last executing test programs: 53.140474534s ago: executing program 1 (id=483): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x64, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x64}}, 0x0) 51.650279442s ago: executing program 1 (id=485): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000000)=@fragment={0x73, 0x0, 0x5, 0x1, 0x0, 0x1, 0x64}, 0x8) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 51.071356181s ago: executing program 1 (id=487): openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYBLOB], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000600)={[{@grpid}]}, 0x1, 0x521, &(0x7f0000000640)="$eJzs3d9rZFcdAPDvvcmkyW5qpiqyFmyLrewW3ZmksRpF2gqiTwW1vq8xmYSQSSZkJnUTiqb4BwgiKvgH+CL44KMg/RNEWNB3UVFEd/VR98qdudH8mEnGZJJZJ58PnMw598f5nnPJ3Lk/DvcGcG29EBFvRMRYRLwcETPF9LRIsd9J+XKPHr6zlKcksuytvyaRFNMO6srL4xFxs1htMiK++qWIbyQn4zZ399YX6/XadlGutja2qs3dvbtrG4urtdXa5vz83M8j4tWF2axwoX6WI+K1L/zxB9/9yRdf++Unvvm7e3++8628WZ/7UKfdEbF0oQA9dOoutbfFgXwbbV9GsCHJ+1MaG3YrAADoR36M//6I+Gj7+H8mxtpHcwAAAMAoyV6fjn8mERkAAAAwstKImI4krRRjAaYjTSuVzhjeD8aNtN5otj6+0tjZXM7nRZSjlK6s1WuzxVjhcpSSvDxXjLE9KL9yrDwfEc9ExPdnptrlylKjvjzsix8AAABwTdx8/uj5/z9m0nYeAAAAGDHlngUAAABgVDjlBwAAgNHn/B8AAABG2pfffDNP2cF7vJff3t1Zb7x9d7nWXK9s7CxVlhrbW5XVRmO1/cy+jbPqqzcaW5+MzZ371Vat2ao2d/fubTR2Nlv31o68AhsAAAC4Qs88/95vk4jY/+xUO0XxHECAI/4w7AYAgzQ27AYAQzM+7AYAQ1M6cwl7CBh1yRnzTw7e6VwrjF9dTnsAAIDBu/3hk/f/J4p5Z18bAP6fGesDANfP0bt7U0NrB3D1SucdAXhr0C0BhuV9nY+nes3v+fCOPu7/d64xZNm5GgYAAAzMdDslaaU4Tp+ONK1UIp6Ox1k5SsnKWr02W5wf/Gam9FRenmuvmZw5ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6MiyJDIAAABgpEWkf0raT/OPuD3z0vTRqwPH3vr147d+eH+x1dqei5hI/jaTT5qIiNaPiumvZF4JAAAAAMM1lf/pnKcXn3PDbhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo+bRw3eWDtJVxv3L5yOi3C3+eEy2PyejFBE3/p7E+KH1kogYG0D8/Xcj4la3+Ek8zrKsXLSiW/ypS45fbm+a7vHTiLg5gPhwnb2X73/e6Pb9S+OF9mf37994kS6q9/4v/c/+b6zH/ufpY+Venn3ws2rP+O9GPDveff9zED/pxD8SIi+82Gcfv/61vb2uMw5V2S3+4VjV1sZWtbm7d3dtY3G1tlrbnJ+f+9TCpxdeXZitrqzVa8XfrmG+95FfPD6t/zd6xC8f7f+J7f9SX73P4l8P7j/8QKdQ6hb/zovdf39v9YifFr99Hyvy+fzbB/n9Tv6w53766+dO6/9yj/5PntH/O331Pz7z8le+8/uuc05sDQDgKjR399YX6/Xa9imZyT6W+Z8yERet5/WBtudJyMTZy0w+IU29jEz27c7/48XqueDqJzLZRVYfjwE0Y+LE93QszlthErGf19XnPyQAADBi/nvQf9odJAAAAAAAAAAAAAAAAAAAAOAynfOxZJMR0ffCx2PuD6erAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn+ncAAAD//+8b0g8=") 49.841056582s ago: executing program 1 (id=490): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") creat(&(0x7f0000000000)='./bus\x00', 0xd931d3864d39ddd8) bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r0, &(0x7f0000004200)='t', 0x1) setsockopt(0xffffffffffffffff, 0x1, 0x10000000000009, &(0x7f0000000180)="00050002", 0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xfd, 0x0, 0x7ffffcbb}]}) rt_sigpending(0x0, 0x0) 48.281012439s ago: executing program 1 (id=497): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./bus\x00', 0x100000a, &(0x7f00000024c0)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c75737271756f74612c626172726965723d30303030303030303030303030303030303030372c6865617274626561743d6e6f6e652c696e6f646536342c00d873411c28051b39a8d0cb5470d4b9079054c29527f625e70a8207b94e58742f35e5768e84cb79ba77f09f2700000000f49afc19d14efd676c67978d0844e31fb5dcd0d4da2120d3cc4041ca9f8e7141e740590edf0382054cd9f7184d4bfa5bfea4521cf16a6394ab048c4c6ef534a38e62b9d956869300978f972203d8ed50c521927d263db9ef6c04874271ef9ab8b27b7a2948d8ed0ac0c1df1a5ef96c446ed5cfa1540416880a94ce9e7b0a1c97fb7ee7ad09bba0e1f8648042ad81536046caece170f485fe1430941a0490b3ab000800009a8989bfda8a46733e7df713141b00014f84658d62f6299e6bd92585ec709a1b338b618882bd2646ff1ceb78802ea7294b9a1a91d0267a21ca92127eff7ddd90c75977b34f94ca6ff689c231b00a4c58"], 0x11, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101142, 0xd0178796ba12c9d9) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x29f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.stat\x00', 0x275a, 0x0) write$FUSE_NOTIFY_POLL(r1, &(0x7f0000000740)={0x18, 0x1, 0x0, {0x3}}, 0x18) ftruncate(r1, 0xc17a) ftruncate(r0, 0x6) 44.778411365s ago: executing program 1 (id=508): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f00000000c0), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+oOgcHUXP88p+Xr865z06AaTWudo/mYjhiHgnIo7VV7c+4Vz9bv3x7ZnaLRPV6pWPMsnzauvNpzb/35GIWIuIwYj4428j/pbZGbe8sjo/XSwWlhrr+crCYr68snrx+sL0XGGucGNs8tLU1OToxPjUnrX17n/+cffyG78feP2zfz+8/9+33qylNdzYtrkde6ne9P44semxvoj41X4E64Fcoz1DvU6Eb6T28/tuRJxP6v9Y5JKfZmee7GtmwH6rVqvVL6uH2m1eqwIHVjYZA2eyIxFRX85mR0bqY/jvxeFssVSu/OxaafnGbH2sfDz6s9euFwujjc8Kx6M/U1sfS5afro9vW5+ISMbA/8sNJesjM6XibHe7OmCbI9vq/9Ncvf6BlOj8Iz9w0Kh/SC/1D+ml/iG91D+kl/qH9FL/kF7qH9JL/UN6tar/oz3IA+i+3f7+D3QxD6Cr/nD5cu1WbZ7/PntzZXm+dPPibKE8P7KwPDMyU1paHJkrleaSc3YWnvV6xVJpceznsXwrXymUK/nyyurVhdLyjcrV5Lz+q4X+rrQK6MSJs/fey0TE2i+Gklts+pOvVuFgq1Yz0etzkIHeyPW6AwJ6JtvrBICe+Rqf8dt+SRjwYmvxFb0bBo+03fTrWNyXdIAu2HX8/+RB9xIBuu7Cacf/IK3s/4f0cuoPpJcxPrDb/v9oXMuvJfv/4YVl/g+k13Cb638d3XTtrtGI+E5EvJvrP9S81hdwEGQ/zDTG/xeO/Wh4+9aBzOfJIYKBiPjnK1deujVdqSyN1R7/eOPxysuNx8d7kT/Q3tY9fM06bdYxAJBe649vzzRv3Yz76Df1SQg74/c19k0OJiOYw+uZLXMVMns0d2HtTkScahU/07jeef3Ix+H13I74Jxv3mfpLJPn2JddN707805vi/3BT/DPf+l2BdLhX639GW9VfNqnp2Ki/rf3P8B7NnWj2f80515vjN/u/XJv+72yHMf7+6r9aHd5NJns/uhNxpmX/24w3mMTaHr+W24UO4z/8y5++325b9bX667SK31RbylcWFvPlldWL15tZTF6ampocnRifyif7qPPNPdU7/fLU2/fbxa+1v6FN+9/f0f6hRk4/6bD9X/zgwZ/P7RL/x+db//6dTO63vf/V6kYOP+0w/ifjH/y13bZa/Nk273+2Vfxobo2Y6DB++f+/c+4wADxHyiur89PFYmHJggULz/dCX3Qx6LN6jrXudFDAvnla9L3OBAAAAAAAAAAAAOhUu9m/9/ZwOnGv2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBB8FQAA///o09CU") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) 29.383472828s ago: executing program 32 (id=508): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f00000000c0), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+oOgcHUXP88p+Xr865z06AaTWudo/mYjhiHgnIo7VV7c+4Vz9bv3x7ZnaLRPV6pWPMsnzauvNpzb/35GIWIuIwYj4428j/pbZGbe8sjo/XSwWlhrr+crCYr68snrx+sL0XGGucGNs8tLU1OToxPjUnrX17n/+cffyG78feP2zfz+8/9+33qylNdzYtrkde6ne9P44semxvoj41X4E64Fcoz1DvU6Eb6T28/tuRJxP6v9Y5JKfZmee7GtmwH6rVqvVL6uH2m1eqwIHVjYZA2eyIxFRX85mR0bqY/jvxeFssVSu/OxaafnGbH2sfDz6s9euFwujjc8Kx6M/U1sfS5afro9vW5+ISMbA/8sNJesjM6XibHe7OmCbI9vq/9Ncvf6BlOj8Iz9w0Kh/SC/1D+ml/iG91D+kl/qH9FL/kF7qH9JL/UN6tar/oz3IA+i+3f7+D3QxD6Cr/nD5cu1WbZ7/PntzZXm+dPPibKE8P7KwPDMyU1paHJkrleaSc3YWnvV6xVJpceznsXwrXymUK/nyyurVhdLyjcrV5Lz+q4X+rrQK6MSJs/fey0TE2i+Gklts+pOvVuFgq1Yz0etzkIHeyPW6AwJ6JtvrBICe+Rqf8dt+SRjwYmvxFb0bBo+03fTrWNyXdIAu2HX8/+RB9xIBuu7Cacf/IK3s/4f0cuoPpJcxPrDb/v9oXMuvJfv/4YVl/g+k13Cb638d3XTtrtGI+E5EvJvrP9S81hdwEGQ/zDTG/xeO/Wh4+9aBzOfJIYKBiPjnK1deujVdqSyN1R7/eOPxysuNx8d7kT/Q3tY9fM06bdYxAJBe649vzzRv3Yz76Df1SQg74/c19k0OJiOYw+uZLXMVMns0d2HtTkScahU/07jeef3Ix+H13I74Jxv3mfpLJPn2JddN707805vi/3BT/DPf+l2BdLhX639GW9VfNqnp2Ki/rf3P8B7NnWj2f80515vjN/u/XJv+72yHMf7+6r9aHd5NJns/uhNxpmX/24w3mMTaHr+W24UO4z/8y5++325b9bX667SK31RbylcWFvPlldWL15tZTF6ampocnRifyif7qPPNPdU7/fLU2/fbxa+1v6FN+9/f0f6hRk4/6bD9X/zgwZ/P7RL/x+db//6dTO63vf/V6kYOP+0w/ifjH/y13bZa/Nk273+2Vfxobo2Y6DB++f+/c+4wADxHyiur89PFYmHJggULz/dCX3Qx6LN6jrXudFDAvnla9L3OBAAAAAAAAAAAAOhUu9m/9/ZwOnGv2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBB8FQAA///o09CU") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) 15.963333004s ago: executing program 0 (id=555): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10) gettid() clock_getres(0x9, 0x0) 13.099749241s ago: executing program 4 (id=563): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="01000000080000000500000007"], 0x50) bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)="4365bb0900def8000000007408976b9de690ada367088868352fff6e7b3d129f79ff8c6e4ef7ffe3fcb13a385699e46e71ab25bedc2ba614608c2d2e5b63626da6f9e8b48e", &(0x7f00000000c0), 0x3a, r0}, 0x38) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r0, &(0x7f0000000100), 0x0}, 0x20) 12.108730037s ago: executing program 4 (id=564): prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@cgroup, 0x8, 0x1, 0x5, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0x0, 0x0}, 0x40) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f0000000180)={[{@dioread_nolock}, {@jqfmt_vfsv0}]}, 0xff, 0x4a9, &(0x7f0000000580)="$eJzs3M9rXNUeAPDvnUnS301eX1/fa1+r0SoWfyRNWrULFyoKLhQEXdRlTNJaO22kiWBLsFGkLqXgXlwK/gXu3Ii6EMGtgkspFA1CUxcSub+aZDKZ5menzXw+MJlz5p6Zc773njNz5p7cCaBt9aZ/koidEfFzRHTn2YUFevO7menJ4ZvTk8NJzM6+9nuSlbsxPTlcFi2ft6PIHKlEVD5K4tlkcb3jFy+dHarVRi8U+f6Jc+/0j1+89MSZc0OnR0+Pnh88ceL4sYGnnxp8cl3iTOO6ceD9sYP7X3rj6ivDJ6+++d2XabP2Hcq3z4/jtm42CKiB3nSv/TGbqd/28Arafi/YNS+ddLSwIaxINSLSw9WZjf/uqMbcweuOFz9saeOADZV+Nm1ZevPULLCJJdHqFgCtUX7Qp99/y9sdmnrcFa4/F9EV+fmKmenJ4Zlb8XdEpSjTuYH190bEyam/PktvsdLzEAAAq5DNbR5vNP+rxL7sPl/r2F2sofRExL8iYk9E/Dsi9kbEfyKysv+NiP/lT57tXmb9vXX5xfOfyrWGbV4n6fzvmZib+83Mi7+466kWuV1Z/J3JqTO10aPFPjkSnVvS/ECTOr5+4adPlto2f/6X3tL6y7lg0YBrHXUn6EaGJobWaydc/yDiQEej+JNbKwFpD9gfEQdi8TpWE7vLxJlHvzi4VKHbx9/EOqwzzX4e8Uh+/KeiLv5S0nx9sn9r1EaP9pe9YrHvf7zy6oIHqnPJNcW/DtLjv31h/68r0f1nkq/XdkatNnphfOV1XPnl4yW/06yk/5ddPu3/Xcnr2Zr1D2/lB+q9oYmJCwMRXcnLWZmuomz2+ODcq5X5snwa/5HDjcf/nuI5aQX/j4i0Ex+KiPsi4v6i7Q9ExIMRcbhJ/N8+/9DbTeJPIomWHv+Rhu9/t/p/TzJ/vX4VierZb75aasV8ecf/eExl77W57P3vNpbbwDXuPgAAALgnVCJiZySVvjzduzMqlb6+/H/498b2Sm1sfOKxU2Pvnh/JrxHoic5Keaare9750IFkqnjFPD9YnCsutx8rzht/Wt2W5fuGx2ojLY4d2t2OheM/yvGf+q3a6tYBG871WtC+6sd/pUXtAO685Xz++y4Am1OD8b+tFe0A7jzf/6F9NRr/l+vy5v+wOXUsSvza4CfrgM3I/B/al/EP7cv4h7a0luv6V58oLxZY/etsXfYV/psmcbl5mfIXLzayGdti7pGo3B27pWHi7+LnLe+W9qw5kY6YBY9EJLGhlc79hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC97J8AAAD//wHu668=") bpf$OBJ_GET_PROG(0x7, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) socket$inet_udp(0x2, 0x2, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x400c0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="260a00000000000061109400000000001800000000000000000000000000001095000000000000002132d81d46d91cafc115d6a8decf312680c61eca18d0aaada2036c2bcda5c8a36317034fe825aaf2f5d933cc3bd569d357f723e6034a1310e93aa82258d8df6fc0841201c29940c2f52ca74ec1b89a583d74d1f5b1265e5d0b460a11fbad6515f0420c4358f45c03bec90f9cfcb504e39e0673e9092cd0e62ab18090393e"], &(0x7f0000000000)='GPL\x00'}, 0x80) 11.546290698s ago: executing program 0 (id=565): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2204c850, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000001040)=0x6) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xa, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94) 7.088924021s ago: executing program 4 (id=567): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x3}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(r5, 0x0, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) 6.813963842s ago: executing program 0 (id=568): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4(r1, 0x0, 0x2, 0x0) 6.29690867s ago: executing program 0 (id=571): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000d600000000000000000000008500000041000000850000000f000000"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 6.112824767s ago: executing program 2 (id=572): connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r1, 0x4004743a, &(0x7f0000000300)) ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, &(0x7f0000001f00)) sendmmsg(0xffffffffffffffff, &(0x7f0000007180)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000025c0)="3dc7", 0x2}, {&(0x7f0000000340)='+pv~', 0x4}], 0x2}}], 0x1, 0x10014) 5.944038193s ago: executing program 0 (id=573): bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b00000008000000070000000900000001"], 0x50) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x84022, &(0x7f0000000840)={[{@nr_inodes={'nr_inodes', 0x3d, [0x65]}}, {@inode32}]}) 5.885448986s ago: executing program 4 (id=574): bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRES32], 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="000018"], 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00000004000000080000000b"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, &(0x7f0000000180), 0x0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1804"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) close(0xffffffffffffffff) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6) ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x4010744d, &(0x7f0000000180)) 5.742095005s ago: executing program 0 (id=575): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0xfffffffffffffff7, &(0x7f0000000300)=""/155) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000840)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', 0x0}) r6 = fcntl$getown(0xffffffffffffffff, 0x9) sched_getaffinity(r6, 0x8, &(0x7f0000000000)) r7 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r5, 0x25, 0x2, @val=@perf_event={0x11}}, 0x18) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYRES64=r0, @ANYBLOB="7ed47b15e364bcbf83f5bf7ea669d578e9ca51f4b18c48a8553af6fbabdcfa9634a37660c73ed8160d50c83f738bf9"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r7, r8, 0x4, r3}, 0x10) r9 = getpid() r10 = syz_pidfd_open(r9, 0x0) setns(r10, 0x24020000) syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0) keyctl$join(0x1, 0x0) 5.56089219s ago: executing program 2 (id=576): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) listen(r3, 0x2) 3.905944626s ago: executing program 3 (id=577): openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r2, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0xa13ca8e5839881ae, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 3.719858261s ago: executing program 3 (id=578): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2204c850, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000001040)=0x6) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xa, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94) 3.128838613s ago: executing program 2 (id=579): syz_mount_image$vfat(&(0x7f0000000780), &(0x7f0000000000)='./bus\x00', 0x90, &(0x7f0000000140)=ANY=[], 0x6, 0x2d7, &(0x7f0000000340)="$eJzs3T9rJGUYAPBnNrN/1GJTWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2Fe4g4h+cu0rsbCz9BILgB7GxsxRsBTsjBEZmdia7m4ybjWQjmt+vSN688zzzPvPOJJkmT957cXpwP4uHTz//JQaDJDqjfsRREtvRicaTWDL6OgCA/7Kjoojfi5mWwz9/tSJ3sMG6AIDNOef3fy2tPt4rI364utoAgM24e+/tN3f39m6/lWWDuDP98nCcRET5eXZ892F8EJN4EDdjGMcR1YtCN6q3hXJ4pyiKPM1K2/HKND8cl5nTd3+sz7/7W0SVvxPD2K6mTt42qvw39m7vZDML+XlZx7P1+qMy/1YM4/mT5KX8Wy35Me7Fqy8v1H8jhvHT+/FRTOJ+VcQ8/4udLHu9+OaPz94pyyvzk/xw3K/i5oqtZvH8iu8RAAAAAAAAAAAAAAAAAAAAAAD/Pzfq3jn9qPr3lFN1/52t4/KLbmSNeX+fDzt50x8oaU407w8UnaIo8iK+bfrr3MyyrKgD5/190nghrRsLAgAAAAAAAAAAAAAAAAAAwDX3+JNPD/YnkwePLmXQdANII+LPuxH/9DyjhZmXYnVwv15zfzLp1MPlmHRxJraamCRiZRnlRVzStpw3eOZMzfXgu+/PBidPZjcujbYTDs5ftNu+1gUHH3dn+9ga0zxdB/tJ+x72T4oflDcuTt+4XrSv3o1TM72/q7B5FNe7nF7roeGFt6X3XDXIV8REsur74rVfZ2UvXMVSTK/a1db0bj1YSD/1bKz1PMdgln72Z0WiWwcAAAAAAAAAAAAAAAAAAGzU/K9/Ww4+XZnaKfobKwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArtT8//+vM0iXk9fI6sWjx//WtQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9/BUAAP//gxtVEw==") syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000140)='./file0\x00', 0x8040, &(0x7f0000000040)={[{@sysvgroups}], [{@fowner_lt}, {@seclabel}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3c9vU8kdAPDve/lJCCS0HNqqLZTS0gphJwYixIleWlUIqSrqqQdIExNFseModihJOYT/oVKRemr/hB4q9VCJU++97d72wh5WYnfRrshKe/DqPTshQBwChHgVfz7SxG/eOP7OxHozzjexJ4CedToi1iNiMCJuR8RY+3zSLnGtVbL7PXt6f2bj6f2ZJJrNm58leXt2LrZ9T+Zo+zGHI+L3v4n4U/Jq3Prq2sJ0pVJebteLjepSsb66dmG+Oj1XnisvlkpTk1MTVy5eLu3bWE9V//Xk1/PX//Df//zo8f/Xf/mXrFuj7bbt49hPraEPbMXJ9EfE9fcRrAv62uMZ7HZHeCtpRHwnIs7k1/9Y9OXPJgBwmDWbY9Ec214HAA67NM+BJWmhnQsYjTQtFFo5vJMxklZq9cb5O7WVxdlWrmw8BtI785XyRDtXOB4DSVafzI+f10sv1S9GxImI+OvQkbxemKlVZrv5wgcAetjRl9b/L4da6z8AcMgNd7sDAMCBs/4DQO+x/gNA77H+A0Dvsf4DQO95g/XfSwUAOCQs6gDQU35340ZWmhvtz7+evbu6slC7e2G2XF8oVFdmCjO15aXCXK02l39mT/V1j1ep1ZYmL8XKvWKjXG8U66trt6q1lcXGrfxzvW+VBw5kVADAbk6cevRhEhHrV4/kJbbt5WCthsMt7XYHgK7p63YHgK6x2xf0Lr/jAzts0fuCjv8i9HD/+wIcjHPfl/+HXiX/D71L/h96l/w/9K5mM7HnPwD0GDl+wN//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M2N5iVJC+29wEcjTQuFiGMRMR4DyZ35SnkiIo5HxAdDA0NZfbLbnQYA3lH6SdLe/+vc2NnR5+eH8q+DyVf5wWBE/PnvN/92b7rRWJ7Mzn++db7xsH2+1K0xAAC72VynN9fxTc+e3p/ZLAfZnye/am0umsXdaJdWS3/057fDMRARI18k7XpL9nqlbx/irz+IiO/tNP4kz42Mt3c+fTl+FvvYgcZPX4if5m2t2+xn8d196Av0mkfZ/HNtp+svjdP57c7X/3A+Q727zflv45X5L92a//o6zH+n9xrj0v9+27HtQcQP+neKn2zFTzrEP7vH+B/98MdnOrU1/xFxLnaOvz1WsVFdKtZX1y7MV6fnynPlxVJpanJq4srFy6VinqMubmaqX/Xp1fPHdxv/SIf4w68Z/8/2OP5/fn37jz/ZJf4vfrrz839yl/jZmvjzPcafHvl3x+27s/izHcb/uuf//B7jP/54bXaPdwUADkB9dW1hulIpLztwcDAHG82W3e7TjIhvQVd7+aDbMxPwvj2/6LvdEwAAAAAAAAAAAAAAoJM3fGPQYLzF24m6PUYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr28CAAD//xlX3DU=") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00]) read$FUSE(r0, &(0x7f0000002d40)={0x2020}, 0x2020) 2.910973889s ago: executing program 2 (id=580): syz_emit_ethernet(0xfed7, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always']) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b) 2.612500897s ago: executing program 3 (id=581): setxattr$system_posix_acl(0x0, 0x0, &(0x7f0000002b40), 0x24, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000680)={[{@delalloc}, {@sysvgroups}, {@nodioread_nolock}, {@test_dummy_encryption_v1}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x3}}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xbf4, &(0x7f0000001740)="$eJzs3M9rHNcdAPDvjFa/LLUrl1LqXqxSig1t17KLTG0KtYtLLz0U2h4LFvLKCK1/IKm4knVYtf9AaXsu9NjGJPgQn31JINdcEucak0PABMVKSAjJhtkfsiLtSrK9qxHS5wNv5715M/u+3xlWMw/tbABH1nj2kkaciIirSUSxuT6NiIF6bSii2thufW1l+tO1lekkarU/fJREEhFP11amW++VNJcjzcZQRLz96yS+8/ft4y4sLc9NVSrl+Wb7zOKN22cWlpZ/Nntj6nr5evnm2fO/mDw3eX7iwuRL51hoLj9//9KDT3742w+qX/z/y3sf/6tWq9VitNm3OY9uGY/xjWOyNZ6pbg+Wk75mPpvzTAq77JT2OCgAADpKN93DfS+K0RfPbt6K8cY7uQYHAAAAdEWtL6IGAAAAHHKJ+T8AAAAccq3vATxdW5lulXy/kbC/nlyOiLFG/uvN0ugpRLW+HIr+iDj2NInNj7Umjd1e2nhEPH7vwmtZiR49h7yT6mpEfL/d+U/q+Y/Vn+Lenn8aERNdGH98S/ug5f/Tgc75X+rC+HnnD8DR9PBy40K2/fqXbtz/RJvrX6HNtetF5H39a93/rW+7/2vlP1x/Prbd/d/v9zjG3f/9506nviz/Xz74zautko2fLV8qqefwZDXiB4V2+Scb5z/pkP/VPY5R/OpOuVNf3vnX/htxKtrn35K0+32igWbnhckzM7OV8kTjte0Yq29NvtJp/Lzzz87/sQ7573b+b+9xjD9fuXK/U9/u+acfDiR/rNdah/yvU4uL82cjBpLfbV9/rvlAewetbVrvkeV/+kc7ff7b558NUW0eh2wusNpcZu2/bRnzV/fuvr5T/tncL8/zf+0Fz/8/9jjGj9/85+lOPwm1ef6blWz8x0ljLgwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlEjEaSljbqaVoqRYxExHfjWFq5tbD4k5lbf7l5LeuLGIv+dGa2Up6IiGKjnWTts/X6s/a5Le2fR8TxiPh3cbjeLk3fqlzLO3kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2jETEaCRpKSLSiFgvpmmplHdUAAAAQNeN5R0AAAAA0HPb5v+FfOIAAAAAesf//wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOix4ycfPkoionpxuF4yA82+/lwjA3otzTsAIDd9eQcA5KaQdwBAbp5zju92AQ6hZJf+oY49g12PBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICD69SJh4+SiKheHK6XzECzr7/tHif3MTqgl9LdNhjenziA/de3U2dh/+IA9t8uH3FXfzjE2s/xgaMk2aV/6Nk21W/2DPYsJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOntF6SdJSRKT1epqWShHfioix6E9mZivliYj4dkS8W+wfzNqDeQcNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA1y0sLc9NVSrl+eHmivmNNUemknxWqx2AMHpaSSPiAISRVaoRkd/ofxo5EAehbSU5GGE0Kjn/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBcLS8tzU5VKeX7hBXYe6kFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG4WlpbnpiqV8ny7SqQRm9bc33HjzpW8cwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9fBwAA///UnQhj") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000800038004000380080005"], 0x3c}}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x880) 1.216905325s ago: executing program 2 (id=582): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000d600000000000000000000008500000041000000850000000f00000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 810.312031ms ago: executing program 3 (id=583): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x3}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6658919dd714c43c}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) 661.225886ms ago: executing program 2 (id=584): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x7ff, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xffff, 0x20000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x7b53a000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001800)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ftruncate(r4, 0x80000001) 592.5434ms ago: executing program 4 (id=585): connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r1, 0x4004743a, &(0x7f0000000300)) ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, &(0x7f0000001f00)) sendmmsg(0xffffffffffffffff, &(0x7f0000007180)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000025c0)="3dc7", 0x2}, {&(0x7f0000000340)='+pv~', 0x4}], 0x2}}], 0x1, 0x10014) 192.459753ms ago: executing program 3 (id=586): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000e9ff00000400000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18) get_robust_list(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) 25.469877ms ago: executing program 4 (id=587): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x4, 0x4, {{0x14, 0x1, @in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) 0s ago: executing program 3 (id=588): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) listen(r3, 0x2) kernel console output (not intermixed with test programs): ort 2(bridge_slave_1) entered forwarding state [ 92.161983][ T5823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 92.182012][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.202669][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.209893][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.250790][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.258043][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.352347][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.387891][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.473166][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.510844][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.548069][ T1011] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.555388][ T1011] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.601147][ T1011] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.608520][ T1011] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.656772][ T1011] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.664229][ T1011] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.744834][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.752160][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.804662][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.002758][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.049859][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.235356][ T5823] veth0_vlan: entered promiscuous mode [ 93.290558][ T5823] veth1_vlan: entered promiscuous mode [ 93.360187][ T5828] veth0_vlan: entered promiscuous mode [ 93.391031][ T5831] veth0_vlan: entered promiscuous mode [ 93.417636][ T5828] veth1_vlan: entered promiscuous mode [ 93.428776][ T5143] Bluetooth: hci0: command tx timeout [ 93.434246][ T5143] Bluetooth: hci1: command tx timeout [ 93.434331][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.454538][ T5831] veth1_vlan: entered promiscuous mode [ 93.506246][ T5823] veth0_macvtap: entered promiscuous mode [ 93.512183][ T5827] Bluetooth: hci2: command tx timeout [ 93.549450][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.565171][ T5823] veth1_macvtap: entered promiscuous mode [ 93.589878][ T5828] veth0_macvtap: entered promiscuous mode [ 93.624499][ T5828] veth1_macvtap: entered promiscuous mode [ 93.683916][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.697746][ T5831] veth0_macvtap: entered promiscuous mode [ 93.727248][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.748856][ T5827] Bluetooth: hci4: command tx timeout [ 93.749400][ T5143] Bluetooth: hci3: command tx timeout [ 93.756109][ T67] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.784858][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.805332][ T67] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.816461][ T67] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.849473][ T5831] veth1_macvtap: entered promiscuous mode [ 93.874313][ T67] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.887629][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.901203][ T5819] veth0_vlan: entered promiscuous mode [ 93.939162][ T67] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.973774][ T67] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.983009][ T67] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.013936][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.027934][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.036024][ T67] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.062888][ T5819] veth1_vlan: entered promiscuous mode [ 94.133062][ T5832] veth0_vlan: entered promiscuous mode [ 94.144441][ T1011] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.145114][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.157688][ T1011] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.171368][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.182102][ T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.204870][ T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.255466][ T5832] veth1_vlan: entered promiscuous mode [ 94.291469][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.301646][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.355660][ T5819] veth0_macvtap: entered promiscuous mode [ 94.377443][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.387062][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.403603][ T5819] veth1_macvtap: entered promiscuous mode [ 94.456542][ T5823] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 94.525463][ T3008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.536845][ T3008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.536885][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.584740][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.611884][ T5832] veth0_macvtap: entered promiscuous mode [ 94.632213][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.646080][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.661303][ T5935] loop1: detected capacity change from 0 to 2048 [ 94.667527][ T5832] veth1_macvtap: entered promiscuous mode [ 94.707662][ T5936] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 94.741375][ T3008] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.758535][ T3008] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.820673][ T3008] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.843862][ T3008] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.854696][ T5936] NILFS error (device loop1): nilfs_sufile_mark_dirty: active segment 3 is erroneous [ 94.880047][ T5936] Remounting filesystem read-only [ 94.894700][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.904551][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.906212][ T5935] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 94.920312][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.991399][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.043829][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.091643][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.151017][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.172526][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.194030][ T5938] loop2: detected capacity change from 0 to 1024 [ 95.215549][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.238669][ T5938] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 95.273398][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.329419][ T5938] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.512952][ T5143] Bluetooth: hci1: command tx timeout [ 95.518751][ T5143] Bluetooth: hci0: command tx timeout [ 95.588866][ T5827] Bluetooth: hci2: command tx timeout [ 95.653345][ T3008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.672625][ T3008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.555170][ T5143] Bluetooth: hci4: command tx timeout [ 96.560770][ T5827] Bluetooth: hci3: command tx timeout [ 96.784258][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.875645][ T1011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.912993][ T5940] loop1: detected capacity change from 0 to 32768 [ 96.919458][ T5953] loop2: detected capacity change from 0 to 64 [ 96.922645][ T1011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.979196][ T5940] ======================================================= [ 96.979196][ T5940] WARNING: The mand mount option has been deprecated and [ 96.979196][ T5940] and is ignored by this kernel. Remove the mand [ 96.979196][ T5940] option from the mount to silence this warning. [ 96.979196][ T5940] ======================================================= [ 97.074849][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.095269][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.290105][ T5940] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 97.390635][ T5940] OCFS2: ERROR (device loop1): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode 73: bits per cluster 32 [ 97.466930][ T5958] random: crng reseeded on system resumption [ 97.599389][ T5958] loop3: detected capacity change from 0 to 256 [ 97.653431][ T5958] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 98.293505][ T5940] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 98.395780][ T5940] OCFS2: File system is now read-only. [ 98.472388][ T5940] (syz.1.6,5940,1):ocfs2_read_locked_inode:599 ERROR: status = -30 [ 98.524420][ T5940] (syz.1.6,5940,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30 [ 98.643475][ T5940] (syz.1.6,5940,1):ocfs2_init_local_system_inodes:496 ERROR: status=-30, sysfile=8, slot=0 [ 98.773861][ T5940] (syz.1.6,5940,1):ocfs2_init_local_system_inodes:505 ERROR: status = -30 [ 98.822496][ T5940] (syz.1.6,5940,1):ocfs2_mount_volume:1758 ERROR: status = -30 [ 98.904139][ T5971] loop4: detected capacity change from 0 to 2048 [ 98.930226][ T5940] (syz.1.6,5940,1):ocfs2_fill_super:1177 ERROR: status = -30 [ 99.411160][ T5837] loop4: p2 p3 p7 [ 99.554375][ T5978] loop2: detected capacity change from 0 to 256 [ 99.603638][ T5971] loop4: unable to read partition table [ 99.636253][ T5971] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 99.785585][ T5978] exfat: Deprecated parameter 'namecase' [ 99.927114][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 99.939864][ T5829] udevd[5829]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 99.940890][ T5970] udevd[5970]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 100.055501][ T5978] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x368b264c, utbl_chksum : 0xe619d30d) [ 101.560499][ T5973] loop0: detected capacity change from 0 to 32768 [ 101.574827][ T5991] loop4: detected capacity change from 0 to 512 [ 101.600367][ T5973] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.10 (5973) [ 101.687380][ T5991] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.731121][ T5991] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.742369][ T5973] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 101.777711][ T5973] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 101.809560][ T5983] loop3: detected capacity change from 0 to 32768 [ 101.891273][ T5983] (syz.3.13,5983,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 101.916237][ T5983] (syz.3.13,5983,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 102.058406][ T5983] JBD2: Ignoring recovery information on journal [ 102.091038][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.155876][ T5973] BTRFS error (device loop0): open_ctree failed: -4 [ 102.347730][ T5983] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 102.427096][ T6013] loop4: detected capacity change from 0 to 256 [ 102.442054][ T5985] loop1: detected capacity change from 0 to 32768 [ 102.490472][ T6013] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 102.566184][ T5985] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.12 (5985) [ 102.872721][ T5985] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 103.105276][ T5985] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm [ 103.476459][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR [ 103.476905][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 103.556825][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 103.607070][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 103.624316][ T5831] ocfs2: Unmounting device (7,3) on (node local) [ 103.689207][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 103.691654][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 103.730320][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 103.760684][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 103.818964][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 103.852985][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 103.888508][ T5985] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 103.938744][ T5985] BTRFS error (device loop1): open_ctree failed: -12 [ 104.301099][ T6041] loop3: detected capacity change from 0 to 2048 [ 104.364845][ T6042] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 104.909366][ T6050] loop3: detected capacity change from 0 to 2048 [ 104.990781][ T6050] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 105.078669][ T6050] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 105.149016][ T6056] loop0: detected capacity change from 0 to 256 [ 105.311885][ T6056] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 106.584709][ T6064] loop0: detected capacity change from 0 to 1024 [ 106.592382][ T6064] EXT4-fs: Ignoring removed i_version option [ 107.498675][ T6064] EXT4-fs (loop0): Cannot use DAX on a filesystem that may contain inline data [ 110.314834][ T6077] loop1: detected capacity change from 0 to 1024 [ 110.363060][ T6079] loop0: detected capacity change from 0 to 2048 [ 110.464194][ T6080] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 110.664522][ T6073] loop3: detected capacity change from 0 to 32768 [ 110.703226][ T6073] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.32 (6073) [ 111.763462][ T6073] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 111.794106][ T6075] loop4: detected capacity change from 0 to 32768 [ 111.823201][ T6073] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 111.878378][ T6075] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.33 (6075) [ 112.881976][ T6075] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 112.908657][ T6075] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm [ 113.264485][ T6121] Zero length message leads to an empty skb [ 113.279477][ T6073] BTRFS error (device loop3): open_ctree failed: -4 [ 113.539046][ T6075] BTRFS error (device loop4): open_ctree failed: -4 [ 113.613878][ T6127] loop1: detected capacity change from 0 to 16 [ 113.656768][ T6127] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 114.117910][ T6133] loop1: detected capacity change from 0 to 2048 [ 114.180406][ T6134] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 114.876184][ T6129] loop0: detected capacity change from 0 to 40427 [ 114.913577][ T6129] F2FS-fs (loop0): build fault injection rate: 174 [ 114.925654][ T6129] F2FS-fs (loop0): build fault injection type: 0x3bfe8c [ 114.972423][ T6129] F2FS-fs (loop0): invalid crc value [ 115.203804][ T6129] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 115.301783][ T6129] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 115.442098][ T6129] syz.0.43: attempt to access beyond end of device [ 115.442098][ T6129] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 115.490578][ T6129] CPU: 1 UID: 0 PID: 6129 Comm: syz.0.43 Not tainted syzkaller #0 PREEMPT(full) [ 115.490612][ T6129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 115.490625][ T6129] Call Trace: [ 115.490633][ T6129] [ 115.490643][ T6129] dump_stack_lvl+0x189/0x250 [ 115.490684][ T6129] ? __pfx_dump_stack_lvl+0x10/0x10 [ 115.490716][ T6129] ? __pfx_queue_work_on+0x10/0x10 [ 115.490741][ T6129] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 115.490768][ T6129] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 115.490809][ T6129] f2fs_handle_critical_error+0x37c/0x540 [ 115.490850][ T6129] f2fs_write_end_io+0x886/0xb60 [ 115.490895][ T6129] __submit_merged_bio+0x27a/0x6a0 [ 115.490933][ T6129] __submit_merged_write_cond+0x255/0x530 [ 115.490972][ T6129] f2fs_write_data_pages+0x261d/0x3000 [ 115.491038][ T6129] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 115.491158][ T6129] ? __lock_acquire+0xab9/0xd20 [ 115.491195][ T6129] ? do_raw_spin_lock+0x121/0x290 [ 115.491231][ T6129] ? do_raw_spin_unlock+0x122/0x240 [ 115.491252][ T6129] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 115.491275][ T6129] do_writepages+0x32e/0x550 [ 115.491320][ T6129] ? do_raw_spin_unlock+0x122/0x240 [ 115.491345][ T6129] filemap_fdatawrite+0x199/0x240 [ 115.491375][ T6129] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 115.491462][ T6129] ? do_raw_spin_unlock+0x122/0x240 [ 115.491489][ T6129] f2fs_sync_dirty_inodes+0x31f/0x830 [ 115.491532][ T6129] f2fs_write_checkpoint+0x93e/0x2440 [ 115.491595][ T6129] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 115.491666][ T6129] ? down_write+0x162/0x1f0 [ 115.491696][ T6129] ? __pfx_down_write+0x10/0x10 [ 115.491740][ T6129] f2fs_issue_checkpoint+0x3b8/0x610 [ 115.491769][ T6129] ? __pfx_f2fs_issue_checkpoint+0x10/0x10 [ 115.491815][ T6129] ? __lock_acquire+0xab9/0xd20 [ 115.491886][ T6129] ? f2fs_sync_fs+0x200/0x3d0 [ 115.491919][ T6129] f2fs_do_sync_file+0x869/0x1860 [ 115.491961][ T6129] ? __pfx_f2fs_do_sync_file+0x10/0x10 [ 115.492036][ T6129] ? __pfx_down_write+0x10/0x10 [ 115.492069][ T6129] ? sb_start_write+0x114/0x1c0 [ 115.492101][ T6129] ? mnt_want_write_file+0x164/0x200 [ 115.492127][ T6129] __f2fs_ioctl+0x485a/0xb5b0 [ 115.492174][ T6129] ? file_ioctl+0x22d/0x780 [ 115.492202][ T6129] ? __pfx_file_ioctl+0x10/0x10 [ 115.492245][ T6129] ? kasan_quarantine_put+0xdd/0x220 [ 115.492277][ T6129] ? lockdep_hardirqs_on+0x9c/0x150 [ 115.492304][ T6129] ? __pfx___f2fs_ioctl+0x10/0x10 [ 115.492335][ T6129] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 115.492368][ T6129] ? do_vfs_ioctl+0xb33/0x1430 [ 115.492389][ T6129] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 115.492417][ T6129] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 115.492450][ T6129] ? vfs_write+0x956/0xb30 [ 115.492514][ T6129] ? __fget_files+0x2a/0x420 [ 115.492548][ T6129] ? __fget_files+0x3a0/0x420 [ 115.492575][ T6129] ? __fget_files+0x2a/0x420 [ 115.492608][ T6129] ? f2fs_ioctl+0x135/0x250 [ 115.492631][ T6129] ? __pfx_f2fs_ioctl+0x10/0x10 [ 115.492655][ T6129] __se_sys_ioctl+0xfc/0x170 [ 115.492683][ T6129] do_syscall_64+0xfa/0xfa0 [ 115.492711][ T6129] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.492732][ T6129] ? clear_bhb_loop+0x60/0xb0 [ 115.492758][ T6129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.492778][ T6129] RIP: 0033:0x7f60b2f8f6c9 [ 115.492799][ T6129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.492817][ T6129] RSP: 002b:00007f60b3dd2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 115.492840][ T6129] RAX: ffffffffffffffda RBX: 00007f60b31e5fa0 RCX: 00007f60b2f8f6c9 [ 115.492855][ T6129] RDX: 0000000000000000 RSI: 000000000000f502 RDI: 0000000000000005 [ 115.492868][ T6129] RBP: 00007f60b3011f91 R08: 0000000000000000 R09: 0000000000000000 [ 115.492880][ T6129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.492892][ T6129] R13: 00007f60b31e6038 R14: 00007f60b31e5fa0 R15: 00007ffcaca6d7d8 [ 115.492931][ T6129] [ 115.493002][ T6129] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 115.527298][ T6161] loop3: detected capacity change from 0 to 1024 [ 115.588248][ T6163] loop1: detected capacity change from 0 to 256 [ 115.910008][ T6163] exfat: Deprecated parameter 'namecase' [ 115.968535][ T6163] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x368b264c, utbl_chksum : 0xe619d30d) [ 119.266954][ T6181] loop3: detected capacity change from 0 to 2048 [ 119.368650][ T6184] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 120.365543][ T5979] kernel write not supported for file /sysvipc/msg (pid: 5979 comm: kworker/0:7) [ 120.523906][ T6172] loop4: detected capacity change from 0 to 32768 [ 120.564340][ T6172] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.55 (6172) [ 120.641405][ T6172] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 120.730383][ T6172] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm [ 120.800870][ T6172] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR [ 120.808131][ T6172] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 120.847225][ T6172] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 120.881679][ T6172] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 120.922140][ T6172] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 120.933024][ T6172] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 120.943100][ T6172] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 120.953824][ T6172] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 120.974837][ T6172] BTRFS error (device loop4): open_ctree failed: -12 [ 121.067759][ T6213] loop3: detected capacity change from 0 to 2048 [ 121.164004][ T6213] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 122.345816][ T6240] loop0: detected capacity change from 0 to 1024 [ 122.379540][ T6240] EXT4-fs: Ignoring removed nobh option [ 122.385360][ T6240] EXT4-fs: Ignoring removed bh option [ 122.481812][ T6240] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.828954][ T6240] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 123.141053][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.352256][ T6256] loop1: detected capacity change from 0 to 32768 [ 125.374481][ T6256] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.78 (6256) [ 125.417128][ T6256] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 125.449630][ T6256] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm [ 125.632833][ T6256] BTRFS info (device loop1): setting nodatasum [ 125.648022][ T6256] BTRFS info (device loop1): enabling ssd optimizations [ 125.655030][ T6256] BTRFS info (device loop1): turning off barriers [ 125.688049][ T6256] BTRFS info (device loop1): disabling tree log [ 125.694373][ T6256] BTRFS info (device loop1): turning on async discard [ 125.701763][ T6256] BTRFS info (device loop1): enabling free space tree [ 125.708895][ T6256] BTRFS info (device loop1): enabling auto defrag [ 126.046053][ T6272] loop3: detected capacity change from 0 to 32768 [ 126.046053][ T6270] loop0: detected capacity change from 0 to 32768 [ 126.047885][ T6270] BTRFS info: device /dev/loop0 (7:0) using temp-fsid 1089ab4f-9407-40ca-b252-0101cf7e5033 [ 126.141345][ T6270] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.80 (6270) [ 126.683515][ T6272] BTRFS info: device /dev/loop3 (7:3) using temp-fsid cf559ca5-af22-499c-aaee-581c720bb043 [ 126.702003][ T5823] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 126.715702][ T6270] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 126.726375][ T6270] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm [ 126.737800][ T6272] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.82 (6272) [ 126.798896][ T6304] loop4: detected capacity change from 0 to 1024 [ 126.827175][ T6272] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 126.842188][ T6304] EXT4-fs: Ignoring removed nobh option [ 126.852842][ T6272] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm [ 126.885334][ T6304] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 127.038423][ T6270] BTRFS info (device loop0): enabling ssd optimizations [ 127.073869][ T6270] BTRFS info (device loop0): turning on async discard [ 127.100524][ T6270] BTRFS info (device loop0): enabling free space tree [ 127.153988][ T13] BTRFS warning (device loop3): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xcee3a718 level 0 [ 127.208336][ T6270] BTRFS info (device loop0): use zlib compression, level 3 [ 127.219632][ T6272] BTRFS warning (device loop3): couldn't read tree root [ 127.226692][ T6272] BTRFS warning (device loop3): try to load backup roots slot 1 [ 127.274022][ T13] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0xe06dfc66 level 0 [ 127.294073][ T6272] BTRFS warning (device loop3): couldn't read tree root [ 127.319025][ T6272] BTRFS warning (device loop3): try to load backup roots slot 2 [ 127.344156][ T5949] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 127.378146][ T6272] BTRFS warning (device loop3): couldn't read tree root [ 127.385600][ T5819] BTRFS info (device loop0): last unmount of filesystem 1089ab4f-9407-40ca-b252-0101cf7e5033 [ 127.395538][ T6272] BTRFS warning (device loop3): try to load backup roots slot 3 [ 127.529704][ T6272] BTRFS info (device loop3): checking UUID tree [ 127.608530][ T6272] BTRFS info (device loop3): setting nodatasum [ 127.646112][ T6272] BTRFS info (device loop3): setting nodatacow [ 127.689412][ T6272] BTRFS info (device loop3): enabling ssd optimizations [ 127.739263][ T6272] BTRFS info (device loop3): turning on flush-on-commit [ 127.784868][ T6272] BTRFS info (device loop3): turning on async discard [ 127.814506][ T6272] BTRFS info (device loop3): enabling free space tree [ 127.951946][ T6272] BTRFS info (device loop3): trying to use backup root at mount time [ 128.008074][ T6272] BTRFS info (device loop3): max_inline set to 0 [ 129.024272][ T5831] BTRFS info (device loop3): last unmount of filesystem cf559ca5-af22-499c-aaee-581c720bb043 [ 129.170954][ T6352] loop4: detected capacity change from 0 to 2048 [ 129.186899][ T6352] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 129.201872][ T6352] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 130.274107][ T6370] loop4: detected capacity change from 0 to 512 [ 130.387028][ T6370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.435639][ T6370] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.650118][ T6358] loop0: detected capacity change from 0 to 32768 [ 130.663681][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.489453][ T6392] loop0: detected capacity change from 0 to 256 [ 132.594093][ T6375] loop3: detected capacity change from 0 to 32768 [ 132.639799][ T6375] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.102 (6375) [ 132.691070][ T6392] FAT-fs (loop0): Directory bread(block 64) failed [ 132.705361][ T6392] FAT-fs (loop0): Directory bread(block 65) failed [ 132.749089][ T6392] FAT-fs (loop0): Directory bread(block 66) failed [ 132.762522][ T6375] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 132.818188][ T6392] FAT-fs (loop0): Directory bread(block 67) failed [ 132.839674][ T6392] FAT-fs (loop0): Directory bread(block 68) failed [ 132.895448][ T6392] FAT-fs (loop0): Directory bread(block 69) failed [ 132.917594][ T6375] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm [ 132.999697][ T6392] FAT-fs (loop0): Directory bread(block 70) failed [ 133.039784][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.057656][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.123358][ T6392] FAT-fs (loop0): Directory bread(block 71) failed [ 133.129530][ T6375] BTRFS info (device loop3): enabling ssd optimizations [ 133.131640][ T6392] FAT-fs (loop0): Directory bread(block 72) failed [ 133.137225][ T6375] BTRFS info (device loop3): turning on async discard [ 133.137251][ T6375] BTRFS info (device loop3): enabling free space tree [ 133.137269][ T6375] BTRFS info (device loop3): use zlib compression, level 3 [ 133.200323][ T6385] loop1: detected capacity change from 0 to 32768 [ 133.262135][ T6392] FAT-fs (loop0): Directory bread(block 73) failed [ 133.293047][ T6385] BTRFS info: device /dev/loop1 (7:1) using temp-fsid 8a5da85f-e14e-426d-9844-04e802b47c83 [ 133.408664][ T6385] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.106 (6385) [ 133.581960][ T6385] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 133.695295][ T6420] process 'syz.3.102' launched './file1' with NULL argv: empty string added [ 133.774723][ T6385] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm [ 134.112554][ T6385] BTRFS info (device loop1): enabling ssd optimizations [ 134.148158][ T6385] BTRFS info (device loop1): turning on async discard [ 134.180383][ T6385] BTRFS info (device loop1): enabling free space tree [ 134.243870][ T6385] BTRFS info (device loop1): use zlib compression, level 3 [ 134.407847][ T5831] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 134.462050][ T6438] netlink: 16 bytes leftover after parsing attributes in process `syz.2.113'. [ 135.443175][ T5823] BTRFS info (device loop1): last unmount of filesystem 8a5da85f-e14e-426d-9844-04e802b47c83 [ 137.418373][ T6440] loop2: detected capacity change from 0 to 32768 [ 138.576415][ T30] audit: type=1326 audit(1762570753.614:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6468 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 138.668496][ T30] audit: type=1326 audit(1762570753.614:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6468 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 138.734966][ T30] audit: type=1326 audit(1762570753.614:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6468 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 138.792366][ T30] audit: type=1326 audit(1762570753.614:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6468 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 138.816522][ T30] audit: type=1326 audit(1762570753.614:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6468 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 138.896909][ T30] audit: type=1326 audit(1762570753.614:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6468 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 138.983107][ T30] audit: type=1326 audit(1762570753.624:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6468 comm="syz.1.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 139.719555][ T6481] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 139.812783][ T6471] loop2: detected capacity change from 0 to 32768 [ 139.861916][ T6471] (syz.2.122,6471,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 139.911770][ T6471] (syz.2.122,6471,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 140.018947][ T6471] JBD2: Ignoring recovery information on journal [ 140.189844][ T6471] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 140.562188][ T6495] loop4: detected capacity change from 0 to 1024 [ 140.573520][ T5828] ocfs2: Unmounting device (7,2) on (node local) [ 143.998343][ T6507] loop2: detected capacity change from 0 to 32768 [ 145.643278][ T6521] loop3: detected capacity change from 0 to 32768 [ 145.690934][ T6521] (syz.3.140,6521,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 145.748387][ T6521] (syz.3.140,6521,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 146.050510][ T6547] loop4: detected capacity change from 0 to 512 [ 146.088187][ T6521] JBD2: Ignoring recovery information on journal [ 146.226293][ T6547] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.239810][ T6547] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.384387][ T6547] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 146.396109][ T6547] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 146.405917][ T6547] EXT4-fs error (device loop4): ext4_acquire_dquot:6946: comm syz.4.147: Failed to acquire dquot type 0 [ 146.978579][ T5824] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 147.397762][ T5824] usb 5-1: Using ep0 maxpacket: 8 [ 147.655569][ T5824] usb 5-1: unable to get BOS descriptor or descriptor too short [ 147.954246][ T5824] usb 5-1: config 5 has an invalid interface number: 97 but max is 1 [ 148.054787][ T6521] JBD2: journal reset failed [ 148.183497][ T6521] (syz.3.140,6521,1):ocfs2_journal_load:1160 ERROR: Failed to load journal! [ 148.249940][ T5824] usb 5-1: config 5 has an invalid interface number: 175 but max is 1 [ 148.408078][ T6521] (syz.3.140,6521,1):ocfs2_check_volume:2376 ERROR: ocfs2 journal load failed! -4 [ 148.425732][ T5824] usb 5-1: config 5 has no interface number 0 [ 148.448157][ T5824] usb 5-1: config 5 has no interface number 1 [ 148.519102][ T5824] usb 5-1: config 5 interface 97 has no altsetting 0 [ 148.569352][ T5824] usb 5-1: config 5 interface 175 has no altsetting 0 [ 148.654446][ T5824] usb 5-1: string descriptor 0 read error: -71 [ 148.686461][ T5824] usb 5-1: New USB device found, idVendor=c643, idProduct=384d, bcdDevice=c9.f6 [ 148.728961][ T5824] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.823905][ T5824] usb 5-1: can't set config #5, error -71 [ 148.836175][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.885807][ T5824] usb 5-1: USB disconnect, device number 2 [ 150.511044][ T6562] loop2: detected capacity change from 0 to 32768 [ 151.262351][ T6587] x_tables: ip_tables: osf match: only valid for protocol 6 [ 152.084299][ T6586] Cannot find set identified by id 0 to match [ 152.088841][ T6574] loop3: detected capacity change from 0 to 32768 [ 152.152041][ T6574] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.159 (6574) [ 152.222393][ T6574] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 152.312076][ T6574] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm [ 152.586406][ T6574] BTRFS info (device loop3): enabling ssd optimizations [ 152.618746][ T6574] BTRFS info (device loop3): turning on async discard [ 152.625981][ T6574] BTRFS info (device loop3): enabling free space tree [ 152.658106][ T6574] BTRFS info (device loop3): use zlib compression, level 3 [ 153.743038][ T6591] loop1: detected capacity change from 0 to 32768 [ 153.772418][ T5831] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 153.809991][ T6591] (syz.1.163,6591,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 153.873104][ T6591] (syz.1.163,6591,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 154.049576][ T6591] JBD2: Ignoring recovery information on journal [ 154.375211][ T6591] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 154.645004][ T5823] ocfs2: Unmounting device (7,1) on (node local) [ 154.754585][ T43] kernel read not supported for file /sysvipc/msg (pid: 43 comm: kworker/1:1) [ 156.200138][ T6656] loop1: detected capacity change from 0 to 2048 [ 156.243396][ T6658] loop4: detected capacity change from 0 to 512 [ 156.271059][ T6659] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 156.282868][ T6658] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 156.328659][ T6658] EXT4-fs (loop4): invalid journal inode [ 156.338200][ T6658] EXT4-fs (loop4): can't get journal size [ 156.554013][ T6658] EXT4-fs (loop4): 1 truncate cleaned up [ 156.610358][ T6658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.669392][ T6658] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.696689][ T6668] syzkaller0: entered promiscuous mode [ 156.711413][ T6668] syzkaller0: entered allmulticast mode [ 157.071972][ T6645] loop0: detected capacity change from 0 to 40427 [ 157.148180][ T6645] F2FS-fs (loop0): invalid crc value [ 157.555108][ T6645] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 157.591948][ T6645] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 158.181974][ T6693] syz.0.176: attempt to access beyond end of device [ 158.181974][ T6693] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 158.456610][ T5819] syz-executor: attempt to access beyond end of device [ 158.456610][ T5819] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 158.524763][ T5819] CPU: 0 UID: 0 PID: 5819 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 158.524793][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 158.524806][ T5819] Call Trace: [ 158.524815][ T5819] [ 158.524823][ T5819] dump_stack_lvl+0x189/0x250 [ 158.524862][ T5819] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.524890][ T5819] ? __pfx_queue_work_on+0x10/0x10 [ 158.524913][ T5819] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 158.524938][ T5819] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 158.524977][ T5819] f2fs_handle_critical_error+0x37c/0x540 [ 158.525016][ T5819] f2fs_write_end_io+0x886/0xb60 [ 158.525061][ T5819] __submit_merged_bio+0x27a/0x6a0 [ 158.525099][ T5819] __submit_merged_write_cond+0x255/0x530 [ 158.525137][ T5819] f2fs_write_data_pages+0x261d/0x3000 [ 158.525203][ T5819] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 158.525242][ T5819] ? is_bpf_text_address+0x26/0x2b0 [ 158.525302][ T5819] ? check_path+0x21/0x40 [ 158.525326][ T5819] ? check_noncircular+0xe0/0x160 [ 158.525420][ T5819] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 158.525441][ T5819] do_writepages+0x32e/0x550 [ 158.525483][ T5819] ? do_raw_spin_unlock+0x122/0x240 [ 158.525508][ T5819] filemap_fdatawrite+0x199/0x240 [ 158.525536][ T5819] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 158.525634][ T5819] ? do_raw_spin_unlock+0x122/0x240 [ 158.525659][ T5819] f2fs_sync_dirty_inodes+0x31f/0x830 [ 158.525701][ T5819] f2fs_write_checkpoint+0x93e/0x2440 [ 158.525721][ T5819] ? __lock_acquire+0xab9/0xd20 [ 158.525783][ T5819] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 158.525877][ T5819] kill_f2fs_super+0x2cc/0x6d0 [ 158.525907][ T5819] ? __pfx_kill_f2fs_super+0x10/0x10 [ 158.525952][ T5819] ? shrinker_free+0x2ce/0x3e0 [ 158.525979][ T5819] deactivate_locked_super+0xbc/0x130 [ 158.526003][ T5819] cleanup_mnt+0x425/0x4c0 [ 158.526024][ T5819] ? lockdep_hardirqs_on+0x9c/0x150 [ 158.526053][ T5819] task_work_run+0x1d4/0x260 [ 158.526078][ T5819] ? __pfx_task_work_run+0x10/0x10 [ 158.526104][ T5819] ? exit_to_user_mode_loop+0x55/0x4f0 [ 158.526134][ T5819] exit_to_user_mode_loop+0xff/0x4f0 [ 158.526156][ T5819] ? rcu_is_watching+0x15/0xb0 [ 158.526190][ T5819] do_syscall_64+0x2e9/0xfa0 [ 158.526216][ T5819] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.526235][ T5819] ? clear_bhb_loop+0x60/0xb0 [ 158.526259][ T5819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.526277][ T5819] RIP: 0033:0x7f60b2f909f7 [ 158.526296][ T5819] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 158.526311][ T5819] RSP: 002b:00007ffcaca6ca68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 158.526332][ T5819] RAX: 0000000000000000 RBX: 00007f60b3011d7d RCX: 00007f60b2f909f7 [ 158.526345][ T5819] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcaca6cb20 [ 158.526356][ T5819] RBP: 00007ffcaca6cb20 R08: 0000000000000000 R09: 0000000000000000 [ 158.526367][ T5819] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcaca6dbb0 [ 158.526379][ T5819] R13: 00007f60b3011d7d R14: 00000000000269c7 R15: 00007ffcaca6dbf0 [ 158.526418][ T5819] [ 158.526426][ T5819] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 159.066734][ T30] audit: type=1326 audit(1762570774.094:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.148734][ T30] audit: type=1326 audit(1762570774.154:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.212919][ T6701] loop3: detected capacity change from 0 to 2048 [ 159.221431][ T30] audit: type=1326 audit(1762570774.154:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.280026][ T6702] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 159.304508][ T30] audit: type=1326 audit(1762570774.154:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.379033][ T30] audit: type=1326 audit(1762570774.154:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.407750][ T30] audit: type=1326 audit(1762570774.154:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.481187][ T30] audit: type=1326 audit(1762570774.154:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.544157][ T30] audit: type=1326 audit(1762570774.154:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.638098][ T30] audit: type=1326 audit(1762570774.154:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.698668][ T6707] syzkaller0: entered promiscuous mode [ 159.724085][ T30] audit: type=1326 audit(1762570774.154:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 159.737103][ T6707] syzkaller0: entered allmulticast mode [ 159.819352][ T6697] loop1: detected capacity change from 0 to 32768 [ 161.088324][ T6737] loop2: detected capacity change from 0 to 2048 [ 161.137463][ T6738] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 163.719875][ T6751] loop2: detected capacity change from 0 to 8192 [ 164.650042][ T6754] syzkaller0: entered promiscuous mode [ 164.674101][ T6754] syzkaller0: entered allmulticast mode [ 164.890632][ T30] kauditd_printk_skb: 30 callbacks suppressed [ 164.890651][ T30] audit: type=1326 audit(1762570779.934:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 164.933862][ T6763] binder: Bad value for 'max' [ 164.938592][ T30] audit: type=1326 audit(1762570779.934:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 164.988921][ T30] audit: type=1326 audit(1762570779.974:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 165.038480][ T30] audit: type=1326 audit(1762570779.974:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 165.065651][ T30] audit: type=1326 audit(1762570779.974:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 165.096518][ T30] audit: type=1326 audit(1762570779.974:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 165.148213][ T30] audit: type=1326 audit(1762570779.974:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 165.223711][ T30] audit: type=1326 audit(1762570779.974:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 165.243930][ T5905] kernel read not supported for file /sysvipc/msg (pid: 5905 comm: kworker/0:6) [ 165.265814][ T5877] kernel write not supported for file /sysvipc/msg (pid: 5877 comm: kworker/0:3) [ 165.316296][ T30] audit: type=1326 audit(1762570779.974:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 165.378152][ T30] audit: type=1326 audit(1762570779.974:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 166.341505][ T6789] loop2: detected capacity change from 0 to 256 [ 166.361824][ T6789] exfat: Deprecated parameter 'namecase' [ 166.555601][ T6789] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x368b264c, utbl_chksum : 0xe619d30d) [ 166.807895][ T6777] loop0: detected capacity change from 0 to 40427 [ 166.847923][ T6791] loop4: detected capacity change from 0 to 2048 [ 166.868507][ T6777] F2FS-fs (loop0): build fault injection rate: 174 [ 166.875134][ T6777] F2FS-fs (loop0): build fault injection type: 0x3bfe8c [ 166.908647][ T6791] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 166.942619][ T6777] F2FS-fs (loop0): invalid crc value [ 166.949155][ T6791] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 167.284591][ T6777] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 167.398245][ T6777] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 167.511197][ T6777] syz.0.222: attempt to access beyond end of device [ 167.511197][ T6777] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 167.771636][ T5819] syz-executor: attempt to access beyond end of device [ 167.771636][ T5819] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 167.807258][ T5819] CPU: 0 UID: 0 PID: 5819 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 167.807288][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 167.807299][ T5819] Call Trace: [ 167.807308][ T5819] [ 167.807317][ T5819] dump_stack_lvl+0x189/0x250 [ 167.807358][ T5819] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.807389][ T5819] ? __pfx_queue_work_on+0x10/0x10 [ 167.807414][ T5819] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 167.807441][ T5819] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 167.807484][ T5819] f2fs_handle_critical_error+0x37c/0x540 [ 167.807533][ T5819] f2fs_write_end_io+0x886/0xb60 [ 167.807582][ T5819] __submit_merged_bio+0x27a/0x6a0 [ 167.807621][ T5819] __submit_merged_write_cond+0x255/0x530 [ 167.807670][ T5819] f2fs_write_data_pages+0x261d/0x3000 [ 167.807689][ T5819] ? __lock_acquire+0xab9/0xd20 [ 167.807761][ T5819] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 167.807844][ T5819] ? __mod_zone_page_state+0xd7/0x140 [ 167.807888][ T5819] ? folios_put_refs+0x58b/0x670 [ 167.807928][ T5819] ? __pfx_folios_put_refs+0x10/0x10 [ 167.807954][ T5819] ? rcu_is_watching+0x15/0xb0 [ 167.807997][ T5819] ? __lock_acquire+0xab9/0xd20 [ 167.808045][ T5819] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 167.808067][ T5819] do_writepages+0x32e/0x550 [ 167.808111][ T5819] ? do_raw_spin_unlock+0x122/0x240 [ 167.808138][ T5819] filemap_fdatawrite+0x199/0x240 [ 167.808167][ T5819] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 167.808263][ T5819] ? do_raw_spin_unlock+0x122/0x240 [ 167.808290][ T5819] f2fs_sync_dirty_inodes+0x31f/0x830 [ 167.808335][ T5819] f2fs_write_checkpoint+0x93e/0x2440 [ 167.808356][ T5819] ? __lock_acquire+0xab9/0xd20 [ 167.808442][ T5819] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 167.808555][ T5819] kill_f2fs_super+0x2cc/0x6d0 [ 167.808588][ T5819] ? __pfx_kill_f2fs_super+0x10/0x10 [ 167.808637][ T5819] ? shrinker_free+0x2ce/0x3e0 [ 167.808674][ T5819] deactivate_locked_super+0xbc/0x130 [ 167.808701][ T5819] cleanup_mnt+0x425/0x4c0 [ 167.808723][ T5819] ? lockdep_hardirqs_on+0x9c/0x150 [ 167.808754][ T5819] task_work_run+0x1d4/0x260 [ 167.808779][ T5819] ? __pfx_task_work_run+0x10/0x10 [ 167.808808][ T5819] ? exit_to_user_mode_loop+0x55/0x4f0 [ 167.808839][ T5819] exit_to_user_mode_loop+0xff/0x4f0 [ 167.808862][ T5819] ? rcu_is_watching+0x15/0xb0 [ 167.808897][ T5819] do_syscall_64+0x2e9/0xfa0 [ 167.808926][ T5819] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.808945][ T5819] ? clear_bhb_loop+0x60/0xb0 [ 167.808971][ T5819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.808990][ T5819] RIP: 0033:0x7f60b2f909f7 [ 167.809010][ T5819] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 167.809026][ T5819] RSP: 002b:00007ffcaca6ca68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 167.809049][ T5819] RAX: 0000000000000000 RBX: 00007f60b3011d7d RCX: 00007f60b2f909f7 [ 167.809063][ T5819] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcaca6cb20 [ 167.809075][ T5819] RBP: 00007ffcaca6cb20 R08: 0000000000000000 R09: 0000000000000000 [ 167.809087][ T5819] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcaca6dbb0 [ 167.809100][ T5819] R13: 00007f60b3011d7d R14: 0000000000028eba R15: 00007ffcaca6dbf0 [ 167.809142][ T5819] [ 168.179056][ T5819] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 168.545269][ T5877] kernel read not supported for file /sysvipc/msg (pid: 5877 comm: kworker/0:3) [ 169.199883][ T6818] netlink: 180 bytes leftover after parsing attributes in process `syz.4.234'. [ 173.171890][ T6826] netlink: 'syz.4.238': attribute type 12 has an invalid length. [ 173.467917][ T6828] loop4: detected capacity change from 0 to 256 [ 173.509255][ T6828] exfat: Unknown parameter '184467440737095516150x0000000000000000ÿÿÿÿ' [ 173.927251][ T6830] syzkaller0: entered promiscuous mode [ 173.946346][ T6830] syzkaller0: entered allmulticast mode [ 174.550860][ T6843] 9p: Bad value for 'rfdno' [ 174.698297][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 174.732173][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 175.012961][ T6852] loop0: detected capacity change from 0 to 256 [ 175.043931][ T6852] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 176.138255][ T6852] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 176.750827][ T6852] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 176.768321][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 176.778446][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 176.807611][ T6852] exFAT-fs (loop0): failed to load alloc-bitmap [ 176.823439][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 176.860916][ T6852] exFAT-fs (loop0): failed to recognize exfat type [ 177.639980][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 177.640002][ T30] audit: type=1326 audit(1762570792.664:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 177.781145][ T30] audit: type=1326 audit(1762570792.664:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 177.848049][ T30] audit: type=1326 audit(1762570792.664:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 177.910992][ T30] audit: type=1326 audit(1762570792.664:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 177.987905][ T30] audit: type=1326 audit(1762570792.664:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 178.063982][ T30] audit: type=1326 audit(1762570792.674:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 178.117547][ T6876] syzkaller0: entered promiscuous mode [ 178.133623][ T6876] syzkaller0: entered allmulticast mode [ 178.175835][ T30] audit: type=1326 audit(1762570792.674:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 178.202442][ T30] audit: type=1326 audit(1762570792.674:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 178.260008][ T30] audit: type=1326 audit(1762570792.674:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 178.311554][ T30] audit: type=1326 audit(1762570792.674:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 178.959284][ T6900] FAT-fs (loop1): unable to read boot sector [ 179.408120][ T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 179.728030][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 179.740524][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 179.766967][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 179.797654][ T24] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 179.832871][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.878712][ T6921] syzkaller0: entered promiscuous mode [ 179.888862][ T6921] syzkaller0: entered allmulticast mode [ 179.921316][ T24] usb 1-1: config 0 descriptor?? [ 180.908707][ T6934] loop4: detected capacity change from 0 to 256 [ 180.916391][ T6934] vfat: Unknown parameter 'q7id' [ 181.739951][ T24] savu 0003:1E7D:2D5A.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 181.756904][ T24] usb 1-1: USB disconnect, device number 2 [ 182.803446][ T6956] netlink: 4 bytes leftover after parsing attributes in process `syz.3.277'. [ 182.860306][ T30] kauditd_printk_skb: 34 callbacks suppressed [ 182.860355][ T30] audit: type=1326 audit(1762570797.634:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6947 comm="syz.3.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 183.474899][ T30] audit: type=1326 audit(1762570797.634:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6947 comm="syz.3.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 183.522076][ T6946] fido_id[6946]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 183.565920][ T6961] 9p: Bad value for 'rfdno' [ 183.642935][ T30] audit: type=1326 audit(1762570797.644:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6947 comm="syz.3.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 183.767683][ T30] audit: type=1326 audit(1762570797.644:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6947 comm="syz.3.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 183.808177][ T6965] netlink: 4 bytes leftover after parsing attributes in process `syz.4.282'. [ 183.851490][ T30] audit: type=1326 audit(1762570797.644:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6947 comm="syz.3.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 183.874534][ T30] audit: type=1326 audit(1762570797.644:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6947 comm="syz.3.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 184.224514][ T6973] syzkaller0: entered promiscuous mode [ 184.249686][ T6973] syzkaller0: entered allmulticast mode [ 184.586922][ T6982] loop2: detected capacity change from 0 to 1024 [ 184.694006][ T6982] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.827464][ T6987] 9p: Bad value for 'rfdno' [ 185.168103][ T5905] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 185.328098][ T5905] usb 1-1: Using ep0 maxpacket: 16 [ 185.357694][ T5905] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 185.418730][ T5905] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.459691][ T5905] usb 1-1: Product: syz [ 185.475915][ T5905] usb 1-1: Manufacturer: syz [ 185.491425][ T5905] usb 1-1: SerialNumber: syz [ 185.580761][ T5905] usb 1-1: config 0 descriptor?? [ 185.619467][ T5905] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 185.673652][ T5905] usb 1-1: Detected FT232H [ 185.723069][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.962556][ T5905] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 186.814226][ T7012] syz.2.297(7012): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 186.838607][ T5905] ftdi_sio 1-1:0.0: GPIO initialisation failed: -32 [ 186.866596][ T5905] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 187.175779][ T7012] netlink: 8 bytes leftover after parsing attributes in process `syz.2.297'. [ 187.185009][ T7012] netlink: 8 bytes leftover after parsing attributes in process `syz.2.297'. [ 187.278571][ T7020] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 187.584454][ T7012] ip6gretap1: entered allmulticast mode [ 187.595520][ T5905] usb 1-1: USB disconnect, device number 3 [ 187.650671][ T5905] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 187.665502][ T5905] ftdi_sio 1-1:0.0: device disconnected [ 188.300635][ T7028] loop1: detected capacity change from 0 to 128 [ 188.818521][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 189.356773][ T30] audit: type=1326 audit(1762570804.394:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 189.394323][ T30] audit: type=1326 audit(1762570804.394:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 189.448099][ T30] audit: type=1326 audit(1762570804.434:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 189.517563][ T7040] netlink: 104 bytes leftover after parsing attributes in process `syz.4.306'. [ 189.521460][ T30] audit: type=1326 audit(1762570804.434:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 189.531141][ T7040] netlink: 104 bytes leftover after parsing attributes in process `syz.4.306'. [ 189.567625][ T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 189.601263][ T30] audit: type=1326 audit(1762570804.434:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 189.636844][ T30] audit: type=1326 audit(1762570804.444:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 189.676210][ T30] audit: type=1326 audit(1762570804.444:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 189.734255][ T30] audit: type=1326 audit(1762570804.444:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 189.759421][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 189.770607][ T24] usb 1-1: config 1 has an invalid interface number: 105 but max is 0 [ 189.779592][ T24] usb 1-1: config 1 has no interface number 0 [ 189.785737][ T24] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 189.816473][ T24] usb 1-1: config 1 interface 105 has no altsetting 0 [ 189.829666][ T24] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 189.848149][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 189.866706][ T24] usb 1-1: Product: syz [ 189.877267][ T24] usb 1-1: Manufacturer: syz [ 189.887365][ T24] usb 1-1: SerialNumber: syz [ 189.922057][ T7036] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 189.959930][ T7031] loop3: detected capacity change from 0 to 32768 [ 189.989033][ T7031] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.302 (7031) [ 190.018048][ T30] audit: type=1326 audit(1762570804.444:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 190.058083][ T30] audit: type=1326 audit(1762570804.444:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 190.070921][ T7031] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 190.157741][ T7031] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm [ 190.543908][ T24] aqc111 1-1:1.105: probe with driver aqc111 failed with error -22 [ 190.559654][ T24] usb 1-1: USB disconnect, device number 4 [ 190.776336][ T7068] loop2: detected capacity change from 0 to 4096 [ 190.784034][ T7068] EXT4-fs: Ignoring removed mblk_io_submit option [ 190.790975][ T7068] ext4: Unknown parameter 'fowner<00000000000000000000' [ 191.286397][ T7031] BTRFS info (device loop3): enabling ssd optimizations [ 191.334303][ T7031] BTRFS info (device loop3): turning on async discard [ 191.568088][ T7031] BTRFS info (device loop3): enabling free space tree [ 191.581152][ T7031] BTRFS info (device loop3): use zlib compression, level 3 [ 192.437520][ T5831] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 192.855140][ T7084] loop1: detected capacity change from 0 to 2048 [ 193.029617][ T7084] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 193.098732][ T7084] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 194.475413][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.482266][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.570098][ T7094] loop0: detected capacity change from 0 to 1024 [ 194.623652][ T7094] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 194.733335][ T7094] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 195.105904][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.479660][ T7107] tipc: Started in network mode [ 195.484892][ T7107] tipc: Node identity ac14140f, cluster identity 4711 [ 195.495396][ T7107] tipc: New replicast peer: 255.255.255.83 [ 195.503562][ T7107] tipc: Enabled bearer , priority 10 [ 197.390892][ T43] tipc: Node number set to 2886997007 [ 199.010572][ T30] kauditd_printk_skb: 46 callbacks suppressed [ 199.010593][ T30] audit: type=1326 audit(1762570814.064:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 199.182664][ T7114] loop0: detected capacity change from 0 to 512 [ 199.312005][ T7114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.400999][ T7114] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 199.718292][ T793] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 199.918405][ T793] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 199.951847][ T793] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 199.996814][ T30] audit: type=1326 audit(1762570814.224:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 200.019787][ T30] audit: type=1326 audit(1762570814.224:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 200.065692][ T793] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 200.116631][ T793] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 200.150757][ T793] usb 1-1: SerialNumber: syz [ 200.216177][ T793] usb 1-1: 0:2 : does not exist [ 200.296750][ T30] audit: type=1326 audit(1762570814.224:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 200.342900][ T30] audit: type=1326 audit(1762570814.524:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 200.389120][ T30] audit: type=1326 audit(1762570814.524:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 200.483580][ T30] audit: type=1326 audit(1762570814.524:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60b2f8f6c9 code=0x7ffc0000 [ 201.872403][ T7133] ip6gre1: entered promiscuous mode [ 201.877686][ T7133] ip6gre1: entered allmulticast mode [ 201.895136][ T30] audit: type=1326 audit(1762570814.524:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f60b2f8df10 code=0x7ffc0000 [ 201.948307][ T5884] usb 1-1: USB disconnect, device number 5 [ 202.106619][ T30] audit: type=1326 audit(1762570814.524:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60b2f8f2cb code=0x7ffc0000 [ 202.156945][ T30] audit: type=1326 audit(1762570814.524:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60b2f8f2cb code=0x7ffc0000 [ 202.222987][ T7136] syzkaller0: entered promiscuous mode [ 202.230019][ T6949] udevd[6949]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 202.262004][ T7136] syzkaller0: entered allmulticast mode [ 202.299179][ T7119] loop4: detected capacity change from 0 to 32768 [ 202.321145][ T7119] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.326 (7119) [ 202.363682][ T7119] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 202.399361][ T7119] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm [ 202.403161][ T7143] loop1: detected capacity change from 0 to 1024 [ 202.424658][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR [ 202.435055][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 202.464387][ T7143] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 202.500290][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 202.500671][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 202.541732][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 202.564384][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.564795][ T7143] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.617762][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 202.619224][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 202.629015][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 202.639596][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 202.649783][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 202.659887][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 202.670263][ T7119] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 202.681120][ T7119] BTRFS error (device loop4): open_ctree failed: -12 [ 202.925067][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.635088][ T7176] 9p: Bad value for 'wfdno' [ 203.967483][ T7165] loop4: detected capacity change from 0 to 40427 [ 203.988130][ T7165] F2FS-fs (loop4): build fault injection rate: 174 [ 204.015738][ T7165] F2FS-fs (loop4): build fault injection type: 0x3bfe8c [ 204.049770][ T7165] F2FS-fs (loop4): invalid crc value [ 204.174691][ T30] kauditd_printk_skb: 53 callbacks suppressed [ 204.174712][ T30] audit: type=1326 audit(1762570819.224:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7184 comm="syz.1.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 204.288901][ T7191] loop1: detected capacity change from 0 to 256 [ 204.304820][ T7191] exfat: Invalid uid '0x00000000ffffffff' [ 204.367758][ T7165] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 204.428371][ T7165] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 204.584031][ T7170] loop2: detected capacity change from 0 to 40427 [ 204.590790][ T30] audit: type=1326 audit(1762570819.624:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f12e278f757 code=0x7ffc0000 [ 204.625027][ T7170] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 204.668205][ T30] audit: type=1326 audit(1762570819.634:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f12e278df10 code=0x7ffc0000 [ 204.717157][ T7165] syz.4.338: attempt to access beyond end of device [ 204.717157][ T7165] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 204.734818][ T7170] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 204.908797][ T7198] loop1: detected capacity change from 0 to 256 [ 204.923493][ T7198] exfat: Bad value for 'uid' [ 204.928491][ T7198] exfat: Bad value for 'uid' [ 205.039287][ T7170] F2FS-fs (loop2): invalid crc value [ 205.558881][ T30] audit: type=1326 audit(1762570819.634:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f12e278f2cb code=0x7ffc0000 [ 205.583862][ T30] audit: type=1326 audit(1762570819.674:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f12e278e32a code=0x7ffc0000 [ 205.670539][ T30] audit: type=1326 audit(1762570819.674:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f12e278e32a code=0x7ffc0000 [ 205.751726][ T5832] syz-executor: attempt to access beyond end of device [ 205.751726][ T5832] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 205.758266][ T30] audit: type=1326 audit(1762570819.674:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f12e278de17 code=0x7ffc0000 [ 205.796861][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 205.796890][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 205.796902][ T5832] Call Trace: [ 205.796910][ T5832] [ 205.796919][ T5832] dump_stack_lvl+0x189/0x250 [ 205.796959][ T5832] ? __pfx_dump_stack_lvl+0x10/0x10 [ 205.796988][ T5832] ? __pfx_queue_work_on+0x10/0x10 [ 205.797013][ T5832] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 205.797039][ T5832] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 205.797080][ T5832] f2fs_handle_critical_error+0x37c/0x540 [ 205.797122][ T5832] f2fs_write_end_io+0x886/0xb60 [ 205.797169][ T5832] __submit_merged_bio+0x27a/0x6a0 [ 205.797208][ T5832] __submit_merged_write_cond+0x255/0x530 [ 205.797248][ T5832] f2fs_write_data_pages+0x261d/0x3000 [ 205.797318][ T5832] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 205.797404][ T5832] ? __page_cache_release+0x8a6/0xbb0 [ 205.797454][ T5832] ? folios_put_refs+0x584/0x670 [ 205.797493][ T5832] ? __pfx_folios_put_refs+0x10/0x10 [ 205.797515][ T5832] ? rcu_is_watching+0x15/0xb0 [ 205.797557][ T5832] ? __lock_acquire+0xab9/0xd20 [ 205.797604][ T5832] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 205.797626][ T5832] do_writepages+0x32e/0x550 [ 205.797669][ T5832] ? do_raw_spin_unlock+0x122/0x240 [ 205.797696][ T5832] filemap_fdatawrite+0x199/0x240 [ 205.797725][ T5832] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 205.797822][ T5832] ? do_raw_spin_unlock+0x122/0x240 [ 205.797849][ T5832] f2fs_sync_dirty_inodes+0x31f/0x830 [ 205.797893][ T5832] f2fs_write_checkpoint+0x93e/0x2440 [ 205.797920][ T5832] ? __lock_acquire+0xab9/0xd20 [ 205.797978][ T5832] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 205.798073][ T5832] kill_f2fs_super+0x2cc/0x6d0 [ 205.798105][ T5832] ? __pfx_kill_f2fs_super+0x10/0x10 [ 205.798153][ T5832] ? shrinker_free+0x2ce/0x3e0 [ 205.798182][ T5832] deactivate_locked_super+0xbc/0x130 [ 205.798209][ T5832] cleanup_mnt+0x425/0x4c0 [ 205.798231][ T5832] ? lockdep_hardirqs_on+0x9c/0x150 [ 205.798261][ T5832] task_work_run+0x1d4/0x260 [ 205.798288][ T5832] ? __pfx_task_work_run+0x10/0x10 [ 205.798317][ T5832] ? exit_to_user_mode_loop+0x55/0x4f0 [ 205.798348][ T5832] exit_to_user_mode_loop+0xff/0x4f0 [ 205.798372][ T5832] ? rcu_is_watching+0x15/0xb0 [ 205.798407][ T5832] do_syscall_64+0x2e9/0xfa0 [ 205.798445][ T5832] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.798465][ T5832] ? clear_bhb_loop+0x60/0xb0 [ 205.798492][ T5832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.798511][ T5832] RIP: 0033:0x7f7be11909f7 [ 205.798532][ T5832] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 205.798548][ T5832] RSP: 002b:00007ffc83f3e8f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 205.798570][ T5832] RAX: 0000000000000000 RBX: 00007f7be1211d7d RCX: 00007f7be11909f7 [ 205.798584][ T5832] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc83f3e9b0 [ 205.798597][ T5832] RBP: 00007ffc83f3e9b0 R08: 0000000000000000 R09: 0000000000000000 [ 205.798608][ T5832] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc83f3fa40 [ 205.798621][ T5832] R13: 00007f7be1211d7d R14: 00000000000322e7 R15: 00007ffc83f3fa80 [ 205.798663][ T5832] [ 206.122022][ T30] audit: type=1326 audit(1762570819.674:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f12e2790e6a code=0x7ffc0000 [ 206.144756][ T7170] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 206.151247][ T5832] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 206.165016][ T7178] loop3: detected capacity change from 0 to 40427 [ 206.188070][ T7178] F2FS-fs (loop3): Invalid log_blocksize (0), supports only 12 [ 206.195750][ T7178] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 206.214548][ T7170] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 206.226814][ T7170] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 206.236412][ T30] audit: type=1326 audit(1762570821.284:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f12e278df10 code=0x7ffc0000 [ 206.238926][ T7178] F2FS-fs (loop3): invalid crc value [ 206.259712][ T30] audit: type=1326 audit(1762570821.314:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7169 comm="syz.2.340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f12e278e417 code=0x7ffc0000 [ 206.733599][ T7216] xt_CONNSECMARK: invalid mode: 66 [ 206.833408][ T7216] loop1: detected capacity change from 0 to 1024 [ 206.845981][ T7216] EXT4-fs: Ignoring removed bh option [ 206.851662][ T7216] EXT4-fs: Ignoring removed nomblk_io_submit option [ 206.897682][ T7216] EXT4-fs (loop1): Test dummy encryption mode enabled [ 206.960054][ T7216] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.688127][ T7178] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 208.054841][ T7178] F2FS-fs (loop3): Start checkpoint disabled! [ 208.070258][ T7178] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0 [ 208.548353][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.983125][ T7226] syz.1.356 (7226) used greatest stack depth: 17864 bytes left [ 211.379797][ T7245] sch_fq: defrate 0 ignored. [ 211.990859][ T7240] Bluetooth: hci1: command 0x0406 tx timeout [ 211.997393][ T7240] Bluetooth: hci3: command 0x0406 tx timeout [ 212.003943][ T7240] Bluetooth: hci4: command 0x0406 tx timeout [ 212.011351][ T7240] Bluetooth: hci0: command 0x0406 tx timeout [ 212.018462][ T7240] Bluetooth: hci2: command 0x0406 tx timeout [ 213.445085][ T7264] loop0: detected capacity change from 0 to 512 [ 213.519265][ T7264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 213.577078][ T7264] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 213.833341][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.362725][ T7307] loop3: detected capacity change from 0 to 256 [ 218.517103][ T7311] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 219.437632][ T7307] FAT-fs (loop3): Directory bread(block 64) failed [ 219.501985][ T7307] FAT-fs (loop3): Directory bread(block 65) failed [ 219.539829][ T7307] FAT-fs (loop3): Directory bread(block 66) failed [ 219.575436][ T7307] FAT-fs (loop3): Directory bread(block 67) failed [ 219.603864][ T7307] FAT-fs (loop3): Directory bread(block 68) failed [ 219.665324][ T7307] FAT-fs (loop3): Directory bread(block 69) failed [ 219.696068][ T7307] FAT-fs (loop3): Directory bread(block 70) failed [ 219.751560][ T7307] FAT-fs (loop3): Directory bread(block 71) failed [ 219.769741][ T7307] FAT-fs (loop3): Directory bread(block 72) failed [ 219.801936][ T7307] FAT-fs (loop3): Directory bread(block 73) failed [ 221.500041][ T30] audit: type=1326 audit(1762570836.554:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7317 comm="syz.0.382" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f60b2f8f6c9 code=0x0 [ 221.839952][ T7343] xt_hashlimit: size too large, truncated to 1048576 [ 221.977733][ T7346] xt_bpf: check failed: parse error [ 223.987324][ T7368] loop2: detected capacity change from 0 to 1024 [ 224.000430][ T7368] ext4: Unknown parameter 'hash' [ 224.061186][ T7341] loop1: detected capacity change from 0 to 32768 [ 224.090113][ T7341] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.390 (7341) [ 224.148856][ T7341] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 224.188183][ T7341] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm [ 224.348912][ T7341] BTRFS info (device loop1): enabling ssd optimizations [ 224.368067][ T7341] BTRFS info (device loop1): turning on async discard [ 224.387616][ T7341] BTRFS info (device loop1): enabling free space tree [ 224.409976][ T7341] BTRFS info (device loop1): use zlib compression, level 3 [ 225.465615][ T5823] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 225.897000][ T7403] overlayfs: missing 'lowerdir' [ 226.868286][ T7406] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 227.374927][ T7420] loop3: detected capacity change from 0 to 1024 [ 227.386242][ T7420] ext4: Unknown parameter 'subj_user' [ 228.859716][ T7426] loop0: detected capacity change from 0 to 4096 [ 230.090075][ T7426] EXT4-fs (loop0): Test dummy encryption mode enabled [ 230.190914][ T7438] mmap: syz.3.415 (7438) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 230.191840][ T7426] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 230.232493][ T7434] wg2: entered promiscuous mode [ 230.237448][ T7434] wg2: entered allmulticast mode [ 230.276327][ T7426] System zones: 0-5 [ 230.411330][ T30] audit: type=1326 audit(1762570845.444:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 230.415124][ T7426] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.545778][ T30] audit: type=1326 audit(1762570845.444:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 230.602283][ T7426] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 230.616664][ T30] audit: type=1326 audit(1762570845.444:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 230.661319][ T30] audit: type=1326 audit(1762570845.444:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 230.696100][ T30] audit: type=1326 audit(1762570845.444:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 230.775874][ T30] audit: type=1326 audit(1762570845.444:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 230.819281][ T7450] loop2: detected capacity change from 0 to 16 [ 230.825803][ T30] audit: type=1326 audit(1762570845.444:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 230.858112][ T7450] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 231.104341][ T7452] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 231.122297][ T7452] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 231.928513][ T7444] evm: overlay not supported [ 232.059839][ T30] audit: type=1326 audit(1762570845.444:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 232.236851][ T30] audit: type=1326 audit(1762570845.444:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 232.350950][ T30] audit: type=1326 audit(1762570845.444:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.2.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 233.543610][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.190489][ T7472] tipc: Started in network mode [ 234.195529][ T7472] tipc: Node identity ce142ad58677, cluster identity 4711 [ 234.245341][ T7472] tipc: Enabled bearer , priority 0 [ 234.283564][ T7472] syzkaller0: entered promiscuous mode [ 234.308142][ T7472] syzkaller0: entered allmulticast mode [ 235.358234][ T5824] tipc: Node number set to 1214458581 [ 235.362696][ T7471] tipc: Resetting bearer [ 235.471088][ T7489] loop1: detected capacity change from 0 to 512 [ 235.503802][ T7489] EXT4-fs: Ignoring removed nomblk_io_submit option [ 235.529653][ T7471] tipc: Disabling bearer [ 235.539215][ T7489] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 235.582698][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 235.582717][ T30] audit: type=1326 audit(1762570850.634:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 235.591096][ T7489] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 235.642598][ T30] audit: type=1326 audit(1762570850.684:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 235.697344][ T7489] EXT4-fs (loop1): 1 truncate cleaned up [ 235.714870][ T30] audit: type=1326 audit(1762570850.684:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 235.764229][ T7489] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.768005][ T30] audit: type=1326 audit(1762570850.684:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 235.798890][ T30] audit: type=1326 audit(1762570850.694:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 235.822814][ T30] audit: type=1326 audit(1762570850.694:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 235.845808][ T30] audit: type=1326 audit(1762570850.694:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 235.922464][ T30] audit: type=1326 audit(1762570850.714:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 235.966938][ T7499] loop2: detected capacity change from 0 to 16 [ 235.976038][ T30] audit: type=1326 audit(1762570850.714:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 236.010323][ T7499] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 236.050374][ T30] audit: type=1326 audit(1762570850.714:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7be118f6c9 code=0x7ffc0000 [ 236.082669][ T7497] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 237.197807][ T7490] loop3: detected capacity change from 0 to 32768 [ 237.228354][ T7490] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.432 (7490) [ 237.794838][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.828263][ T7490] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 237.886315][ T7490] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm [ 238.069020][ T5143] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 238.141625][ T7518] loop0: detected capacity change from 0 to 128 [ 238.527171][ T7518] syz.0.438: attempt to access beyond end of device [ 238.527171][ T7518] loop0: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 238.552715][ T7490] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 238.636457][ T7490] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 239.024860][ T7490] BTRFS error (device loop3): open_ctree failed: -12 [ 239.145330][ T7526] syz.0.438: attempt to access beyond end of device [ 239.145330][ T7526] loop0: rw=2049, sector=154, nr_sectors = 96 limit=128 [ 239.205199][ T7526] syz.0.438: attempt to access beyond end of device [ 239.205199][ T7526] loop0: rw=2049, sector=138, nr_sectors = 12 limit=128 [ 240.722152][ T7555] loop2: detected capacity change from 0 to 256 [ 244.013474][ T7569] loop2: detected capacity change from 0 to 16 [ 244.911983][ T7569] erofs (device loop2): mounted with root inode @ nid 36. [ 245.323646][ T30] audit: type=1326 audit(1762570860.374:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 245.695237][ T30] audit: type=1326 audit(1762570860.374:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 245.845653][ T30] audit: type=1326 audit(1762570860.634:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 246.002044][ T30] audit: type=1326 audit(1762570860.634:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 246.058012][ T30] audit: type=1326 audit(1762570860.634:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 246.126024][ T30] audit: type=1326 audit(1762570860.804:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 246.200942][ T7585] bridge0: port 3(vlan0) entered blocking state [ 246.214182][ T30] audit: type=1326 audit(1762570860.804:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 246.228424][ T7585] bridge0: port 3(vlan0) entered disabled state [ 246.283778][ T7585] vlan0: entered allmulticast mode [ 246.293521][ T7585] bridge0: entered allmulticast mode [ 246.330099][ T7585] vlan0: left allmulticast mode [ 246.333180][ T30] audit: type=1326 audit(1762570860.804:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 246.340760][ T7585] bridge0: left allmulticast mode [ 246.637147][ T30] audit: type=1326 audit(1762570860.814:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 246.795469][ T30] audit: type=1326 audit(1762570860.814:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 250.254058][ T7597] loop0: detected capacity change from 0 to 32768 [ 250.316809][ T7597] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.460 (7597) [ 250.459999][ T7597] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 250.497737][ T7597] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm [ 250.585875][ T7597] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 250.586309][ T7597] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 250.625327][ T7597] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 250.662828][ T7597] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 250.696787][ T7635] loop1: detected capacity change from 0 to 2048 [ 250.714064][ T7597] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 250.714462][ T7597] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 250.750257][ T7597] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 250.770821][ T7597] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 250.833724][ T7635] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 250.931304][ T7635] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 250.978879][ T7597] BTRFS error (device loop0): open_ctree failed: -12 [ 251.220163][ T7652] netlink: 12 bytes leftover after parsing attributes in process `syz.3.473'. [ 253.007542][ T7660] loop0: detected capacity change from 0 to 256 [ 253.106038][ T7660] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 253.191131][ T7660] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 253.290571][ T7660] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 253.435721][ T7668] loop3: detected capacity change from 0 to 512 [ 253.468113][ T7660] exFAT-fs (loop0): failed to load alloc-bitmap [ 253.492638][ T7668] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 253.508325][ T7660] exFAT-fs (loop0): failed to recognize exfat type [ 253.600519][ T7668] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 253.857211][ T7668] EXT4-fs (loop3): 1 truncate cleaned up [ 253.870263][ T7668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 253.951436][ T7671] loop0: detected capacity change from 0 to 128 [ 253.958927][ T7671] ext4: Unknown parameter 'seclabel' [ 254.130515][ T7654] loop2: detected capacity change from 0 to 32768 [ 254.151671][ T30] kauditd_printk_skb: 58 callbacks suppressed [ 254.151690][ T30] audit: type=1326 audit(1762570869.204:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 254.199744][ T7654] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.474 (7654) [ 254.220319][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.278805][ T7654] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 254.310017][ T30] audit: type=1326 audit(1762570869.244:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 254.338469][ T7654] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm [ 254.408195][ T30] audit: type=1326 audit(1762570869.244:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 254.430796][ T30] audit: type=1326 audit(1762570869.244:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 254.454041][ T30] audit: type=1326 audit(1762570869.244:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 254.477176][ T30] audit: type=1326 audit(1762570869.244:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 254.513071][ T30] audit: type=1326 audit(1762570869.244:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 254.536393][ T30] audit: type=1326 audit(1762570869.294:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 255.254209][ T7687] loop0: detected capacity change from 0 to 1024 [ 255.261885][ T7687] EXT4-fs: Ignoring removed orlov option [ 255.381418][ T30] audit: type=1326 audit(1762570869.294:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 255.421024][ T7654] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 255.423316][ T7654] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 255.456268][ T7687] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.542074][ T7654] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 255.544961][ T7654] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 255.559826][ T7654] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 255.589476][ T30] audit: type=1326 audit(1762570869.294:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7672 comm="syz.1.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9db78f6c9 code=0x7ffc0000 [ 255.778578][ T7654] BTRFS error (device loop2): open_ctree failed: -12 [ 255.914115][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.922005][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.885637][ T7713] loop1: detected capacity change from 0 to 512 [ 257.054715][ T7713] EXT4-fs (loop1): 1 orphan inode deleted [ 257.062790][ T7713] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 257.085723][ T7713] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.170866][ T36] EXT4-fs error (device loop1): ext4_release_dquot:6982: comm kworker/u8:2: Failed to release dquot type 1 [ 258.358186][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.398576][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.656559][ T7728] loop2: detected capacity change from 0 to 256 [ 258.727272][ T7730] loop1: detected capacity change from 0 to 1024 [ 258.730860][ T7728] exfat: Deprecated parameter 'namecase' [ 258.765385][ T7730] EXT4-fs: Ignoring removed orlov option [ 258.822039][ T7733] loop3: detected capacity change from 0 to 256 [ 258.852623][ T7728] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 258.874002][ T7730] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.886409][ T7733] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d) [ 258.938163][ T7734] loop4: detected capacity change from 0 to 4096 [ 258.969201][ T7734] EXT4-fs (loop4): Test dummy encryption mode enabled [ 258.978010][ T7734] EXT4-fs (loop4): unsupported descriptor size 255 [ 258.985625][ T7733] exFAT-fs (loop3): start_clu is invalid cluster(0xffffffff) [ 259.375823][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.574076][ T7745] netlink: 4 bytes leftover after parsing attributes in process `syz.4.499'. [ 260.617104][ T7745] netlink: 28 bytes leftover after parsing attributes in process `syz.4.499'. [ 260.681565][ T7726] loop0: detected capacity change from 0 to 40427 [ 260.720984][ T7726] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 260.761295][ T7726] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 260.813745][ T7726] F2FS-fs (loop0): invalid crc value [ 261.147861][ T7726] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 261.187427][ T7742] loop2: detected capacity change from 0 to 32768 [ 261.198609][ T7726] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 261.209286][ T7742] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.498 (7742) [ 261.407782][ T7747] loop1: detected capacity change from 0 to 32768 [ 261.423103][ T7747] (syz.1.497,7747,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 261.449435][ T7726] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 261.461857][ T7742] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 261.479255][ T7747] (syz.1.497,7747,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 262.124164][ T7742] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm [ 262.218959][ T7747] JBD2: Ignoring recovery information on journal [ 262.395225][ T7747] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 262.419247][ T7742] BTRFS info (device loop2): enabling ssd optimizations [ 262.426269][ T7742] BTRFS info (device loop2): turning on async discard [ 262.503480][ T7742] BTRFS info (device loop2): enabling free space tree [ 262.524556][ T7742] BTRFS info (device loop2): use zlib compression, level 3 [ 262.900394][ T5823] ocfs2: Unmounting device (7,1) on (node local) [ 263.325290][ T7795] loop4: detected capacity change from 0 to 512 [ 263.544219][ T7796] loop1: detected capacity change from 0 to 512 [ 263.560236][ T5828] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 263.612698][ T7795] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.511: bad orphan inode 11862016 [ 263.628907][ T7796] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 263.637238][ T7795] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 263.641674][ T7796] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 263.706411][ T7796] __quota_error: 29 callbacks suppressed [ 263.706435][ T7796] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 263.722856][ T7796] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 263.732379][ T7796] EXT4-fs error (device loop1): ext4_acquire_dquot:6946: comm syz.1.508: Failed to acquire dquot type 0 [ 263.802990][ T7795] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 264.277511][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 265.399077][ T7820] loop4: detected capacity change from 0 to 512 [ 265.451855][ T7820] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 265.547386][ T30] audit: type=1326 audit(1762570880.594:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 265.618055][ T30] audit: type=1326 audit(1762570880.594:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 265.738050][ T30] audit: type=1326 audit(1762570880.764:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 266.808787][ T30] audit: type=1326 audit(1762570880.764:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 266.876011][ T7822] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 266.887986][ T30] audit: type=1326 audit(1762570880.764:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 267.000751][ T30] audit: type=1326 audit(1762570880.764:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 267.107014][ T30] audit: type=1326 audit(1762570880.764:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 267.218170][ T30] audit: type=1326 audit(1762570880.764:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f12e278f6c9 code=0x7ffc0000 [ 270.309925][ T7833] loop0: detected capacity change from 0 to 131072 [ 270.317654][ T7833] f2fs: Unknown parameter '00000000000000000000000' [ 270.782874][ T7849] loop2: detected capacity change from 0 to 512 [ 270.958648][ T7849] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.521: bg 0: block 393: padding at end of block bitmap is not set [ 270.994922][ T7849] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 271.024651][ T7849] EXT4-fs (loop2): 2 truncates cleaned up [ 271.059173][ T7849] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.865011][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.035414][ T7892] loop0: detected capacity change from 0 to 512 [ 277.069268][ T7892] EXT4-fs: Ignoring removed oldalloc option [ 277.174666][ T7892] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.533: Parent and EA inode have the same ino 15 [ 278.046418][ T7892] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.533: Parent and EA inode have the same ino 15 [ 278.103288][ T7892] EXT4-fs (loop0): 1 orphan inode deleted [ 278.131366][ T7892] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.212262][ T7892] EXT4-fs warning (device loop0): __ext4_unlink:3278: inode #15: comm syz.0.533: Deleting file 'file1' with no links [ 278.357805][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.696006][ T7910] loop2: detected capacity change from 0 to 1024 [ 278.703936][ T7910] EXT4-fs: Ignoring removed bh option [ 278.709927][ T7910] EXT4-fs: inline encryption not supported [ 278.785025][ T7910] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 278.848091][ T7910] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 2: comm syz.2.539: lblock 2 mapped to illegal pblock 2 (length 1) [ 278.867307][ T7910] __quota_error: 119 callbacks suppressed [ 278.867382][ T7910] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 278.881796][ T7910] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 48: comm syz.2.539: lblock 0 mapped to illegal pblock 48 (length 1) [ 278.915033][ T7910] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 278.924378][ T7910] EXT4-fs error (device loop2): ext4_acquire_dquot:6946: comm syz.2.539: Failed to acquire dquot type 0 [ 278.942702][ T7910] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 278.962464][ T7910] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.539: mark_inode_dirty error [ 278.984908][ T7910] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 278.995772][ T7910] EXT4-fs (loop2): 1 orphan inode deleted [ 279.012120][ T7910] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.027954][ T36] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 279.660658][ T7908] loop0: detected capacity change from 0 to 2048 [ 279.698069][ T36] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 279.706886][ T36] EXT4-fs error (device loop2): ext4_release_dquot:6982: comm kworker/u8:2: Failed to release dquot type 0 [ 279.722662][ T5143] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 279.734124][ T5143] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 279.744079][ T5143] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 279.752972][ T5143] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 279.761134][ T5143] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 279.828586][ T7908] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 279.890355][ T7908] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 280.602733][ T7792] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.319259][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.349133][ T5828] EXT4-fs error (device loop2): __ext4_get_inode_loc:4836: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 281.657823][ T5828] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 281.708284][ T5828] EXT4-fs error (device loop2): ext4_quota_off:7230: inode #3: comm syz-executor: mark_inode_dirty error [ 281.831021][ T5143] Bluetooth: hci5: command tx timeout [ 282.365675][ T7911] chnl_net:caif_netlink_parms(): no params data found [ 283.914007][ T5143] Bluetooth: hci5: command tx timeout [ 284.118140][ T7937] tipc: Enabling of bearer rejected, already enabled [ 286.188001][ T5143] Bluetooth: hci5: command tx timeout [ 286.239175][ T7945] loop2: detected capacity change from 0 to 512 [ 287.140782][ T7945] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 287.322923][ T6070] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.444001][ T5143] Bluetooth: hci5: command tx timeout [ 288.935860][ T6070] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.982690][ T30] audit: type=1326 audit(1762570905.034:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 290.101791][ T30] audit: type=1326 audit(1762570905.064:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 290.254581][ T30] audit: type=1326 audit(1762570905.064:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 290.650349][ T30] audit: type=1326 audit(1762570905.064:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 290.688160][ T5965] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 290.868404][ T5965] usb 5-1: Using ep0 maxpacket: 16 [ 290.933585][ T5965] usb 5-1: config 0 has no interfaces? [ 290.981111][ T30] audit: type=1326 audit(1762570905.064:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f446a18f6c9 code=0x7ffc0000 [ 291.069430][ T6070] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.157243][ T5965] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 291.342820][ T7911] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.347963][ T5965] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 291.359468][ T5965] usb 5-1: Manufacturer: syz [ 291.367959][ T5965] usb 5-1: config 0 descriptor?? [ 291.376116][ T7911] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.398295][ T7911] bridge_slave_0: entered allmulticast mode [ 291.406170][ T7911] bridge_slave_0: entered promiscuous mode [ 291.463106][ T6070] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.481759][ T7911] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.489773][ T7911] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.497225][ T7911] bridge_slave_1: entered allmulticast mode [ 291.516281][ T7911] bridge_slave_1: entered promiscuous mode [ 291.706840][ T5905] usb 5-1: USB disconnect, device number 3 [ 291.855800][ T7911] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.929089][ T7911] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 293.245371][ T7911] team0: Port device team_slave_0 added [ 293.537354][ T8006] Bluetooth: hci1: Frame reassembly failed (-84) [ 293.620846][ T8006] loop2: detected capacity change from 0 to 512 [ 293.730184][ T8006] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.558: inode has both inline data and extents flags [ 293.747078][ T8006] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.558: couldn't read orphan inode 15 (err -117) [ 293.775547][ T8006] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 293.953604][ T13] Bluetooth: hci1: Frame reassembly failed (-84) [ 293.980354][ T13] Bluetooth: hci1: Frame reassembly failed (-84) [ 294.002472][ T7911] team0: Port device team_slave_1 added [ 294.229800][ T7911] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 294.237215][ T7911] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 294.265489][ T7911] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 294.302936][ T7911] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 294.318786][ T7911] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 294.369432][ T7911] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 294.403450][ T6070] bridge_slave_1: left allmulticast mode [ 294.410446][ T6070] bridge_slave_1: left promiscuous mode [ 294.418243][ T6070] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.443241][ T6070] bridge_slave_0: left allmulticast mode [ 294.451593][ T6070] bridge_slave_0: left promiscuous mode [ 294.459434][ T6070] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.663119][ T8026] loop4: detected capacity change from 0 to 512 [ 295.680316][ T5143] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 295.734392][ T8026] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 295.778841][ T8026] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.564: inode has both inline data and extents flags [ 295.793635][ T8026] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.564: couldn't read orphan inode 15 (err -117) [ 295.816990][ T8026] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.791120][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.081822][ T8035] loop2: detected capacity change from 0 to 512 [ 299.478434][ T8035] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal [ 300.404284][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.503333][ T6070] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 300.547342][ T6070] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 300.567322][ T6070] bond0 (unregistering): Released all slaves [ 301.014294][ T7911] hsr_slave_0: entered promiscuous mode [ 301.022848][ T7911] hsr_slave_1: entered promiscuous mode [ 301.030779][ T7911] debugfs: 'hsr0' already exists in 'hsr' [ 301.036753][ T7911] Cannot create hsr debugfs directory [ 301.439304][ T8057] netlink: 16 bytes leftover after parsing attributes in process `syz.3.570'. [ 301.454230][ T8057] tipc: Invalid UDP bearer configuration [ 301.454298][ T8057] tipc: Enabling of bearer rejected, failed to enable media [ 301.942467][ T6070] hsr_slave_0: left promiscuous mode [ 301.973159][ T6070] hsr_slave_1: left promiscuous mode [ 301.996949][ T6070] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 302.019206][ T6070] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 302.046445][ T6070] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 302.064337][ T6070] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 302.193516][ T6070] veth1_macvtap: left promiscuous mode [ 303.177631][ T6070] veth0_macvtap: left promiscuous mode [ 303.192464][ T6070] veth1_vlan: left promiscuous mode [ 303.205417][ T6070] veth0_vlan: left promiscuous mode [ 304.419874][ T8096] loop2: detected capacity change from 0 to 256 [ 305.062057][ T6070] team0 (unregistering): Port device team_slave_1 removed [ 305.164597][ T6070] team0 (unregistering): Port device team_slave_0 removed [ 307.539527][ C0] ------------[ cut here ]------------ [ 307.545521][ C0] WARNING: ./include/linux/ns_common.h:255 at delayed_free_pidns+0x118/0x150, CPU#0: syz.0.575/8078 [ 307.557073][ C0] Modules linked in: [ 307.561293][ C0] CPU: 0 UID: 0 PID: 8078 Comm: syz.0.575 Not tainted syzkaller #0 PREEMPT(full) [ 307.570557][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 307.580978][ C0] RIP: 0010:delayed_free_pidns+0x118/0x150 [ 307.586830][ C0] Code: 85 ed 7e 2b e8 99 9f 03 00 48 83 c3 a8 48 8b 3d 5e be c7 17 48 89 de 5b 41 5c 41 5e 41 5f 5d e9 1e 1e 5f 00 e8 79 9f 03 00 90 <0f> 0b 90 eb b4 e8 6e 9f 03 00 4c 89 ff be 03 00 00 00 e8 01 fb d2 [ 307.606629][ C0] RSP: 0000:ffffc90000007bb0 EFLAGS: 00010246 [ 307.612879][ C0] RAX: ffffffff81bde0b7 RBX: ffff8880783f9078 RCX: ffff8880274c1e80 [ 307.616060][ T8134] netlink: 16 bytes leftover after parsing attributes in process `syz.4.587'. [ 307.620927][ C0] RDX: 0000000000000100 RSI: 0000000000000002 RDI: 0000000000000000 [ 307.620952][ C0] RBP: 0000000000000002 R08: ffff88807c978193 R09: 1ffff1100f92f032 [ 307.620968][ C0] R10: dffffc0000000000 R11: ffffed100f92f033 R12: dffffc0000000000 [ 307.620984][ C0] R13: ffffffff81a903d7 R14: ffff88807c978000 R15: ffff88807c978190 [ 307.620999][ C0] FS: 0000000000000000(0000) GS:ffff888125ec2000(0000) knlGS:0000000000000000 [ 307.621017][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 307.621032][ C0] CR2: 000056115fbc0000 CR3: 000000001daac000 CR4: 00000000003526f0 [ 307.621053][ C0] Call Trace: [ 307.621063][ C0] [ 307.621074][ C0] ? __pfx_delayed_free_pidns+0x10/0x10 [ 307.621104][ C0] rcu_core+0xcab/0x1770 [ 307.702670][ C0] ? __pfx_rcu_core+0x10/0x10 [ 307.707398][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 307.713121][ C0] ? seqcount_lockdep_reader_access+0x15e/0x1c0 [ 307.719462][ C0] handle_softirqs+0x286/0x870 [ 307.724283][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 307.729223][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 307.734557][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 307.739815][ C0] __irq_exit_rcu+0xca/0x1f0 [ 307.744469][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 307.749734][ C0] irq_exit_rcu+0x9/0x30 [ 307.754026][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 307.759807][ C0] [ 307.762791][ C0] [ 307.765749][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 307.771781][ C0] RIP: 0010:rcu_is_watching+0x3a/0xb0 [ 307.777196][ C0] Code: e8 9b e4 b4 09 89 c3 83 f8 08 73 65 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd d0 7d 9a 8d 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 <74> 08 4c 89 f7 e8 6c d6 80 00 48 c7 c3 98 13 77 92 49 03 1e 48 89 [ 307.796907][ C0] RSP: 0000:ffffc90019e0ed38 EFLAGS: 00000246 [ 307.803046][ C0] RAX: 1ffffffff1b34fba RBX: 0000000000000000 RCX: cf3ce818d7638b00 [ 307.811094][ C0] RDX: 0000000000000001 RSI: ffffffff8bbf41c0 RDI: ffffffff8bbf4180 [ 307.819120][ C0] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffffff81740fc5 [ 307.827126][ C0] R10: ffffc90019e0ee78 R11: ffffffff81ad7830 R12: 1ffff920033c1dc5 [ 307.835227][ C0] R13: ffffc90019e0ee60 R14: ffffffff8d9a7dd0 R15: dffffc0000000000 [ 307.843282][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 307.849523][ C0] ? unwind_next_frame+0xa5/0x2390 [ 307.854776][ C0] ? rcu_is_watching+0x15/0xb0 [ 307.859609][ C0] ? dput+0x19f/0x2b0 [ 307.863649][ C0] ? unwind_next_frame+0xa5/0x2390 [ 307.868809][ C0] unwind_next_frame+0xd4/0x2390 [ 307.873785][ C0] ? unwind_next_frame+0xa5/0x2390 [ 307.878979][ C0] ? __dentry_kill+0x209/0x660 [ 307.883951][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 307.890174][ C0] arch_stack_walk+0x11c/0x150 [ 307.895029][ C0] ? dput+0x19f/0x2b0 [ 307.899089][ C0] stack_trace_save+0x9c/0xe0 [ 307.903811][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 307.909249][ C0] save_stack+0xf5/0x1f0 [ 307.913555][ C0] ? __pfx_save_stack+0x10/0x10 [ 307.918455][ C0] ? free_unref_folios+0xd22/0x1460 [ 307.923689][ C0] ? folios_put_refs+0x584/0x670 [ 307.928692][ C0] ? shmem_undo_range+0x49e/0x1490 [ 307.934061][ C0] ? shmem_evict_inode+0x272/0xa70 [ 307.939313][ C0] ? evict+0x5f4/0xae0 [ 307.943402][ C0] ? __dentry_kill+0x209/0x660 [ 307.948239][ C0] ? dput+0x19f/0x2b0 [ 307.952259][ C0] ? page_ext_put+0x97/0xc0 [ 307.956797][ C0] __reset_page_owner+0x71/0x1f0 [ 307.961802][ C0] free_unref_folios+0xd22/0x1460 [ 307.966851][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 307.973233][ C0] ? __page_cache_release+0x8a6/0xbb0 [ 307.978704][ C0] folios_put_refs+0x584/0x670 [ 307.983523][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 307.988879][ C0] ? folio_batch_remove_exceptionals+0x18c/0x1f0 [ 307.994644][ T8134] tipc: Invalid UDP bearer configuration [ 307.995311][ C0] shmem_undo_range+0x49e/0x1490 [ 307.995382][ T8134] tipc: Enabling of bearer rejected, failed to enable media [ 308.001028][ C0] ? __pfx_shmem_undo_range+0x10/0x10 [ 308.001091][ C0] ? kernel_text_address+0xa5/0xe0 [ 308.024928][ C0] ? __kernel_text_address+0xd/0x40 [ 308.030251][ C0] ? stack_depot_save_flags+0x40/0x860 [ 308.035838][ C0] ? kernel_text_address+0xa5/0xe0 [ 308.041025][ C0] ? percpu_counter_add_batch+0xea/0x1e0 [ 308.046907][ C0] shmem_evict_inode+0x272/0xa70 [ 308.051915][ C0] ? inode_wait_for_writeback+0x14d/0x370 [ 308.057670][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 308.063207][ C0] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 308.069348][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 308.074588][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 308.080157][ C0] evict+0x5f4/0xae0 [ 308.084162][ C0] ? __pfx_evict+0x10/0x10 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 308.088661][ C0] ? _raw_spin_unlock+0x28/0x50 [ 308.093555][ C0] ? iput+0xce7/0x1050 [ 308.097742][ C0] __dentry_kill+0x209/0x660 [ 308.102510][ C0] ? dput+0x37/0x2b0 [ 308.106447][ C0] dput+0x19f/0x2b0 [ 308.110327][ C0] __fput+0x68e/0xa70 [ 308.114387][ C0] task_work_run+0x1d4/0x260 [ 308.119040][ C0] ? __pfx_task_work_run+0x10/0x10 [ 308.124222][ C0] ? do_exit+0x6b8/0x2300 [ 308.128634][ C0] ? kmem_cache_free+0x19b/0x690 [ 308.133614][ C0] do_exit+0x6bd/0x2300 [ 308.137810][ C0] ? do_raw_spin_lock+0x121/0x290 [ 308.142925][ C0] ? __pfx_do_exit+0x10/0x10 [ 308.147629][ C0] do_group_exit+0x21c/0x2d0 [ 308.152394][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 308.157644][ C0] get_signal+0x1285/0x1340 [ 308.162262][ C0] arch_do_signal_or_restart+0x9a/0x7a0 [ 308.167848][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 308.174171][ C0] ? exit_to_user_mode_loop+0x55/0x4f0 [ 308.179811][ C0] exit_to_user_mode_loop+0x87/0x4f0 [ 308.185142][ C0] ? rcu_is_watching+0x15/0xb0 [ 308.189992][ C0] do_syscall_64+0x2e9/0xfa0 [ 308.194750][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.200896][ C0] ? clear_bhb_loop+0x60/0xb0 [ 308.205881][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.211878][ C0] RIP: 0033:0x7f60b2f8f6c9 [ 308.216506][ C0] Code: Unable to access opcode bytes at 0x7f60b2f8f69f. [ 308.223925][ C0] RSP: 002b:00007f60b3d6efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 308.232430][ C0] RAX: fffffffffffffffc RBX: 00007f60b31e6270 RCX: 00007f60b2f8f6c9 [ 308.240743][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f5982400 [ 308.248824][ C0] RBP: 00007f60b3011f91 R08: 0000000000000000 R09: 0000000000000000 [ 308.256836][ C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 308.264985][ C0] R13: 00007f60b31e6308 R14: 00007f60b31e6270 R15: 00007ffcaca6d7d8 [ 308.273057][ C0] [ 308.276117][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 308.283436][ C0] CPU: 0 UID: 0 PID: 8078 Comm: syz.0.575 Not tainted syzkaller #0 PREEMPT(full) [ 308.292661][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 308.302743][ C0] Call Trace: [ 308.306048][ C0] [ 308.308928][ C0] dump_stack_lvl+0x99/0x250 [ 308.313563][ C0] ? __asan_memcpy+0x40/0x70 [ 308.318190][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 308.323425][ C0] ? __pfx__printk+0x10/0x10 [ 308.328073][ C0] vpanic+0x237/0x6d0 [ 308.332079][ C0] ? __pfx_vpanic+0x10/0x10 [ 308.336603][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 308.341850][ C0] panic+0xb9/0xc0 [ 308.345602][ C0] ? __pfx_panic+0x10/0x10 [ 308.350045][ C0] __warn+0x334/0x4c0 [ 308.354045][ C0] ? delayed_free_pidns+0x118/0x150 [ 308.359265][ C0] ? delayed_free_pidns+0x118/0x150 [ 308.364737][ C0] report_bug+0x2be/0x4f0 [ 308.369077][ C0] ? delayed_free_pidns+0x118/0x150 [ 308.374282][ C0] ? delayed_free_pidns+0x118/0x150 [ 308.379487][ C0] ? delayed_free_pidns+0x11a/0x150 [ 308.384690][ C0] handle_bug+0x84/0x160 [ 308.388937][ C0] exc_invalid_op+0x1a/0x50 [ 308.393466][ C0] asm_exc_invalid_op+0x1a/0x20 [ 308.398322][ C0] RIP: 0010:delayed_free_pidns+0x118/0x150 [ 308.404143][ C0] Code: 85 ed 7e 2b e8 99 9f 03 00 48 83 c3 a8 48 8b 3d 5e be c7 17 48 89 de 5b 41 5c 41 5e 41 5f 5d e9 1e 1e 5f 00 e8 79 9f 03 00 90 <0f> 0b 90 eb b4 e8 6e 9f 03 00 4c 89 ff be 03 00 00 00 e8 01 fb d2 [ 308.423753][ C0] RSP: 0000:ffffc90000007bb0 EFLAGS: 00010246 [ 308.429840][ C0] RAX: ffffffff81bde0b7 RBX: ffff8880783f9078 RCX: ffff8880274c1e80 [ 308.437814][ C0] RDX: 0000000000000100 RSI: 0000000000000002 RDI: 0000000000000000 [ 308.445787][ C0] RBP: 0000000000000002 R08: ffff88807c978193 R09: 1ffff1100f92f032 [ 308.453762][ C0] R10: dffffc0000000000 R11: ffffed100f92f033 R12: dffffc0000000000 [ 308.461750][ C0] R13: ffffffff81a903d7 R14: ffff88807c978000 R15: ffff88807c978190 [ 308.469728][ C0] ? rcu_core+0xc37/0x1770 [ 308.474158][ C0] ? delayed_free_pidns+0x117/0x150 [ 308.479365][ C0] ? __pfx_delayed_free_pidns+0x10/0x10 [ 308.484915][ C0] rcu_core+0xcab/0x1770 [ 308.489178][ C0] ? __pfx_rcu_core+0x10/0x10 [ 308.493869][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 308.499511][ C0] ? seqcount_lockdep_reader_access+0x15e/0x1c0 [ 308.505773][ C0] handle_softirqs+0x286/0x870 [ 308.510552][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 308.515328][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 308.520626][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 308.525845][ C0] __irq_exit_rcu+0xca/0x1f0 [ 308.533747][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 308.539280][ C0] irq_exit_rcu+0x9/0x30 [ 308.543648][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 308.549387][ C0] [ 308.552322][ C0] [ 308.555262][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 308.561260][ C0] RIP: 0010:rcu_is_watching+0x3a/0xb0 [ 308.566648][ C0] Code: e8 9b e4 b4 09 89 c3 83 f8 08 73 65 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd d0 7d 9a 8d 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 <74> 08 4c 89 f7 e8 6c d6 80 00 48 c7 c3 98 13 77 92 49 03 1e 48 89 [ 308.586262][ C0] RSP: 0000:ffffc90019e0ed38 EFLAGS: 00000246 [ 308.592335][ C0] RAX: 1ffffffff1b34fba RBX: 0000000000000000 RCX: cf3ce818d7638b00 [ 308.600576][ C0] RDX: 0000000000000001 RSI: ffffffff8bbf41c0 RDI: ffffffff8bbf4180 [ 308.608638][ C0] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffffff81740fc5 [ 308.616705][ C0] R10: ffffc90019e0ee78 R11: ffffffff81ad7830 R12: 1ffff920033c1dc5 [ 308.624679][ C0] R13: ffffc90019e0ee60 R14: ffffffff8d9a7dd0 R15: dffffc0000000000 [ 308.632746][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 308.638908][ C0] ? unwind_next_frame+0xa5/0x2390 [ 308.644037][ C0] ? rcu_is_watching+0x15/0xb0 [ 308.648815][ C0] ? dput+0x19f/0x2b0 [ 308.652976][ C0] ? unwind_next_frame+0xa5/0x2390 [ 308.658089][ C0] unwind_next_frame+0xd4/0x2390 [ 308.663061][ C0] ? unwind_next_frame+0xa5/0x2390 [ 308.668187][ C0] ? __dentry_kill+0x209/0x660 [ 308.672970][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 308.679130][ C0] arch_stack_walk+0x11c/0x150 [ 308.683907][ C0] ? dput+0x19f/0x2b0 [ 308.687908][ C0] stack_trace_save+0x9c/0xe0 [ 308.692589][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 308.697974][ C0] save_stack+0xf5/0x1f0 [ 308.702316][ C0] ? __pfx_save_stack+0x10/0x10 [ 308.707192][ C0] ? free_unref_folios+0xd22/0x1460 [ 308.712399][ C0] ? folios_put_refs+0x584/0x670 [ 308.717430][ C0] ? shmem_undo_range+0x49e/0x1490 [ 308.722546][ C0] ? shmem_evict_inode+0x272/0xa70 [ 308.727656][ C0] ? evict+0x5f4/0xae0 [ 308.731733][ C0] ? __dentry_kill+0x209/0x660 [ 308.736501][ C0] ? dput+0x19f/0x2b0 [ 308.740669][ C0] ? page_ext_put+0x97/0xc0 [ 308.745357][ C0] __reset_page_owner+0x71/0x1f0 [ 308.750327][ C0] free_unref_folios+0xd22/0x1460 [ 308.755355][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 308.761687][ C0] ? __page_cache_release+0x8a6/0xbb0 [ 308.767074][ C0] folios_put_refs+0x584/0x670 [ 308.771856][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 308.777154][ C0] ? folio_batch_remove_exceptionals+0x18c/0x1f0 [ 308.783494][ C0] shmem_undo_range+0x49e/0x1490 [ 308.788454][ C0] ? __pfx_shmem_undo_range+0x10/0x10 [ 308.793856][ C0] ? kernel_text_address+0xa5/0xe0 [ 308.798975][ C0] ? __kernel_text_address+0xd/0x40 [ 308.804200][ C0] ? stack_depot_save_flags+0x40/0x860 [ 308.809753][ C0] ? kernel_text_address+0xa5/0xe0 [ 308.814962][ C0] ? percpu_counter_add_batch+0xea/0x1e0 [ 308.820604][ C0] shmem_evict_inode+0x272/0xa70 [ 308.825557][ C0] ? inode_wait_for_writeback+0x14d/0x370 [ 308.831278][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 308.836744][ C0] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 308.842821][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 308.848045][ C0] ? __pfx_shmem_evict_inode+0x10/0x10 [ 308.853545][ C0] evict+0x5f4/0xae0 [ 308.857479][ C0] ? __pfx_evict+0x10/0x10 [ 308.861912][ C0] ? _raw_spin_unlock+0x28/0x50 [ 308.866876][ C0] ? iput+0xce7/0x1050 [ 308.871229][ C0] __dentry_kill+0x209/0x660 [ 308.875934][ C0] ? dput+0x37/0x2b0 [ 308.879859][ C0] dput+0x19f/0x2b0 [ 308.883862][ C0] __fput+0x68e/0xa70 [ 308.887869][ C0] task_work_run+0x1d4/0x260 [ 308.892480][ C0] ? __pfx_task_work_run+0x10/0x10 [ 308.897599][ C0] ? do_exit+0x6b8/0x2300 [ 308.901928][ C0] ? kmem_cache_free+0x19b/0x690 [ 308.906877][ C0] do_exit+0x6bd/0x2300 [ 308.911320][ C0] ? do_raw_spin_lock+0x121/0x290 [ 308.916452][ C0] ? __pfx_do_exit+0x10/0x10 [ 308.921097][ C0] do_group_exit+0x21c/0x2d0 [ 308.925700][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 308.931445][ C0] get_signal+0x1285/0x1340 [ 308.935980][ C0] arch_do_signal_or_restart+0x9a/0x7a0 [ 308.941548][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 308.947717][ C0] ? exit_to_user_mode_loop+0x55/0x4f0 [ 308.953186][ C0] exit_to_user_mode_loop+0x87/0x4f0 [ 308.958482][ C0] ? rcu_is_watching+0x15/0xb0 [ 308.963268][ C0] do_syscall_64+0x2e9/0xfa0 [ 308.967960][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.974041][ C0] ? clear_bhb_loop+0x60/0xb0 [ 308.978735][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.984656][ C0] RIP: 0033:0x7f60b2f8f6c9 [ 308.989191][ C0] Code: Unable to access opcode bytes at 0x7f60b2f8f69f. [ 308.996218][ C0] RSP: 002b:00007f60b3d6efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 309.004641][ C0] RAX: fffffffffffffffc RBX: 00007f60b31e6270 RCX: 00007f60b2f8f6c9 [ 309.012619][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f5982400 [ 309.020597][ C0] RBP: 00007f60b3011f91 R08: 0000000000000000 R09: 0000000000000000 [ 309.028590][ C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 309.036563][ C0] R13: 00007f60b31e6308 R14: 00007f60b31e6270 R15: 00007ffcaca6d7d8 [ 309.044557][ C0] [ 309.047731][ C0] Kernel Offset: disabled [ 309.052049][ C0] Rebooting in 86400 seconds..