last executing test programs: 1.924635743s ago: executing program 0 (id=1677): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x3c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x4}, @NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}]}], {0x14}}, 0xc4}}, 0x0) 1.795837104s ago: executing program 0 (id=1682): r0 = socket$kcm(0xa, 0x2, 0x3a) sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @mcast2, 0x1a}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000780)="80005b020eaa4da2", 0x8}], 0x1, 0x0, 0x0, 0x900}, 0x0) 1.739207065s ago: executing program 0 (id=1683): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000001100)={[], 0xfffffffffffffff4}, 0x0) 1.676511377s ago: executing program 0 (id=1686): ioperm(0x0, 0x82, 0x1f) clock_nanosleep(0x6, 0x0, 0x0, 0x0) 1.640214299s ago: executing program 4 (id=1688): syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0xa00810, &(0x7f0000000040)=ANY=[], 0x54, 0x1ec, &(0x7f00000002c0)="$eJzs3Etu00AAxvFvErcNBfEUD7FCQkJsqKGtVGVHD8AF2FWtqSpcQJRNIhbkEuzZsuII3IQLJAt2rDCyx4r8CMk4CXFI/j+pzWg638yk0jQzcR0BWFvPk+9GRi2ZtO6BpJcvJHnDZs2apgfgH4rsQ0sRgPXT/F33DADUY3Bot/bfjfTj58fjfvrVctw/DA4btmCkfiZ/yTXfs6eO+14+vy3pcqm1V96/fLH5R8rnr1Qcf7uQ33LO2+f/+GE+f1XSNUnXJd2QdFPSLSnp9naaNZnxTwrj37NNeqUBOYkBAAAAAKYQnz53Zs07dfB0ZG18en51FgajfzrZRpp/NmV+M83vOrQbl9/LVjb+1kvm/YsN+7CV5neO34YnFeYNzEOj2vovvS3ovv5HaxbXvxn+G0IUOeS9JP95eCETgLuLTvf1URgG7xdWkKqm4pfKhczwa1zQL3tlZMG/FpdC/JdxCaaRK3zS5DaRQ5tVKsQvStPGN/M1th9TXKdebhF9SxfznNdpDtedgJXjfzh/5190uk/Ozo9Og9Pgzf5Bu32wv7fb9pNtuT/L4RzAUsvsNAAAAAAAAAAAAAAAwH/qjqS71WOuH+8BAAAAYImMvQ3IzOd2orqfIwAAAAAAAAAAAAAAq+5PAAAA//9zA0G5") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000980)='rdma.current\x00', 0x275a, 0x0) 1.524194345s ago: executing program 0 (id=1690): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x2, 0x0, 0x3, 0xb, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x9}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}]}, 0x58}, 0x1, 0x7}, 0x0) 1.490837469s ago: executing program 4 (id=1692): r0 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000001c0)='dyn', &(0x7f0000000380)='i', 0x1) 1.344152574s ago: executing program 0 (id=1694): syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x1c005, &(0x7f00000002c0)={[{@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x200006}}, {@autodefrag}, {@nossd}, {@nossd_spread}, {@noflushoncommit}, {@nodiscard}, {@compress_force}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@datacow}, {@ssd_spread}]}, 0x9, 0x559d, &(0x7f000000ac40)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=") mount(&(0x7f0000000100)=@loop={'/dev/loop', 0x0}, &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0)='btrfs\x00', 0x0, 0x0) 1.323251177s ago: executing program 4 (id=1695): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000000000008500000087000000180100000001692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 923.062942ms ago: executing program 1 (id=1703): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c}, @TCA_VLAN_PUSH_VLAN_ID={0xffffffffffffffcc}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) 830.220642ms ago: executing program 1 (id=1705): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, 0x0) 752.196525ms ago: executing program 3 (id=1706): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8}, @NFTA_CT_SREG={0x8}, @NFTA_CT_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc8}}, 0x0) 737.904565ms ago: executing program 2 (id=1707): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)={0x18, 0x2b, 0x607, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 705.147568ms ago: executing program 1 (id=1708): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x200000, &(0x7f0000000180), 0xfe, 0x56c, &(0x7f0000000740)="$eJzs3V9rU+cfAPDvSf9orb+fFUS2XYyCF3OIqW33x8Eu3OXYZMJ270IbizQ10qRiO2F6MW92M2QwxoSxF7D7XQ3ZG9ircGyCDCnbhTcdJz3R2CZpUlsbm88Hjp7nPE/yPE/O+T59Tp6EBNC3xtN/chGvRsQ3ScSRhrzByDLH18utProxk25JrK19+ncSSXasXj7J/h/NEq9ExG9fRZzKba63srwyXyiViotZeqK6cHWisrxy+vJCYa44V7wyNT199u3pqffefWfH+vrmhX+//+Teh2e/PrH63c8Pjt5J4lwczvIa+9HWgba5NxsT4zGevSZDcW5DwcluGv4SSPa6AWzLQBbnQ5GOAUdiIIt6YP/7MiLWuvd4G48Bek6ynfgH9oH6PKB+b9/xffA+8fCD9Rugzf1P1t8biYO1e6NDq8kzd0bp/e7YDtSf1vHLX3fvpFt08z4EwHO6eSsizgwOth7/tu9MB2U21mH8gxfnXjr/+XUkYlP8557Mf6LJ/Ge0Sexux9bxn3uwvgi1O9L53/tN579PqhwbyFL/q835hpJLl0vFdGz7f0ScjKEDabrdes7Z1ftrrfIa53/pltZfnwtm7XgwuGHNabZQLTxPnxs9vBXx2hbz36TJ+U9fjwsd1nG8ePf1Vnlb9393rf0U8UbT8/90RStpvz45UbseJupXxWb/3D7+e6v697r/6fk/1L7/Y0njem2l+zp+PPi42CpvPMkWTbu8/oeTz2oj03B27HqhWl2cjBhOPq6lnzk+9fSx9XS9fNr/kyeax3+7638kIj7vsP+3j91uWbQXzv9sV+e/+537H33xQ6v6Oxv/3qrtncyOdDL+ddrA53ntAAAAAAAAoNfkhiMOR5LLZ2v6hyOXy+fXP99xLA7lSuVK9dSl8tKV2ah9V3YshnL1le7Rhs9DTGafh62npzakpyPiaER8OzBSS+dnyqXZve48AAAAAAAAAAAAAAAAAAAA9IjRaP79/9SfA3vdOmDX+clv6F/PxP+BJgV24peegJ7k7z/0L/EP/Uv8Q/8S/9C/xD/0L/EP/Uv8Q/8S/wAAAAAAAAAAAAAAAAAAAAAAAAAAALCjLpw/n25rq49uzETEwbi2vDRfvnZ6tliZzy8szeRnyotX83Pl8lypmJ8pL2z1fKVy+erkVCxdn6gWK9WJyvLKxYXy0pXqxcsLhbnixeLQi+kWAAAAAAAAAAAAAAAAAAAAvFQqyyvzhVKpuNgfO3/0RjP2085gbzTDzmJlJHbwCfd6ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp/4LAAD//4aJNJ8=") rename(&(0x7f0000000600)='./file0\x00', &(0x7f0000000f40)='./file1\x00') 592.236058ms ago: executing program 2 (id=1709): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xdcc2, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000080)={0x0, 0x101b}) 548.889946ms ago: executing program 2 (id=1710): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000001c40)=@newtaction={0x5c, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x0, 0xf000000}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x5c}}, 0x0) 508.589344ms ago: executing program 2 (id=1711): syz_emit_ethernet(0xa6, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x70, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "005ff92900ddab4992020900"}]}}}}}}, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000000)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff}}}}}}, 0x0) 480.274563ms ago: executing program 3 (id=1712): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f80)={'veth0_to_batadv\x00', &(0x7f0000000080)=@ethtool_drvinfo={0x3, "5901526dbf49c89a4d7b2b6f1120f5fa29e1cfecedd6722b08785ff138d2038a", "2a9c114310d268006628da82b1b1e2ce3c00", "4775f6ebd73087bb1015bedb88319f83a4241a64f2f651aae7912d84830bdfcb", "852162a4e20a0cd13c70b3a9fa32d7a0a398712d809ee8b467dcfaa72633fb66", "acc449919ff475c276cd39eb59cfb1f40be31cb6eb0021cd00", "93276e29db3b8b274ec6f705"}}) 348.564797ms ago: executing program 3 (id=1713): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000002680), 0x2, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000002800)={0xd, @raw_data="69790721ad9dda99a3048893ebb44d35505f5b0ec66a792e11ab4f366d64c28dfc378b09a6241a3a420e1229b01d7909e1eae0637cd2342502f7ac2c70be19107213cdeedb53698feb96b71fec57eb65380cc3c96e62cbe5b2ded27669dadd429269aa408090cbca0970cb4ca83c1d7e029beb16a5384aa53b546787fc1a7b7adbe29383981fabe7391f7f46769260c2f4fa21cedda25d27433c7b15302674afec88fc6b50704a3c830b03f0edafc561b19d7baa6ab37fc0026c54b4f3655f05622b4e288b06dab5"}) 336.585286ms ago: executing program 2 (id=1714): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000007c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x470, 0x340, 0xb0, 0xb0, 0x290, 0x0, 0x3d8, 0x3d8, 0x3d8, 0x3d8, 0x3d8, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'nicvf0\x00', 'netdevsim0\x00', {}, {}, 0x6, 0x0, 0x61}, 0x0, 0x70, 0xb0}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@local}}}, {{@ip={@local, @loopback, 0x0, 0x0, 'wg2\x00', 'veth0\x00'}, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @inet=@TOS={0x28}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@set={{0x40}}, @common=@socket0={{0x20}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x70, 0xb0}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@empty}}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'nr0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4d0) 296.869497ms ago: executing program 4 (id=1715): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x1410, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}}, 0x0) 244.523142ms ago: executing program 1 (id=1716): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) unlinkat(0xffffffffffffff9c, 0x0, 0x0) 244.414071ms ago: executing program 3 (id=1717): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000080)=@echo=0x8) 244.150312ms ago: executing program 4 (id=1718): r0 = socket(0x23, 0x5, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, 0x0, 0x0) 137.653459ms ago: executing program 1 (id=1719): r0 = syz_open_dev$video4linux(&(0x7f0000000200), 0x9f000000000000, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000340)={0x1, 0x0, {0x1, 0x0, 0x200e, 0x0, 0x3, 0xa, 0x1, 0x6}}) 137.251236ms ago: executing program 4 (id=1720): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x2c, 0xb, 0x6, 0x801, 0x0, 0x0, {0x6, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008040}, 0x4800) 108.738999ms ago: executing program 2 (id=1721): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000014c0)=ANY=[@ANYBLOB="a0010000100001000000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061b10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000af0000000000000048000200656362286369706865725f6e756c6c29000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000004c001400636d616328616573290000"], 0x1a0}}, 0x0) 64.16024ms ago: executing program 3 (id=1722): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0x8, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 20.660018ms ago: executing program 1 (id=1723): r0 = openat$vicodec1(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VIDIOC_G_PRIORITY(r0, 0x80045643, 0x914f989e7507b04d) 0s ago: executing program 3 (id=1724): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000400)={{0x2, 0x4e24, @empty}, {0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xfc}}, 0x14, {0x2, 0x0, @multicast1=0xe000cc02}}) kernel console output (not intermixed with test programs): 143] (syz.1.322,6143,0):ocfs2_symlink:1922 ERROR: status = -5 [ 68.332033][ T6228] bond1: entered promiscuous mode [ 68.340476][ T6228] bond1: entered allmulticast mode [ 68.346426][ T6228] 8021q: adding VLAN 0 to HW filter on device bond1 [ 68.353146][ T6143] (syz.1.322,6143,1):ocfs2_symlink:2076 ERROR: status = -5 [ 68.392802][ T6228] bond1 (unregistering): Released all slaves [ 68.393737][ T5240] ocfs2: Unmounting device (7,1) on (node local) [ 68.426949][ T6237] loop0: detected capacity change from 0 to 64 [ 68.513913][ T6237] Trying to free block not in datazone [ 68.529074][ T6237] Trying to free block not in datazone [ 68.536753][ T6237] Trying to free block not in datazone [ 68.656221][ T6243] loop1: detected capacity change from 0 to 8192 [ 68.685020][ T6243] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 68.715426][ T6243] FAT-fs (loop1): error, clusters badly computed (1 != 0) [ 68.734413][ T6243] FAT-fs (loop1): Filesystem has been set read-only [ 68.741503][ T6243] FAT-fs (loop1): error, clusters badly computed (2 != 1) [ 68.816364][ T6259] netlink: 12 bytes leftover after parsing attributes in process `syz.3.380'. [ 68.989233][ T6275] netlink: 160 bytes leftover after parsing attributes in process `syz.0.387'. [ 69.006870][ T6269] loop3: detected capacity change from 0 to 4096 [ 69.013145][ T6275] netlink: 160 bytes leftover after parsing attributes in process `syz.0.387'. [ 69.042142][ T6275] netlink: 76 bytes leftover after parsing attributes in process `syz.0.387'. [ 69.063407][ T6281] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 69.095600][ T6269] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 69.129340][ T6269] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=12) [ 69.144499][ T6286] netlink: 8 bytes leftover after parsing attributes in process `syz.1.390'. [ 69.167030][ T6269] Remounting filesystem read-only [ 69.172075][ T6269] NILFS (loop3): error -5 truncating bmap (ino=12) [ 69.244430][ T5241] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 69.513190][ T6270] loop4: detected capacity change from 0 to 32768 [ 69.521343][ T6270] XFS: ikeep mount option is deprecated. [ 69.533815][ T6300] loop3: detected capacity change from 0 to 2048 [ 69.541640][ T6300] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 69.594384][ T5293] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 69.640953][ T6285] loop0: detected capacity change from 0 to 32768 [ 69.650106][ T6304] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 69.665037][ T6285] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.391 (6285) [ 69.691540][ T6270] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 69.702629][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 69.703879][ T6296] loop1: detected capacity change from 0 to 32768 [ 69.716168][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 69.733245][ T6300] Remounting filesystem read-only [ 69.743725][ T6285] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 69.763899][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 69.776905][ T6285] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 69.786626][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 69.797868][ T6285] BTRFS info (device loop0): disk space caching is enabled [ 69.805137][ T6285] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 69.815576][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 69.831349][ T6270] XFS (loop4): Ending clean mount [ 69.839753][ T6270] XFS (loop4): Quotacheck needed: Please wait. [ 69.848228][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 69.858459][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 69.869261][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 69.882029][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 69.892442][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 69.902289][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 69.904372][ T5293] usb 3-1: Using ep0 maxpacket: 32 [ 69.912791][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 69.921553][ T5293] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 69.928645][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 69.942139][ T6270] XFS (loop4): Quotacheck: Done. [ 69.949741][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 69.958089][ T5293] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 69.977056][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 69.978161][ T5293] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.990737][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 69.995650][ T5293] usb 3-1: Product: syz [ 69.995665][ T5293] usb 3-1: Manufacturer: syz [ 69.995677][ T5293] usb 3-1: SerialNumber: syz [ 70.006785][ T5293] usb 3-1: config 0 descriptor?? [ 70.013730][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 70.022983][ T6285] BTRFS info (device loop0): rebuilding free space tree [ 70.024842][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 70.038859][ T5293] usb 3-1: bad CDC descriptors [ 70.042271][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 70.051091][ T5293] usb 3-1: unsupported MDLM descriptors [ 70.058340][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 70.082167][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 70.083125][ T6285] BTRFS info (device loop0): disabling free space tree [ 70.092834][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 70.099862][ T6285] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 70.109329][ T5253] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 70.118926][ T6285] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 70.145076][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 70.162321][ T6285] BTRFS info (device loop0): balance: start -susage=15968688406537,stripes=0..262144 [ 70.173344][ T6285] BTRFS info (device loop0): relocating block group 1048576 flags system [ 70.216096][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 70.216854][ T6285] BTRFS info (device loop0): balance: ended with status: 0 [ 70.254563][ T5294] usb 3-1: USB disconnect, device number 5 [ 70.264903][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 70.298692][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 70.326142][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 70.339774][ T5236] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 70.353850][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 70.369029][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 70.391179][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 70.418818][ T6300] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 70.429319][ T6300] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 70.439851][ T29] audit: type=1800 audit(1728374271.277:5): pid=6300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.398" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 70.448047][ T6300] syz.3.398 (6300) used greatest stack depth: 17712 bytes left [ 70.613944][ T6340] netlink: 'syz.3.405': attribute type 1 has an invalid length. [ 70.632819][ T6340] nbd: couldn't find device at index 131082 [ 70.668969][ T6344] openvswitch: netlink: Missing key (keys=1000040, expected=2000) [ 70.725024][ T5293] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 70.914908][ T5293] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 70.924122][ T5293] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.956359][ T5293] usb 5-1: config 0 descriptor?? [ 71.139013][ T6390] openvswitch: netlink: Key type 29 is not supported [ 71.171391][ T5293] [drm] vendor descriptor length:6 data:06 5f 41 d9 02 45 00 00 00 00 00 [ 71.211753][ T5293] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 71.276880][ T6398] netlink: 'syz.2.434': attribute type 23 has an invalid length. [ 71.369407][ T5293] [drm:udl_init] *ERROR* Selecting channel failed [ 71.406189][ T5293] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 71.433235][ T5293] [drm] Initialized udl on minor 2 [ 71.454539][ T5293] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 71.477871][ T5293] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 71.499829][ T5342] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 71.509037][ T5293] usb 5-1: USB disconnect, device number 5 [ 71.518824][ T5342] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 71.521126][ T6410] loop1: detected capacity change from 0 to 2048 [ 71.593635][ T6410] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.616636][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.626362][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.654977][ T6387] loop0: detected capacity change from 0 to 32768 [ 71.665948][ T6387] XFS: ikeep mount option is deprecated. [ 71.678841][ T6410] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.819033][ T6387] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 71.832880][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.980442][ T6437] netlink: 'syz.4.447': attribute type 1 has an invalid length. [ 71.995453][ T6387] XFS (loop0): Ending clean mount [ 72.002247][ T6387] XFS (loop0): Quotacheck needed: Please wait. [ 72.004519][ T6419] loop3: detected capacity change from 0 to 40427 [ 72.037446][ T6419] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 72.044879][ T6419] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 72.111166][ T6387] XFS (loop0): Quotacheck: Done. [ 72.161271][ T6419] F2FS-fs (loop3): invalid crc value [ 72.189748][ T6419] F2FS-fs (loop3): Found nat_bits in checkpoint [ 72.229582][ T5236] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 72.299888][ T6419] F2FS-fs (loop3): Start checkpoint disabled! [ 72.349939][ T6419] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 72.372830][ T6419] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 72.390922][ T6465] netlink: 'syz.0.454': attribute type 1 has an invalid length. [ 72.398931][ T6465] __nla_validate_parse: 10 callbacks suppressed [ 72.398945][ T6465] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.454'. [ 72.414972][ T6465] netlink: 'syz.0.454': attribute type 1 has an invalid length. [ 72.480597][ T29] audit: type=1326 audit(1728374273.317:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6469 comm="syz.0.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 72.502608][ C0] vkms_vblank_simulate: vblank timer overrun [ 72.515604][ T6419] F2FS-fs (loop3): disabling checkpoint not compatible with read-only [ 72.541253][ T29] audit: type=1326 audit(1728374273.377:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6469 comm="syz.0.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 72.564961][ T29] audit: type=1326 audit(1728374273.377:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6469 comm="syz.0.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 72.586948][ C0] vkms_vblank_simulate: vblank timer overrun [ 72.594906][ T29] audit: type=1326 audit(1728374273.377:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6469 comm="syz.0.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 72.623515][ T29] audit: type=1326 audit(1728374273.377:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6469 comm="syz.0.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 72.653556][ T6480] usb usb8: usbfs: process 6480 (syz.4.466) did not claim interface 0 before use [ 72.723268][ T6483] netlink: 892 bytes leftover after parsing attributes in process `syz.0.468'. [ 72.751709][ T6485] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 72.988916][ T6504] netlink: 20 bytes leftover after parsing attributes in process `syz.0.476'. [ 73.011380][ T6506] tmpfs: Bad value for 'mpol' [ 73.137117][ T6512] bond1: entered promiscuous mode [ 73.142632][ T6512] bond1: entered allmulticast mode [ 73.148818][ T6512] 8021q: adding VLAN 0 to HW filter on device bond1 [ 73.160368][ T6519] loop2: detected capacity change from 0 to 1764 [ 73.198404][ T6512] bond1 (unregistering): Released all slaves [ 73.411822][ T6534] bpf: Bad value for 'mode' [ 73.624448][ T5293] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 73.625056][ T6523] loop4: detected capacity change from 0 to 32768 [ 73.658483][ T6523] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.487 (6523) [ 73.705389][ T6523] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 73.729243][ T6523] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 73.752965][ T6523] BTRFS info (device loop4): using free-space-tree [ 73.817245][ T5293] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 73.828286][ T5293] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 73.844155][ T5293] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.855483][ T5293] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 73.884890][ T6532] loop3: detected capacity change from 0 to 32768 [ 73.925142][ T6532] loop3: p1 p2 p3 < p5 p6 > [ 73.929892][ T6532] loop3: p1 size 242222080 extends beyond EOD, truncated [ 73.952795][ T5253] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 73.994661][ T4688] loop3: p1 p2 p3 < p5 p6 > [ 74.006472][ T4688] loop3: p1 size 242222080 extends beyond EOD, truncated [ 74.029804][ T6571] ERROR: device name not specified. [ 74.371160][ T6575] loop4: detected capacity change from 0 to 40427 [ 74.379818][ T6575] F2FS-fs (loop4): Corrupted extension count (64 + 1 > 64) [ 74.385998][ T6542] loop1: detected capacity change from 0 to 40427 [ 74.387188][ T6575] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 74.418407][ T6542] F2FS-fs (loop1): invalid crc value [ 74.453272][ T6575] F2FS-fs (loop4): Found nat_bits in checkpoint [ 74.453881][ T6542] F2FS-fs (loop1): Found nat_bits in checkpoint [ 74.483790][ T6594] netlink: 14 bytes leftover after parsing attributes in process `syz.2.509'. [ 74.514927][ T6575] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 74.519981][ T6542] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 74.522077][ T6575] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 74.606865][ T5626] udevd[5626]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 74.607319][ T5260] udevd[5260]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 74.679526][ T5247] udevd[5247]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory [ 74.690955][ T5260] udevd[5260]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 74.701406][ T5626] udevd[5626]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 74.721938][ T6602] loop3: detected capacity change from 0 to 64 [ 74.776976][ T6602] Trying to free block not in datazone [ 74.803004][ T6600] loop2: detected capacity change from 0 to 4096 [ 74.824193][ T6600] ntfs3: Bad value for 'gid' [ 74.847661][ T6600] ntfs3: Bad value for 'gid' [ 74.899886][ T5293] stv0680 1-1:4.0: STV(e): camera ping failed!! [ 75.035906][ T6610] loop1: detected capacity change from 0 to 64 [ 75.100676][ T5293] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 75.126318][ T5293] stv0680 1-1:4.0: last error: 0, command = 0x0 [ 75.158168][ T5293] usb 1-1: USB disconnect, device number 4 [ 75.358008][ T6600] loop2: detected capacity change from 0 to 32768 [ 75.364809][ T1849] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 75.383067][ T6600] jfs: Bad value for 'gid' [ 75.390807][ T6600] jfs: Bad value for 'gid' [ 75.535797][ T1849] usb 2-1: Using ep0 maxpacket: 16 [ 75.536356][ T6618] loop3: detected capacity change from 0 to 32768 [ 75.547459][ T1849] usb 2-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice=93.b9 [ 75.550569][ T6618] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.520 (6618) [ 75.576161][ T6618] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 75.581925][ T1849] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 75.590658][ T6618] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 75.604640][ T1849] usb 2-1: Product: syz [ 75.608773][ T6618] BTRFS info (device loop3): using free-space-tree [ 75.613408][ T1849] usb 2-1: Manufacturer: syz [ 75.641915][ T1849] usb 2-1: SerialNumber: syz [ 75.663096][ T1849] usb 2-1: config 0 descriptor?? [ 75.665513][ T6635] loop0: detected capacity change from 0 to 1024 [ 75.674540][ T939] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 75.688543][ T6635] hfsplus: Filesystem is marked locked, mounting read-only. [ 75.709483][ T6635] hfsplus: filesystem is marked locked, leaving read-only. [ 75.854467][ T939] usb 3-1: Using ep0 maxpacket: 8 [ 75.878696][ T939] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 75.898422][ T939] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83 [ 75.917324][ T1849] speedtch 2-1:0.0: speedtch_bind: wrong device class 141 [ 75.924412][ T939] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 75.933890][ T1849] speedtch 2-1:0.0: usbatm_usb_probe: bind failed: -19! [ 75.969653][ T939] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 76.033829][ T939] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 76.054178][ T939] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.063329][ T5241] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 76.075840][ T939] usb 3-1: Product: syz [ 76.080028][ T939] usb 3-1: Manufacturer: syz [ 76.103459][ T939] usb 3-1: SerialNumber: syz [ 76.126524][ T6676] netlink: 16 bytes leftover after parsing attributes in process `syz.0.541'. [ 76.150067][ T939] usb 3-1: config 0 descriptor?? [ 76.181073][ T5294] usb 2-1: USB disconnect, device number 4 [ 76.198491][ T939] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input8 [ 76.403711][ T6626] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 76.410265][ T6626] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 76.423828][ T6626] vhci_hcd vhci_hcd.0: Device attached [ 76.438334][ T6692] vhci_hcd: connection closed [ 76.438665][ T11] vhci_hcd: stop threads [ 76.449396][ T939] imon:send_packet: packet tx failed (-71) [ 76.457756][ T11] vhci_hcd: release socket [ 76.474277][ T11] vhci_hcd: disconnect device [ 76.474465][ T939] imon 3-1:0.0: panel buttons/knobs setup failed [ 76.564469][ T939] rc_core: IR keymap rc-imon-pad not found [ 76.570458][ T939] Registered IR keymap rc-empty [ 76.576995][ T939] imon 3-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 76.603141][ T939] imon 3-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 76.648159][ T939] imon:send_packet: packet tx failed (-71) [ 76.669573][ T6711] binfmt_misc: register: failed to install interpreter file ./bus/file0 [ 76.689055][ T939] imon 3-1:0.0: remote input dev register failed [ 76.734996][ T57] cfg80211: failed to load regulatory.db [ 76.743516][ T939] imon 3-1:0.0: imon_init_intf0: rc device setup failed [ 76.827809][ T939] imon 3-1:0.0: unable to initialize intf0, err 0 [ 76.852959][ T939] imon:imon_probe: failed to initialize context! [ 76.864485][ T939] imon 3-1:0.0: unable to register, err -19 [ 76.887334][ T6724] loop0: detected capacity change from 0 to 16 [ 76.934645][ T6724] erofs: (device loop0): mounted with root inode @ nid 36. [ 76.958654][ T939] usb 3-1: USB disconnect, device number 6 [ 77.030467][ T6731] loop0: detected capacity change from 0 to 128 [ 77.073605][ T6702] loop4: detected capacity change from 0 to 32768 [ 77.106698][ T6702] (syz.4.552,6702,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 77.124003][ T6736] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 77.137567][ T6702] (syz.4.552,6702,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 77.138959][ T6734] loop3: detected capacity change from 0 to 512 [ 77.155978][ T6736] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 77.183902][ T6734] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 77.200664][ T6702] JBD2: Ignoring recovery information on journal [ 77.257809][ T6702] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 77.276982][ T6734] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.303392][ T6734] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.380444][ T5253] ocfs2: Unmounting device (7,4) on (node local) [ 77.446315][ T5241] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.540614][ T6765] trusted_key: encrypted_key: master key parameter 'u' is invalid [ 77.545263][ T5294] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 77.690622][ T6781] loop0: detected capacity change from 0 to 64 [ 77.724590][ T5294] usb 3-1: Using ep0 maxpacket: 8 [ 77.777626][ T5294] usb 3-1: config 8 has an invalid interface number: 188 but max is 0 [ 77.786008][ T5294] usb 3-1: config 8 has no interface number 0 [ 77.792120][ T5294] usb 3-1: config 8 interface 188 altsetting 0 has an endpoint descriptor with address 0xFD, changing to 0x8D [ 77.806613][ T5294] usb 3-1: config 8 interface 188 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 77.826481][ T5294] usb 3-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=8f.67 [ 77.835824][ T5294] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.848407][ T5294] usb 3-1: Product: syz [ 77.852623][ T5294] usb 3-1: Manufacturer: syz [ 77.857955][ T5294] usb 3-1: SerialNumber: syz [ 78.086115][ T5294] comedi comedi0: driver 'vmk80xx' has successfully auto-configured 'K8055 (VM110)'. [ 78.120632][ T5294] usb 3-1: USB disconnect, device number 7 [ 78.308566][ T6833] devtmpfs: Cannot enable quota on remount [ 78.362910][ T6834] xt_CT: No such helper "snmp_trap" [ 78.472600][ T6846] loop4: detected capacity change from 0 to 1024 [ 78.569596][ T6856] netlink: 16 bytes leftover after parsing attributes in process `syz.1.623'. [ 78.706678][ T6870] loop2: detected capacity change from 0 to 64 [ 78.743751][ T6870] Trying to free block not in datazone [ 78.764881][ T6870] Trying to free block not in datazone [ 78.770379][ T6870] Trying to free block not in datazone [ 78.803745][ T6870] Trying to free block not in datazone [ 78.824662][ T6870] Trying to free block not in datazone [ 78.858683][ T6870] minix_free_block (loop2:6): bit already cleared [ 78.909487][ T6870] Trying to free block not in datazone [ 79.095058][ T6908] netlink: 132 bytes leftover after parsing attributes in process `syz.4.649'. [ 79.306236][ T6931] netlink: 8 bytes leftover after parsing attributes in process `syz.4.659'. [ 79.372453][ T6934] tmpfs: Bad value for 'mpol' [ 79.416546][ T6941] netlink: 'syz.4.663': attribute type 15 has an invalid length. [ 79.430165][ T6943] tmpfs: Bad value for 'mpol' [ 79.435549][ T6941] netlink: 140 bytes leftover after parsing attributes in process `syz.4.663'. [ 79.561761][ T6957] loop3: detected capacity change from 0 to 8 [ 79.587163][ T6959] netlink: 'syz.0.671': attribute type 3 has an invalid length. [ 79.596194][ T6959] netlink: 132 bytes leftover after parsing attributes in process `syz.0.671'. [ 79.608786][ T6957] SQUASHFS error: zlib decompression failed, data probably corrupt [ 79.611146][ T6962] netlink: 'syz.4.670': attribute type 4 has an invalid length. [ 79.627141][ T6957] SQUASHFS error: Failed to read block 0x13e: -5 [ 79.652355][ T6957] SQUASHFS error: Unable to read metadata cache entry [13c] [ 79.690009][ T6957] SQUASHFS error: Unable to read directory block [13c:26] [ 79.716962][ T6967] netlink: 'syz.0.673': attribute type 1 has an invalid length. [ 79.921526][ T6988] loop4: detected capacity change from 0 to 16 [ 79.939349][ T6991] dlm: no local IP address has been set [ 79.946544][ T6991] dlm: cannot start dlm midcomms -107 [ 79.975106][ T6988] erofs: (device loop4): mounted with root inode @ nid 36. [ 80.056439][ T6999] netlink: 'syz.4.690': attribute type 3 has an invalid length. [ 80.094513][ T6999] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.690'. [ 80.340731][ T7021] loop3: detected capacity change from 0 to 256 [ 80.384907][ T6955] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 80.390854][ T6955] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 80.478708][ T6995] loop1: detected capacity change from 0 to 32768 [ 80.500886][ T6955] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 80.503085][ T7021] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 80.534866][ T6955] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 80.585613][ T6995] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 80.624171][ T7034] loop4: detected capacity change from 0 to 4096 [ 80.656367][ T6955] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 80.662490][ T6955] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 80.685737][ T5240] ocfs2: Unmounting device (7,1) on (node local) [ 80.788696][ T6955] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 80.798866][ T6955] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 80.832559][ T7032] loop0: detected capacity change from 0 to 32768 [ 80.859420][ T7041] loop1: detected capacity change from 0 to 64 [ 80.881894][ T6955] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 80.889167][ T6955] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 80.923869][ T7041] hfs: keylen 94 too large [ 80.928954][ T7041] hfs: inconsistency in B*Tree (1,0,1,0,3) [ 80.938120][ T7047] netlink: 8 bytes leftover after parsing attributes in process `syz.3.712'. [ 80.948831][ T7047] netlink: 8 bytes leftover after parsing attributes in process `syz.3.712'. [ 81.211070][ T7066] loop0: detected capacity change from 0 to 1764 [ 81.424473][ T7082] loop2: detected capacity change from 0 to 65 [ 81.433240][ T7082] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway [ 81.734141][ T7109] loop3: detected capacity change from 0 to 256 [ 81.750606][ T7108] netlink: 40 bytes leftover after parsing attributes in process `syz.4.741'. [ 81.782290][ T7112] loop0: detected capacity change from 0 to 8 [ 81.784202][ T7108] netlink: 8 bytes leftover after parsing attributes in process `syz.4.741'. [ 81.814183][ T7113] loop2: detected capacity change from 0 to 256 [ 81.820887][ T7112] SQUASHFS error: zlib decompression failed, data probably corrupt [ 81.828124][ T7113] exfat: Deprecated parameter 'namecase' [ 81.833669][ T7058] loop1: detected capacity change from 0 to 32768 [ 81.847917][ T7108] (unnamed net_device) (uninitialized): down delay (37750) is not a multiple of miimon (7), value rounded to 37744 ms [ 81.863837][ T7112] SQUASHFS error: Failed to read block 0x4e8: -5 [ 81.869108][ T7113] exfat: Deprecated parameter 'namecase' [ 81.912185][ T29] audit: type=1800 audit(1728374282.747:11): pid=7112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.744" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 81.923182][ T7113] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 81.966830][ T7058] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 82.101616][ T7058] XFS (loop1): Ending clean mount [ 82.179005][ T5240] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 82.346889][ T7152] netlink: 'syz.4.761': attribute type 2 has an invalid length. [ 82.374152][ T7152] netlink: 'syz.4.761': attribute type 1 has an invalid length. [ 82.441151][ T7160] loop3: detected capacity change from 0 to 8 [ 82.511813][ T7160] SQUASHFS error: Failed to read block 0x60: -5 [ 82.535547][ T29] audit: type=1800 audit(1728374283.357:12): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.764" name="file1" dev="loop3" ino=1 res=0 errno=0 [ 82.724649][ T5294] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 82.875096][ T5294] usb 2-1: Using ep0 maxpacket: 8 [ 82.884736][ T5294] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 82.893891][ T5294] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.914376][ T5291] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 82.931623][ T5294] usb 2-1: Product: syz [ 82.944356][ T5294] usb 2-1: Manufacturer: syz [ 82.948989][ T5294] usb 2-1: SerialNumber: syz [ 82.967996][ T5294] usb 2-1: config 0 descriptor?? [ 82.980306][ T7196] loop4: detected capacity change from 0 to 4096 [ 83.013923][ T7186] loop0: detected capacity change from 0 to 32768 [ 83.023409][ T7186] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.777 (7186) [ 83.049137][ T7186] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 83.063953][ T7186] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 83.084822][ T8] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 83.094660][ T5291] usb 3-1: Using ep0 maxpacket: 16 [ 83.111298][ T7186] BTRFS info (device loop0): using free-space-tree [ 83.142380][ T5291] usb 3-1: config 1 has an invalid interface descriptor of length 5, skipping [ 83.156143][ T5291] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 83.166185][ T5291] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 83.180175][ T5291] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 83.181096][ T5294] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 83.192879][ T5291] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 83.198302][ T7201] kAFS: unable to lookup cell '/' [ 83.208256][ T5291] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.231780][ T5291] usb 3-1: Product: syz [ 83.244373][ T5291] usb 3-1: Manufacturer: syz [ 83.249009][ T5291] usb 3-1: SerialNumber: syz [ 83.284500][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 83.295963][ T8] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 83.311216][ T8] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 83.335102][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 83.344556][ T8] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 83.350619][ T7218] loop4: detected capacity change from 0 to 64 [ 83.352901][ T8] usb 4-1: Product: syz [ 83.352918][ T8] usb 4-1: Manufacturer: syz [ 83.372587][ T8] hub 4-1:4.0: USB hub found [ 83.384284][ T5294] usb write operation failed. (-71) [ 83.419220][ T5294] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 83.492407][ T5294] dvbdev: DVB: registering new adapter (Terratec H7) [ 83.503796][ T5291] usb 3-1: 0:2 : does not exist [ 83.510574][ T5291] usb 3-1: unit 4 not found! [ 83.513042][ T5294] usb 2-1: media controller created [ 83.523534][ T5236] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 83.528575][ T5291] usb 3-1: USB disconnect, device number 8 [ 83.535783][ T5294] usb read operation failed. (-71) [ 83.557679][ T5294] usb write operation failed. (-71) [ 83.569214][ T5294] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 83.597036][ T5294] usb 2-1: USB disconnect, device number 5 [ 83.607912][ T8] hub 4-1:4.0: config failed, hub has too many ports! (err -19) [ 83.901044][ T7249] loop0: detected capacity change from 0 to 1024 [ 83.927459][ T7249] hfsplus: invalid catalog entry type in lookup [ 83.962589][ T57] usb 4-1: USB disconnect, device number 3 [ 84.284056][ T7281] cgroup: Invalid name [ 84.293643][ T7282] netlink: 'syz.0.815': attribute type 1 has an invalid length. [ 84.382853][ T7287] __nla_validate_parse: 6 callbacks suppressed [ 84.382871][ T7287] netlink: 164 bytes leftover after parsing attributes in process `syz.4.818'. [ 84.646875][ T7313] netlink: 8 bytes leftover after parsing attributes in process `syz.2.831'. [ 84.898047][ T7283] loop1: detected capacity change from 0 to 32768 [ 84.925934][ T7335] netlink: 36 bytes leftover after parsing attributes in process `syz.3.842'. [ 84.961353][ T7283] JBD2: Ignoring recovery information on journal [ 85.014435][ T5291] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 85.111462][ T7283] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 85.193756][ T5240] ocfs2: Unmounting device (7,1) on (node local) [ 85.203813][ T5291] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 85.232175][ T5291] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 85.266192][ T5291] usb 5-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00 [ 85.299682][ T7344] loop0: detected capacity change from 0 to 32768 [ 85.324181][ T5291] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.326055][ T7344] [ 85.326055][ T7344] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 85.326055][ T7344] [ 85.373338][ T5291] usb 5-1: config 0 descriptor?? [ 85.408976][ T35] read_mapping_page failed! [ 85.413520][ T35] ERROR: (device loop0): txCommit: [ 85.413520][ T35] [ 85.423478][ T35] jfs_write_inode: jfs_commit_inode failed! [ 85.430309][ T5236] [ 85.430309][ T5236] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 85.430309][ T5236] [ 85.441037][ T5236] [ 85.441037][ T5236] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 85.441037][ T5236] [ 85.602852][ T5291] usbhid 5-1:0.0: can't add hid device: -71 [ 85.630923][ T5291] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 85.662880][ T5291] usb 5-1: USB disconnect, device number 6 [ 85.766778][ T7391] tmpfs: Bad value for 'usrquota_block_hardlimit' [ 85.882994][ T7403] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551614) [ 85.897025][ T7403] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 85.964370][ T5293] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 86.094639][ T5294] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 86.119810][ T5293] usb 3-1: Using ep0 maxpacket: 16 [ 86.140018][ T5293] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC6, changing to 0x86 [ 86.173842][ T5293] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 86.206641][ T5293] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 0 [ 86.225926][ T5293] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 86.267211][ T5293] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 86.287964][ T7438] netlink: 'syz.1.890': attribute type 3 has an invalid length. [ 86.297435][ T5293] usb 3-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 86.300657][ T5294] usb 4-1: Using ep0 maxpacket: 32 [ 86.315458][ T5293] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.323237][ T7438] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.890'. [ 86.333546][ T5294] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 219 [ 86.334713][ T5293] usb 3-1: Product: syz [ 86.346701][ T5294] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 86.358840][ T5294] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.366423][ T5293] usb 3-1: Manufacturer: syz [ 86.367239][ T5294] usb 4-1: Product: syz [ 86.384770][ T5293] usb 3-1: SerialNumber: syz [ 86.395696][ T5294] usb 4-1: Manufacturer: syz [ 86.399871][ T5293] usb 3-1: config 0 descriptor?? [ 86.409677][ T5294] usb 4-1: SerialNumber: syz [ 86.418665][ T7444] loop4: detected capacity change from 0 to 1024 [ 86.420490][ T5293] port100 3-1:0.0: NFC: Could not get supported command types [ 86.459951][ T5294] usb 4-1: config 0 descriptor?? [ 86.478469][ T7399] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 86.488762][ T5294] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 86.717533][ T7465] overlayfs: missing 'lowerdir' [ 86.728303][ T5291] usb 3-1: USB disconnect, device number 9 [ 86.756810][ T7467] loop1: detected capacity change from 0 to 16 [ 86.784701][ T7467] erofs: (device loop1): mounted with root inode @ nid 36. [ 86.829814][ T939] usb 4-1: USB disconnect, device number 4 [ 86.850208][ T7467] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 86.873895][ T7467] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -35 in[64, 4032] out[1851] [ 86.912533][ T7467] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 87.549511][ T7498] loop4: detected capacity change from 0 to 32768 [ 87.667900][ T7532] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 87.795244][ T7541] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (222) [ 87.967594][ T29] audit: type=1326 audit(1728374288.807:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.0.950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 88.000585][ T29] audit: type=1326 audit(1728374288.807:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.0.950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 88.071767][ T29] audit: type=1326 audit(1728374288.807:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.0.950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 88.093396][ T7571] loop0: detected capacity change from 0 to 64 [ 88.120581][ T29] audit: type=1326 audit(1728374288.827:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.0.950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 88.198280][ T7579] x_tables: duplicate underflow at hook 1 [ 88.217196][ T7578] loop4: detected capacity change from 0 to 16 [ 88.260652][ T7578] erofs: (device loop4): mounted with root inode @ nid 36. [ 88.263912][ T29] audit: type=1326 audit(1728374288.827:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.0.950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a88d7dff9 code=0x7ffc0000 [ 88.429972][ T29] audit: type=1326 audit(1728374289.267:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.2.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b95b7dff9 code=0x7ffc0000 [ 88.459903][ T7600] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 88.517119][ T29] audit: type=1326 audit(1728374289.277:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.2.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b95b7dff9 code=0x7ffc0000 [ 88.574028][ T29] audit: type=1326 audit(1728374289.277:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.2.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7f0b95b7dff9 code=0x7ffc0000 [ 88.678112][ T29] audit: type=1326 audit(1728374289.277:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.2.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b95b7dff9 code=0x7ffc0000 [ 88.702969][ T29] audit: type=1326 audit(1728374289.277:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.2.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b95b7dff9 code=0x7ffc0000 [ 88.915494][ T7646] loop0: detected capacity change from 0 to 16 [ 88.925382][ T5291] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 88.972481][ T7646] erofs: (device loop0): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 88.991501][ T7646] erofs: (device loop0): mounted with root inode @ nid 36. [ 89.002577][ T7651] loop4: detected capacity change from 0 to 164 [ 89.014925][ T7646] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 89.066621][ T7656] tmpfs: Bad value for 'grpquota_block_hardlimit' [ 89.096509][ T5291] usb 4-1: config 0 has an invalid interface number: 117 but max is 0 [ 89.114674][ T5291] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 89.133880][ T5291] usb 4-1: config 0 has no interface number 0 [ 89.141663][ T7658] netlink: 132 bytes leftover after parsing attributes in process `syz.0.999'. [ 89.163956][ T5291] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 89.195350][ T5291] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 89.224128][ T7666] netlink: 'syz.2.1003': attribute type 1 has an invalid length. [ 89.227036][ T5291] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 89.242766][ T7666] netlink: 'syz.2.1003': attribute type 2 has an invalid length. [ 89.244522][ T5291] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.251735][ T7666] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1003'. [ 89.262305][ T5291] usb 4-1: Product: syz [ 89.267729][ T5294] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 89.301035][ T5291] usb 4-1: Manufacturer: syz [ 89.306414][ T5291] usb 4-1: SerialNumber: syz [ 89.307719][ T7666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1003'. [ 89.312792][ T5291] usb 4-1: config 0 descriptor?? [ 89.481536][ T5294] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 89.491742][ T5294] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.509988][ T5294] usb 2-1: config 0 descriptor?? [ 89.620727][ T7696] loop2: detected capacity change from 0 to 512 [ 89.702599][ T7707] loop4: detected capacity change from 0 to 164 [ 89.729060][ T7696] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 89.737945][ T5291] usbtouchscreen 4-1:0.117: probe with driver usbtouchscreen failed with error -71 [ 89.754080][ T5294] [drm] vendor descriptor length:6 data:06 5f 41 d9 02 45 00 00 00 00 00 [ 89.755475][ T5291] usb 4-1: USB disconnect, device number 5 [ 89.769740][ T5294] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 89.779452][ T7696] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e028, mo2=0002] [ 89.805540][ T7707] rock: directory entry would overflow storage [ 89.807877][ T7696] System zones: 0-1, 15-15, 18-18, 34-34 [ 89.815564][ T7707] rock: sig=0x66, size=4, remaining=3 [ 89.818779][ T7696] EXT4-fs (loop2): orphan cleanup on readonly fs [ 89.829573][ T7696] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 89.845371][ T7707] rock: directory entry would overflow storage [ 89.851907][ T7707] rock: sig=0x66, size=4, remaining=3 [ 89.862069][ T7696] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 89.869353][ T7696] EXT4-fs error (device loop2): ext4_orphan_get:1414: comm syz.2.1016: bad orphan inode 16 [ 89.881819][ T7696] EXT4-fs (loop2): Remounting filesystem read-only [ 89.889746][ T7696] ext4_test_bit(bit=15, block=18) = 1 [ 89.902614][ T7696] is_bad_inode(inode)=0 [ 89.907253][ T7696] NEXT_ORPHAN(inode)=0 [ 89.920978][ T7696] max_ino=32 [ 89.924226][ T7696] i_nlink=2 [ 89.947966][ T5294] [drm:udl_init] *ERROR* Selecting channel failed [ 89.963113][ T7696] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 89.965563][ T5294] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 90.007921][ T5294] [drm] Initialized udl on minor 2 [ 90.012460][ T7696] fscrypt (loop2, inode 16): Error -5 getting encryption context [ 90.021337][ T5294] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 90.041736][ T5294] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 90.068818][ T9] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 90.078437][ T9] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 90.093529][ T5294] usb 2-1: USB disconnect, device number 6 [ 90.110227][ T5243] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.448443][ T7753] ieee802154 phy0 wpan0: encryption failed: -22 [ 90.542687][ T7759] syz.3.1046: attempt to access beyond end of device [ 90.542687][ T7759] loop3: rw=0, sector=2, nr_sectors = 2 limit=0 [ 90.566779][ T7759] syz.3.1046: attempt to access beyond end of device [ 90.566779][ T7759] loop3: rw=0, sector=0, nr_sectors = 2 limit=0 [ 90.603050][ T7759] syz.3.1046: attempt to access beyond end of device [ 90.603050][ T7759] loop3: rw=0, sector=0, nr_sectors = 2 limit=0 [ 90.642938][ T7759] syz.3.1046: attempt to access beyond end of device [ 90.642938][ T7759] loop3: rw=0, sector=18, nr_sectors = 2 limit=0 [ 90.696407][ T7759] syz.3.1046: attempt to access beyond end of device [ 90.696407][ T7759] loop3: rw=0, sector=30, nr_sectors = 2 limit=0 [ 90.718591][ T7759] syz.3.1046: attempt to access beyond end of device [ 90.718591][ T7759] loop3: rw=0, sector=36, nr_sectors = 2 limit=0 [ 90.722437][ T7741] loop2: detected capacity change from 0 to 32768 [ 90.785177][ T7771] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1053'. [ 90.811185][ T7741] [ 90.811185][ T7741] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 90.811185][ T7741] [ 90.900144][ T7780] loop4: detected capacity change from 0 to 1024 [ 90.917437][ T7741] [ 90.917437][ T7741] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 90.917437][ T7741] [ 90.944742][ T7780] EXT4-fs (loop4): orphan cleanup on readonly fs [ 90.963253][ T7786] loop0: detected capacity change from 0 to 128 [ 90.969662][ T7780] EXT4-fs (loop4): 1 truncate cleaned up [ 91.000273][ T7786] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 91.006312][ T7780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 91.036864][ T7786] syz.0.1059: attempt to access beyond end of device [ 91.036864][ T7786] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 91.053181][ T5243] [ 91.053181][ T5243] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 91.053181][ T5243] [ 91.066774][ T7786] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 91.076382][ T5243] [ 91.076382][ T5243] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 91.076382][ T5243] [ 91.093224][ T5253] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.172054][ T5236] sysv_free_block: flc_count > flc_size [ 91.188751][ T5236] sysv_free_block: flc_count > flc_size [ 91.215047][ T5236] sysv_free_block: flc_count > flc_size [ 91.236568][ T5236] sysv_free_block: flc_count > flc_size [ 91.247316][ T5236] sysv_free_block: flc_count > flc_size [ 91.252947][ T5236] sysv_free_block: flc_count > flc_size [ 91.262164][ T5236] sysv_free_block: flc_count > flc_size [ 91.305557][ T5236] sysv_free_block: flc_count > flc_size [ 91.311139][ T5236] sysv_free_block: flc_count > flc_size [ 91.344021][ T5236] sysv_free_block: flc_count > flc_size [ 91.374695][ T5236] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 91.400024][ T7814] loop3: detected capacity change from 0 to 64 [ 91.631842][ T7836] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1083'. [ 91.647024][ T7834] loop3: detected capacity change from 0 to 1024 [ 91.654203][ T7834] EXT4-fs: Ignoring removed orlov option [ 91.662141][ T7834] EXT4-fs: Ignoring removed nomblk_io_submit option [ 91.676503][ T7834] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002] [ 91.685034][ T7834] System zones: 0-1, 3-36 [ 91.710785][ T7834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.853138][ T5241] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.088688][ T7869] xt_CT: You must specify a L4 protocol and not use inversions on it [ 92.108135][ T7872] overlayfs: missing 'lowerdir' [ 92.186216][ T7879] netlink: 'syz.0.1104': attribute type 1 has an invalid length. [ 92.282358][ T7847] loop1: detected capacity change from 0 to 32768 [ 92.289115][ T7878] loop2: detected capacity change from 0 to 4096 [ 92.324714][ T7847] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 92.343151][ T7847] JBD2: Ignoring recovery information on journal [ 92.371600][ T7878] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 92.389551][ T7878] ntfs3(loop2): Failed to load $Extend (-22). [ 92.395830][ T7878] ntfs3(loop2): Failed to initialize $Extend. [ 92.412700][ T7847] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 92.423355][ T7878] ntfs3(loop2): ino=21, The size of extended attributes must not exceed 64KiB [ 92.470101][ T7897] loop3: detected capacity change from 0 to 512 [ 92.525937][ T5240] ocfs2: Unmounting device (7,1) on (node local) [ 92.533915][ T7897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.555880][ T5291] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 92.599355][ T7897] ext4 filesystem being mounted at /224/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.634152][ T7897] EXT4-fs error (device loop3): ext4_empty_dir:3087: inode #12: comm syz.3.1112: invalid size [ 92.682631][ T7897] EXT4-fs (loop3): Remounting filesystem read-only [ 92.744701][ T2588] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 92.759441][ T5291] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 92.762562][ T7895] loop0: detected capacity change from 0 to 32768 [ 92.771123][ T5291] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 92.782696][ T5241] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.795793][ T5291] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 92.796265][ T2588] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 92.820183][ T7895] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1110 (7895) [ 92.826942][ T5291] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 92.916430][ T5291] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 92.926171][ T5291] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.934181][ T5291] usb 5-1: Product: syz [ 92.957377][ T7895] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 92.974414][ T5291] usb 5-1: Manufacturer: syz [ 92.983853][ T5291] usb 5-1: SerialNumber: syz [ 92.992757][ T7895] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 93.002926][ T5291] usb 5-1: config 0 descriptor?? [ 93.035007][ T7895] BTRFS info (device loop0): using free-space-tree [ 93.046706][ T5291] ums-isd200 5-1:0.0: USB Mass Storage device detected [ 93.085962][ T7924] xt_l2tp: unknown flags: 3b [ 93.096773][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1126'. [ 93.164835][ T7938] 8021q: adding VLAN 0 to HW filter on device bond2 [ 93.193178][ T7946] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1129'. [ 93.303555][ T5291] ums-isd200 5-1:0.0: probe with driver ums-isd200 failed with error -22 [ 93.406259][ T5236] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 93.467273][ T5291] usb 5-1: USB disconnect, device number 7 [ 93.519667][ T7969] loop1: detected capacity change from 0 to 512 [ 93.540272][ T7969] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 93.555867][ T7969] EXT4-fs (loop1): orphan cleanup on readonly fs [ 93.587180][ T7969] EXT4-fs warning (device loop1): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 93.645505][ T7969] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 93.652431][ T7969] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #13: comm syz.1.1138: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 93.672339][ T7969] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1138: couldn't read orphan inode 13 (err -117) [ 93.687365][ T7969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 93.701055][ T7954] loop3: detected capacity change from 0 to 40427 [ 93.706664][ T7977] netlink: 'syz.0.1140': attribute type 4 has an invalid length. [ 93.739568][ T7969] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 93.749747][ T7954] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 93.756839][ T7954] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 93.782464][ T7954] F2FS-fs (loop3): invalid crc value [ 93.795047][ T7969] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 93.805932][ T7969] EXT4-fs warning (device loop1): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 93.821140][ T7954] F2FS-fs (loop3): Found nat_bits in checkpoint [ 93.908778][ T7954] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 93.916359][ T7954] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 93.927646][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.943538][ T7954] syz.3.1132: attempt to access beyond end of device [ 93.943538][ T7954] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 93.968035][ T7995] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1148'. [ 94.038693][ T5241] syz-executor: attempt to access beyond end of device [ 94.038693][ T5241] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 94.079212][ T5241] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 94.228096][ T8015] loop0: detected capacity change from 0 to 2048 [ 94.310990][ T8015] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.329594][ T8015] ext4 filesystem being mounted at /261/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.367999][ T8027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1163'. [ 94.481054][ T8037] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1168'. [ 94.491261][ T5236] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.542174][ T8042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1171'. [ 94.655237][ T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 94.826619][ T8061] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 94.834637][ T9] usb 4-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 94.834654][ T8060] netlink: 'syz.4.1178': attribute type 11 has an invalid length. [ 94.874363][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.904990][ T9] usb 4-1: config 0 descriptor?? [ 94.936323][ T9] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 95.043327][ T8043] loop2: detected capacity change from 0 to 32768 [ 95.068298][ T8043] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 95.107680][ T8050] loop1: detected capacity change from 0 to 32768 [ 95.125604][ T8050] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1173 (8050) [ 95.154731][ T8043] XFS (loop2): Ending clean mount [ 95.161580][ T8043] XFS (loop2): Quotacheck needed: Please wait. [ 95.198356][ T8043] XFS (loop2): Quotacheck: Done. [ 95.222200][ T8043] tmpfs: Bad value for 'mpol' [ 95.308264][ T5243] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 95.318922][ T8065] loop0: detected capacity change from 0 to 32768 [ 95.328833][ T57] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 95.329040][ T8050] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 95.350683][ T9] gspca_sn9c2028: read1 error -71 [ 95.357668][ T9] gspca_sn9c2028: read1 error -71 [ 95.357885][ T8065] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 95.362729][ T9] sn9c2028 4-1:0.0: probe with driver sn9c2028 failed with error -71 [ 95.371709][ T8050] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 95.384089][ T9] usb 4-1: USB disconnect, device number 6 [ 95.398661][ T8065] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 95.398854][ T8050] BTRFS info (device loop1): disk space caching is enabled [ 95.414981][ T8050] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 95.418713][ T8065] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 95.441613][ T939] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 95.448585][ T939] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 95.482606][ T939] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 34ms [ 95.490296][ T939] gfs2: fsid=syz:syz.0: jid=0: Done [ 95.495726][ T8065] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 95.511737][ T57] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 95.521007][ T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.529610][ T57] usb 5-1: Product: syz [ 95.534419][ T57] usb 5-1: Manufacturer: syz [ 95.539023][ T57] usb 5-1: SerialNumber: syz [ 95.547154][ T57] usb 5-1: config 0 descriptor?? [ 95.591546][ T8050] BTRFS info (device loop1): rebuilding free space tree [ 95.607168][ T8050] BTRFS info (device loop1): disabling free space tree [ 95.617510][ T8050] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 95.628411][ T8050] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 95.725614][ T8050] BTRFS error: failed to open device for path Ÿ °€KzXi>|ò56k{kZ z&h]äÀŒ with flags 0x1: -2 [ 95.760951][ T57] hso 5-1:0.0: Failed to find BULK IN ep [ 95.774615][ T57] usb-storage 5-1:0.0: USB Mass Storage device detected [ 95.781813][ T5240] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 95.804521][ T5294] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 95.968109][ T5294] usb 3-1: Using ep0 maxpacket: 16 [ 95.981029][ T57] usb 5-1: USB disconnect, device number 8 [ 96.039188][ T5294] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 96.057605][ T5294] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b5.89 [ 96.068512][ T5294] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 96.077495][ T5294] usb 3-1: Product: syz [ 96.081717][ T5294] usb 3-1: Manufacturer: syz [ 96.088993][ T5294] usb 3-1: SerialNumber: syz [ 96.109725][ T5294] usb 3-1: config 0 descriptor?? [ 96.118351][ T5294] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 96.224723][ T8125] netlink: 'syz.1.1195': attribute type 4 has an invalid length. [ 96.454537][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 96.526410][ T5294] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71 [ 96.533266][ T5294] gspca_pac7302 3-1:0.0: probe with driver gspca_pac7302 failed with error -71 [ 96.551066][ T5294] usb 3-1: USB disconnect, device number 10 [ 96.605515][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 96.616761][ T9] usb 4-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 96.630452][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 96.637333][ T8147] loop4: detected capacity change from 0 to 4096 [ 96.645863][ T9] usb 4-1: Product: syz [ 96.659514][ T8151] loop1: detected capacity change from 0 to 512 [ 96.664440][ T9] usb 4-1: Manufacturer: syz [ 96.670364][ T9] usb 4-1: SerialNumber: syz [ 96.675677][ T8147] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 96.692861][ T9] usb 4-1: config 0 descriptor?? [ 96.702818][ T8147] ntfs3(loop4): Failed to load $Extend (-22). [ 96.709503][ T8147] ntfs3(loop4): Failed to initialize $Extend. [ 96.719690][ T9] radio-usb-si4713 4-1:0.0: Si4713 development board discovered: (10C4:8244) [ 96.737051][ T8151] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.760104][ T8151] ext4 filesystem being mounted at /222/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 96.843283][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.859919][ T8137] loop0: detected capacity change from 0 to 40427 [ 96.875509][ T8137] F2FS-fs (loop0): Invalid log sectors per block(3) log sectorsize(10) [ 96.883818][ T8137] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 96.913642][ T8137] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453) [ 96.928954][ T8156] loop4: detected capacity change from 0 to 4096 [ 96.939913][ T8156] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 96.982009][ T8156] ntfs3(loop4): Failed to load $Extend (-22). [ 96.986067][ T8137] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30 [ 96.988556][ T8156] ntfs3(loop4): Failed to initialize $Extend. [ 96.995967][ T8137] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 97.137623][ T9] radio-usb-si4713 4-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 97.152756][ T9] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 97.183936][ T9] usb 4-1: USB disconnect, device number 7 [ 97.324758][ T8173] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1218'. [ 97.480351][ T8185] C: renamed from lo (while UP) [ 97.521629][ T8185] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 97.576698][ T8161] loop1: detected capacity change from 0 to 32768 [ 97.622674][ T8161] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 97.648935][ T8199] Invalid source name [ 97.672344][ T8197] dlm: no locking on control device [ 97.702505][ T8201] loop4: detected capacity change from 0 to 256 [ 97.721954][ T8161] (syz.1.1211,8161,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=8 [ 97.745880][ T8161] (syz.1.1211,8161,0):ocfs2_prepare_dir_for_insert:4277 ERROR: status = -2 [ 97.763750][ T8161] (syz.1.1211,8161,0):ocfs2_mknod:296 ERROR: status = -2 [ 97.781972][ T8161] (syz.1.1211,8161,0):ocfs2_mknod:500 ERROR: status = -2 [ 97.805278][ T8161] (syz.1.1211,8161,1):ocfs2_create:674 ERROR: status = -2 [ 97.812067][ T8201] FAT-fs (loop4): Directory bread(block 64) failed [ 97.830421][ T8201] FAT-fs (loop4): Directory bread(block 65) failed [ 97.840089][ T5240] ocfs2: Unmounting device (7,1) on (node local) [ 97.847908][ T8201] FAT-fs (loop4): Directory bread(block 66) failed [ 97.866135][ T8201] FAT-fs (loop4): Directory bread(block 67) failed [ 97.873018][ T8201] FAT-fs (loop4): Directory bread(block 68) failed [ 97.883019][ T8201] FAT-fs (loop4): Directory bread(block 69) failed [ 97.907711][ T8201] FAT-fs (loop4): Directory bread(block 70) failed [ 97.914273][ T8201] FAT-fs (loop4): Directory bread(block 71) failed [ 97.921004][ T8201] FAT-fs (loop4): Directory bread(block 72) failed [ 97.940196][ T8201] FAT-fs (loop4): Directory bread(block 73) failed [ 97.981517][ T8217] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1239'. [ 97.992706][ T8217] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1239'. [ 98.002161][ T8217] netlink: 4612 bytes leftover after parsing attributes in process `syz.3.1239'. [ 98.044446][ T57] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 98.055419][ T8221] loop3: detected capacity change from 0 to 512 [ 98.067531][ T8221] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 98.097054][ T8221] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 98.115937][ T8221] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.188184][ T5241] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 98.245779][ T57] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 98.265260][ T57] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 59391, setting to 1024 [ 98.296759][ T57] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99 [ 98.352629][ T57] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.390193][ T57] usb 3-1: config 0 descriptor?? [ 98.398274][ T8252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1252'. [ 98.415018][ T8207] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 98.426298][ T57] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 98.435404][ T8255] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1256'. [ 98.446639][ T8252] vlan2: entered allmulticast mode [ 98.452921][ T8255] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1256'. [ 98.508643][ T8260] netlink: 'syz.3.1259': attribute type 21 has an invalid length. [ 98.544229][ T8260] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1259'. [ 98.639590][ T57] usb 3-1: USB disconnect, device number 11 [ 98.665061][ T5249] udevd[5249]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 98.751148][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 98.772082][ T29] audit: type=1326 audit(1728374299.587:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz.3.1265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f700d77dff9 code=0x7ffc0000 [ 98.794265][ C1] vkms_vblank_simulate: vblank timer overrun [ 98.842737][ T29] audit: type=1326 audit(1728374299.587:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz.3.1265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f700d77dff9 code=0x7ffc0000 [ 98.864899][ C1] vkms_vblank_simulate: vblank timer overrun [ 98.924539][ T29] audit: type=1326 audit(1728374299.587:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz.3.1265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f700d77dff9 code=0x7ffc0000 [ 98.946610][ C1] vkms_vblank_simulate: vblank timer overrun [ 98.982526][ T29] audit: type=1326 audit(1728374299.587:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz.3.1265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f700d77dff9 code=0x7ffc0000 [ 99.036140][ T29] audit: type=1326 audit(1728374299.587:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz.3.1265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f700d77dff9 code=0x7ffc0000 [ 99.046723][ T8261] loop4: detected capacity change from 0 to 32768 [ 99.083819][ T8261] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1258 (8261) [ 99.154649][ T5294] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 99.162215][ T8261] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 99.182871][ T8261] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 99.200207][ T8261] BTRFS info (device loop4): using free-space-tree [ 99.303923][ T5253] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 99.335162][ T5294] usb 4-1: Using ep0 maxpacket: 32 [ 99.343439][ T5294] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 99.353580][ T5294] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 99.372535][ T5294] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 99.395879][ T5294] usb 4-1: config 1 has no interface number 0 [ 99.424029][ T5294] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 99.454266][ T5294] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 99.470746][ T8287] loop1: detected capacity change from 0 to 32768 [ 99.477309][ T5294] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 99.490024][ T8287] (syz.1.1271,8287,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 99.503869][ T5294] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.514754][ T8287] (syz.1.1271,8287,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 99.536316][ T5294] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found [ 99.573687][ T8287] JBD2: Ignoring recovery information on journal [ 99.679556][ T8287] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 99.723897][ T8315] loop0: detected capacity change from 0 to 32768 [ 99.754216][ T5294] snd_usb_pod 4-1:1.1: invalid control EP [ 99.760711][ T5294] snd_usb_pod 4-1:1.1: cannot start listening: -22 [ 99.770267][ T8333] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 99.774599][ T5294] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected [ 99.788547][ T5294] snd_usb_pod 4-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 99.817275][ T8315] JBD2: Ignoring recovery information on journal [ 99.889456][ T8341] /dev/sg0: Can't lookup blockdev [ 99.925004][ T8315] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 99.982390][ T5294] usb 4-1: USB disconnect, device number 8 [ 99.993560][ T5240] ocfs2: Unmounting device (7,1) on (node local) [ 100.005958][ T5236] ocfs2: Unmounting device (7,0) on (node local) [ 100.156652][ T8355] loop2: detected capacity change from 0 to 2048 [ 100.202245][ T8361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1290'. [ 100.213960][ T8355] loop2: p1 < > p3 p4 < > [ 100.220304][ T8355] loop2: p3 start 4284289 is beyond EOD, truncated [ 100.254601][ T8355] efs: cannot read superblock [ 100.277600][ T8365] netlink: 'syz.1.1300': attribute type 5 has an invalid length. [ 100.285551][ T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 100.404459][ T8374] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1305'. [ 100.431682][ T8380] loop1: detected capacity change from 0 to 512 [ 100.474384][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 100.498687][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.526797][ T8380] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.534101][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.576936][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 100.590111][ T9] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 100.599612][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.602056][ T8380] ext4 filesystem being mounted at /239/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.620251][ T9] usb 5-1: config 0 descriptor?? [ 100.628087][ T9] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input12 [ 100.651306][ T8380] Quota error (device loop1): do_check_range: Getting block 1541 out of range 1-5 [ 100.660791][ T8380] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 100.670380][ T8380] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.1308: Failed to acquire dquot type 1 [ 100.678623][ T4673] pxrc 5-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 100.788385][ T5260] pxrc 5-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 100.823946][ T4673] pxrc 5-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 100.836684][ T4673] pxrc 5-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 100.849206][ T4673] pxrc 5-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 100.868393][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.904402][ T4673] pxrc 5-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 100.926278][ T8352] pxrc 5-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 100.979169][ T8394] loop2: detected capacity change from 0 to 32768 [ 100.982904][ T4673] pxrc 5-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.007105][ T5291] usb 5-1: USB disconnect, device number 9 [ 101.146085][ T8427] loop3: detected capacity change from 0 to 8 [ 101.211312][ T8427] SQUASHFS error: Unable to read inode 0xa7 [ 101.768280][ T8479] [U]  [ 101.958514][ T8498] loop4: detected capacity change from 0 to 128 [ 101.984965][ T8498] befs: Bad value for 'gid' [ 101.989512][ T8498] befs: Bad value for 'gid' [ 102.012074][ T8498] tmpfs: Bad value for 'mpol' [ 102.176209][ T8506] netlink: 'syz.0.1360': attribute type 21 has an invalid length. [ 102.214046][ T8506] netlink: 'syz.0.1360': attribute type 5 has an invalid length. [ 102.223557][ T8463] loop2: detected capacity change from 0 to 32768 [ 102.241122][ T8506] netlink: 'syz.0.1360': attribute type 6 has an invalid length. [ 102.305803][ T8463] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 102.357061][ T8517] loop4: detected capacity change from 0 to 512 [ 102.403461][ T8517] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 102.415069][ T8517] EXT4-fs (loop4): 1 truncate cleaned up [ 102.455666][ T8517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.456549][ T8496] loop1: detected capacity change from 0 to 32768 [ 102.494897][ T8517] EXT4-fs error (device loop4): ext4_add_entry:2437: inode #2: comm syz.4.1363: Directory hole found for htree leaf block 0 [ 102.509470][ T8494] loop3: detected capacity change from 0 to 32768 [ 102.518672][ T8494] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1354 (8494) [ 102.544573][ T8494] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 102.556830][ T8494] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 102.566200][ T8494] BTRFS info (device loop3): using free-space-tree [ 102.579245][ T8496] XFS (loop1): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent. [ 102.598794][ T5253] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.629394][ T8463] XFS (loop2): Ending clean mount [ 102.658738][ T8463] XFS (loop2): Quotacheck needed: Please wait. [ 102.711193][ T8496] XFS (loop1): Quotacheck needed: Please wait. [ 102.712462][ T8463] XFS (loop2): Quotacheck: Done. [ 102.832830][ T5243] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 102.926012][ T5241] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 103.021080][ T8559] loop4: detected capacity change from 0 to 32768 [ 103.029605][ T8559] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 103.052480][ T8496] XFS (loop1): Quotacheck: Done. [ 103.113981][ T8559] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 103.168996][ T5240] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 103.189905][ T8559] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 103.198932][ T939] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 103.209688][ T939] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 103.321496][ T939] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 111ms [ 103.348577][ T939] gfs2: fsid=syz:syz.0: jid=0: Done [ 103.354011][ T8578] loop0: detected capacity change from 0 to 8192 [ 103.372485][ T8559] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 103.436905][ T8578] loop0: p1 p3 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 [ 103.437085][ T8578] loop0: p1 start 4177526784 is beyond EOD, truncated [ 103.572855][ T8578] loop0: p4 size 32937 extends beyond EOD, truncated [ 103.581195][ T8578] loop0: p5 start 4177526784 is beyond EOD, truncated [ 103.611419][ T8591] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.633440][ T8591] bond0: (slave rose0): Enslaving as an active interface with an up link [ 103.638315][ T8578] loop0: p6 size 32937 extends beyond EOD, truncated [ 103.732972][ T8578] loop0: p7 start 4177526784 is beyond EOD, truncated [ 103.742500][ T8578] loop0: p8 size 32937 extends beyond EOD, truncated [ 103.798384][ T8599] loop2: detected capacity change from 0 to 4096 [ 103.804657][ T8578] loop0: p9 start 4177526784 is beyond EOD, truncated [ 103.806536][ T8599] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 103.826115][ T8578] loop0: p10 size 32937 extends beyond EOD, truncated [ 103.903505][ T8578] loop0: p11 start 4177526784 is beyond EOD, truncated [ 103.942536][ T8578] loop0: p12 size 32937 extends beyond EOD, truncated [ 103.994427][ T8578] loop0: p13 start 4177526784 is beyond EOD, truncated [ 104.001751][ T8599] ntfs3(loop2): failed to convert "c46c" to cp874 [ 104.032597][ T8578] loop0: p14 size 32937 extends beyond EOD, truncated [ 104.085429][ T8578] loop0: p15 start 4177526784 is beyond EOD, truncated [ 104.146462][ T8626] block nbd3: NBD_DISCONNECT [ 104.161729][ T8578] loop0: p16 size 32937 extends beyond EOD, truncated [ 104.181491][ T8578] loop0: p17 start 4177526784 is beyond EOD, truncated [ 104.183602][ T8589] loop1: detected capacity change from 0 to 40427 [ 104.188486][ T8578] loop0: p18 size 32937 extends beyond EOD, truncated [ 104.242947][ T8589] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 104.274178][ T8589] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 104.292608][ T8578] loop0: p19 start 4177526784 is beyond EOD, truncated [ 104.299722][ T8578] loop0: p20 size 32937 extends beyond EOD, truncated [ 104.309109][ T8589] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x1fffff [ 104.310413][ T8578] loop0: p21 start 4177526784 is beyond EOD, truncated [ 104.324494][ T8589] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8 [ 104.325024][ T8578] loop0: p22 size 32937 extends beyond EOD, truncated [ 104.347154][ T8578] loop0: p23 start 4177526784 is beyond EOD, truncated [ 104.350631][ T8589] F2FS-fs (loop1): invalid crc value [ 104.354102][ T8578] loop0: p24 size 32937 extends beyond EOD, truncated [ 104.387099][ T8645] loop3: detected capacity change from 0 to 256 [ 104.402271][ T8578] loop0: p25 start 4177526784 is beyond EOD, truncated [ 104.409405][ T8578] loop0: p26 size 32937 extends beyond EOD, truncated [ 104.420645][ T8646] loop4: detected capacity change from 0 to 512 [ 104.422499][ T8578] loop0: p27 start 4177526784 is beyond EOD, truncated [ 104.433923][ T8578] loop0: p28 size 32937 extends beyond EOD, truncated [ 104.445317][ T8647] __nla_validate_parse: 3 callbacks suppressed [ 104.445335][ T8647] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1395'. [ 104.476714][ T8578] loop0: p29 start 4177526784 is beyond EOD, truncated [ 104.483622][ T8578] loop0: p30 size 32937 extends beyond EOD, truncated [ 104.494633][ T8578] loop0: p31 start 4177526784 is beyond EOD, truncated [ 104.501611][ T8578] loop0: p32 size 32937 extends beyond EOD, truncated [ 104.517053][ T8589] F2FS-fs (loop1): Found nat_bits in checkpoint [ 104.518937][ T8578] loop0: p33 start 4177526784 is beyond EOD, truncated [ 104.530586][ T8578] loop0: p34 size 32937 extends beyond EOD, truncated [ 104.558206][ T8578] loop0: p35 start 4177526784 is beyond EOD, truncated [ 104.565339][ T8578] loop0: p36 size 32937 extends beyond EOD, truncated [ 104.573829][ T8589] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 104.575129][ T8578] loop0: p37 start 4177526784 is beyond EOD, truncated [ 104.581106][ T8589] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 104.588054][ T8578] loop0: p38 size 32937 extends beyond EOD, truncated [ 104.610297][ T8578] loop0: p39 start 4177526784 is beyond EOD, truncated [ 104.617308][ T8578] loop0: p40 size 32937 extends beyond EOD, truncated [ 104.628203][ T8578] loop0: p41 start 4177526784 is beyond EOD, truncated [ 104.635329][ T8578] loop0: p42 size 32937 extends beyond EOD, truncated [ 104.647039][ T8578] loop0: p43 start 4177526784 is beyond EOD, truncated [ 104.654081][ T8578] loop0: p44 size 32937 extends beyond EOD, truncated [ 104.658442][ T8646] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 104.666156][ T8578] loop0: p45 start 4177526784 is beyond EOD, truncated [ 104.680371][ T8578] loop0: p46 size 32937 extends beyond EOD, truncated [ 104.685841][ T8645] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 104.692345][ T8578] loop0: p47 start 4177526784 is beyond EOD, truncated [ 104.706246][ T8578] loop0: p48 size 32937 extends beyond EOD, truncated [ 104.714030][ T8578] loop0: p49 start 4177526784 is beyond EOD, truncated [ 104.721105][ T8578] loop0: p50 size 32937 extends beyond EOD, truncated [ 104.725247][ T5240] syz-executor: attempt to access beyond end of device [ 104.725247][ T5240] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 104.730248][ T8578] loop0: p51 start 4177526784 is beyond EOD, truncated [ 104.749591][ T8578] loop0: p52 size 32937 extends beyond EOD, truncated [ 104.751117][ T8646] ext4 filesystem being mounted at /282/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.758109][ T8578] loop0: p53 start 4177526784 is beyond EOD, truncated [ 104.773827][ T8578] loop0: p54 size 32937 extends beyond EOD, truncated [ 104.778217][ T5240] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 104.784116][ T8578] loop0: p55 start 4177526784 is beyond EOD, truncated [ 104.794441][ T8578] loop0: p56 size 32937 extends beyond EOD, truncated [ 104.807928][ T8578] loop0: p57 start 4177526784 is beyond EOD, truncated [ 104.815036][ T8578] loop0: p58 size 32937 extends beyond EOD, truncated [ 104.829474][ T8578] loop0: p59 start 4177526784 is beyond EOD, truncated [ 104.836647][ T8578] loop0: p60 size 32937 extends beyond EOD, truncated [ 104.870583][ T8578] loop0: p61 start 4177526784 is beyond EOD, truncated [ 104.879527][ T8578] loop0: p62 size 32937 extends beyond EOD, truncated [ 104.887970][ T8578] loop0: p63 start 4177526784 is beyond EOD, truncated [ 104.890434][ T5253] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 104.894980][ T8578] loop0: p64 size 32937 extends beyond EOD, truncated [ 104.927928][ T8578] loop0: p65 start 4177526784 is beyond EOD, truncated [ 104.934869][ T8578] loop0: p66 size 32937 extends beyond EOD, truncated [ 104.950107][ T8578] loop0: p67 start 4177526784 is beyond EOD, truncated [ 104.957132][ T8578] loop0: p68 size 32937 extends beyond EOD, truncated [ 104.984714][ T8578] loop0: p69 start 4177526784 is beyond EOD, truncated [ 104.991623][ T8578] loop0: p70 size 32937 extends beyond EOD, truncated [ 105.012824][ T8578] loop0: p71 start 4177526784 is beyond EOD, truncated [ 105.019796][ T8578] loop0: p72 size 32937 extends beyond EOD, truncated [ 105.039344][ T8578] loop0: p73 start 4177526784 is beyond EOD, truncated [ 105.046360][ T8578] loop0: p74 size 32937 extends beyond EOD, truncated [ 105.059765][ T8578] loop0: p75 start 4177526784 is beyond EOD, truncated [ 105.066880][ T8578] loop0: p76 size 32937 extends beyond EOD, truncated [ 105.076020][ T8578] loop0: p77 start 4177526784 is beyond EOD, truncated [ 105.082931][ T8578] loop0: p78 size 32937 extends beyond EOD, truncated [ 105.091568][ T8578] loop0: p79 start 4177526784 is beyond EOD, truncated [ 105.098505][ T8578] loop0: p80 size 32937 extends beyond EOD, truncated [ 105.113849][ T8578] loop0: p81 start 4177526784 is beyond EOD, truncated [ 105.120989][ T8578] loop0: p82 size 32937 extends beyond EOD, truncated [ 105.138364][ T8578] loop0: p83 start 4177526784 is beyond EOD, truncated [ 105.145323][ T8578] loop0: p84 size 32937 extends beyond EOD, truncated [ 105.154479][ T8578] loop0: p85 start 4177526784 is beyond EOD, truncated [ 105.161903][ T8578] loop0: p86 size 32937 extends beyond EOD, truncated [ 105.171274][ T8578] loop0: p87 start 4177526784 is beyond EOD, truncated [ 105.178401][ T8578] loop0: p88 size 32937 extends beyond EOD, truncated [ 105.188501][ T8578] loop0: p89 start 4177526784 is beyond EOD, truncated [ 105.195491][ T8578] loop0: p90 size 32937 extends beyond EOD, truncated [ 105.204069][ T8578] loop0: p91 start 4177526784 is beyond EOD, truncated [ 105.211069][ T8578] loop0: p92 size 32937 extends beyond EOD, truncated [ 105.220661][ T8578] loop0: p93 start 4177526784 is beyond EOD, truncated [ 105.227644][ T8578] loop0: p94 size 32937 extends beyond EOD, truncated [ 105.250340][ T8578] loop0: p95 start 4177526784 is beyond EOD, truncated [ 105.259005][ T8578] loop0: p96 size 32937 extends beyond EOD, truncated [ 105.272871][ T8578] loop0: p97 start 4177526784 is beyond EOD, truncated [ 105.279881][ T8578] loop0: p98 size 32937 extends beyond EOD, truncated [ 105.289087][ T8578] loop0: p99 start 4177526784 is beyond EOD, truncated [ 105.296171][ T8578] loop0: p100 size 32937 extends beyond EOD, truncated [ 105.304522][ T8578] loop0: p101 start 4177526784 is beyond EOD, truncated [ 105.311516][ T8578] loop0: p102 size 32937 extends beyond EOD, truncated [ 105.328082][ T8578] loop0: p103 start 4177526784 is beyond EOD, truncated [ 105.335203][ T8578] loop0: p104 size 32937 extends beyond EOD, truncated [ 105.356403][ T8578] loop0: p105 start 4177526784 is beyond EOD, truncated [ 105.364531][ T8578] loop0: p106 size 32937 extends beyond EOD, truncated [ 105.374995][ T8578] loop0: p107 start 4177526784 is beyond EOD, truncated [ 105.382032][ T8578] loop0: p108 size 32937 extends beyond EOD, truncated [ 105.392322][ T8689] vhci_hcd: invalid port number 0 [ 105.394674][ T8578] loop0: p109 start 4177526784 is beyond EOD, truncated [ 105.404416][ T8578] loop0: p110 size 32937 extends beyond EOD, truncated [ 105.415076][ T8578] loop0: p111 start 4177526784 is beyond EOD, truncated [ 105.422059][ T8578] loop0: p112 size 32937 extends beyond EOD, truncated [ 105.437038][ T8578] loop0: p113 start 4177526784 is beyond EOD, truncated [ 105.444120][ T8578] loop0: p114 size 32937 extends beyond EOD, truncated [ 105.458951][ T8578] loop0: p115 start 4177526784 is beyond EOD, truncated [ 105.466675][ T8578] loop0: p116 size 32937 extends beyond EOD, truncated [ 105.475359][ T8578] loop0: p117 start 4177526784 is beyond EOD, truncated [ 105.482361][ T8578] loop0: p118 size 32937 extends beyond EOD, truncated [ 105.496139][ T8578] loop0: p119 start 4177526784 is beyond EOD, truncated [ 105.503200][ T8578] loop0: p120 size 32937 extends beyond EOD, truncated [ 105.511669][ T8578] loop0: p121 start 4177526784 is beyond EOD, truncated [ 105.518878][ T8578] loop0: p122 size 32937 extends beyond EOD, truncated [ 105.532155][ T8578] loop0: p123 start 4177526784 is beyond EOD, truncated [ 105.539520][ T8578] loop0: p124 size 32937 extends beyond EOD, truncated [ 105.548872][ T8578] loop0: p125 start 4177526784 is beyond EOD, truncated [ 105.555933][ T8578] loop0: p126 size 32937 extends beyond EOD, truncated [ 105.565254][ T8578] loop0: p127 start 4177526784 is beyond EOD, truncated [ 105.572235][ T8578] loop0: p128 size 32937 extends beyond EOD, truncated [ 105.587532][ T8578] loop0: p129 start 4177526784 is beyond EOD, truncated [ 105.594681][ T8578] loop0: p130 size 32937 extends beyond EOD, truncated [ 105.602788][ T8578] loop0: p131 start 4177526784 is beyond EOD, truncated [ 105.609866][ T8578] loop0: p132 size 32937 extends beyond EOD, truncated [ 105.623495][ T8578] loop0: p133 start 4177526784 is beyond EOD, truncated [ 105.630529][ T8578] loop0: p134 size 32937 extends beyond EOD, truncated [ 105.634569][ T939] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 105.638824][ T8578] loop0: p135 start 4177526784 is beyond EOD, truncated [ 105.651974][ T8578] loop0: p136 size 32937 extends beyond EOD, truncated [ 105.661963][ T8578] loop0: p137 start 4177526784 is beyond EOD, truncated [ 105.669566][ T8578] loop0: p138 size 32937 extends beyond EOD, truncated [ 105.687049][ T8578] loop0: p139 start 4177526784 is beyond EOD, truncated [ 105.694060][ T8578] loop0: p140 size 32937 extends beyond EOD, truncated [ 105.712588][ T8578] loop0: p141 start 4177526784 is beyond EOD, truncated [ 105.721228][ T8578] loop0: p142 size 32937 extends beyond EOD, truncated [ 105.730223][ T8578] loop0: p143 start 4177526784 is beyond EOD, truncated [ 105.737241][ T8578] loop0: p144 size 32937 extends beyond EOD, truncated [ 105.746347][ T8578] loop0: p145 start 4177526784 is beyond EOD, truncated [ 105.753319][ T8578] loop0: p146 size 32937 extends beyond EOD, truncated [ 105.794978][ T8711] loop1: detected capacity change from 0 to 4096 [ 105.807817][ T8578] loop0: p147 start 4177526784 is beyond EOD, truncated [ 105.819534][ T8578] loop0: p148 size 32937 extends beyond EOD, truncated [ 105.828608][ T8578] loop0: p149 start 4177526784 is beyond EOD, truncated [ 105.835641][ T8578] loop0: p150 size 32937 extends beyond EOD, truncated [ 105.837022][ T939] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88 [ 105.854412][ T8578] loop0: p151 start 4177526784 is beyond EOD, truncated [ 105.854710][ T939] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 105.861386][ T8578] loop0: p152 size 32937 extends beyond EOD, [ 105.872455][ T939] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 255, changing to 11 [ 105.872485][ T939] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid maxpacket 59391, setting to 1024 [ 105.881646][ T939] usb 5-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49 [ 105.910968][ T939] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.919388][ T939] usb 5-1: Product: syz [ 105.922037][ T8578] truncated [ 105.923714][ T939] usb 5-1: Manufacturer: syz [ 105.931320][ T939] usb 5-1: SerialNumber: syz [ 105.944004][ T8578] loop0: p153 start 4177526784 is beyond EOD, truncated [ 105.951628][ T939] usb 5-1: config 0 descriptor?? [ 105.956815][ T8578] loop0: p154 size 32937 extends beyond EOD, truncated [ 105.966997][ T8692] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 105.982055][ T8578] loop0: p155 start 4177526784 is beyond EOD, truncated [ 105.989178][ T8578] loop0: p156 size 32937 extends beyond EOD, truncated [ 105.999273][ T8578] loop0: p157 start 4177526784 is beyond EOD, truncated [ 106.006388][ T8578] loop0: p158 size 32937 extends beyond EOD, truncated [ 106.014953][ T8578] loop0: p159 start 4177526784 is beyond EOD, truncated [ 106.021970][ T8578] loop0: p160 size 32937 extends beyond EOD, truncated [ 106.032331][ T8719] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1423'. [ 106.042098][ T8578] loop0: p161 start 4177526784 is beyond EOD, truncated [ 106.049297][ T8578] loop0: p162 size 32937 extends beyond EOD, truncated [ 106.072041][ T8578] loop0: p163 start 4177526784 is beyond EOD, truncated [ 106.079296][ T8578] loop0: p164 size 32937 extends beyond EOD, truncated [ 106.087993][ T8578] loop0: p165 start 4177526784 is beyond EOD, truncated [ 106.095119][ T8578] loop0: p166 size 32937 extends beyond EOD, truncated [ 106.106559][ T8578] loop0: p167 start 4177526784 is beyond EOD, truncated [ 106.113568][ T8578] loop0: p168 size 32937 extends beyond EOD, truncated [ 106.127201][ T8578] loop0: p169 start 4177526784 is beyond EOD, truncated [ 106.134230][ T8578] loop0: p170 size 32937 extends beyond EOD, truncated [ 106.144022][ T8578] loop0: p171 start 4177526784 is beyond EOD, truncated [ 106.151238][ T8578] loop0: p172 size 32937 extends beyond EOD, truncated [ 106.161992][ T8578] loop0: p173 start 4177526784 is beyond EOD, truncated [ 106.169228][ T8578] loop0: p174 size 32937 extends beyond EOD, truncated [ 106.182055][ T8578] loop0: p175 start 4177526784 is beyond EOD, truncated [ 106.189282][ T8578] loop0: p176 size 32937 extends beyond EOD, truncated [ 106.205168][ T8578] loop0: p177 start 4177526784 is beyond EOD, truncated [ 106.212240][ T8578] loop0: p178 size 32937 extends beyond EOD, truncated [ 106.223636][ T8578] loop0: p179 start 4177526784 is beyond EOD, truncated [ 106.230783][ T8578] loop0: p180 size 32937 extends beyond EOD, truncated [ 106.241006][ T8578] loop0: p181 start 4177526784 is beyond EOD, truncated [ 106.248171][ T8578] loop0: p182 size 32937 extends beyond EOD, truncated [ 106.259461][ T8578] loop0: p183 start 4177526784 is beyond EOD, truncated [ 106.266634][ T8578] loop0: p184 size 32937 extends beyond EOD, truncated [ 106.275020][ T8578] loop0: p185 start 4177526784 is beyond EOD, truncated [ 106.282400][ T8578] loop0: p186 size 32937 extends beyond EOD, truncated [ 106.292833][ T8578] loop0: p187 start 4177526784 is beyond EOD, truncated [ 106.299916][ T8578] loop0: p188 size 32937 extends beyond EOD, truncated [ 106.307931][ T8578] loop0: p189 start 4177526784 is beyond EOD, truncated [ 106.315016][ T8578] loop0: p190 size 32937 extends beyond EOD, truncated [ 106.323993][ T8578] loop0: p191 start 4177526784 is beyond EOD, truncated [ 106.331064][ T8578] loop0: p192 size 32937 extends beyond EOD, truncated [ 106.339341][ T8578] loop0: p193 start 4177526784 is beyond EOD, truncated [ 106.346461][ T8578] loop0: p194 size 32937 extends beyond EOD, truncated [ 106.354470][ T8578] loop0: p195 start 4177526784 is beyond EOD, truncated [ 106.361531][ T8578] loop0: p196 size 32937 extends beyond EOD, truncated [ 106.370061][ T8578] loop0: p197 start 4177526784 is beyond EOD, truncated [ 106.377277][ T8578] loop0: p198 size 32937 extends beyond EOD, truncated [ 106.385515][ T8578] loop0: p199 start 4177526784 is beyond EOD, truncated [ 106.391698][ T8725] loop3: detected capacity change from 0 to 32768 [ 106.392546][ T8578] loop0: p200 size 32937 extends beyond EOD, truncated [ 106.408206][ T8578] loop0: p201 start 4177526784 is beyond EOD, truncated [ 106.415455][ T8578] loop0: p202 size 32937 extends beyond EOD, truncated [ 106.424190][ T8578] loop0: p203 start 4177526784 is beyond EOD, truncated [ 106.431280][ T8578] loop0: p204 size 32937 extends beyond EOD, truncated [ 106.439342][ T8578] loop0: p205 start 4177526784 is beyond EOD, truncated [ 106.446519][ T8578] loop0: p206 size 32937 extends beyond EOD, truncated [ 106.454830][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 106.462782][ T8578] loop0: p207 start 4177526784 is beyond EOD, truncated [ 106.469899][ T8578] loop0: p208 size 32937 extends beyond EOD, truncated [ 106.478219][ T8578] loop0: p209 start 4177526784 is beyond EOD, truncated [ 106.485594][ T8578] loop0: p210 size 32937 extends beyond EOD, truncated [ 106.493804][ T8578] loop0: p211 start 4177526784 is beyond EOD, truncated [ 106.500899][ T8578] loop0: p212 size 32937 extends beyond EOD, truncated [ 106.509216][ T8578] loop0: p213 start 4177526784 is beyond EOD, truncated [ 106.516388][ T8578] loop0: p214 size 32937 extends beyond EOD, truncated [ 106.527746][ T8578] loop0: p215 start 4177526784 is beyond EOD, truncated [ 106.534857][ T8578] loop0: p216 size 32937 extends beyond EOD, truncated [ 106.542794][ T8578] loop0: p217 start 4177526784 is beyond EOD, truncated [ 106.549964][ T8578] loop0: p218 size 32937 extends beyond EOD, truncated [ 106.559953][ T8578] loop0: p219 start 4177526784 is beyond EOD, truncated [ 106.567013][ T8578] loop0: p220 size 32937 extends beyond EOD, truncated [ 106.575421][ T8578] loop0: p221 start 4177526784 is beyond EOD, truncated [ 106.582479][ T8578] loop0: p222 size 32937 extends beyond EOD, truncated [ 106.591016][ T8578] loop0: p223 start 4177526784 is beyond EOD, truncated [ 106.598126][ T8578] loop0: p224 size 32937 extends beyond EOD, truncated [ 106.606577][ T8578] loop0: p225 start 4177526784 is beyond EOD, truncated [ 106.613600][ T8578] loop0: p226 size 32937 extends beyond EOD, truncated [ 106.621605][ T8578] loop0: p227 start 4177526784 is beyond EOD, truncated [ 106.628704][ T8578] loop0: p228 size 32937 extends beyond EOD, truncated [ 106.638420][ T8578] loop0: p229 start 4177526784 is beyond EOD, truncated [ 106.645472][ T8578] loop0: p230 size 32937 extends beyond EOD, truncated [ 106.653718][ T8578] loop0: p231 start 4177526784 is beyond EOD, truncated [ 106.660928][ T8578] loop0: p232 size 32937 extends beyond EOD, truncated [ 106.671405][ T8578] loop0: p233 start 4177526784 is beyond EOD, truncated [ 106.678476][ T8578] loop0: p234 size 32937 extends beyond EOD, truncated [ 106.686334][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 106.692259][ T8578] loop0: p235 start 4177526784 is beyond EOD, truncated [ 106.699334][ T8578] loop0: p236 size 32937 extends beyond EOD, truncated [ 106.707703][ T8578] loop0: p237 start 4177526784 is beyond EOD, truncated [ 106.714837][ T8578] loop0: p238 size 32937 extends beyond EOD, truncated [ 106.722803][ T9] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 106.732990][ T8578] loop0: p239 start 4177526784 is beyond EOD, truncated [ 106.740137][ T8578] loop0: p240 size 32937 extends beyond EOD, truncated [ 106.747298][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.758045][ T8578] loop0: p241 start 4177526784 is beyond EOD, truncated [ 106.767560][ T8578] loop0: p242 size 32937 extends beyond EOD, truncated [ 106.777537][ T8578] loop0: p243 start 4177526784 is beyond EOD, truncated [ 106.787393][ T9] usb 2-1: config 0 descriptor?? [ 106.793577][ T8578] loop0: p244 size 32937 extends beyond EOD, truncated [ 106.793879][ T8731] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1429'. [ 106.801800][ T8578] loop0: p245 start 4177526784 is beyond EOD, truncated [ 106.822202][ T8578] loop0: p246 size 32937 extends beyond EOD, truncated [ 106.845577][ T8578] loop0: p247 start 4177526784 is beyond EOD, truncated [ 106.852632][ T8578] loop0: p248 size 32937 extends beyond EOD, truncated [ 106.874592][ T8578] loop0: p249 start 4177526784 is beyond EOD, truncated [ 106.881637][ T8578] loop0: p250 size 32937 extends beyond EOD, truncated [ 106.914603][ T8578] loop0: p251 start 4177526784 is beyond EOD, truncated [ 106.921658][ T8578] loop0: p252 size 32937 extends beyond EOD, truncated [ 106.947912][ T8578] loop0: p253 start 4177526784 is beyond EOD, truncated [ 106.966861][ T8578] loop0: p254 size 32937 extends beyond EOD, truncated [ 106.969607][ T8727] loop3: detected capacity change from 0 to 32768 [ 106.978204][ T8578] loop0: p255 start 4177526784 is beyond EOD, truncated [ 107.034274][ T8727] (syz.3.1427,8727,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 107.049416][ T9] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 107.057982][ T8727] (syz.3.1427,8727,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 107.072117][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 107.085542][ T9] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 107.092809][ T9] usb 2-1: media controller created [ 107.107486][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 107.160625][ T8744] qrtr: Invalid version 0 [ 107.187579][ T8727] JBD2: Ignoring recovery information on journal [ 107.238341][ T8727] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 107.249737][ T9] az6027: usb out operation failed. (-71) [ 107.256397][ T9] az6027: usb out operation failed. (-71) [ 107.262200][ T9] stb0899_attach: Driver disabled by Kconfig [ 107.277333][ T9] az6027: no front-end attached [ 107.277333][ T9] [ 107.293771][ T9] az6027: usb out operation failed. (-71) [ 107.304909][ T9] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 107.317678][ T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input14 [ 107.353521][ T9] dvb-usb: schedule remote query interval to 400 msecs. [ 107.409292][ T5241] ocfs2: Unmounting device (7,3) on (node local) [ 107.418887][ T9] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 107.457406][ T9] usb 2-1: USB disconnect, device number 7 [ 107.521007][ T8768] netlink: 'syz.3.1447': attribute type 30 has an invalid length. [ 107.626621][ T9] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 107.830643][ T5238] udevd[5238]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory [ 107.834587][ T8778] dccp_invalid_packet: P.Data Offset(0) too small [ 107.842784][ T5247] udevd[5247]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 107.850097][ T5626] udevd[5626]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 107.861971][ T5250] udevd[5250]: inotify_add_watch(7, /dev/loop0p12, 10) failed: No such file or directory [ 107.877581][ T5249] udevd[5249]: inotify_add_watch(7, /dev/loop0p8, 10) failed: No such file or directory [ 107.878544][ T6572] udevd[6572]: inotify_add_watch(7, /dev/loop0p10, 10) failed: No such file or directory [ 107.975350][ T8779] udevd[8779]: inotify_add_watch(7, /dev/loop0p14, 10) failed: No such file or directory [ 107.976343][ T5626] udevd[5626]: inotify_add_watch(7, /dev/loop0p22, 10) failed: No such file or directory [ 108.000523][ T8782] udevd[8782]: inotify_add_watch(7, /dev/loop0p18, 10) failed: No such file or directory [ 108.018822][ T8781] udevd[8781]: inotify_add_watch(7, /dev/loop0p16, 10) failed: No such file or directory [ 108.289542][ T8794] loop1: detected capacity change from 0 to 1024 [ 108.382626][ T8794] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.398015][ T8801] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1459'. [ 108.575921][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.594252][ T8805] netlink: 'syz.4.1460': attribute type 1 has an invalid length. [ 108.656375][ T8805] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1460'. [ 108.692844][ T8772] loop3: detected capacity change from 0 to 32768 [ 108.742953][ T8764] loop2: detected capacity change from 0 to 32768 [ 108.754142][ T8772] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1449 (8772) [ 108.811476][ T8764] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1446 (8764) [ 108.824781][ T8772] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 108.843325][ T57] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 108.857293][ T8772] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 108.884568][ T8764] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 108.896949][ T8813] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1464'. [ 108.909278][ T8772] BTRFS info (device loop3): using free-space-tree [ 108.928606][ T8813] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1464'. [ 108.942878][ T8764] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 108.954518][ T8764] BTRFS info (device loop2): using free-space-tree [ 108.963227][ T8813] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1464'. [ 108.978854][ T8813] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1464'. [ 109.074032][ T57] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 109.085070][ T57] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 109.094971][ T57] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 109.116878][ T57] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 109.126405][ T57] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 109.136599][ T57] usb 1-1: SerialNumber: syz [ 109.160461][ T8803] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 109.171918][ T8832] loop4: detected capacity change from 0 to 2048 [ 109.179683][ T57] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 109.200821][ T8832] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 109.222317][ T8832] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 1376) has entry at pos 232 with incorrect tag 0 [ 109.322878][ T5241] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 109.420344][ T5342] usb 1-1: USB disconnect, device number 5 [ 109.435614][ T8862] loop1: detected capacity change from 0 to 512 [ 109.487395][ T8862] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.525974][ T8862] ext4 filesystem being mounted at /270/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 109.608597][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.662643][ T5243] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 109.853448][ T8882] loop4: detected capacity change from 0 to 4096 [ 110.326381][ T8913] loop1: detected capacity change from 0 to 4096 [ 110.343017][ T8913] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 110.397771][ T8913] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 110.429006][ T8913] ntfs3(loop1): Failed to load $Extend (-22). [ 110.471383][ T8913] ntfs3(loop1): Failed to initialize $Extend. [ 110.580327][ T8941] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 110.618431][ T8936] loop4: detected capacity change from 0 to 512 [ 110.705394][ T8950] loop0: detected capacity change from 0 to 764 [ 110.712089][ T8950] iso9660: Unknown parameter 'ÿÿÿÿÿ' [ 110.809221][ T8936] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.859987][ T8936] ext4 filesystem being mounted at /318/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.959654][ T8936] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 110.985131][ T8936] overlayfs: missing 'lowerdir' [ 111.153844][ T5253] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.202952][ T8982] netlink: 'syz.3.1529': attribute type 4 has an invalid length. [ 111.509020][ T8964] loop0: detected capacity change from 0 to 32768 [ 111.511097][ T8994] loop4: detected capacity change from 0 to 4096 [ 111.546237][ T8964] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1520 (8964) [ 111.573922][ T8994] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 111.606562][ T8964] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 111.648263][ T8964] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 111.681062][ T8964] BTRFS info (device loop0): using free-space-tree [ 111.682605][ T9007] loop2: detected capacity change from 0 to 1024 [ 111.713023][ T8994] ntfs3(loop4): failed to convert "c46c" to koi8-u [ 111.775290][ T1821] hfsplus: b-tree write err: -5, ino 4 [ 111.903100][ T8980] loop1: detected capacity change from 0 to 32768 [ 111.921359][ T8980] BTRFS: device /dev/loop1 (7:1) using temp-fsid 39206f72-309a-40df-806b-1355474ef6fc [ 111.931277][ T8980] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1527 (8980) [ 111.959269][ T8980] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 111.969773][ T8980] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 111.978649][ T8980] BTRFS info (device loop1): using free-space-tree [ 112.061904][ T5236] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 112.316950][ T5240] BTRFS info (device loop1): last unmount of filesystem 39206f72-309a-40df-806b-1355474ef6fc [ 112.375557][ T9067] autofs4:pid:9067:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e) [ 112.462800][ T9073] loop0: detected capacity change from 0 to 2048 [ 112.543796][ T9073] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 112.584661][ T9082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1562'. [ 112.683415][ T9089] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 112.691331][ T9073] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 3044605952 [ 112.703132][ T9073] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15) [ 112.715881][ T9073] Remounting filesystem read-only [ 112.720936][ T9073] NILFS (loop0): error -5 truncating bmap (ino=15) [ 112.760542][ T5236] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 112.875307][ T57] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 112.916488][ T29] audit: type=1326 audit(1728374313.757:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9106 comm="syz.1.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92f217dff9 code=0x7ffc0000 [ 112.925134][ T9109] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1573'. [ 112.943250][ T9105] usb usb8: usbfs: process 9105 (syz.0.1572) did not claim interface 0 before use [ 112.976174][ T29] audit: type=1326 audit(1728374313.777:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9106 comm="syz.1.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92f217dff9 code=0x7ffc0000 [ 113.060072][ T57] usb 3-1: unable to get BOS descriptor or descriptor too short [ 113.070660][ T57] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 113.079081][ T29] audit: type=1326 audit(1728374313.797:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9106 comm="syz.1.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f92f217dff9 code=0x7ffc0000 [ 113.092262][ T57] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9 [ 113.170258][ T57] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 113.187688][ T29] audit: type=1326 audit(1728374313.797:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9106 comm="syz.1.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92f217dff9 code=0x7ffc0000 [ 113.198054][ T57] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 113.242785][ T29] audit: type=1326 audit(1728374313.797:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9106 comm="syz.1.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92f217dff9 code=0x7ffc0000 [ 113.267136][ T57] usb 3-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39 [ 113.276267][ T57] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.284278][ T57] usb 3-1: Product: syz [ 113.290228][ T57] usb 3-1: Manufacturer: syz [ 113.310522][ T57] usb 3-1: SerialNumber: syz [ 113.311703][ T57] usb 3-1: config 0 descriptor?? [ 113.312195][ T9084] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 113.313366][ C1] usb 3-1: NFC: Urb failure (status -71) [ 113.313445][ T57] usb 3-1: NFC: Unable to get FW version [ 113.313605][ T57] pn533_usb 3-1:0.0: probe with driver pn533_usb failed with error -90 [ 113.466206][ T29] audit: type=1400 audit(1728374314.307:33): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A21D01A0B978D2F2F262D2A83D1 pid=9140 comm="syz.0.1590" [ 113.487163][ C1] vkms_vblank_simulate: vblank timer overrun [ 113.619965][ T5292] usb 3-1: USB disconnect, device number 12 [ 113.665035][ T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 113.711479][ T9157] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1598'. [ 113.721269][ T9157] netlink: 'syz.1.1598': attribute type 1 has an invalid length. [ 113.737887][ T9157] netlink: 'syz.1.1598': attribute type 2 has an invalid length. [ 113.746175][ T9157] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1598'. [ 113.816179][ T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 113.824486][ T9] usb 4-1: config 0 has no interface number 0 [ 113.841439][ T9] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 113.850664][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.859796][ T9] usb 4-1: Product: syz [ 113.864038][ T9] usb 4-1: Manufacturer: syz [ 113.866282][ T9166] loop1: detected capacity change from 0 to 1024 [ 113.900325][ T9] usb 4-1: SerialNumber: syz [ 113.917715][ T9] usb 4-1: config 0 descriptor?? [ 113.925080][ T9169] loop0: detected capacity change from 0 to 16 [ 113.936600][ T9169] erofs: (device loop0): mounted with root inode @ nid 36. [ 114.174816][ T9] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 114.213288][ T9] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 114.223946][ T9] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 114.228378][ T9189] IPv6: NLM_F_REPLACE set, but no existing node found! [ 114.232276][ T9] usb 4-1: media controller created [ 114.255403][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 114.376213][ T9] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 114.444710][ T9] usb 4-1: USB disconnect, device number 9 [ 114.542447][ T9197] loop2: detected capacity change from 0 to 1024 [ 114.552446][ T9183] loop1: detected capacity change from 0 to 32768 [ 114.560314][ T9183] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1611 (9183) [ 114.564876][ T9197] EXT4-fs: Ignoring removed oldalloc option [ 114.578810][ T9183] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 114.596764][ T9183] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 114.610335][ T9197] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 114.622075][ T9183] BTRFS info (device loop1): using free-space-tree [ 114.656763][ T9197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.742189][ T9197] 9pnet: Unknown protocol version 9 [ 114.785591][ T5240] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 114.800482][ T5243] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.000770][ T9193] loop0: detected capacity change from 0 to 40427 [ 115.012321][ T9193] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 115.054576][ T9193] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 115.100500][ T9193] F2FS-fs (loop0): Found nat_bits in checkpoint [ 115.264025][ T9193] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 115.274016][ T9193] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 115.319256][ T9193] fscrypt (loop0, inode 3): Error -61 getting encryption context [ 115.348750][ T9252] netlink: 'syz.3.1634': attribute type 1 has an invalid length. [ 115.363583][ T9252] netlink: 616 bytes leftover after parsing attributes in process `syz.3.1634'. [ 115.520448][ T9266] netlink: 'syz.4.1643': attribute type 5 has an invalid length. [ 115.551383][ T9266] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1643'. [ 115.584381][ T5342] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 115.734444][ T5342] usb 3-1: Using ep0 maxpacket: 16 [ 115.747027][ T5342] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 115.761893][ T5342] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1 [ 115.776918][ T9277] nvme_fabrics: missing parameter 'transport=%s' [ 115.792021][ T9277] nvme_fabrics: missing parameter 'nqn=%s' [ 115.804616][ T5342] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 115.848297][ T5342] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 115.880796][ T5342] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 115.916304][ T9292] netlink: zone id is out of range [ 115.927003][ T9292] netlink: zone id is out of range [ 115.939943][ T5342] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b [ 115.954210][ T9292] netlink: zone id is out of range [ 115.961632][ T5342] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3 [ 115.994049][ T5342] usb 3-1: Product: syz [ 116.025022][ T5342] usb 3-1: Manufacturer: syz [ 116.037328][ T5342] usb 3-1: SerialNumber: syz [ 116.055442][ T5342] usb 3-1: config 0 descriptor?? [ 116.076447][ T5342] usb 3-1: NFC: intf ffff888027345000 id ffffffff8f31e7e0 [ 116.296363][ T57] usb 3-1: USB disconnect, device number 13 [ 116.340490][ T9313] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1661'. [ 116.574113][ T9323] vivid-000: disconnect [ 116.600575][ T9322] vivid-000: reconnect [ 116.610369][ T9285] loop3: detected capacity change from 0 to 32768 [ 116.644765][ T9327] netlink: 'syz.4.1668': attribute type 1 has an invalid length. [ 116.672126][ T9327] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1668'. [ 116.686562][ T9306] loop1: detected capacity change from 0 to 32768 [ 116.693170][ T9285] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 116.727631][ T9338] netlink: 'syz.4.1670': attribute type 1 has an invalid length. [ 116.801591][ T9306] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 116.877821][ T9285] XFS (loop3): Ending clean mount [ 116.887649][ T9285] XFS (loop3): Quotacheck needed: Please wait. [ 116.906676][ T9355] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 116.925842][ T9355] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 117.019097][ T9306] XFS (loop1): Ending clean mount [ 117.061818][ T9285] XFS (loop3): Quotacheck: Done. [ 117.112729][ T5241] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 117.140483][ T9376] process 'syz.0.1683' launched './file1' with NULL argv: empty string added [ 117.218748][ T9378] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1687'. [ 117.228350][ T5240] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 117.247599][ T9383] loop4: detected capacity change from 0 to 64 [ 117.504404][ T9397] futex_wake_op: syz.2.1693 tries to shift op by 32; fix this program [ 117.619500][ T9407] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1685'. [ 117.971707][ T9428] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1703'. [ 118.136046][ T9436] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1707'. [ 118.177673][ T9438] loop1: detected capacity change from 0 to 1024 [ 118.207790][ T9438] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.259084][ T9438] EXT4-fs error (device loop1): ext4_empty_dir:3117: inode #11: block 623: comm syz.1.1708: Attempting to read directory block (623) that is past i_size (638464) [ 118.343985][ T9398] loop0: detected capacity change from 0 to 32768 [ 118.404407][ T9398] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1694 (9398) [ 118.474404][ T9441] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 440: padding at end of block bitmap is not set [ 118.541593][ T9398] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 118.554720][ T9398] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 118.577182][ T9398] BTRFS info (device loop0): using free-space-tree [ 118.590532][ T9453] xt_TPROXY: Can be used only with -p tcp or -p udp [ 118.613628][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.761682][ T9398] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:330 [ 118.800596][ T9398] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 9398, name: syz.0.1694 [ 118.846375][ T9398] preempt_count: 0, expected: 0 [ 118.859389][ T9398] RCU nest depth: 1, expected: 0 [ 118.887337][ T9398] INFO: lockdep is turned off. [ 118.904388][ T9398] CPU: 1 UID: 0 PID: 9398 Comm: syz.0.1694 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 118.914592][ T9398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 118.924667][ T9398] Call Trace: [ 118.927961][ T9398] [ 118.930901][ T9398] dump_stack_lvl+0x241/0x360 [ 118.935619][ T9398] ? __pfx_dump_stack_lvl+0x10/0x10 [ 118.940835][ T9398] ? __pfx__printk+0x10/0x10 [ 118.945446][ T9398] ? rcu_is_watching+0x15/0xb0 [ 118.950235][ T9398] ? rcu_is_watching+0x15/0xb0 [ 118.955019][ T9398] __might_resched+0x5d4/0x780 [ 118.959808][ T9398] ? __mutex_lock+0x112/0xd70 [ 118.964505][ T9398] ? __pfx___might_resched+0x10/0x10 [ 118.969808][ T9398] ? lock_acquire+0xe3/0x550 [ 118.974414][ T9398] ? __pfx_lock_acquire+0x10/0x10 [ 118.979455][ T9398] ? fs_reclaim_acquire+0x93/0x140 [ 118.984595][ T9398] ? getname_kernel+0x59/0x2f0 [ 118.989375][ T9398] kmem_cache_alloc_noprof+0x61/0x380 [ 118.994753][ T9398] getname_kernel+0x59/0x2f0 [ 118.999343][ T9398] ? device_list_add+0x6ab/0x1ea0 [ 119.004366][ T9398] kern_path+0x1d/0x50 [ 119.008440][ T9398] device_list_add+0xc64/0x1ea0 [ 119.013295][ T9398] ? __pfx_device_list_add+0x10/0x10 [ 119.018580][ T9398] ? __mutex_unlock_slowpath+0x21d/0x750 [ 119.024219][ T9398] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 119.030209][ T9398] btrfs_scan_one_device+0xab5/0xd90 [ 119.035497][ T9398] ? __pfx_btrfs_scan_one_device+0x10/0x10 [ 119.041301][ T9398] ? __pfx___mutex_lock+0x10/0x10 [ 119.046325][ T9398] btrfs_get_tree+0x30e/0x1920 [ 119.051092][ T9398] ? lockdep_init_map_type+0xa1/0x910 [ 119.056469][ T9398] ? __pfx_btrfs_get_tree+0x10/0x10 [ 119.061664][ T9398] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 119.067472][ T9398] ? rcu_is_watching+0x15/0xb0 [ 119.072241][ T9398] vfs_get_tree+0x90/0x2b0 [ 119.076654][ T9398] fc_mount+0x1b/0xb0 [ 119.080626][ T9398] btrfs_get_tree+0x652/0x1920 [ 119.085384][ T9398] ? vfs_parse_fs_string+0x190/0x230 [ 119.090664][ T9398] ? __pfx_aa_get_newest_label+0x10/0x10 [ 119.096296][ T9398] ? __pfx_btrfs_get_tree+0x10/0x10 [ 119.101496][ T9398] ? vfs_parse_fs_string+0x190/0x230 [ 119.106780][ T9398] ? __pfx_generic_parse_monolithic+0x10/0x10 [ 119.112849][ T9398] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 119.118477][ T9398] ? apparmor_capable+0x13b/0x1b0 [ 119.123499][ T9398] vfs_get_tree+0x90/0x2b0 [ 119.127909][ T9398] do_new_mount+0x2be/0xb40 [ 119.132411][ T9398] ? __pfx_do_new_mount+0x10/0x10 [ 119.137436][ T9398] __se_sys_mount+0x2d6/0x3c0 [ 119.142110][ T9398] ? __pfx___se_sys_mount+0x10/0x10 [ 119.147300][ T9398] ? rcu_is_watching+0x15/0xb0 [ 119.152059][ T9398] ? rcu_is_watching+0x15/0xb0 [ 119.156817][ T9398] ? __x64_sys_mount+0x20/0xc0 [ 119.161584][ T9398] do_syscall_64+0xf3/0x230 [ 119.166084][ T9398] ? clear_bhb_loop+0x35/0x90 [ 119.170760][ T9398] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.176661][ T9398] RIP: 0033:0x7f1a88d7dff9 [ 119.181082][ T9398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.201053][ T9398] RSP: 002b:00007f1a887ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 119.209489][ T9398] RAX: ffffffffffffffda RBX: 00007f1a88f35f80 RCX: 00007f1a88d7dff9 [ 119.217462][ T9398] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000020000100 [ 119.225518][ T9398] RBP: 00007f1a88df0296 R08: 0000000000000000 R09: 0000000000000000 [ 119.233494][ T9398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.241467][ T9398] R13: 0000000000000000 R14: 00007f1a88f35f80 R15: 00007ffd471f9748 [ 119.249484][ T9398] [ 119.276171][ T9398] BTRFS info (device loop0 state M): resize thread pool 3 -> 4 [ 119.285666][ T9398] BTRFS info (device loop0 state M): force compression, level 0 [ 119.303542][ T5236] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 126.654555][ T939] iguanair 5-1:0.0: failed to get version [ 126.661180][ T939] iguanair 5-1:0.0: probe with driver iguanair failed with error -110 [ 126.676219][ T939] usb 5-1: USB disconnect, device number 10