last executing test programs: 12m4.472873393s ago: executing program 2 (id=395): r0 = syz_open_dev$sndctrl(&(0x7f0000001780), 0xb, 0x101001) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000001c0)={{0x1, 0x2, 0x80000001, 0xd, 'syz0\x00', 0x7}, 0x3, 0x30, 0x8, 0x0, 0x1, 0xa, 'syz0\x00', &(0x7f0000000040)=['syz0\x00'], 0x5}) 12m3.739673762s ago: executing program 2 (id=399): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, 0x0, 0x0) 12m3.035022878s ago: executing program 2 (id=404): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="940300007d0000000556020000feffffff0003000000000000000000000000000400000002000000000000000000000000001f00026e6f6465767b6276626f7825ffffff810200002000000092060000100000860070020079fa0000187b82d9b500002b595fcb14034354b9fd9ef1a51cd5157adc8106b494e1af4241c5fda58a7f2f7697022202da6ecb05eb24a526eca549d2f1a88f784256a65e2d3d6a5ffdc5ffd5b74b47827b5d63ab970f44765163fc1955dfc3c51d6b0398bb6a4a000000000073f50000000000000000000000000000000000000000003501cfc2001000000005000000d860ccf600e8dfceaf22fcf499a5472074c10d6ed9b5902c9afc3a94200cc221f2cb3b91043cac5596b4c289d49a58ceff7cca4b7dc52ca90951d43226440d5533daad72ffc68ba01733bdebe3ecafbedc25515bf9eafd42c85368d3f8ae5d7a113cc1979c31bae7782722110d227a7af25265a0056aff25832ec6900833ad7b3249ddf541a4c13d080c4634f9a701000000000000004a00873e64f673e0b56413d3143a96473775d6299d475ffdc2f36e1a9d6a81988269e72d1193e7afd89bc760a513b33f301729b930a7d39103f2464b5a21ebbf862fbfd675f04cd92a0000bd7b3547bb6e42a0383d948c1d1ea01745800ec4d1a23d406b4954d20c3453c2a5772681d3c45da8b3eedeac2be9c5a193c3ecb86ec049a50bbfe7a62baa2b27081b033980dbc76adcb1b92b71580cb31dc34cc7cdb80ed951e9f66864dd4638ef5f053ce8684ca9070d0eeb78e49a127dc240525fdd612003d2eda2687b599b6e79678054e9012b2a6b007142601a6b79db919534344900f8f669fb716dcf315e460985409ac682cc00a89cbd86aaa105e3cb008c2c3b9e1d52c36cde7ba4451b3407dbc8bfc84baf050000000600000047ec16cabff20f9c1c577b7468be36f4c5006f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b03f238593aed3b42ee7cac05de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x394) 12m2.414936729s ago: executing program 2 (id=408): r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x1, &(0x7f0000000000)=[{0x0, 0x1, {0x0, 0xff}, {0x2, 0x0, 0x3}, 0x0, 0x2}], 0x20) 12m1.766889479s ago: executing program 2 (id=412): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x3, 0x1d9, &(0x7f0000000f00)="$eJzsmT9v00AYxp87u45bUCUWBhYYKlGk1rFdQF0YyidAavknFiLqRgEnQY6HJBJDxMLCx+ArMGRiYGNjhQGQkBjIyGx0lzfxESchEUQg9f1JPT939957d2+TJ1IChmFOLV8+//j08ub+0Q6As9hCica/WXmMNOI/uiQ+vHrb2HzWn8wnAGTZ4vvbAN4cWEipn2W/rt6i5xHkWN+GxBXSdyHgkX4IiTukIwjcJ/3Y0M11EnHkPWrGxye1OPJVE6gmPKnVzxTON+gJHANw6XzCmG91uk8qcRwlk2ItG+1TmFpW/KZ+9uBA4oZRP/X/uvfieU/1R7XxjfoFkAhI70HgkPQ+SvA8Ly+Jcf8Ldp7fWuT+/0I8cAFz5NzuvFU7/8WZWcwXzt/PLIyRdSXUG3o8cn7Qf1dc9XWVN7202hqCPLsw9X7jzzI7ZAJTY3L/VJZ72fAnG/bYP8pp/Wm51enu1uqValSNGmG4d92/6vvXwrI2omE7x/9c7U8bRv61GbGOcNCupGkStIE0CYb90adbEhqOe/i6+V2PSu1/Etubwyj1UtHXLk3fQ9Cf1E+ltq2Zh2cYhmEYhmEYhmEYhmEYhlmKixD6W1D6oSqbQXhLR/8MAAD//79xXyI=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 12m0.973180668s ago: executing program 2 (id=418): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000640)={r0, &(0x7f0000000280), 0x0}, 0x20) 11m45.531032888s ago: executing program 32 (id=418): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000640)={r0, &(0x7f0000000280), 0x0}, 0x20) 9m47.515314779s ago: executing program 3 (id=1051): r0 = socket(0x1000000010, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000c00)=@deltfilter={0x24, 0x2d, 0x1}, 0x24}}, 0x0) 9m46.763510167s ago: executing program 3 (id=1055): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f00000006c0)=0x1000, 0x4) 9m46.096040015s ago: executing program 3 (id=1059): socket$inet(0x2, 0x3, 0x1) syz_emit_ethernet(0x6e, &(0x7f0000000080)={@random="9de05b7bd0c8", @random="2b89a1b7a248", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x1, 0x0, 0x3, 0x0, 0x0, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@local}, {@empty}, {@loopback}]}, @timestamp_prespec={0x44, 0x14, 0x66, 0x3, 0x0, [{@local, 0x10}, {@multicast2}]}]}}}}}}}, 0x0) 9m45.42280221s ago: executing program 3 (id=1063): rt_sigaction(0x40, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000640)) syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 9m44.275509482s ago: executing program 3 (id=1072): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) 9m42.475292557s ago: executing program 3 (id=1081): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x1, "001a6c996b0267d99ad44ad9421d5f09ea71462a7b7bc391f03ba1d7ac6e8862", 0x50313459}) 9m27.185459957s ago: executing program 33 (id=1081): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x1, "001a6c996b0267d99ad44ad9421d5f09ea71462a7b7bc391f03ba1d7ac6e8862", 0x50313459}) 4m54.981594577s ago: executing program 6 (id=2221): seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9"], 0xfe, 0x2ae, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGblE7hw4Xu4cy+48Q0EH8CdgxSO3NzbJLZp2rSmlfr7bXo45/vu+U7uabO43NPPXxsePHw6evz869+i1cqi1otevMiiE7U4lioBANwKL1KKPy71/V6vbaomAGCzFr7/G2eEbJ/uenvTZQEAG/ThRx+/f39/f++DPG9FDL8d97Mof5bj9x/HkxjEo7gb7TiaPwtIqWy/+97+XtTzQifuDCfjfpE5/OyXxccGRX432tFZnt/NSwv5k3G/ES9HZFnEk15RyL1oxyun8ovxvXtL8qPfjDda1SKL+XejHb9+EU9jEA+nzzTm83/TzfN30nd/fvVJEVzkZ5Nxf3saN5e2rvveAAAAAAAAAAAAAAAAAAAAAABwe+3mM524Myy6qvN3to6m47v/GJ+er1Objpf5WURz2jhxPtAkxQ/H5+vczfM8ZWX8/Hyferxaj/qNLRwAAAAAAAAAAAAAAAAAAAD+Q0bPvjx4MBg8OvxXGtVL/rPX+i97nd5Cz+uxOnh7rbliqwovaj0Z0/350+Gsp1jEZYofN/KIVTU3TvW8VNRz/pX/SimlLIu42m1qXGSucxo7q2OKD/in73fePHiQnfcZto5v3I+LQ804HD07cU8jW6fCtNb2a66IaVY75kLX2bniL9Fbv5eTVT3ZGqtoVI04a/u11trP1/c3CAAAAAAAAAAAAAAAAAAAKM1f+l0y+Hxlam1jRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANZv///81GpMqeXlMSmky62nG4eiGlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wN8BAAD//7DYbww=") truncate(&(0x7f0000000280)='./file1\x00', 0x3f00) 4m53.881161888s ago: executing program 6 (id=2227): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) syz_clone3(&(0x7f0000000280)={0x100020000, 0x0, 0x0, 0x0, {0xe}, 0x0, 0x0, 0x0, &(0x7f0000000180)=[0x0], 0x1}, 0x58) 4m51.95291483s ago: executing program 6 (id=2233): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x108) write$cgroup_subtree(r0, 0x0, 0x12) 4m50.300202545s ago: executing program 6 (id=2239): capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x45, &(0x7f0000000000)={0x0, 0x0}, 0x10) 4m49.12901341s ago: executing program 6 (id=2242): r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10) fstat(r0, &(0x7f0000000240)) 4m48.246696835s ago: executing program 6 (id=2247): r0 = socket(0x2, 0x80805, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x7d, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) 4m31.600741811s ago: executing program 34 (id=2247): r0 = socket(0x2, 0x80805, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x7d, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) 3m10.351751066s ago: executing program 4 (id=2602): r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000000)) 3m9.657651734s ago: executing program 4 (id=2605): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000195"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r0}, 0x10) syz_socket_connect_nvme_tcp() 3m8.698166713s ago: executing program 4 (id=2610): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000001480)={0x3, 0x0, @ioapic={0x4, 0x2, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}]}}) 3m5.806620091s ago: executing program 4 (id=2617): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000), 0x6) 3m5.080796375s ago: executing program 4 (id=2622): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) 3m4.635509469s ago: executing program 4 (id=2623): unshare(0x40020000) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="041817aaaaaaaaaa10"], 0x1a) 2m48.174431118s ago: executing program 35 (id=2623): unshare(0x40020000) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="041817aaaaaaaaaa10"], 0x1a) 6.727844525s ago: executing program 7 (id=3521): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x101840) ioctl$DRM_IOCTL_GET_STATS(r0, 0x807c6406, &(0x7f0000010d00)=""/245) 6.307634267s ago: executing program 7 (id=3525): ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'}) r0 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x0) ioctl$SG_GET_VERSION_NUM(r0, 0x2284, &(0x7f0000000080)) 5.841732291s ago: executing program 7 (id=3530): syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000011620140480b05101e8c00000001090212000100000000090401"], 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) write(r0, 0x0, 0x0) 5.504905253s ago: executing program 1 (id=3533): unshare(0x20000400) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) 4.93709494s ago: executing program 1 (id=3536): r0 = memfd_create(&(0x7f0000000300)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x04\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7\xb6\xe8\xb0jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05w\x91\xcbf\xea[^\x17\x03\xd9\x8f\xe2l\xf4\xc2\xc4%\x82\xfe\xe7-m\x0e\xd4\xfb\x89>\x97\xbf\xe9\xd3?\x90\x0e\xd3\n \xe9\xee\x9fc\x8b\x05\xd8\xaa\xc0\xb6\xc4\x1c,\x81\x9e\x81\r\x82Ner\xab\xd6\xd3\xd8Q7h\xfa,\xe9\x13\x05\x1b\xb4\xbf\xea\xe0?\xc5\xeb\x17\x1aV\x9d%\x8c\xfd}^\x04\xd1\xec\x03\xa7\xcf\xf0v\x88)\xb6\x87\xb0\x0f(o\xca(\xf7\xf4#\x8e\x0f,Z\x8c \xa0N\xe1\xed\x906\xf0\x9a\f$\xd1\xe93\n\x95\xfb*|>\xf1\xaa\x17\x9a\x8bNW)u/6lM\xa6+\x7f(\xafp\xd5\xcd\xb9K\xdd\n\xaf\vW{q[\xc7\x84/\xc3*\xf9\xce\not\xd0\xf2\xf0\xe0\x98b\x13`\x8a^\x8c\x9e*\xebcj\x05f\n\x98eN\x17\xf9$\x9fR\xe5+S\x1a\x88e\xce\x0f\x035\"Cd>\x1e\x12\xb3\xbd\x00\x16\xa8\xf3\x89\v\xd3\xf6\x05\xa6R\xc0t\x1c\x9d\xda', 0x4) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0x3, 0x2012, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) 4.902419401s ago: executing program 0 (id=3537): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB='flush_merge,fastboot,background_gc=off,noinline_dentry,mode=lfs,fsync_mode=strict,flush_merge,prjjquota=,fsync_mode=strict,background_gc=sync,resgid=', @ANYRESHEX=0xee01, @ANYRES8=0x0], 0x1, 0x552b, &(0x7f0000000240)="$eJzs3L1vG2UYAPDHTtNvSoQY2HpShZRItVWnH4KtQCs+RKqowMAEju1YprYvih0nZGJgRAz8JwgkJkb+BgZmNsQAYkMC+e5MG6CiSpyaJL+fdH7uffve4+e1qijPXeQATqyF5LdfSnEpzkXEXERcjMjOS8WRuZ2HFyLickSUHzlKxfxfE6cj4nxEXBonz3OWin/64uroys2f3/r12+/PnLrw5Tc/zG7XwKy9GBG9jfx8u5fHtB0RZx6uqY86WezdGBUxv6D3oBinedxurWUZtuuTdfUsXm/n69ONrcE4rnfrjXFsd9az+Y1+O4uDUXuSJ7vgo/pmNm621rLYGaRZbO/mde3s5j/bdgfDPE+zyPdxlj6Gw0nM51s7rXw/Gw+y2OgPi/k8b9ps7YzjqIjF20Uj7TazOtYO8EH/z73d6W/tJKPW5qCT9pOb1dpL1dqtSm0zbbaGrRuVeq9560ay2O6Ol1WGrXrvdjtN291WtZH2lpLFdqNRqdWSxTuttU69n9Rq1evVa5WbS8XZ1eT1e+8l3WayOI6vdvpbw053kKynm0l+xVKyXL3+8lJypZa8s7KarN6/e3dl9d0P7rx/75WVN18rFv2jrGRx+drycqV2rbJcWzpB+/+0KHqK+4cDKe37yvJU6wA4Qg7a/89N+v/Q/wNP7rH9/7j/Lub31/9v3o84/P4/9P9TcaT635Pe/x/C/uFA9t//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwxP04/9Ub2clCPr5QzD9TTD1XjEsRUY6IP/7FXJzek3OuyDP/mPXzf6vhu1JkGcbvcaY4zkfE7eL4/dnD/hQAAADg+Pr6k8uf5916/rIw64J4mvKbNuWLH04pXyki5hd+mlK28vjl+Skly/5/n4qdKWXLbmCdnVKy/JbbqWlleyJze8LZR0IpD+X/yvB06wUAAKZhbyfgt3oAAIDj67NZF8BslGLyKHPyLDj7y/uHDwTP7RkBAAAAR1Bp1gUAAAAAhy7r/33/HwAAABxv+ff/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Cc793ObOBDFAfjZ4IX9p0WrvW8re4MytoQ97jGigDRBCaSFNEAN5JYSIogYOyhEJIrksa2g75PMMBb8eEZwmDeSAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAunRXrRc3V7+v2+bs9u3kuRoAAADgnG21XqQns3r+tTn/vTn1s5kXEVFGxLm1+yg+nWSOmpzqlddXL2q4jUgJh8+YNMeXiPjTHA8/uv4WAAAA4HJtlqt5vVqvH2ZDF0Sf6qZN+e1vprwiIqrZfaa08pD3K1NY+n2P4/9xvm/VUkoNrGmGspLUchvnSnuX9Hc/du2mz4aiHsq335/t2gEAgB6NToZ+VyEAAAD06d/QBTCMIp62Mo9bgZN6aLb3Pp/MAAAAgA+oGLoAAAAAoHNp/e/+fwAAAHDZ6vv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KVttV5slqt525zdvp08VwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8sj+nOBTDUAwAnb90YVXuf9jKKikqLZlBdqyABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAk5F87+Wq40jyS/Jp+Pd5Jlk6NaydGrbODXs/zBcPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICT/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+63e//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmdnY6tijLKHiCh40Ivdbmtrb+JBiT34Jwgh3dbYrT/aHGwpQhC8ac69iB5FBCXeevEPkJ5b6CXecthDBA+eIjM7k8wmwWxSmNkknw+8ed8dhnnf9xZKv/MmCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQG727HcXqYHsaN/NzDjbsLaf9oR5+6v/J4Nm1pHFWZ9NHwcvlD1K4vEQAAAI6X/6vB46K+DyGsJatzad+Yzur/pLgmrfl/eHb0Xjvr/qIvav+0/f7b+otbA309HCe96dXFfu/s7lSaTz7To+m5fa84la189uwlzr6QxuXlFwZJtp7Rtw8evNfKwqkqsgUADuNM0edB8f+htO/WmRgAJ0azVHgX9X88XW9OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFUYLIenizgKIcw2t+PUo427C3v191cezxbt4r17K+V7prdIQghXF/u9sxXOZdLdun3n+ny/37tZffBKCKGu0d/Jp3/9ozEuDqGW9REcNojDyJlG/mXXm9i/m3Uvy8GCGv9RAgDgWEryltb1a8nqXHoumglh88fR+v/1UhzGrP/XP774sDxWuf7vVjbDyddZuvF559btO28u3pi/1rvW+/Stc923u+cvXbhwqZM9K+ns+8Tkz+8+mKouYQAAAI6cVt7K9X9jZvf+/+lSHMas/7/4vvtVeaxY/b+n7U2/ujMBAAA42Z5/9Z+/oz3OR61W+HJ+aelmd3jc+nxueKwh1QObylu5/o9n6s4KAAAAqMJgORrZ/79SisOY+//P/PTSL+V7xiGEU/n+/5mFz/pXqpvORKviz4nrniMAAAC1yn6W6/Ifo/v/Sfb+fyMqX/TGa8M4/xnAser/+P1vfi4PVn7//3xlU5xMjfZwPbK+HUKzXXdGAAAAHGdP5S0t9v9KVuc++fX0hy3v/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABU7b8AAAD//4cYQew=") 4.663464596s ago: executing program 5 (id=3538): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETS(r0, 0x89f2, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x7ff, 0x0, "5dee00ffffff004000"}) 4.292131337s ago: executing program 1 (id=3539): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xf0b, 0x3, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0x6a9f0eede9332711}, {0xfff3, 0xffff}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_INGRESS={0x8, 0xf, 0x1}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000) 3.31902131s ago: executing program 5 (id=3541): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x1, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xd, 0x4, 0x4, 0xa4, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 3.272141967s ago: executing program 1 (id=3542): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@data_err_ignore}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@user_xattr}, {@user_xattr}]}, 0xfe, 0x47d, &(0x7f00000002c0)="$eJzs3MtvG8UfAPDvbh59/fJLKOXR0tJAQVQ8kiZ90AMXEEg9gIQEhyJOIUmr0LRFjZFoVYnAoRxRJe6I/wJxgguvC0hc4Y4qVSgXClyM1rvbuMZOncaJ2/jzkTaZ8U4y893dsWdnbAfQs0azH0nE/yLi14gYzrO3FhjNf91Yujz919Ll6SSq1Tf+SGrl/ly6PF0WLf9uR56pVov8lib1Xnk7Ymp+fvZCkR+vnH1vfOHipefmzk6dnj09e27y+PEjh/cNHps82pE4yzbs3X3irauvTZ+8+s4PSRp53NEQR6eM5ke3qSc7XVmXDdWlk/76Pft/Wk43uxLopr6IyE7XQK3/D0dfbLu5bzhe+birjQPWVbVara7wrLxYBTaxJLrdAqA7yhf67P633DZo6HFXuP5ifgOUxX2j2PI9/ZHmif0DDfe3nTQaEScX//4822Kd5iEAAOp9nY1/nm02/kvjwTwxmP34f7E2NBIR90XEzoi4PyJ2RcQDEbWyD0XEw6usv3GF5L/jn/TaHQfXhmz890KxtnXr+C8ti4z0FbmhWvwDyam5+dlDxTE5GANbTs0lsxMr1PHNy7982mpf/fgv27L6y7Fg0Y5r/Q0TdDNTlam1xFzv+kcRe/qbxZ9EuYyTRMTuiNhzh3XMPd3fct/t419B63/btuoXEU/l538xGuIvJS3XJyeePzZ5dHxrzM8eGi+viih6yrIff77yeqv61xR/B2Tnf3vT6/9m/CPJ1oiFi5fO1NZrF1Zfx5XfPml5T7Ny/EON1/+JoeL6H0zerD0wWOz4YKpSuTARMZi8Wv/4UkRULkwu11crN7lcPov/4IHm/X9nLB+JRyJib0Tsi4hHs5vCou2PRcTjEXFghfi/f+mJd1cf/8aslWbxz9zu/Ef9+V99ou/Mt1/dPv6tEVEX//FyciI7/0dqqYPF37Tz/NduA9d8AAEAAOAekL8HPknHbqbTdGwsfw//rtiezp9fqDxz6vz752by98qPxEBaznQNR8R3xXzoRDE3XM6PTjbkDxfzxp/1bavlx6bPz890O3jocTta9P/M733dbh2w7jqwjgbco/R/6F36P/SmRP+Hnqb/Q+9q1v8/bFl67Mt1bQywobz+Q+9qo/8v5r9ajwqAe5PXf+hd+j/0pJafjU/X9JH/DU/8U3yf4d3Sns2fiPSuaMbmT/S3/WUWq0hUi6+oyR7Z0rRMt5+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuPfAAAA//97l+di") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 3.0319937s ago: executing program 8 (id=3543): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x8, 0x1, 'udp\x00'}, @NFTA_MATCH_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 2.614559844s ago: executing program 5 (id=3544): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0) sendfile(r0, r0, 0x0, 0x7f03) 2.503677813s ago: executing program 0 (id=3545): timer_create(0xfffffffd, 0x0, &(0x7f00000011c0)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x77359400}}, 0x0) timer_delete(0x0) 2.222671746s ago: executing program 8 (id=3546): mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x23) mount(0x0, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='fusectl\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x21, 0x0) 2.10822272s ago: executing program 5 (id=3547): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x6c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}}, 0x0) 2.016140748s ago: executing program 1 (id=3548): r0 = socket(0x28, 0x805, 0x0) connect$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) connect$pppoe(r0, 0x0, 0x0) 1.949403182s ago: executing program 7 (id=3549): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000040)={0x5}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000280)={0x5, 0x0, 0x3}) 1.914938983s ago: executing program 0 (id=3550): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0) 1.587568239s ago: executing program 8 (id=3551): sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="000426bd7000fcdbdf250c00000034000980080002000010000008000100fbffffff08000100ffffff7f08000200d63c0000080001000400000008000100090000002c0101800d0001007564703a73797a3200000000380004001400010002004e23ac1e00010000000000000000200002000a004e227ffffffffc00000000000000000000000000000001000080080003000400000038000400200001000a004e2000000009ff020000000000000000000000000001040000001400020002004e240000000000000000000000004c00028008000300ff0100000800040001040000080003000900000008000200f6000000080001001c0000000800020001000000080001001a0000000800030009000000080001001700000054000280080001001c00000008"], 0x2d0}, 0x1, 0x0, 0x0, 0x40408c1}, 0x40) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x822b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8) 1.542999161s ago: executing program 0 (id=3552): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) pidfd_send_signal(r0, 0x4, &(0x7f0000000280)={0x8, 0xfffffffc, 0x1}, 0x0) 1.319949668s ago: executing program 5 (id=3553): syz_mount_image$exfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000340)={[{@fmask={'fmask', 0x3d, 0x2}}, {@gid}, {@allow_utime={'allow_utime', 0x3d, 0x7}}, {@errors_continue}, {@umask={'umask', 0x3d, 0x7}}, {}, {@namecase}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@gid}, {@namecase}]}, 0x1, 0x152d, &(0x7f00000034c0)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSXLLLVn/Z8Lf6dT5dy79j/OceX/Psx/rtfZa+93f+13W3jPzfddlSK3Gtas3JCL4t+CFf5IAIBYABgBAXgAIAKB8XPm4rP6cEpP+vYOwP9dDqVc6A3Ylcf2zN65/9sb1z964/tkb1z974/pnb1z/7I3rz1h2tnFqoWt4y74b3//Pzvjz/39IZpkxX60uc11XgJh/dAjXP3vj+v/PCv6Rnbj+2RvXP7uKvdIJsP8C/PrPDnL83R6uf/bG9WcsO7vS95+v9AaR/7LH4HDOC4X5T50/Y4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDH2H3DaX6YA4FL7SufFGGOMMcYYY4yxP4/PcaUzYIwxxhhjjDHG2P9/CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgP7ocHoAE8CA3hIWgED0NjeASawKPQFJpBc2gBLf+l8S9AD3gRekIvSILe0Adegr7QD/rDyzAAXoGB8CoMgtcgGQbDEHgdhsIbMAzehOEwAkbCWzAK3obRMAbGwjhIgfEwAd6BifAuTIL3YDJMgVSYCtPgfZgOM2AmfACz4EOYDXNgLsyDNPgI5sMCSIePYSF8AhmwCBbDElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW2ArbYDt8CjvgM9gJu2A3fA574It/cvypvxnfFQEBBQpUqDAGYzAWYzEX5sLcmBvzYB6MYATjMA7zYT7Mj/mxIBbEeIzHIlgEDRokJCyKRTGKUSyOxbEElsBSWAodOkzABCyLN2E5LIflsTxWwApYESthJayCVbAqVsVqWA2rY3WsgTWwFtbCu/Au7I11sS7Ww3pYH+tfuj2FDbEhNsJG2BgbYxNsgk2xKTbH5tgSW2IrbIWtsTW2xbbYDtthe2yPiZiIHbADdsSO2Ak7YWfsjF2wC3bFbtgt84UcgC/ii9gLa4je2Af7YF9MztEfX8aX8RUciK/iq/gaJuNgHIKv4+v4Bg7DkzgcR+BIHIlVxds4GscgiXGYgik4ASfgRJyIWYm+h1MwFafiNJyG03EGzsAPcBZ+iB/iHJyD8zAN03A+LsB0TMeFeAozcBEuxiW4FJfhUlyBK3EFrsY1uBrX4TrcgBtwE27CLbgFt+E2/BQVAH6Gu3AXJuMe3IN7cS/uw324H/djJmbiATyAB/EgHsJDeBgP4xE8isfwKJ7AE3gST+FpPI1n8Syew+fiv2n0aclVySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBP5RD6RX+QXBUVBES/iRRFRRBhhBIkwBgBEVERFcVFclBAlRClRSjjhRIJIEGVFWVFOlBPlxS2igrhVVBSVRBtXRVQRVUVbV03cIaqL6qKGqClqidqitqgj6oi6oq6oJ+qJ+qK+uF88IBqI3tgfHxJZlWksBmMTMQSbimZCXnwHayWGYWvRRrQVT4gROBzbi1YuUTwtOojR2FH8RYzBZ0VnMQ67iOdFV9FNdBcviB6itespeolJ2Fv0EVOwr+gn+ouXxXSsKT7AWTlriddEshgshojXxTx8QwwTb4rhYoQYKd4So8TbYrQYI8aKcSJFjBcTxDtionhXTBLvicliikgVU8U08b6YLmaImeIDMUt8KGaLOWKumCfSxEdivlgg0sXHYqH4RGSIRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is4iFrWKb2C4+FTvEZ2Kn2CV2i8/FHvGF2Cu+FPvEV2K/+Fpkim/EAfGtOCi+E4fE9+Kw+EEcEUfFMXFcnBA/ipPilDgtzoiz4idxTvwszgsvQKIUUkolAxkjc8hYmVPmklfJ3DK4+OheI+PktTKfvE7mlwVkQVlIxsvCsojU0kgrSYayqCwmo/J6WVzeIEvIkrKULC2dLCMT5I2yrLxJlpM3y/LyFllB3iorykqysqwib5NV5e0SIheOUUPWlLVkbXmXTIK7ZV15j6wn75X15X3yfvmAbCAflA3lQ7KRfFg2lo/IJvJR2VQ2k81lC9lSPiZbycdla9lGtpVPyHbySdlePiUT5dOyg/QXnyLPys7yOdlFPi+7ym6yu/xZnpde9pS9JPQG2Ue+JPvKfrJ/LADIV+RA+aocJF+TyXKwHCJfl0PlG3KYfFMOlyPkSPmWHCXflqPlGDlWjpMpcrycIN+RE+W7cpJ8T06WU2SqnCr7ywG/zDRTyj8c/87vjB/0y9E3yI1yk9wst8itcpvcLj+VO+QOuVPulLvlbrlH7pF75V65T+6T++V+mSkz5QF5QB6UB+UheUgeloflEXlUnpHH5Qn5ozwpT8lT8ow8K8/KcxcfA1CohJJKqUDFqBwqVuVUudRVKre6WuVReVVEXaPi1LUqn7pO5VcFVEFVSMWrwqqI0sooq0iFqqgqpqLqerz4hFGlVGnlVBmVoG78Z8ar4uoGVUKV/NX4S/kl/Z38WqqWqpVqpVqr1qqtaqvaqXaqvWqvElWi6qA6qI6qo+qkOqnOqrPqorqorqqr6q66qx6qh+qpeqoklaT6qJdUX9VP9VcvqwHqFTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUydUCfUSXVSnVan1Vl1Vp1T59R5dT5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuC6IH9QICgYFArig8JBkUAHJrCBuFj0aHB9UDy4ISgRlAxKBaUDF5QJEoIbg7LBTUG54OagfHBLUCG4NagYVAoqB1WC24Kqwe1BteCOoHpwZ1AjqBnUCmoHdwV1gruDusE9Qb3g3qB+cF9wf/BA0CB4MGgYPBQ0Ch4OGgePBE2CR4OmQbOgedAiaPmnzu/9yQKPu566l07SvXUf/ZLuq/vp/vplPUC/ogfqV/Ug/ZpO1oP1EP26Hqrf0MP0m3q4HqFH6rf0KP22Hq3H6LF6nE7R4/UE/Y6eqN/Vk/R7erKeolP1VD1Nv6+n6xl6pv5Az9If6tl6jp6r5+k0/ZGerxfodP2xXqg/0Rl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1Tv0Z3qn3qV368/1Hv2F3qu/1Pv0V3q//lpn6m/0Af2tPqi/04f09/qw/kEf0Uf1MX1cn9A/6pP6lD6tz+iz+id9Tv+sz2uftbjP+ng3yigTY2JMrIk1uUwuk9vkNnlMHhMxERNn4kw+k8/kN/lNQVPQxJt4U8QUMVnIkClqipqoiZriprgpYUqYUqaUccaZBJNgypqyppwpZ8qb8qaCqWAqmoqmsqlsbjO3mdvN7eYOc4e509xpapqaprapbeqYOqauqWvqmXqmvqlv7jf3mwamgWloGppGppFpbBqbJqaJaWqamuamuWlpWppWppVpbVqbtqataWfamfamvUk0iaaD6WA6mo6mk+lkOpvOpovpYrqarqa76W56mB6mp+lpkkyS6WP6mL6mr+lv+psBZoAZaAaaQWaQSTbJZogZYoaaoWaYGWaGmxFmZNZC1bxtRpsxZqwZZ1JMiplgJpiJZqKZZCaZyWaySTWpZpqZZqab6WammWlmmVlmtplt5pq5Js2kmflmvkk36WahWWgyTIZZbBabpWapWW6Wm5VmpVltVpu1sNasN+vNRrPRbDabzVaz1Ww3280Os8PsNDvNbrPb7DF7zF6z1+wz+8x+s99kmkxzwBwwB81Bc8gcMofNYXPEHDHHzDFzwpwwJ81Jc9qcNmdNgYufl97E2pw2l73K5rZX2zw2r/3buKAtZONtYVvEapvfFvhVbKy1JWxJW8qWts6WsQn2xt/EFW0lW9lWsbfZqvZ2W+03cR17t61r77H17L22tr3rV3F9e5/NWp00QASwzWwj28I2to/YJvZR29Q2s81tC9vOPmnb26dson3adrDP/CaebxfYlXaVXW3X2J12lz1tz9iD9jt71v5ke9pedoB9xQ60r9pB9jWbbAf/Jh5p37Kj7Nt2tB1jx9pxv4kn2yk21U610+z7drqd8Zs4zX5kZ9l0O9vOsXPtvF/irJzS7cd2of3EZtgAFtsldqldZpfbFZdy9XntOrvebrA77Gd2s91it9ptdvulhbDdZXfbz+0e+4U9YL+1++xXdr89ZDPtN7/EWed3yH5vD9sf7BF71B6zx+0J+6O6NDrr3I/bn+156y0QEpAkRQHFUA6KpZyUi66i3HQ15aG8FKFrKI6upXx0HeWnAlSQClE8FaYipMmQJaKQilIxitL1dCm9UlSaHJWhBLqRytJNVI5upvJ0C1WgW6kiVaLKVIVuo6p0O1WjO6g63Uk1qCbVotp0F9Whu6ku3UP16F6qT/fR/fQANaAHqSE9RI3oYWpMj1ATepSaUjNqTi2oJT1Grehxak1tqC09Qe3oSWpPT1EiPU0d6BnqSH+hTvQsdabnqAs9T12pG3WnF6gHvUg9qRclUW/qQy9RX+pH/ellGkCv0EB6lQbRa5RMg2kIvU5D6Q0aRm/ScBpBI+ktGkVv02gaQ2NpHKXQeJpA79BEepcm0Xs0maZQKk2lafQ+TacZNJM+oFn0Ic2mOTSX5lEafUTzaQGl08e0kD6hDFpEi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6lHfQZ7aRdtJs+pz30BSF9SfvoK9pPX1MmfUMH6Fs6SN/RIfre96If6AgdpWN0nE7Qj3SSTtFpOkNn6Sc6Rz/TefIEIYYilKEKgzAmzBHGhjnDXOFVYe7w6jBPmDeMhNeEceG1Yb7wujB/WCAsGBYK48PCYZFQhya0IYVhWDQsFkbD68Pi4Q1hibBkWCosHbqwTJgQ3hiWDW8Ky4U3h+XDW8IK4a1hxbBS+Mi9VcLbwqrh7WG18I6wenhnWCOsGdYKa4d3hXXCu8O64T1hvfDesFx4X3h/+EDYIHwwbBg+FDYKHw4bh4+ETcJHw6Zhs7B52CJsGT4WtgofD1uHbcK24RNhu/DJsH34VJgYPh12CJ/5pf++BX+/PynsHfYJXwpfCr2/R86NzoumRT+Kzo8uiKZHP44ujH4SzYguii6OLokujS6LLo+uiK6Mroqujq6Jro2ui66Pboh6XzsHOHTCSadc4GJcDhfrcrpc7iqX213t8ri8LuKucXHuWpfPXefyuwKuoCvk4l1hV8RpZ5x15EJX1BVzUXe9K+5ucCVcSVfKlXbOlXEJroVr6Vq6Vu5x19q1cW3dE+4J96R70j3lnnJPuw7uGdfR/cV1cs+6zu4595x73nV13Vx394Lr4cbnufCaTHJ9XB/X1/V1/V1/N8ANcAPdQDfIDXLJLtkNcUPcUDfUDXPD3HA33I10I90oN8qNdqPdWDfWpbgUN8FNcBPdRDfJTXKT3WSX6lLdNDfNTXfTXdUZF44y2812c91cl+bS3HyXtWZMdwvdQpfhMtxit9gtdUvdcrfcrXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9xOn/fCpG6P2+v2un1un9vvvnaZ7ht3wH3rDrrv3CH3vTvsfnBH3FF3zB13J9yP7qQ75U67M+6s+8mdcz+78867lMj4yITIO5GJkXcjkyLvRSZHpkRSI1Mj0yLvR6ZHZkRmRj6IzIp8GJkdmROZG5kXSYt8FJkfWRBJj3wcWRj5JJIRWRRZHFkSWRpZFvG+8ObQF/XFfNRf74v7G3wJX9KX8qW982V8gr/Rl/U3+XL+Zl/e3+Ir+Ft9RV/JV/aP+qa+mW/uW/iW/jHfyj/uW/s2vq1/wrfzT/r2/imf6J/2HfwzvqP/i+/kn/Wd/XO+i3/ed/XdfHf/gu/hX/Q9fS+f5Hv7Pv4l39f38/39y36Af8UP9K/6Qf41n+wH+yH+dT/Uv+GH+Tf9cD/Cj4x5y4+6dIkM43yKH+8n+Hf8RP+un+Tf85P9FJ/qp/pp/n0/3c/wM/0Hfpb/0M/2c/xcP8+n+Y/8fL/Ap/uP/UL/ic/wiy7dVPbL/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1W/z2/2nfof/zO/0u/xu/7nf47/we/2Xfp//yu/3X/tM/40/4L/1B/13/pD/3h/2P/gj/qg/5o/7E/5Hf9Kf8qf9GX/W/+TP+Z/9ef6bNcYYY4yxf8j4y03x654Lt/N7/84Y8Vc79wGAq7cUyvzr/qwV5dr8F9r9RHy7CAA83avLQ5e2GjWSkpIu7pshISg2B+DST4KyxMDleBG0hSchEdpA2d/Nv5/odpb+YP7oLQC5/mpMLFyOL8//JQAm/c78jz0xcn6F8HTc/2P+OQAlil0ekxMux4ug7S/3V9pAub+Tf4FWf5B/zq9SAFr/1ZjccDm+nH8CPA7PQOKv9mSMMcYYY4wxxi7oJyp3unT9eek3Pn/v+jxeXR6TAy7Hf3R9zhhjjDHGGGOMsSvv2W7dn3osMbFNp3++Ue2P91H/2sy/NJrAv5oYN/6lhvcA/7dwAPBvTgiQ1ZD/ybPY9B85VvLFl87fdi094wP47yjln9G4wm9MjDHGGGOMsT/d5UX/r/9fXamEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxbOjf/Y43+Ae+pe9KnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2pf2fAAAA//+Bqfni") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 1.232437717s ago: executing program 1 (id=3554): syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x4b, 0x41, 0x46, 0x8, 0x1660, 0x932, 0x80ea, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x5, 0x10, 0xf}}]}}]}}, 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) writev(r0, &(0x7f00000012c0)=[{&(0x7f0000000080)="12", 0x1}], 0x1) 1.206040706s ago: executing program 7 (id=3555): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r0, 0x107, 0x13, 0x0, &(0x7f0000009080)) 1.12924732s ago: executing program 8 (id=3556): r0 = io_uring_setup(0x479, &(0x7f00000002c0)={0x0, 0x3, 0x40, 0x2, 0x4000020}) close_range(r0, 0xffffffffffffffff, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) 880.233242ms ago: executing program 0 (id=3557): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCDARP(r0, 0x8955, &(0x7f0000000280)={{0x2, 0x4e23, @empty}, {}, 0x6a, {0x2, 0x0, @broadcast}}) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000200)={{0x2, 0x4e22, @empty}, {0x1}, 0x5a, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'dummy0\x00'}) 649.887255ms ago: executing program 7 (id=3558): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000040)) syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[@ANYRES32=0x0], 0xfe, 0x1235, &(0x7f000001aa40)="$eJzs3M9rHGUYB/CHJG1q0vxQa7UF6Yu96GVIcvCiIEFSkC4obSO0gjA1G1123A2ZJbAiRk9ePHjxD/AqHr0J4k0vufg3eMvFYw/qSHca7bZra612Q/h8Lvuw7/tlnmGGgXfZd/Zf/vz99maZbea9mIxXYmIrYuq3FCkm4sDH8cJLP/z47OWr1y6uNhprl1K6sHpl+cWU0vy579768Ovnvu/NvvnN/LfTsbf49v4vKz/vnd47s//7lfdaZWqVqdPtpTxd73Z7+fWimTZaZTtL6Y2imZfN1OqUze2h8c2iu7XVT3lnY25ma7tZlinv9FO72U+9bupt91P+bt7qpCzL0txM8DDWv7pRVVVEVR2L41FVVfVYzMREnIy5mI+FWIzH44l4Mk7FU3E6no5n4sxg1rj7BgAAAAAAAAAAAAAAAAAAgKNl1P7/2bv2/38RMWr//7kxNw8AAAAAAAAAAAAAAAAAAABHxOWr1y6uNhprl1I6EVF8urO+s15/1uOrm9GKIpqxFAvxawx2/9fq+ng01pbSwGJ8Uuzeyu/urE8O55cHrxO4K3/htcbacp1Pw/npmLk9vxILcWp0fuWO/PlB/kQ8f/62fBYL8dM70Y0iNuJm9q/8R8spvfp6447jnx3MAwAAgKMgS38auX7Psr8br/P3+33g5vp6aeT6firOTo333Iko+x+086Jobo+9OOio/mY3Ig5JY/+6mIiIQ9DGPYpj954zFe3ZMTT25WzEQ8Qnh26kB4of3IOH4+r8g+LGoNXPTtZt/6eHuN+TY/J/eR7xaN266NPj7gMAAAAAAAAAAIAH8yj+qDjucwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4A924FgAAAAAQJi/dRodGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD//1XSwek=") 633.123097ms ago: executing program 8 (id=3559): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000006c0), 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000700)={{0x0, 0x4}, {0xf}, 0x0, 0x4, 0x1}) 415.575454ms ago: executing program 0 (id=3560): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) listen(r0, 0x91df) sendmsg$inet(r0, &(0x7f0000002680)={0x0, 0x0, 0x0}, 0x4008051) 353.33579ms ago: executing program 5 (id=3561): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18) sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000680)={0xa, 0x4e1e, 0xffff198c, @dev={0xfe, 0x80, '\x00', 0xa}, 0x9}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000a00)="af", 0x1}], 0x1}}], 0x1, 0x4c040) 0s ago: executing program 8 (id=3562): r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0) mq_notify(r0, &(0x7f00000000c0)={0x0, 0xc, 0x0, @thr={0x0, 0x0}}) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/251}], 0x59) kernel console output (not intermixed with test programs): lave_0: left promiscuous mode [ 808.101171][ T3843] bridge0: port 1(bridge_slave_0) entered disabled state [ 808.240902][T10397] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 808.642605][T10775] Bluetooth: hci2: command tx timeout [ 809.150796][ T3843] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 809.271184][ T3843] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 809.316712][ T3843] bond0 (unregistering): Released all slaves [ 810.103369][T11791] hsr_slave_0: entered promiscuous mode [ 810.114047][T11791] hsr_slave_1: entered promiscuous mode [ 810.123361][T11791] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 810.131369][T11791] Cannot create hsr debugfs directory [ 810.310569][ T1712] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 810.544934][ T1712] usb 1-1: Using ep0 maxpacket: 16 [ 810.569068][ T1712] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 810.581584][ T1712] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 810.592366][ T1712] usb 1-1: New USB device found, idVendor=056e, idProduct=00ff, bcdDevice= 0.00 [ 810.601958][ T1712] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 810.673245][ T3843] hsr_slave_0: left promiscuous mode [ 810.690831][ T3843] hsr_slave_1: left promiscuous mode [ 810.704071][ T3843] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 810.712097][ T3843] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 810.798772][ T3843] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 810.808220][ T3843] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 810.890992][ T1712] usb 1-1: config 0 descriptor?? [ 811.005549][ T3843] veth1_macvtap: left promiscuous mode [ 811.011392][ T3843] veth0_macvtap: left promiscuous mode [ 811.020845][ T3843] veth1_vlan: left promiscuous mode [ 811.026801][ T3843] veth0_vlan: left promiscuous mode [ 811.525734][ T1712] elecom 0003:056E:00FF.0016: item fetching failed at offset 2/5 [ 811.574539][ T1712] elecom 0003:056E:00FF.0016: probe with driver elecom failed with error -22 [ 811.746087][ T1712] usb 1-1: USB disconnect, device number 22 [ 812.566892][ T3843] team_slave_1 (unregistering): left promiscuous mode [ 812.653298][ T3843] team0 (unregistering): Port device team_slave_1 removed [ 812.673922][ T9551] usb 2-1: new full-speed USB device number 15 using dummy_hcd [ 812.682356][ T3843] team_slave_0 (unregistering): left promiscuous mode [ 812.771913][ T3843] team0 (unregistering): Port device team_slave_0 removed [ 812.982464][ T9551] usb 2-1: config 0 has no interfaces? [ 813.104173][ T9551] usb 2-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 813.113839][ T9551] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 813.122370][ T9551] usb 2-1: Product: syz [ 813.126794][ T9551] usb 2-1: Manufacturer: syz [ 813.131920][ T9551] usb 2-1: SerialNumber: syz [ 813.218878][ T9551] usb 2-1: config 0 descriptor?? [ 813.566055][ T5845] usb 2-1: USB disconnect, device number 15 [ 813.699969][T11906] loop0: detected capacity change from 0 to 64 [ 813.892650][T11880] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2349'. [ 815.428519][T11917] loop0: detected capacity change from 0 to 2048 [ 815.608843][T11791] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 815.667015][T11917] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 815.776401][T11791] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 815.902392][T11791] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 816.009319][T11791] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 817.468860][T11944] loop5: detected capacity change from 0 to 128 [ 817.569756][T11944] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 817.737285][T11944] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 817.893662][T11944] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:376: inode #2: comm syz.5.2368: No space for directory leaf checksum. Please run e2fsck -D. [ 817.912533][T11944] EXT4-fs error (device loop5): __ext4_find_entry:1628: inode #2: comm syz.5.2368: checksumming directory block 0 [ 817.946224][T11944] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:376: inode #2: comm syz.5.2368: No space for directory leaf checksum. Please run e2fsck -D. [ 817.951028][T11791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 817.962842][T11944] EXT4-fs error (device loop5): __ext4_find_entry:1628: inode #2: comm syz.5.2368: checksumming directory block 0 [ 818.120922][T11791] 8021q: adding VLAN 0 to HW filter on device team0 [ 818.266076][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 818.273700][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 818.391777][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 818.399393][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 818.577892][ T7010] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 819.593438][T11966] loop0: detected capacity change from 0 to 64 [ 820.105425][T10775] Bluetooth: hci2: command tx timeout [ 820.456781][T11977] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2378'. [ 820.938525][T11986] loop5: detected capacity change from 0 to 64 [ 821.200142][T11989] Trying to free block not in datazone [ 821.222115][T11791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 821.254705][T11989] minix_free_block (loop5:21): bit already cleared [ 825.034485][T12034] loop1: detected capacity change from 0 to 64 [ 825.667701][T11791] veth0_vlan: entered promiscuous mode [ 825.847022][T11791] veth1_vlan: entered promiscuous mode [ 826.429919][T11791] veth0_macvtap: entered promiscuous mode [ 826.543725][T11791] veth1_macvtap: entered promiscuous mode [ 826.801366][T11791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 826.989002][T11791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 827.110787][T11791] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.120167][T11791] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.132531][T11791] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.141754][T11791] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 829.726908][T12085] pim6reg: entered allmulticast mode [ 830.026374][T12085] pim6reg: left allmulticast mode [ 830.452958][T12087] netlink: 'syz.4.2415': attribute type 27 has an invalid length. [ 830.547040][T12084] loop1: detected capacity change from 0 to 32768 [ 830.611766][T12084] (syz.1.2413,12084,1):ocfs2_verify_volume:2314 ERROR: bad root_blkno: 0 [ 830.620629][T12084] (syz.1.2413,12084,1):ocfs2_verify_volume:2331 ERROR: status = -22 [ 830.632122][T12084] (syz.1.2413,12084,1):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 830.641211][T12084] (syz.1.2413,12084,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 831.738945][T12100] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 831.752607][T12100] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 832.310189][T12106] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 833.007987][T12116] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2424'. [ 834.212437][T12123] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 835.550869][T12141] loop5: detected capacity change from 0 to 256 [ 835.833923][T12141] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 835.849562][T12141] FAT-fs (loop5): Filesystem has been set read-only [ 835.908946][T12147] loop1: detected capacity change from 0 to 16 [ 836.024038][T12147] erofs (device loop1): mounted with root inode @ nid 36. [ 839.627451][T12178] loop0: detected capacity change from 0 to 32768 [ 839.637779][T12178] btrfs: Deprecated parameter 'usebackuproot' [ 839.646265][T12178] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 839.672483][T12178] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2443 (12178) [ 839.738290][T12178] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 839.749768][T12178] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm [ 839.764891][T12178] BTRFS info (device loop0): using free-space-tree [ 839.887572][ T3593] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 839.895832][ T3593] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 839.973028][T12173] loop1: detected capacity change from 0 to 4096 [ 840.172231][T12173] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 840.314330][ T3593] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 840.322864][ T3593] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 840.443683][ T5146] udevd[5146]: worker [6116] terminated by signal 33 (Unknown signal 33) [ 840.486139][ T66] BTRFS warning (device loop0): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0 [ 840.503134][T12178] BTRFS warning (device loop0): couldn't read tree root [ 840.510608][T12178] BTRFS warning (device loop0): try to load backup roots slot 1 [ 840.577278][ T5146] udevd[5146]: worker [6116] failed while handling '/devices/virtual/block/loop0' [ 840.613729][ T5146] udevd[5146]: worker [6069] terminated by signal 33 (Unknown signal 33) [ 840.674238][ T66] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0 [ 840.690845][T12178] BTRFS warning (device loop0): couldn't read tree root [ 840.695818][ T5146] udevd[5146]: worker [6069] failed while handling '/devices/virtual/block/loop1' [ 840.702580][T12178] BTRFS warning (device loop0): try to load backup roots slot 2 [ 840.760294][ T66] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 840.771572][T12178] BTRFS warning (device loop0): couldn't read tree root [ 840.779043][T12178] BTRFS warning (device loop0): try to load backup roots slot 3 [ 840.912856][T12178] BTRFS info (device loop0): rebuilding free space tree [ 841.031080][T12178] BTRFS info (device loop0): checking UUID tree [ 841.031744][T12205] netlink: 'syz.5.2445': attribute type 3 has an invalid length. [ 841.049011][T12205] netlink: 16126 bytes leftover after parsing attributes in process `syz.5.2445'. [ 841.440359][T10397] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 841.844448][T12212] loop7: detected capacity change from 0 to 256 [ 844.037418][ T30] audit: type=1326 audit(2000000474.101:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12232 comm="syz.4.2453" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f319078e969 code=0x0 [ 845.240466][T12235] loop7: detected capacity change from 0 to 40427 [ 845.324690][T12235] F2FS-fs (loop7): Wrong segment_count / block_count (31 > 58) [ 845.332762][T12235] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 845.371183][T12235] F2FS-fs (loop7): invalid crc value [ 845.434935][T12235] F2FS-fs (loop7): SIT is corrupted node# 5 vs 7 [ 845.561566][T12235] F2FS-fs (loop7): Failed to initialize F2FS segment manager (-117) [ 846.512196][T12256] fuse: Bad value for 'user_id' [ 846.517346][T12256] fuse: Bad value for 'user_id' [ 847.190635][T12263] veth0_macvtap: left promiscuous mode [ 847.301617][T12263] macvtap0: entered promiscuous mode [ 847.326316][T12263] veth0_macvtap: entered promiscuous mode [ 847.341581][T12263] team0: Device macvtap0 failed to register rx_handler [ 847.458192][T12266] loop0: detected capacity change from 0 to 64 [ 847.520104][T12263] veth0_macvtap: left promiscuous mode [ 847.557328][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 847.710881][T12266] hfs: small file entry [ 849.466974][T12283] loop7: detected capacity change from 0 to 256 [ 850.136494][ T5971] udevd[5971]: failed to send result of seq 17069 to main daemon: Connection refused [ 850.333493][T12283] FAT-fs (loop7): Directory bread(block 64) failed [ 850.341842][T12283] FAT-fs (loop7): Directory bread(block 65) failed [ 850.352212][T12283] FAT-fs (loop7): Directory bread(block 66) failed [ 850.359313][T12283] FAT-fs (loop7): Directory bread(block 67) failed [ 850.366266][T12283] FAT-fs (loop7): Directory bread(block 68) failed [ 850.379528][T12283] FAT-fs (loop7): Directory bread(block 69) failed [ 850.386540][T12283] FAT-fs (loop7): Directory bread(block 70) failed [ 850.398702][T12283] FAT-fs (loop7): Directory bread(block 71) failed [ 850.406182][T12283] FAT-fs (loop7): Directory bread(block 72) failed [ 850.416291][T12283] FAT-fs (loop7): Directory bread(block 73) failed [ 850.555211][T12285] loop1: detected capacity change from 0 to 4096 [ 850.759655][ T5968] udevd[5968]: failed to send result of seq 17098 to main daemon: Transport endpoint is not connected [ 850.796156][T12291] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 850.932317][T12293] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2473'. [ 853.512645][T12314] loop0: detected capacity change from 0 to 40427 [ 853.526484][T12314] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 853.537286][T12314] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 853.589573][T12314] F2FS-fs (loop0): build fault injection attr: rate: 17008, type: 0x3fffff [ 853.605656][T12314] F2FS-fs (loop0): heap/no_heap options were deprecated [ 853.615903][T12314] F2FS-fs (loop0): norecovery requires readonly mount [ 853.826760][T12322] loop1: detected capacity change from 0 to 1024 [ 854.783670][ T4579] hfsplus: b-tree write err: -5, ino 4 [ 855.252410][T12333] loop7: detected capacity change from 0 to 256 [ 855.301197][T12333] exfat: Deprecated parameter 'namecase' [ 855.310854][T12333] exfat: Deprecated parameter 'utf8' [ 855.583230][T12333] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x68ba9255, utbl_chksum : 0xe619d30d) [ 857.438759][T12344] loop0: detected capacity change from 0 to 8192 [ 862.063132][T12411] loop7: detected capacity change from 0 to 32768 [ 862.081775][T12411] (syz.7.2519,12411,1):ocfs2_verify_volume:2322 ERROR: Superblock slots found greater than file system maximum: found 2560, max 255 [ 862.102749][T12411] (syz.7.2519,12411,1):ocfs2_verify_volume:2331 ERROR: status = -22 [ 862.112403][T12411] (syz.7.2519,12411,1):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 862.121616][T12411] (syz.7.2519,12411,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 864.033317][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 864.040209][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 864.183391][T12437] loop0: detected capacity change from 0 to 512 [ 864.270598][T12437] EXT4-fs (loop0): Test dummy encryption mode enabled [ 864.280949][T12437] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 864.454002][T12437] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2529: bad orphan inode 131083 [ 864.502944][T12437] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 865.128530][T10397] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 865.632046][T12454] loop0: detected capacity change from 0 to 512 [ 865.809553][T12454] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 865.826831][T12454] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 865.954713][T12454] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 866.017823][T12454] EXT4-fs (loop0): Remounting filesystem read-only [ 866.256450][T12453] loop1: detected capacity change from 0 to 4096 [ 866.655205][T10397] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 866.686042][T12453] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 866.695007][ T1854] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync! [ 866.708390][ T1854] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync! [ 867.040073][T12469] loop7: detected capacity change from 0 to 512 [ 867.227302][T12469] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 867.239836][T12469] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 867.330892][T12469] EXT4-fs (loop7): warning: checktime reached, running e2fsck is recommended [ 867.411467][T12469] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 867.456549][T12469] System zones: 0-2, 18-18, 34-34 [ 867.491649][T12469] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 867.596495][T12469] EXT4-fs (loop7): 1 truncate cleaned up [ 867.608283][T12469] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 867.878720][ T30] audit: type=1800 audit(2000000496.410:88): pid=12469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2539" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 868.354584][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 869.153687][T12499] PKCS8: Unsupported PKCS#8 version [ 870.495538][T12520] loop5: detected capacity change from 0 to 16 [ 870.529460][T12520] erofs (device loop5): mounted with root inode @ nid 36. [ 871.956347][T12536] 9p: Unknown Cache mode or invalid value f [ 873.133649][T12551] loop0: detected capacity change from 0 to 256 [ 873.524303][T12551] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d) [ 873.718661][ T30] audit: type=1800 audit(2000000501.873:89): pid=12551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2572" name="file1" dev="loop0" ino=1048691 res=0 errno=0 [ 873.934668][T12562] loop7: detected capacity change from 0 to 256 [ 874.007823][T12560] block nbd4: shutting down sockets [ 875.887189][T12573] loop0: detected capacity change from 0 to 40427 [ 875.964370][T12573] F2FS-fs (loop0): heap/no_heap options were deprecated [ 875.972768][T12573] F2FS-fs (loop0): heap/no_heap options were deprecated [ 875.980453][T12573] F2FS-fs (loop0): old and new quota format mixing [ 877.527112][T12599] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2590'. [ 878.117932][T12607] loop0: detected capacity change from 0 to 256 [ 878.273682][T12607] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 878.366783][T12609] syz.5.2594 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 878.547882][ T30] audit: type=1800 audit(2000000506.363:90): pid=12607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2592" name="file1" dev="loop0" ino=1048693 res=0 errno=0 [ 878.692234][T12613] loop7: detected capacity change from 0 to 256 [ 880.254636][T12633] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 880.254636][T12633] The task syz.0.2604 (12633) triggered the difference, watch for misbehavior. [ 882.816341][T12651] syz.0.2611: attempt to access beyond end of device [ 882.816341][T12651] loop0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 882.833828][T12651] exFAT-fs (loop0): unable to read boot sector [ 882.843618][T12651] exFAT-fs (loop0): failed to read boot sector [ 882.850168][T12651] exFAT-fs (loop0): failed to recognize exfat type [ 884.611997][T12669] loop1: detected capacity change from 0 to 512 [ 884.807438][T12669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 884.821151][T12669] ext4 filesystem being mounted at /577/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 885.089734][T12669] EXT4-fs error (device loop1): ext4_empty_dir:3080: inode #12: comm syz.1.2618: Directory hole found for htree leaf block 0 [ 885.619149][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 886.691513][T12698] loop5: detected capacity change from 0 to 256 [ 887.128618][T12698] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 887.612854][T12699] loop7: detected capacity change from 0 to 32768 [ 887.749314][T12699] (syz.7.2629,12699,1):ocfs2_verify_userspace_stack:858 ERROR: cluster stack passed to mount, but this filesystem does not support it [ 887.793043][T12699] (syz.7.2629,12699,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 888.666057][T12711] loop1: detected capacity change from 0 to 1024 [ 888.931636][T12711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 889.308388][ T9551] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 889.471769][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 889.552429][ T9551] usb 1-1: Using ep0 maxpacket: 32 [ 889.574780][ T9551] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 889.584464][ T9551] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 889.682660][ T9551] usb 1-1: config 0 descriptor?? [ 889.744022][ T9551] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 890.638481][T12726] loop5: detected capacity change from 0 to 32768 [ 890.653660][T12726] syz.5.2637: attempt to access beyond end of device [ 890.653660][T12726] loop5: rw=0, sector=34359738360, nr_sectors = 8 limit=32768 [ 890.675297][T12726] Read error 10 at 0x0 [ 890.679648][T12726] read_mapping_page failed! [ 890.687436][T12726] jfs_mount: dbMount failed w/rc = -5 [ 890.693965][T12726] Mount JFS Failure: -5 [ 890.698407][T12726] jfs_mount failed w/return code = -5 [ 890.862179][T12729] sp0: Synchronizing with TNC [ 890.892254][ T9551] usb 1-1: USB disconnect, device number 23 [ 891.076288][T12728] [U] è [ 891.863899][ T30] audit: type=1326 audit(2000000518.822:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.7.2640" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe61bd8e969 code=0x0 [ 892.106889][T12741] loop5: detected capacity change from 0 to 512 [ 892.150851][T12741] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 892.163884][T12741] EXT4-fs (loop5): ea_inode feature is not supported for Hurd [ 893.797712][T12759] loop7: detected capacity change from 0 to 1024 [ 893.888239][T12759] EXT4-fs: Ignoring removed bh option [ 893.894500][T12759] EXT4-fs: inline encryption not supported [ 894.011839][T12759] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 894.099385][T12766] loop5: detected capacity change from 0 to 64 [ 894.112560][T12751] sctp: failed to load transform for md5: -2 [ 894.186841][T12759] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 894.324702][T12759] EXT4-fs error (device loop7): ext4_map_blocks:675: inode #3: block 2: comm syz.7.2648: lblock 2 mapped to illegal pblock 2 (length 1) [ 894.416670][T12759] Quota error (device loop7): qtree_write_dquot: dquota write failed [ 894.425815][T12769] loop0: detected capacity change from 0 to 1024 [ 894.436123][T12759] EXT4-fs error (device loop7): ext4_map_blocks:675: inode #3: block 48: comm syz.7.2648: lblock 0 mapped to illegal pblock 48 (length 1) [ 894.447356][T12769] EXT4-fs: inline encryption not supported [ 894.460988][T12769] EXT4-fs: Ignoring removed i_version option [ 894.522897][T12759] Quota error (device loop7): v2_write_file_info: Can't write info structure [ 894.535608][T12759] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.2648: Failed to acquire dquot type 0 [ 894.555416][T12769] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 894.566744][T12759] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 894.662570][T12759] EXT4-fs error (device loop7): ext4_evict_inode:259: inode #11: comm syz.7.2648: mark_inode_dirty error [ 894.723055][T12759] EXT4-fs warning (device loop7): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 894.735233][T12759] EXT4-fs (loop7): 1 orphan inode deleted [ 894.744838][T12759] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 894.792419][ T1854] EXT4-fs error (device loop7): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 894.892695][T12769] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 2: comm syz.0.2650: lblock 2 mapped to illegal pblock 2 (length 1) [ 894.909759][ T1854] Quota error (device loop7): remove_tree: Can't read quota data block 1 [ 894.909934][ T1854] EXT4-fs error (device loop7): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 0 [ 894.982728][T12769] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 894.994563][T12769] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 48: comm syz.0.2650: lblock 0 mapped to illegal pblock 48 (length 1) [ 895.110158][T12769] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 895.119467][T12769] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.2650: Failed to acquire dquot type 0 [ 895.172281][T12769] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 895.246964][T12769] EXT4-fs error (device loop0): ext4_evict_inode:259: inode #11: comm syz.0.2650: mark_inode_dirty error [ 895.263749][ T9551] kernel write not supported for file /sysvipc/shm (pid: 9551 comm: kworker/0:1) [ 895.342317][T12769] EXT4-fs warning (device loop0): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 895.356410][T12769] EXT4-fs (loop0): 1 orphan inode deleted [ 895.368901][T12769] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 895.411892][ T3593] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:14: lblock 1 mapped to illegal pblock 1 (length 1) [ 895.487229][ T3593] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 895.496724][ T3593] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:14: Failed to release dquot type 0 [ 895.537387][T12769] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm syz.0.2650: lblock 1 mapped to illegal pblock 1 (length 1) [ 895.570050][T12769] Quota error (device loop0): find_tree_dqentry: Can't read quota tree block 1 [ 895.582683][T12769] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 60928 [ 895.595850][T12769] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.2650: Failed to acquire dquot type 0 [ 895.626519][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 895.671103][T11791] EXT4-fs error (device loop7): __ext4_get_inode_loc:4450: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 895.742924][T11791] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 895.832593][T11791] EXT4-fs error (device loop7): ext4_quota_off:7219: inode #3: comm syz-executor: mark_inode_dirty error [ 895.992565][T10397] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 896.096968][T10397] EXT4-fs error (device loop0): __ext4_get_inode_loc:4450: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 896.145470][T10397] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 896.148320][T10397] EXT4-fs error (device loop0): ext4_quota_off:7219: inode #3: comm syz-executor: mark_inode_dirty error [ 896.543880][T12785] loop1: detected capacity change from 0 to 512 [ 896.571619][T12785] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 896.618587][T12785] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.2657: bad orphan inode 131083 [ 896.630687][T12785] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 896.845532][T12789] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_team, syncid = 0, id = 0 [ 897.247358][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 897.252833][T12793] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2658'. [ 897.700945][T12796] loop0: detected capacity change from 0 to 1024 [ 897.856039][T12798] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2659'. [ 898.093276][T12801] loop7: detected capacity change from 0 to 256 [ 898.110861][T12801] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 898.110952][T12801] exFAT-fs (loop7): Medium has reported failures. Some data may be lost. [ 898.203809][T12801] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 899.772466][T12814] loop1: detected capacity change from 0 to 1024 [ 900.158532][T12814] syz.1.2665: attempt to access beyond end of device [ 900.158532][T12814] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 900.226696][T12823] syz.1.2665: attempt to access beyond end of device [ 900.226696][T12823] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 901.248349][T12834] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2672'. [ 902.154925][ T5790] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 903.259695][ T5794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 903.301371][ T5794] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 903.322595][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 903.350417][ T5794] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 903.412977][ T5794] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 904.049618][T12860] loop7: detected capacity change from 0 to 2048 [ 904.428624][T12860] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 904.980466][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 905.183574][T12856] chnl_net:caif_netlink_parms(): no params data found [ 905.628126][ T5794] Bluetooth: hci3: command tx timeout [ 907.749912][T12912] loop1: detected capacity change from 0 to 1024 [ 907.832401][T12912] EXT4-fs: Ignoring removed bh option [ 907.856526][ T5794] Bluetooth: hci3: command tx timeout [ 907.912842][T12856] bridge0: port 1(bridge_slave_0) entered blocking state [ 907.920596][T12856] bridge0: port 1(bridge_slave_0) entered disabled state [ 907.928715][T12856] bridge_slave_0: entered allmulticast mode [ 907.938917][T12856] bridge_slave_0: entered promiscuous mode [ 908.003023][ T3513] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 908.108689][T12856] bridge0: port 2(bridge_slave_1) entered blocking state [ 908.121070][T12856] bridge0: port 2(bridge_slave_1) entered disabled state [ 908.134212][T12856] bridge_slave_1: entered allmulticast mode [ 908.147122][T12856] bridge_slave_1: entered promiscuous mode [ 908.211146][T12912] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 908.229840][T12912] ext4 filesystem being mounted at /596/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 908.298766][ T3513] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 908.549285][ T3513] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 908.840625][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 908.906688][T12856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 908.935952][T12856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 909.032568][ T3513] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 909.605967][T12856] team0: Port device team_slave_0 added [ 909.666865][T12856] team0: Port device team_slave_1 added [ 910.078785][ T5794] Bluetooth: hci3: command tx timeout [ 910.171607][ T3513] bridge_slave_1: left allmulticast mode [ 910.177565][ T3513] bridge_slave_1: left promiscuous mode [ 910.187444][ T3513] bridge0: port 2(bridge_slave_1) entered disabled state [ 910.295009][ T3513] bridge_slave_0: left allmulticast mode [ 910.301420][ T3513] bridge_slave_0: left promiscuous mode [ 910.309604][ T3513] bridge0: port 1(bridge_slave_0) entered disabled state [ 911.502397][T12956] loop7: detected capacity change from 0 to 128 [ 911.514160][T12956] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 911.550457][T12956] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 911.742228][ T3513] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 911.817156][ T3513] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 911.861196][T12946] sctp: failed to load transform for md5: -2 [ 911.932108][ T3513] bond0 (unregistering): Released all slaves [ 912.109446][T12856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 912.120241][T12856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 912.148785][T12856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 912.343331][ T5794] Bluetooth: hci3: command tx timeout [ 912.481234][ T3513] : left promiscuous mode [ 912.632061][T12856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 912.639335][T12856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 912.670251][T12856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 913.491930][T12978] loop1: detected capacity change from 0 to 64 [ 913.499489][ T3513] hsr_slave_0: left promiscuous mode [ 913.502417][ T3513] hsr_slave_1: left promiscuous mode [ 913.504954][ T3513] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 913.505168][ T3513] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 913.512727][ T3513] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 913.512884][ T3513] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 913.523914][ T3513] batman_adv: batadv0: Interface deactivated: ipvlan0 [ 913.524068][ T3513] batman_adv: batadv0: Removing interface: ipvlan0 [ 913.576640][ T3513] veth1_macvtap: left promiscuous mode [ 913.577017][ T3513] veth1_vlan: left promiscuous mode [ 913.577383][ T3513] veth0_vlan: left promiscuous mode [ 914.508615][ T3513] team0 (unregistering): Port device team_slave_1 removed [ 914.577833][ T9551] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 914.619527][ T3513] team0 (unregistering): Port device team_slave_0 removed [ 914.814690][T12987] loop5: detected capacity change from 0 to 256 [ 914.888633][T12987] exfat: Deprecated parameter 'namecase' [ 914.978248][ T9551] usb 1-1: Using ep0 maxpacket: 8 [ 915.005608][T12987] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 915.133804][ T9551] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 915.133986][ T9551] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 915.134212][ T9551] usb 1-1: New USB device found, idVendor=28bd, idProduct=1903, bcdDevice= 0.00 [ 915.134363][ T9551] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 915.156258][T12856] hsr_slave_0: entered promiscuous mode [ 915.160804][T12856] hsr_slave_1: entered promiscuous mode [ 915.164150][T12856] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 915.164237][T12856] Cannot create hsr debugfs directory [ 915.176139][ T9551] usb 1-1: config 0 descriptor?? [ 915.770352][ T9551] input: HID 28bd:1903 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28BD:1903.0017/input/input13 [ 915.829128][ T9551] uclogic 0003:28BD:1903.0017: input,hidraw0: USB HID v0.80 Mouse [HID 28bd:1903] on usb-dummy_hcd.0-1/input0 [ 915.919795][ T9551] usb 1-1: USB disconnect, device number 24 [ 916.145548][T12993] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2722'. [ 917.163102][T12856] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 917.248046][T12856] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 917.357050][T12856] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 917.434966][T12856] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 917.649994][T13005] loop7: detected capacity change from 0 to 2048 [ 917.753527][T13005] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024) [ 917.819131][T13014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2728'. [ 917.888770][T13016] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 918.828676][T12856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 918.985041][T12856] 8021q: adding VLAN 0 to HW filter on device team0 [ 919.083001][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 919.090791][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 919.220617][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 919.228470][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 921.606616][T13063] loop1: detected capacity change from 0 to 256 [ 921.668076][T13063] exfat: Deprecated parameter 'namecase' [ 921.875243][T12856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 921.923606][T13063] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 922.981602][T13083] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 924.479896][T13110] loop1: detected capacity change from 0 to 16 [ 924.631249][T13110] erofs (device loop1): mounted with root inode @ nid 36. [ 924.848502][T13110] erofs (device loop1): inline data across blocks @ nid 36 [ 924.856202][T13110] syz.1.2762: attempt to access beyond end of device [ 924.856202][T13110] loop1: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16 [ 925.151003][T12856] veth0_vlan: entered promiscuous mode [ 925.281047][T12856] veth1_vlan: entered promiscuous mode [ 925.657682][T12856] veth0_macvtap: entered promiscuous mode [ 925.684853][T13120] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2766'. [ 925.697370][T13120] netlink: 'syz.5.2766': attribute type 30 has an invalid length. [ 925.709418][T13120] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2766'. [ 925.758789][T12856] veth1_macvtap: entered promiscuous mode [ 926.007957][T12856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 926.024354][T13127] loop7: detected capacity change from 0 to 22 [ 926.105313][T13127] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 926.141756][T12856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 926.176657][T12856] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.187808][T12856] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.197533][T12856] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.206811][T12856] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.821840][T13133] loop1: detected capacity change from 0 to 256 [ 926.897103][T13136] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2772'. [ 927.054994][T13133] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 928.596175][T13164] loop5: detected capacity change from 0 to 47 [ 929.217718][T13171] loop1: detected capacity change from 0 to 512 [ 929.394976][T13171] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 929.408931][T13171] ext4 filesystem being mounted at /617/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 929.699752][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 929.706777][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 930.251271][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 930.357448][T13192] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2788'. [ 930.370098][T13192] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2788'. [ 930.379582][T13192] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2788'. [ 930.389105][T13192] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2788'. [ 930.826797][T13191] loop0: detected capacity change from 0 to 4096 [ 930.922310][T13191] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 930.989335][T13191] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 4096) [ 931.140791][T13202] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 931.351301][T13204] loop5: detected capacity change from 0 to 128 [ 932.380298][T13217] loop0: detected capacity change from 0 to 1024 [ 932.717875][T13214] loop7: detected capacity change from 0 to 4096 [ 932.946595][T13228] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 933.266241][ T5067] hfsplus: b-tree write err: -5, ino 4 [ 933.754261][ T1734] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 934.016282][ T1734] usb 2-1: Using ep0 maxpacket: 16 [ 934.075926][ T1734] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00 [ 934.086644][ T1734] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 934.174664][ T1734] usb 2-1: config 0 descriptor?? [ 934.741457][ T4579] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 934.749909][ T4579] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 934.821653][ T1734] prodikeys 0003:041E:2801.0018: unknown main item tag 0x0 [ 934.834397][ T1734] prodikeys 0003:041E:2801.0018: unknown main item tag 0x0 [ 934.841990][ T1734] prodikeys 0003:041E:2801.0018: unknown main item tag 0x0 [ 934.849764][ T1734] prodikeys 0003:041E:2801.0018: unknown main item tag 0x0 [ 934.860319][ T1734] prodikeys 0003:041E:2801.0018: unknown main item tag 0x0 [ 935.062596][ T1734] prodikeys 0003:041E:2801.0018: hidraw0: USB HID v1.01 Device [HID 041e:2801] on usb-dummy_hcd.1-1/input0 [ 935.098546][ T1734] usb 2-1: USB disconnect, device number 16 [ 935.161214][ T3593] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 935.169737][ T3593] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 935.381258][T13255] loop7: detected capacity change from 0 to 256 [ 936.597219][T13270] loop5: detected capacity change from 0 to 512 [ 936.762584][T13270] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 936.892690][T13270] EXT4-fs (loop5): orphan cleanup on readonly fs [ 936.904064][T13270] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #3: comm syz.5.2811: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 936.973518][T13276] netlink: 332 bytes leftover after parsing attributes in process `syz.7.2813'. [ 936.983234][T13276] netlink: 'syz.7.2813': attribute type 9 has an invalid length. [ 936.991217][T13276] netlink: 108 bytes leftover after parsing attributes in process `syz.7.2813'. [ 937.004042][T13276] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2813'. [ 937.023873][T13270] EXT4-fs error (device loop5): ext4_quota_enable:7129: comm syz.5.2811: Bad quota inode: 3, type: 0 [ 937.135515][T13270] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 937.154411][T13282] usb usb1: usbfs: interface 0 claimed by hub while 'syz.8.2814' sets config #0 [ 937.155656][T13282] usb usb1: usbfs: interface 0 claimed by hub while 'syz.8.2814' sets config #1 [ 937.175471][T13270] EXT4-fs (loop5): Cannot turn on quotas: error -117 [ 937.188597][T13270] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 937.580634][ T7010] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 937.670264][T13288] netlink: 88 bytes leftover after parsing attributes in process `syz.8.2816'. [ 937.681117][T13288] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2816'. [ 937.691235][T13288] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2816'. [ 937.703506][T13288] netlink: 80 bytes leftover after parsing attributes in process `syz.8.2816'. [ 938.083780][T13292] loop1: detected capacity change from 0 to 256 [ 938.157812][T13293] loop7: detected capacity change from 0 to 256 [ 938.303137][T13292] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d) [ 938.402377][T13293] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d) [ 938.416348][T13293] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 940.506238][T13313] loop8: detected capacity change from 0 to 32768 [ 940.528565][T13313] (syz.8.2828,13313,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x26a7570f, computed 0x51f68f67. Applying ECC. [ 940.542915][T13313] (syz.8.2828,13313,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x26a7570f, computed 0x91fd3046 [ 940.556250][T13313] (syz.8.2828,13313,0):ocfs2_validate_dir_block:452 ERROR: Checksum failed for dinode 288 [ 940.566626][T13313] (syz.8.2828,13313,0):ocfs2_read_virt_blocks:1029 ERROR: status = -5 [ 940.579625][T13313] (syz.8.2828,13313,0):ocfs2_read_dir_block:511 ERROR: status = -5 [ 940.589234][T13313] (syz.8.2828,13313,0):ocfs2_find_entry_el:728 ERROR: reading directory 18, offset 0 [ 940.604418][T13313] (syz.8.2828,13313,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 940.621197][T13313] (syz.8.2828,13313,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 940.621397][T13313] (syz.8.2828,13313,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 940.650783][T13313] (syz.8.2828,13313,0):ocfs2_initialize_super:2198 ERROR: status = -22 [ 940.659835][T13313] (syz.8.2828,13313,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 941.732637][ T30] audit: type=1326 audit(2000000565.480:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13325 comm="syz.1.2833" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f778dd8e969 code=0x0 [ 942.456619][ T9551] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 942.610569][ T1734] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 942.670177][ T9551] usb 6-1: Using ep0 maxpacket: 8 [ 942.713955][ T9551] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 942.724701][ T9551] usb 6-1: config 0 has no interfaces? [ 942.804959][ T9551] usb 6-1: New USB device found, idVendor=093b, idProduct=a102, bcdDevice= 0.01 [ 942.814584][ T9551] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 942.824151][ T9551] usb 6-1: Product: syz [ 942.828586][ T9551] usb 6-1: Manufacturer: syz [ 942.834581][ T9551] usb 6-1: SerialNumber: syz [ 942.868422][ T1734] usb 1-1: Using ep0 maxpacket: 8 [ 942.913605][ T1734] usb 1-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 942.915586][ T9551] usb 6-1: config 0 descriptor?? [ 942.923224][ T1734] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 942.923362][ T1734] usb 1-1: Product: syz [ 942.923466][ T1734] usb 1-1: Manufacturer: syz [ 942.950947][ T1734] usb 1-1: SerialNumber: syz [ 942.981437][ T1734] usb 1-1: config 0 descriptor?? [ 943.038971][ T1734] radio-usb-si4713 1-1:0.0: Si4713 development board discovered: (10C4:8244) [ 943.197953][ T9551] usb 6-1: USB disconnect, device number 8 [ 943.786055][ T1734] radio-usb-si4713 1-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 943.796821][ T1734] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 943.857743][ T1734] usb 1-1: USB disconnect, device number 25 [ 944.859209][T13364] loop1: detected capacity change from 0 to 764 [ 944.890938][T13364] rock: directory entry would overflow storage [ 944.899040][T13364] rock: sig=0x4654, size=5, remaining=4 [ 945.739435][T13368] loop0: detected capacity change from 0 to 32768 [ 945.762999][T13368] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section downgrade: downgrade entry with mismatched major version (0 != 1) [ 945.762999][T13368] downgrade (size 2912): [ 945.762999][T13368] version: 0.0: (unknown version) [ 945.762999][T13368] recovery passes: [ 945.762999][T13368] errors: sb_clean_missing [ 945.762999][T13368] version: 0.0: (unknown version) [ 945.762999][T13368] recovery passes: initialize_subvolumes,snapshots_read [ 945.762999][T13368] errors: [ 945.762999][T13368] version: 0.0: (unknown version) [ 945.762999][T13368] recovery passes: delete_dead_inodes [ 945.762999][T13368] errors: [ 945.762999][T13368] version: 0.0: (unknown version) [ 945.762999][T13368] recovery passes: alloc_read,check_inodes,delete_dead_inodes,set_fs_needs_rebalance [ 945.762999][T13368] errors: (unknown error 512) [ 945.762999][T13368] version: 0.5: (unknown version) [ 945.762999][T13368] recovery passes: [ 945.762999][T13368] errors: [ 945.762999][T13368] version: 0.0: (unknown version) [ 945.762999][T13368] recovery passes: [ 945.762999][T13368] errors: [ 945.762999][T13368] version: 0.0: (unknown version) [ 945.762999][T13368] recovery passes: fs_freespace_init,bucket_gens_init,check_inodes,delete_dead_inodes [ 945.762999][T13368] errors: [ 945.762999][T13368] version: 0.0: (unknown version) [ 945.762999][T13368] recovery passes: [ 945.762999][T13368] errors: [ 945.762999][T13368] version: 0.6: (unknown version) [ 945.762999][T13368] recovery passes: check_subvols [ 945.762999][T13368] errors: [ 945.762999][T13368] version: 0.33: (unknown version) [ 945.762999][T13368] recovery passes: check_snapshots [ 945.762999][T13368] errors: [ 945.762999][T13368] version: 0.0: [ 945.764315][T13368] bcachefs: bch2_fs_get_tree() error: invalid_sb_downgrade [ 945.922563][ C0] vkms_vblank_simulate: vblank timer overrun [ 946.328679][T13370] loop7: detected capacity change from 0 to 4096 [ 946.767748][T13370] ntfs3(loop7): ino=1a, mi_enum_attr [ 946.773403][T13370] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 947.133227][T13382] loop0: detected capacity change from 0 to 256 [ 947.628394][ T30] audit: type=1800 audit(2000000570.989:93): pid=13382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2860" name="file0" dev="loop0" ino=1048714 res=0 errno=0 [ 948.932588][ T30] audit: type=1326 audit(2000000572.224:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13407 comm="syz.7.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61bd8e969 code=0x7ffc0000 [ 948.959646][ T30] audit: type=1326 audit(2000000572.252:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13407 comm="syz.7.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fe61bd8e969 code=0x7ffc0000 [ 948.982962][ T30] audit: type=1326 audit(2000000572.262:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13407 comm="syz.7.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61bd8e969 code=0x7ffc0000 [ 949.013016][ T30] audit: type=1326 audit(2000000572.262:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13407 comm="syz.7.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61bd8e969 code=0x7ffc0000 [ 949.037210][ T30] audit: type=1326 audit(2000000572.271:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13407 comm="syz.7.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7fe61bd8e969 code=0x7ffc0000 [ 949.063872][ T30] audit: type=1326 audit(2000000572.271:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13407 comm="syz.7.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61bd8e969 code=0x7ffc0000 [ 949.090085][ T30] audit: type=1326 audit(2000000572.271:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13407 comm="syz.7.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61bd8e969 code=0x7ffc0000 [ 949.609824][T13419] loop8: detected capacity change from 0 to 64 [ 949.979327][T13423] loop7: detected capacity change from 0 to 512 [ 950.204138][T13428] sp0: Synchronizing with TNC [ 950.248168][T13429] loop5: detected capacity change from 0 to 1024 [ 950.258535][T13429] EXT4-fs: Ignoring removed nomblk_io_submit option [ 950.267475][T13423] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 950.281199][T13423] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 950.398480][T13423] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.2879: bg 0: block 18: invalid block bitmap [ 950.416835][T13423] Quota error (device loop7): write_blk: dquota write failed [ 950.425319][T13423] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 950.440109][T13423] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.2879: Failed to acquire dquot type 1 [ 950.489753][T13429] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 951.000310][ T7010] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 951.079691][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 951.239005][T13443] loop8: detected capacity change from 0 to 1024 [ 951.263321][T13444] loop1: detected capacity change from 0 to 256 [ 951.369550][T13444] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 951.381498][T13444] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 951.536667][T13444] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 951.637566][ T4579] hfsplus: b-tree write err: -5, ino 4 [ 952.606802][T13457] loop5: detected capacity change from 0 to 4096 [ 952.652807][T13457] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 953.092175][T13469] loop1: detected capacity change from 0 to 256 [ 953.094578][T13457] ntfs3(loop5): failed to convert "076c" to cp932 [ 953.243385][T13469] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 953.483763][T13475] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2901'. [ 953.497349][T13475] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2901'. [ 953.618983][ T9551] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 953.922871][ T9551] usb 1-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 953.935965][ T9551] usb 1-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0 [ 953.945755][ T9551] usb 1-1: Product: syz [ 954.004362][ T9551] usb 1-1: config 0 descriptor?? [ 954.025388][ T9551] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 954.035729][ T9551] ftdi_sio ttyUSB0: unknown device type: 0xc698 [ 954.190781][T13485] loop8: detected capacity change from 0 to 256 [ 954.251076][ T9551] usb 1-1: USB disconnect, device number 26 [ 954.263908][ T9551] ftdi_sio 1-1:0.0: device disconnected [ 954.321673][T13478] loop1: detected capacity change from 0 to 4096 [ 954.439564][T13486] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 954.722553][T13488] loop5: detected capacity change from 0 to 1024 [ 954.738688][T13488] hfsplus: Unknown parameter 'ï{Ü [ 954.738688][T13488] OB·ìº­è¯—r4´|¡K™¿¦!B‘¸Z"EÂk(–Œañ«Ç3.<8' [ 954.855696][T13490] loop8: detected capacity change from 0 to 512 [ 955.088915][T13490] EXT4-fs (loop8): 1 truncate cleaned up [ 955.097469][T13490] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 955.481516][T13498] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2911'. [ 955.592326][T13492] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 7: invalid block bitmap [ 955.633651][T12856] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 956.167881][T13508] loop8: detected capacity change from 0 to 1024 [ 957.586223][T13525] loop1: detected capacity change from 0 to 64 [ 957.970912][T13531] loop0: detected capacity change from 0 to 128 [ 958.135029][T13531] FAT-fs (loop0): Directory bread(block 32) failed [ 958.143913][T13531] FAT-fs (loop0): Directory bread(block 33) failed [ 958.151602][T13531] FAT-fs (loop0): Directory bread(block 34) failed [ 958.158469][T13531] FAT-fs (loop0): Directory bread(block 35) failed [ 958.165642][T13531] FAT-fs (loop0): Directory bread(block 36) failed [ 958.172716][T13531] FAT-fs (loop0): Directory bread(block 37) failed [ 958.179669][T13531] FAT-fs (loop0): Directory bread(block 38) failed [ 958.186655][T13531] FAT-fs (loop0): Directory bread(block 39) failed [ 958.193847][T13531] FAT-fs (loop0): Directory bread(block 40) failed [ 958.204819][T13531] FAT-fs (loop0): Directory bread(block 41) failed [ 958.539849][T13533] loop5: detected capacity change from 0 to 2048 [ 958.785906][T13533] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 959.247648][T13542] loop8: detected capacity change from 0 to 64 [ 959.265485][T10775] Bluetooth: hci2: command 0x0406 tx timeout [ 959.381890][ T7010] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 960.813205][T13558] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 960.813357][T13558] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 960.813708][T13558] vhci_hcd vhci_hcd.0: Device attached [ 961.079778][ T9551] usb 35-1: new low-speed USB device number 2 using vhci_hcd [ 961.166173][T12294] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 961.369596][T12294] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 961.369750][T12294] usb 2-1: config 0 has no interfaces? [ 961.369908][T12294] usb 2-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 961.370055][T12294] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 961.381969][T12294] usb 2-1: config 0 descriptor?? [ 961.634164][T13559] vhci_hcd: connection closed [ 961.635813][T12294] usb 2-1: USB disconnect, device number 17 [ 961.649785][ T3764] vhci_hcd: stop threads [ 961.649857][ T3764] vhci_hcd: release socket [ 961.649994][ T3764] vhci_hcd: disconnect device [ 961.710760][ T9551] vhci_hcd: vhci_device speed not set [ 962.265552][T13577] loop7: detected capacity change from 0 to 512 [ 962.326740][T13577] EXT4-fs: Ignoring removed orlov option [ 962.370561][T13577] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 962.450694][T13577] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 962.565535][T13577] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.2946: corrupted in-inode xattr: e_value size too large [ 962.596475][T13577] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.2946: couldn't read orphan inode 15 (err -117) [ 962.613963][T13577] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 962.905772][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 963.185851][T13589] loop8: detected capacity change from 0 to 8 [ 963.469497][T13587] loop1: detected capacity change from 0 to 4096 [ 963.620596][T13596] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 964.562640][T13611] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2964'. [ 964.576886][T13611] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2964'. [ 964.586336][T13611] netlink: 'syz.5.2964': attribute type 11 has an invalid length. [ 964.594418][T13611] netlink: 'syz.5.2964': attribute type 12 has an invalid length. [ 967.325521][T13637] loop7: detected capacity change from 0 to 40427 [ 967.377457][T13637] F2FS-fs (loop7): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 967.387097][T13637] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 967.593116][T13644] loop0: detected capacity change from 0 to 1764 [ 968.903314][T13662] loop0: detected capacity change from 0 to 2048 [ 969.020269][T13662] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 969.277581][T13659] loop1: detected capacity change from 0 to 4096 [ 969.327288][T13667] loop7: detected capacity change from 0 to 512 [ 969.420979][T13669] sp0: Synchronizing with TNC [ 969.431480][T13667] EXT4-fs: Ignoring removed oldalloc option [ 969.480825][T13667] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 969.543191][T13667] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 969.552201][T13667] System zones: 1-12 [ 969.560212][T13667] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.2988: corrupted in-inode xattr: e_name out of bounds [ 969.594762][T13667] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.2988: couldn't read orphan inode 15 (err -117) [ 969.612975][T13667] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 969.631281][T13671] netlink: 100 bytes leftover after parsing attributes in process `syz.5.2990'. [ 970.259218][T13679] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2993'. [ 970.268952][T13679] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2993'. [ 970.278502][T13679] netlink: 'syz.5.2993': attribute type 20 has an invalid length. [ 970.282545][T13677] loop0: detected capacity change from 0 to 1024 [ 970.426541][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 970.767020][ T4579] hfsplus: b-tree write err: -5, ino 4 [ 971.593391][T13697] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2999'. [ 971.672259][T13698] loop8: detected capacity change from 0 to 64 [ 972.422495][ T1734] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 972.613661][ T1734] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 972.628517][ T1734] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 972.642387][ T1734] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 972.659202][ T1734] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 972.673111][ T1734] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 972.704642][ T1734] usb 6-1: config 0 descriptor?? [ 973.102171][T13714] loop0: detected capacity change from 0 to 1024 [ 973.114463][T13714] hfsplus: Bad value for 'umask' [ 973.173158][T13714] No control pipe specified [ 973.184817][ T1734] acrux 0003:1A34:0802.0019: unknown main item tag 0x0 [ 973.192400][ T1734] acrux 0003:1A34:0802.0019: unknown main item tag 0x0 [ 973.205465][ T1734] acrux 0003:1A34:0802.0019: unknown main item tag 0x0 [ 973.214571][ T1734] acrux 0003:1A34:0802.0019: unknown main item tag 0x0 [ 973.221839][ T1734] acrux 0003:1A34:0802.0019: unknown main item tag 0x0 [ 973.281915][ T1734] acrux 0003:1A34:0802.0019: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.5-1/input0 [ 973.293629][ T1734] acrux 0003:1A34:0802.0019: no inputs found [ 973.303263][ T1734] acrux 0003:1A34:0802.0019: Failed to enable force feedback support, error: -19 [ 973.440169][ T1734] usb 6-1: USB disconnect, device number 9 [ 973.839615][T13721] loop8: detected capacity change from 0 to 1024 [ 974.023216][T13721] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 974.122260][T13728] loop7: detected capacity change from 0 to 512 [ 974.149712][T13728] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 974.196292][T13728] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.3014: bad orphan inode 15 [ 974.198730][T13721] EXT4-fs error (device loop8): ext4_xattr_inode_iget:437: inode #11: comm syz.8.3012: missing EA_INODE flag [ 974.236894][T13728] ext4_test_bit(bit=14, block=18) = 1 [ 974.246182][T13728] is_bad_inode(inode)=0 [ 974.250762][T13728] NEXT_ORPHAN(inode)=1023 [ 974.255344][T13728] max_ino=32 [ 974.258762][T13728] i_nlink=0 [ 974.264821][T13728] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 974.281478][T13721] EXT4-fs (loop8): Remounting filesystem read-only [ 974.289437][T13728] ext2 filesystem being mounted at /116/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 974.368516][T13733] loop1: detected capacity change from 0 to 128 [ 974.446978][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 974.467921][T13733] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 974.586404][T13733] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 974.638980][T13733] EXT4-fs error (device loop1): __ext4_find_entry:1628: inode #2: comm syz.1.3013: checksumming directory block 0 [ 974.767391][T13736] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 974.776861][T13736] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 974.787607][T13736] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 974.797394][T13736] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 974.884388][T12856] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 975.151528][ T5801] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 975.785593][T13754] netlink: 'syz.8.3025': attribute type 5 has an invalid length. [ 975.910301][ T1734] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 976.114339][ T1734] usb 6-1: Using ep0 maxpacket: 32 [ 976.160076][ T1734] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 976.171043][ T1734] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 976.183704][ T1734] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 976.360936][ T1734] usb 6-1: config 0 descriptor?? [ 976.413306][ T1734] hub 6-1:0.0: bad descriptor, ignoring hub [ 976.419573][ T1734] hub 6-1:0.0: probe with driver hub failed with error -5 [ 976.692379][T13766] tmpfs: Bad value for 'mpol' [ 976.752562][T13765] loop7: detected capacity change from 0 to 1024 [ 977.590714][T13769] loop0: detected capacity change from 0 to 32768 [ 977.604954][T13769] bcachefs (/dev/loop0): error validating superblock: Invalid time precision: 0 (min 1, max 1000000000) [ 977.617162][T13769] bcachefs: bch2_fs_get_tree() error: invalid_sb_time_precision [ 977.887102][T12648] usb 6-1: reset high-speed USB device number 10 using dummy_hcd [ 978.247523][T13773] loop7: detected capacity change from 0 to 64 [ 978.716258][ T1734] usb 6-1: USB disconnect, device number 10 [ 978.743520][T13778] digital: digital_start_poll: Unknown protocol [ 979.665468][ T9551] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 979.863671][ T9551] usb 9-1: Using ep0 maxpacket: 8 [ 979.927107][ T9551] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 979.939570][ T9551] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 979.952151][ T9551] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 979.962950][ T9551] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 979.976487][ T9551] usb 9-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 979.989652][ T9551] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 980.892888][T13803] loop0: detected capacity change from 0 to 32768 [ 980.908723][ T9551] usb 9-1: config 0 descriptor?? [ 981.062448][T13803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 981.132987][T13803] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,noinodes_use_key_cache,journal_flush_delay=1001,fix_errors=no,norecovery,recovery_pass_last=check_extents,nojournal_transaction_names,no_data_io [ 981.132987][T13803] allowing incompatible features above 0.0: (unknown version) [ 981.168177][T13803] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 981.179038][T13803] bcachefs (loop0): Version upgrade required: [ 981.179038][T13803] Version upgrade from 0.8: (unknown version) to 1.7: mi_btree_bitmap incomplete [ 981.179038][T13803] Doing incompatible version upgrade from 0.8: (unknown version) to 1.25: extent_flags [ 981.179038][T13803] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 981.375101][T13803] bcachefs (loop0): bcachefs (loop0): error validating btree node at btree alloc level 0/0 [ 981.375286][T13803] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 981.375473][T13803] node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing [ 981.436080][T13803] bcachefs (loop0): invalid bkey in btree_node btree=alloc level=0: u64s 12 type alloc_v4 0:31:2048 len 0 ver 0: [ 981.436260][T13803] gen 0 oldest_gen 0 data_type btree [ 981.436332][T13803] journal_seq_nonempty 4 [ 981.436465][T13803] journal_seq_empty 0 [ 981.436531][T13803] need_discard 1 [ 981.436664][T13803] need_inc_gen 1 [ 981.436734][T13803] dirty_sectors 256 [ 981.436879][T13803] stripe_sectors 0 [ 981.436948][T13803] cached_sectors 0 [ 981.437082][T13803] stripe 0 [ 981.437151][T13803] stripe_redundancy 0 [ 981.437285][T13803] io_time[READ] 1 [ 981.437350][T13803] io_time[WRITE] 512 [ 981.437484][T13803] fragmentation 0 [ 981.437547][T13803] bp_start 8 [ 981.437674][T13803] [ 981.437730][T13803] nonzero snapshot, deleting [ 981.535397][T13803] bcachefs (loop0): flagging btree alloc lost data [ 981.542461][T13803] bcachefs (loop0): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 981.556691][T13803] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing [ 981.590946][ T9551] hid-u2fzero 0003:10C4:8ACF.001A: item fetching failed at offset 3/5 [ 981.632716][T13803] bcachefs (loop0): bcachefs (loop0): error validating btree node at btree freespace level 0/0 [ 981.632848][T13803] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0 [ 981.632970][T13803] node offset 16/32 bset u64s 13 bset byte offset 120: keys out of order: u64s 5 type set 2199023255552:31:0 len 1 ver 0 > u64s 5 type deleted 0:32:0 len 0 ver 0, fixing [ 981.677976][T13803] bcachefs (loop0): btree_node_read_work: rewriting btree node at due to error [ 981.677976][T13803] btree=freespace level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0 [ 981.711171][ T9551] hid-u2fzero 0003:10C4:8ACF.001A: probe with driver hid-u2fzero failed with error -22 [ 981.741262][T13803] bcachefs (loop0): check_topology... done [ 981.750624][T13803] bcachefs (loop0): accounting_read... done [ 981.757698][T13803] bcachefs (loop0): alloc_read... done [ 981.763703][T13803] bcachefs (loop0): snapshots_read... done [ 981.770919][T13803] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean [ 981.782623][T13803] bcachefs (loop0): done starting filesystem [ 981.810846][ T9551] usb 9-1: USB disconnect, device number 2 [ 981.966021][T10397] bcachefs (loop0): shutting down [ 982.081565][T10397] bcachefs (loop0): shutdown complete [ 982.266557][T13825] loop7: detected capacity change from 0 to 1024 [ 982.457495][T13825] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 982.705663][T13832] loop1: detected capacity change from 0 to 2048 [ 982.750750][T13832] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 982.885648][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 982.925500][T13832] UDF-fs: unknown compression code (0) [ 984.271808][ T9551] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 984.513217][ T9551] usb 6-1: Using ep0 maxpacket: 16 [ 984.531400][ T9551] usb 6-1: config index 0 descriptor too short (expected 1828, got 36) [ 984.540486][ T9551] usb 6-1: config 0 has an invalid interface number: 0 but max is -1 [ 984.549148][ T9551] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 984.558549][ T9551] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 984.568782][ T9551] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 984.580303][ T9551] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 984.703929][ T9551] usb 6-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=1a.1e [ 984.713705][ T9551] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 984.726629][ T9551] usb 6-1: Product: syz [ 984.736873][ T9551] usb 6-1: Manufacturer: syz [ 984.742252][ T9551] usb 6-1: SerialNumber: syz [ 984.826322][ T9551] usb 6-1: config 0 descriptor?? [ 984.856290][ T9551] keyspan 6-1:0.0: Keyspan 2 port adapter converter detected [ 984.864910][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 87 [ 984.875899][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 7 [ 984.886058][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 81 [ 984.894616][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 1 [ 984.903102][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 2 [ 984.918406][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 85 [ 984.928683][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 5 [ 984.980030][ T9551] usb 6-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 984.991150][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 83 [ 984.999822][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 4 [ 985.008044][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 86 [ 985.016483][ T9551] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 6 [ 985.290793][ T9551] usb 6-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 985.565398][ T1734] usb 6-1: USB disconnect, device number 11 [ 985.631656][ T1734] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 985.715608][ T1734] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 985.727026][ T1734] keyspan 6-1:0.0: device disconnected [ 986.697357][T13878] loop0: detected capacity change from 0 to 128 [ 987.443000][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 987.443079][ T30] audit: type=1326 audit(2000000608.265:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.8.3078" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0923f8e969 code=0x0 [ 987.612868][T13888] loop0: detected capacity change from 0 to 1024 [ 988.562377][T13904] loop0: detected capacity change from 0 to 16 [ 988.665049][T13904] erofs (device loop0): mounted with root inode @ nid 36. [ 988.707283][T13904] erofs (device loop0): unknown HEAD2 format 8 for nid 36, please upgrade kernel [ 988.717102][T13904] erofs (device loop0): unknown HEAD2 format 8 for nid 36, please upgrade kernel [ 988.729640][T13904] erofs (device loop0): read error -95 @ 8200 of nid 36 [ 989.244014][T13913] loop7: detected capacity change from 0 to 1024 [ 989.833598][ T14] hfsplus: b-tree write err: -5, ino 4 [ 989.988329][T13925] hugetlbfs: Bad value '¢' for mount option 'nr_inodes' [ 989.988329][T13925] [ 991.251426][T13933] loop1: detected capacity change from 0 to 32768 [ 991.295139][T13933] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section [ 991.295139][T13933] clean (size 2912): [ 991.295139][T13933] flags: 0 [ 991.295139][T13933] journal_seq: 10 [ 991.295139][T13933] usage: type=inodes v=8 [ 991.295139][T13933] usage: type=key_version v=0 [ 991.295139][T13933] usage: type=reserved v=0 [ 991.295139][T13933] usage: type=reserved v=0 [ 991.295139][T13933] usage: type=reserved v=0 [ 991.295139][T13933] usage: type=reserved v=0 [ 991.295139][T13933] data_usage: btree: 1/1 [0]=2816 [ 991.295139][T13933] data_usage: journal: 1/1 [0]=0 [ 991.295139][T13933] data_usage: user: 1/1 [0]=16 [ 991.295139][T13933] dev_usage: dev=0 [ 991.295139][T13933] free: buckets=83 sectors=34359738368 fragmented=0 [ 991.295139][T13933] sb: buckets=25 sectors=6152 fragmented=248 [ 991.295139][T13933] journal: buckets=8 sectors=2048 fragmented=0 [ 991.295139][T13933] btree: buckets=11 sectors=2816 fragmented=0 [ 991.295139][T13933] user: buckets=1 sectors=16 fragmented=240 [ 991.295139][T13933] cached: buckets=0 sectors=0 fragmented=0 [ 991.295139][T13933] parity: buckets=0 sectors=0 fragmented=0 [ 991.295139][T13933] stripe: buckets=0 sectors=0 fragmented=0 [ 991.295139][T13933] need_gc_gens: buckets=0 sectors=0 fragmented=0 [ 991.295139][T13933] need_discard: buckets=0 sectors=0 fragmented=0 [ 991.295139][T13933] clock: read=0 [ 991.295139][T13933] clock: write=1280 [ 991.295139][T13933] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 [ 991.296192][T13933] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean [ 991.647225][T13945] tipc: Enabling of bearer rejected, failed to enable media [ 991.666492][ T9551] kernel write not supported for file /stat (pid: 9551 comm: kworker/0:1) [ 992.460701][T13953] loop5: detected capacity change from 0 to 1024 [ 992.462954][T13956] loop0: detected capacity change from 0 to 256 [ 992.503383][T13959] loop8: detected capacity change from 0 to 256 [ 992.884234][T13956] FAT-fs (loop0): IO charset cpush not found [ 992.893720][T13959] FAT-fs (loop8): Directory bread(block 64) failed [ 992.901053][T13959] FAT-fs (loop8): Directory bread(block 65) failed [ 992.912416][T13959] FAT-fs (loop8): Directory bread(block 66) failed [ 992.920774][T13959] FAT-fs (loop8): Directory bread(block 67) failed [ 992.927909][T13959] FAT-fs (loop8): Directory bread(block 68) failed [ 992.934733][T13959] FAT-fs (loop8): Directory bread(block 69) failed [ 992.942076][T13959] FAT-fs (loop8): Directory bread(block 70) failed [ 992.949131][T13959] FAT-fs (loop8): Directory bread(block 71) failed [ 992.957135][T13959] FAT-fs (loop8): Directory bread(block 72) failed [ 992.960402][T13956] smb3: Unexpected value for 'acl' [ 992.964453][T13959] FAT-fs (loop8): Directory bread(block 73) failed [ 993.082140][ T3513] hfsplus: b-tree write err: -5, ino 4 [ 994.005359][T13974] loop7: detected capacity change from 0 to 512 [ 994.078881][T13974] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 994.148225][T13974] EXT4-fs (loop7): orphan cleanup on readonly fs [ 994.302076][T13974] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3119: bg 0: block 248: padding at end of block bitmap is not set [ 994.342572][T13974] Quota error (device loop7): write_blk: dquota write failed [ 994.354348][T13974] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 994.364929][T13974] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.3119: Failed to acquire dquot type 1 [ 994.416074][T13974] EXT4-fs (loop7): 1 truncate cleaned up [ 994.469081][T13974] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 994.915909][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 995.373406][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 995.380522][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 995.684194][T14000] loop8: detected capacity change from 0 to 1024 [ 995.915523][T14000] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 995.923268][T14007] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3131'. [ 995.974453][ T30] audit: type=1800 audit(2000000616.216:110): pid=14009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3130" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0 [ 996.136873][T14000] EXT4-fs error (device loop8): ext4_lookup:1789: inode #14: comm syz.8.3128: iget: immutable or append flags not allowed on symlinks [ 996.160974][T14013] loop5: detected capacity change from 0 to 512 [ 996.207880][T14000] EXT4-fs (loop8): Remounting filesystem read-only [ 996.292800][T14011] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3132'. [ 996.332838][T14013] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 996.346369][T14013] ext4 filesystem being mounted at /543/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 996.604436][T12856] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 996.636873][T14013] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #2: comm syz.5.3133: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 996.706164][T14013] EXT4-fs (loop5): Remounting filesystem read-only [ 997.061032][ T7010] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 997.231886][T14028] loop0: detected capacity change from 0 to 8 [ 998.046460][T14040] netlink: 'syz.5.3145': attribute type 2 has an invalid length. [ 998.824286][T14052] loop8: detected capacity change from 0 to 256 [ 998.855406][T14053] loop5: detected capacity change from 0 to 512 [ 998.893953][T14052] exfat: Deprecated parameter 'namecase' [ 998.905124][T14053] EXT4-fs: Ignoring removed orlov option [ 999.004049][T14053] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.3151: corrupted in-inode xattr: invalid ea_ino [ 999.030467][T14053] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.3151: couldn't read orphan inode 15 (err -117) [ 999.054058][T14053] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 999.092147][T14052] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 999.248722][ T7010] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 999.281820][T14060] loop0: detected capacity change from 0 to 16 [ 999.342375][T14060] erofs (device loop0): mounted with root inode @ nid 36. [ 999.484710][T14060] syz.0.3154: attempt to access beyond end of device [ 999.484710][T14060] loop0: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16 [ 1002.029025][T14097] loop1: detected capacity change from 0 to 1024 [ 1002.233696][T14097] syz.1.3172: attempt to access beyond end of device [ 1002.233696][T14097] loop1: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 1002.248767][T14097] Buffer I/O error on dev loop1, logical block 100663296, async page read [ 1002.257619][T14097] syz.1.3172: attempt to access beyond end of device [ 1002.257619][T14097] loop1: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 1002.274951][T14097] Buffer I/O error on dev loop1, logical block 100663296, async page read [ 1002.489351][ T1734] IPVS: starting estimator thread 0... [ 1002.545634][T14104] loop5: detected capacity change from 0 to 2048 [ 1002.612589][T14109] IPVS: using max 240 ests per chain, 12000 per kthread [ 1002.710136][T14104] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1003.371709][ T1734] usb 2-1: new low-speed USB device number 18 using dummy_hcd [ 1003.583409][ T1734] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1003.595196][ T1734] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1003.608672][ T1734] usb 2-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00 [ 1003.618306][ T1734] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1003.655607][ T1734] usb 2-1: config 0 descriptor?? [ 1004.122582][T14122] loop5: detected capacity change from 0 to 4096 [ 1004.262931][T14130] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1004.317715][ T1734] glorious 0003:258A:0036.001B: item fetching failed at offset 0/2 [ 1004.353518][ T1734] glorious 0003:258A:0036.001B: probe with driver glorious failed with error -22 [ 1004.459942][ T1734] usb 2-1: USB disconnect, device number 18 [ 1004.631968][T14136] netlink: 48 bytes leftover after parsing attributes in process `syz.7.3189'. [ 1005.123203][T14140] loop5: detected capacity change from 0 to 1024 [ 1005.145418][T14140] EXT4-fs warning (device loop5): read_mmp_block:115: Error -117 while reading MMP block 64 [ 1005.379761][T14145] loop7: detected capacity change from 0 to 256 [ 1006.468079][ T30] audit: type=1326 audit(2000000626.047:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.8.3201" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0923f8e969 code=0x0 [ 1006.819746][T14163] loop1: detected capacity change from 0 to 1024 [ 1007.459114][T14167] loop5: detected capacity change from 0 to 32768 [ 1007.484343][T14167] (syz.5.3204,14167,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0x56085f14. Applying ECC. [ 1007.499587][T14167] (syz.5.3204,14167,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1007.520024][T14167] (syz.5.3204,14167,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1007.541678][T14167] (syz.5.3204,14167,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x656d756e, computed 0xec253be7. Applying ECC. [ 1007.555773][T14167] (syz.5.3204,14167,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x656d756e, computed 0xccc08db7 [ 1007.568998][T14167] (syz.5.3204,14167,0):ocfs2_validate_dir_block:452 ERROR: Checksum failed for dinode 288 [ 1007.583932][T14167] (syz.5.3204,14167,0):ocfs2_read_virt_blocks:1029 ERROR: status = -5 [ 1007.592435][T14167] (syz.5.3204,14167,0):ocfs2_read_dir_block:511 ERROR: status = -5 [ 1007.602388][T14167] (syz.5.3204,14167,0):ocfs2_find_entry_el:728 ERROR: reading directory 18, offset 0 [ 1007.612978][T14167] (syz.5.3204,14167,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 1007.622455][T14167] (syz.5.3204,14167,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 1007.622650][T14167] (syz.5.3204,14167,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 1007.646104][T14167] (syz.5.3204,14167,0):ocfs2_initialize_super:2198 ERROR: status = -22 [ 1007.655332][T14167] (syz.5.3204,14167,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 1009.014255][T14187] delete_channel: no stack [ 1009.170751][T14188] loop5: detected capacity change from 0 to 4096 [ 1009.382936][T14194] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1010.029449][T14193] loop7: detected capacity change from 0 to 4096 [ 1010.213721][ T9551] usb 9-1: new full-speed USB device number 3 using dummy_hcd [ 1010.354208][T14203] netlink: 'syz.0.3220': attribute type 66 has an invalid length. [ 1010.462459][ T9551] usb 9-1: config 0 has an invalid interface number: 29 but max is 0 [ 1010.472265][ T9551] usb 9-1: config 0 has no interface number 0 [ 1010.478643][ T9551] usb 9-1: config 0 interface 29 has no altsetting 0 [ 1010.618473][ T9551] usb 9-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac [ 1010.628469][ T9551] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1010.641889][ T9551] usb 9-1: Product: syz [ 1010.646343][ T9551] usb 9-1: Manufacturer: syz [ 1010.651601][ T9551] usb 9-1: SerialNumber: syz [ 1010.808882][ T9551] usb 9-1: config 0 descriptor?? [ 1011.006195][T14200] loop1: detected capacity change from 0 to 32768 [ 1011.063117][T14200] (syz.1.3219,14200,1):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 1011.071836][T14200] (syz.1.3219,14200,1):ocfs2_read_locked_inode:535 ERROR: status = -12 [ 1011.085918][T14200] (syz.1.3219,14200,1):ocfs2_init_global_system_inodes:444 ERROR: status = -12 [ 1011.098494][T14200] (syz.1.3219,14200,1):ocfs2_init_global_system_inodes:476 ERROR: status = -12 [ 1011.107993][T14200] (syz.1.3219,14200,1):ocfs2_initialize_super:2198 ERROR: status = -12 [ 1011.117142][T14200] (syz.1.3219,14200,1):ocfs2_fill_super:1177 ERROR: status = -12 [ 1011.204833][ T9551] peak_usb 9-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels) [ 1011.419177][ T9551] peak_usb 9-1:0.29 can0: sending command failure: -22 [ 1011.426783][ T9551] peak_usb 9-1:0.29 can0: sending command failure: -22 [ 1011.434432][ T9551] peak_usb 9-1:0.29 can0: sending command failure: -22 [ 1011.787177][ T9551] peak_usb 9-1:0.29: probe with driver peak_usb failed with error -22 [ 1011.889609][ T9551] usb 9-1: USB disconnect, device number 3 [ 1013.431544][ T1734] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 1013.666460][ T1734] usb 6-1: Using ep0 maxpacket: 32 [ 1013.724364][ T1734] usb 6-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 1013.735169][ T1734] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1013.743989][ T1734] usb 6-1: Product: syz [ 1013.748500][ T1734] usb 6-1: Manufacturer: syz [ 1013.756438][ T1734] usb 6-1: SerialNumber: syz [ 1013.869881][ T1734] usb 6-1: config 0 descriptor?? [ 1014.073887][T14235] loop7: detected capacity change from 0 to 256 [ 1014.206788][T14237] loop0: detected capacity change from 0 to 1024 [ 1014.238811][T14235] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d) [ 1014.400934][T14237] hfsplus: cannot replace xattr [ 1014.409964][T14239] loop8: detected capacity change from 0 to 2048 [ 1014.510081][T14239] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1014.574410][ T1734] peak_usb 6-1:0.0 can0: unable to request usb[type=2 value=5] err=-71 [ 1014.705047][ T1734] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71 [ 1014.763901][ T1734] usb 6-1: USB disconnect, device number 12 [ 1014.868556][ T66] hfsplus: b-tree write err: -5, ino 4 [ 1015.508290][ T30] audit: type=1326 audit(2000000634.503:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0923f8e969 code=0x7ffc0000 [ 1015.601530][T14249] loop8: detected capacity change from 0 to 128 [ 1015.629091][ T30] audit: type=1326 audit(2000000634.578:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0923f8e969 code=0x7ffc0000 [ 1015.652343][ T30] audit: type=1326 audit(2000000634.578:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0923f8e9a3 code=0x7ffc0000 [ 1015.679094][ T30] audit: type=1326 audit(2000000634.587:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0923f8d41f code=0x7ffc0000 [ 1015.703167][ T30] audit: type=1326 audit(2000000634.587:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0923f8e9f7 code=0x7ffc0000 [ 1015.727018][ T30] audit: type=1326 audit(2000000634.597:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0923f8d2d0 code=0x7ffc0000 [ 1015.750695][ T30] audit: type=1326 audit(2000000634.597:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0923f8e56b code=0x7ffc0000 [ 1015.773790][ T30] audit: type=1326 audit(2000000634.746:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0923f8d5ca code=0x7ffc0000 [ 1015.800388][ T30] audit: type=1326 audit(2000000634.746:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0923f8d5ca code=0x7ffc0000 [ 1015.824290][ T30] audit: type=1326 audit(2000000634.746:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14246 comm="syz.8.3240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f0923f8d1d7 code=0x7ffc0000 [ 1015.836520][T14249] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1) [ 1016.026032][T14249] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100) [ 1016.034607][T14249] FAT-fs (loop8): Filesystem has been set read-only [ 1016.051907][T14253] 9pnet_fd: Insufficient options for proto=fd [ 1016.324477][T14260] loop1: detected capacity change from 0 to 1024 [ 1016.490805][T12856] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100) [ 1016.728827][ T66] hfsplus: b-tree write err: -5, ino 4 [ 1016.855154][T14266] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3248'. [ 1016.887149][T14266] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3248'. [ 1017.583934][T14279] loop1: detected capacity change from 0 to 16 [ 1017.778543][T14278] loop0: detected capacity change from 0 to 2048 [ 1017.882371][T14278] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1018.569278][ T9551] IPVS: starting estimator thread 0... [ 1018.586063][T14285] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold [ 1018.692224][T14286] IPVS: using max 192 ests per chain, 9600 per kthread [ 1018.789261][T14281] loop5: detected capacity change from 0 to 32768 [ 1019.098780][T14281] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 1019.156791][T14281] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,norecovery,nojournal_transaction_names,nocow [ 1019.156791][T14281] allowing incompatible features above 0.0: (unknown version) [ 1019.188714][T14281] bcachefs (loop5): invalid bkey in superblock btree=extents level=0: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 1019.188861][T14281] invalid key type for btree extents (btree_ptr_v2), deleting [ 1019.222939][T14281] bcachefs (loop5): invalid bkey in superblock btree=dirents level=1: u64s 11 type extent SPOS_MAX len 0 ver 281474976710656: durability: 0 (invalid extent entry 0000000000000000) [ 1019.223082][T14281] invalid key type for btree internal btree node (extent), deleting [ 1019.256150][T14281] bcachefs (loop5): invalid bkey in superblock btree=snapshots level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 255 ver 18446462598732840960: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0 [ 1019.256296][T14281] size != 0, deleting [ 1019.290557][T14281] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 1019.301511][T14281] bcachefs (loop5): Version upgrade required: [ 1019.301511][T14281] Version upgrade from 0.12: snapshot to 1.7: mi_btree_bitmap incomplete [ 1019.301511][T14281] Doing incompatible version upgrade from 0.12: snapshot to 1.25: extent_flags [ 1019.301511][T14281] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 1019.389779][T14281] bcachefs (loop5): bcachefs (loop5): error validating btree node at btree inodes level 0/0 [ 1019.389900][T14281] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0 [ 1019.390029][T14281] node offset 16/24 bset u64s 110 bset byte offset 792: keys out of order: u64s 18 type 255 7696581394432:536870913:U32_MAX len 0 ver 0 > u64s 18 type inode_v3 0:536870914:U32_MAX len 0 ver 0, fixing [ 1019.449261][T14281] bcachefs (loop5): btree_node_read_work: rewriting btree node at due to error [ 1019.449261][T14281] btree=inodes level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0 [ 1019.488762][T14281] bcachefs (loop5): bcachefs (loop5): error validating btree node at btree alloc level 0/0 [ 1019.488879][T14281] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 1019.489000][T14281] node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing [ 1019.540011][T14281] bcachefs (loop5): bcachefs (loop5): error validating btree node on loop5 at btree alloc level 0/0 [ 1019.540127][T14281] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 1019.540240][T14281] node offset 16/24 bset u64s 0: unsupported bset version 3.519 [ 1019.577702][T14281] bcachefs (loop5): flagging btree alloc lost data [ 1019.587617][T14281] bcachefs (loop5): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 1019.601731][T14281] bcachefs (loop5): error reading btree root btree=alloc level=0: btree_node_read_error, fixing [ 1019.638521][T14281] bcachefs (loop5): bcachefs (loop5): error validating btree node on loop5 at btree freespace level 0/0 [ 1019.638645][T14281] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key 0:3703155162349568:0 durability: 1 ptr: 0:29:0 gen 0 [ 1019.638769][T14281] node offset 0/32 bset u64s 0: checksum error, type none: got should be , shutting down [ 1019.638861][T14281] error not marked as autofix and not in fsck [ 1019.638941][T14281] run fsck, and forward to devs so error can be marked for self-healing [ 1019.639031][T14281] inconsistency detected - emergency read only at journal seq 10 [ 1019.707789][T14281] bcachefs (loop5): flagging btree freespace lost data [ 1019.720929][T14281] bcachefs (loop5): error reading btree root btree=freespace level=0: btree_node_read_error, fixing [ 1019.744460][T14281] bcachefs (loop5): bcachefs (loop5): error validating btree node at btree backpointers level 0/0 [ 1019.744580][T14281] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0 [ 1019.744705][T14281] node offset 8/24 bset u64s 42 bset byte offset 264: key extends past end of bset, shutting down [ 1019.744800][T14281] error not marked as autofix and not in fsck [ 1019.744881][T14281] run fsck, and forward to devs so error can be marked for self-healing [ 1019.803623][T14281] bcachefs (loop5): flagging btree backpointers lost data [ 1019.816331][T14281] bcachefs (loop5): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 1019.840419][T14281] bcachefs (loop5): check_topology... done [ 1019.852877][T14281] bcachefs (loop5): accounting_read... done [ 1019.874324][T14281] bcachefs (loop5): alloc_read... done [ 1019.883601][T14281] bcachefs (loop5): snapshots_read... done [ 1019.896280][T14281] bcachefs (loop5): done starting filesystem [ 1020.079207][ T7010] bcachefs (loop5): shutting down [ 1020.259715][ T7010] bcachefs (loop5): shutdown complete [ 1020.583433][ T9551] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 1020.812427][ T9551] usb 2-1: config 0 interface 0 altsetting 248 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1020.827477][ T9551] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1020.836401][ T9551] usb 2-1: New USB device found, idVendor=1ea7, idProduct=0907, bcdDevice= 0.00 [ 1020.854584][ T9551] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1020.960248][ T9551] usb 2-1: config 0 descriptor?? [ 1021.221696][T14320] netlink: 'syz.7.3270': attribute type 1 has an invalid length. [ 1021.230963][T14320] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1021.238670][T14320] IPv6: NLM_F_CREATE should be set when creating new route [ 1021.246292][T14320] IPv6: NLM_F_CREATE should be set when creating new route [ 1021.503657][ T9551] semitek 0003:1EA7:0907.001C: item fetching failed at offset 6/7 [ 1021.561443][ T9551] semitek 0003:1EA7:0907.001C: probe with driver semitek failed with error -22 [ 1021.717183][ T9551] usb 2-1: USB disconnect, device number 19 [ 1021.758101][T14322] loop0: detected capacity change from 0 to 512 [ 1021.874551][T14322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1022.198003][T10397] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1023.948573][T14350] loop0: detected capacity change from 0 to 64 [ 1023.987157][T14353] loop7: detected capacity change from 0 to 8 [ 1024.125809][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 1024.125885][ T30] audit: type=1800 audit(2000000642.576:132): pid=14350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3284" name="file1" dev="loop0" ino=21 res=0 errno=0 [ 1025.682924][T14377] loop5: detected capacity change from 0 to 1024 [ 1025.999715][T14381] loop7: detected capacity change from 0 to 256 [ 1026.146999][T10533] hfsplus: b-tree write err: -5, ino 4 [ 1026.354934][T14381] FAT-fs (loop7): Directory bread(block 64) failed [ 1026.362776][T14381] FAT-fs (loop7): Directory bread(block 65) failed [ 1026.370077][T14381] FAT-fs (loop7): Directory bread(block 66) failed [ 1026.376929][T14381] FAT-fs (loop7): Directory bread(block 67) failed [ 1026.384281][T14381] FAT-fs (loop7): Directory bread(block 68) failed [ 1026.391469][T14381] FAT-fs (loop7): Directory bread(block 69) failed [ 1026.398478][T14381] FAT-fs (loop7): Directory bread(block 70) failed [ 1026.409979][T14381] FAT-fs (loop7): Directory bread(block 71) failed [ 1026.417021][T14381] FAT-fs (loop7): Directory bread(block 72) failed [ 1026.427615][T14381] FAT-fs (loop7): Directory bread(block 73) failed [ 1026.490954][T14388] loop1: detected capacity change from 0 to 128 [ 1026.749237][T14392] loop8: detected capacity change from 0 to 128 [ 1027.913440][T14405] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3311'. [ 1028.052843][T14409] loop7: detected capacity change from 0 to 764 [ 1028.292379][T14409] rock: directory entry would overflow storage [ 1028.298824][T14409] rock: sig=0x4654, size=5, remaining=4 [ 1028.434589][T14409] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3312'. [ 1028.454209][T14409] netlink: 180 bytes leftover after parsing attributes in process `syz.7.3312'. [ 1028.467876][T14409] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1028.741367][T14413] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3314'. [ 1029.095970][T14408] loop1: detected capacity change from 0 to 40427 [ 1029.147898][T14408] F2FS-fs (loop1): heap/no_heap options were deprecated [ 1030.280025][T14426] autofs: Bad value for 'fd' [ 1030.485063][T14423] loop7: detected capacity change from 0 to 4096 [ 1030.523757][T14423] ntfs3(loop7): ino=3, Correct links count -> 2. [ 1030.668527][T14432] loop8: detected capacity change from 0 to 1024 [ 1030.988607][T14439] tmpfs: Cannot change global quota limit on remount [ 1031.146104][T14423] ntfs3(loop7): failed to convert "0080" to cp860 [ 1031.157474][ T9551] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 1031.195238][T14423] ntfs3(loop7): failed to convert name for inode 1e. [ 1031.234414][T14423] ntfs3(loop7): ino=1f, mi_enum_attr [ 1031.240290][T14423] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 1031.276142][T14423] ntfs3(loop7): ino=1f, mi_enum_attr [ 1031.404160][ T9551] usb 1-1: Using ep0 maxpacket: 16 [ 1031.492709][ T9551] usb 1-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47 [ 1031.502290][ T9551] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1031.511448][ T9551] usb 1-1: Product: syz [ 1031.515878][ T9551] usb 1-1: Manufacturer: syz [ 1031.520950][ T9551] usb 1-1: SerialNumber: syz [ 1031.694264][ T9551] usb 1-1: config 0 descriptor?? [ 1031.731799][ T9551] gspca_main: sn9c2028-2.14.0 probing 0c45:800a [ 1031.989507][ T9551] gspca_sn9c2028: read1 error -32 [ 1032.213168][ T9551] gspca_sn9c2028: read1 error -71 [ 1032.219104][ T9551] sn9c2028 1-1:0.0: probe with driver sn9c2028 failed with error -71 [ 1032.285197][ T9551] usb 1-1: USB disconnect, device number 27 [ 1032.579266][T14453] loop8: detected capacity change from 0 to 512 [ 1032.735879][T14453] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1032.749610][T14453] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1032.878293][T14460] loop1: detected capacity change from 0 to 128 [ 1033.013605][ T30] audit: type=1800 audit(2000000650.882:133): pid=14460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3334" name="file1" dev="loop1" ino=1048748 res=0 errno=0 [ 1033.052017][T14449] loop7: detected capacity change from 0 to 4096 [ 1033.060870][T14460] FAT-fs (loop1): error, clusters badly computed (0 != 1) [ 1033.068421][T14460] FAT-fs (loop1): Filesystem has been set read-only [ 1033.075760][T14460] FAT-fs (loop1): error, clusters badly computed (1 != 2) [ 1033.087027][T14460] FAT-fs (loop1): error, clusters badly computed (2 != 3) [ 1033.095891][T14460] FAT-fs (loop1): error, clusters badly computed (3 != 4) [ 1033.103584][T14460] FAT-fs (loop1): error, clusters badly computed (4 != 5) [ 1033.111160][T14460] FAT-fs (loop1): error, clusters badly computed (5 != 6) [ 1033.119252][T14460] FAT-fs (loop1): error, clusters badly computed (6 != 7) [ 1033.126961][T14460] FAT-fs (loop1): error, clusters badly computed (7 != 8) [ 1033.254854][T12856] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1034.323913][T14473] netlink: 188 bytes leftover after parsing attributes in process `syz.5.3341'. [ 1034.324034][T14473] netlink: 'syz.5.3341': attribute type 1 has an invalid length. [ 1034.864616][T14481] loop5: detected capacity change from 0 to 512 [ 1034.906642][T14481] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1034.955069][T14481] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.3345: invalid block [ 1034.959108][T14481] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3345: invalid indirect mapped block 4294967295 (level 1) [ 1034.975529][T14481] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3345: invalid indirect mapped block 4294967295 (level 1) [ 1035.022022][T14481] EXT4-fs (loop5): 2 truncates cleaned up [ 1035.024272][T14481] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1035.175521][T14487] loop7: detected capacity change from 0 to 512 [ 1035.284943][T14487] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -13 [ 1035.305121][T14487] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.3347: invalid indirect mapped block 2683928664 (level 1) [ 1035.418216][T14487] EXT4-fs (loop7): Remounting filesystem read-only [ 1035.438905][ T7010] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1035.484786][T14487] EXT4-fs (loop7): 1 truncate cleaned up [ 1035.500298][T14487] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1035.541796][T14493] netlink: 'syz.1.3348': attribute type 1 has an invalid length. [ 1035.881753][T14466] Bluetooth: hci3: command 0x0406 tx timeout [ 1035.993422][T14497] loop0: detected capacity change from 0 to 1024 [ 1036.053951][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1036.200232][T14497] syz.0.3351: attempt to access beyond end of device [ 1036.200232][T14497] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 1036.217485][T14497] Buffer I/O error on dev loop0, logical block 2889, async page read [ 1036.226102][T14497] syz.0.3351: attempt to access beyond end of device [ 1036.226102][T14497] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 1036.239857][T14497] Buffer I/O error on dev loop0, logical block 2889, async page read [ 1036.275695][ T30] audit: type=1800 audit(2000000653.913:134): pid=14497 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3351" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 1036.331407][T14502] syz.0.3351: attempt to access beyond end of device [ 1036.331407][T14502] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 1037.052355][T14510] loop1: detected capacity change from 0 to 512 [ 1037.120128][T14510] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1037.325769][T14510] EXT4-fs (loop1): 1 truncate cleaned up [ 1037.334317][T14510] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1037.438016][ T30] audit: type=1800 audit(2000000655.026:135): pid=14510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3357" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 1037.792900][T14525] loop7: detected capacity change from 0 to 256 [ 1038.137922][T14525] FAT-fs (loop7): Directory bread(block 64) failed [ 1038.144781][T14525] FAT-fs (loop7): Directory bread(block 65) failed [ 1038.152535][T14525] FAT-fs (loop7): Directory bread(block 66) failed [ 1038.159720][T14525] FAT-fs (loop7): Directory bread(block 67) failed [ 1038.168284][T14525] FAT-fs (loop7): Directory bread(block 68) failed [ 1038.175668][T14525] FAT-fs (loop7): Directory bread(block 69) failed [ 1038.182984][T14525] FAT-fs (loop7): Directory bread(block 70) failed [ 1038.189819][T14525] FAT-fs (loop7): Directory bread(block 71) failed [ 1038.197032][T14525] FAT-fs (loop7): Directory bread(block 72) failed [ 1038.204023][T14525] FAT-fs (loop7): Directory bread(block 73) failed [ 1038.253127][T14527] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3366'. [ 1038.263165][T14527] netlink: 116 bytes leftover after parsing attributes in process `syz.8.3366'. [ 1038.372016][T14529] loop0: detected capacity change from 0 to 512 [ 1038.396151][T14529] EXT4-fs: Ignoring removed nobh option [ 1038.421659][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1038.463792][T14531] loop5: detected capacity change from 0 to 16 [ 1038.567220][T14529] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.3365: invalid indirect mapped block 256 (level 2) [ 1038.612759][T14531] erofs (device loop5): mounted with root inode @ nid 36. [ 1038.700552][T14529] EXT4-fs (loop0): 2 truncates cleaned up [ 1038.709258][T14529] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1038.753970][T14531] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 1038.843766][T14538] loop1: detected capacity change from 0 to 128 [ 1038.875284][T14531] erofs (device loop5): failed to decompress -44 in[46, 4050] out[1851] [ 1038.888509][T14531] erofs (device loop5): read error -117 @ 43 of nid 36 [ 1038.898871][T14538] EXT4-fs: Ignoring removed nobh option [ 1038.906279][T14537] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 1038.915594][T14537] erofs (device loop5): failed to decompress -44 in[46, 4050] out[1851] [ 1038.924674][T14537] erofs (device loop5): read error -117 @ 43 of nid 36 [ 1039.008810][T14538] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1039.040805][T14538] ext4 filesystem being mounted at mnt:[4026532788] supports timestamps until 2038-01-19 (0x7fffffff) [ 1039.069935][T14541] loop7: detected capacity change from 0 to 512 [ 1039.117132][T14538] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1039.169675][T14541] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1039.187580][T14541] ext4 filesystem being mounted at /189/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1039.252399][T10397] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1039.755051][T11791] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1041.867876][T14583] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3387'. [ 1042.272255][T14591] loop8: detected capacity change from 0 to 512 [ 1042.432844][T14591] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -13 [ 1042.526659][T14591] EXT4-fs warning (device loop8): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 1042.537606][T14591] EXT4-fs warning (device loop8): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 1042.634660][T14591] EXT4-fs (loop8): 1 truncate cleaned up [ 1042.643312][T14591] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1042.907849][T14601] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3394'. [ 1043.197916][T12856] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1043.959448][T14605] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 1044.273166][T14622] ip6_vti0: entered promiscuous mode [ 1044.422838][T14624] loop0: detected capacity change from 0 to 1024 [ 1044.456174][T14624] EXT4-fs: Ignoring removed nobh option [ 1044.462206][T14624] EXT4-fs: Ignoring removed bh option [ 1044.494532][ T1734] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 1044.641072][T14624] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1044.680006][ T1734] usb 9-1: Using ep0 maxpacket: 8 [ 1044.728544][ T1734] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1044.749530][ T1734] usb 9-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1044.762139][ T1734] usb 9-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1044.770699][ T1734] usb 9-1: Product: syz [ 1044.775121][ T1734] usb 9-1: Manufacturer: syz [ 1044.780129][ T1734] usb 9-1: SerialNumber: syz [ 1045.041439][ T1734] usb 9-1: Handspring Visor / Palm OS: No valid connect info available [ 1045.041574][ T1734] usb 9-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1045.041703][ T1734] usb 9-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1045.041831][ T1734] usb 9-1: Handspring Visor / Palm OS: Number of ports: 2 [ 1045.253544][ T1734] visor 9-1:1.0: Handspring Visor / Palm OS converter detected [ 1045.258487][ T1734] usb 9-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 1045.275520][ T1734] usb 9-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 1045.308037][T10397] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1045.478100][ T1734] usb 9-1: USB disconnect, device number 4 [ 1045.522125][ T1734] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 1045.572411][ T1734] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 1045.585584][ T1734] visor 9-1:1.0: device disconnected [ 1046.856011][T14635] loop0: detected capacity change from 0 to 4096 [ 1046.923998][T14635] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 1047.258658][T14645] tipc: Can't bind to reserved service type 2 [ 1047.459612][T14635] ntfs3(loop0): failed to convert "c46c" to maccenteuro [ 1047.481943][T14635] ntfs3(loop0): ino=20, mi_enum_attr [ 1047.487706][T14635] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 1048.272642][T14660] tipc: Started in network mode [ 1048.278038][T14660] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 1048.294614][T14660] tipc: Enabled bearer , priority 10 [ 1048.600023][T14662] loop5: detected capacity change from 0 to 2048 [ 1048.616533][T14664] rdma_op ffff88813337fd80 conn xmit_rdma 0000000000000000 [ 1048.758656][T14662] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1048.771667][T14662] ext4 filesystem being mounted at /597/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1049.194503][ T7010] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1049.493920][ T9551] tipc: Node number set to 4269801488 [ 1050.010331][T14685] netlink: 'syz.5.3430': attribute type 1 has an invalid length. [ 1051.012022][T14700] ieee802154 phy0 wpan0: encryption failed: -22 [ 1051.333326][T14703] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 1051.340237][T14703] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1051.348617][T14703] vhci_hcd vhci_hcd.0: Device attached [ 1051.521145][T14709] proc: Bad value for 'gid' [ 1051.629393][ T9551] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 1051.725454][ T1734] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 1051.936487][ T1734] usb 1-1: config 0 has no interfaces? [ 1051.946435][ T1734] usb 1-1: New USB device found, idVendor=0de5, idProduct=0056, bcdDevice= 5.b5 [ 1051.956022][ T1734] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1052.033510][ T1734] usb 1-1: config 0 descriptor?? [ 1052.101276][T14717] loop5: detected capacity change from 0 to 16 [ 1052.120057][T14717] erofs (device loop5): mounted with root inode @ nid 36. [ 1052.311852][ T1734] usb 1-1: USB disconnect, device number 28 [ 1052.431406][T14705] usb 33-1: recv xbuf, 0 [ 1052.459687][ T4579] vhci_hcd: stop threads [ 1052.465406][ T4579] vhci_hcd: release socket [ 1052.470217][ T4579] vhci_hcd: disconnect device [ 1052.870044][ T9551] vhci_hcd: vhci_device speed not set [ 1054.454173][T14748] Bluetooth: MGMT ver 1.23 [ 1055.316192][T14761] loop1: detected capacity change from 0 to 256 [ 1055.478273][T14761] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1056.061625][T14775] loop8: detected capacity change from 0 to 64 [ 1056.892184][T14790] netlink: set zone limit has 8 unknown bytes [ 1056.967790][T14789] loop0: detected capacity change from 0 to 512 [ 1056.999173][T14789] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1057.006773][T14789] EXT4-fs: quotafile must be on filesystem root [ 1057.642345][T14792] loop1: detected capacity change from 0 to 4096 [ 1057.780645][T14792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1058.343894][T14811] loop0: detected capacity change from 0 to 1024 [ 1058.958323][T14807] loop8: detected capacity change from 0 to 32768 [ 1059.022372][T14807] (syz.8.3487,14807,1):ocfs2_verify_volume:2316 ERROR: bad system_dir_blkno: 0 [ 1059.036908][T14807] (syz.8.3487,14807,1):ocfs2_verify_volume:2331 ERROR: status = -22 [ 1059.048524][T14807] (syz.8.3487,14807,1):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 1059.054137][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1059.057404][T14807] (syz.8.3487,14807,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 1059.751490][ T66] hfsplus: b-tree write err: -5, ino 4 [ 1060.919478][ T30] audit: type=1326 audit(2000000676.970:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14838 comm="syz.8.3502" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0923f8e969 code=0x0 [ 1061.078697][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 1061.085735][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1061.442273][T14851] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3507'. [ 1061.452155][T14851] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3507'. [ 1062.379879][T14865] libceph: resolve '4..' (ret=-3): failed [ 1063.412415][T14883] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3523'. [ 1063.817114][T14888] sd 0:0:1:0: device reset [ 1064.129370][T14896] tmpfs: Cannot enable quota on remount [ 1065.984071][T14917] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3539'. [ 1065.994938][T14917] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3539'. [ 1066.004626][T14917] netlink: 'syz.1.3539': attribute type 15 has an invalid length. [ 1066.156880][T14919] netlink: 'syz.8.3540': attribute type 1 has an invalid length. [ 1066.166104][T14919] netlink: 204 bytes leftover after parsing attributes in process `syz.8.3540'. [ 1066.176066][T14919] netlink: 'syz.8.3540': attribute type 1 has an invalid length. [ 1066.277002][T14912] loop0: detected capacity change from 0 to 40427 [ 1066.350545][T14912] F2FS-fs (loop0): Mismatch start address, segment0(0) cp_blkaddr(512) [ 1066.363229][T14912] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 1066.378116][T14912] F2FS-fs (loop0): FLUSH_MERGE not compatible with readonly mode [ 1067.077344][T14923] loop1: detected capacity change from 0 to 512 [ 1067.094703][T14923] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 1067.206352][T14923] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002] [ 1067.250203][T14923] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.3542: bad orphan inode 7 [ 1067.272921][T14923] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1067.393885][T14923] EXT4-fs error (device loop1): htree_dirblock_to_tree:1082: inode #2: block 13: comm syz.1.3542: bad entry in directory: rec_len % 4 != 0 - offset=60, inode=15, rec_len=199, size=1024 fake=0 [ 1067.786512][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1068.039693][T14935] tipc: Started in network mode [ 1068.045084][T14935] tipc: Node identity 00000000000000000000ffff640101, cluster identity 4711 [ 1068.055611][T14935] tipc: Enabling of bearer rejected, failed to enable media [ 1068.855025][T14949] loop5: detected capacity change from 0 to 256 [ 1068.893550][T14949] exfat: Deprecated parameter 'namecase' [ 1068.900266][T14949] exfat: Deprecated parameter 'namecase' [ 1069.017450][T14949] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 1069.066198][ T9551] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 1069.311150][ T9551] usb 2-1: Using ep0 maxpacket: 8 [ 1069.432749][ T9551] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 1069.442454][ T9551] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1069.451208][ T9551] usb 2-1: Product: syz [ 1069.462837][ T9551] usb 2-1: Manufacturer: syz [ 1069.467824][ T9551] usb 2-1: SerialNumber: syz [ 1069.511266][ T9551] usb 2-1: config 0 descriptor?? [ 1069.573611][ T9551] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 1069.583928][ T9551] usb 2-1: setting power ON [ 1069.591719][ T9551] dvb-usb: bulk message failed: -22 (2/0) [ 1069.698253][ T9551] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1069.734968][ T9551] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 1069.744298][ T9551] usb 2-1: media controller created [ 1069.836954][T14948] dvb-usb: bulk message failed: -22 (3/0) [ 1069.843096][T14948] ===================================================== [ 1069.850613][T14948] BUG: KMSAN: uninit-value in cxusb_i2c_xfer+0x1303/0x18e0 [ 1069.861409][T14948] cxusb_i2c_xfer+0x1303/0x18e0 [ 1069.870608][T14948] __i2c_transfer+0xec7/0x30e0 [ 1069.875633][T14948] i2c_transfer+0x300/0x4b0 [ 1069.881782][T14948] i2c_transfer_buffer_flags+0x138/0x200 [ 1069.887695][T14948] i2cdev_write+0x214/0x2b0 [ 1069.895509][T14948] vfs_writev+0x8db/0x1420 [ 1069.900281][T14948] do_writev+0x1b1/0x580 [ 1069.904726][T14948] __x64_sys_writev+0x99/0xf0 [ 1069.909773][T14948] x64_sys_call+0x269a/0x3db0 [ 1069.915722][T14948] do_syscall_64+0xd9/0x1b0 [ 1069.916815][ T9551] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1069.925160][T14948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1069.936457][T14948] [ 1069.938921][T14948] Local variable i.i838 created at: [ 1069.944413][T14948] cxusb_i2c_xfer+0x304/0x18e0 [ 1069.949431][T14948] __i2c_transfer+0xec7/0x30e0 [ 1069.957676][T14948] [ 1069.960177][T14948] CPU: 1 UID: 0 PID: 14948 Comm: syz.1.3554 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(undef) [ 1069.976511][T14948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1069.991141][T14948] ===================================================== [ 1069.998433][T14948] Disabling lock debugging due to kernel taint [ 1070.004784][T14948] Kernel panic - not syncing: kmsan.panic set ... [ 1070.011382][T14948] CPU: 1 UID: 0 PID: 14948 Comm: syz.1.3554 Tainted: G B 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(undef) [ 1070.025464][T14948] Tainted: [B]=BAD_PAGE [ 1070.029765][T14948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1070.040012][T14948] Call Trace: [ 1070.043443][T14948] [ 1070.046519][T14948] __dump_stack+0x26/0x30 [ 1070.051117][T14948] dump_stack_lvl+0x53/0x270 [ 1070.055959][T14948] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1070.062065][T14948] dump_stack+0x1e/0x25 [ 1070.066467][T14948] panic+0x4bd/0xd50 [ 1070.070688][T14948] kmsan_report+0x29d/0x2a0 [ 1070.075483][T14948] ? vprintk_default+0x3f/0x50 [ 1070.080533][T14948] ? __msan_warning+0x96/0x120 [ 1070.085661][T14948] ? cxusb_i2c_xfer+0x1303/0x18e0 [ 1070.090943][T14948] ? __i2c_transfer+0xec7/0x30e0 [ 1070.096116][T14948] ? i2c_transfer+0x300/0x4b0 [ 1070.101013][T14948] ? i2c_transfer_buffer_flags+0x138/0x200 [ 1070.107052][T14948] ? i2cdev_write+0x214/0x2b0 [ 1070.111936][T14948] ? vfs_writev+0x8db/0x1420 [ 1070.116744][T14948] ? do_writev+0x1b1/0x580 [ 1070.121390][T14948] ? __x64_sys_writev+0x99/0xf0 [ 1070.126511][T14948] ? x64_sys_call+0x269a/0x3db0 [ 1070.131629][T14948] ? do_syscall_64+0xd9/0x1b0 [ 1070.136579][T14948] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.142895][T14948] ? kmsan_get_metadata+0x105/0x1b0 [ 1070.148366][T14948] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1070.154978][T14948] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1070.161280][T14948] ? kmsan_get_metadata+0x105/0x1b0 [ 1070.166724][T14948] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1070.173296][T14948] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1070.179595][T14948] ? mutex_unlock+0x29/0x50 [ 1070.184319][T14948] ? kmsan_get_metadata+0x105/0x1b0 [ 1070.189771][T14948] __msan_warning+0x96/0x120 [ 1070.194609][T14948] cxusb_i2c_xfer+0x1303/0x18e0 [ 1070.199699][T14948] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.206077][T14948] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1070.212136][T14948] ? kmsan_get_metadata+0x105/0x1b0 [ 1070.217570][T14948] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1070.223629][T14948] ? kmsan_get_metadata+0x105/0x1b0 [ 1070.229077][T14948] ? __pfx_cxusb_i2c_xfer+0x10/0x10 [ 1070.234499][T14948] ? __pfx_cxusb_i2c_xfer+0x10/0x10 [ 1070.239928][T14948] __i2c_transfer+0xec7/0x30e0 [ 1070.244887][T14948] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1070.251452][T14948] ? __pfx_i2c_adapter_lock_bus+0x10/0x10 [ 1070.257413][T14948] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1070.263738][T14948] ? __pfx_i2c_adapter_lock_bus+0x10/0x10 [ 1070.269883][T14948] i2c_transfer+0x300/0x4b0 [ 1070.274696][T14948] i2c_transfer_buffer_flags+0x138/0x200 [ 1070.280571][T14948] i2cdev_write+0x214/0x2b0 [ 1070.285291][T14948] vfs_writev+0x8db/0x1420 [ 1070.289915][T14948] ? __pfx_i2cdev_write+0x10/0x10 [ 1070.295155][T14948] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1070.301768][T14948] ? kmsan_get_metadata+0x105/0x1b0 [ 1070.307236][T14948] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1070.313303][T14948] do_writev+0x1b1/0x580 [ 1070.317726][T14948] ? kmsan_get_metadata+0x105/0x1b0 [ 1070.323271][T14948] __x64_sys_writev+0x99/0xf0 [ 1070.328202][T14948] x64_sys_call+0x269a/0x3db0 [ 1070.333145][T14948] do_syscall_64+0xd9/0x1b0 [ 1070.337902][T14948] ? irqentry_exit+0x16/0x60 [ 1070.342736][T14948] ? clear_bhb_loop+0x40/0x90 [ 1070.347624][T14948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.353741][T14948] RIP: 0033:0x7f778dd8e969 [ 1070.358329][T14948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1070.378181][T14948] RSP: 002b:00007f778ebb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1070.386811][T14948] RAX: ffffffffffffffda RBX: 00007f778dfb5fa0 RCX: 00007f778dd8e969 [ 1070.394984][T14948] RDX: 0000000000000001 RSI: 00002000000012c0 RDI: 0000000000000004 [ 1070.403127][T14948] RBP: 00007f778de10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1070.411279][T14948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1070.419417][T14948] R13: 0000000000000000 R14: 00007f778dfb5fa0 R15: 00007ffeae39cba8 [ 1070.427596][T14948] [ 1070.431096][T14948] Kernel Offset: disabled [ 1070.435515][T14948] Rebooting in 86400 seconds..