292265][ T1117] bond0 (unregistering): Released all slaves [ 338.372423][T11968] 8021q: adding VLAN 0 to HW filter on device team0 [ 338.387315][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.394527][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 338.430050][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.437298][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 338.562198][T12219] loop2: detected capacity change from 0 to 16 [ 338.607734][T12219] erofs: (device loop2): mounted with root inode @ nid 36. [ 339.065858][ T5794] Bluetooth: hci0: command 0x0406 tx timeout [ 339.167533][ T5794] Bluetooth: hci3: command 0x0406 tx timeout [ 339.216089][ T5793] Bluetooth: hci4: command 0x0c1a tx timeout [ 339.222386][ T5794] Bluetooth: hci1: command 0x0c1a tx timeout [ 339.304227][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 339.318512][T12237] autofs4:pid:12237:autofs_fill_super: called with bogus options [ 339.512021][T12233] loop1: detected capacity change from 0 to 32768 [ 339.539688][T12233] gfs2: can't find protocol lock_noloc [ 339.704346][T11968] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 339.882593][T12233] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 339.889207][T12233] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 339.896179][T12233] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 339.902539][T12233] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 339.920149][T11968] veth0_vlan: entered promiscuous mode [ 339.989516][T11968] veth1_vlan: entered promiscuous mode [ 340.224508][T11968] veth0_macvtap: entered promiscuous mode [ 340.270646][T11968] veth1_macvtap: entered promiscuous mode [ 340.383546][T11968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.418169][T11968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.451639][T11968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.464135][T11968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.480455][T11968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.502301][T12261] loop1: detected capacity change from 0 to 1024 [ 340.503578][T11968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.527204][T12261] EXT4-fs: Ignoring removed orlov option [ 340.554987][T11968] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 340.600291][T11968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.637289][T11968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.648894][T12261] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 340.677763][T11968] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 340.705025][T11968] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.719616][T12261] EXT4-fs: Ignoring removed orlov option [ 340.725565][T12261] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 340.770567][T11968] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.791621][T11968] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.810404][T11968] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.847381][T12261] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.2481: Abort forced by user [ 340.873646][T12261] EXT4-fs (loop1): Remounting filesystem read-only [ 340.895970][T12261] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 340.970286][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 341.218549][ T1117] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.229593][ T42] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 341.297309][ T1117] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.479707][ T132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.503022][T12270] loop2: detected capacity change from 0 to 32768 [ 341.526703][ T132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.536234][T12270] gfs2: can't find protocol lock_noloc [ 341.916289][T12270] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 341.922514][T12270] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 341.928913][T12270] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 341.935526][T12270] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 343.039053][ T5794] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 343.052018][ T5794] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 343.062139][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 343.072262][ T5794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 343.080260][ T5794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 343.088361][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 343.265068][T12294] loop2: detected capacity change from 0 to 32768 [ 343.274277][ T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 343.324156][T12294] OCFS2: ERROR (device loop2): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 69 has invalid tree depth 119 in extent list [ 343.343294][T12294] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 343.353256][T12294] OCFS2: File system is now read-only. [ 343.358826][T12294] (syz.2.2492,12294,0):ocfs2_find_leaf:1941 ERROR: status = -30 [ 343.366604][T12294] (syz.2.2492,12294,0):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 343.375732][T12294] (syz.2.2492,12294,0):ocfs2_get_clusters:624 ERROR: status = -30 [ 343.384172][T12294] (syz.2.2492,12294,0):ocfs2_extent_map_get_blocks:671 ERROR: status = -30 [ 343.392970][T12294] (syz.2.2492,12294,0):ocfs2_map_slot_buffers:378 ERROR: status = -30 [ 343.401238][T12294] (syz.2.2492,12294,0):ocfs2_init_slot_info:426 ERROR: status = -30 [ 343.409355][T12294] (syz.2.2492,12294,0):ocfs2_initialize_super:2278 ERROR: status = -30 [ 343.418306][T12294] (syz.2.2492,12294,0):ocfs2_fill_super:1178 ERROR: status = -30 [ 343.525889][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 343.533434][ T9] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 343.552790][ T9] usb 1-1: config 0 has no interface number 0 [ 343.586607][T12299] overlayfs: missing 'lowerdir' [ 343.591711][ T9] usb 1-1: config 0 interface 2 has no altsetting 0 [ 343.644151][ T9] usb 1-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f [ 343.687732][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.719577][ T9] usb 1-1: Product: syz [ 343.723915][ T9] usb 1-1: Manufacturer: syz [ 343.756028][ T9] usb 1-1: SerialNumber: syz [ 343.773367][ T9] usb 1-1: config 0 descriptor?? [ 343.779967][ T5794] Bluetooth: hci0: command 0x0406 tx timeout [ 343.936746][ T5794] Bluetooth: hci1: command 0x0c1a tx timeout [ 343.942926][ T5793] Bluetooth: hci4: command 0x0c1a tx timeout [ 343.946066][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 343.972038][T12292] chnl_net:caif_netlink_parms(): no params data found [ 344.008654][T12304] loop3: detected capacity change from 0 to 1024 [ 344.057102][T12304] EXT4-fs: Ignoring removed orlov option [ 344.088716][T12306] overlayfs: workdir and upperdir must reside under the same mount [ 344.096229][ T9] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 344.114651][ T9] usb 1-1: invalid MIDI in EP 0 [ 344.127021][T12304] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 344.257922][T12304] EXT4-fs: Ignoring removed orlov option [ 344.296415][T12304] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 344.299830][ T9] snd-usb-audio: probe of 1-1:0.2 failed with error -22 [ 344.319631][ T9] usb 1-1: USB disconnect, device number 6 [ 344.357422][T12304] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.2495: Abort forced by user [ 344.391543][T12304] EXT4-fs (loop3): Remounting filesystem read-only [ 344.420708][ T5958] udevd[5958]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 344.431887][T12304] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 344.493961][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.593257][ T1117] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.697157][T12292] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.712267][T12292] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.719941][T12292] bridge_slave_0: entered allmulticast mode [ 344.736980][T12292] bridge_slave_0: entered promiscuous mode [ 344.755654][T12292] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.763202][T12292] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.781513][T12292] bridge_slave_1: entered allmulticast mode [ 344.802685][T12292] bridge_slave_1: entered promiscuous mode [ 344.898324][ T1117] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.054262][T12314] loop2: detected capacity change from 0 to 32768 [ 345.056546][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 345.073082][T12314] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2497 (12314) [ 345.137019][ T51] Bluetooth: hci2: command tx timeout [ 345.164197][T12314] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 345.172356][ T1117] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.192446][T12292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 345.205477][T12292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.230026][T12314] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 345.247660][T12314] BTRFS info (device loop2): setting nodatasum [ 345.254008][T12314] BTRFS info (device loop2): enabling auto defrag [ 345.307867][T12314] BTRFS info (device loop2): max_inline at 0 [ 345.313951][T12314] BTRFS info (device loop2): using free space tree [ 345.362609][T12292] team0: Port device team_slave_0 added [ 345.475167][ T1117] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.485623][T12342] overlayfs: workdir and upperdir must reside under the same mount [ 345.567025][T12314] BTRFS info (device loop2): auto enabling async discard [ 345.574443][T12292] team0: Port device team_slave_1 added [ 345.592268][T12346] loop0: detected capacity change from 0 to 1024 [ 345.611335][T12346] EXT4-fs: Ignoring removed orlov option [ 345.679762][T12314] overlayfs: missing 'lowerdir' [ 345.699409][T12346] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 345.778201][T12292] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 345.822159][T12292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.866473][T12346] EXT4-fs: Ignoring removed orlov option [ 345.872508][T12346] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 345.926474][T12292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 345.950728][T11415] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 345.970235][T12346] EXT4-fs error (device loop0): __ext4_remount:6736: comm syz.0.2505: Abort forced by user [ 345.971920][T12292] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 345.996441][T12292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 346.023281][T12292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 346.036830][T12346] EXT4-fs (loop0): Remounting filesystem read-only [ 346.043447][T12346] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 346.188121][T11968] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.379715][T12292] hsr_slave_0: entered promiscuous mode [ 346.420541][T12292] hsr_slave_1: entered promiscuous mode [ 346.437569][T12292] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 346.445626][T12292] Cannot create hsr debugfs directory [ 346.880529][ T1117] tipc: Left network mode [ 346.979304][ T1131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 347.216210][ T51] Bluetooth: hci2: command tx timeout [ 347.314573][T12380] loop2: detected capacity change from 0 to 64 [ 347.693759][ T59] [ 347.696262][ T59] ====================================================== [ 347.703317][ T59] WARNING: possible circular locking dependency detected [ 347.710369][ T59] syzkaller #0 Not tainted [ 347.714830][ T59] ------------------------------------------------------ [ 347.721876][ T59] kworker/u4:4/59 is trying to acquire lock: [ 347.727887][ T59] ffff888025f18778 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xdb/0x1220 [ 347.738819][ T59] [ 347.738819][ T59] but task is already holding lock: [ 347.746216][ T59] ffff888024f6a0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 347.755690][ T59] [ 347.755690][ T59] which lock already depends on the new lock. [ 347.755690][ T59] [ 347.766105][ T59] [ 347.766105][ T59] the existing dependency chain (in reverse order) is: [ 347.775122][ T59] [ 347.775122][ T59] -> #1 (&tree->tree_lock/1){+.+.}-{3:3}: [ 347.783147][ T59] __mutex_lock+0x129/0xcc0 [ 347.788193][ T59] hfs_find_init+0x17e/0x1f0 [ 347.793315][ T59] hfs_get_block+0x51c/0xbd0 [ 347.798518][ T59] block_read_full_folio+0x42e/0xf40 [ 347.804341][ T59] filemap_read_folio+0x167/0x760 [ 347.809903][ T59] do_read_cache_folio+0x470/0x7e0 [ 347.815543][ T59] do_read_cache_page+0x32/0x250 [ 347.821023][ T59] __hfs_bnode_create+0x4a9/0x790 [ 347.826607][ T59] hfs_bnode_find+0x222/0xcc0 [ 347.831834][ T59] hfs_brec_find+0x173/0x510 [ 347.836963][ T59] hfs_brec_read+0x24/0x110 [ 347.842433][ T59] hfs_cat_find_brec+0x15d/0x3f0 [ 347.847920][ T59] hfs_fill_super+0xdd5/0x1320 [ 347.853212][ T59] mount_bdev+0x22b/0x2d0 [ 347.858067][ T59] legacy_get_tree+0xea/0x180 [ 347.863275][ T59] vfs_get_tree+0x8c/0x280 [ 347.868215][ T59] do_new_mount+0x24b/0xa40 [ 347.873244][ T59] __se_sys_mount+0x2da/0x3c0 [ 347.878557][ T59] do_syscall_64+0x55/0xb0 [ 347.883544][ T59] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 347.890142][ T59] [ 347.890142][ T59] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 347.899360][ T59] __lock_acquire+0x2ddb/0x7c80 [ 347.904754][ T59] lock_acquire+0x197/0x410 [ 347.909874][ T59] __mutex_lock+0x129/0xcc0 [ 347.914907][ T59] hfs_extend_file+0xdb/0x1220 [ 347.920194][ T59] hfs_bmap_reserve+0x107/0x430 [ 347.925578][ T59] __hfs_ext_write_extent+0x1fa/0x470 [ 347.931475][ T59] hfs_ext_write_extent+0x162/0x1e0 [ 347.937202][ T59] hfs_write_inode+0x92/0x7d0 [ 347.942496][ T59] __writeback_single_inode+0x705/0xee0 [ 347.948589][ T59] writeback_sb_inodes+0x77c/0xef0 [ 347.954244][ T59] wb_writeback+0x450/0xba0 [ 347.959285][ T59] wb_workfn+0x3ff/0xe20 [ 347.964057][ T59] process_scheduled_works+0xa45/0x15b0 [ 347.970135][ T59] worker_thread+0xa55/0xfc0 [ 347.975251][ T59] kthread+0x2fa/0x390 [ 347.979932][ T59] ret_from_fork+0x48/0x80 [ 347.984879][ T59] ret_from_fork_asm+0x11/0x20 [ 347.990194][ T59] [ 347.990194][ T59] other info that might help us debug this: [ 347.990194][ T59] [ 348.000520][ T59] Possible unsafe locking scenario: [ 348.000520][ T59] [ 348.007977][ T59] CPU0 CPU1 [ 348.013364][ T59] ---- ---- [ 348.018744][ T59] lock(&tree->tree_lock/1); [ 348.023447][ T59] lock(&HFS_I(tree->inode)->extents_lock); [ 348.032331][ T59] lock(&tree->tree_lock/1); [ 348.039539][ T59] lock(&HFS_I(tree->inode)->extents_lock); [ 348.045610][ T59] [ 348.045610][ T59] *** DEADLOCK *** [ 348.045610][ T59] [ 348.053754][ T59] 3 locks held by kworker/u4:4/59: [ 348.058864][ T59] #0: ffff88814124c138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 348.070108][ T59] #1: ffffc900015a7d00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 348.082569][ T59] #2: ffff888024f6a0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 348.092342][ T59] [ 348.092342][ T59] stack backtrace: [ 348.098244][ T59] CPU: 0 PID: 59 Comm: kworker/u4:4 Not tainted syzkaller #0 [ 348.105709][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 348.115783][ T59] Workqueue: writeback wb_workfn (flush-7:2) [ 348.121788][ T59] Call Trace: [ 348.125074][ T59] [ 348.128014][ T59] dump_stack_lvl+0x16c/0x230 [ 348.132708][ T59] ? load_image+0x3b0/0x3b0 [ 348.137222][ T59] ? show_regs_print_info+0x20/0x20 [ 348.142437][ T59] ? print_circular_bug+0x12b/0x1a0 [ 348.147656][ T59] check_noncircular+0x2bd/0x3c0 [ 348.152607][ T59] ? look_up_lock_class+0x75/0x140 [ 348.157733][ T59] ? print_deadlock_bug+0x5d0/0x5d0 [ 348.162943][ T59] ? lockdep_lock+0xe0/0x220 [ 348.167544][ T59] ? _find_first_zero_bit+0xd3/0x100 [ 348.172844][ T59] __lock_acquire+0x2ddb/0x7c80 [ 348.177722][ T59] ? rcu_qs+0xc5/0x160 [ 348.181803][ T59] ? verify_lock_unused+0x140/0x140 [ 348.187097][ T59] ? mark_lock+0x94/0x320 [ 348.191438][ T59] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 348.197548][ T59] lock_acquire+0x197/0x410 [ 348.202062][ T59] ? hfs_extend_file+0xdb/0x1220 [ 348.207092][ T59] ? lockdep_hardirqs_on+0x98/0x150 [ 348.212295][ T59] ? __might_sleep+0xe0/0xe0 [ 348.216895][ T59] ? read_lock_is_recursive+0x20/0x20 [ 348.222455][ T59] ? __schedule+0x14da/0x44d0 [ 348.227234][ T59] __mutex_lock+0x129/0xcc0 [ 348.231750][ T59] ? hfs_extend_file+0xdb/0x1220 [ 348.236789][ T59] ? lock_chain_count+0x20/0x20 [ 348.241656][ T59] ? hfs_extend_file+0xdb/0x1220 [ 348.246602][ T59] ? asan.module_dtor+0x20/0x20 [ 348.251463][ T59] ? mutex_lock_nested+0x20/0x20 [ 348.256501][ T59] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 348.262677][ T59] hfs_extend_file+0xdb/0x1220 [ 348.267541][ T59] ? preempt_schedule_common+0x82/0xc0 [ 348.273013][ T59] ? hfs_get_block+0xbd0/0xbd0 [ 348.277966][ T59] ? trace_raw_output_contention_end+0xd0/0xd0 [ 348.284140][ T59] ? preempt_schedule_thunk+0x1a/0x30 [ 348.289529][ T59] ? __asan_memset+0x22/0x40 [ 348.294220][ T59] ? hfs_brec_find+0x1a8/0x510 [ 348.298999][ T59] hfs_bmap_reserve+0x107/0x430 [ 348.303870][ T59] __hfs_ext_write_extent+0x1fa/0x470 [ 348.309256][ T59] hfs_ext_write_extent+0x162/0x1e0 [ 348.314462][ T59] ? verify_lock_unused+0x140/0x140 [ 348.319679][ T59] ? hfs_ext_find_block+0x190/0x190 [ 348.324883][ T59] ? writeback_sb_inodes+0x330/0xef0 [ 348.330182][ T59] hfs_write_inode+0x92/0x7d0 [ 348.334872][ T59] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 348.340305][ T59] ? __writeback_single_inode+0x48d/0xee0 [ 348.346039][ T59] ? __lock_acquire+0x7c80/0x7c80 [ 348.351097][ T59] ? do_raw_spin_lock+0x121/0x2c0 [ 348.356143][ T59] ? __rwlock_init+0x150/0x150 [ 348.361015][ T59] __writeback_single_inode+0x705/0xee0 [ 348.366584][ T59] writeback_sb_inodes+0x77c/0xef0 [ 348.371901][ T59] ? queue_io+0x560/0x560 [ 348.376248][ T59] ? rcu_is_watching+0x15/0xb0 [ 348.381027][ T59] wb_writeback+0x450/0xba0 [ 348.385550][ T59] ? queue_io+0x341/0x560 [ 348.389977][ T59] ? percpu_ref_tryget+0x250/0x250 [ 348.395101][ T59] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 348.401175][ T59] ? _raw_spin_unlock_irq+0x23/0x50 [ 348.406383][ T59] wb_workfn+0x3ff/0xe20 [ 348.410651][ T59] ? inode_wait_for_writeback+0x200/0x200 [ 348.416390][ T59] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 348.422431][ T59] ? read_lock_is_recursive+0x20/0x20 [ 348.427845][ T59] ? _raw_spin_unlock_irq+0x23/0x50 [ 348.433055][ T59] ? process_scheduled_works+0x957/0x15b0 [ 348.438787][ T59] ? process_scheduled_works+0x957/0x15b0 [ 348.444516][ T59] process_scheduled_works+0xa45/0x15b0 [ 348.450087][ T59] ? assign_work+0x400/0x400 [ 348.454871][ T59] ? assign_work+0x39e/0x400 [ 348.459468][ T59] worker_thread+0xa55/0xfc0 [ 348.464071][ T59] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 348.469993][ T59] ? _raw_spin_unlock+0x40/0x40 [ 348.474862][ T59] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 348.480769][ T59] kthread+0x2fa/0x390 [ 348.484844][ T59] ? pr_cont_work+0x560/0x560 [ 348.489619][ T59] ? kthread_blkcg+0xd0/0xd0 [ 348.494228][ T59] ret_from_fork+0x48/0x80 [ 348.498665][ T59] ? kthread_blkcg+0xd0/0xd0 [ 348.503275][ T59] ret_from_fork_asm+0x11/0x20 [ 348.508060][ T59] [ 348.554279][ T59] hfs: new node 0 already hashed? [ 348.571784][ T59] ------------[ cut here ]------------ [ 348.577854][ T59] WARNING: CPU: 1 PID: 59 at fs/hfs/bnode.c:520 hfs_bnode_create+0x3b9/0x440 [ 348.587081][ T59] Modules linked in: [ 348.591022][ T59] CPU: 1 PID: 59 Comm: kworker/u4:4 Not tainted syzkaller #0 [ 348.599817][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 348.610940][ T59] Workqueue: writeback wb_workfn (flush-7:2) [ 348.617465][ T59] RIP: 0010:hfs_bnode_create+0x3b9/0x440 [ 348.623160][ T59] Code: c3 c0 8a 89 ee e8 57 b3 0d 08 e9 73 fd ff ff e8 ad 78 2f ff 4c 89 ef e8 25 af 22 08 48 c7 c7 80 c3 c0 8a 89 ee e8 37 b3 0d 08 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fc ff ff 4c [ 348.643665][ T59] RSP: 0018:ffffc900015a6e18 EFLAGS: 00010246 [ 348.650263][ T59] RAX: 000000000000001f RBX: ffff888024f6a000 RCX: d7dfbf5991ed0500 [ 348.658819][ T59] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 348.667201][ T59] RBP: 0000000000000000 R08: ffffc900015a6b27 R09: 1ffff920002b4d64 [ 348.675238][ T59] R10: dffffc0000000000 R11: fffff520002b4d65 R12: 0000000000000000 [ 348.683633][ T59] R13: ffff888024f6a0e0 R14: ffff888143763a00 R15: dffffc0000000000 [ 348.692111][ T59] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 348.702332][ T59] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 348.709399][ T59] CR2: 0000000000000000 CR3: 000000000cb30000 CR4: 00000000003506e0 [ 348.717857][ T59] Call Trace: [ 348.721183][ T59] [ 348.724144][ T59] hfs_bmap_alloc+0x53b/0x5c0 [ 348.729230][ T59] ? hfs_bmap_reserve+0x430/0x430 [ 348.734308][ T59] ? lock_acquire+0xcb/0x410 [ 348.739666][ T59] hfs_btree_inc_height+0xf7/0xac0 [ 348.744849][ T59] ? __rwlock_init+0x150/0x150 [ 348.750036][ T59] ? folio_activate_fn+0x1f60/0x1f60 [ 348.755478][ T59] ? hfs_brec_insert+0xbd0/0xbd0 [ 348.761118][ T59] ? do_raw_spin_unlock+0x121/0x230 [ 348.766763][ T59] hfs_brec_insert+0x742/0xbd0 [ 348.771588][ T59] ? hfs_brec_keylen+0x360/0x360 [ 348.776959][ T59] __hfs_ext_write_extent+0x2a1/0x470 [ 348.782412][ T59] hfs_ext_write_extent+0x162/0x1e0 [ 348.788137][ T59] ? verify_lock_unused+0x140/0x140 [ 348.793392][ T59] ? hfs_ext_find_block+0x190/0x190 [ 348.799131][ T59] ? writeback_sb_inodes+0x330/0xef0 [ 348.805896][ T59] hfs_write_inode+0x92/0x7d0 [ 348.810629][ T59] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 348.816498][ T59] ? __writeback_single_inode+0x48d/0xee0 [ 348.822275][ T59] ? __lock_acquire+0x7c80/0x7c80 [ 348.827821][ T59] ? do_raw_spin_lock+0x121/0x2c0 [ 348.833323][ T59] ? __rwlock_init+0x150/0x150 [ 348.838701][ T59] __writeback_single_inode+0x705/0xee0 [ 348.844292][ T59] writeback_sb_inodes+0x77c/0xef0 [ 348.849814][ T59] ? queue_io+0x560/0x560 [ 348.854164][ T59] ? rcu_is_watching+0x15/0xb0 [ 348.859253][ T59] wb_writeback+0x450/0xba0 [ 348.863861][ T59] ? queue_io+0x341/0x560 [ 348.868538][ T59] ? percpu_ref_tryget+0x250/0x250 [ 348.873681][ T59] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 348.879956][ T59] ? _raw_spin_unlock_irq+0x23/0x50 [ 348.885167][ T59] wb_workfn+0x3ff/0xe20 [ 348.889727][ T59] ? inode_wait_for_writeback+0x200/0x200 [ 348.895564][ T59] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 348.901830][ T59] ? read_lock_is_recursive+0x20/0x20 [ 348.907985][ T59] ? _raw_spin_unlock_irq+0x23/0x50 [ 348.913713][ T59] ? process_scheduled_works+0x957/0x15b0 [ 348.919828][ T59] ? process_scheduled_works+0x957/0x15b0 [ 348.925575][ T59] process_scheduled_works+0xa45/0x15b0 [ 348.931513][ T59] ? assign_work+0x400/0x400 [ 348.936361][ T59] ? assign_work+0x39e/0x400 [ 348.940966][ T59] worker_thread+0xa55/0xfc0 [ 348.945554][ T59] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 348.952287][ T59] ? _raw_spin_unlock+0x40/0x40 [ 348.957446][ T59] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 348.963658][ T59] kthread+0x2fa/0x390 [ 348.968083][ T59] ? pr_cont_work+0x560/0x560 [ 348.972784][ T59] ? kthread_blkcg+0xd0/0xd0 [ 348.977518][ T59] ret_from_fork+0x48/0x80 [ 348.981975][ T59] ? kthread_blkcg+0xd0/0xd0 [ 348.986616][ T59] ret_from_fork_asm+0x11/0x20 [ 348.991530][ T59] [ 348.994557][ T59] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 349.001839][ T59] CPU: 1 PID: 59 Comm: kworker/u4:4 Not tainted syzkaller #0 [ 349.009213][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 349.019269][ T59] Workqueue: writeback wb_workfn (flush-7:2) [ 349.025265][ T59] Call Trace: [ 349.028543][ T59] [ 349.031472][ T59] dump_stack_lvl+0x16c/0x230 [ 349.036260][ T59] ? show_regs_print_info+0x20/0x20 [ 349.041503][ T59] ? load_image+0x3b0/0x3b0 [ 349.046020][ T59] panic+0x2c0/0x710 [ 349.049945][ T59] ? bpf_jit_dump+0xd0/0xd0 [ 349.054448][ T59] ? ret_from_fork_asm+0x11/0x20 [ 349.059392][ T59] __warn+0x2e0/0x470 [ 349.063387][ T59] ? hfs_bnode_create+0x3b9/0x440 [ 349.068427][ T59] ? hfs_bnode_create+0x3b9/0x440 [ 349.073471][ T59] report_bug+0x2be/0x4f0 [ 349.077903][ T59] ? hfs_bnode_create+0x3b9/0x440 [ 349.083123][ T59] ? hfs_bnode_create+0x3b9/0x440 [ 349.088172][ T59] ? hfs_bnode_create+0x3bb/0x440 [ 349.093212][ T59] handle_bug+0xcf/0x120 [ 349.097577][ T59] exc_invalid_op+0x1a/0x50 [ 349.102094][ T59] asm_exc_invalid_op+0x1a/0x20 [ 349.106949][ T59] RIP: 0010:hfs_bnode_create+0x3b9/0x440 [ 349.112598][ T59] Code: c3 c0 8a 89 ee e8 57 b3 0d 08 e9 73 fd ff ff e8 ad 78 2f ff 4c 89 ef e8 25 af 22 08 48 c7 c7 80 c3 c0 8a 89 ee e8 37 b3 0d 08 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fc ff ff 4c [ 349.132262][ T59] RSP: 0018:ffffc900015a6e18 EFLAGS: 00010246 [ 349.138436][ T59] RAX: 000000000000001f RBX: ffff888024f6a000 RCX: d7dfbf5991ed0500 [ 349.146427][ T59] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 349.154594][ T59] RBP: 0000000000000000 R08: ffffc900015a6b27 R09: 1ffff920002b4d64 [ 349.162602][ T59] R10: dffffc0000000000 R11: fffff520002b4d65 R12: 0000000000000000 [ 349.170602][ T59] R13: ffff888024f6a0e0 R14: ffff888143763a00 R15: dffffc0000000000 [ 349.178692][ T59] ? hfs_bnode_create+0x3b9/0x440 [ 349.183744][ T59] hfs_bmap_alloc+0x53b/0x5c0 [ 349.188434][ T59] ? hfs_bmap_reserve+0x430/0x430 [ 349.193558][ T59] ? lock_acquire+0xcb/0x410 [ 349.198256][ T59] hfs_btree_inc_height+0xf7/0xac0 [ 349.203396][ T59] ? __rwlock_init+0x150/0x150 [ 349.208171][ T59] ? folio_activate_fn+0x1f60/0x1f60 [ 349.213656][ T59] ? hfs_brec_insert+0xbd0/0xbd0 [ 349.218629][ T59] ? do_raw_spin_unlock+0x121/0x230 [ 349.223942][ T59] hfs_brec_insert+0x742/0xbd0 [ 349.228817][ T59] ? hfs_brec_keylen+0x360/0x360 [ 349.233771][ T59] __hfs_ext_write_extent+0x2a1/0x470 [ 349.239156][ T59] hfs_ext_write_extent+0x162/0x1e0 [ 349.244379][ T59] ? verify_lock_unused+0x140/0x140 [ 349.249600][ T59] ? hfs_ext_find_block+0x190/0x190 [ 349.254807][ T59] ? writeback_sb_inodes+0x330/0xef0 [ 349.260111][ T59] hfs_write_inode+0x92/0x7d0 [ 349.264801][ T59] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 349.270185][ T59] ? __writeback_single_inode+0x48d/0xee0 [ 349.275921][ T59] ? __lock_acquire+0x7c80/0x7c80 [ 349.281043][ T59] ? do_raw_spin_lock+0x121/0x2c0 [ 349.286170][ T59] ? __rwlock_init+0x150/0x150 [ 349.291046][ T59] __writeback_single_inode+0x705/0xee0 [ 349.296710][ T59] writeback_sb_inodes+0x77c/0xef0 [ 349.301940][ T59] ? queue_io+0x560/0x560 [ 349.306292][ T59] ? rcu_is_watching+0x15/0xb0 [ 349.311067][ T59] wb_writeback+0x450/0xba0 [ 349.315584][ T59] ? queue_io+0x341/0x560 [ 349.319931][ T59] ? percpu_ref_tryget+0x250/0x250 [ 349.325143][ T59] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 349.331155][ T59] ? _raw_spin_unlock_irq+0x23/0x50 [ 349.336400][ T59] wb_workfn+0x3ff/0xe20 [ 349.340674][ T59] ? inode_wait_for_writeback+0x200/0x200 [ 349.346413][ T59] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 349.352409][ T59] ? read_lock_is_recursive+0x20/0x20 [ 349.357796][ T59] ? _raw_spin_unlock_irq+0x23/0x50 [ 349.363017][ T59] ? process_scheduled_works+0x957/0x15b0 [ 349.368757][ T59] ? process_scheduled_works+0x957/0x15b0 [ 349.374589][ T59] process_scheduled_works+0xa45/0x15b0 [ 349.380158][ T59] ? assign_work+0x400/0x400 [ 349.384766][ T59] ? assign_work+0x39e/0x400 [ 349.389373][ T59] worker_thread+0xa55/0xfc0 [ 349.393981][ T59] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 349.399885][ T59] ? _raw_spin_unlock+0x40/0x40 [ 349.404839][ T59] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 349.410794][ T59] kthread+0x2fa/0x390 [ 349.414882][ T59] ? pr_cont_work+0x560/0x560 [ 349.419749][ T59] ? kthread_blkcg+0xd0/0xd0 [ 349.424348][ T59] ret_from_fork+0x48/0x80 [ 349.428776][ T59] ? kthread_blkcg+0xd0/0xd0 [ 349.433383][ T59] ret_from_fork_asm+0x11/0x20 [ 349.438257][ T59] [ 349.441572][ T59] Kernel Offset: disabled [ 349.445893][ T59] Rebooting in 86400 seconds..