last executing test programs: 2.767492037s ago: executing program 4 (id=5035): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, &(0x7f0000000380)) 2.395775837s ago: executing program 4 (id=5039): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mq_unlink(0x0) 2.39386137s ago: executing program 3 (id=5040): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newlink={0x58, 0x10, 0x40d, 0x4, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x7, 0x401}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000891}, 0x0) 2.26327913s ago: executing program 4 (id=5041): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x2, &(0x7f0000000000)=[{0x28, 0x6, 0xec, 0xfffff028}, {0x6, 0x2, 0x3, 0x101}]}, 0x10) 2.017912106s ago: executing program 4 (id=5044): r0 = syz_open_dev$vbi(&(0x7f0000000300), 0x0, 0x2) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000003c0)=@multiplanar_mmap={0x0, 0x3, 0x4, 0x100000, 0x96, {0x77359400}, {0x3, 0xb, 0xe, 0x4, 0x3, 0x6, "95105588"}, 0x2, 0x1, {0x0}, 0x1}) 1.941849118s ago: executing program 0 (id=5046): setreuid(0x0, 0xee00) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000004e040100000000002d400200000000004704000001ed00007b130000000000001d440200000000007a0a00fe00ffffffc3030000e1000000b5b00000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af69912435f1a864a710aad58db6a6c3692e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5be14ecf7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e347a8ad880d2cd829b847400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c35b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af8612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5e69048ddff6da409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03fb8a63e089679216da18ec0ae564162a27afea62d84f3a10746443d64364f50000e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc286463a2b1e992894269f478341d02d0f5ad4bcb524a5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39e415140200000020cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a22048516d6aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe0e669e5e20100005353193f82ade69d0540059fe6c7fe7cd8697502c7596566d6740300da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc02290beaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24c87afce829ba0f85da6d8a8f18ea40ab959f6074ab2a4009b9e5f07ab5138aa6e3d37fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0cbe02b6e4114f244a9bf93f04beb72f0861f7580e6b0b384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208160fb04c98375b9cdbae2ed9dc7358f0ebadde0b728fe26e37037f27feeb741680f6f2f9a6a8346962a350845ffa0d829e4f79ad7d87906943408e6df3adbfd03aac93df8866fb010aecfed9092ca4d0f3e1116a0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a530600d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe92c7719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b1dba94a6ea80c33ead5722c3293986e02c8e0a6dda1eca493f14795bd068826fe8df15efaaeea831555877f958a19e499666a38d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a8784d0899ed888141e2fae6691d1aee1da02ba516467df3e7d1daac19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa57d2c93f49c47944fec01a8aa7749f3187e9efb00000000e0884160b765b07ec9ba020362310223c81e48d6d3b6e5b50d45248efe43a409773e3ed01cd663f3aaab9e1c0000f43b64bb54e5b30be3399e3dd1eb1cfd1935a323023fe5792879833c7eb356b95cfb135045b1d8f7da2fa5bfedef411d0791523a9e64c884e9dfed9cd413afe66bd8ee831cdb34726fe0434fbf44c7b33a853330bcaf37ba4e36705807468b37d32087e599165f1bce015145444ef5967b443222f46173cc876015b2d1874be9846f7c1653c02d2ef9a75fdc45820c69bbe1cb575f9aa21aa9d3d58bd5e5fe026142a72e24049b8400c4a28b2d5db8d5f53cb354fba19975fb0b3739baae51cb4b034993ef1463dcdba2da419b320420efdd091d7f6e83c8ac2ccc6c9392a42a33907421ab847c9590c213eda9a7e1db598a23e75a3c0933fc803ca994a86476b995c37c445f68fd99fb4d335ff00d15bc4630c993fffffe000000000000a236a791bcb6eff8d488041db6b8f2c158c2c3f4baacd0c8cc7eb1fd7fba93237e598771cf6f281aa72139"], &(0x7f00000001c0)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 1.892242422s ago: executing program 3 (id=5047): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@mmap={0xfffffc01, 0x2, 0x4, 0x10, 0x0, {0x77359400}, {0x1, 0x1, 0x2, 0x7, 0x6, 0xb, "92b9e163"}, 0x7, 0x1, {}, 0x5}) 1.769484531s ago: executing program 4 (id=5048): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20108c0, &(0x7f0000000940)=ANY=[@ANYBLOB="646973636172642c696f636861727365743d63703835352c6572726f72733d72656d6f756e742d726f2c696e746567726974792c6e6f646973636172642c646973636172643d3078303030303030303030303030303030382c6572726f72733d636f6e74696e7565006969736f383835392d342c756d61736b3d3078303030303030303030303030303038312c696f6368617257fd743d6d6163677265656b2c71756f74612c6572726f1729def7e35bcb756e742d726f2c726573697a653d3078303030303030303030181829303030303030312c756d61736b3d3078303030303030303030303032303034352c66736d616769633d307830dcb1c47cb87a74ac1a3030303030303030303030303030392c646566636f6e746578743d726f6f742c66736e616d653d757d407d587d5b2d292b2c000d1c13f7c892c8615d265c6376539175380511bac765713e83a65e4fdf011c705fc6838005120385ac61b970f45d1492a0612eb8000000000000808fc76f91b7b9a5ce77887858ea333961d1ef1e4eabd4c84e81dbf575c47e9b8eea9d6806fa159e0525146f6312b4931cffed0000", @ANYRES32, @ANYRESOCT, @ANYRESOCT, @ANYBLOB="34dd0f00135ea23c22845cc5474e7cd7e7ab01d33c4486b62e3b4f9822364f30c24779205bbd653e2b0e7bbbcba1e3dc78833fbb91474ba644d13b9a3bfddc66bfc8ba12f680d556b1b4d4a1ec5b55eeedc8454a11312f3025c08220a36ab6d8100e6a0836f341eb18f984b2a7feaef926859b77e733f9bb7220a2460746c81448ccc7a901e32427b8cc656a1b8a1c52fac1524d3a90fc424c13d6cc5708aa1ea205ddd2b967de4068647f1a5fade5146a344fd31daeeaeede8f61b1066ca3a10599230edf07182401e51b"], 0x1, 0x61f5, &(0x7f00000075c0)="$eJzs3U1vHVf9B/DfffRD/k2tLqr+I4TctDyU0iROSggUaLsoCzZdoGxRItetIlJASUBpZRFX3rBgxSsAIbFEiCViwQvogi07VqyIZCOBumLQ2OfE48m9vXYd37n2fD6SPfObM9c+4++d++A7MycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjed7+/0omIGz9LC5Yi/i96Ed2IhbJejoiF5aW8fj8inoud5ng2IgZzEeXtd749HfFqRHx8NmJre321XHz5gP146w9/++0Pzrz9198PLv7nj/d6r41b7/79X/77Tw+Ots0AAADQNkVRFJ30Nv9cen/fbbpTAMBU5Of/IsnLT339q3+8/edZ6o9arVar1VOoq4rRHlSLiNio3qZ8zeDjeAA4YTbik6a7QIPk32r9iDjTdCeAmdZpugMci63t9dVOyrdTfT5Y3m3Px4Lsy3+j8+j8jnHTSerHmEzr/rUZvXhmTH8WptSHWZLz79bzv7HbPkzrHXf+0zIu/+HuqU+tk/Pv1fOvOT35d0fm31Y5//6h8u/JHwAAAAAAZlj+//9Sw5//zh19Uw7k0z7/XZ5SHwAAAAAAAADgSTvq+H+PGP8PAAAAZlb5Xr3067N7y8Zdi61cfr0T8VRtfaBl0skyi033AwAAAAAAAAAAAADapL97DO/1TsQgIp5aXCyKovyqqteHddTbnwI71yxouhPA9DX9IA8AALs+Pls7l78TMR8R16O7c62/weLiYlHMLywWi8XCXH49O5ybLxYq7+vztFw2NzzAC+L+sCh/2HzldlWT/l8wqb3+88rfNSx6B+jYEzJIf80xzQ2FDQDJ7rPRlmekU6YonvZpAwdi/z+FlmKp6fsVs6/puykAAABw/IqiKDrpct7n0vh+3aY7BQBMRX7+r38ucKS6O6Y94sn8fLVarVar1Z+pripGe1AtImKjepvyNYPh+AHghNmIT5ruAg2Sf6v1I+K5pjsBzLRO0x3gWGxtr692Ur6d6vNBGt89HwuyL/+Nzs7t8u1HTSepH2MyrfvXZvTimTH9eXZKfZglOf9uPf8bu+3DtN5x5z8t4/If7pwy1z45/149/5rTk393ZP5tlfPvHyr/nvwBAAAAAGCG5f//L/n8N28yAAAAAAAAAJw4W9vrq/m81/z5/+dGrOf8z9Mp5985bP4LaV7+J1rOv1vL/8u19XqV+Ydv7u3//9peX/3dvX/+f54eNP+5PNNJ96xOukd00m/q9NP0KFv3uM1Bb1j+pkGn2+unY36KwbtxK27HWlzat243/T322lf2tZc9Hexrv7yvvf9Y+5V97YN03YFiIbdfiNX4cdyOd3bay7a5Cds/P6G9mNCe8+95/G+lnH+/8lXmv5jaO7Vp6eFH3cf2++p01O9549bnf3Hp+Ddnos3oPdq2qnL7zjfQn/Jv8lYM46d31+5cuH/z3r07K5EmZ6pLL0eaPGE5/8HO19ze4/8Lu+35cb+6vz78aHjo/GfFZvTH5v9CZb7c3pem3Lcm5PyH6Svn/05qH73/n+T8x+//LzfQHwAAAAAAAAAAAAAAAPg0RVHsnCL6RkRcTef/NHVuJgAwXfn5v0jycrVarVar1aevripGe71aRMRfqrcpXzP8fNQPAwBm2X8j4u9Nd4LGyL/F8vX+yumLTXcGmKq7H3z4w5u3b6/dudt0TwAAAAAAAACAzyqP/7lcGf/5xYhYqq23b/zXN2P5qON/9vPMowFGn/BA32Nsdoe9bmW48edjZ3zuC+PG/z4fj4//ncfE7VW3Y4zBhPbhhPa5Ce3zI5fupTXyRI+KnP/zlfHOy/zP1YZfb8P4r/Ux79sg53++cn8u8/9Sbb1q/sVvZi7/jYOuuBndfflfvPf+Ty7e/eDDV269f/O9tffWfnRlZeXSlatXr127dvHdW7fXLu1+P55ez4Ccfx772nGg7ZLzz5nLv11y/l9ItfzbJef/xVTLv11y/vn1nvzbJeef3/vIv11y/i+lWv7tkvP/Sqrl3y5b2+tzZf4vp1r+7ZL3/6+mWv7tkvN/JdXyb5ec/4VUy79dcv4XU32A/F0e/hTJ+edPuOz/7ZLzX0m1/Nsl53851fJvl5z/lVTLv11y/q+mWv7tkvP/Wqrl3y45/6upln+75Py/nurD5L9wjP1iOnL+11Jt/2+XnP83Ui3/dsn5fzPV8m+XnP9rqZZ/u+T8v5Vq+bdLzv/bqZZ/u+T8v5Nq+bdLzv/1VMu/Xfau/2/GjBkzeabpRyYAAAAAAAAAAAAAoG4ahxM3vY0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYe/uYuQ66/uBn1nv2muHEAMhOPkb2CQmhMRk13biF/5NMYEADVAKJBT6guN612bBb3jtEiiSTQMlEkZFFVXTi7aAojZSVRFVXNCK0lxUfbkq7QW9qagqITWqDAqoSG0F2WrmPM/jmdnZmVnveH32PJ+PlPx2Z86Z88yZ55yd366/cwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHa3vnnuc42iKJr/tf63tShe1Px689TW1m1vuNYjBAAAAFbrp63/P39DuuHgECu1LfN3r/rHry8uLi4WH9jwuxPjxWK6Y6ooJjYVReu+6Jl//2DjS23fB48Xk42xtu/HBmx+w4D7xwfcPzHg/o0D7t804P7JAfcv2QFLbC5/H9N6sB2tL7eWu7S4sZho3bejx1qPNzaNjcXf5bQ0WussThwt5ovjxVwx07F8uWyjtfw3b21u6+1F3NZY27a2N2fIDz91JI6hEfbxjo5tXX7M6PtvKqZ+9MNPHfnjs5du7lUH7oaOxyvHeedtzXF+JtxSjrVRbEr7JI5zrG2c23u8Jhs6xtlordf8unuczw85zg2Xh7mmul/zyWKs9fW3W/tpvP3Xemk/bQ+3/fftRVFcuDzs7mWWbKsYK7Z03DJ2+fWZLGdk8zGaU+mlxfiK5umtQ8zTZp3d0TlPu4+J+PrfGtYbX2YM7S/T9z+9ccnrvtJ5GjWf9XLHSvccHPWxUpU5GOfFt1tP+omec3BHeP6fumP5Odhz7vSYg+l5t83B2wbNwbGNG1pjTi9Co7XO5Tm4q2P5Da0tNVr1uTv6z8HpsydOTy984pOvnz9x+NjcsbmTe3btmtmzd+/+/funj84fn5sp/3+Fe7v6thRj6Ri4Ley7eAy8tmvZ9qm6+JXRHYeTfY7DrV3Ljvo4HO9+co21OSCXzuny2Hi4udMnL44VyxxjrdfnrtUfh+l5tx2H423HYc+fKT2Ow/EhjsPmMqfvGu49y3jbf73GcLV+Fmxtm4Pd70e65+Co349UZQ5Ohnnxr3ct/7NgexjvEztX+n5kw5I5mJ5uOPc0b0nv9yf3t0qveXlL847rNhbnFubO3PPY4bNnz+wqQlkTL2ubK93zdUvbcyqWzNexFc/Xg/OveuKWHrdvDftq8vXN/00u+1o1l7n3nv6vVeunW+/92XHr7iKUEVvr/dnrp3lzf6Zess/+bC7zmenVvxdPfWnb+XdimfNv7PtfKLeXHurxDRPj5fG7Ie2diY7zcedLNd46dzVa235+erjz8UT4b63Pxzf2OR9v61p21Ofjie4nF8/HjUG/7Vid7tdzMsyT4zP9z8fNZbbtXumcHO97Pr491EbY/68LnULqi9rmznLzNm1rfHwiPK/xuIXOebqnY/mJ0Js1t/X07iubp3feXj7WhvTsLlureTrVteyo52k6Xy03TxuDfvt2Zbpfz8kwL27c03+eNpd59t7Vnzs3xy/bzp0bB83BiQ0bm2OeSJOwPN8vbo5z8J7iSHGqOF7Mtu7d2JpPjda2dt433BzcGP5b63Pltj5z8M6uZUc9B9PPseXmXmN86ZMfge7XczLMiyfv6z8Hm8u8Zd9o37veGW5Jy7S9d+3+/dpyv/O6pWs3Xc3feTXH+Tf7+v9utrnM8f0r7TP776e7wy3X9dhP3cfvcsfUbLE2+2lbGOel/cvvp+Z4mst86cCQ8+lgURTnP/ZA6/e94e8rf37uO1/v+LtLr7/pnP/YAz+4/ujfrmT8AKx/L5RlS/mzru0vU8P8/R8AAABYF2LfPxZqov8HAACA2oh9f/xX4Yn+HwAAAGoj9v3joSaZ9P/b3nJp/oXzRUrmLwbx/rQbHiqXixnXmfD91OJlzdsfeGrux395frhtjxVF8ZOHfqPn8tseiuMqTYVxPvNg5+1LVzw/1PYffeTycu359S+Hx4/PZ9hp0CuCO1MUxTdv+EJrO1MfvNiqzz70aKu+98ITjzeXef5A+X1c/7mXlcv/QQj/Hjx6uGP958J++F6oM+/ovT/iel+7+Lrt+95/eXtxvcZtL2497Sc/VD5u/JycLz5eLh/383Lj/6vPP/215vKPvab3+M+P9R7/0+Fxn3rw0nxzxv3PK8vl21+D5vdxvc+G8cftPRXWv+er3+o5/mc+Vy5/+q3lco+GGrd/Z/h+x1svzbfvr8cahzueV/G2crm4/Znv/Hbr/vh48fG7xz956GLH/uieH8/+c/k4013Lx9vjdqK/6Np+83Ha52fc/tO/9WjHfh60/Wfe+9wrm4/bvf27u5bb0LV+9yc2/eFnv9Bze3E8B//sdMfzOfiecByH7T/5oTAfw/3/+8wXOrYbPfqezvNPXP7LW893PJ/o7T8qt//MG4+16n9M/fj3r3vR9S++8OrmviuKb7+vfLxB2z/2R6c6xv+Vm+5qvR7x/pjR797+cuL2z3x858lTC+fmZ9v2auuzc95ZjmfT5OYtzfHeEM6t3d8fOnX2w3NnpmamZopiqr4foXfFvhrqD8pyYaXr3/VIeD1v+b1vbrnjnz4fb/+Xh8vbL76j/Ln12rDcF8PtW8vXb7Gxyu0/eetNreO78Wz5fUeOfQS27/jP/UMtGJ5/9/uCON9Pv/zDrf3QvK/1cyMe16sc/3dny8f5Rtivi+GTmW+76fL22pePn41w8X3l8b7q/RdOc/F1/ZPwer/re+Xjx3HF5/vd8D7mW9s6z3dxfnzj/Fj347c+xeNCOJ8UF8r741Jxf198/qaew4ufQ1JcuLn1/e+kx7l5RU9zOQufWJg+Pn/y3GPTZ+cWzk4vfOKTh06cOnfy7KHWZ3ke+sig9S+fn7a0zk+zc3vvLWY2F0VxqphZgxPW1Rl/86vhxn/6kSOz+2bumJ07evjc0bOPnJ47c+zIwsKRudmFOw4fPTr38UHrz8/ev2v3gT37du88Nj97//4DB/Yc2Dl/8lRzGOWgBtg789GdJ88caq2ycP+9B3bdd9+9MztPnJqdu3/fzMzOc4PWb/1s2tlc+9d3npk7fvjs/Im5nQvzn5y7f9eBvXt3D/w0wBOnjy5MTZ85d3L63MLcmenyuUydbd3c/Nk3aH3qaeHfyvez3RrlB/EV7757b/p81qanPr3sQ5WLdH2A6KXwWTT/8JLT+4f5Pvb9E6EmmfT/AAAAkIPY928MNdH/AwAAQG3Evn9TqIn+HwAAAGoj9v2ToSaZ9P/y//L/w+X/y/tHmf/vlZ8v5P8rlf8//bEyV7re8/8xPy//n4drnP9f9fbl/+X/65f/Hz4/v97HL/8v/89SVcv/x75/c1Fk2f8DAABADmLfvyXURP8PAAAAtRH7/utCTfT/AAAAUBux739RqEkm/b/8/1D5/92DAlf1z/+P/vr/8v/y/2uS/48vjvx/Nlacv3//wx3fyv8H8v/y//L/8v/y/6zaxLL3XKv8f+z7rw81yaT/BwAAgBzEvv/FoSb6fwAAAKiN2PffEGqi/wcAAIDaiH3/1lCTTPp/+X/X/5f/l/+vdf5/tdf/bxuM/P/64Pr//cn/D3DF+f9J+f/1mP+fGO34q53/Hzh8+X+uiqpd/z/2/S8JNcmk/wcAAIAcxL7/paEm+n8AAACojdj3vyzURP8PAAAAtRH7/htDTTLp/+X/5f/l/+X/5f97b3/w9f/Lr+T/q0X+vz/5/wFc/z+v/P+Ix1/t/P+or/8/8WD3+vL/9FK1/H/s+18eapJJ/w8AAAA5iH3/TaEm+n8AAACojdj3vyLURP8PAAAAtRH7/m2hJpn0//L/VyP//9PW2vL/8v/d80P+v275/5L8f7XI//cn/z+A/L/8v/z/cPn/Hh9+Jf9PL1XL/8e+/+ZQk0z6fwAAAMhB7PtvCTVZpv9fHPJv2wAAAEB1xL7//4Wa+Ps/AAAA1Ebs+7eHmmTS/8v/u/6//H9e+f+7N8r/y//Xm/x/f/L/A8j/y//L/w95/f+lVpL/3zTowaiNquX/Y9//ylCTTPp/AAAAyEHs+18VaqL/BwAAgNqIff+rQ030/wAAAFAbse+fCjXJpP+X/69X/v9P//rJVxfy//L/A7Zf0/x/nAby/5mT/+9P/n8A+X/5f/n/Ncn/k4+q5f9j339rqEkm/T8AAADkIPb9t4Wa6P8BAACgNmLff3uoif4fAAAAaiP2/TtCTTLp/+X/65X/j+T/5f/7bb+m+f9E/j9v8v89tB2k8v8DyP/L/2ef/4/vfuX/GY2q5f9j3/+aUJNM+n8AAADIQez77wg10f8DAABAbcS+/7WhJvp/AAAAqI3Y998ZapJJ/y//L/8v/y//L//fe/vy/+uT/H9/K83/b5T/l/+X/88s/+/6/4xW1fL/se9/XahJJv0/AAAA5CD2/XeFmuj/AQAAoDbiv98s/92r/h8AAADqKPb9O0NNMun/5f/l/3PK/zfk/+X/5f9rT/6/P9f/H0D+X/5f/l/+n5GqWv4/9v2vDzXJpP8HAACAHMS+/55QE/0/AAAA1Ebs+6dDTfT/AAAAUBux758JNcmk/5f/l//PKf/v+v/y//L/9Sf/398o8v+L5+X/5f97k/+vYP6/KOT/uaaqlv+Pff+uUJNM+n8AAADIQez7d4ea6P8BAACgNmLfvyfURP8PAAAAtRH7/ntDTTLp/+X/5f/l/+X/5f97b1/+f32S/+/P9f8HkP+X/69b/t/1/7nGqpb/j33/faEmmfT/AAAAkIPY9+8NNdH/AwAAQG3Evn9fqEno/3v9u24AAABgfYl9//5Qk0z+/i//X5P8/2/+fce25f/l//ttfzT5/83y/6HK/1dLTfP/3YfFFZP/H0D+/6rl54uxkQzxmo1f/l/+nytTtfx/7PsPhJpk0v8DAABADmLf/4ZQE/0/AAAA1Ebs+/9/qIn+HwAAAGoj9v0/E2qSSf8v/1+T/H8X+X/5/37bd/1/+f86q2n+f2Rqlf8fk/9fT/l/1/+X/x+0PvV09fP/8avh8v+x778/1CST/h8AAAByEPv+nw010f8DAABAbcS+/42hJvp/AAAAqI3Y9x8MNcmk/5f/l/+/Wvn/C2Py/93zI6/8/xuLblXM/zcnj/x/vVQ4/z8xzPbl/13/X/5/Tcbf/aNmJOOX/5f/Z6mqXf8/9v1vCjXJpP8HAACAHMS+/4FQE/0/AAAA1Ebs+98caqL/BwAAgNqIff9bQk0y6f/l/+X/Xf9f/t/1/3tvX/5/fapw/n8o8v/y//L/63f88v/y/yxVtfx/7PsfDDXJpP8HAACAHMS+/62hJvp/AAAAqI3Y978t1ET/DwAAALUR+/63h5pk0v/L/8v/y//L/8v/996+/P/6JP/fn/z/APL/8v/y//L/jFTV8v+x7/+5UJNM+n8AAADIQez7Hwo10f8DAABAbcS+/x2hJvp/AAAAqI3Y978z1CST/l/+X/5f/l/+X/6/9/bl/9cn+f/+5P8HkP+X/5f/l/9npKqW/499/7tCTTLp/wEAACAHse//+VAT/T8AAADURuz73x1qov8HAACA2oh9/y+EmmTS/8v/y/9XK/+/eL59Pfl/+f9iVPn/5kry/1mQ/+9P/n+AHvn/TfL/8v/y//L/XLGq5f9j3/+eUJNM+n8AAADIQez73xtqov8HAACA2oh9//tCTfT/AAAAUBux73841CST/l/+P8v8f3rK1cv/u/6//L/r/8v/r478f3/y/wO4/r/8v/y//D8jVbX8f+z7Hwk1yaT/BwAAgBzEvv/9oSb6fwAAAKiN2Pf/YqiJ/h8AAABqI/b9Hwg1yaT/l//PMv9f4ev/1y3/P94xP3LK/0+2vZ5pXsr/y/+vAfn//uT/B5D/l/+vcv4/zObNy6wv/08VVS3/H/v+D4aaZNL/AwAAQA5i3/9LoSb6fwAAAKiN2Pf/cqiJ/h8AAABqI/b9vxJqkkn/X8P8/4VC/l/+vzL5/875kVP+3/X/l5L/Xxvy//3J/w8g/y//X+X8/wDy/1RR1fL/se//1VCTZRu/H/zXEE8TAAAAqJDY938o1CSTv/8DAABADmLffyjURP8PAAAAtRH7/kdDTTLp/2uY/1/l9f/jFVXl/+X/R53/H5P/l/+X/18Do8v/v+L6opD/l/+X/5f/l/+X/2c1qpb/j33/4VCTTPp/AAAAyEHs+38t1ET/DwAAALUR+/4joSb6fwAAAKiN2PfPhppk0v9fw/z/RDXz/67/f6X5/5/I/7v+fyD/35v8/9pw/f/+5P8HkP+X/5f/l/9npKqW/499/1yoSSb9PwAAANRY+nVw7PuPhpro/wEAAKA2Yt9/LNRE/w8AAAC1Efv+D4eaZNL/u/6//L/r/1+L/P94x/Ly/yX5f/n/UZD/70/+fwD5f/l/+X/5f0aqavn/2PfPh5pk0v8DAABADmLf/5FQE/0/AAAA1Ebs+z8aaqL/BwAAgNqIff/xUJNM+n/5f/n/3PP/jaK44Pr/o83/b5L/70n+f23I//cn/z+A/P9a5uevH8mgr934l5D/l/9nqarl/2PffyLUJJP+///Yu48mu85qj8MbY0vdI/gIjBkxhJH5CEyZUcWYaJODZXIGk3MwOedgosk552iTczTRUNWUW2stqfsc7S2pj/rs/b7PM1lXuhZ9hBtz/1f1qxcAAAB6kLv/vnGL/Q8AAADNyN1/v7jF/gcAAIBm5O6/f9zSyf7X/+v/e+//h628/3/wr2+t//f+/3r6/+Ox0t9fvv6vO1cUfs7+/y53vfpe+n/9v/5/lPf/9f/6fw6bW/+fu/8BcUsn+x8AAAB6kLv/gXGL/Q8AAADNyN1/Vdxi/wMAAEAzcvdfHbd0sv/1//p//b/+/0D/f6P+X/+/bN7/H6f/n6D/1//r//X/bNTc+v/c/Q+KWzrZ/wAAANCD3P0PjlvsfwAAAGhG7v6HxC32PwAAADQjd/9D45ZO9r/+X/+v/19K/3/C+/+Hfj/6f/3/Ovr/cfr/Cfp//b/+X//PRs2t/8/d/7C4pZP9DwAAAD3I3f/wuMX+BwAAgGbk7n9E3GL/AwAAQDNy9z8ybulk/+v/9f/6/6X0/8f0/r/+X/+/cNcPZ/6ZoP9fpf+fMNH/D4P+f8x59/Prf3vL+fznoP/X/7Nqbv1/7v5HxS13H4YTF/ubBAAAAGYld/+j45ZO/vwfAAAAepC7/5q4xf4HAACAZuTuPxW3dLL/9f/6f/2//l//v/7r6/+Xyfv/447e/9/5jve5d7/9v/f/x3n/f9P9/23fGfp/lm1u/X/u/mvjlk72PwAAAPQgd/9j4hb7HwAAAJqRu/+xcYv9DwAAAM3I3f+4uKWT/a//b63/v/2BX3dW/79fu+j/9f/6f/1/6/T/47z/P2H/H3O79UP9v/7f+//6f45mbv1/7v7Hxy2d7H8AAADoQe7+J8Qt9j8AAAA0I3f/E+MW+x8AAACakbv/SXFLJ/tf/99a/3/w13n/X/+/7uvr//X/LdP/j9P/T2jl/f+L/K7Zdj9/VNv+/Pp//T+r5tb/5+5/ctzSyf4HAACAHuTuf0rcYv8DAABAM3L3PzVusf8BAACgGbn7nxa3dLL/9f/6/2X0//kV5tT/7+3tHfoe0v+ftvT+P+n/l0n/P07/P6GV/v8ibbufX/rn1//r/1k1t/4/d//T45ZO9j8AAAD0IHf/M+IW+x8AAACakbv/mXGL/Q8AAADNyN3/rLilk/2v/9f/L6P/9/6//t/7//r/86P/H6f/n6D/1//r//X/bNTc+v/c/dfFLZ3sfwAAAOhB7v5nxy32PwAAADQjd/9z4hb7HwAAAJqRu/+5cUsn+1//r//X/+v/9f/rv77+f5n0/+P0/xM67/+HU/p//b/+n82aUf9/1q/aGZ4Xt3Sy/wEAAKAHufufH7fY/wAAANCM3P0viFvsfwAAAGhG7v4Xxi2d7H/9/2z6//2cr63+f3cYBv3/0Gn/v3vW38/6vtT/6/+Pgf5/nP5/Quf9/7b7+aV/fv2//p/Dds75v9nW+/+5+190+PN1sv8BAACgB7n7Xxy32P8AAADQjNz9L4lb7H8AAABoRu7+l8Ytnex//f9s+v99bfX/3v8//P3RU//v/f9V+v/jof8fp/+foP/X/+v/9f9s1FU3nf6/Zw/bVv+fu/9lcdOJKy76twgAAADMTO7+l8ctnfz5PwAAAPQgd/8r4hb7HwAAABbqupWfyd3/yrilk/2v/99s/3/irJ/T/+v/D39/6P/1//r/S0//P07/P0H/r//X/+v/2ai59f+5+18Vt3Sy/wEAAKAHufuvj1vsfwAAAGhG7v5Xxy32PwAAADQjd/9r4pZO9r/+3/v/+n/9/1T/f+Y5VP2//n/+9P/j9P8T9P/6/5HPf/i/nw7bQP9/8sz/qP+nDRfQ/+/t7V1zyfv/3P2vjVs62f8AAADQg9z9r4tb7H8AAABoRu7+18ct9j8AAAA047bdvzsMwxv2f9Tf/tf/d9r/57f6svr/U8Og//f+v/5f/z9O/z9O/z9B/6//9/6//p+Nmtv7/7n73xi3dLL/AQAAoAe5+98Ut9j/AAAA0Izc/W+OW+x/AAAAaEbu/rfELZ3sf/1/p/2/9//1//r/4+7/bx30/8diEf3/7rm//tz7/2v1//r/Ed31//e424Ef6v/1/6yaW/+fu/+tcUsn+x8AAAB6kLv/bXGL/Q8AAADNyN3/9rjF/gcAAIBm5O5/R9x0eSf7X/+v/9f/6//1/+u//jG//39iGAb9/wYsov8fMff+fzPv/x/+T/kZ+n/9/5I/v/5f/8+qufX/ufvfGbd0sv8BAACgB7n73xW32P8AAADQjNz9745b7H8AAABoRu7+98Qtnex//b/+X/+v/2++/792Ef2/9/83RP8/bh79/7np//X/S/78+n/9P+dvW/1/7v73xi2d7H8AAADoQe7+98Ut9j8AAAA0I3f/++MW+x8AAACakbv/A3FLJ/tf/6//v5D+Pz+n/r+t/v/ksfT/p4bhvPv/nQP/ep28/6//3xD9/7jz6f/3v7f1//p//X+v/f91+n82aW7v/+fuvyFu6WT/AwAAQA9y938wbv2/bu1/AAAAaEbu/g/FLfY/AAAANCN3/4fjlk72v/5f/+/9f/1/8+//6/+7ov8f5/3/Cfp//b/+3/v/bNTc+v/c/R+JWzrZ/wAAANCD3P0fjVvsfwAAAGhG7v6PxS32PwAAADQjd/+NcUsn+1//r//X/+v/9f+n/x7q/9ug/x93PP3/rv5f/1/9/O3iPwX6f/3/1K+nTXPr/3P3fzxu6WT/AwAAQA9y938ibrH/AQAAoBm5+z8Zt9j/AAAAsEiXr/m53P2fils62f/6f/2//l//r/9f//X1/8u0lf4/vyn0/97/D/30/3c68KOlvf9/+L+/9P/6fzZvbv1/7v5Pxy2d7H8AAADoQe7+z8Qt9j8AAAA0I3f/Z+MW+x8AAACakbv/c3FLJ/tf/6//1//r//X/67++/n+ZvP8/Tv8/Qf+/1ffzl/759f/6f1bNrf/P3f/5uKWT/Q8AAAA9yN3/hbjF/gcAAIBm5O7/Ytxi/wMAAEAz9nd/xmUd7n/9v/5f/6//1/+v//r6/2XS/4/T/0/Q/+v/9f/6fzZqbv3/l/Z/1c7w5bilk/0PAAAAPcjd/5W4xf4HAACAZuTu/2rcYv8DAABAM3L3fy1u6WT/6//1/8vo//f29q7R/+v/D/5+zvT/N+v/Kfr/cfr/Cfp//b/+X//PRs2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy938rbulk/+v/Z9D/7+j/vf+v/x+8/7/a/192+h/K+v8Lo/8fp/+f0GL/v3P+v/1t9/NHdck+/47+X//PxZpb/5+7/9txSyf7HwAAAHqQu/87cYv9DwAAAM3I3f/duMX+BwAAgGbk7v9e3NLJ/tf/H1//f9u/d728/787rP/8+n/9v/7f+/+Xmv5/nP5/Qov9/wXQ/3v/X//Pps2t/8/d//245eDwu+LCfpcAAADAnOTu/0Hc0smf/wMAAEAPcvf/MG6x/wEAAKAZuft/FLd0sv/1/zN4/7/B/t/7/+u/P/T/s+7/L9P/t+EC+/sbDv+E/j/o//X/+n/9/5H6//xu1v/3bm79f+7+H8ctnex/AAAA6EHu/p/ELfY/AAAANCN3/01xi/0PAAAAzcjdf3Pcctb+X9d2t0L/r//X/+v/9f/rv77+f5m8/z/ufPv/k8PR+v/Uff+/s/Kvr/+/hLb9+fX/3v9n1dz6/9z9P41b/Pk/AAAALM4V5/j53P0/i1vsfwAAAGhG7v6fxy32PwAAADQjd/8v4pZbLtvWRzpW+n/9v/5f/6//X//19f/LpP8f5/3/Cd7/30Q/f6X+v43+fxj0/xzd3Pr/3P2/jFv8+T8AAAA0I3f/r+IW+x8AAACakbv/13GL/Q8AAADNyN3/m7ilk/2v/9f/H7H/308z9f+n6f9P0/+vp/8/Hvr/cfr/Cfp/7//r/73/z0bNrf/P3f/buKWT/Q8AAAA9yN3/u7jF/gcAAIBm5O7/fdxi/wMAAEAzcvf/IW7pZP9vrf+Pf6v1/4vv/73/r//X/+v/Z0X/P67R/n93GAb9/wZsu59f+ufX/+v/WTW3/j93/x/jlk72PwAAAPQgd/+f4hb7HwAAAJqRu//PcYv9DwAAAM3I3f+XuKWT/e/9f/2//l//r/9f//X1/8uk/x/XaP9/5Pf/62+U/l//r//X/7NRc+v/c/f/NW7pZP8DAABAD3L3/y1usf8BAACgGbn7b4lb7H8AAABoRu7+v8ctnex//b/+X/+v/9f/r//6+v9l0v+P22b/f887TH/ZbfX/Rf+fH0H/r//X/7MRc+v/c/f/I27pZP8DAABAD3L3/zNusf8BAACgGbn7/xW32P8AAADQjNz9/45bOtn/E/3/yfoL9f+j9P8HP7/+f/33h/5f/6//v/T0/+O8/z9B/+/9f/2//p+Nmlv/n7v/P3FLJ/sfAAAAepC7/9a4xf4HAACAZuTu/2/cYv8DAABAM3L3/y9u6WT/e/9/Sf3/lfp//b/+X/+v/5+g/x+n/5+g/9f/6//1/2zU3Pr/3P3/DwAA//+2vUye") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c1242, 0x15c) 1.688427443s ago: executing program 0 (id=5050): r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x1) ioctl$SIOCAX25DELUID(r0, 0x89e2, &(0x7f0000000080)={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0xee00}) 1.609680992s ago: executing program 0 (id=5051): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4) ioctl$SIOCAX25ADDUID(r0, 0x89e1, &(0x7f0000000080)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xee01}) 1.500613808s ago: executing program 3 (id=5052): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000340)={0x1, @pix={0x0, 0x0, 0x3631564e, 0x0, 0x0, 0x0, 0x7, 0xfeedcafe, 0x3, 0x2, 0x2}}) 1.414563688s ago: executing program 2 (id=5054): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x3c1, 0x3, 0x550, 0x3a0, 0x150, 0x150, 0x3a0, 0xf8010000, 0x480, 0x238, 0x238, 0x480, 0x238, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], 'team_slave_0\x00', 'hsr0\x00', {}, {}, 0x84}, 0x0, 0x338, 0x3a0, 0x0, {}, [@common=@inet=@sctp={{0x148}, {[], [], [], 0x2, [], 0x0, 0x4}}, @common=@inet=@sctp={{0x148}, {[], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv_slave_0\x00', 'veth1\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xfffc, 0x5, 0x4}, {0x2, 0x6, 0x5}, {0x4, 0x2, 0x6}, 0x1, 0x6}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b0) 1.299452333s ago: executing program 0 (id=5055): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x4, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) 1.192101882s ago: executing program 3 (id=5057): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="5c00000014006b0300000000006c1d0010047e0c8131a6080c000af32c6e020075f800250002000f00e5aa000017d34460bc24eab556a705251e6182949a36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 1.036390753s ago: executing program 1 (id=5058): r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000000)=0x1, 0x4) 1.019915397s ago: executing program 0 (id=5059): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@errors_continue}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@sysvgroups}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@auto_da_alloc}]}, 0x7f, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=") rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file1\x00') 984.831379ms ago: executing program 2 (id=5060): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000012140100000000000000000008004b00132200000800010000000000080003000000000008004f0000000000080015"], 0x38}}, 0x0) 983.957461ms ago: executing program 3 (id=5061): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7a) 879.246111ms ago: executing program 1 (id=5062): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=@newlink={0x60, 0x10, 0x40d, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2000, 0x5019}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x9}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x1}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x0) 771.635322ms ago: executing program 3 (id=5063): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x1, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}]}}]}}]}}, 0x0) syz_usb_ep_write(r0, 0x2, 0x0, 0x0) 732.194494ms ago: executing program 2 (id=5064): r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x8080000, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000000000000010000000c0000002b0000000000000718"], 0x30}, 0x0) 702.688874ms ago: executing program 1 (id=5065): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000240)=@raw={'raw\x00', 0x4001, 0x3, 0x258, 0x128, 0x700001b, 0x148, 0x128, 0x148, 0x128, 0x206, 0x240, 0x1c0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'tunl0\x00', 'sit0\x00'}, 0x1ea, 0xc0, 0x128, 0x0, {0x390, 0x8f00}, [@common=@inet=@socket1={{0x28}}, @common=@inet=@socket3={{0x28}, 0x6}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1f, 0x8000, 0x0, 0x2, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x128}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b8) 588.264875ms ago: executing program 1 (id=5066): r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000180)={'team0\x00', 0x44}) 491.344171ms ago: executing program 2 (id=5067): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000001c0)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10) 385.728287ms ago: executing program 0 (id=5068): syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01c241c1cc4e94b079f2ee92a3124dcac9"], 0x1, 0x22c, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiIKwjRjOiCeosgowMAj8vXUA4ZkBv5YBst53iCFU64KvV26H6TIK7RyEwOjegr/ojkbJjjN5AUbyxgZBTWHMVPpnhnzAZlZHCCDGBgYJv+JuPeARZJBBGzWmktBmVOuinL8EzvVsnyVWed9hhkd09IYGA1mcTAwMOgd0Z1pZ8DbzQQ1s7iyKjsxJye1qPgMA6r5kxn3MykygtSd+Xs1+AGjHUN3LAMjg9wGf7XF3/5IVW7cVB85vSqiZmp3082l6+MYtun/vWIi9X5iRtj/B4cEtSzy8j/Mk1H6vrlhzoeauicmjp2NynP5Wy//ffc+prY4QY3psXhXIRt/gptWzSdnJzfLx3PTq9u3FCsuyEpzmXhs6sW/CcfXMjBMvvDEVr/mzKF4xRhOKbfKuTF33eIFuZapn697w8BwMOozJwPIU0wMDDPDdu6B+osd5K/yBmhkMDAzMDCogBWxMKRl5qQaeDAwMjBDOYYsUFUw1UwMHGAJveT8nJR2BkZwEgBrW87AAjfD8DEDK5xjhMwxtmiAmsTQDqVVoLQHlF4OpR8zMLAxICUvWLJhAZvQD+VpNICUVSSWlBQZgpRDWHAxI7iYkQDcZiaorXOZUD13nIlhFIyCUTAKRsEoGAWjYBSMglEwCkYyAAQAAP//AsO0fw==") bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000004000000"], 0x0, 0x40, 0x0, 0x8, 0x0, 0x0, @void, @value}, 0x28) 375.718211ms ago: executing program 2 (id=5069): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2e}, @printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="0000000000000000000051229dc9", 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 290.861528ms ago: executing program 1 (id=5070): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0xfffff7e8}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x0) 95.483562ms ago: executing program 2 (id=5071): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)="e900a915d728f20a6fe20e93f24e4e14ed1e97d272563b455165937c375010167548c11ccc1f04456c58cd47fe5b972dcab1bf7cbbd0749990b333497270cbfb37adca22511c54a09eaf61c28f2a8b117046b422529b663c324a07550a232be9951964cca0312b1a3197bfa1da902ed094f11dcb1450d9fe6e6d", 0x7a}, 0x1, 0x0, 0x0, 0x408c0}, 0x20040814) 12.984411ms ago: executing program 4 (id=5072): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_int(r0, 0x1, 0x2, 0x0, &(0x7f00000001c0)) 0s ago: executing program 1 (id=5073): r0 = syz_open_dev$dri(&(0x7f0000001480), 0xb, 0x200) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x10}) kernel console output (not intermixed with test programs): T30] audit: type=1326 audit(1750081841.176:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14287 comm="syz.0.3484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5c58e929 code=0x7ffc0000 [ 567.478911][T14299] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1) [ 567.493153][ T5927] usb 4-1: new high-speed USB device number 100 using dummy_hcd [ 567.527406][ T5837] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 567.668328][ T5927] usb 4-1: Using ep0 maxpacket: 8 [ 567.689670][ T5927] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 567.712630][T14301] loop2: detected capacity change from 0 to 512 [ 567.751349][ T5927] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 567.793505][ T5927] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 567.818169][T14301] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 567.848022][ T5927] usb 4-1: Product: syz [ 567.856214][ T5927] usb 4-1: Manufacturer: syz [ 567.868009][ T5927] usb 4-1: SerialNumber: syz [ 567.924468][T14308] netlink: 164 bytes leftover after parsing attributes in process `syz.1.3490'. [ 567.970151][T14301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.057776][T14301] ext4 filesystem being mounted at /731/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 568.085803][ T5927] usb 4-1: Invalid connection information received from device [ 568.274190][T14281] loop4: detected capacity change from 0 to 32768 [ 568.290637][ T5927] usb 4-1: USB disconnect, device number 100 [ 568.331110][T14281] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3483 (14281) [ 568.420010][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.427367][T14281] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 568.482234][T14281] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm [ 568.541584][T14281] BTRFS info (device loop4): using free-space-tree [ 568.609804][T14322] netlink: 'syz.1.3497': attribute type 1 has an invalid length. [ 568.922656][ T5833] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 569.031137][T14346] loop3: detected capacity change from 0 to 64 [ 569.052939][T14347] __nla_validate_parse: 2 callbacks suppressed [ 569.052961][T14347] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3502'. [ 569.109585][T14347] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3502'. [ 569.138962][ T24] usb 3-1: new high-speed USB device number 88 using dummy_hcd [ 569.328668][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 569.378167][ T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 569.412289][ T24] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 569.457857][ T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 569.483275][ T24] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 569.533913][ T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 569.566304][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 569.597816][ T24] usb 3-1: SerialNumber: syz [ 569.667835][ T5965] usb 2-1: new high-speed USB device number 82 using dummy_hcd [ 569.679973][ T24] cdc_acm 3-1:1.0: Control and data interfaces are not separated! [ 569.704164][ T24] cdc_acm 3-1:1.0: probe with driver cdc_acm failed with error -12 [ 569.759775][T14366] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 569.848577][ T5965] usb 2-1: too many configurations: 89, using maximum allowed: 8 [ 569.875831][ T9] usb 3-1: USB disconnect, device number 88 [ 569.880231][ T5965] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 569.927655][ T5965] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 569.967515][ T5965] usb 2-1: Product: syz [ 569.978402][ T5965] usb 2-1: Manufacturer: syz [ 569.983429][ T5965] usb 2-1: SerialNumber: syz [ 570.028308][ T5965] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 570.079183][ T24] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 570.247848][ T5919] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 570.427932][ T5919] usb 5-1: Using ep0 maxpacket: 8 [ 570.443453][ T5919] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 570.476020][T14386] loop0: detected capacity change from 0 to 512 [ 570.482516][ T5919] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 570.482549][ T5919] usb 5-1: Product: syz [ 570.482616][ T5919] usb 5-1: Manufacturer: syz [ 570.555156][ T5919] usb 5-1: SerialNumber: syz [ 570.563322][ T10] usb 2-1: USB disconnect, device number 82 [ 570.598127][T14386] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 570.614375][ T5919] usb 5-1: config 0 descriptor?? [ 570.655673][T14386] ext4 filesystem being mounted at /647/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 570.817230][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 570.832796][ T5919] dvb_usb_rtl28xxu 5-1:0.0: chip type detection failed -71 [ 570.841627][ T5919] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 570.921861][ T5919] usb 5-1: USB disconnect, device number 89 [ 571.083862][T14403] netlink: 'syz.0.3526': attribute type 10 has an invalid length. [ 571.109839][T14403] veth1_vlan: entered allmulticast mode [ 571.156050][T14403] team0: Device veth1_vlan failed to register rx_handler [ 571.164931][ T24] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 571.165132][ T24] ath9k_htc: Failed to initialize the device [ 571.187804][ T10] usb 2-1: ath9k_htc: USB layer deinitialized [ 571.571694][T14416] loop4: detected capacity change from 0 to 64 [ 571.693973][T14399] loop2: detected capacity change from 0 to 32768 [ 571.908988][T14423] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 572.398701][T14435] loop1: detected capacity change from 0 to 256 [ 572.415422][T14435] exfat: Deprecated parameter 'utf8' [ 572.441408][T14435] exfat: Deprecated parameter 'utf8' [ 572.448799][T14437] netlink: 'syz.0.3543': attribute type 1 has an invalid length. [ 572.479805][T14439] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 572.496092][T14437] netlink: 'syz.0.3543': attribute type 2 has an invalid length. [ 572.522349][T14437] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3543'. [ 572.545942][T14435] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 574.331652][T14468] loop3: detected capacity change from 0 to 32768 [ 574.754053][T14518] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3581'. [ 574.901846][T14521] netlink: 'syz.2.3582': attribute type 3 has an invalid length. [ 575.107868][ T30] audit: type=1326 audit(1750081849.077:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.2.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 575.219772][ T30] audit: type=1326 audit(1750081849.107:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.2.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 575.334492][ T30] audit: type=1326 audit(1750081849.107:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.2.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 575.443128][ T30] audit: type=1326 audit(1750081849.107:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.2.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 575.571878][ T30] audit: type=1326 audit(1750081849.107:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.2.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 575.850196][T14555] loop4: detected capacity change from 0 to 256 [ 575.965860][T14555] FAT-fs (loop4): Directory bread(block 64) failed [ 575.986369][T14561] loop1: detected capacity change from 0 to 512 [ 576.025974][T14555] FAT-fs (loop4): Directory bread(block 65) failed [ 576.050299][T14555] FAT-fs (loop4): Directory bread(block 66) failed [ 576.056908][T14555] FAT-fs (loop4): Directory bread(block 67) failed [ 576.122413][T14555] FAT-fs (loop4): Directory bread(block 68) failed [ 576.168621][T14555] FAT-fs (loop4): Directory bread(block 69) failed [ 576.225362][T14561] EXT4-fs (loop1): 1 orphan inode deleted [ 576.227738][T14555] FAT-fs (loop4): Directory bread(block 70) failed [ 576.238945][T14555] FAT-fs (loop4): Directory bread(block 71) failed [ 576.245617][T14555] FAT-fs (loop4): Directory bread(block 72) failed [ 576.253047][T14555] FAT-fs (loop4): Directory bread(block 73) failed [ 576.259017][ T3466] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 576.275580][T14561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 576.299223][T14561] ext4 filesystem being mounted at /685/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 576.355348][ T3466] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1 [ 576.515132][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.363634][T14600] bridge1: entered promiscuous mode [ 577.372454][T14600] bridge1: entered allmulticast mode [ 578.650187][T14654] cifs: Unknown parameter '[bIT&:"1:ӭ'4,Zz-#F<]%gC [ 578.650187][T14654] SȘȞZ6' [ 578.714849][ T30] audit: type=1326 audit(1750081852.687:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14655 comm="syz.2.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 578.730729][ T30] audit: type=1326 audit(1750081852.687:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14655 comm="syz.2.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 578.878004][ T30] audit: type=1326 audit(1750081852.687:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14655 comm="syz.2.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 578.967638][ T30] audit: type=1326 audit(1750081852.687:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14655 comm="syz.2.3647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 579.126229][T14666] loop1: detected capacity change from 0 to 64 [ 579.324508][T14674] loop0: detected capacity change from 0 to 256 [ 579.985189][T14695] netlink: 'syz.2.3665': attribute type 5 has an invalid length. [ 580.235579][ T30] audit: type=1326 audit(1750081854.197:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14703 comm="syz.2.3671" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x0 [ 580.518768][T14717] loop0: detected capacity change from 0 to 128 [ 580.564614][T14717] befs: (loop0): invalid magic header [ 581.105374][T14741] loop2: detected capacity change from 0 to 8 [ 581.152609][T14739] loop4: detected capacity change from 0 to 4096 [ 581.156828][T14741] SQUASHFS error: Unable to read inode 0xa7 [ 581.233646][T14743] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 581.247839][ T5965] usb 2-1: new high-speed USB device number 83 using dummy_hcd [ 581.270603][T14744] netlink: 'syz.3.3688': attribute type 1 has an invalid length. [ 581.301254][T14739] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 581.312336][T14744] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3688'. [ 581.326970][T14739] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=12) [ 581.393074][T14739] Remounting filesystem read-only [ 581.406616][T14739] NILFS (loop4): error -5 truncating bmap (ino=12) [ 581.449474][ T5965] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 581.489175][ T5965] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 581.507366][ T5833] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 581.510116][ T5965] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 581.559154][ T5965] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 581.680090][ T10] usb 3-1: new high-speed USB device number 89 using dummy_hcd [ 581.719823][T14752] kernel read not supported for file /  (pid: 14752 comm: syz.4.3694) [ 581.737582][ T30] audit: type=1800 audit(1750081855.707:44): pid=14752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3694" name=200120 dev="mqueue" ino=34524 res=0 errno=0 [ 581.848144][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 581.865800][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 581.920962][ T10] usb 3-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f [ 581.935256][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 581.955658][ T10] usb 3-1: Product: syz [ 581.963651][ T10] usb 3-1: Manufacturer: syz [ 581.976417][ T10] usb 3-1: SerialNumber: syz [ 581.989500][ T10] usb 3-1: config 0 descriptor?? [ 582.006133][ T10] hub 3-1:0.0: bad descriptor, ignoring hub [ 582.025574][ T10] hub 3-1:0.0: probe with driver hub failed with error -5 [ 582.068281][ T10] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 582.111756][ T10] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 582.187586][ T5857] udevd[5857]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 582.328503][ T24] usb 3-1: USB disconnect, device number 89 [ 582.580502][ T5965] stv0680 2-1:4.0: STV(e): camera ping failed!! [ 582.783676][ T5965] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 582.828367][T14783] loop4: detected capacity change from 0 to 16 [ 582.836395][ T5965] stv0680 2-1:4.0: last error: 0, command = 0x0 [ 582.863291][ T5965] usb 2-1: USB disconnect, device number 83 [ 582.884444][T14783] erofs (device loop4): mounted with root inode @ nid 36. [ 582.958651][ T5852] erofs (device loop4): failed to decompress 6887 in[4096, 0] out[9000] [ 582.971162][T14783] erofs (device loop4): failed to decompress 6887 in[4096, 0] out[8192] [ 582.983360][T14783] erofs (device loop4): read error -117 @ 1 of nid 89 [ 583.004373][ T30] audit: type=1800 audit(1750081856.977:45): pid=14783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3709" name="file3" dev="loop4" ino=89 res=0 errno=0 [ 583.201336][T14791] syz.2.3712: attempt to access beyond end of device [ 583.201336][T14791] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 583.239352][T14791] vxfs: unable to read disk superblock at 1 [ 583.267783][T14791] syz.2.3712: attempt to access beyond end of device [ 583.267783][T14791] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0 [ 583.287387][T14791] vxfs: unable to read disk superblock at 8 [ 583.293484][T14791] vxfs: can't find superblock. [ 584.126301][ T5927] usb 2-1: new high-speed USB device number 84 using dummy_hcd [ 584.134097][ T10] usb 4-1: new high-speed USB device number 101 using dummy_hcd [ 584.308930][ T5927] usb 2-1: Using ep0 maxpacket: 32 [ 584.334141][ T10] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 584.354175][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 584.362924][ T5927] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 584.386983][ T5927] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 584.405103][T14837] loop0: detected capacity change from 0 to 64 [ 584.409909][ T10] usb 4-1: config 0 descriptor?? [ 584.426636][ T5927] usb 2-1: config 0 interface 0 altsetting 245 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 584.482876][ T5927] usb 2-1: config 0 interface 0 has no altsetting 1 [ 584.518605][ T5927] usb 2-1: New USB device found, idVendor=0582, idProduct=0016, bcdDevice=8e.57 [ 584.569092][ T5927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 584.594955][ T5927] usb 2-1: Product: syz [ 584.599779][ T5927] usb 2-1: Manufacturer: syz [ 584.604460][ T5927] usb 2-1: SerialNumber: syz [ 584.622183][ T5927] usb 2-1: config 0 descriptor?? [ 584.669048][ T10] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 584.886297][ T10] [drm:udl_init] *ERROR* Selecting channel failed [ 584.964713][ T10] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 584.998243][ T10] [drm] Initialized udl on minor 2 [ 585.028483][ T10] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 585.062586][ T5927] usb 2-1: USB disconnect, device number 84 [ 585.111566][ T10] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 585.140636][ T5922] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 585.152962][ T10] usb 4-1: USB disconnect, device number 101 [ 585.160355][ T5922] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 585.589750][T14869] netlink: 'syz.2.3751': attribute type 1 has an invalid length. [ 586.035224][T14886] netdevsim netdevsim1: Firmware load for './cgroup/../file0' refused, path contains '..' component [ 586.044506][T14887] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3760'. [ 586.075338][T14888] delete_channel: no stack [ 586.908585][T14921] loop3: detected capacity change from 0 to 16 [ 586.950263][T14921] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 587.249198][T14899] loop2: detected capacity change from 0 to 32768 [ 587.263591][T14899] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3767 (14899) [ 587.303570][T14899] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 587.331367][T14899] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm [ 587.446594][T14953] netlink: 'syz.3.3786': attribute type 10 has an invalid length. [ 587.468724][T14953] team0: Device veth1_macvtap failed to register rx_handler [ 587.514617][T14899] BTRFS info (device loop2): rebuilding free space tree [ 587.551703][T14899] BTRFS info (device loop2): disabling free space tree [ 587.575931][T14899] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 587.598771][T14899] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 587.633440][T14942] loop1: detected capacity change from 0 to 4096 [ 587.685965][ T5965] usb 5-1: new high-speed USB device number 90 using dummy_hcd [ 587.721076][T14942] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 587.732992][T14942] ntfs3(loop1): Failed to load $Extend (-22). [ 587.742876][T14958] netlink: 'syz.3.3787': attribute type 32 has an invalid length. [ 587.748687][T14942] ntfs3(loop1): Failed to initialize $Extend. [ 587.775505][T14942] ntfs3(loop1): ino=21, The size of extended attributes must not exceed 64KiB [ 587.887030][ T5965] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 587.910993][ T5965] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 587.916209][ T5845] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 587.948315][ T5965] usb 5-1: config 0 has no interface number 0 [ 587.998071][ T5965] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 588.052470][ T5965] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 588.160686][ T5965] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 588.195709][ T5965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 588.237663][ T5965] usb 5-1: Product: syz [ 588.242001][ T5965] usb 5-1: Manufacturer: syz [ 588.295016][ T5965] usb 5-1: SerialNumber: syz [ 588.333502][ T5965] usb 5-1: config 0 descriptor?? [ 588.503639][T14968] loop0: detected capacity change from 0 to 4096 [ 588.634211][T14972] loop3: detected capacity change from 0 to 512 [ 588.700465][T14972] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 588.738693][T14972] EXT4-fs (loop3): 1 truncate cleaned up [ 588.757436][T14975] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3796'. [ 588.817735][T14972] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 588.839475][ T5927] usb 5-1: USB disconnect, device number 90 [ 588.881623][T14982] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3798'. [ 588.909019][T14972] EXT4-fs error (device loop3): ext4_append:79: inode #2: comm syz.3.3795: Logical block already allocated [ 589.005188][T14972] EXT4-fs (loop3): Remounting filesystem read-only [ 589.160908][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.273009][T14988] geneve1: entered allmulticast mode [ 589.516947][T14996] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3805'. [ 589.562914][T15000] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3806'. [ 589.830336][T15011] netlink: 'syz.3.3813': attribute type 1 has an invalid length. [ 589.886598][T15011] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3813'. [ 589.946435][T15016] syz.1.3815 uses obsolete (PF_INET,SOCK_PACKET) [ 590.353478][T15026] batadv1: entered promiscuous mode [ 590.387545][T15026] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 590.538769][T15034] netlink: 'syz.1.3824': attribute type 1 has an invalid length. [ 590.578904][T15034] netlink: 228 bytes leftover after parsing attributes in process `syz.1.3824'. [ 590.694620][T15040] netlink: 'syz.4.3826': attribute type 3 has an invalid length. [ 590.895711][ T5919] usb 4-1: new high-speed USB device number 102 using dummy_hcd [ 590.984852][T15048] loop2: detected capacity change from 0 to 256 [ 591.002608][T15044] loop1: detected capacity change from 0 to 4096 [ 591.011933][T15044] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 591.077734][ T5919] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFD, changing to 0x8D [ 591.091154][T15048] exfat: Deprecated parameter 'namecase' [ 591.120835][ T5919] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 591.168102][ T5919] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 59391, setting to 1024 [ 591.178218][T15048] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 591.192894][ T5919] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 591.254438][ T5919] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 591.314501][ T5919] usb 4-1: config 0 descriptor?? [ 591.339257][T15036] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 591.350486][ T5919] gspca_main: spca561-2.14.0 probing abcd:cdee [ 591.505794][T15028] loop0: detected capacity change from 0 to 32768 [ 591.585505][ T5919] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 591.608376][T15028] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 591.647098][T15061] autofs: Bad value for 'fd' [ 591.651174][ T5919] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 591.675625][ T5919] usb 4-1: MIDIStreaming interface descriptor not found [ 591.873973][T15068] xt_ecn: cannot match TCP bits for non-tcp packets [ 591.948743][ T5919] usb 4-1: USB disconnect, device number 102 [ 592.064499][T15028] XFS (loop0): Ending clean mount [ 592.083645][T15072] loop1: detected capacity change from 0 to 2048 [ 592.116607][T15028] XFS (loop0): Quotacheck needed: Please wait. [ 592.140232][T15072] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 592.281701][T15028] XFS (loop0): Quotacheck: Done. [ 592.494657][T15080] loop2: detected capacity change from 0 to 16 [ 592.519367][ T5834] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 592.546030][T15080] erofs (device loop2): mounted with root inode @ nid 36. [ 593.493156][T15105] loop0: detected capacity change from 0 to 1764 [ 594.004070][T15120] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3862'. [ 594.028157][T15120] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3862'. [ 594.084008][T15124] loop2: detected capacity change from 0 to 512 [ 594.108618][T15125] loop0: detected capacity change from 0 to 128 [ 594.151458][T15124] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 594.163721][T15128] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3866'. [ 594.225325][T15125] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 594.259961][T15099] loop1: detected capacity change from 0 to 32768 [ 594.342582][T15125] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 594.473878][T15099] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc [ 594.473912][T15099] allowing incompatible features above 0.0: (unknown version) [ 594.473927][T15099] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 594.479538][ T5845] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 594.498579][T15099] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0 [ 594.532002][T15138] loop3: detected capacity change from 0 to 64 [ 594.539360][T15099] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 594.555294][T15099] bcachefs (loop1): Version upgrade required: [ 594.555294][T15099] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 594.555294][T15099] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 594.555294][T15099] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 594.618613][T15138] syz.3.3870: attempt to access beyond end of device [ 594.618613][T15138] loop3: rw=0, sector=128, nr_sectors = 2 limit=64 [ 594.639932][T15099] bcachefs (loop1): dropping and reconstructing all alloc info [ 594.731067][T15099] bcachefs (loop1): accounting_read... [ 594.733436][T15138] Trying to free block not in datazone [ 594.758163][T15099] done [ 594.761017][T15099] bcachefs (loop1): alloc_read... done [ 594.780158][T15099] bcachefs (loop1): snapshots_read... done [ 594.792966][T15099] bcachefs (loop1): done starting filesystem [ 594.803066][T15138] Trying to free block not in datazone [ 594.854717][T15138] Trying to free block not in datazone [ 594.888661][T15138] Trying to free block not in datazone [ 594.931810][T15138] Trying to free block not in datazone [ 594.959466][T15138] Trying to free block not in datazone [ 594.981099][T15099] process 'syz.1.3853' launched './file2' with NULL argv: empty string added [ 595.009842][T15138] minix_free_block (loop3:6): bit already cleared [ 595.120322][T15149] loop0: detected capacity change from 0 to 64 [ 595.144373][T15148] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3876'. [ 595.210270][ T5837] bcachefs (loop1): shutting down [ 595.407799][ T5837] bcachefs (loop1): shutdown complete [ 595.620853][T15161] loop4: detected capacity change from 0 to 8 [ 595.628688][T15161] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 595.700657][T11735] udevd[11735]: incorrect cramfs checksum on /dev/loop4 [ 595.805559][T11735] udevd[11735]: incorrect cramfs checksum on /dev/loop4 [ 595.949380][T15169] loop4: detected capacity change from 0 to 256 [ 595.966258][T15171] loop2: detected capacity change from 0 to 512 [ 595.998938][T15169] exfat: Deprecated parameter 'namecase' [ 596.021406][T15171] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 596.031280][T15169] exfat: Deprecated parameter 'namecase' [ 596.102744][T15169] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 596.316044][T15177] loop3: detected capacity change from 0 to 8 [ 596.323235][T15177] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 596.403131][T15177] cramfs: Error -3 while decompressing! [ 596.422793][T15177] cramfs: ffffffff99bcbba8(18)->ffff8880110b3000(4096) [ 596.469234][T15183] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3894'. [ 596.477586][T15177] cramfs: Error -3 while decompressing! [ 596.554979][T15177] cramfs: ffffffff99bcbba8(18)->ffff8880110b3000(4096) [ 596.571639][ T30] audit: type=1800 audit(1750081870.549:46): pid=15177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3892" name="file1" dev="loop3" ino=324 res=0 errno=0 [ 597.167632][T15196] loop0: detected capacity change from 0 to 4096 [ 597.204856][T15196] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 597.225201][ T30] audit: type=1326 audit(1750081871.199:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15204 comm="syz.2.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 597.295670][ T30] audit: type=1326 audit(1750081871.199:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15204 comm="syz.2.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 597.413316][ T30] audit: type=1326 audit(1750081871.239:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15204 comm="syz.2.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 597.454034][ T30] audit: type=1326 audit(1750081871.239:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15204 comm="syz.2.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 597.495536][ T30] audit: type=1326 audit(1750081871.239:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15204 comm="syz.2.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 597.639416][T15213] netlink: 136 bytes leftover after parsing attributes in process `syz.2.3911'. [ 597.691067][T15213] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 598.064778][ T978] usb 5-1: new full-speed USB device number 91 using dummy_hcd [ 598.249584][T15228] loop2: detected capacity change from 0 to 1024 [ 598.264277][ T978] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 598.278235][ T978] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 598.290796][T15230] netlink: 'syz.1.3915': attribute type 3 has an invalid length. [ 598.311247][T15228] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 598.329413][ T978] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6 [ 598.374268][T15228] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 598.407772][T15207] loop3: detected capacity change from 0 to 32768 [ 598.415723][T15207] btrfs: Deprecated parameter 'usebackuproot' [ 598.422006][T15207] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 598.434927][ T978] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 30062, setting to 64 [ 598.440753][T15228] EXT4-fs (loop2): orphan cleanup on readonly fs [ 598.453425][T15207] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3905 (15207) [ 598.477524][T15228] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.3914: Invalid inode table block 0 in block_group 0 [ 598.514644][T15207] BTRFS info (device loop3): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928 [ 598.539163][ T978] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 598.549336][T15228] EXT4-fs (loop2): Remounting filesystem read-only [ 598.579614][T15228] Quota error (device loop2): write_blk: dquota write failed [ 598.584591][ T978] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 598.588555][T15207] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm [ 598.635789][T15228] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 598.639023][T15216] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 598.662653][T15207] BTRFS info (device loop3): using free-space-tree [ 598.677060][ T978] hub 5-1:1.0: bad descriptor, ignoring hub [ 598.685236][ T978] hub 5-1:1.0: probe with driver hub failed with error -5 [ 598.693280][ T978] cdc_wdm 5-1:1.0: skipping garbage [ 598.714062][ T978] cdc_wdm 5-1:1.0: skipping garbage [ 598.720466][ T978] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 598.730297][T15228] EXT4-fs (loop2): 1 truncate cleaned up [ 598.757276][T15228] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 598.888498][T15253] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3919'. [ 598.937716][T15207] BTRFS info (device loop3): rebuilding free space tree [ 598.966832][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 599.024948][ T978] usb 5-1: USB disconnect, device number 91 [ 599.032234][T15207] BTRFS info (device loop3): checking UUID tree [ 599.133122][T15207] BTRFS info (device loop3): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928 [ 599.532175][T15268] loop2: detected capacity change from 0 to 256 [ 599.563723][T15268] exfat: Deprecated parameter 'utf8' [ 599.644743][T15268] exfat: Deprecated parameter 'namecase' [ 599.704702][T15268] exfat: Deprecated parameter 'utf8' [ 599.820943][T15268] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d) [ 600.186423][T15287] netlink: 'syz.3.3934': attribute type 1 has an invalid length. [ 600.256978][T15287] netlink: 228 bytes leftover after parsing attributes in process `syz.3.3934'. [ 600.804551][T15309] netlink: 'syz.1.3944': attribute type 1 has an invalid length. [ 600.857962][T15313] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3943'. [ 601.181385][T15321] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 601.252835][T15326] loop2: detected capacity change from 0 to 512 [ 601.417370][T15326] EXT4-fs (loop2): 1 orphan inode deleted [ 601.435733][ T59] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 601.497728][T15326] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 601.514273][ T59] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1 [ 601.604293][T15326] ext4 filesystem being mounted at /823/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 601.947980][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.032168][T15353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3959'. [ 602.413729][T15364] loop3: detected capacity change from 0 to 256 [ 602.437886][T15367] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3965'. [ 602.477840][T15364] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 602.546587][T15364] FAT-fs (loop3): error, clusters badly computed (0 != 128) [ 602.572217][T15364] FAT-fs (loop3): Filesystem has been set read-only [ 602.599881][T15364] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 602.819269][T15343] loop0: detected capacity change from 0 to 32768 [ 602.871683][T15343] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3954 (15343) [ 602.942587][T15379] loop3: detected capacity change from 0 to 512 [ 602.963167][T15343] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 603.030642][T15343] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 603.055410][T15379] EXT4-fs (loop3): 1 orphan inode deleted [ 603.076293][T15379] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 603.089292][ T59] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 603.105875][T15343] BTRFS info (device loop0): disk space caching is enabled [ 603.119716][T15343] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 603.157186][ T59] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1 [ 603.196216][T15379] ext4 filesystem being mounted at /804/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 603.314282][T15343] BTRFS info (device loop0): rebuilding free space tree [ 603.337656][T15404] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3975'. [ 603.410520][T15343] BTRFS info (device loop0): disabling free space tree [ 603.440455][T15343] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 603.478105][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 603.498120][T15343] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 603.744496][T15343] BTRFS info (device loop0): balance: start -sprofiles=NONE,usage=1..511 [ 603.782010][T15343] BTRFS info (device loop0): balance: ended with status: 0 [ 603.943774][ T5834] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 604.274141][T15431] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3987'. [ 604.356253][T15432] loop4: detected capacity change from 0 to 1024 [ 604.398477][T15435] netlink: 'syz.0.3985': attribute type 2 has an invalid length. [ 604.420265][T15435] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3985'. [ 604.865254][T15448] netlink: 'syz.3.3995': attribute type 1 has an invalid length. [ 605.282401][T15458] loop0: detected capacity change from 0 to 256 [ 605.407948][T15458] FAT-fs (loop0): Directory bread(block 64) failed [ 605.446198][T15458] FAT-fs (loop0): Directory bread(block 65) failed [ 605.482415][T15458] FAT-fs (loop0): Directory bread(block 66) failed [ 605.512922][T15458] FAT-fs (loop0): Directory bread(block 67) failed [ 605.548445][T15458] FAT-fs (loop0): Directory bread(block 68) failed [ 605.572438][T15458] FAT-fs (loop0): Directory bread(block 69) failed [ 605.614710][T15458] FAT-fs (loop0): Directory bread(block 70) failed [ 605.646484][T15458] FAT-fs (loop0): Directory bread(block 71) failed [ 605.653198][T15458] FAT-fs (loop0): Directory bread(block 72) failed [ 605.692323][T15458] FAT-fs (loop0): Directory bread(block 73) failed [ 606.018551][T15437] loop2: detected capacity change from 0 to 32768 [ 606.216429][T15484] futex_wake_op: syz.4.4013 tries to shift op by 36; fix this program [ 606.260607][T15437] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io [ 606.260638][T15437] allowing incompatible features above 0.0: (unknown version) [ 606.260653][T15437] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 606.443873][T15437] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 606.486174][T15489] xt_hashlimit: size too large, truncated to 1048576 [ 606.489145][T15437] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 606.565250][T15491] syz.1.4016: attempt to access beyond end of device [ 606.565250][T15491] nbd1: rw=0, sector=0, nr_sectors = 2 limit=0 [ 606.576982][T15437] bcachefs (loop2): Version upgrade required: [ 606.576982][T15437] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 606.576982][T15437] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 606.576982][T15437] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 606.615545][T15491] befs: (nbd1): unable to read superblock [ 606.731359][T15437] bcachefs (loop2): dropping and reconstructing all alloc info [ 606.850538][T15437] bcachefs (loop2): accounting_read... done [ 606.953832][T15437] bcachefs (loop2): alloc_read... done [ 606.981646][T15437] bcachefs (loop2): snapshots_read... done [ 606.992309][T15437] bcachefs (loop2): check_allocations... [ 607.063229][T15507] loop3: detected capacity change from 0 to 8 [ 607.084061][T15506] nftables ruleset with unbound set [ 607.084296][T15437] done [ 607.145683][T15507] cramfs: empty filesystem [ 607.152919][T15437] bcachefs (loop2): going read-write [ 607.210810][ T5857] udevd[5857]: incorrect cramfs checksum on /dev/loop3 [ 607.245510][T15514] loop0: detected capacity change from 0 to 8 [ 607.291513][T15437] bcachefs (loop2): insufficient writeable journal devices available: have 0, need 1 [ 607.291513][T15437] rw journal devs: [ 607.384890][T15437] bcachefs (loop2): done starting filesystem [ 607.410698][ T5857] udevd[5857]: incorrect cramfs checksum on /dev/loop3 [ 607.737747][ T5845] bcachefs (loop2): shutting down [ 607.749351][ T5845] bcachefs (loop2): going read-only [ 607.773704][ T5845] bcachefs (loop2): finished waiting for writes to stop [ 607.874142][ T5845] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 607.883240][ T5845] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 607.943917][ T5845] bcachefs (loop2): unclean shutdown complete, journal seq 10 [ 607.957605][ T5845] bcachefs (loop2): done going read-only, filesystem not clean [ 608.041610][ T5845] bcachefs (loop2): shutdown complete [ 608.097060][T15536] loop0: detected capacity change from 0 to 4096 [ 608.139486][T15536] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 608.214348][T15536] ntfs3(loop0): ino=19, mi_enum_attr [ 608.219944][T15536] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 608.311789][T15536] ntfs3(loop0): failed to convert "c46c" to iso8859-13 [ 608.353113][T15536] ntfs3(loop0): ino=20, mi_enum_attr [ 608.420656][T15544] loop1: detected capacity change from 0 to 256 [ 608.500972][T15544] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d) [ 608.574448][T15544] exFAT-fs (loop1): error, data size is invalid(150994954) [ 608.583658][T15544] exFAT-fs (loop1): Filesystem has been set read-only [ 608.706318][T15528] loop4: detected capacity change from 0 to 32768 [ 608.745765][T15528] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4031 (15528) [ 608.833487][T15528] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 608.883957][T15528] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 608.955054][T15528] BTRFS info (device loop4): disk space caching is enabled [ 608.962875][T15528] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 609.099920][T15539] loop3: detected capacity change from 0 to 32768 [ 609.166601][T15539] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 609.226635][T15528] BTRFS info (device loop4): rebuilding free space tree [ 609.300466][T15539] (syz.3.4036,15539,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=65, rec_len=16, name_len=1 [ 609.357700][T15539] (syz.3.4036,15539,0):ocfs2_prepare_dir_for_insert:4294 ERROR: status = -2 [ 609.384023][T15528] BTRFS info (device loop4): disabling free space tree [ 609.391098][T15528] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 609.398855][T15539] (syz.3.4036,15539,0):ocfs2_mknod:298 ERROR: status = -2 [ 609.419529][T15539] (syz.3.4036,15539,0):ocfs2_mknod:502 ERROR: status = -2 [ 609.464544][T15528] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 609.475216][T15539] (syz.3.4036,15539,0):ocfs2_create:675 ERROR: status = -2 [ 609.694519][ T5841] ocfs2: Unmounting device (7,3) on (node local) [ 609.745121][ T5833] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 609.943971][ T5965] usb 1-1: new high-speed USB device number 88 using dummy_hcd [ 610.025763][T15580] xt_TCPMSS: Only works on TCP SYN packets [ 610.164007][ T5965] usb 1-1: config 0 has an invalid interface number: 69 but max is 0 [ 610.173694][ T5965] usb 1-1: config 0 has no interface number 0 [ 610.180149][ T5965] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 610.250219][ T5965] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 610.307608][ T5965] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 610.333384][ T5965] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.342413][ T5965] usb 1-1: Product: syz [ 610.370595][ T5965] usb 1-1: Manufacturer: syz [ 610.396074][ T5965] usb 1-1: SerialNumber: syz [ 610.540023][T15593] No such timeout policy "syz0" [ 610.545628][ T5965] usb 1-1: config 0 descriptor?? [ 610.551597][T15577] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 610.591297][ T5965] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 610.625351][ T5965] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 610.808996][ C1] cyberjack ttyUSB0: cyberjack_read_int_callback - failed resubmitting read urb, error -22 [ 611.019647][ T978] usb 1-1: USB disconnect, device number 88 [ 611.055334][ T978] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 611.142658][ T978] cyberjack 1-1:0.69: device disconnected [ 611.333287][ T5965] usb 2-1: new full-speed USB device number 85 using dummy_hcd [ 611.506011][ T5965] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 611.532067][ T5965] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.596644][ T5965] usb 2-1: config 0 descriptor?? [ 611.659315][ T5965] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 612.031010][T15619] loop3: detected capacity change from 0 to 4096 [ 612.074031][ T5965] gp8psk: usb in 137 operation failed. [ 612.083210][ T5965] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 612.134173][ T5965] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 612.201893][ T5965] usb 2-1: USB disconnect, device number 85 [ 612.311809][T15619] ntfs3(loop3): ino=21, The size of extended attributes must not exceed 64KiB [ 612.416601][T15629] loop2: detected capacity change from 0 to 256 [ 612.519077][T15629] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 612.731214][T15611] loop4: detected capacity change from 0 to 32768 [ 612.791221][T15611] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4062 (15611) [ 612.886259][T15611] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 612.973353][T15611] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm [ 613.023019][T15611] BTRFS info (device loop4): disk space caching is enabled [ 613.030394][T15611] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 613.062691][T15645] netlink: 'syz.2.4078': attribute type 1 has an invalid length. [ 613.318630][T15611] BTRFS info (device loop4): rebuilding free space tree [ 613.463215][T15611] BTRFS info (device loop4): disabling free space tree [ 613.471186][T15611] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 613.559870][T15611] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 613.925462][T15679] loop1: detected capacity change from 0 to 4096 [ 614.013012][ T5965] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 614.105653][ T5833] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 614.216871][ T5965] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 614.230072][ T5965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 614.280553][ T5965] usb 3-1: config 0 descriptor?? [ 614.393446][T15692] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4095'. [ 614.403795][T15692] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4095'. [ 614.498279][ T5851] Bluetooth: hci0: unexpected event for opcode 0x0411 [ 614.583637][ T5965] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 614.785194][ T5965] [drm:udl_init] *ERROR* Selecting channel failed [ 614.919697][ T5965] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 614.947341][ T5965] [drm] Initialized udl on minor 2 [ 614.989183][ T5965] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 615.029653][T15698] loop3: detected capacity change from 0 to 4096 [ 615.043695][ T5965] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 615.054989][ T24] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 615.094000][ T5965] usb 3-1: USB disconnect, device number 90 [ 615.109469][ T24] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 615.150164][T15698] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 615.178330][ T24] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 615.399484][T15698] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 615.649104][T15690] loop0: detected capacity change from 0 to 32768 [ 615.989418][T15690] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow [ 615.989449][T15690] allowing incompatible features above 0.0: (unknown version) [ 615.989463][T15690] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 616.190639][T15713] loop2: detected capacity change from 0 to 4096 [ 616.270593][T15690] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0 [ 616.294602][T15717] loop1: detected capacity change from 0 to 256 [ 616.301875][T15719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4107'. [ 616.322248][T15690] bcachefs (loop0): initializing new filesystem [ 616.355963][T15713] ntfs3(loop2): ino=1a, mi_enum_attr [ 616.362063][T15713] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 616.374488][T15719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4107'. [ 616.410264][T15690] bcachefs (loop0): going read-write [ 616.412809][T15719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4107'. [ 616.427753][T15717] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 616.783573][T15690] bcachefs (loop0): marking superblocks [ 616.875745][T15690] bcachefs (loop0): initializing freespace [ 616.934543][T15690] bcachefs (loop0): done initializing freespace [ 616.992738][T15690] bcachefs (loop0): reading snapshots table [ 616.999067][T15690] bcachefs (loop0): reading snapshots done [ 617.032769][ T978] usb 4-1: new high-speed USB device number 103 using dummy_hcd [ 617.116933][T15690] bcachefs (loop0): loop0: Superblock write was silently dropped! (seq 0 expected 42) [ 617.200979][T15690] bcachefs (loop0): done starting filesystem [ 617.205839][ T978] usb 4-1: Using ep0 maxpacket: 8 [ 617.219046][ T978] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 617.242866][ T978] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 617.262077][ T978] usb 4-1: Product: syz [ 617.281702][ T978] usb 4-1: Manufacturer: syz [ 617.302557][ T978] usb 4-1: SerialNumber: syz [ 617.341866][ T978] usb 4-1: config 0 descriptor?? [ 617.367570][ T978] gspca_main: se401-2.14.0 probing 047d:5003 [ 617.452866][ T5834] bcachefs (loop0): shutting down [ 617.459198][ T5834] bcachefs (loop0): going read-only [ 617.483166][ T5834] bcachefs (loop0): finished waiting for writes to stop [ 617.493452][ T5834] bcachefs (loop0): flushing journal and stopping allocators, journal seq 4 [ 617.672947][ T5834] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 4 [ 617.707054][ T5834] bcachefs (loop0): clean shutdown complete, journal seq 5 [ 617.723517][ T5834] bcachefs (loop0): marking filesystem clean [ 617.801783][ T978] gspca_se401: write req failed req 0x57 val 0x00 error -71 [ 617.811168][ T978] se401 4-1:0.0: probe with driver se401 failed with error -71 [ 617.883943][ T978] usb 4-1: USB disconnect, device number 103 [ 617.884836][ T5834] bcachefs (loop0): shutdown complete [ 617.943357][T15762] loop4: detected capacity change from 0 to 256 [ 618.014447][T15740] loop2: detected capacity change from 0 to 32768 [ 618.393439][T15769] netlink: 'syz.1.4128': attribute type 1 has an invalid length. [ 618.548345][T15773] loop3: detected capacity change from 0 to 64 [ 618.607618][T15776] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4130'. [ 618.658036][T15773] Trying to free block not in datazone [ 619.624693][T15774] loop4: detected capacity change from 0 to 32768 [ 619.739743][T15774] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 619.818210][T15787] loop2: detected capacity change from 0 to 32768 [ 619.947924][T15774] XFS (loop4): Ending clean mount [ 619.976075][T15787] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 620.120939][ T5833] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 620.123131][T15788] loop1: detected capacity change from 0 to 32768 [ 620.281577][T15788] ERROR: (device loop1): dbAllocNext: Corrupt dmap page [ 620.281577][T15788] [ 620.290190][T15787] XFS (loop2): Ending clean mount [ 620.664860][ T5845] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 620.820674][T15819] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4147'. [ 621.336351][T15828] netlink: 'syz.4.4151': attribute type 3 has an invalid length. [ 621.350181][T15826] loop0: detected capacity change from 0 to 1024 [ 621.382857][T15828] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.4151'. [ 621.406904][T15826] hfsplus: invalid extent max_key_len 0 [ 621.424808][T15826] hfsplus: failed to load extents file [ 621.732073][ T10] usb 1-1: new high-speed USB device number 89 using dummy_hcd [ 621.922221][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 621.954267][ T10] usb 1-1: config 8 has an invalid interface number: 223 but max is 0 [ 621.986956][ T10] usb 1-1: config 8 contains an unexpected descriptor of type 0x1, skipping [ 622.012448][ T10] usb 1-1: config 8 has an invalid descriptor of length 156, skipping remainder of the config [ 622.048686][ T10] usb 1-1: config 8 has no interface number 0 [ 622.066998][ T10] usb 1-1: config 8 interface 223 altsetting 2 bulk endpoint 0xC has invalid maxpacket 32 [ 622.129915][ T10] usb 1-1: config 8 interface 223 altsetting 2 endpoint 0x7 has invalid maxpacket 15872, setting to 64 [ 622.187457][ T10] usb 1-1: config 8 interface 223 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 622.232724][T15848] 8021q: adding VLAN 0 to HW filter on device bond1 [ 622.262057][ T10] usb 1-1: config 8 interface 223 has no altsetting 0 [ 622.285410][ T10] usb 1-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 622.303222][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 622.311727][ T10] usb 1-1: Product: syz [ 622.327297][ T10] usb 1-1: Manufacturer: syz [ 622.381759][ T10] usb 1-1: SerialNumber: syz [ 622.408899][T15826] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 622.671036][ T10] usb 1-1: USB disconnect, device number 89 [ 622.747271][T15840] loop3: detected capacity change from 0 to 32768 [ 622.819994][T15840] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4154 (15840) [ 622.868619][T15840] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 622.890812][T15840] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 622.949068][T15840] BTRFS info (device loop3): using free-space-tree [ 623.117266][T15886] loop2: detected capacity change from 0 to 256 [ 623.151691][T15886] exfat: Deprecated parameter 'utf8' [ 623.189908][T15886] exfat: Deprecated parameter 'namecase' [ 623.206255][T15886] exfat: Deprecated parameter 'utf8' [ 623.308196][T15886] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 623.446088][ T5841] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 623.728127][T15901] tmpfs: Bad value for 'mpol' [ 624.084053][T15906] loop0: detected capacity change from 0 to 1024 [ 624.104450][T15909] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4180'. [ 624.135277][T15910] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 624.433829][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.441394][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.525205][T15917] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4184'. [ 624.804860][T15889] loop1: detected capacity change from 0 to 32768 [ 624.928825][T15889] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 625.114181][T15889] XFS (loop1): Ending clean mount [ 625.199134][T15889] XFS (loop1): Quotacheck needed: Please wait. [ 625.261711][T15945] netlink: 124 bytes leftover after parsing attributes in process `syz.2.4193'. [ 625.420661][T15889] XFS (loop1): Quotacheck: Done. [ 625.655059][ T5837] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 625.797081][T15957] !: renamed from dummy0 (while UP) [ 625.920662][T15963] netlink: 'syz.3.4202': attribute type 1 has an invalid length. [ 626.292581][T15971] loop3: detected capacity change from 0 to 1024 [ 626.614359][T15983] loop0: detected capacity change from 0 to 64 [ 626.676172][T15981] loop2: detected capacity change from 0 to 4096 [ 626.758902][T15981] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 626.786535][T15981] UDF-fs: Scanning with blocksize 512 failed [ 626.862887][T15981] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 627.002130][T15981] UDF-fs: error (device loop2): udf_fiiter_advance_blk: extent after position 0 not allocated in directory (ino 1328) [ 627.771574][T16019] netlink: 400 bytes leftover after parsing attributes in process `syz.4.4231'. [ 627.884053][T16023] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4233'. [ 628.024358][T16027] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4235'. [ 628.085349][T16027] netlink: 'syz.4.4235': attribute type 2 has an invalid length. [ 628.983679][T16011] loop1: detected capacity change from 0 to 40427 [ 629.031244][T16011] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 629.069372][T16011] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 629.119961][T16060] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4251'. [ 629.139584][T16011] F2FS-fs (loop1): invalid crc_offset: 33558524 [ 629.153278][T16063] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4253'. [ 629.456108][T16073] netlink: 'syz.0.4256': attribute type 10 has an invalid length. [ 629.539018][T16073] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4256'. [ 629.552951][T16073] batman_adv: batadv0: Adding interface: wlan0 [ 629.561490][T16011] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 629.568598][T16011] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 629.581960][T16073] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 629.617614][T16073] batman_adv: batadv0: Interface activated: wlan0 [ 629.635610][T16078] loop2: detected capacity change from 0 to 64 [ 629.797567][ T30] audit: type=1800 audit(1750081903.783:52): pid=16011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4227" name="file2" dev="loop1" ino=10 res=0 errno=0 [ 630.265120][T16095] overlay: Bad value for 'upperdir' [ 630.266285][T16096] loop0: detected capacity change from 0 to 128 [ 630.289482][T16098] loop2: detected capacity change from 0 to 256 [ 630.358998][T16096] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 630.369732][T16096] FAT-fs (loop0): Filesystem has been set read-only [ 630.643364][T16101] loop0: detected capacity change from 0 to 2048 [ 630.667385][T16106] delete_channel: no stack [ 630.733234][T16101] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 630.746534][T16108] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 630.818951][T16101] Remounting filesystem read-only [ 630.887698][T16101] NILFS (loop0): the device already has a read-only mount. [ 630.964438][T16111] _Z`Ԁ@: entered promiscuous mode [ 631.229416][T16116] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 631.434719][T16125] netlink: 666 bytes leftover after parsing attributes in process `syz.1.4266'. [ 631.717280][T16132] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4284'. [ 631.740909][ T30] audit: type=1326 audit(1750081905.723:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16133 comm="syz.4.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 631.768403][ C1] vkms_vblank_simulate: vblank timer overrun [ 631.795813][T16136] loop2: detected capacity change from 0 to 1024 [ 631.823385][T16136] EXT4-fs: Ignoring removed nomblk_io_submit option [ 631.862070][ T30] audit: type=1326 audit(1750081905.763:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16133 comm="syz.4.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 631.897950][T16136] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 631.972327][ T30] audit: type=1326 audit(1750081905.763:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16133 comm="syz.4.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 631.995225][ C1] vkms_vblank_simulate: vblank timer overrun [ 632.027214][T16136] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 632.041671][ T30] audit: type=1326 audit(1750081905.763:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16133 comm="syz.4.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 632.041733][ T30] audit: type=1326 audit(1750081905.763:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16133 comm="syz.4.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 632.361364][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.413945][T16151] nft_compat: unsupported protocol 1 [ 632.660276][T16157] xt_connbytes: Forcing CT accounting to be enabled [ 632.761493][T16163] loop0: detected capacity change from 0 to 1024 [ 633.247784][ T978] usb 2-1: new high-speed USB device number 86 using dummy_hcd [ 633.422416][T16180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4306'. [ 633.464464][ T978] usb 2-1: Using ep0 maxpacket: 32 [ 633.479972][ T978] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 633.528355][ T978] usb 2-1: config 0 has no interface number 0 [ 633.551461][ T978] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 633.565939][ T978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 633.577873][ T978] usb 2-1: Product: syz [ 633.598489][ T978] usb 2-1: Manufacturer: syz [ 633.642592][ T978] usb 2-1: SerialNumber: syz [ 633.680080][ T978] usb 2-1: config 0 descriptor?? [ 633.686251][T16187] netlink: 'syz.4.4310': attribute type 1 has an invalid length. [ 633.716625][ T978] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 633.760448][ T978] usb 2-1: selecting invalid altsetting 1 [ 633.811062][ T978] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 633.858041][ T978] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 633.914380][ T978] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 633.966915][ T978] usb 2-1: media controller created [ 634.070431][ T978] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 634.177319][T16202] netlink: 'syz.2.4317': attribute type 32 has an invalid length. [ 634.229249][T16202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4317'. [ 634.251373][ T978] usb 2-1: DVB: registering adapter 1 frontend 0 (Zarlink ZL10353 DVB-T)... [ 634.298016][T16202] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 634.298377][ T978] dvbdev: dvb_create_media_entity: media entity 'Zarlink ZL10353 DVB-T' registered. [ 634.716768][ T978] DVB: Unable to find symbol mxl5005s_attach() [ 634.737774][T16216] loop3: detected capacity change from 0 to 512 [ 634.785521][ T978] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 634.882808][T16216] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 634.900779][T16216] ext4 filesystem being mounted at /884/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 634.965426][T16216] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 634.980269][T16216] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 635.010929][T16204] loop4: detected capacity change from 0 to 32768 [ 635.051422][T16204] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4318 (16204) [ 635.068236][T16216] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4323: Failed to acquire dquot type 0 [ 635.154157][T16204] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 635.207920][ T978] usb 2-1: USB disconnect, device number 86 [ 635.225563][T16204] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm [ 635.268345][T16226] No control pipe specified [ 635.310518][T16204] BTRFS info (device loop4): using free-space-tree [ 635.374590][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 635.390433][T16228] Driver unsupported XDP return value 0 on prog (id 249) dev N/A, expect packet loss! [ 635.745286][T16204] BTRFS info (device loop4): rebuilding free space tree [ 635.815201][T16253] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4332'. [ 636.161861][ T5833] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 637.094776][T16289] loop2: detected capacity change from 0 to 164 [ 637.237539][T16289] iso9660: Corrupted directory entry in block 0 of inode 1792 [ 637.345994][T16295] nftables ruleset with unbound chain [ 638.001413][T16312] openvswitch: netlink: IP tunnel dst address not specified [ 638.021062][T16310] loop0: detected capacity change from 0 to 64 [ 638.446077][T16285] loop3: detected capacity change from 0 to 32768 [ 638.467234][T16322] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4363'. [ 638.503158][T16285] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 638.568225][T16285] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 638.610713][ T5927] usb 5-1: new high-speed USB device number 92 using dummy_hcd [ 638.628926][ T978] usb 1-1: new high-speed USB device number 90 using dummy_hcd [ 638.740358][T16285] OCFS2: ERROR (device loop3): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has an invalid fs_generation of #3923116032 [ 638.790715][T16285] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 638.790759][T16285] OCFS2: File system is now read-only. [ 638.790786][T16285] (syz.3.4344,16285,0):ocfs2_search_chain:1817 ERROR: status = -30 [ 638.790879][T16285] (syz.3.4344,16285,0):ocfs2_search_chain:1940 ERROR: status = -30 [ 638.790910][T16285] (syz.3.4344,16285,0):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30 [ 638.790936][T16285] (syz.3.4344,16285,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30 [ 638.790962][T16285] (syz.3.4344,16285,0):ocfs2_claim_new_inode:2298 ERROR: status = -30 [ 638.790988][T16285] (syz.3.4344,16285,0):ocfs2_claim_new_inode:2313 ERROR: status = -30 [ 638.791013][T16285] (syz.3.4344,16285,0):ocfs2_mknod_locked:638 ERROR: status = -30 [ 638.791038][T16285] (syz.3.4344,16285,0):ocfs2_mknod:385 ERROR: status = -30 [ 638.792622][T16285] (syz.3.4344,16285,0):ocfs2_mknod:502 ERROR: status = -30 [ 638.792690][T16285] (syz.3.4344,16285,0):ocfs2_create:675 ERROR: status = -30 [ 638.810249][ T978] usb 1-1: Using ep0 maxpacket: 16 [ 638.818420][ T5927] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 638.818528][ T5927] usb 5-1: config 0 interface 0 has no altsetting 0 [ 638.822773][ T5927] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 638.822858][ T5927] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 638.822882][ T5927] usb 5-1: Product: syz [ 638.822900][ T5927] usb 5-1: Manufacturer: syz [ 638.822917][ T5927] usb 5-1: SerialNumber: syz [ 638.826580][ T5927] usb 5-1: config 0 descriptor?? [ 638.826894][ T978] usb 1-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb [ 638.826991][ T978] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 638.827015][ T978] usb 1-1: Product: syz [ 638.827032][ T978] usb 1-1: Manufacturer: syz [ 638.827050][ T978] usb 1-1: SerialNumber: syz [ 638.846506][ T5927] usb 5-1: selecting invalid altsetting 0 [ 638.964236][ T5841] ocfs2: Unmounting device (7,3) on (node local) [ 639.097532][ T978] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 639.183979][ T5919] usb 5-1: USB disconnect, device number 92 [ 639.377231][ T978] snd-usb-audio 1-1:222.0: probe with driver snd-usb-audio failed with error -71 [ 639.468661][ T6844] udevd[6844]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 639.506658][ T978] usb 1-1: USB disconnect, device number 90 [ 639.550210][ T5857] udevd[5857]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:222.0/sound/card4/controlC4/../uevent} for writing: No such file or directory [ 639.686450][T16328] loop1: detected capacity change from 0 to 32768 [ 639.750818][T16334] loop2: detected capacity change from 0 to 512 [ 639.806187][T16334] EXT4-fs: Ignoring removed nobh option [ 639.825584][T16328] ERROR: (device loop1): dbAlloc: the hint is outside the map [ 639.825584][T16328] [ 639.907006][T16334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 640.185060][ T3466] read_mapping_page failed! [ 640.216989][ T3466] ERROR: (device loop1): txCommit: [ 640.216989][ T3466] [ 640.223445][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 640.280121][ T3466] jfs_write_inode: jfs_commit_inode failed! [ 640.355378][T16346] netlink: 248 bytes leftover after parsing attributes in process `syz.0.4373'. [ 640.556066][T16344] loop4: detected capacity change from 0 to 2048 [ 640.708946][T16352] loop2: detected capacity change from 0 to 1024 [ 640.756957][T16354] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 640.878147][T16344] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 640.940031][T16357] sock: sock_timestamping_bind_phc: sock not bind to device [ 641.009932][T16344] Remounting filesystem read-only [ 641.015877][T16344] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 641.111964][ T3458] hfsplus: b-tree write err: -5, ino 4 [ 641.134372][T16344] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 641.259423][T16344] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 641.322266][T16344] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 641.386913][T16344] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 641.499133][ T30] audit: type=1800 audit(1750081915.464:58): pid=16344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4374" name="file3" dev="loop4" ino=16 res=0 errno=0 [ 641.608394][T16363] loop1: detected capacity change from 0 to 4096 [ 641.758345][T16376] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 641.892113][T16379] loop3: detected capacity change from 0 to 256 [ 641.976981][T16384] loop0: detected capacity change from 0 to 256 [ 642.620274][T16403] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4394'. [ 642.688403][T16403] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4394'. [ 642.879949][ T5953] usb 5-1: new high-speed USB device number 93 using dummy_hcd [ 643.010154][T16415] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 643.098558][ T5953] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 643.109287][T16419] x_tables: duplicate underflow at hook 1 [ 643.116957][ T5953] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 643.135350][ T5953] usb 5-1: Product: syz [ 643.146527][ T5953] usb 5-1: Manufacturer: syz [ 643.159623][ T5953] usb 5-1: SerialNumber: syz [ 643.171661][ T5953] r8152-cfgselector 5-1: Unknown version 0x0000 [ 643.189049][ T5953] r8152-cfgselector 5-1: config 0 descriptor?? [ 643.614571][T16436] netlink: 'syz.1.4409': attribute type 10 has an invalid length. [ 643.649580][ T24] usb 1-1: new high-speed USB device number 91 using dummy_hcd [ 643.700539][ T5919] r8152-cfgselector 5-1: USB disconnect, device number 93 [ 643.795649][T16436] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 643.883561][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 643.928746][ T24] usb 1-1: config 0 has an invalid interface number: 183 but max is 0 [ 643.943987][ T24] usb 1-1: config 0 has no interface number 0 [ 643.955498][ T24] usb 1-1: config 0 interface 183 altsetting 218 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 644.006039][ T24] usb 1-1: config 0 interface 183 has no altsetting 0 [ 644.042656][ T24] usb 1-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 644.079680][ T24] usb 1-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 644.109072][ T24] usb 1-1: Product: syz [ 644.139705][ T24] usb 1-1: Manufacturer: syz [ 644.144598][ T24] usb 1-1: SerialNumber: syz [ 644.218264][ T24] usb 1-1: config 0 descriptor?? [ 644.268476][ T24] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 644.348490][T16447] gretap1: entered allmulticast mode [ 644.478255][ T24] gspca_zc3xx: reg_w_i err -71 [ 644.487040][ T24] gspca_zc3xx 1-1:0.183: probe with driver gspca_zc3xx failed with error -71 [ 644.508725][ T24] usb 1-1: USB disconnect, device number 91 [ 644.523553][T16452] 8021q: adding VLAN 0 to HW filter on device bond1 [ 644.973697][T16472] loop1: detected capacity change from 0 to 8 [ 645.097573][T16474] IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20000 [ 645.130204][T16472] SQUASHFS error: Failed to read block 0x1ec: -5 [ 645.137238][T16472] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 645.578476][T16489] netlink: 92 bytes leftover after parsing attributes in process `syz.2.4429'. [ 646.203390][ T30] audit: type=1326 audit(1750081920.184:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16508 comm="syz.1.4437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecf1d8e929 code=0x7ffc0000 [ 646.309123][ T30] audit: type=1326 audit(1750081920.184:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16508 comm="syz.1.4437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecf1d8e929 code=0x7ffc0000 [ 646.404398][ T30] audit: type=1326 audit(1750081920.264:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16508 comm="syz.1.4437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fecf1d8e929 code=0x7ffc0000 [ 646.513381][ T30] audit: type=1326 audit(1750081920.264:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16508 comm="syz.1.4437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecf1d8e929 code=0x7ffc0000 [ 646.558942][T16517] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4443'. [ 646.656117][ T30] audit: type=1326 audit(1750081920.264:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16508 comm="syz.1.4437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecf1d8e929 code=0x7ffc0000 [ 646.807302][T16481] loop0: detected capacity change from 0 to 32768 [ 646.841282][T16481] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4427 (16481) [ 646.916218][T16481] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 646.959317][T16481] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 646.988206][T16481] BTRFS info (device loop0): disk space caching is enabled [ 647.049027][T16481] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 647.285210][T16550] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4452'. [ 647.361906][T16481] BTRFS info (device loop0): rebuilding free space tree [ 647.460385][T16481] BTRFS info (device loop0): disabling free space tree [ 647.467464][T16481] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 647.519875][T16481] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 647.746843][T16560] vivid-000: ================= START STATUS ================= [ 647.780399][T16560] vivid-000: Generate PTS: true [ 647.816356][T16560] vivid-000: Generate SCR: true [ 647.822895][T16560] tpg source WxH: 320x180 (R'G'B) [ 647.838905][ T5834] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 647.859193][T16560] tpg field: 1 [ 647.873463][T16560] tpg crop: (0,0)/320x180 [ 647.889456][T16560] tpg compose: (0,0)/320x180 [ 647.916125][T16560] tpg colorspace: 8 [ 647.932982][T16560] tpg transfer function: 0/0 [ 647.992013][T16560] tpg quantization: 0/0 [ 647.999463][T16560] tpg RGB range: 0/2 [ 648.010279][T16560] vivid-000: ================== END STATUS ================== [ 648.299355][T16525] loop1: detected capacity change from 0 to 32768 [ 648.334529][T16572] netlink: 'syz.2.4461': attribute type 5 has an invalid length. [ 648.349190][T16525] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4445 (16525) [ 648.428579][T16525] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 648.496921][T16525] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 648.539166][T16525] BTRFS info (device loop1): disk space caching is enabled [ 648.591788][T16525] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 648.941533][T16525] BTRFS info (device loop1): rebuilding free space tree [ 649.030049][T16525] BTRFS info (device loop1): disabling free space tree [ 649.099908][T16525] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 649.158671][T16525] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 649.173312][T16602] netlink: 'syz.0.4467': attribute type 1 has an invalid length. [ 649.173396][T16602] netlink: 240 bytes leftover after parsing attributes in process `syz.0.4467'. [ 649.337683][T16525] BTRFS error (device loop1): balance: invalid convert system profile raid1c4 [ 649.479628][T16564] loop4: detected capacity change from 0 to 32768 [ 649.530999][ T5837] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 649.798200][T16564] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc [ 649.798233][T16564] allowing incompatible features above 0.0: (unknown version) [ 649.798248][T16564] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 650.029241][T16564] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 650.093843][T16564] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 650.139148][T16564] bcachefs (loop4): Version upgrade required: [ 650.139148][T16564] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 650.139148][T16564] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 650.139148][T16564] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 650.352564][T16564] bcachefs (loop4): dropping and reconstructing all alloc info [ 650.529743][T16564] bcachefs (loop4): accounting_read... [ 650.627045][T16633] loop0: detected capacity change from 0 to 2048 [ 650.665550][T16564] done [ 650.694485][T16637] netlink: 72 bytes leftover after parsing attributes in process `syz.2.4483'. [ 650.698812][T16564] bcachefs (loop4): alloc_read... done [ 650.738170][T16633] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 650.749399][T16637] netlink: 72 bytes leftover after parsing attributes in process `syz.2.4483'. [ 650.766692][T16564] bcachefs (loop4): snapshots_read... done [ 650.797756][T16564] bcachefs (loop4): done starting filesystem [ 651.032014][ T5833] bcachefs (loop4): shutting down [ 651.213486][ T5833] bcachefs (loop4): shutdown complete [ 651.394992][T16651] loop2: detected capacity change from 0 to 256 [ 651.516285][T16651] FAT-fs (loop2): Directory bread(block 64) failed [ 651.550267][T16651] FAT-fs (loop2): Directory bread(block 65) failed [ 651.557281][T16651] FAT-fs (loop2): Directory bread(block 66) failed [ 651.574516][T16651] FAT-fs (loop2): Directory bread(block 67) failed [ 651.588386][T16651] FAT-fs (loop2): Directory bread(block 68) failed [ 651.607615][T16651] FAT-fs (loop2): Directory bread(block 69) failed [ 651.626413][T16651] FAT-fs (loop2): Directory bread(block 70) failed [ 651.665388][T16651] FAT-fs (loop2): Directory bread(block 71) failed [ 651.684095][T16651] FAT-fs (loop2): Directory bread(block 72) failed [ 651.719962][T16651] FAT-fs (loop2): Directory bread(block 73) failed [ 652.848387][T16689] loop2: detected capacity change from 0 to 64 [ 653.488494][T16706] tipc: Can't bind to reserved service type 0 [ 653.749764][T16714] binfmt_misc: register: failed to install interpreter file ./file0 [ 654.068928][T16723] binder: 16722:16723 ioctl c018620b 0 returned -14 [ 654.989610][ T30] audit: type=1326 audit(1750081928.965:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.4.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 655.052368][ T30] audit: type=1326 audit(1750081928.965:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.4.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 655.087818][ T30] audit: type=1326 audit(1750081929.005:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.4.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 655.144776][ T30] audit: type=1326 audit(1750081929.005:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.4.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 655.172607][ T30] audit: type=1326 audit(1750081929.005:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.4.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 655.514812][T16769] netlink: 'syz.1.4546': attribute type 10 has an invalid length. [ 655.588339][T16769] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4546'. [ 655.649859][T16774] loop4: detected capacity change from 0 to 8 [ 655.656820][T16769] openvswitch: netlink: Flow key attr not present in new flow. [ 655.999021][ T30] audit: type=1326 audit(1750081929.965:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16781 comm="syz.2.4552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 656.088198][ T30] audit: type=1326 audit(1750081929.965:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16781 comm="syz.2.4552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 656.225077][ T30] audit: type=1326 audit(1750081930.025:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16781 comm="syz.2.4552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 656.356280][ T30] audit: type=1326 audit(1750081930.025:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16781 comm="syz.2.4552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 656.397026][T16758] loop0: detected capacity change from 0 to 32768 [ 656.458967][ T30] audit: type=1326 audit(1750081930.025:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16781 comm="syz.2.4552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6adad8e929 code=0x7ffc0000 [ 656.465049][T16758] (syz.0.4541,16758,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 656.528608][T16758] (syz.0.4541,16758,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 656.592122][T16758] JBD2: Ignoring recovery information on journal [ 656.698689][ T10] usb 5-1: new high-speed USB device number 94 using dummy_hcd [ 656.801970][T16758] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 656.908991][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 656.923241][ T10] usb 5-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b [ 656.933792][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 656.966236][ T10] usb 5-1: Product: syz [ 656.978277][ T10] usb 5-1: Manufacturer: syz [ 656.983212][ T10] usb 5-1: SerialNumber: syz [ 657.054657][ T5834] ocfs2: Unmounting device (7,0) on (node local) [ 657.215971][ T10] visor 5-1:1.0: Handspring Visor / Palm OS converter detected [ 657.282091][ T10] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 657.323473][ T10] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 657.421253][ T10] usb 5-1: USB disconnect, device number 94 [ 657.444957][ T10] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 657.477243][T16798] loop3: detected capacity change from 0 to 32768 [ 657.481126][ T10] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 657.512007][ T10] visor 5-1:1.0: device disconnected [ 657.526144][T16798] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 657.605311][T16798] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 [ 657.621082][T16798] XFS (loop3): Unmount and run xfs_repair [ 657.627132][T16798] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 657.656954][T16798] 00000000: 58 41 47 46 00 00 00 00 00 00 00 00 00 00 10 00 XAGF............ [ 657.698049][T16798] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01 ................ [ 657.737792][T16798] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 657.778127][T16798] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00 ................ [ 657.817520][T16798] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 657.859476][T16798] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01 ................ [ 657.898256][T16798] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 657.933392][T16798] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 657.981026][T16798] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74 [ 658.050581][T16798] XFS (loop3): Error -117 reserving per-AG metadata reserve pool. [ 658.086380][T16798] XFS (loop3): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x1f0/0x240 (fs/xfs/xfs_fsops.c:566). Shutting down filesystem. [ 658.144085][T16798] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 658.162692][T16798] XFS (loop3): Ending clean mount [ 658.186061][T16798] XFS (loop3): Failed to initialize disk quotas, err -5. [ 658.314691][T16798] XFS (loop3): Error -5 reserving per-AG metadata reserve pool. [ 658.534293][ T5841] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 658.978490][T16857] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4581'. [ 659.404195][T16866] loop4: detected capacity change from 0 to 64 [ 659.796565][T16880] loop0: detected capacity change from 0 to 64 [ 659.884898][T16882] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4589'. [ 660.098013][T16887] netlink: 'syz.3.4592': attribute type 3 has an invalid length. [ 660.163464][T16846] loop2: detected capacity change from 0 to 32768 [ 660.241522][T16846] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4576 (16846) [ 660.332643][T16846] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 660.391325][T16846] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 660.619650][T16895] loop3: detected capacity change from 0 to 2048 [ 660.638109][T16846] BTRFS info (device loop2): rebuilding free space tree [ 660.697878][T16846] BTRFS info (device loop2): disabling free space tree [ 660.725987][T16895] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 660.748109][T16846] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 660.807705][T16846] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 660.824441][T16895] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 661.154446][ T5845] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 661.347141][T16889] loop4: detected capacity change from 0 to 32768 [ 661.385189][T16889] BTRFS: device /dev/loop4 (7:4) using temp-fsid d2e69077-429e-42b7-9a02-d05f6cd0f232 [ 661.437744][T16889] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4593 (16889) [ 661.540332][T16927] loop1: detected capacity change from 0 to 64 [ 661.560946][T16889] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 661.634576][T16889] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 661.710823][T16889] BTRFS info (device loop4): disk space caching is enabled [ 661.764686][T16889] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 661.865295][T16933] loop2: detected capacity change from 0 to 1024 [ 661.928215][T16933] EXT4-fs: Ignoring removed nobh option [ 661.942852][T16933] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal [ 662.086402][T16933] Non-string source [ 662.122911][T16944] loop1: detected capacity change from 0 to 1764 [ 662.153599][T16889] BTRFS info (device loop4): rebuilding free space tree [ 662.227640][T16944] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 662.267285][T16889] BTRFS info (device loop4): disabling free space tree [ 662.318544][T16889] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 662.374016][T16889] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 662.380497][T16957] SET target dimension over the limit! [ 662.507182][T16959] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4612'. [ 662.788152][ T5833] BTRFS info (device loop4): last unmount of filesystem d2e69077-429e-42b7-9a02-d05f6cd0f232 [ 662.972265][T16971] loop1: detected capacity change from 0 to 256 [ 663.142215][T16971] FAT-fs (loop1): Directory bread(block 64) failed [ 663.188710][T16971] FAT-fs (loop1): Directory bread(block 65) failed [ 663.229691][T16971] FAT-fs (loop1): Directory bread(block 66) failed [ 663.267699][T16971] FAT-fs (loop1): Directory bread(block 67) failed [ 663.274962][T16971] FAT-fs (loop1): Directory bread(block 68) failed [ 663.286193][T16971] FAT-fs (loop1): Directory bread(block 69) failed [ 663.297932][T16971] FAT-fs (loop1): Directory bread(block 70) failed [ 663.314666][T16971] FAT-fs (loop1): Directory bread(block 71) failed [ 663.347758][T16971] FAT-fs (loop1): Directory bread(block 72) failed [ 663.388797][T16971] FAT-fs (loop1): Directory bread(block 73) failed [ 664.335527][T16975] loop2: detected capacity change from 0 to 32768 [ 664.411091][T16975] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4620 (16975) [ 664.477754][T16975] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 664.543026][T16975] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 664.612309][T16975] BTRFS info (device loop2): using free-space-tree [ 664.997453][ T5919] usb 1-1: new full-speed USB device number 92 using dummy_hcd [ 665.168140][ T5845] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 665.218060][ T5919] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 665.228792][ T5919] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 665.279990][ T5919] usb 1-1: Product: syz [ 665.307530][ T5919] usb 1-1: Manufacturer: syz [ 665.312370][ T5919] usb 1-1: SerialNumber: syz [ 665.371801][ T5919] usb 1-1: config 0 descriptor?? [ 665.576217][T17049] netlink: 'syz.2.4645': attribute type 3 has an invalid length. [ 665.585461][T17050] xt_TCPMSS: Only works on TCP SYN packets [ 665.798809][ T5919] airspy 1-1:0.0: usb_control_msg() failed -71 request 0a [ 665.806112][ T5919] airspy 1-1:0.0: Could not detect board [ 665.850438][ T5919] airspy 1-1:0.0: probe with driver airspy failed with error -71 [ 665.897918][ T5919] usb 1-1: USB disconnect, device number 92 [ 665.932927][T17054] loop3: detected capacity change from 0 to 2048 [ 665.954255][T17059] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 665.965043][T17059] IPv6: NLM_F_CREATE should be set when creating new route [ 665.972919][T17059] IPv6: NLM_F_CREATE should be set when creating new route [ 666.081000][T17054] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 666.448819][T17065] loop4: detected capacity change from 0 to 1024 [ 666.542650][T17069] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4657'. [ 666.604155][T17065] syz.4.4655: attempt to access beyond end of device [ 666.604155][T17065] loop4: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 666.650638][T17065] Buffer I/O error on dev loop4, logical block 100663296, async page read [ 666.662018][T17069] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4657'. [ 666.684250][T17065] hfsplus: unable to mark blocks free: error -5 [ 666.760654][T17069] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4657'. [ 666.772545][T17065] hfsplus: can't free extent [ 667.435030][T17087] loop4: detected capacity change from 0 to 256 [ 667.525368][T17087] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 667.585928][T17093] vlan1: entered allmulticast mode [ 667.613983][T17093] veth0_vlan: entered allmulticast mode [ 667.947606][T17099] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 667.991635][T17102] unsupported nlmsg_type 40 [ 668.071627][T17071] loop0: detected capacity change from 0 to 32768 [ 668.254578][T17111] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 668.555385][T17116] netlink: 'syz.2.4681': attribute type 39 has an invalid length. [ 668.658566][T17116] veth0_macvtap: left promiscuous mode [ 669.357054][T17146] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4694'. [ 669.440384][T17146] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4694'. [ 669.997254][T17167] ipt_rpfilter: unknown options [ 670.305297][T17174] loop3: detected capacity change from 0 to 764 [ 670.378463][T17174] rock: directory entry would overflow storage [ 670.418172][T17174] rock: sig=0x4654, size=5, remaining=4 [ 670.505091][T17140] loop4: detected capacity change from 0 to 32768 [ 670.646748][T17140] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 671.043619][T17140] XFS (loop4): Ending clean mount [ 671.251767][ T5833] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 671.409000][T17210] loop3: detected capacity change from 0 to 16 [ 671.439637][T17210] erofs (device loop3): mounted with root inode @ nid 36. [ 671.506857][T17210] erofs (device loop3): xattr_isize 12 of nid 46 is not supported yet [ 671.918381][T17218] loop2: detected capacity change from 0 to 2048 [ 672.003634][T17218] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 672.423749][T17232] IPv6: NLM_F_CREATE should be specified when creating new route [ 672.474166][T17198] loop0: detected capacity change from 0 to 40427 [ 672.569644][T17198] F2FS-fs (loop0): invalid crc value [ 672.930786][T17247] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 672.985381][T17198] F2FS-fs (loop0): Start checkpoint disabled! [ 673.048454][T17198] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 673.526651][ T24] usb 5-1: new high-speed USB device number 95 using dummy_hcd [ 673.628392][T17269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4751'. [ 673.635800][T17268] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 673.647743][T17268] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 673.675436][T17269] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (255) [ 673.718350][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 673.734213][T17268] vhci_hcd vhci_hcd.0: Device attached [ 673.741544][ T24] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 673.741585][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 673.741611][ T24] usb 5-1: Product: syz [ 673.741629][ T24] usb 5-1: Manufacturer: syz [ 673.741648][ T24] usb 5-1: SerialNumber: syz [ 673.758003][ T24] r8152-cfgselector 5-1: Unknown version 0x0000 [ 673.769515][T17273] loop3: detected capacity change from 0 to 8 [ 673.796726][ T24] r8152-cfgselector 5-1: config 0 descriptor?? [ 673.883225][T17273] SQUASHFS error: Failed to read block 0x738: -5 [ 673.932200][T17273] SQUASHFS error: Unable to read metadata cache entry [736] [ 673.963451][T17275] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4753'. [ 673.966639][ T5927] usb 37-1: new high-speed USB device number 2 using vhci_hcd [ 673.974291][T17275] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4753'. [ 674.245452][ T978] r8152-cfgselector 5-1: USB disconnect, device number 95 [ 674.366297][T17270] vhci_hcd: connection reset by peer [ 674.396905][ T12] vhci_hcd: stop threads [ 674.415013][ T12] vhci_hcd: release socket [ 674.429065][T17284] Cannot find del_set index 4 as target [ 674.432494][ T12] vhci_hcd: disconnect device [ 674.446328][T17287] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4758'. [ 674.920187][T17302] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4767'. [ 675.301732][T17316] netlink: 'syz.0.4772': attribute type 2 has an invalid length. [ 675.324345][T17318] netlink: zone id is out of range [ 675.342660][T17318] netlink: zone id is out of range [ 675.359023][T17318] netlink: zone id is out of range [ 675.364451][T17318] netlink: zone id is out of range [ 675.416535][T17318] netlink: zone id is out of range [ 675.425953][T17318] netlink: zone id is out of range [ 675.466145][T17318] netlink: zone id is out of range [ 675.500350][T17318] netlink: zone id is out of range [ 675.536622][T17318] netlink: zone id is out of range [ 675.552684][T17318] netlink: zone id is out of range [ 675.661042][T17330] capability: warning: `syz.3.4779' uses 32-bit capabilities (legacy support in use) [ 676.038292][T17345] overlayfs: unescaped trailing colons in lowerdir mount option. [ 676.136967][T17350] loop2: detected capacity change from 0 to 512 [ 676.275232][T17350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 676.338691][T17359] xt_TPROXY: Can be used only with -p tcp or -p udp [ 676.417334][T17350] ext4 filesystem being mounted at /987/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 676.610799][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 676.610821][ T30] audit: type=1326 audit(1750081950.598:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17370 comm="syz.3.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 676.640879][T17350] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.4788: corrupted xattr block 33: invalid ea_ino [ 676.712148][T17350] EXT4-fs (loop2): Remounting filesystem read-only [ 676.754303][ T30] audit: type=1326 audit(1750081950.598:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17370 comm="syz.3.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 676.816714][T17375] netlink: 'syz.3.4799': attribute type 4 has an invalid length. [ 676.821000][ T30] audit: type=1326 audit(1750081950.598:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17370 comm="syz.3.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 676.933047][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 676.947787][ T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 676.971146][ T12] Quota error (device loop2): write_blk: dquota write failed [ 677.026821][ T30] audit: type=1326 audit(1750081950.598:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17370 comm="syz.3.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 677.055029][ T12] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries [ 677.075384][ T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 677.137986][ T30] audit: type=1326 audit(1750081950.598:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17370 comm="syz.3.4797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 677.162790][ T12] Quota error (device loop2): write_blk: dquota write failed [ 677.182926][ T12] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list [ 677.202730][ T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 677.233051][T17386] libceph: resolve '4.' (ret=-3): failed [ 677.241247][ T12] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 677.246074][T17387] netlink: 'syz.3.4806': attribute type 3 has an invalid length. [ 677.288758][T17387] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4806'. [ 677.346381][ T24] usb 5-1: new full-speed USB device number 96 using dummy_hcd [ 677.539340][ T24] usb 5-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66 [ 677.550795][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 677.599118][ T24] usb 5-1: config 0 descriptor?? [ 677.633251][ T24] usb 5-1: invalid MIDI EP [ 677.651362][ T24] usb 5-1: snd-bcd2000: error during probing [ 677.661243][ T24] snd-bcd2000 5-1:0.0: probe with driver snd-bcd2000 failed with error -22 [ 677.693559][T17403] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4812'. [ 677.714340][T17403] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4) [ 677.776893][ T5919] usb 4-1: new high-speed USB device number 104 using dummy_hcd [ 677.853761][ T24] usb 5-1: USB disconnect, device number 96 [ 677.913742][T17409] loop1: detected capacity change from 0 to 256 [ 677.968762][ T5919] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 677.984310][ T5919] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 678.003871][ T5919] usb 4-1: Product: syz [ 678.039801][ T5919] usb 4-1: Manufacturer: syz [ 678.066961][ T5919] usb 4-1: SerialNumber: syz [ 678.085110][ T5919] usb 4-1: config 0 descriptor?? [ 678.121026][ T5919] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 678.134420][T17413] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4817'. [ 678.534684][ T5919] gspca_sunplus: reg_w_riv err -71 [ 678.560669][ T5919] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 678.589764][ T5919] usb 4-1: USB disconnect, device number 104 [ 679.122776][ T5927] vhci_hcd: vhci_device speed not set [ 679.337080][T17449] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 679.419909][T17441] loop2: detected capacity change from 0 to 4096 [ 679.724568][T17441] ntfs3(loop2): ino=9, attr_set_size [ 680.734988][T17496] nfs: Deprecated parameter 'nointr' [ 680.762986][T17497] loop0: detected capacity change from 0 to 1024 [ 680.929832][T17503] netlink: 'syz.2.4862': attribute type 21 has an invalid length. [ 680.975846][T17503] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4862'. [ 681.057458][ T12] hfsplus: b-tree write err: -5, ino 4 [ 681.332311][T17512] loop1: detected capacity change from 0 to 2048 [ 681.366832][ T5965] usb 4-1: new high-speed USB device number 105 using dummy_hcd [ 681.379065][T17512] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 681.434694][T17512] NILFS (loop1): segment count 8142508126285856831 exceeds upper limit (1152921504606846975 segments) [ 681.486470][T17512] kAFS: No cell specified [ 681.559402][ T5965] usb 4-1: config 0 has an invalid interface number: 199 but max is 1 [ 681.579662][ T5965] usb 4-1: config 0 has no interface number 1 [ 681.617275][ T5965] usb 4-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 681.675659][ T5965] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 681.726799][ T5965] usb 4-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 681.755422][ T5965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 681.784016][ T5965] usb 4-1: SerialNumber: syz [ 681.800424][ T5965] usb 4-1: config 0 descriptor?? [ 682.038277][ T5965] usb 4-1: Found UVC 0.00 device (0002:0000) [ 682.056689][ T5965] usb 4-1: No valid video chain found. [ 682.099365][ T5965] usb 4-1: USB disconnect, device number 105 [ 682.589521][T17550] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4885'. [ 682.925080][T17564] dlm: plock device version mismatch: kernel (1.2.0), user (1.33554432.0) [ 683.162165][T17563] loop0: detected capacity change from 0 to 4096 [ 683.185363][T17573] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4896'. [ 683.388333][T17563] ntfs3(loop0): ino=b, mi_enum_attr [ 683.394088][T17563] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 683.455722][T17563] ntfs3(loop0): Failed to load $Extend (-22). [ 683.461997][T17563] ntfs3(loop0): Failed to initialize $Extend. [ 683.541893][T17563] ntfs3(loop0): ino=1e, "file1" attr_set_size [ 683.979413][T17597] tmpfs: Bad value for 'mpol' [ 684.375771][T17609] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 684.965247][T17631] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4925'. [ 685.861926][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.868390][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.073210][T17625] loop1: detected capacity change from 0 to 32768 [ 686.101183][T17667] loop2: detected capacity change from 0 to 2048 [ 686.207639][T17667] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 686.207771][T17667] ext4 filesystem being mounted at /1018/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 686.372124][T17667] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4943: bg 0: block 345: padding at end of block bitmap is not set [ 686.433880][T17667] EXT4-fs (loop2): Remounting filesystem read-only [ 686.445358][T17667] EXT4-fs warning (device loop2): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.2.4943: cleanup dec ref error -117 [ 686.523661][T17625] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nochanges,nojournal_transaction_names,noexcl,read_only,version_upgrade=none [ 686.523690][T17625] allowing incompatible features above 0.0: (unknown version) [ 686.523704][T17625] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 686.607311][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 686.704232][T17625] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0 [ 686.762607][T17625] bcachefs (loop1): recovering from clean shutdown, journal seq 13 [ 686.778003][ T30] audit: type=1326 audit(1750081960.769:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17684 comm="syz.3.4951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 686.852284][ T30] audit: type=1326 audit(1750081960.789:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17684 comm="syz.3.4951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 686.876148][T17625] bcachefs (loop1): accounting_read... done [ 686.932900][T17625] bcachefs (loop1): alloc_read... done [ 686.938429][ T30] audit: type=1326 audit(1750081960.809:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17684 comm="syz.3.4951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 686.967722][T17625] bcachefs (loop1): snapshots_read... done [ 687.025461][T17625] bcachefs (loop1): journal_replay... done [ 687.032219][T17625] bcachefs (loop1): resume_logged_ops... done [ 687.053967][ T30] audit: type=1326 audit(1750081960.809:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17684 comm="syz.3.4951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad8d8e929 code=0x7ffc0000 [ 687.096304][T17625] bcachefs (loop1): delete_dead_inodes... done [ 687.144577][T17625] bcachefs (loop1): done starting filesystem [ 687.367479][T17625] overlay: case-insensitive capable filesystem on . not supported [ 687.532224][T17703] netlink: 'syz.3.4959': attribute type 13 has an invalid length. [ 687.541815][T17672] loop4: detected capacity change from 0 to 32768 [ 687.589084][T17703] gretap0: refused to change device tx_queue_len [ 687.597785][T17672] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4944 (17672) [ 687.611970][ T5837] bcachefs (loop1): shutting down [ 687.653456][T17703] net_ratelimit: 2 callbacks suppressed [ 687.653479][T17703] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 687.734132][T17672] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 687.797874][ T5837] bcachefs (loop1): shutdown complete [ 687.808887][T17672] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 687.840712][T17672] BTRFS info (device loop4): disk space caching is enabled [ 687.872132][T17672] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 688.029274][T17720] loop3: detected capacity change from 0 to 1024 [ 688.157372][T17720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 688.205494][T17672] BTRFS info (device loop4): rebuilding free space tree [ 688.328617][T17672] BTRFS info (device loop4): disabling free space tree [ 688.343325][T17672] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 688.354515][T17672] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 688.427928][T17736] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4967'. [ 688.452869][T17736] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 688.546545][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 688.563891][T17672] BTRFS error: failed to open device for path !<ϴ?iҟ=Ac [ 688.563891][T17672] $E8]MFqҭo&SfU[QnAw62\dH=5n\m;R6aL [ 688.563891][T17672] '{$Fў(718WXkS?#MqCa>!10 J with flags 0x1: -2 [ 688.768181][ T5833] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 688.860828][T17744] loop2: detected capacity change from 0 to 2048 [ 688.968724][T17744] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 689.248895][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 689.597854][T17763] tmpfs: Bad value for 'mpol' [ 689.883672][T17770] loop0: detected capacity change from 0 to 256 [ 689.955703][T17773] tmpfs: Bad value for 'mpol' [ 690.042555][T17770] FAT-fs (loop0): Directory bread(block 64) failed [ 690.050630][T17770] FAT-fs (loop0): Directory bread(block 65) failed [ 690.077335][T17770] FAT-fs (loop0): Directory bread(block 66) failed [ 690.132148][T17770] FAT-fs (loop0): Directory bread(block 67) failed [ 690.204679][T17770] FAT-fs (loop0): Directory bread(block 68) failed [ 690.211385][T17770] FAT-fs (loop0): Directory bread(block 69) failed [ 690.268768][T17770] FAT-fs (loop0): Directory bread(block 70) failed [ 690.294567][T17770] FAT-fs (loop0): Directory bread(block 71) failed [ 690.303037][T17770] FAT-fs (loop0): Directory bread(block 72) failed [ 690.332817][T17770] FAT-fs (loop0): Directory bread(block 73) failed [ 690.553820][ T30] audit: type=1800 audit(1750081964.529:88): pid=17770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4983" name="bus" dev="loop0" ino=1048624 res=0 errno=0 [ 690.695019][T17785] loop4: detected capacity change from 0 to 8 [ 690.719539][T17783] loop3: detected capacity change from 0 to 2048 [ 690.889689][T17783] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 690.934940][T17792] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.4962'. [ 690.996239][T17794] netlink: 666 bytes leftover after parsing attributes in process `syz.4.4995'. [ 691.032828][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 691.079770][T17797] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 691.326633][T17803] netlink: 'syz.1.4999': attribute type 33 has an invalid length. [ 691.954865][ T5965] usb 5-1: new high-speed USB device number 97 using dummy_hcd [ 692.004865][T17827] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5010'. [ 692.148488][ T5965] usb 5-1: Using ep0 maxpacket: 16 [ 692.175314][ T5965] usb 5-1: unable to get BOS descriptor or descriptor too short [ 692.224886][ T5965] usb 5-1: config 8 has an invalid interface number: 249 but max is 0 [ 692.233227][ T5965] usb 5-1: config 8 has no interface number 0 [ 692.267887][ T5965] usb 5-1: config 8 interface 249 has no altsetting 0 [ 692.278760][ T5965] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0078, bcdDevice=5d.c9 [ 692.302684][ T5965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 692.314180][ T5965] usb 5-1: Product: syz [ 692.318864][ T5965] usb 5-1: Manufacturer: syz [ 692.334832][ T5965] usb 5-1: SerialNumber: syz [ 692.604884][ T5965] dvb-usb: found a 'Terratec Cinergy T USB XXS (HD)/ T3' in cold state, will try to load a firmware [ 692.682205][ T5965] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 692.722128][ T5965] dib0700: firmware download failed at 7 with -8 [ 692.833343][ T5965] usb 5-1: USB disconnect, device number 97 [ 693.204479][ T24] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 693.267700][T17862] loop3: detected capacity change from 0 to 512 [ 693.367227][T17862] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 693.421445][T17862] ext4 filesystem being mounted at /1044/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 693.452712][T17872] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5031'. [ 693.452756][ T24] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 693.492370][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 693.523780][ T24] usb 3-1: Product: syz [ 693.525531][T17872] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5031'. [ 693.541993][ T24] usb 3-1: Manufacturer: syz [ 693.548387][T17862] tmpfs: Bad value for 'mpol' [ 693.558041][ T24] usb 3-1: SerialNumber: syz [ 693.610519][ T24] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 693.660352][ T5953] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 693.706097][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 694.164107][ T30] audit: type=1326 audit(1750081968.150:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.4.5039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 694.188415][ T978] usb 3-1: USB disconnect, device number 91 [ 694.246309][T17885] bridge3: entered promiscuous mode [ 694.284275][ T30] audit: type=1326 audit(1750081968.150:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.4.5039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 694.327536][ T30] audit: type=1326 audit(1750081968.170:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.4.5039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 694.411852][ T30] audit: type=1326 audit(1750081968.170:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.4.5039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 694.481695][ T30] audit: type=1326 audit(1750081968.170:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.4.5039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7875d8e929 code=0x7ffc0000 [ 694.672358][T17900] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (5), value rounded to 5 ms [ 694.724890][ T5953] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 694.745436][ T5953] ath9k_htc: Failed to initialize the device [ 694.774260][ T978] usb 3-1: ath9k_htc: USB layer deinitialized [ 694.939116][T17900] 8021q: adding VLAN 0 to HW filter on device bond3 [ 695.431323][T17920] xt_CT: No such helper "pptp" [ 695.775706][T17933] loop0: detected capacity change from 0 to 1024 [ 695.783455][T17933] EXT4-fs: Ignoring removed bh option [ 695.911370][T17933] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 696.163951][ T24] usb 4-1: new high-speed USB device number 106 using dummy_hcd [ 696.281525][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 696.302932][T17910] loop4: detected capacity change from 0 to 32768 [ 696.350249][T17954] netlink: 'syz.1.5070': attribute type 4 has an invalid length. [ 696.384980][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 696.402531][ T24] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 696.434458][ T24] usb 4-1: config 0 has no interface number 0 [ 696.489181][ T24] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 696.513836][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 696.528610][T17956] loop0: detected capacity change from 0 to 8 [ 696.557596][ T24] usb 4-1: Product: syz [ 696.560389][T17956] squashfs: Unknown parameter 'ANyM' [ 696.562865][ T24] usb 4-1: Manufacturer: syz [ 696.562899][ T24] usb 4-1: SerialNumber: syz [ 696.605046][ T113] ------------[ cut here ]------------ [ 696.612445][ T113] WARNING: fs/jfs/jfs_dmap.c:2867 at dbAdjTree+0x454/0x4e0, CPU#1: jfsCommit/113 [ 696.622885][ T113] Modules linked in: [ 696.627363][ T113] CPU: 1 UID: 0 PID: 113 Comm: jfsCommit Not tainted 6.16.0-rc2-next-20250616-syzkaller #0 PREEMPT(full) [ 696.639019][ T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 696.649701][ T113] RIP: 0010:dbAdjTree+0x454/0x4e0 [ 696.655119][ T113] Code: 5a ff ff ff e8 dd ed 81 fe eb 05 e8 d6 ed 81 fe 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 bd ed 81 fe 90 <0f> 0b 90 eb e1 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c e1 fb ff ff [ 696.665419][T17958] ieee802154 phy0 wpan0: encryption failed: -90 [ 696.675538][ T113] RSP: 0018:ffffc90002707988 EFLAGS: 00010293 [ 696.689342][ T113] RAX: ffffffff833e7c73 RBX: ffff8880833bf010 RCX: ffff88801e715a00 [ 696.698297][ T113] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 0000000000020056 [ 696.708119][ T113] RBP: 0000000000020056 R08: ffffea00020cefc7 R09: 1ffffd4000419df8 [ 696.717434][ T113] R10: dffffc0000000000 R11: fffff94000419df9 R12: ffff8880833bf018 [ 696.728263][ T113] R13: dffffc0000000000 R14: 0000000000000004 R15: 0000000000000155 [ 696.736859][ T113] FS: 0000000000000000(0000) GS:ffff888125d40000(0000) knlGS:0000000000000000 [ 696.748393][ T113] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 696.755509][ T113] CR2: 00007f6adafb7bac CR3: 0000000066aca000 CR4: 00000000003526f0 [ 696.764353][ T113] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 696.773088][ T113] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 696.781325][ T113] Call Trace: [ 696.784811][ T113] [ 696.788394][ T113] ? __pfx_lock_metapage+0x10/0x10 [ 696.794829][ T113] dbJoin+0x238/0x300 [ 696.799357][ T113] ? do_read_cache_folio+0x4c6/0x590 [ 696.806522][ T113] dbFreeBits+0x4e1/0xdb0 [ 696.811217][ T113] dbFree+0x336/0x650 [ 696.816829][ T113] txFreeMap+0x7ff/0xde0 [ 696.821277][ T113] txUpdateMap+0x308/0x9c0 [ 696.826405][ T113] jfs_lazycommit+0x43f/0xa90 [ 696.831589][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 696.836921][ T113] ? __pfx_default_wake_function+0x10/0x10 [ 696.842793][ T113] ? __kthread_parkme+0x7b/0x200 [ 696.847837][ T113] ? __kthread_parkme+0x1a1/0x200 [ 696.853457][ T113] kthread+0x711/0x8a0 [ 696.857692][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 696.862971][ T113] ? __pfx_kthread+0x10/0x10 [ 696.867829][ T113] ? _raw_spin_unlock_irq+0x23/0x50 [ 696.873309][ T113] ? lockdep_hardirqs_on+0x9c/0x150 [ 696.878649][ T113] ? __pfx_kthread+0x10/0x10 [ 696.883302][ T113] ret_from_fork+0x3fc/0x770 [ 696.888348][ T113] ? __pfx_ret_from_fork+0x10/0x10 [ 696.894488][ T113] ? __switch_to_asm+0x39/0x70 [ 696.899403][ T113] ? __switch_to_asm+0x33/0x70 [ 696.905089][ T113] ? __pfx_kthread+0x10/0x10 [ 696.909746][ T113] ret_from_fork_asm+0x1a/0x30 [ 696.914676][ T113] [ 696.917757][ T113] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 696.925091][ T113] CPU: 1 UID: 0 PID: 113 Comm: jfsCommit Not tainted 6.16.0-rc2-next-20250616-syzkaller #0 PREEMPT(full) [ 696.936415][ T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 696.946718][ T113] Call Trace: [ 696.950123][ T113] [ 696.953876][ T113] dump_stack_lvl+0x99/0x250 [ 696.958766][ T113] ? __asan_memcpy+0x40/0x70 [ 696.964801][ T113] ? __pfx_dump_stack_lvl+0x10/0x10 [ 696.970043][ T113] ? __pfx__printk+0x10/0x10 [ 696.974763][ T113] panic+0x2db/0x790 [ 696.979306][ T113] ? __pfx_panic+0x10/0x10 [ 696.983789][ T113] ? ret_from_fork_asm+0x1a/0x30 [ 696.988854][ T113] __warn+0x334/0x4c0 [ 696.992874][ T113] ? dbAdjTree+0x454/0x4e0 [ 696.997362][ T113] ? dbAdjTree+0x454/0x4e0 [ 697.001800][ T113] report_bug+0x2be/0x4f0 [ 697.006155][ T113] ? dbAdjTree+0x454/0x4e0 [ 697.010611][ T113] ? dbAdjTree+0x454/0x4e0 [ 697.015224][ T113] ? dbAdjTree+0x456/0x4e0 [ 697.019692][ T113] handle_bug+0x84/0x160 [ 697.023980][ T113] exc_invalid_op+0x1a/0x50 [ 697.028518][ T113] asm_exc_invalid_op+0x1a/0x20 [ 697.033411][ T113] RIP: 0010:dbAdjTree+0x454/0x4e0 [ 697.038467][ T113] Code: 5a ff ff ff e8 dd ed 81 fe eb 05 e8 d6 ed 81 fe 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 bd ed 81 fe 90 <0f> 0b 90 eb e1 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c e1 fb ff ff [ 697.058281][ T113] RSP: 0018:ffffc90002707988 EFLAGS: 00010293 [ 697.064377][ T113] RAX: ffffffff833e7c73 RBX: ffff8880833bf010 RCX: ffff88801e715a00 [ 697.072363][ T113] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 0000000000020056 [ 697.080388][ T113] RBP: 0000000000020056 R08: ffffea00020cefc7 R09: 1ffffd4000419df8 [ 697.088466][ T113] R10: dffffc0000000000 R11: fffff94000419df9 R12: ffff8880833bf018 [ 697.096546][ T113] R13: dffffc0000000000 R14: 0000000000000004 R15: 0000000000000155 [ 697.104670][ T113] ? dbAdjTree+0x453/0x4e0 [ 697.109164][ T113] ? dbAdjTree+0x453/0x4e0 [ 697.113753][ T113] ? __pfx_lock_metapage+0x10/0x10 [ 697.118912][ T113] dbJoin+0x238/0x300 [ 697.122926][ T113] ? do_read_cache_folio+0x4c6/0x590 [ 697.128256][ T113] dbFreeBits+0x4e1/0xdb0 [ 697.132616][ T113] dbFree+0x336/0x650 [ 697.136626][ T113] txFreeMap+0x7ff/0xde0 [ 697.140902][ T113] txUpdateMap+0x308/0x9c0 [ 697.145354][ T113] jfs_lazycommit+0x43f/0xa90 [ 697.150075][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 697.156256][ T113] ? __pfx_default_wake_function+0x10/0x10 [ 697.162197][ T113] ? __kthread_parkme+0x7b/0x200 [ 697.167166][ T113] ? __kthread_parkme+0x1a1/0x200 [ 697.172564][ T113] kthread+0x711/0x8a0 [ 697.176661][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 697.181914][ T113] ? __pfx_kthread+0x10/0x10 [ 697.186523][ T113] ? _raw_spin_unlock_irq+0x23/0x50 [ 697.191737][ T113] ? lockdep_hardirqs_on+0x9c/0x150 [ 697.196953][ T113] ? __pfx_kthread+0x10/0x10 [ 697.201654][ T113] ret_from_fork+0x3fc/0x770 [ 697.206288][ T113] ? __pfx_ret_from_fork+0x10/0x10 [ 697.211455][ T113] ? __switch_to_asm+0x39/0x70 [ 697.216274][ T113] ? __switch_to_asm+0x33/0x70 [ 697.221250][ T113] ? __pfx_kthread+0x10/0x10 [ 697.226104][ T113] ret_from_fork_asm+0x1a/0x30 [ 697.230922][ T113] [ 697.234375][ T113] Kernel Offset: disabled [ 697.238813][ T113] Rebooting in 86400 seconds..